Source Code
The entire project, readable in your browser. No hidden JavaScript, no sneaky beacons. If we claimed we don't track you, this is where you check.
|
Pages/
Feeds/
Backend/
Includes/
Stylesheet/
JavaScript/
data/counter.txt and data/guestbook.txt hold visitor-supplied content
(a number and signed messages), so they are not shown here.
|
1 <?php 2 /** 3 * browser.php -- Deep-dive into what JavaScript can read from the browser. 4 * Renders the full detection object (no fingerprint hashing here) plus the 5 * interactive terminal. 6 */ 7 require_once __DIR__ . '/includes/config.php'; 8 require_once __DIR__ . '/includes/functions.php'; 9 10 $PAGE_TITLE = 'Browser'; 11 $PAGE_ID = 'browser.php'; 12 13 include __DIR__ . '/includes/header.php'; 14 ?> 15 16 <h1><?php echo section_icon('monitor', '#00FFFF', 22); ?> Browser Detection</h1> 17 18 <p> 19 With no permission prompts and no exploits, a page can read all of the 20 following straight out of your browser. This is the raw material every 21 fingerprinter starts from. 22 </p> 23 24 <div id="browserOut"> 25 <div class="panel"><div class="panel-body center dim"> 26 Probing your browser <span class="cursor"></span> 27 </div></div> 28 </div> 29 30 <hr> 31 32 <!-- Interactive terminal --> 33 <h2><?php echo section_icon('chip', '#00FF00'); ?> Interactive Terminal</h2> 34 <p class="dim">A real shell over your own data. Type <span class="cyan">help</span>. Try <span class="cyan">neofetch</span>, <span class="cyan">whoami</span>, <span class="cyan">fortune</span>.</p> 35 <div class="terminal" style="min-height:240px"> 36 <div id="termOutput"></div> 37 <div class="term-inputline"> 38 <span class="ps1">guest@whatcanilearn:~$</span> 39 <input class="term-input" id="termInput" autocomplete="off" autocapitalize="off" spellcheck="false" aria-label="terminal input"> 40 </div> 41 </div> 42 43 <script> 44 window.EYES = window.EYES || {}; 45 window.EYES.BASE = <?php echo json_encode(BASE_URL); ?>; 46 </script> 47 <script src="<?php echo eattr(url('assets/js/detect.js')); ?>"></script> 48 <script src="<?php echo eattr(url('assets/js/fingerprint.js')); ?>"></script> 49 <script src="<?php echo eattr(url('assets/js/scan.js')); ?>"></script> 50 <script src="<?php echo eattr(url('assets/js/export.js')); ?>"></script> 51 <script src="<?php echo eattr(url('assets/js/terminal.js')); ?>"></script> 52 <script> 53 (function () { 54 function go() { 55 window.EYES.initTerminal(); 56 // Build a full report so the terminal + rendering have data, then draw 57 // the browser-focused panels using the shared dashboard renderer. 58 window.EYES.buildReport().then(function (report) { 59 window.EYES.renderDashboard(document.getElementById('browserOut'), report); 60 }).catch(function (e) { 61 document.getElementById('browserOut').innerHTML = 62 '<div class="badbx">Detection failed: ' + (e && e.message ? e.message : e) + '</div>'; 63 }); 64 } 65 if (document.readyState === 'loading') document.addEventListener('DOMContentLoaded', go); 66 else go(); 67 })(); 68 </script> 69 70 <?php include __DIR__ . '/includes/footer.php'; ?> 71 You are reading the real file being executed on the server. What you see is what runs. |