index.html 8.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342
  1. <!DOCTYPE html>
  2. <html lang="en-US">
  3. <head>
  4. <meta charset="UTF-8"/>
  5. <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0">
  6. <TITLE>Grande Puffo</TITLE>
  7. <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
  8. <meta name="description" content="web security demo from the server round trip to the user client">
  9. <link rel="shortcut icon" href="./favicon.ico">
  10. <style>
  11. html {
  12. height:100%;
  13. }
  14. body {
  15. margin: 0px;
  16. padding: 25px;
  17. background: #000000;
  18. color: #FFFFFF;
  19. font-size: 14px;
  20. }
  21. a {
  22. color: green;
  23. text-decoration: underline;
  24. }
  25. a:focus {
  26. color: green;
  27. }
  28. a:hover {
  29. color: green;
  30. }
  31. .aaa {
  32. color: green;
  33. text-decoration: underline;
  34. }
  35. .aaa:focus {
  36. color: green;
  37. }
  38. .aaa:hover {
  39. color: green;
  40. }
  41. #footerCont {
  42. position: relative;
  43. top: +34.5px;
  44. left:-15px;
  45. width: 111%;
  46. height:50px;
  47. border: 1px solid #C2DBF2;
  48. padding: 7px;
  49. opacity: 0.6;
  50. background: #b2dba1;
  51. color:#000000;
  52. font-family: Sans;
  53. font-size: 12px;
  54. text-align: center;
  55. z-index: 99998;
  56. display:none;
  57. }
  58. #footer {
  59. position: relative;
  60. top: 15px;
  61. left: -20px;
  62. float: right;
  63. width: fit-content;
  64. height: 24px;
  65. border: 0px solid #C2DBF2;
  66. padding: 2px;
  67. opacity: 0.7;
  68. color: #FFFFFFF;
  69. font-family: Sans;
  70. font-size: 12px;
  71. font-weight: 400;
  72. text-align: right;
  73. z-index: 99999;
  74. vertical-align:middle;
  75. }
  76. H1 {
  77. font-size:17px;
  78. }
  79. </style>
  80. </head>
  81. <body>
  82. <h1>Welcome to Grande Puffo !</h1>
  83. <br>
  84. Grande Puffo wants to demo the given possibility to defend web resources from
  85. the server round trip until the user client side, with an eventual sha256 client check,
  86. with a suggestable one more defence given by a same element instance counter.<br>
  87. <br>
  88. You can grab the lab code from <a href="https://github.com/par7133/GrandePuffo">https://github.com/par7133/GrandePuffo</a>.
  89. <br><br>
  90. Here follows a brief documentation about the ideas behind it.
  91. <br>
  92. <br>
  93. <pre>
  94. [init.inc]
  95. require("config.inc");
  96. [config.inc]
  97. 'RES_ROUTER_PREFIX' => [
  98. 0 => [1000000, 1199999],
  99. 1 => [1200000, 1399999],
  100. 2 => [1400000, 1599999],
  101. 3 => ...
  102. ];
  103. 'RES_ROUTER' => [
  104. 0 => "idxpage1img.php",
  105. 1 => "idxpage1html.php",
  106. 2 => "idxpage1js.php",
  107. 3 => "..."
  108. ];
  109. 'RES_PASSWORD' => [
  110. 0 => "res_password1",
  111. 1 => "res_password2",
  112. 2 => "res_password3",
  113. 3 => "res_password4",
  114. 4 => "res_password5",
  115. 5 => "..."
  116. ];
  117. 'RES_SALT' => [
  118. 0 => "res_salt1",
  119. 1 => "res_salt2",
  120. 2 => "res_salt3",
  121. 3 => "res_salt4",
  122. 4 => "res_salt5",
  123. 5 => "..."
  124. ];
  125. 'RES_TYPE' => [
  126. 0 => "image",
  127. 1 => "image",
  128. 2 => "image",
  129. 3 => "script",
  130. 4 => "image",
  131. 5 => "..."
  132. ];
  133. 'RES' => [
  134. 0 => "/res/topbanner1.png",
  135. 1 => "/res/logo.png",
  136. 2 => "/res/sidebanner3.png",
  137. 3 => "/res/scriplet1.js",
  138. 4 => "/res/pix5.png"
  139. ],
  140. 'RES_DISPLAIED_SHA' => [
  141. 0 => "bdb4538753314562a8eb520e446d568cbdb4538753314562a8eb520e446d568c",
  142. 1 => "ba78c55eae177c8e6749fa6aded78757ccfb10c85121cb4fbbb76b9ce3ef4db2",
  143. 2 => "6a3c96e2c94f49f3a59b672768716e866a3c96e2c94f49f3a59b672768716e86",
  144. 3 => "c91de3449c1c46eaa8dd2eef025a2eb2c91de3449c1c46eaa8dd2eef025a2eb2",
  145. 4 => "82f3c59ab4db488f867cd0db9b143cbd82f3c59ab4db488f867cd0db9b143cbd",
  146. 5 => "..."
  147. ];
  148. 'RES_SHA' => [
  149. 0 => "67d67dc36f87471194e7cf94d30a571367d67dc36f87471194e7cf94d30a5713",
  150. 1 => "ba78c55eae177c8e6749fa6aded78757ccfb10c85121cb4fbbb76b9ce3ef4db2",
  151. 2 => "b27d6e61f49746fb9df0c1102900a029b27d6e61f49746fb9df0c1102900a029",
  152. 3 => "7db5663f808a4acf94c82ac314f84bf87db5663f808a4acf94c82ac314f84bf8",
  153. 4 => "ada5fcd9a2a343e2af3b555d7dae6fabada5fcd9a2a343e2af3b555d7dae6fab",
  154. 5 => "..."
  155. ];
  156. 'WEBPAGE_ELEMENT' => [
  157. 0 => "funnyctrl1",
  158. 1 => "funnyctrl2",
  159. 2 => "funnyctrl3",
  160. 3 => "funnyctrl4",
  161. 4 => "funnyctrl5",
  162. 5 => "..."
  163. ];
  164. [page.php]
  165. $myPrefix = mt_rand(1000000, 1199999);
  166. $myImageSha = "ba78c55eae177c8e6749fa6aded78757ccfb10c85121cb4fbbb76b9ce3ef4db2";
  167. &lt;html&gt;
  168. &lt;head&gt;
  169. &lt;link src="style1.css" type="text/css" rel="stylesheet"&gt;
  170. &lt;/head&gt;
  171. &lt;body&gt;
  172. &lt;img src='/&lt;?PHP echo($myPrefix.$myImageSha);?&gt;'&gt;
  173. &lt;img src='/&lt;?PHP echo($myPrefix.$myImageSha);?&gt;'&gt;
  174. &lt;img src='/&lt;?PHP echo($myPrefix.$myImageSha);?&gt;'&gt;
  175. &lt;img src='/&lt;?PHP echo($myPrefix.$myImageSha);?&gt;'&gt;
  176. &lt;img src='/&lt;?PHP echo($myPrefix.$myImageSha);?&gt;'&gt;
  177. &lt;/body&gt;
  178. &lt;/html&gt;
  179. [mainrouter, /mrouter.php]
  180. require("init.inc");
  181. $url=filter_input(INPUT_GET, "url")??"";
  182. $myRndPrefix = substr($url, 0, 6);
  183. $myResRouter = getResRouter($myRndPrefix):
  184. function getResRouter(string $myPrefix): string
  185. {
  186. global $ROUTING;
  187. $i=0;
  188. foreach($ROUTING['RES_ROUTER_PREFIX'] as $prefix) {
  189. if ($prefix[0]>=$myPrefix && $myPrefix<=$prefix[1]) {
  190. return $ROUTING['RES_ROUTER'][$i];
  191. }
  192. $i++;
  193. }
  194. }
  195. require("/$myResRouter?url=" . substr($url,7));
  196. [resrouter, /idxpage1img.php]
  197. $url=filter_input(INPUT_GET, "url")??"";
  198. $myDisplaiedSha = substr($url,7);
  199. $myres=getRes($myDisplaiedSha):
  200. function getRes(string $displaiedSha): int
  201. {
  202. global $ROUTING;
  203. $tot = count($ROUTING['RES_PASSWORD'])-1;
  204. $i=0;
  205. while ($i<=$tot) {
  206. if (hash("sha256", $ROUTING['RES_PASSWORD'][i].$ROUTING['RES_SALT'][i]) === $displaiedSha);
  207. return $i;
  208. }
  209. $i++;
  210. }
  211. }
  212. $mySha = $ROUTING['RES_SHA'][$myres];
  213. [[ $myShaCounter = Cookie::get($mySha, 0); ]]
  214. $myPageElementID = $ROUTING['WEBPAGE_ELEMENT'][$myres]; // Replace $myres with $myShaCounter to get an element instance based algothytm
  215. $myResType = $ROUTING['RES_TYPE'][$myres]; // Replace $myres with $myShaCounter to get an element instance based algothytm
  216. if ($myResType==="image") {
  217. $myTmpResRoot = APP_PATH . DIRECTORY_SEPARATOR . "tmpres";
  218. } else {
  219. $myTmpResRoot = APP_PATH . DIRECTORY_SEPARATOR . "tmpjs";
  220. }
  221. $myTmpResPath = getNewTmpFileName($myTmpResRoot):
  222. function getNewTmpFileName(string $tempResRoot): string
  223. {
  224. chdir($tempResRoot);
  225. $tmpFileName = "tmp". mt_rand(1000000000, 9999999999) . ".$ext";
  226. while (isReadable($tmpFileName)) {
  227. $tmpFileName = "tmp". mt_rand(1000000000, 9999999999) . ".$ext";
  228. }
  229. return $tempResRoot . DIRECTORY_SEPARATOR . $tmpFileName;
  230. }
  231. [...]
  232. //clientxmlreq;
  233. //doclientshacheck();
  234. genTmpRes($myRes, $myTmpResPath):
  235. function genTmpRes(string $myRes, string $myTmpResPath): string
  236. {
  237. if (is_readable($myRes)) {
  238. cp($myRes,$myTmpResPath);
  239. chmod($myTmpResPath, 0755);
  240. }
  241. }
  242. parent.document.getElementByID(&lt;?PHP echo($myPageElementID); ?&gt;).innerHTML = "&lt;img src='&lt;?PHP echo($myTmpResPath);?&gt;'&gt;";
  243. or
  244. header("Content-Type: image/png");
  245. echo(file_get_contents($myTmpResPath));
  246. [[
  247. Finally for an element instance based algothytm:
  248. setCookieCounter():
  249. // Increment element instance counter..
  250. function setCookieCounter() {
  251. // set iteraction counter..
  252. global $ROUTING;
  253. global $myShaCounter;
  254. global $mySha;
  255. while(true) {
  256. $myShaCounter++;
  257. if (!defined("ROUTING_RES".$myShaCounter)) {
  258. Cookie::set($mySha, 0, Cookie::EXPIRE_ONEDAY, "/", APP_HOST);
  259. break;
  260. }
  261. if ($ROUTING['RES_TYPE'][$myShaCounter]==="image") {
  262. Cookie::set($mySha, $myShaCounter, Cookie::EXPIRE_ONEDAY, "/", APP_HOST);
  263. break;
  264. }
  265. }
  266. }
  267. ]]
  268. Feedback: <a href="mailto:code@gaox.io">code@gaox.io</a>
  269. </pre>
  270. <div id="footerCont">&nbsp;</div>
  271. <div id="footer">&nbsp;&nbsp;<a href="http://5mode.com/dd.html" class="aaa">Disclaimer</a>.&nbsp;&nbsp;A <a href="http://5mode.com" class="aaa">5 Mode</a> project and <a href="http://demo.5mode.com" class="aaa">WYSIWYG</a> system. CC</div>
  272. <body>
  273. <html>