From f58db71190912f407f685b077dcb998bf58d89e0 Mon Sep 17 00:00:00 2001
From: Kevin Thompson <kevin.david.thompson@gmail.com>
Date: Sun, 26 Apr 2015 08:48:12 -0500
Subject: [PATCH 1/3] adds blame a former employee mode.

---
 README.md  |  8 ++++++++
 index.html | 34 ++++++++++++++++++++++------------
 2 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index 5c0750f..c7740a0 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,7 @@ By default, IPew will use a statistical model for choosing source countries for
 
 In similar vein, and using the perpsective many prominent security vendors and pundits seem to have, you can make all cyber attacks from from China with `china_mode=1` or from North Korea with `dprk_mode=1`.
 
+
 IPew's default attack timing is based on observational data from many sources, but you can make it look like the world is on the brink of cyber collapse by setting `bad_day=1`.
 
 Finally, you can proudly display your organization's name by setting `org_name=MyOrgName` (URL encode any spaces or special characters).
@@ -43,6 +44,13 @@ We had an interesting request to be able to use IPew in a IR "drill" setting, so
 
 One of my personal favorites is [http://ocularwarfare.com/ipew/index.html?china_mode=1&org_name=Mandiant&bad_day=1](http://ocularwarfare.com/ipew/index.html?china_mode=1&org_name=Mandiant&bad_day=1).
 
+### Blame former employee mode
+
+If you want to show that former employees are the problem, try out
+employee_mode. You can set a first and last name for the employee and also
+set a latitude and longitude.
+[http://ocularwarfare.com/ipew/index.html?org_name=Verizon&employee_mode=1&employee_fname=Kevin&employee_lname=Thompson&lat=43.2672&lon=-70.8617](http://ocularwarfare.com/ipew/index.html?org_name=Verizon&employee_mode=1&employee_fname=Kevin&employee_lname=Thompson&lat=43.2672&lon=-70.8617)
+
 ### Using IPew
 
 Feel free to use the hosted version, but we've released IPew under a liberal Creative Commons license, so clone away and use as you see fit, just remember to share your creations (and code) with others.
diff --git a/index.html b/index.html
index f802b17..a9b6c36 100644
--- a/index.html
+++ b/index.html
@@ -44,7 +44,7 @@
 }
 
 #about {
-  display: hidden; 
+  display: hidden;
 }
 
 #aboutdiv {
@@ -188,6 +188,9 @@ <h3>About IPew</h3>
     var chatt_mode = $.getUrlVar('chatt_mode');
     var china_mode = $.getUrlVar('china_mode');
     var dprk_mode = $.getUrlVar('dprk_mode');
+    var employee_mode = $.getUrlVar('employee_mode');
+    var employee_fname = $.getUrlVar('employee_fname');
+    var employee_lname = $.getUrlVar('employee_lname');
     var origin = $.getUrlVar('origin');
     var random_mode = $.getUrlVar('random_mode');
     var tng = $.getUrlVar('tng');
@@ -215,7 +218,7 @@ <h3>About IPew</h3>
     }
 
     if (typeof org_name !== 'undefined') { $("#titlediv").text(decodeURI(org_name) + " IPew Attack Map").html() }
-    
+
     // we maintain a fixed queue of "attacks" via this class
     function FixedQueue( size, initialValues ){
       initialValues = (initialValues || []);
@@ -256,29 +259,29 @@ <h3>About IPew</h3>
     var rand = function(min, max) {
         return Math.random() * (max - min) + min;
     };
-     
+
     var getRandomCountry = function(countries, weight) {
 
         var total_weight = weight.reduce(function (prev, cur, i, arr) {
             return prev + cur;
         });
-         
+
         var random_num = rand(0, total_weight);
         var weight_sum = 0;
-         
+
         for (var i = 0; i < countries.length; i++) {
             weight_sum += weight[i];
             weight_sum = +weight_sum.toFixed(2);
-             
+
             if (random_num <= weight_sum) {
                 return countries[i];
             }
         }
-         
+
     };
 
     // need to make this dynamic since it's approximated from sources
-     
+
     var countries = [9,22,29,49,56,58,78,82,102,117,139,176,186] ;
     var weight = [0.000,0.001,0.004,0.008,0.009,0.037,0.181,0.002,0.000,0.415,0.006,0.075,0.088];
 
@@ -304,7 +307,7 @@ <h3>About IPew</h3>
           borderWidth: 0.75,
           borderColor: '#4393c3',
           popupTemplate: function(geography, data) {
-            return '<div class="hoverinfo" style="color:white;background:black">' + 
+            return '<div class="hoverinfo" style="color:white;background:black">' +
                    geography.properties.name + '</div>';
           },
           popupOnHover: true,
@@ -350,7 +353,7 @@ <h3>About IPew</h3>
        getData: function() {
 
            var self = this;
-           
+
            if (typeof random_mode !== 'undefined') { Math.floor((Math.random() * slatlong.length)); }
 
            dst = Math.floor((Math.random() * slatlong.length));
@@ -380,7 +383,7 @@ <h3>About IPew</h3>
            which_attack = attack_type[Math.floor((Math.random() * attack_type.length))];
            var srccountry = slatlong[src]["country"];
            // "Hi, Mandiant!!"
-           if (typeof china_mode !== 'undefined') { 
+           if (typeof china_mode !== 'undefined') {
              srclat = cnlatlong[src].lat;
              srclong = cnlatlong[src].long;
              if (cnlatlong[src].country=="chn") { which_attack = "ZOMGOSH CHINA!!!!!!"; }
@@ -401,6 +404,13 @@ <h3>About IPew</h3>
              which_attack = "OMG NATION STATE CHATTANOOGA!!!";
              srccountry = "usa";
            }
+           // blame a former employee
+           else if (typeof employee_mode !== 'undefined') {
+             srclat = in_lat;
+             srclong = in_lon;
+             which_attack = "Former employee attack:" + employee_fname + " " + employee_lname;
+             srccountry = "usa";
+           }
 
            // Specify a country
            else if (typeof origin !== 'undefined') {
@@ -471,7 +481,7 @@ <h3>About IPew</h3>
 
     </script>
     <!-- Piwik -->
-    <script type="text/javascript"> 
+    <script type="text/javascript">
       var _paq = _paq || [];
       _paq.push(['trackPageView']);
       _paq.push(['enableLinkTracking']);

From 94be5bc27de5d39fd07e2f8daedfdb776103c05b Mon Sep 17 00:00:00 2001
From: Kevin Thompson <kevin.david.thompson@gmail.com>
Date: Sun, 26 Apr 2015 08:57:00 -0500
Subject: [PATCH 2/3] employee_mode doesn't REQUIRE a lat and lon anymore

---
 index.html | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/index.html b/index.html
index a9b6c36..46af4be 100644
--- a/index.html
+++ b/index.html
@@ -406,8 +406,10 @@ <h3>About IPew</h3>
            }
            // blame a former employee
            else if (typeof employee_mode !== 'undefined') {
-             srclat = in_lat;
-             srclong = in_lon;
+             if (typeof in_lat !== 'undefined' && typeof in_lon !== 'undefined') {
+               srclat = in_lat;
+               srclong = in_lon;
+             }
              which_attack = "Former employee attack:" + employee_fname + " " + employee_lname;
              srccountry = "usa";
            }

From 86219c9f58b697a52e94984c5a209fb601efd857 Mon Sep 17 00:00:00 2001
From: Kevin Thompson <kevin.david.thompson@gmail.com>
Date: Sun, 26 Apr 2015 09:00:22 -0500
Subject: [PATCH 3/3] tolerates when employee_mode doesn't incldue an employee
 name

---
 index.html | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/index.html b/index.html
index 46af4be..5438133 100644
--- a/index.html
+++ b/index.html
@@ -410,7 +410,10 @@ <h3>About IPew</h3>
                srclat = in_lat;
                srclong = in_lon;
              }
-             which_attack = "Former employee attack:" + employee_fname + " " + employee_lname;
+             which_attack = "Former employee attack"
+             if (typeof employee_fname !== 'undefined' && typeof employee_lname !== 'undefined') {
+               which_attack += ":" + employee_fname + " " + employee_lname;
+             }
              srccountry = "usa";
            }