An external image showing your user-agent and the total "hit count"

  • Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    arrow-up
    169
    ·
    1 year ago

    Made a meme one that took 3 minutes to program, 5 minutes to find a good offline GeoIP location source for, 10 minutes to come up with a design for, and half an hour to make sure nothing got logged by the web server.

    An image that tells you where you live based on your GeoIP location

    • vithigar@lemmy.ca
      link
      fedilink
      arrow-up
      26
      ·
      1 year ago

      Joke’s on you. IP geolocation where I am is an unreliable mess and your image got it wrong by about 1000km!

    • lFenix@lemmy.ml
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      I’m not using a VPN or anything and it got my location wrong by 700 kilometers 🤔

    • mim@lemmy.sdf.org
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Thanks for the heads-up.

      Routing my Lemmy mobile app through orbot from now on. Seems to have fixed the issue.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        arrow-up
        25
        ·
        edit-2
        1 year ago

        The image is generated on demand by a PHP script. It’s not a static image file. Every time the web browser sends a GET /poc.png, a new image is generated based on the information your browser or app sends the server.

        It’s actually how a lot of tracking code works. The image data returned may be the same, but the data collection through cookies and maybe even some passive fingerprinting all happen every time you send a request.

      • lightstream@lemmy.ml
        link
        fedilink
        arrow-up
        12
        ·
        1 year ago

        It’s not the image, it’s a normal image. The server does the hard work when you make the request, and then it just builds the image accordingly.

        • SokathHisEyesOpen@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Yeah I saw OPs explanation in the comments. That is fucking cool! And scary! I’ve never needed to generate images with code before, so Ive never even considered something like this before.

    • Rin@beehaw.org
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      I was wondering for a second why my town of all places was posted lmao. Also made me realize I forgot to turn my vpn back on.

    • LucyLastic@beehaw.org
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      This is great, because it located me about a full day’s drive from where I live, so I’m still pretty anonymous :-)

    • TriLinder@lemmy.mlOP
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Thought about adding the user’s location, but was worried PythonAnywhere could somehow cache the image between multiple people. A great demo though!

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        arrow-up
        17
        ·
        edit-2
        1 year ago

        Probably has bugs. Probably no security bugs. Feedback is welcome (but I don’t care enough about this to try my hardest).

        require_once('/var/www/html/geoip2.phar');
        use GeoIp2\Database\Reader;
        
        $ip = $_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR'];
        
        $cityReader = new Reader('/var/local/php/GeoLite2-City.mmdb');
        $record = $cityReader->city($ip);
        
        header('Content-Type: image/png');
        
        $image = @imagecreatefrompng('lemmybase.png');
        
        $black = imagecolorallocate($image, 0, 0, 0);
        
        // "Some City, SS, Country Name"
        $text = $record->city->name . ', ' . $record->mostSpecificSubdivision->isoCode . ', ' . $record->country->name;
        
        /* $font_path = '/tmp/ComicSand.ttf'; */
        $font_path = '/usr/share/fonts/ubuntu/Ubuntu-M.ttf';
        
        // Render text
        imagettftext($image, 30, 0, 28, 224, $black, $font_path, chunk_split($text, 22));
        
        // Dump image to web server
        imagepng($image);
        
        // Free resources
        imagedestroy($image);
        

        Edit: damn, Lemmy really hates < ? php. Just imagine that’s the first line in the file.

          • PHP is underappreciated, especially recent PHP. Null coalescing operators! Actually typed variables that produce an error if you pass the wrong type! It’s superior to Python despite it’s mid-2000s-spaghetti-college-kid-developer reputation.

            Hell, I may get downvoted for this, but I honestly believe PHP’s Doctrine is superior to Java/Kotlin’s Hibernate. Symfony and Spring are almost equally good in terms of functionality, though PHP is quite a lot slower, sadly.

          • SokathHisEyesOpen@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            PHP is the OG bad-ass for getting shit done. No setup, no compile, no deployment pipelines. Hell, you can create and write the files right there on the server with nothing more than an SSH terminal if you want.

      • I originally planned to do something based on the Referer header, but the browser doesn’t send those for linked images.

        In theory you can do a lot with this. Detect VPNs based on MTU, for example, or if you’re malicious, turn it into a tracker.

        • newIdentity@sh.itjust.works
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          I’m plannig to make one of these “dox’d memes” where someone says something controversial and another one answers with the ip address.

          • Ah, I see! I was also thinking of maybe using something like Google Earth to make a GIF that zooms into your local area but that was waaaaaaay to computationally expensive to render on the server.

    • skankhunt42@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I hate this so much. Its super cool but MAN what the hell. I don’t think I’m going to ever turn off my VPN anymore. I’m in a super small town and that image is correct.

      It’s cached somewhere because I can’t get it to update. Maybe time for a new account too. Hmmmm