aboutsummaryrefslogtreecommitdiff
path: root/tellmewhoisssh.sh
blob: e143d371769bc699cf5b0696e0bf17a507cfdc53 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/bash
# Copyright (C) 2017-2018 by ziggys
# License BSD 2.0 (3-Clause BSD)

# scriptinfo
VERSION="1.0.1"           # Syntax and other minor changes

# lets define some variables
TOKEN="token"
CHAT_ID="@chat_id"
MESSAGE="message"
SSHORIGINALCOMMAND=$SSH_ORIGINAL_COMMAND
COMMAND="/bin/bash"
GIT_COMMAND=""

# client info
clientinfo () {
      CLIENT_IP=`echo $SSH_CLIENT | awk '{ print $1 }'`
      CLIENT_INFO_FILE="/tmp/clientinfo"

      curl -s http://ipinfo.io/$CLIENT_IP -o $CLIENT_INFO_FILE                                                   

      CLIENT_CITY=`cat /tmp/clientinfo | grep city | awk '{ print $2 }'`
      CLIENT_COUNTRY=`cat /tmp/clientinfo | grep country | awk '{ print $2 }'`
      CLIENT_IPS=`cat /tmp/clientinfo | grep org | awk '{ print $2 $3 $4 $5 }'`
      CLIENT_INFO="$CLIENT_IP, $CLIENT_IPS, $CLIENT_CITY $CLIENT_COUNTRY"

}

# check ssh-client info
if [ -n "$SSH_CLIENT" ]; then
      clientinfo;

fi

# tellmewhois
tellmewhois () {
      curl -s -k\
      "https://api.telegram.org/bot$TOKEN\
      /sendMessage?chat_id=$CHAT_ID\
      &text=$MESSAGE+$CLIENT_INFO"\
      > /dev/null&$COMMAND

}

# check wether ssh, rsync, git or netcat
case "$SSHORIGINALCOMMAND" in
  
      'rsync --server'*)
      COMMAND=$SSHORIGINALCOMMAND
      MESSAGE="Ha sido enviado un comando rsync al servidor $HOSTNAME desde "
      ;;

      'git-'*)
      COMMAND=$GIT_COMMAND
      MESSAGE="Ha sido enviado un comando git al servidor $HOSTNAME desde "
      git-shell -c "$SSHORIGINALCOMMAND"
      ;;

      'nc'*)
      COMMAND=$SSHORIGINALCOMMAND
      MESSAGE="Ha sido enviado un comando netcat al servidor $HOSTNAME desde"
      ;;

      *)
      MESSAGE="SesiĆ³n ssh iniciada en el servidor $HOSTNAME desde "
      ;;

esac

# notify
tellmewhois