Switch to mac hashes

This commit is contained in:
Jonathan Flueren 2023-08-13 22:08:35 +02:00
parent 6720423e16
commit 43574afcbc
6 changed files with 135 additions and 54 deletions

View file

@ -7,42 +7,41 @@ import json
import hmac
import hashlib
IDENTITIES_PATH = "identities.yaml"
WEBHOOK_URL = "https://cloud.flueren.eu/public/update.php"
IDENTITIES_URL = "http://localhost:8080/identities.json"
WEBHOOK_URL = "http://localhost:8080/update.php"
WEBHOOK_SECRET = "CHANGE-THIS"
def get_identities():
resp = requests.get(IDENTITIES_URL)
return resp.json()
def parse_wifi_map(map_path):
# read scan results
with open(map_path, 'r') as f:
wifi_map = yaml.safe_load(f)
# read known identities
with open(IDENTITIES_PATH, 'r') as f:
identities = yaml.safe_load(f)['identities']
identities = get_identities()
print("Known identities:")
for identity in identities:
print('mac = {}, name = {}'.format(identity['mac'],identity['name']))
print('mac hash = {}, name = {}'.format(identity['mac_hash'],identity['name']))
devices = set()
filtered_identities = set()
# filter scan results for known identities
for ssid in wifi_map:
#print('ssid = {}'.format(ssid))
ssid_node = wifi_map[ssid]
for bssid in ssid_node:
#print('\tbssid = {}'.format(bssid))
bssid_node = ssid_node[bssid]
if 'devices' in bssid_node:
for device in bssid_node['devices']:
devices |= {device}
#print('\t\tdevice = {}'.format(device))
for identity in identities:
if identity['mac'] == device:
mac_hash = hashlib.sha256(device.encode()).hexdigest()
if identity['mac_hash'] == mac_hash:
filtered_identities |= {identity['name']}
#print('\n\nSSID count: {}, Device count: {}'.format(len(wifi_map), len(devices)))
print('\nFiltered identities:')
print(filtered_identities)

View file

@ -5,7 +5,7 @@ TEST_SSID:
channels:
- 11
devices:
3c:07:71:15:f1:48:
00:00:00:00:00:00:
bytes: 798
signal: 1
vendor: Sony Corporation

View file

@ -1 +1 @@
[]
[{"name":"Jon","mac_hash":"38fbdde984330e50c02382e647c576b71f41cc5c45b193d4f3177e6ee8f22a78"},{"name":"BROADCAST","mac_hash":"ef85d972b07fccdd79085ddb4713cd487c3838e128a7c4d11092909675c2022d"}]

View file

@ -1,47 +1,92 @@
<?php
define('IDENTITIES_FILE', 'identities.json');
define('PRESENT_FILE', 'present.json');
$page_title = 'CZI Presence Detector';
$present_file = 'present.json';
$identities_file = 'identities.json';
$name_pattern = "^([ a-zA-Z'\-]){1,30}$";
$mac_pattern = "^([0-9A-Fa-f]{2}[:-s]){5}([0-9A-Fa-f]{2})$";
$name_pattern = "^([ \u00c0-\u01ffa-zA-Z'\-]){1,30}$";
$mac_pattern = '^([0-9A-Fa-f]{2}[:-s]){5}([0-9A-Fa-f]{2})$';
$present = json_decode(file_get_contents($present_file), true);
$present = json_decode(file_get_contents(PRESENT_FILE), true);
$tz = 'Europe/Berlin';
$datetime = new DateTime("now", new DateTimeZone($tz));
$datetime->setTimestamp($present["timestamp"]);
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (
preg_match($name_pattern, $_POST['name']) != 1 ||
preg_match($mac_pattern, $_POST['mac'] != 1)
) {
http_response_code(400);
die("Bad data");
}
$name = $_POST['name'];
$normalized_mac = str_replace('-', ':', strtolower($_POST['mac']));
function hash_mac($mac) {
$normalized_mac = str_replace('-', ':', strtolower($mac));
$hashed_mac = hash('sha256', $normalized_mac);
return $hashed_mac;
}
$identities = json_decode(file_get_contents($identities_file), true);
function add_identity($name, $mac) {
if (
preg_match('/' . $name_pattern . '/', $name) != 1 ||
preg_match('/' . $mac_pattern . '/', $mac) != 1
) {
http_response_code(400);
die("Bad data");
}
$hashed_mac = hash_mac($mac);
$identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
$url = strtok($_SERVER['REQUEST_URI'], '?');
foreach ($identities as $identity) {
if (
$identity['name'] == $name ||
$identity['mac_hash'] == $hashed_mac
) {
// TODO show error to user
die("Duplicate data");
foreach ($identities as $identity) {
if ($identity['name'] == $name) {
header("Location: " . $url . "?dup_name", true, 303);
exit();
}
if ($identity['mac_hash'] == $hashed_mac) {
header("Location: " . $url . "?dup_mac", true, 303);
exit();
}
}
array_push($identities, array("name" => $name, "mac_hash" => $hashed_mac));
file_put_contents(IDENTITIES_FILE, json_encode($identities));
header("Location: " . $url . "?succ", true, 303);
exit();
}
function remove_identity($mac) {
if (preg_match('/' . $mac_pattern . '/', $mac) != 1) {
http_response_code(400);
die("Bad data");
}
$hashed_mac = hash_mac($mac);
$identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
$new_identities = array();
foreach ($identities as $identity) {
if ($identity['mac_hash'] != $hashed_mac) {
array_push($new_identities, $identity);
}
}
// TODO store new identity
header("Location: /", true, 303);
exit();
file_put_contents(IDENTITIES_FILE, json_encode($new_identities));
header("Location: " . strtok($_SERVER['REQUEST_URI'], '?'), true, 303);
exit();
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (
isset($_POST['name']) &&
isset($_POST['mac'])
) {
add_identity($_POST['name'], $_POST['mac']);
}
else if (isset($_POST['remove-mac'])) {
remove_identity($_POST['remove-mac']);
}
}
?>
@ -75,15 +120,52 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
}
?>
</table>
<br><br><br>
<div class="card" style="max-width: 30rem;">
<div class="card-body">
<h5 class="card-title">Neues Gerät tracken</h5>
<form method="POST">
<input class="form-control" type="text" name="name" pattern="<?php print($name_pattern); ?>" placeholder="Gebe hier deinen Namen ein" value="" /><br>
<input class="form-control" type="text" name="mac" pattern="<?php print($mac_pattern); ?>" placeholder="Gebe hier die MAC-Adresse des zu trackenden Gerätes ein" value="" /><br>
<button class="btn btn-primary" type="submit">Speichern</button>
</form></div></div>
<br><br>
<?php
if ($_SERVER['QUERY_STRING'] == 'dup_name') {
?>
<div class="alert alert-danger" role="alert">
Name already in use, please choose a different one.
</div>
<?php
} else if ($_SERVER['QUERY_STRING'] == 'dup_mac') {
?>
<div class="alert alert-danger" role="alert">
MAC already set up, please remove it first to change name.
</div>
<?php
} else if ($_SERVER['QUERY_STRING'] == 'succ') {
?>
<div class="alert alert-success" role="alert">
Identity successfully saved.
</div>
<?php
}?>
<div class="row justify-content-start">
<div class="col col-md-4">
<div class="card" style="max-width: 30rem;">
<div class="card-body">
<h5 class="card-title">Neues Gerät tracken</h5>
<form method="POST">
<input class="form-control" type="text" name="name" pattern="<?php print($name_pattern); ?>" placeholder="Gebe hier deinen Namen ein" value="" /><br>
<input class="form-control" type="text" name="mac" pattern="<?php print($mac_pattern); ?>" placeholder="Gebe hier die MAC-Adresse des zu trackenden Gerätes ein" value="" /><br>
<button class="btn btn-primary" type="submit">Speichern</button>
</form>
</div>
</div>
</div>
<div class="col col-md-4">
<div class="card" style="max-width: 30rem;">
<div class="card-body">
<h5 class="card-title">Gerät entfernen</h5>
<form method="POST">
<input class="form-control" type="text" name="remove-mac" pattern="<?php print($mac_pattern); ?>" placeholder="Gebe hier die MAC-Adresse des zu löschenden Gerätes ein" value="" /><br>
<button class="btn btn-primary" type="submit">Entfernen</button>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>

View file

@ -1 +1 @@
{"timestamp":1691853251,"names":["BROADCAST"]}
{"timestamp":1691957288,"names":["Jon"]}

View file

@ -61,7 +61,7 @@ http_response_code(200);
$present = array(
"timestamp" => time(),
"identities" => $decoded
"names" => $decoded
);
file_put_contents($present_file, json_encode($present));