Skip to content

Idrinth/1984

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

89 Commits

.github

.github

 
 

.phan

.phan

 
 

bin

bin

 
 

src

src

 
 

test

test

 
 

.gitignore

.gitignore

 
 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

SECURITY.md

SECURITY.md

 
 

composer.json

composer.json

 
 

Repository files navigation

1984 Lint AllPSR-12 Unittest PhanLint Old

A small tool to remotely track bash histories

This tool is merely a small project of mine to aggregate my own bash histories. It is obviously not intended for surveillance of other users. If you plan to use it like that make sure, that the bash history is written immediately (history -a) and the program runs with root rights.

The name is a reference to George Orwell's book Nineteen Eighty-Four, since this is a surveillance tool if used on other users than yourself. Consider this a warning of what may be possible.

Requirements

Source-Server

  • php >= 5.3
  • ext-curl (optional)
  • ext-pcntl (optional)
  • openssl
  • root access

Target-Server

  • webserver
  • php >= 7.1
  • write access to database
  • ext-pdo
  • mariadb/mysql/sqlite depending on database choice

Generator-System

  • php >= 7.4
  • openssl
  • composer

Development-System

  • php >= 7.4
  • ext-curl
  • ext-ast
  • openssl
  • composer

bin/remote-logger.php

Run this script to generate files to be deployed.

php bin/remote-logger.php source-server-ip targer-server-host-or-ip communication-protocol sdatabase-dns enable-log-deduplication enable-bashrc-modification
  • source-server-ip: for example 1.2.3.4
  • target-server-host-or-ip: for example 1.1.2.3 or idrinth.de, can take multiple comma-separated entries
  • communication-protocol: http by default, could be any curl can use in theory
  • database-dns: optional, defaults to sqlite:/tmp/remote_bash_log.sqlite
  • enable-log-deduplication: defaults to false, set to true to remove duplicate entries from the logs in one package
  • enable-bashrc-modification: defaults to false, set to true to try to set history -a as PROMPT_COMMAND-export or add it to an existing one.

dist/home/*.kill

Contains the export statement to permanently disable this specific instance of the script. Do NOT lose this file, since disabling is hard to do otherwise.

dist/source/*.sh

This is the script to be started on the server to monitor. It will try to install the required packages itself as well.

dist/source/*.php

This is the script actually monitoring the server. It works best with ext-curl and ext-pcntl around.

dist/target/*.php

This is the api, that validates the write requests and saves them to the given database. Host this file in the webroot of the desired IP or domain-

Help & Support

If you want direct support options, feel free to drop by on Discord.

Disclaimer

1984 was created for educational purposes, use only on computers or networks you have explicit permission to do so. The contributors are not responsible for any illegal or malicious acts performed with this project.

About

A small tool to remotely track bash histories

Topics

monitoring surveillance restful logging remote root linux-app bash-history blue-team

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

6 tags

Languages