dm-captcha-sas.weid.info
Open in
urlscan Pro
84.19.11.20
Public Scan
Submitted URL: https://dm-captcha-sas.weid.info/
Effective URL: https://dm-captcha-sas.weid.info/test-post.php
Submission Tags: phishingrod
Submission: On July 24 via api from DE — Scanned from DE
Effective URL: https://dm-captcha-sas.weid.info/test-post.php
Submission Tags: phishingrod
Submission: On July 24 via api from DE — Scanned from DE
Form analysis 2 forms found in the DOM
<form><input type="hidden" webfan-app-key="XXX_YOUR_APP_KEY_XXX" webfan-api-component="@frdl/dm-captcha/display-auto" fieldname="your_fieldname_validation_code" complex="50000" webfan-api-action="action_captcha" required="" invisible=""
frdl-watcher-visited-521a8de5034837f4972a3ef1d89d6997ed840d56-128-514-72="true"></form>POST test-post.php
<form action="test-post.php" method="POST"> Input anything: <input type="text" name="anything" placeholder="My name is...">
<input type="hidden" webfan-app-key="0488373f-6819-4be9-a88b-b729b36bb259" webfan-api-component="@frdl/dm-captcha/display-auto" fieldname="your_fieldname_validation_code" complex="50000" webfan-api-action="action_captcha" required="" invisible=""
frdl-watcher-visited-521a8de5034837f4972a3ef1d89d6997ed840d56-128-514-72="true">
<button>POST Form</button>
</form>Text Content
🌓
JavaScript is not enabled! You must enable it in your browser to run this
website/app.
✅ DM-CAPTCHACHECK IF A VISITOR IS A ROBOT OR HUMAN
About | Documentation | Demo
## Approach 1 (auto/form-field):
Input anything: POST Form
## Approach 2 (programmatically/callback): @ToDo Input anything: CLICK Button
# API-Explorer You can test and play around with the
[API-Explorer](https://api.webfan.de/apps/swagger-ui/#/captcha)
# About dm-captcha ## Goals Trying to build a service similar to [googles
recaptcha](https://developers.google.com/recaptcha) while... * implementing
[Daniel Marschalls
Challenge](https://github.com/danielmarschall/php_clientchallenge). * using
[Webfan API](https://api.webfan.de/) * using
[Frdlweb.js](https://cdn.startdir.de/) * *optionally* using [Webfan Webfat
Components](#components) * avoid any *Finde alle Wörter mit Ü und baue daraus
ein Müsli um zu beweisen das du kein Mensch bist.*
# Registration * [Create an
app](https://api.webfan.de/apps/developer/#!/account/app) with the scope
-captcha- included. * Get the [key and
secret](https://api.webfan.de/apps/developer/#!/account/app) of your app.
USING
× DM-Captcha API Component PHP Code ( @Component @Module display-auto.php )
<form><component src="module:@frdl/dm-captcha/display-auto" webfan-app-key="XXX_YOUR_APP_KEY_XXX" fieldname="your_fieldname_validation_code" complex="50000" webfan-api-action="action_captcha" invisible /></form>
× DM-Captcha API Component HTML Code ( @Component @Module display-auto.js )
<?php <!DOCTYPE html>
<html><body><form><input type="hidden" webfan-app-key="XXX_YOUR_APP_KEY_XXX" webfan-api-component="@frdl/dm-captcha/display-auto" fieldname="your_fieldname_validation_code" complex="50000" webfan-api-action="action_captcha" required invisible></form></body></html>
× Validation example ( PHP )
<?php $client = new \GuzzleHttp\Client();
$reply = $client->post('https://api.webfan.de/v1/dm-captchas/validate',
['json'=>[
'secret' => $API_SECRET_EXAMPLE,
'code' => $_POST[$filedname],
'timelimit'=>-1,
'ip'=>$_SERVER['REMOTE_ADDR'],
'action'=>'action_captcha',
]]);
$validationResult = json_decode( (string) $reply->getBody() );
$valid = true === $validationResult->valid ? true : false;
× Complete example ( this file )
<?php <?php
namespace Runtime\r1234567890;
$API_KEY_EXAMPLE = 'XXX_YOUR_APP_KEY_XXX';
$API_SECRET_EXAMPLE = 'XXX_YOUR_APP_SECRET_XXX';
$keys = require __DIR__.\DIRECTORY_SEPARATOR.'config.keys.php';
$API_KEY = $keys['key'];
$API_SECRET = $keys['secret'];
$templatefile = __DIR__.\DIRECTORY_SEPARATOR.'index.html';
$filedname = 'your_fieldname_validation_code';
$captchaCode = '<form><component src="module:@frdl/dm-captcha/display-auto" webfan-app-key="'.$API_KEY_EXAMPLE.'" fieldname="'.$filedname.'" complex="50000" webfan-api-action="action_captcha" invisible /></form>';
$code4 = highlightText(file_get_contents(__FILE__));
require __DIR__.\DIRECTORY_SEPARATOR.'index.php';
$StubRunner-> autoloading();
$Flash = new \frdl\Flash();
// $Engine=new \Webfan\Engine;
// For productional final apps:
// $Engine->load(\Webfan\DescriptorType::WebApp, $StubRunner-> getStubVM());
//return;
$App = new \Webfan\AppLauncherWebfatInstaller($StubRunner);
$App->boot();
$App->getContainer()->get('app.runtime.autoloader.remote')->withWebfanWebfatDefaultSettings();
ob_start();
require $templatefile;
$response = ob_get_clean();
if('POST' === $_SERVER['REQUEST_METHOD']){
$message = '';
$message.='You typed in: '.secmail($_POST['anything']);
$message.='<br />'.'Challenge calculated code: '.$_POST[$filedname];
$client = new \GuzzleHttp\Client();
$reply = $client->post('https://api.webfan.de/v1/dm-captchas/validate',
['json'=>[
'secret' => $API_SECRET,
'code' => $_POST[$filedname],
'timelimit'=>-1,
'ip'=>$_SERVER['REMOTE_ADDR'],
'action'=>'action_captcha',
]]);
$validationResult = json_decode( (string) $reply->getBody() );
$valid = true === $validationResult->valid ? true : false;
$message.='<br />';
$message.=(true === $valid ? '<h1>Captcha: OK</h1>' : '<h1>Captcha: ERROR</h1>')
.'<br />'.'Validation result (from API Server): '.print_r($validationResult,true);
$flashMethod = true === $valid ? 'success' : 'error';
$Flash->{$flashMethod}( $message );
}
/*
$code = secmail('<component src="module:@frdl/flash" clear="true" types="*"></component>');
$Flash->info(<<<HTMLCODE
<legend>Flashmessages Component PHP:</legend>
<pre>
$code
</pre>
HTMLCODE);
*/
$code = secmail($captchaCode);
$code2 = highlightText($App->Document->compile($captchaCode), 'html');
$code3 = highlightText(<<<PHPCODE
\$client = new \GuzzleHttp\Client();
\$reply = \$client->post('https://api.webfan.de/v1/dm-captchas/validate',
['json'=>[
'secret' => \$API_SECRET_EXAMPLE,
'code' => \$_POST[\$filedname],
'timelimit'=>-1,
'ip'=>\$_SERVER['REMOTE_ADDR'],
'action'=>'action_captcha',
]]);
\$validationResult = json_decode( (string) \$reply->getBody() );
\$valid = true === \$validationResult->valid ? true : false;
PHPCODE
, 'php');
$Flash->info(<<<HTMLCODE
<legend>
DM-Captcha API Component PHP Code
<small>
( <a href="https://webfan.de/install/latest/@frdl/dm-captcha/display-auto" target="_blank">@Component @Module display-auto.php</a> )
</small>
</legend>
<pre>
$code
</pre>
HTMLCODE);
$Flash->info(<<<HTMLCODE
<legend>
DM-Captcha API Component HTML Code
<small>
( <a href="https://cdn.startdir.de/@webfan3/components/dm-captcha/display-auto.js" target="_blank">@Component @Module display-auto.js</a> ) </small>
</legend>
<pre>
$code2
</pre>
HTMLCODE);
$Flash->info(<<<HTMLCODE
<legend>
Validation example
<small>
( PHP ) </small>
</legend>
<pre>
$code3
</pre>
HTMLCODE);
$Flash->info(<<<HTMLCODE
<legend>
Complete example
<small>
( this file ) </small>
</legend>
<pre>
$code4
</pre>
HTMLCODE);
$response2 = $App->getContainer()->get('response');
$response = $response2->withBody(\GuzzleHttp\Psr7\Utils::streamFor($response));
$ConentType = $App->getResponseHeader('Content-Type', $response);
if(false === $ConentType || 'text/html' === $ConentType){
$contents = (string) $response->getBody();
$contents = $App->Document->compile($contents);
$response = $response->withBody(\GuzzleHttp\Psr7\Utils::streamFor($contents));
}
(new \Laminas\HttpHandlerRunner\Emitter\SapiEmitter)->emit($response);
//SCHLUSS / return
function secmail($emailaddress){
$email= $emailaddress;
$length = strlen($email);
$obfuscatedEmail='';
for ($i = 0; $i < $length; $i++){
$obfuscatedEmail .= "&#" . \ord($email[$i]).";";
}
return $obfuscatedEmail;
}
function highlightText($text, $fileExt="")
{
if ($fileExt == "php")
{
ini_set("highlight.comment", "#008000");
ini_set("highlight.default", "#000000");
ini_set("highlight.html", "#808080");
ini_set("highlight.keyword", "#0000BB; font-weight: bold");
ini_set("highlight.string", "#DD0000");
}
else if ($fileExt == "html")
{
ini_set("highlight.comment", "green");
ini_set("highlight.default", "#CC0000");
ini_set("highlight.html", "#000000");
ini_set("highlight.keyword", "black; font-weight: bold");
ini_set("highlight.string", "#0000FF");
}
// ...
$text = trim($text);
$text = highlight_string("<?php " . $text, true); // highlight_string() requires opening PHP tag or otherwise it will not colorize the text
$text = trim($text);
$text = preg_replace("|^\\<code\\>\\<span style\\=\"color\\: #[a-fA-F0-9]{0,6}\"\\>|", "", $text, 1); // remove prefix
$text = preg_replace("|\\</code\\>\$|", "", $text, 1); // remove suffix 1
$text = trim($text); // remove line breaks
$text = preg_replace("|\\</span\\>\$|", "", $text, 1); // remove suffix 2
$text = trim($text); // remove line breaks
$text = preg_replace("|^(\\<span style\\=\"color\\: #[a-fA-F0-9]{0,6}\"\\>)(<\\?php )(.*?)(\\</span\\>)|", "\$1\$3\$4", $text); // remove custom added "<?php "
return $text;
}
powered by Webfan Software