eyecatchup · October 14, 2017 21:29
diff --git a/watchRobot.cron.php b/watchRobot.cron.php
 <?php
 ini_set('max_execution_time', 300);
 /**
 *  Mr. Robot Season 2 easter egg website email alert cronjob (Note: Requires PHP /w curl and being able to send mails!)
 *
 *  1. Download this script. Via browser (https://gist.github.com/eyecatchup/f5f5929f57b22fc1b37ef516d675ac92/download/) or:
 *       wget --no-check-certificate https://gist.github.com/eyecatchup/f5f5929f57b22fc1b37ef516d675ac92/raw/watchRobot.cron.php
 *  2. Set the value for the constant NOTIFY_MAIL_ADDRESS (line #17) to your email address.
 *  3. Create a new cronjob (for a Win/Xampp alternative see: http://stackoverflow.com/a/4231634/624466). On your console, type:
 *       crontab -e
 *  4. Paste the following (adjust script/logfile path):
 *       0 * * * * php /absolute/path/to/watchRobot.cron.php >> /absolute/path/to/cronjob.log
 *  5. Exit crontab and you're all set. You'll get an email as soon as there's a new Mr. Robot EE site to checkout.
 */

 // CHANGE THIS TO YOUR EMAIL ADDRESS !!!
 const NOTIFY_MAIL_ADDRESS = '[email protected]';

 // NO NEED FOR CHANGES BELOW
 function getHttpResponse($url) {
    $curl = curl_init($url);
    curl_setopt_array($curl, [
        CURLOPT_RETURNTRANSFER => 1,
        CURLOPT_CONNECTTIMEOUT => 30,
        CURLOPT_FOLLOWLOCATION => 1,
        CURLOPT_MAXREDIRS      => 3,
        CURLOPT_SSL_VERIFYPEER => 0,
    ]);
    $resp = curl_exec($curl);
    $code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
    curl_close($curl);
    return 200 == (int)$code ? $resp : 0;
 }

 function sendAlert($host) {
    $msg = 'Strike! A new Mr. Robot easter egg site is online: ' . $host;
    mail(NOTIFY_MAIL_ADDRESS, 'Mr Robot Easter Egg Website Alert', $msg);
    echo $msg . PHP_EOL;
 }

 // Check placeholder hosts

 $bits = range(241, 248);
 $bits []= 252;

 foreach ($bits as $bit) {
    $addr = '192.251.68.' . $bit;
    $resp = getHttpResponse($addr);
    if (0 !== $resp && trim($resp) !== sprintf('i%d.bxjyb2jvda.net', $bit)) {
        sendAlert($addr);
    }
 }

 // Check alternative hosts in whoismrrobot.com SSL cert

 $json = getHttpResponse('https://api.ssllabs.com/api/v2/analyze?host=www.whoismrrobot.com&all=on');
 $data = 0 !== $json ? @json_decode($json, 1) : 0;

 if (0 !== $data && 0 < sizeof($data['endpoints'][0]['details']['cert']['altNames'])) {
    $knownHosts = [
        'whoismrrobot.com', 'www.whoismrrobot.com',
        'whereismrrobot.com', 'www.whereismrrobot.com',
        'iammrrobot.com', 'www.iammrrobot.com',
        'e-corp-usa.com', 'www.e-corp-usa.com', '*.e-corp-usa.com',
        'evil-corp-usa.com', '*.evil-corp-usa.com', '*.serverfarm.evil-corp-usa.com',
        '*.bxjyb2jvda.net',
        'fsoc.sh', 'www.fsoc.sh',
        'conficturaindustries.com', 'www.conficturaindustries.com',
        'seeso.com', 'www.seeso.com', '*.seeso.com',
        'racksure.com', 'www.racksure.com'
    ];

    foreach ($data['endpoints'][0]['details']['cert']['altNames'] as $host) {
        if (!in_array($host, $knownHosts)) {
            sendAlert($host);
        }
    }
 }
	<?php
	ini_set('max_execution_time', 300);
	/**
	* Mr. Robot Season 2 easter egg website email alert cronjob (Note: Requires PHP /w curl and being able to send mails!)
	*
	* 1. Download this script. Via browser (https://gist.github.com/eyecatchup/f5f5929f57b22fc1b37ef516d675ac92/download/) or:
	* wget --no-check-certificate https://gist.github.com/eyecatchup/f5f5929f57b22fc1b37ef516d675ac92/raw/watchRobot.cron.php
	* 2. Set the value for the constant NOTIFY_MAIL_ADDRESS (line #17) to your email address.
	* 3. Create a new cronjob (for a Win/Xampp alternative see: http://stackoverflow.com/a/4231634/624466). On your console, type:
	* crontab -e
	* 4. Paste the following (adjust script/logfile path):
	* 0 * * * * php /absolute/path/to/watchRobot.cron.php >> /absolute/path/to/cronjob.log
	* 5. Exit crontab and you're all set. You'll get an email as soon as there's a new Mr. Robot EE site to checkout.
	*/

	// CHANGE THIS TO YOUR EMAIL ADDRESS !!!
	const NOTIFY_MAIL_ADDRESS = '[email protected]';

	// NO NEED FOR CHANGES BELOW
	function getHttpResponse($url) {
	$curl = curl_init($url);
	curl_setopt_array($curl, [
	CURLOPT_RETURNTRANSFER => 1,
	CURLOPT_CONNECTTIMEOUT => 30,
	CURLOPT_FOLLOWLOCATION => 1,
	CURLOPT_MAXREDIRS => 3,
	CURLOPT_SSL_VERIFYPEER => 0,
	]);
	$resp = curl_exec($curl);
	$code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
	curl_close($curl);
	return 200 == (int)$code ? $resp : 0;
	}

	function sendAlert($host) {
	$msg = 'Strike! A new Mr. Robot easter egg site is online: ' . $host;
	mail(NOTIFY_MAIL_ADDRESS, 'Mr Robot Easter Egg Website Alert', $msg);
	echo $msg . PHP_EOL;
	}

	// Check placeholder hosts

	$bits = range(241, 248);
	$bits []= 252;

	foreach ($bits as $bit) {
	$addr = '192.251.68.' . $bit;
	$resp = getHttpResponse($addr);
	if (0 !== $resp && trim($resp) !== sprintf('i%d.bxjyb2jvda.net', $bit)) {
	sendAlert($addr);
	}
	}

	// Check alternative hosts in whoismrrobot.com SSL cert

	$json = getHttpResponse('https://api.ssllabs.com/api/v2/analyze?host=www.whoismrrobot.com&all=on');
	$data = 0 !== $json ? @json_decode($json, 1) : 0;

	if (0 !== $data && 0 < sizeof($data['endpoints'][0]['details']['cert']['altNames'])) {
	$knownHosts = [
	'whoismrrobot.com', 'www.whoismrrobot.com',
	'whereismrrobot.com', 'www.whereismrrobot.com',
	'iammrrobot.com', 'www.iammrrobot.com',
	'e-corp-usa.com', 'www.e-corp-usa.com', '*.e-corp-usa.com',
	'evil-corp-usa.com', '.evil-corp-usa.com', '.serverfarm.evil-corp-usa.com',
	'*.bxjyb2jvda.net',
	'fsoc.sh', 'www.fsoc.sh',
	'conficturaindustries.com', 'www.conficturaindustries.com',
	'seeso.com', 'www.seeso.com', '*.seeso.com',
	'racksure.com', 'www.racksure.com'
	];

	foreach ($data['endpoints'][0]['details']['cert']['altNames'] as $host) {
	if (!in_array($host, $knownHosts)) {
	sendAlert($host);
	}
	}
	}