-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdistributed_attack.php
More file actions
114 lines (93 loc) · 3.47 KB
/
distributed_attack.php
File metadata and controls
114 lines (93 loc) · 3.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
/**
* @copyright ©2025 Maatify.dev
* @Library maatify/security-guard
* @Project maatify:security-guard
* @author Mohamed Abdulalim (megyptm) <mohamed@maatify.dev>
* @since 2025-12-11 09:30
* @see https://www.maatify.dev Maatify.dev
* @link https://github.com/Maatify/security-guard view Project on GitHub
* @note Distributed in the hope that it will be useful - WITHOUT WARRANTY.
*/
declare(strict_types=1);
/**
* Phase 5 – Slim PRO Example #4
* DISTRIBUTED ATTACK SIMULATION (STRICT)
*
* Demonstrates:
* - Multiple attackers from different IPs
* - All targeting the same account (subject)
* - How Phase 5 detects cross-IP attack patterns automatically
* - How block() applies regardless of attacker IP
*/
use Maatify\SecurityGuard\Config\SecurityConfig;
use Maatify\SecurityGuard\Config\SecurityConfigDTO;
use Maatify\SecurityGuard\Config\Enum\IdentifierModeEnum;
use Maatify\SecurityGuard\DTO\LoginAttemptDTO;
use Maatify\SecurityGuard\Service\SecurityGuardService;
// -------------------------------------------------------------
// Load Slim app + DI container
// -------------------------------------------------------------
$app = require __DIR__ . '/../bootstrap.php';
/** @var SecurityGuardService $guard */
$guard = $app->getContainer()->get(SecurityGuardService::class);
// -------------------------------------------------------------
// HIGH-SENSITIVITY CONFIG (STRICT)
// -------------------------------------------------------------
$dto = new SecurityConfigDTO(
windowSeconds : 60,
blockSeconds : 600, // 10 minutes
maxFailures : 5,
identifierMode : IdentifierModeEnum::IDENTIFIER_AND_IP,
keyPrefix : "dist:",
backoffEnabled : true,
initialBackoffSeconds: 20,
backoffMultiplier : 2.0,
maxBackoffSeconds : 300
);
$guard->setConfig(new SecurityConfig($dto));
echo "\n=== PRO Example #4 — DISTRIBUTED ATTACK SIMULATION (STRICT) ===\n\n";
// Victim account
$subject = "victim@example.com";
// Botnet list
$attackIps = [
"102.55.22.10",
"185.77.90.44",
"91.201.30.88",
"203.0.113.77",
"198.51.100.66",
"45.85.190.23",
];
echo "Target subject: {$subject}\n";
echo "Botnet attackers: " . count($attackIps) . " IPs\n\n";
$window = $dto->windowSeconds;
// -------------------------------------------------------------
// SIMULATE THE ATTACK
// -------------------------------------------------------------
$attemptNo = 0;
foreach ($attackIps as $attackerIp) {
$attemptNo++;
echo "→ Attack Attempt #{$attemptNo} from IP {$attackerIp}\n";
$dtoAttempt = LoginAttemptDTO::now(
ip : $attackerIp,
subject : $subject,
resetAfter: $window,
userAgent : "BOT/1.0",
context : [
'pro' => 'distributed_attack',
'bot_source' => $attackerIp,
'seq' => $attemptNo,
]
);
$result = $guard->handleAttempt($dtoAttempt, false);
// Has the system detected distributed behaviour?
if ($guard->isBlocked($attackerIp, $subject)) {
$remaining = $guard->getRemainingBlockSeconds($attackerIp, $subject);
echo "🚫 BLOCKED — Target account is locked\n";
echo "Remaining block time: {$remaining} sec\n\n";
echo "Distributed attack successfully mitigated.\n";
echo "=== END OF DISTRIBUTED ATTACK SIMULATION ===\n\n";
break;
}
echo "Failure count returned: {$result}\n\n";
}