algb12 · June 7, 2021 19:34
diff --git a/UDPGeolocate.sh b/UDPGeolocate.sh
 #!/bin/bash

 # Real-time UDP IP Geolocator
 printf "### REAL-TIME UDP IP GEOLOCATOR ###\n"
 printf "===================================\n"

 # Query user options
 read -p "Please enter the interface on which to listen for connections (Default: Detection by script): " interface
 read -p "Please enter the minimum packet size which should trigger a frame recording (Default: 200): " minPackLen
 read -p "Please enter the UDP port number on which to listen for connections (Default: Detection by script (follow instructions later on in config!)): " port
 read -p "Please enter the minimum timeout between each capture in seconds (Default: 1 second): " timeout

 # Set defaults if setting skipped
 if [[ -z "$interface" ]]; then
    # Use netstat to guess active interface
    interface=`netstat -rn | grep '^default' | grep -o '[^ ]*$'`
    if [[ -z "$interface" ]]; then
        interface=`netstat -rn | grep '^0.0.0.0' | grep -o '[^ ]*$'`
    fi
    printf "[DBG]: Detected interface: $interface\n"
 fi
 if [[ -z "$minPackLen" ]]; then
    minPackLen=200
 fi
 if [[ -z "$port" ]]; then
    read -p "Please start the service, make sure that it's running, turn off the webcam and mic, and press enter to continue. The UDP packets will be probed for 5 seconds, and the most common destination port will be assumed as the one to use."
    # Probe UDP packets for given number of seconds
    secs=5
    endTime=$(( $(date +%s) + secs ))

    while [[ $(date +%s) -lt $endTime ]]; do
        # Probe outgoing packets for udp port
        curPort=`tcpdump -n -c 1 -i $interface udp and greater $minPackLen 2>/dev/null | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]*' | cut -d . -f 5 | tail -1`
        if ! [[ -z "$curPort" ]]; then
            (( ports[$curPort]++ ))
        fi
        printf "[DBG]: Sampled UDP packet on port $curPort\n"
    done
    # Determine most likely port to listen on
    port=0
    portCount=0
    for i in "${!ports[@]}"; do
        if [[ ${ports[$i]} -gt $portCount ]]; then
            port=$i
            portCount=${ports[$i]}
            printf "[DBG]: Port $port with $portCount occurrences is the new candidate port\n"
        fi
        printf "[DBG]: Most likely port: $port\n"
    done
 fi
 if [[ -z "$timeout" ]]; then
    timeout=1
 fi

 # Initially, set old IP to arbitrary value (new one will be different)
 oldIp="0.0.0.0"

 # Start listening
 while true
 # Grab frame's IP address
 do
    # Notify of acquisition
    printf "Capturing UDP packet on port $port...\n"
    ip=`tcpdump -n -c 1 -i $interface udp src port $port and greater $minPackLen 2>/dev/null | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | tail -1`
    if ! [[ -z $ip ]]; then
        printf "[DBG]: Successfully grabbed IP: $ip\n"
    else
        printf "[DBG]: Failed to grab IP\n"
    fi

    # Smart re-querying to prevent excessive queries on API
    if ! [[ $oldIp = $ip ]]; then
        # First check if IP is TOR exit node, if yes, do not query Geolocation API
        printf "[DBG]: Checking if IP is in TorDNSEL list of current exit nodes\n"
        torMatch=`curl -s https://check.torproject.org/exit-addresses | grep -F $ip`
        if [[ -z $torMatch ]]; then
            # Query geolocation API
            printf "[DBG]: Querying Geolocation API with query: http://ip-api.com/json/$ip\n"
            json=`curl -s http://ip-api.com/json/$ip`
            if ! [[ -z $json ]]; then
                output=`python -c "import sys, json; data = json.loads('$json'); print json.dumps(data, indent=4, ensure_ascii=False).encode('utf8')"`
            else
                output='No response received from Geolocation API'
            fi
            # Output result
            printf "$output\n"
            printf "===================================\n\n"
        else
            printf "IP is Tor exit node. Not querying geolocation API\n"
            printf "[DBG]: Matched Tor exit node: $torMatch\n";
        fi

        # Set old IP to current IP
        oldIp=$ip
    else
        printf "[DBG]: Current IP identical to old IP, not re-querying geolocation API\n"
    fi

    # Timeout
    sleep $timeout
 done
	#!/bin/bash

	# Real-time UDP IP Geolocator
	printf "### REAL-TIME UDP IP GEOLOCATOR ###\n"
	printf "===================================\n"

	# Query user options
	read -p "Please enter the interface on which to listen for connections (Default: Detection by script): " interface
	read -p "Please enter the minimum packet size which should trigger a frame recording (Default: 200): " minPackLen
	read -p "Please enter the UDP port number on which to listen for connections (Default: Detection by script (follow instructions later on in config!)): " port
	read -p "Please enter the minimum timeout between each capture in seconds (Default: 1 second): " timeout

	# Set defaults if setting skipped
	if [[ -z "$interface" ]]; then
	# Use netstat to guess active interface
	interface=`netstat -rn \| grep '^default' \| grep -o '[^ ]*$'`
	if [[ -z "$interface" ]]; then
	interface=`netstat -rn \| grep '^0.0.0.0' \| grep -o '[^ ]*$'`
	fi
	printf "[DBG]: Detected interface: $interface\n"
	fi
	if [[ -z "$minPackLen" ]]; then
	minPackLen=200
	fi
	if [[ -z "$port" ]]; then
	read -p "Please start the service, make sure that it's running, turn off the webcam and mic, and press enter to continue. The UDP packets will be probed for 5 seconds, and the most common destination port will be assumed as the one to use."
	# Probe UDP packets for given number of seconds
	secs=5
	endTime=$(( $(date +%s) + secs ))

	while [[ $(date +%s) -lt $endTime ]]; do
	# Probe outgoing packets for udp port
	curPort=`tcpdump -n -c 1 -i $interface udp and greater $minPackLen 2>/dev/null \| grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]*' \| cut -d . -f 5 \| tail -1`
	if ! [[ -z "$curPort" ]]; then
	(( ports[$curPort]++ ))
	fi
	printf "[DBG]: Sampled UDP packet on port $curPort\n"
	done
	# Determine most likely port to listen on
	port=0
	portCount=0
	for i in "${!ports[@]}"; do
	if [[ ${ports[$i]} -gt $portCount ]]; then
	port=$i
	portCount=${ports[$i]}
	printf "[DBG]: Port $port with $portCount occurrences is the new candidate port\n"
	fi
	printf "[DBG]: Most likely port: $port\n"
	done
	fi
	if [[ -z "$timeout" ]]; then
	timeout=1
	fi

	# Initially, set old IP to arbitrary value (new one will be different)
	oldIp="0.0.0.0"

	# Start listening
	while true
	# Grab frame's IP address
	do
	# Notify of acquisition
	printf "Capturing UDP packet on port $port...\n"
	ip=`tcpdump -n -c 1 -i $interface udp src port $port and greater $minPackLen 2>/dev/null \| grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' \| tail -1`
	if ! [[ -z $ip ]]; then
	printf "[DBG]: Successfully grabbed IP: $ip\n"
	else
	printf "[DBG]: Failed to grab IP\n"
	fi

	# Smart re-querying to prevent excessive queries on API
	if ! [[ $oldIp = $ip ]]; then
	# First check if IP is TOR exit node, if yes, do not query Geolocation API
	printf "[DBG]: Checking if IP is in TorDNSEL list of current exit nodes\n"
	torMatch=`curl -s https://check.torproject.org/exit-addresses \| grep -F $ip`
	if [[ -z $torMatch ]]; then
	# Query geolocation API
	printf "[DBG]: Querying Geolocation API with query: http://ip-api.com/json/$ip\n"
	json=`curl -s http://ip-api.com/json/$ip`
	if ! [[ -z $json ]]; then
	output=`python -c "import sys, json; data = json.loads('$json'); print json.dumps(data, indent=4, ensure_ascii=False).encode('utf8')"`
	else
	output='No response received from Geolocation API'
	fi
	# Output result
	printf "$output\n"
	printf "===================================\n\n"
	else
	printf "IP is Tor exit node. Not querying geolocation API\n"
	printf "[DBG]: Matched Tor exit node: $torMatch\n";
	fi

	# Set old IP to current IP
	oldIp=$ip
	else
	printf "[DBG]: Current IP identical to old IP, not re-querying geolocation API\n"
	fi

	# Timeout
	sleep $timeout
	done