oxagast · October 27, 2025 11:56
diff --git a/powerlock.sh b/powerlock.sh
 #!/bin/bash
 #
 # Powerlock
 #
 #     -- Copyright: oxasploits.com / Marshall Whittaker --
 #
 # Dependancies: i3lock, LUKS, sudo or systemd, expect
 #
 # Configuration: Use something like 'xidle' to invoke this script after
 # the mouse has not been moved for a certain amount of time by adding
 # it to your window manager's startup config.
 #
 # Notice: Should be used with disk encryption for meaningful results.
 #
 # Tip: For faster more reliable shutdown add the following line to
 # your /etc/sudoers file using sudoedit:
 #   youruser ALL=(ALL:ALL) NOPASSWD: /usr/bin/tee /proc/sysrq-trigger

 # Edit the following three variables to your liking
 TRIES=3          # Max tries user gets
 BGCOLOR="202020" # Backdrop Color
 WALLPAPER=""     # Absolute path to PNG image

 if [[ $(lsblk | grep -c crypt) -eq 0 ]] && [[ ! $(veracrypt --list) ]]; then
  echo "Warning! For this code to do anything meaningful you need"
  echo "an encrypted partition.  Otherwise, the machine shuts down"
  echo "but an attacker could mount your partitions offline without"
  echo "a password."
  sleep 10
 fi
 if [[ ! -x "/usr/bin/unbuffer" ]]; then
  echo "Warning! Please install expect."
  exit 1
 fi
 if [[ ! -u "/usr/bin/sudo" ]]; then
  echo "Warning! Please install and configure sudo!"
 fi
 if [[ ! -x "/usr/bin/i3lock" ]]; then
  echo "Warning! Please install i3lock!"
  exit 1
 fi
 # first we remove the file, recreate an empty, and fix cache
 # permissions.
 CF="$HOME/.cache/powerlock.dat"
 rm -f "${CF}"
 touch "${CF}" && chmod g-rwx,o-rwx,u=rw "${CF}"
 if [ -e "${CF}" ] && [ ! -s "${CF}" ]; then
  if [[ "${WALLPAPER}" == "" ]]; then
    # we use unbuffer to capture the debug log, and subsequently
    # filter sensitive information from our cache build routine.
    (unbuffer i3lock -f -n --debug -e -c ${BGCOLOR} | grep -v password >"${CF}") &
  else
    if [[ ! -f "${WALLPAPER}" ]]; then
      echo "Warning! Wallpaper file doesn' exist!"
      exit 1 # so we don't attempt to start a command that will fail
    fi
    (unbuffer i3lock -f -n --debug -e -i ${WALLPAPER} | grep -v password >"${CF}") &
  fi
  while [ 1 ]; do
    if [[ $(grep -c "failure" "${CF}") -ge $TRIES ]]; then # if failure is in the cahe x times or more
      echo "Powerdown!"
      rm -f "${CF}"                              # this file contains sensitive logs
      echo "s" | sudo -n tee /proc/sysrq-trigger # sync disks
      echo "u" | sudo -n tee /proc/sysrq-trigger # remount read only
      echo "o" | sudo -n tee /proc/sysrq-trigger # force poweroff
      sleep 1
      echo "Warning! Falling back to graceful shutdown using systemd!"
      systemctl poweroff # retry poweroff if sysrq magic fails
    elif [[ $(grep "successfully" "${CF}") ]]; then
      echo "Unlocked!"
      rm -f "${CF}"
      exit 0
    else
      sleep 1
    fi
  done
 else
  echo "Warning! Secure recreation of cache failed!"
  exit 1
 fi
	#!/bin/bash
	#
	# Powerlock
	#
	# -- Copyright: oxasploits.com / Marshall Whittaker --
	#
	# Dependancies: i3lock, LUKS, sudo or systemd, expect
	#
	# Configuration: Use something like 'xidle' to invoke this script after
	# the mouse has not been moved for a certain amount of time by adding
	# it to your window manager's startup config.
	#
	# Notice: Should be used with disk encryption for meaningful results.
	#
	# Tip: For faster more reliable shutdown add the following line to
	# your /etc/sudoers file using sudoedit:
	# youruser ALL=(ALL:ALL) NOPASSWD: /usr/bin/tee /proc/sysrq-trigger

	# Edit the following three variables to your liking
	TRIES=3 # Max tries user gets
	BGCOLOR="202020" # Backdrop Color
	WALLPAPER="" # Absolute path to PNG image

	if [[ $(lsblk \| grep -c crypt) -eq 0 ]] && [[ ! $(veracrypt --list) ]]; then
	echo "Warning! For this code to do anything meaningful you need"
	echo "an encrypted partition. Otherwise, the machine shuts down"
	echo "but an attacker could mount your partitions offline without"
	echo "a password."
	sleep 10
	fi
	if [[ ! -x "/usr/bin/unbuffer" ]]; then
	echo "Warning! Please install expect."
	exit 1
	fi
	if [[ ! -u "/usr/bin/sudo" ]]; then
	echo "Warning! Please install and configure sudo!"
	fi
	if [[ ! -x "/usr/bin/i3lock" ]]; then
	echo "Warning! Please install i3lock!"
	exit 1
	fi
	# first we remove the file, recreate an empty, and fix cache
	# permissions.
	CF="$HOME/.cache/powerlock.dat"
	rm -f "${CF}"
	touch "${CF}" && chmod g-rwx,o-rwx,u=rw "${CF}"
	if [ -e "${CF}" ] && [ ! -s "${CF}" ]; then
	if [[ "${WALLPAPER}" == "" ]]; then
	# we use unbuffer to capture the debug log, and subsequently
	# filter sensitive information from our cache build routine.
	(unbuffer i3lock -f -n --debug -e -c ${BGCOLOR} \| grep -v password >"${CF}") &
	else
	if [[ ! -f "${WALLPAPER}" ]]; then
	echo "Warning! Wallpaper file doesn' exist!"
	exit 1 # so we don't attempt to start a command that will fail
	fi
	(unbuffer i3lock -f -n --debug -e -i ${WALLPAPER} \| grep -v password >"${CF}") &
	fi
	while [ 1 ]; do
	if [[ $(grep -c "failure" "${CF}") -ge $TRIES ]]; then # if failure is in the cahe x times or more
	echo "Powerdown!"
	rm -f "${CF}" # this file contains sensitive logs
	echo "s" \| sudo -n tee /proc/sysrq-trigger # sync disks
	echo "u" \| sudo -n tee /proc/sysrq-trigger # remount read only
	echo "o" \| sudo -n tee /proc/sysrq-trigger # force poweroff
	sleep 1
	echo "Warning! Falling back to graceful shutdown using systemd!"
	systemctl poweroff # retry poweroff if sysrq magic fails
	elif [[ $(grep "successfully" "${CF}") ]]; then
	echo "Unlocked!"
	rm -f "${CF}"
	exit 0
	else
	sleep 1
	fi
	done
	else
	echo "Warning! Secure recreation of cache failed!"
	exit 1
	fi
No results found