var unreadAlerts = '1';
You have one unread private message from dkota titled Welcome to the Forum!

Fingerprinting system (PHP)
#1
I came across this idea that instead of banning the users - why not ban fingerprints?
a sophisticated combination of information/data that determines if its the same machine/device or not, but still ends up with the same probs:  changing browsers changes the fingerprint:



Code:
<html>
    <!DOCTYPE html>
<html lang="en">
    <noscript><h3> You must have JavaScript enabled in order to use this order form. Please
      enable JavaScript and then reload this page in order to continue. </h3>
      <meta HTTP-EQUIV="refresh" content=0;url="jsblock.html"></noscript>
</html>
<?php
$ipaddy = $_SERVER['REMOTE_ADDR'];
$fstatus = "Good";
$ticket = $_COOKIE['ticket'];
// Check if cache is allowed
// Collect browser language
$language = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
// Collect screen resolution
$resolution = '';
if (isset($_COOKIE['resolution'])) {
    $resolution = $_COOKIE['resolution'];
} else {
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    preg_match('/\d+x\d+/', $user_agent, $matches);
    $resolution = $matches[0];
    setcookie('resolution', $resolution, time() + (1 * 30), '/');
}
// Collect timezone
$timezone = '';
if (isset($_COOKIE['timezone'])) {
    $timezone = $_COOKIE['timezone'];
} else {
    $dateTimeZone = new DateTimeZone(date_default_timezone_get());
    $offsetSeconds = $dateTimeZone->getOffset(new DateTime());
    $timezone = $offsetSeconds / 60 / 60;
    setcookie("timezone", $timezone, time() + (1 * 30), "/");
}
// Collect operating system and other computer information
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$os = '';
if (preg_match('/windows|win32/i', $user_agent)) {
    $os = 'Windows';
} elseif (preg_match('/macintosh|mac os x/i', $user_agent)) {
    $os = 'Mac';
} elseif (preg_match('/linux/i', $user_agent)) {
    $os = 'Linux';
} elseif (preg_match('/ubuntu/i', $user_agent)) {
    $os = 'Ubuntu';
} elseif (preg_match('/android/i', $user_agent)) {
    $os = 'Android';
} elseif (preg_match('/ios/i', $user_agent)) {
    $os = 'iOS';
}
setcookie('os', $os, time() + (1 * 30), '/');
// Collect screen DPI
$screen_dpi = '';
if (isset($_COOKIE['screen_dpi'])) {
    $screen_dpi = $_COOKIE['screen_dpi'];
} else {
    $screen_dpi = $_SERVER['HTTP_DPR'];
    setcookie('screen_dpi', $screen_dpi, time() + (1 * 30), '/');
}
?>
<script>
var canvas = document.createElement("canvas");
var gl = canvas.getContext("webgl");
var renderer = gl.getParameter(gl.RENDERER);
document.cookie = "gpu=" + renderer;
var ram = navigator.deviceMemory;
document.cookie = "ram=" + ram;
var cores = navigator.hardwareConcurrency;
document.cookie = "cpu=" + cores;
</script>
<?php
$cpu = $_COOKIE['cpu'];
$ram = $_COOKIE['ram'];
$gpu = $_COOKIE['gpu'];
// Create the fingerprint
$fingerprint = md5($gpu . $ram . $cpu . $language . $screen_dpi . $resolution . $timezone . $os);
setcookie('fingerprint', $fingerprint, time() + (86400 * 30), '/');
?>


Would there be someone or anyone knowledgeable enough to add some inputs?NOT changeable or terribly- very hard to change? also more unique hopefully - more information to collect.
Report
#2
null Wrote: I came across this idea that instead of banning the users - why not ban fingerprints?
a sophisticated combination of information/data that determines if its the same machine/device or not, but still ends up with the same probs:  changing browsers changes the fingerprint:



Code:
<html>
    <!DOCTYPE html>
<html lang="en">
    <noscript><h3> You must have JavaScript enabled in order to use this order form. Please
      enable JavaScript and then reload this page in order to continue. </h3>
      <meta HTTP-EQUIV="refresh" content=0;url="jsblock.html"></noscript>
</html>
<?php
$ipaddy = $_SERVER['REMOTE_ADDR'];
$fstatus = "Good";
$ticket = $_COOKIE['ticket'];
// Check if cache is allowed
// Collect browser language
$language = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
// Collect screen resolution
$resolution = '';
if (isset($_COOKIE['resolution'])) {
    $resolution = $_COOKIE['resolution'];
} else {
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    preg_match('/\d+x\d+/', $user_agent, $matches);
    $resolution = $matches[0];
    setcookie('resolution', $resolution, time() + (1 * 30), '/');
}
// Collect timezone
$timezone = '';
if (isset($_COOKIE['timezone'])) {
    $timezone = $_COOKIE['timezone'];
} else {
    $dateTimeZone = new DateTimeZone(date_default_timezone_get());
    $offsetSeconds = $dateTimeZone->getOffset(new DateTime());
    $timezone = $offsetSeconds / 60 / 60;
    setcookie("timezone", $timezone, time() + (1 * 30), "/");
}
// Collect operating system and other computer information
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$os = '';
if (preg_match('/windows|win32/i', $user_agent)) {
    $os = 'Windows';
} elseif (preg_match('/macintosh|mac os x/i', $user_agent)) {
    $os = 'Mac';
} elseif (preg_match('/linux/i', $user_agent)) {
    $os = 'Linux';
} elseif (preg_match('/ubuntu/i', $user_agent)) {
    $os = 'Ubuntu';
} elseif (preg_match('/android/i', $user_agent)) {
    $os = 'Android';
} elseif (preg_match('/ios/i', $user_agent)) {
    $os = 'iOS';
}
setcookie('os', $os, time() + (1 * 30), '/');
// Collect screen DPI
$screen_dpi = '';
if (isset($_COOKIE['screen_dpi'])) {
    $screen_dpi = $_COOKIE['screen_dpi'];
} else {
    $screen_dpi = $_SERVER['HTTP_DPR'];
    setcookie('screen_dpi', $screen_dpi, time() + (1 * 30), '/');
}
?>
<script>
var canvas = document.createElement("canvas");
var gl = canvas.getContext("webgl");
var renderer = gl.getParameter(gl.RENDERER);
document.cookie = "gpu=" + renderer;
var ram = navigator.deviceMemory;
document.cookie = "ram=" + ram;
var cores = navigator.hardwareConcurrency;
document.cookie = "cpu=" + cores;
</script>
<?php
$cpu = $_COOKIE['cpu'];
$ram = $_COOKIE['ram'];
$gpu = $_COOKIE['gpu'];
// Create the fingerprint
$fingerprint = md5($gpu . $ram . $cpu . $language . $screen_dpi . $resolution . $timezone . $os);
setcookie('fingerprint', $fingerprint, time() + (86400 * 30), '/');
?>


Would there be someone or anyone knowledgeable enough to add some inputs?NOT changeable or terribly- very hard to change? also more unique hopefully - more information to collect.

A few considerations you might want to address:

Cookie Handling:
The script is trying to read cookies immediately after setting them in the same script, which will not work. PHP is a server-side language, and JavaScript is a client-side language. PHP will run and finish before the JavaScript code is even sent to the client, so cookies set by JavaScript will not be available in the same PHP script. You might want to use AJAX to send the JavaScript-derived values to a PHP script.

Resolution Handling:
Your script attempts to get the screen resolution from the user-agent. User-agent strings usually don't contain screen resolution data. You should instead use JavaScript to get this information.

OS Detection:
This method of OS detection isn't very reliable. User-agents can be easily spoofed, and they can also be very diverse and not necessarily contain the OS in the format you're checking. A more reliable way would be to use an existing library designed for parsing user-agents.

GDPR Compliance:
If you are targeting users in the EU or California, you should ensure that your fingerprinting practices are compliant with GDPR and CCPA respectively. These regulations require you to inform users about tracking and provide them with the option to opt out.

Unique Fingerprints:
Even with all of this data, you may not always get a unique fingerprint. Many users can have the same OS, screen DPI, resolution, timezone, and even language settings. Also, privacy-focused browsers and extensions can limit the accuracy of device fingerprinting.

Check below: 



Code:
<?php
$ipaddy = $_SERVER['REMOTE_ADDR'];
$fstatus = "Good";
$ticket = $_COOKIE['ticket'];

// Collect browser language
$language = $_SERVER['HTTP_ACCEPT_LANGUAGE'];

// Collect operating system and other computer information
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$os = '';
if (preg_match('/windows|win32/i', $user_agent)) {
    $os = 'Windows';
} elseif (preg_match('/macintosh|mac os x/i', $user_agent)) {
    $os = 'Mac';
} elseif (preg_match('/linux/i', $user_agent)) {
    $os = 'Linux';
} elseif (preg_match('/ubuntu/i', $user_agent)) {
    $os = 'Ubuntu';
} elseif (preg_match('/android/i', $user_agent)) {
    $os = 'Android';
} elseif (preg_match('/ios/i', $user_agent)) {
    $os = 'iOS';
}
setcookie('os', $os, time() + (1 * 30), '/');
?>
<script>
// Collect screen resolution
var resolution = window.screen.width + "x" + window.screen.height;
document.cookie = "resolution=" + resolution;

// Collect timezone
var timezone = new Date().getTimezoneOffset() / -60;
document.cookie = "timezone=" + timezone;

// Collect screen DPI
var screen_dpi = window.devicePixelRatio;
document.cookie = "screen_dpi=" + screen_dpi;

var canvas = document.createElement("canvas");
var gl = canvas.getContext("webgl");
var renderer = gl.getParameter(gl.RENDERER);
document.cookie = "gpu=" + renderer;

var ram = navigator.deviceMemory;
document.cookie = "ram=" + ram;

var cores = navigator.hardwareConcurrency;
document.cookie = "cpu=" + cores;

// Send data to server
var xhr = new XMLHttpRequest();
xhr.open("POST", "fingerprint.php", true);
xhr
                                                                                              ~  O p t i m u s   C r i m e ~
Reply Quote // Report
#3
Browser fingerprints are always subject to change, even if people use the same browser. After a while they install new browser plugins, which causes the "plugins" feature to change. People install new software which will install more fonts, the "fonts" feature will change. Updating their browser will subsequently cause their user-agent to change. There have been multiple research papers discussing the stability of features, how long they stay stable and what the probability is that they change.

You could incorporate this in order to more accurately track your users when their fingerprint is changing. One of the solutions I used was using string similarity in Python (from difflib import SequenceMatcher). I would take all the device features, put them in a single string and when I saw a user with the same IP connecting but there was not a 1 on 1 fingerprint match I used this string similarity with a threshold of around 75% to try and map their newly (changed) fingerprint to their old one and follow them in time.

This approach with string similarity was also discussed in the following research paper: https://ieeexplore.ieee.org/stamp/stamp....er=8418634. If you are familiar with machine learning they also describe a hybrid approach which uses the probability of a feature changing to map new fingerprints to an old one of the same user.

I also set cookies, that way you could know 100% for sure if a user is the same as before, even though their fingerprint changed. However, people who are cautious about these things obviously delete them or don't allow them.

Fingerprinting is hard, people will always try and find a way around getting tracked and as a developer you should keep track on the latest technology and try and come up with smart solutions, combinations of features to use (like Nodes mentioned) in order to increase your accuracy.

One thing I noticed during my research was people using a user-agent spoofer only caused their HTTP header user-agent to change to a spoofer string: "(X36 NT 65.6; rv:712.8) 9fj3vFOb2Cry8ruuSVZDLZ Opera/14.4 WM93hokZjZX906Zsul1IAX1u799 AppleWebKit/102624877 ee8K9zxMyAn5gk eDcZx32LZNR93P hE991M4oZSkHexK cZ9rqSZ8tZt7GB". However when using javascript to extract their user-agent it would still return the original user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; ×64; rv:68.0) Gecko/20100101 Firefox/68.0". In these specific cases, the spoofer actually creates a more unique overall fingerprint, because the http-header and javascript user-agent are different. This causes the system to never mistake this user with a user who isn't using a spoofer and therefore has the same HTTP-header and Javascript user-agent.



My other post might help in relation to all of these.
                                                                                              ~  O p t i m u s   C r i m e ~
Reply Quote // Report


Quick Reply
Message
Type your reply to this message here.



Possibly Related Threads…
Thread Author Replies Views Last Post
  apart from wifi, how can someone get into my system? scripto3 3 206 05-01-2023, 01:48 AM
Last Post: lp922



Users browsing this thread: purely_cabbage
var thread_deleted = "0"; if(thread_deleted == "1") { $("#quick_reply_form, .new_reply_button, .thread_tools, .inline_rating").hide(); $("#moderator_options_selector option.option_mirage").attr("disabled","disabled"); }