<a href="https://colab.research.google.com/github/Mauriciomsonic/laboratoriomsonicA.I./blob/main/Desafio_ML_Criando_um_Agente_para_Detec%C3%A7%C3%A3o_de_Vulnerabilidades_em_Arquiteturas.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [2]:
# LABORAT√ìRIO DE VULNERABILIDADES EDUCACIONAL - VERS√ÉO MELHORADA
# üõ°Ô∏è Com tratamento de erros e seguran√ßa refor√ßada

import socket
import threading
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import urlparse, parse_qs
import sqlite3
from html import escape
import time
import re
from random import randint

# =============================================================================
# 1. CONFIGURA√á√ïES DE SEGURAN√áA
# =============================================================================
DEFAULT_PORT = 8080
MAX_PORT_ATTEMPTS = 10
SECURITY_HEADERS = {
    'X-Content-Type-Options': 'nosniff',
    'X-Frame-Options': 'DENY',
    'X-XSS-Protection': '1; mode=block',
    'Content-Security-Policy': "default-src 'self'",
    'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
}

# =============================================================================
# 2. HANDLER SEGURO
# =============================================================================
class SecureHTTPHandler(BaseHTTPRequestHandler):

    timeout = 30  # 30 segundos

    def do_GET(self):
        try:
            self.connection.settimeout(self.timeout)
            parsed_path = urlparse(self.path)
            path = parsed_path.path

            # Adicionar headers de seguran√ßa
            for header, value in SECURITY_HEADERS.items():
                self.send_header(header, value)

            if path == '/':
                self.serve_homepage()
            elif path == '/search':
                self.serve_search(parsed_path)
            elif path == '/comment':
                self.serve_comment(parsed_path)
            elif path == '/secure':
                self.serve_secure()
            else:
                self.send_error(404, "P√°gina n√£o encontrada")

        except socket.timeout:
            self.log_error("Timeout na requisi√ß√£o")
            self.send_error(408, "Timeout")
        except Exception as e:
            self.log_error(f"Erro interno: {e}")
            self.send_error(500, "Erro interno do servidor")

    def serve_homepage(self):
        self.send_response(200)
        self.send_header('Content-type', 'text/html; charset=utf-8')
        self.end_headers()

        html = """
        <!DOCTYPE html>
        <html>
        <head>
            <title>üõ°Ô∏è Laborat√≥rio Seguro</title>
            <style>
                body { font-family: Arial, sans-serif; margin: 40px; }
                .vuln { background: #ffe6e6; padding: 20px; border-radius: 10px; margin: 10px 0; }
                .secure { background: #e6ffe6; padding: 20px; border-radius: 10px; margin: 10px 0; }
            </style>
        </head>
        <body>
            <h1>üîí Laborat√≥rio de Seguran√ßa</h1>

            <div class="vuln">
                <h2>üéØ Teste de Busca (Protegido)</h2>
                <form action="/search" method="GET">
                    <input type="text" name="query" placeholder="Buscar usu√°rios..." maxlength="50">
                    <input type="submit" value="Buscar">
                </form>
            </div>

            <div class="vuln">
                <h2>üéØ Teste de Coment√°rios (Protegido)</h2>
                <form action="/comment" method="GET">
                    <input type="text" name="text" placeholder="Deixe um coment√°rio..." maxlength="100">
                    <input type="submit" value="Comentar">
                </form>
            </div>

            <div class="secure">
                <h2>üìä Informa√ß√µes do Servidor</h2>
                <p>Porta: {{PORT}}</p>
                <p>Host: 127.0.0.1</p>
                <p>Headers de seguran√ßa ativos</p>
            </div>
        </body>
        </html>
        """.replace("{{PORT}}", str(self.server.server_port))

        self.wfile.write(html.encode('utf-8'))

    def serve_search(self, parsed_path):
        query_params = parse_qs(parsed_path.query)
        search_term = query_params.get('query', [''])[0]

        if not self.validate_input(search_term):
            self.send_error(400, "Input inv√°lido")
            return

        conn = sqlite3.connect('test.db')
        cursor = conn.cursor()

        try:
            # ‚úÖ PREPARED STATEMENT (Seguro)
            cursor.execute("SELECT * FROM users WHERE name LIKE ?", ('%' + search_term + '%',))
            results = cursor.fetchall()

            self.send_response(200)
            self.send_header('Content-type', 'text/html; charset=utf-8')
            self.end_headers()

            response = f"<h2>Resultados para: {escape(search_term)}</h2>"
            if results:
                response += "<ul>"
                for result in results:
                    response += f"<li>{escape(str(result))}</li>"
                response += "</ul>"
            else:
                response += "<p>Nenhum resultado encontrado</p>"
            response += '<br><a href="/">Voltar</a>'

            self.wfile.write(response.encode('utf-8'))

        except Exception as e:
            self.log_error(f"Erro DB: {e}")
            self.send_error(500, "Erro no banco de dados")
        finally:
            conn.close()

    def serve_comment(self, parsed_path):
        query_params = parse_qs(parsed_path.query)
        comment = query_params.get('text', [''])[0]

        if not self.validate_input(comment):
            self.send_error(400, "Input inv√°lido")
            return

        self.send_response(200)
        self.send_header('Content-type', 'text/html; charset=utf-8')
        self.end_headers()

        # ‚úÖ OUTPUT ESCAPADO
        response = f"<h2>√öltimo coment√°rio:</h2>"
        response += f"<p>{escape(comment)}</p>"
        response += '<br><a href="/">Voltar</a>'

        self.wfile.write(response.encode('utf-8'))

    def serve_secure(self):
        self.send_response(200)
        self.send_header('Content-type', 'text/html; charset=utf-8')
        self.end_headers()

        secure_html = """
        <!DOCTYPE html>
        <html>
        <head>
            <title>üõ°Ô∏è Vers√£o Segura</title>
            <style>body { font-family: Arial; margin: 40px; }</style>
        </head>
        <body>
            <h1>üõ°Ô∏è Medidas de Seguran√ßa Implementadas</h1>
            <ul>
                <li>‚úÖ Prepared statements contra SQL Injection</li>
                <li>‚úÖ Escape de output contra XSS</li>
                <li>‚úÖ Valida√ß√£o de input</li>
                <li>‚úÖ Headers de seguran√ßa HTTP</li>
                <li>‚úÖ Timeout de conex√£o</li>
                <li>‚úÖ Bind em 127.0.0.1</li>
            </ul>
            <a href="/">Voltar</a>
        </body>
        </html>
        """
        self.wfile.write(secure_html.encode('utf-8'))

    def validate_input(self, input_str):
        """Valida√ß√£o rigorosa de input"""
        if len(input_str) > 100:
            return False
        # Permitir apenas caracteres alfanum√©ricos e alguns especiais
        if not re.match(r'^[a-zA-Z0-9\s√°√†√¢√£√©√®√™√≠√Ø√≥√¥√µ√∂√∫√ß√±√Å√Ä√Ç√É√â√à√ä√ç√è√ì√î√ï√ñ√ö√á√ë!?.,@#$%&*()\-_+=:;<>\/\\\[\]{}| ]+$', input_str):
            return False
        return True

    def log_message(self, format, *args):
        # Log formatado
        super().log_message(format, *args)

# =============================================================================
# 3. FUN√á√ïES AUXILIARES
# =============================================================================
def setup_database():
    """Configurar banco de dados de teste"""
    conn = sqlite3.connect('test.db')
    cursor = conn.cursor()

    cursor.execute('''
    CREATE TABLE IF NOT EXISTS users (
        id INTEGER PRIMARY KEY,
        name TEXT,
        email TEXT
    )
    ''')

    users = [
        ('Alice Silva', 'alice@email.com'),
        ('Bob Santos', 'bob@email.com'),
        ('Carlos Oliveira', 'carlos@email.com')
    ]

    cursor.executemany('INSERT OR IGNORE INTO users (name, email) VALUES (?, ?)', users)
    conn.commit()
    conn.close()

def find_available_port(start_port, max_attempts=10):
    """Encontrar uma porta dispon√≠vel"""
    for port in range(start_port, start_port + max_attempts):
        try:
            with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
                s.bind(('127.0.0.1', port))
                return port
        except OSError:
            continue
    return None

# =============================================================================
# 4. SERVIDOR PRINCIPAL
# =============================================================================
def run_secure_server():
    """Iniciar servidor com tratamento de erros"""

    # Configurar banco
    setup_database()
    print("‚úÖ Banco de dados configurado")

    # Encontrar porta dispon√≠vel
    port = find_available_port(DEFAULT_PORT, MAX_PORT_ATTEMPTS)
    if port is None:
        print("‚ùå N√£o foi poss√≠vel encontrar uma porta dispon√≠vel")
        return

    server_address = ('127.0.0.1', port)

    try:
        server = HTTPServer(server_address, SecureHTTPHandler)
        server.timeout = 30

        print(f"üõ°Ô∏è  Servidor seguro rodando em http://127.0.0.1:{port}")
        print("‚úÖ Headers de seguran√ßa implementados")
        print("‚úÖ Valida√ß√£o de input ativada")
        print("‚úÖ Timeout configurado (30s)")
        print("üõë Pressione Ctrl+C para parar o servidor")

        server.serve_forever()

    except OSError as e:
        if e.errno == 98:  # Address already in use
            print(f"‚ùå Porta {port} j√° est√° em uso. Tentando outra...")
            # Tentar automaticamente outra porta
            new_port = find_available_port(port + 1, 5)
            if new_port:
                print(f"üîÑ Tentando porta {new_port}...")
                server_address = ('127.0.0.1', new_port)
                server = HTTPServer(server_address, SecureHTTPHandler)
                server.serve_forever()
            else:
                print("‚ùå N√£o foi poss√≠vel iniciar o servidor. Todas as portas est√£o ocupadas.")
        else:
            print(f"‚ùå Erro ao iniciar servidor: {e}")

    except KeyboardInterrupt:
        print("\nüõë Servidor parado pelo usu√°rio")

    except Exception as e:
        print(f"‚ùå Erro inesperado: {e}")

# =============================================================================
# 5. EXECU√á√ÉO
# =============================================================================
if __name__ == "__main__":
    print("üöÄ Iniciando Laborat√≥rio de Seguran√ßa")
    print("‚ö†Ô∏è  APENAS PARA FINS EDUCACIONAIS ‚ö†Ô∏è")
    print("=" * 50)

    run_secure_server()



üöÄ Iniciando Laborat√≥rio de Seguran√ßa
‚ö†Ô∏è  APENAS PARA FINS EDUCACIONAIS ‚ö†Ô∏è
‚úÖ Banco de dados configurado
üõ°Ô∏è  Servidor seguro rodando em http://127.0.0.1:8081
‚úÖ Headers de seguran√ßa implementados
‚úÖ Valida√ß√£o de input ativada
‚úÖ Timeout configurado (30s)
üõë Pressione Ctrl+C para parar o servidor

üõë Servidor parado pelo usu√°rio
