How can anyone find the IP address or ISP of another member in a forum or website?

How can anyone find the IP address or ISP of another member in a forum or website?

!!!!THIS IS NOT GOING TO USED!!!!!!!!!

I AM JUST ASKING FOR THEORETICAL REASONS

(just to clarify it):D

WordofMight wrote: !!!!THIS IS NOT GOING TO USED!!!!!!!!! I AM JUST ASKING FOR THEORETICAL REASONS

Yeah everyone does that…

Sorry though, I can't help you out here. Besides I don't think forums actually give you the users true IP but I could be wrong so don't quote me on that lol

create a server.

open notepad

<?php
putenv("TZ=GMT+1"); //Set this to whatever timezone the forum of interest is. Takes some fiddling.

function clean ($var)
{
return htmlspecialchars($var);
}

$ip = clean($_SERVER['REMOTE_ADDR']);
	
$ref = clean($_SERVER['HTTP_REFERER']);
$time = time();
$readable_time = date("Y\-m\-d\, H\:i"); 
$entry = "|<u>$time ($readable_time)</u>| <b>IP:</b> $ip, <b>Ref:</b> $ref<br /> \r\n";

$fp = fopen('iplog.html', "a") or die('Cannot open logfile');
fwrite($fp, $entry);
fclose($fp);





###OUTPUT IMAGE###
$file = "imagesource.gif";
$fp = fopen($file, "r") or die('Cannot grab image source');
$content = fread($fp, filesize($file));
header("Content-type: image/gif");
echo $content;
fclose($fp);
?>

Then make a .htaccess file in the same folder:

AddHandler application/x-httpd-php .gif

This allows .gif files to process php. Now, simply put a 'imagesource.gif' in the directory and link to the original image (whatever you saved the php under. Remember, save it as a .gif file aswell). Should do the trick, it logs IP adresses of viewers. Very simple really.

Taken down now lol.

that's pretty interesting

slpctrl wrote: $ip = clean($_SERVER['REMOTE_ADDR']);

Is that necessary?

and yeah, maybe just stick it as your avatar or sig.

unless you want a specific IP, then link somebody like "check out this cool image" and put up some random lolcat or who knows.

hmm what kind of defense against this is there? code the forum to search each image for code i guess?

slpctrl wrote: hmm what kind of defense against this is there? code the forum to search each image for code i guess?

I'd like to know this too.

Feralas wrote: [quote]slpctrl wrote: hmm what kind of defense against this is there? code the forum to search each image for code i guess?

I'd like to know this too.[/quote]

Ahh lol quoted wrong person :p anyways, I doubt there's any really, a proxy would disguise the IP it places in the table but you can't prevent an IP from appearing because of the way packets of data are sent to your IP from the server. I can't wrap my head around a way to defend against it anyways.

maybe the forum could copy all images over to its own directory, and display them from there?

DigitalFire wrote: maybe the forum could copy all images over to its own directory, and display them from there?

Oh, you meant server side? You could, there might be some issues namely images that are drawn in PHP (like the one above) if the images are being drawn from an external image source for other reasons (some are) it wouldn't display anything.

slpctrl wrote: Oh, you meant server side? You could, there might be some issues namely images that are drawn in PHP (like the one above) if the images are being drawn from an external image source for other reasons (some are) it wouldn't display anything.

Yeah server side image copying. thats true that some things wouldnt work, but it would protect users.

and for userbars that say like "ranked 7 out of 100" or something like that, as long as it requests a new image to copy over, it should keep updated and display properly.

even if the image is drawn in PHP, it still produces a .gif or .png, so are you sure there would be problems?

if there are, then it might just be the price to pay for better security.

have you tried this on HBH? it would seem like this would work on HBH, doesnt it?

or you could just not click on the link to go wherever he wants you to go. i think that would solve the problem.