Share this page: Follow me to be notified of new articles:

MacThief

What is it?

Mac Thief allows you to find your Mac in case someones steals it : The idea came from Pombo (in French), a linux version of this script created by Sebastien Sauvage.

You could improve the script very easily and make it even closer to Pombo by also taking a photo from the iSight camera. To do this, you could use iSightCapture for example. But I think it's an invasion of privacy to take legitimate users' pics without their knowledge. If you still want to do it, take a minute to read the wikipedia article about the case Robbins v. Lower Merion School District.

This script is intended to be used on your own laptop, and every legitimate user should have the knowledge of the implementation of this program. It is wrong to use this kind of script to spy on people. If you thought about doing that, click here, we will help you.

What do I need?

  1. A Mac
  2. Another Mac / server

What can I do with the source code?

What ever you want. (learn more)
Would you like to improve it? If you want, send me the updated version and if you want, I'll publish it here. (contact me)

Changelog

Source code

On your computer, save this script with a text Editor like emacs, VIM or nano as "~/macthief.sh" :


Then, change the options on the first lines. Comment the option 1 or 2 at the bottom depending on the type of transfer you'd like to use.
If you use the HTTP transfer, here is a very simple PHP upload script you can use :


You really need to protect this form with an HTTP Authentication learn more. Then you'll need to put the login as MACTHIEF_HTTP_POST_LOGIN and the password as MACTHIEF_HTTP_POST_PASS in .macthief.sh

Then, just try to manually run the script by typing "sh .macthief.sh".
You should have that kind of result :

gabs-MacBook-Air:~ gab$ sh .macthief.sh
  adding: BigBird_2012-11-25_21h55.jpg (deflated 8%)
  adding: BigBird_2012-11-25_21h55.txt (deflated 51%)
OK

If means the file transfer was OK. If you log on the second server and check the MacThief folder, you should see your file, like that :

gab@faraway:~/macthief$ ls
BigBird_2012-11-25_21h55.zip

Then, on your Mac, create with emacs / vim or nano the file "~/Library/LaunchAgents/macthief.plist" with the following content (don't forget to replace /INSERT/PATH/HERE/ with the good folder to .macthief.sh => do not use ~) :


Then, just run the following command to start the Agent :


By the way, to stop the agent, just run :


After a few minutes, on the second server, you should be able to see a few files created :
gab@faraway:~/macthief$ ls
BigBird_2012-11-25_21h55.zip  BigBird_2012-11-25_22h11.zip
BigBird_2012-11-25_22h10.zip  BigBird_2012-11-25_22h11.zip

This means that it works ! You are done.

It does not work? Well, well, well, just un-comment the StandardErrorPath and StandardOutPath lines (4 lines) of "~/Library/LaunchAgents/macthief.plist". Stop the agent, start it again and monitor the file "/tmp/macthief.log". It should help you to find the issue.

On the second server, I recommend to add the following cron. It will delete, every day, the files that are more than 15 days old.
Last update of this page: March 27, 2017
Please do not copy any of the content of this website without asking me first.