IP logger | new api-ish service

recon

#1

Hey Guys,

First post here, :innocent:

I am here to introduce a new aspect of a project I am working on(http://ki.tc). An IP logger with CLI in mind. Now, I have taken an API approach to this, so all calls are JSON dependent. Apart from my introduction, I would appreciate new ideas or rather feedback from the community as to further enhance the serviceā€¦here goesā€¦

Creating a link:

 curl -i -H "Content-Type: application/json" -X POST -d '{"url": "http://google.com"}' http://ki.tc/

Response:

{
  "url_short": {
    "_id": "b24a138a7f1bce6c493bc", 
    "admin_link": "http://ki.tc/url_shortner/b24a138a7f1bce6c493bc", 
    "link": "http://ki.tc/d93da", 
    "time": "Sun, 27 Aug 2017 18:35:16 GMT", 
    "url": "http://google.com"
  }
}

_id is not retrievable, so save it.


Admin Access:

curl -i -H "Content-Type: application/json" -X GET http://ki.tc/url_shortner/b24a138a7f1bce6c493bc

Response:

{
  "_id": "b24a138a7f1bce6c493bc", 
  "url_build": {
    "_id": "b24a138a7f1bce6c493bc", 
    "admin_link": "http://ki.tc/url_shortner/b24a138a7f1bce6c493bc", 
    "link": "http://ki.tc/d93da", 
    "time": "Sun, 27 Aug 2017 18:35:16 GMT", 
    "url": "http://google.com"
  }, 
  "url_id": 194249668
}

Admin access updated(after someone visits the link). Updated with every Access attempt.

{
  "2017-08-27 18:39:19": {
    "165914": {
      "access_id": "ae3c63d61f35", 
      "access_time": "Sun, 27 Aug 2017 18:39:19 GMT", 
      "ip_address": "X.X.X.X", 
      "user_agent": "Mozilla/5.0 (X11; Linux x86_64)"
    }
  }, 
  "_id": "b24a138a7f1bce6c493bc", 
  "url_build": {
    "_id": "b24a138a7f1bce6c493bc", 
    "admin_link": "http://ki.tc/url_shortner/b24a138a7f1bce6c493bc", 
    "link": "http://ki.tc/d93da", 
    "time": "Sun, 27 Aug 2017 18:35:16 GMT", 
    "url": "http://google.com"
  }, 
  "url_id": 194249668
}

Each access object is nested with a time-of-access key, which in return is nested with an identifier. Not to be confused with access_id.


Delete Link(DELETE METHOD | admin link)

curl -i -H "Content-Type: application/json" -X DELETE http://ki.tc/url_shortner/b24a138a7f1bce6c493bc

Response:

{
  "result": true
}


After finishing, I realized that I spelled shortener wrong shortnerā€¦speechless :sweat_smile:


Anyways, I would appreciate any feedback, productive or destructiveā€¦doesnā€™t matter as long as it is feedback.

Cheers,


(oaktree) #2

Where is the server source code?


#3

Here you go:
https://github.com/Logic-gate/datasig/blob/master/init.py#L697

Please noteā€¦The CODE is a complete mess :man_facepalming:I am believer in fast prototyping as oppose to rigorous coding


(Command-Line Ninja) #4

Hm this is indeed interesting. Is there planned support for more than just the IP and log times? A browser fingerprint? Installed services? Plugins? I think this has the potential to be really cool.

You could very easily couple this with some phishing, and youā€™ve got a dead easy way to track your engagements. I like it.


#5

Yeah, absolutelyā€¦I am actually working on integrating https://github.com/Valve/fingerprintjs2. Still in the early stagesā€¦but will see where it goes.

Cheers for the feedback.


(Command-Line Ninja) #6

That is a really nice idea. You could check for user agents server side, and then enable modules such as fingerprinting, or even things from sites like this, web RTC leaks, canvas fingerprinting, font fingerprinting, proxy detection, the lot!

This would be a HUGE step up from something like Grabify. I would also like to suggest that we make this itā€™s own module, itā€™s own project, and actually incorporate everything related to web based data exfiltration, so that being, form collection, fingerprinting, IP logging, simple javascript execution, (if this, then that). Even this as a set of tools in an API would be invaluable to a pentester in their day to day work.

Utilising WebRTC leaks, you could actually determine who clicked on what links, and you could plot it on a graph! I may be overexaggerating a bit on this, but I love JSON, and I love HTTP APIā€™s. Especially when you can host them yourselves.


#7

Your feedback and ideas are much appreciated. I will take it upon myself to fulfill every single idea. Becauseā€¦either this is a dream and I am talking to myself, or you, my friend, are my doppelganger.


(Full Snack Developer) #8

After reading a bit of your source code HOLY CRAP thatā€™s a long init.py.

Have you considered breaking this up into modules to make it more contributor friendly?


#9

:rofl::rofl:

Had to move away from openshift, started a droplet on digital oceanā€¦got frustrated from permission issuesā€¦said the hell with itā€¦init it is. :rofl:

But yeah, it needs cleaningā€¦a lot of it. :rofl: :rofl: :rofl:


(Command-Line Ninja) #10

Iā€™d be interested in contributing. @fraq, this could be valuable for chatops. We could even start a browser fingerprint database!


(Full Snack Developer) #11

I was thinking that. I currently have a long backlog of work on Legobot, but the more contributors we have there, the more features we can implement. Nitrax has already contributed loads of work and advanced us several months in development time. Iā€™m trying to get two more contributors up to speed right now.

@Logic-gate, if you want to take a look at integrating this into a chatops framework, reach out to me or @Nitrax in #legobot on the IRC.


(system) #12

This topic was automatically closed after 30 days. New replies are no longer allowed.