With a little know how it is pretty easy to set up your laptop so that you can get it back again if it’s been stolen. There are a few commercial products available that can do this but it’s more fun to make your own. This only works if your computer is used on the internet once stolen. It will automatically poll a web server which then logs the IP address of your computer. The server then emails the IP to you and you can then use a traceroute command to find out what ISP the thief is using. Once this is known, you can then get in touch with your local enforcers of law. They’ll hopefully be able to work with the ISP to locate the physical address of your laptop. So there are a few things that will need to happen for this to be able to work.

A thief will need to be able to log into the computer. So avoid using login screen or if your computer is set up so that it requires logging into then provide a guest account and provide the user name and password on a post-it note stuck to the laptop. If the crook can’t log in then they will just end up reinstalling the OS and all will be lost.

The crook will need to access the internet. If they can’t get online then you can’t get them. Try to stick to a pretty straight forward network setup that will work with most DSL routers. The more complicated it is, the less likely it is to work. Perhaps you could provide a link on your desktop to your dial-in account. Some ISPs offer a dial-in service, so you could create a shortcut to this as a courtesy to a scumbag thief.

Here’s what you’ll need:

• Know-how in php and Java
• A web server on the internet that runs php scripts with mail sending enabled. The (email part is optional). There are several free web hosting services you could use however many of them have the php mail function disabled. Most commercial php web hosts have php mailing enabled.
• Your laptop will need the Java Runtime Environment installed. You may wish to port the Java code to some other language if you prefer.
• RealVNC installed

The iplogger.php script will log and email the IP address of your stolen computer to you. This is to be uploaded to your web server. You will need to modify line 11 with your own email address. Also in the event that your computer is stolen you will need to modify line 5 with the id that you have assigned to your computer. For example:
$stolenuser = “mattslaptop”;

You shouldn’t need to modify the Main.java unless you have installed RealVNC to a different location. This change is made on line 51. If you don’t want to use RealVNC then just delete lines 48 to 53.

Compile the main.java program into a class file and create a shortcut to it. The target of the shortcut will look something like this:

%windir%\system32\javaw.exe “C:\Main.class” http://mydomain.com/iplogger.php?id=mattslaptop

The url of the iplogger script is passed in as an argument and the name of the computer to track is included as part of the url. Change ‘mattslaptop’ to your own computers id.

Note that we use javaw to start the Main.class. This is so that the process runs in the background without a window.

Copy the shortcut into: C:\Documents and Settings\All Users\Start Menu\Programs\Startup

That’s it. You can test if it’s working by looking at the following url on your own web host:

http://mydomain.com/mattslaptop

The output will be something like :

121.22.123.232 Local Date/Time:27-04-2008_12:39      Server Date/Time:26-Apr-2008 19:34

Once your computer is stolen, remember to change line 5 on the iplogger script so that is matches the id of your computer. This will enable regular email updates of IP addresses.

Once you have the recent log of the IP address, you should also be able to VNC to your computer but only if it is not behind a network firewall. Remember to unblock VNC in your laptops firewall. You should VNC in listen mode only to watch what the bandit is doing on your computer. If you try to remote control it, you will give yourself away. You may see the culprit enter personal info that may help to identify them and this can then be given to police.

Okay, so there are a lot of conditions that need to met in order for this to work. Hopefully the villain is not too smart and doesn’t realize this risks of using a stolen computer on the internet. But I guess it’s safe to assume they probably don’t otherwise they would have a higher paying job and wouldn’t have to jack other peoples shit. Good luck.

Of course, there are more elegant ways of doing this. A cleaner way to do this is by avoiding Java altogether and code to a Windows service in Visual Studio. Also VNC should be run as a service also. This would be much more covert. The solution that I’ve provided here was just hacked together yesterday just as a proof of concept. So there’s plenty of enhancements you could make to this.

This entry was posted on Monday, April 28th, 2008 at 1:35 pm and is filed under Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.