Skip to content
/ watcher Public

Watcher logs uniquely identifiable information before discreetly redirecting the user to the intended link.

watcher.safesploit.com

License

MIT license
3 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

safesploit/watcher

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.php
index.php
 
 
watcher.php
watcher.php
 
 

Repository files navigation

Watcher

Watcher tracks referrer page, IP address, date/time and user agent data before discreetly redirecting to the indended URL.

Table of Contents

Setup

Hosting

PHP has a built-in web server which can be used to spin up a server immediately for testing purposes.

$ git clone https://github.com/safesploit/Watcher.git
$ cd Watcher
$ php -S localhost:8080 index.php

We can now access Watcher via http://localhost:8080

URL Formatting

Using the GET variable s we can specify the header address to redirect the user to.

http://localhost:8080/index.php?s=safesploit.com

Watcher will log information in log.txt and then redirect the user to http://google.com.

Alternatively the shorter form http://localhost:8080/?s=safesploit.com can be used.

Example log

Logged IP address: 127.0.0.1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Reffered by: Parameter: safesploit.com Date logged: Friday 29th 2022f July 2022 07:33:38 PM

Watcher v1.1.0

Since v1.1.0 full URLs can be provided via the s parameter without significant issue

Logged IP address: 127.0.0.1, User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36, Referred by: , Parameter: https://www.safesploit.com, Date logged: Saturday 30th 2022f July 2022 05:56:57 PM

The supplied URL is as follows:

http://localhost:8080/index.php?s=https://www.safesploit.com

Potential Issues

Because www.safesploit.com will redirect HTTP request to HTTPS the code logic header( "Location: http://" . $_GET['s'], TRUE, 301 ) works fine.

But for web servers which only use HTTPS and do not redirect HTTP requests issues will occur.

Programming logic

Writing to the log file

As of v1.1.0 data is is formatted using the $data variable before being written to the log file.

$data = 
    "Logged IP address: $ip, " .
    "User-Agent: $userAgent, " . 
    "Referred by: $referred, " .
    "Parameter: $param, " .
    "Date logged: $date " .
    "\n";

https://github.com/safesploit/Watcher/blob/cd891a2d70b1e38a53e29f7ba553f3b3941ddaa9/watcher.php#L72

Contributors

Repositories which inspired and where I used code.

About

Watcher logs uniquely identifiable information before discreetly redirecting the user to the intended link.

watcher.safesploit.com

Topics

php grabber url-shortener redirect-urls user-agent-detection grabify

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases 1

Watcher v1.1.0 Latest
Jul 30, 2022

Packages

No packages published

Languages