search

guardianproject / guardianproject.github.com

http://guardianproject.info
9 stars 4 forks source link

Self-Hosted Prey #1

Open djhalliday opened 13 years ago

djhalliday commented 13 years ago

mk michael.kuron@gmail.com wrote:

I took a look at the XML protocol Prey uses to communicate with the Control Panel server yesterday and created a very simple PHP script to let you duplicate that functionality using your own web server.

I did not write a GUI yet and as of now it gets its configuration from a hard-coded array (though you could pull it from a database with less than 10 lines of code). Uploaded reports also simply get stored in a folder on the server (though you could easily attach everything to an email and send it out using something like Rmail for PHP).

To get the scripts working on your own server, download the two attached files and place them in a folder on your web server. Inside that folder, create a folder called uploads and chmod 777 it. In your web server configuration, alias /devices to /your/folder/devices.php (e.g. for Apache: Alias /devices /var/www/prey-server/devices.php; if you're using mod_rewrite instead of mod_alias or are using a different web server, you may need to edit line 7 in devices.php to point it at the correct environment variable that contains the request URL from which the script can extract the device key).

Then, install Prey in Control Panel mode and edit the config file to point check_url to your own server (e.g. check_url='http://prey.myserver.zz') and set device_key to something that the PHP script can use to identify the client (api_key also needs to be set to something, but I'm not sure where it actually gets used). No other changes should be necessary (auto_connect='n', missing_status_code='404' and post_method='http' should be default).

If anybody wants to extend my scripts, feel free to do so, however I'd appreciate if you could upload your new mdofications to this forum as well. To duplicate Prey's "official" Control Panel, we'd need to pull the device settings from a database, send out the uploaded reports by email and write a web GUI to update the stuff stored in the database. But for a single client, my scripts are probably sufficient and for any other use they should be a good starting point.

djhalliday commented 13 years ago

**upload.php***

<?php $report = ''; $report .= urldecode(print_r($_POST, true)); $report .= urldecode(print_r($_GET, true)); $report .= urldecode(print_r($_FILES, true)); foreach($_FILES as $file) { foreach ($file['name'] as $key => $name) { move_uploaded_file($file["tmp_name"][$key], 'uploads/' . $file['name'][$key]); } }

file_put_contents('uploads/report.txt', $report);

?>

djhalliday commented 13 years ago

devices.php

<?php header('Content-type: text/xml');

$report_url = 'http://localhost/prey-server/upload.php?device=';

// extract client's ID
$device = basename($_SERVER['PHP_SELF'], '.xml');

// Client configuration
// This should probably be coming from a database. The variable $device contains the client's ID, so you could base the configuration on that.
$conf = array(
    'missing' => 'true',
    'delay' => '10',
    'network' => 'true',
        'wifi_nearby' => 'y',
        'active_connections' => 'y',
        'traceroute' => 'n',
    'session' => 'true',
        'screenshot' => 'y',
        'running_progs' => 'y',
        'modified_files' => 'n',
            'modified_files_time' => '10',
            'modified_files_path' => '$home_path',
    'webcam' => 'true',
    'geo' => 'true',
    'alarm' => 'false',
    'alert' => 'false',
        'alert_message' => 'This is a stolen computer.',
        'say_message' => 'n',
    'lock' => 'false',
        'unlock_pass' => 'preyrocks');
// End of client configuration

$xml = new SimpleXMLElement('<device></device>');

$status = $xml->addChild('status');
$missing = $status->addChild('missing', $conf['missing']);

$configuration = $xml->addChild('configuration');
$delay = $configuration->addChild('delay', $conf['delay']);

$modules = $xml->addChild('modules');

if ($xml->status->missing == 'true') // missing
{       
    header("Enabled",null,404); // 404 header indicates missing

    $configuration->addChild('post_url', $report_url . $device );

    if ($conf['network'] == 'true')
    {
        $module_network = $modules->addChild('module');
        $module_network->addAttribute('type','report');
        $module_network->addAttribute('active','true');
        $module_network->addAttribute('name','network');
        $module_network->addAttribute('version','1.5');
        $module_network->addChild('get_nearby_wifi_hotspots', $conf['wifi_nearby']);
        $module_network->addChild('get_active_connections', $conf['active_connections']);
        $module_network->addChild('trace_route', $conf['traceroute']);
    }

    if ($conf['session'] == 'true')
    {
        $module_network = $modules->addChild('module');
        $module_network->addAttribute('type','report');
        $module_network->addAttribute('active', $conf['session']);
        $module_network->addAttribute('name','session');
        $module_network->addAttribute('version','1.7');
        $module_network->addChild('modified_files_time', $conf['modified_files_time']);
        $module_network->addChild('get_screenshot', $conf['screenshot']);
        $module_network->addChild('get_modified_files', $conf['modified_files']);
        $module_network->addChild('get_running_programs', $conf['running_progs']);
        $module_network->addChild('modified_files_path', $conf['modified_files_path']);
    }

    if ($conf['webcam'] == 'true')
    {
        $module_webcam = $modules->addChild('module');
        $module_webcam->addAttribute('type','report');
        $module_webcam->addAttribute('active', $conf['webcam']);
        $module_webcam->addAttribute('name','webcam');
        $module_webcam->addAttribute('version','1.6');
    }

    if ($conf['geo'] == 'true')
    {
        $module_geo = $modules->addChild('module');
        $module_geo->addAttribute('type','report');
        $module_geo->addAttribute('active', $conf['geo']);
        $module_geo->addAttribute('name','geo');
        $module_geo->addAttribute('version','1.6');
    }

    if ($conf['alarm'] == 'true')
    {
        $module_alarm = $modules->addChild('module');
        $module_alarm->addAttribute('type','action');
        $module_alarm->addAttribute('active', $conf['alarm']);
        $module_alarm->addAttribute('name','alarm');
        $module_alarm->addAttribute('version','1.5');
    }

    if ($conf['alert'] == 'true')
    {
        $module_alert = $modules->addChild('module');
        $module_alert->addAttribute('type','report');
        $module_alert->addAttribute('active', $conf['alert']);
        $module_alert->addAttribute('name','alert');
        $module_alert->addAttribute('version','1.7');
        $module_alert->addChild('alert_message', $conf['alert_message']);
        $module_alert->addChild('say_message', $conf['say_message']);
    }

    if ($conf['lock'] == 'true')
    {
        $module_lock = $modules->addChild('module');
        $module_lock->addAttribute('type','action');
        $module_lock->addAttribute('active', $conf['lock']);
        $module_lock->addAttribute('name','lock');
        $module_lock->addAttribute('version','2.5');
        $module_lock->addChild('unlock_pass', $conf['unlockpass']);
    }
}
else // not missing
{

    $current_release = $configuration->addChild('current_release','0.5.3');
    $auto_update = $configuration->addChild('auto_update','false');
}

// Format XML output with line breaks and indentation. This is important because Prey appears to be doing line-based parsing.
$dom = dom_import_simplexml($xml)->ownerDocument;
$dom->formatOutput = true;
echo $dom->saveXML();

?>