Results 1 to 10 of 13

Thread: Run script on failed login attempt

Hybrid View

  1. #1
    Join Date
    Jun 2010
    Beans
    38

    Run script on failed login attempt

    I have a simple bash script that takes a picture of the user with my webcam, I want it to run when a login attempt fails.

    I understand messing with the login is a terrible security risk...
    But I want know, is it possible.

  2. #2
    Join Date
    Jan 2008
    Location
    Argentina
    Beans
    755
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Run script on failed login attempt

    Interesting question. I am watching the thread.

    I have also another approach. Maybe it is easier to just take a pick of whoever tries to log in.
    putting your script before the login attempt, would almost surely prove easier than running it after a failed attempt
    AMD Phenom II X3 720 Black Edition 2,8 GHz - GIGABYTE GA-MA770T-UD3P - 6 GB RAM Mushkin DDR3 1333 - ZOTAC GeForce 9800 GT 1 GB DDR3

  3. #3
    Join Date
    Jan 2010
    Location
    Australia
    Beans
    544
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Run script on failed login attempt

    You could set up a script to run on boot which checks /var/log/auth.log every 5 seconds or so.

  4. #4
    Join Date
    Jun 2010
    Beans
    38

    Re: Run script on failed login attempt

    script to run on boot which checks /var/log/auth.log every 5 seconds
    I was thinking of something like the log checker but I figured since there is already an event [failed login] I could try and tap into that.

    Maybe it is easier to just take a pick of whoever tries to log in
    This would work for an initial login attempt but I also want it to take a picture of failed logins after I lock my screen.

    Thank you for the feed back and the quick responses.

  5. #5
    Join Date
    Jun 2010
    Beans
    38

    Re: Run script on failed login attempt

    I took everyones suggestions and threw this script together.
    I needed to install 'gstreamer' and to change auth.log permissions to 666 for it to work.

    To prevent the script from just looping until more logs are dumped into 'auth.log' I have the echo \n\n\n... line.
    I hate it, if anyone has a better idea please let me know.

    Also, as you can see caps 1 and 2 are just deleted. This is because my camera needs a second or two to kick on (i guess) and the first two pics are either black or garbled.


    Code:
    ! /bin/bash
    
    cd /home/USER/Pictures/Webcam/
    LOG="/var/log/auth.log"
    
    while true
    do
    TIMESTAMP=$(date +%R.%S-%B-%d)
    TRIGGER=$(tail $LOG | grep "fail" | wc -l)
    if [ $TRIGGER -gt 0 ]
    then
            streamer -t 10 -r 1 -s 640x480 -o cap00.jpeg > /dev/null
    
            cp cap03.jpeg $TIMESTAMP\ 1.jpg
            cp cap04.jpeg $TIMESTAMP\ 2.jpg
            cp cap05.jpeg $TIMESTAMP\ 3.jpg
            cp cap06.jpeg $TIMESTAMP\ 4.jpg
            cp cap07.jpeg $TIMESTAMP\ 5.jpg
            rm cap*
            echo -e "\n\n\n\n\n\n\n\n\n\n" >> /var/log/auth.log
    
    fi
    done
    If anyone has any better ideas, or knows how to incorporate it into my original question [Run script on failed log attempt] ((I.E without a constantly running while loop))
    Please post.

  6. #6
    Join Date
    Jan 2008
    Location
    Argentina
    Beans
    755
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Run script on failed login attempt

    I have another idea.

    /var/log/auth could be watched with inotify for changes.

    You would need a startup script at boot, for inotify
    This would then call on your webcam script every time the log get modified

    If you use the 2 scripts approach, the first one would be good for anyone wanting to run a script at failed logon.

    EDIT: this probably helps, but I am no good at C...

    http://ik.homelinux.org/index.rhtml/projects/c/inotify
    Last edited by bruno9779; June 14th, 2010 at 08:15 PM.
    AMD Phenom II X3 720 Black Edition 2,8 GHz - GIGABYTE GA-MA770T-UD3P - 6 GB RAM Mushkin DDR3 1333 - ZOTAC GeForce 9800 GT 1 GB DDR3

  7. #7
    Join Date
    Jan 2008
    Location
    Argentina
    Beans
    755
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Run script on failed login attempt

    I have also found this:

    http://pwet.fr/man/linux/administration_systeme/famd

    but it also involves system calls.


    This is another approach yet using stat:

    http://nixcraft.com/shell-scripting/...te-script.html
    Last edited by bruno9779; June 14th, 2010 at 08:34 PM.
    AMD Phenom II X3 720 Black Edition 2,8 GHz - GIGABYTE GA-MA770T-UD3P - 6 GB RAM Mushkin DDR3 1333 - ZOTAC GeForce 9800 GT 1 GB DDR3

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •