Using PHP/JavaScript link to get information about site visitor

3.5k views Asked by At

Somebody is trying to phish me, they are pretending to be one of my close friends to humiliate both of us. This person has created a fake email account, impersonating the person, and trying to get personal info out of me. I made sure with my friend that it wasn't actually him, now we're trying to figure out who it is.

I want to send them a link to some kind of PHP or JS page, to collect at least a little info about their client (browser, operating system, maybe ISP location?), and then forward them to an actual website (like a youtube video or something).

Having very basic knowledge of PHP, I'd really appreciate any kind of script that would allow me to gather some basic info.

Thank you!

2

There are 2 answers

0
Tomáš Zato On

PHP:

Data retrieval

The basic redirection can be done very easily (in PHP, before any output):

header("Location: http://....");

However if you send this, his browser will not load any javascript or HTML on your fake page. You'll still be able to collect the following from $_SERVER superglobal variable:

  • HTTP_USER_AGENT - whatever his browser sends as it's identification
  • REMOTE_ADDR - his IP (or the server proxy IP)

Here's whole $_SERVER variable dump.

Data saving

It's quite easy to save data in PHP. If you're lazy, you can just use file_put_contents:

file_put_contents("info.txt", print_f($_SERVER, true));

The true in print_f causes the function to return string, instead of printing it.

Javascript

Data retrieval

Javascript can allow you to access information about browser too. But any personal information can only be retrieved after user explicitly allows it.

The redirection then can be done using:

window.location.href = "http://...";

So this is what you can get:

Without permission

With permission

With user permission, really interesting stuff can be retrieved:

Data saving

This is where it get's complicated: you need time to send data from user's browser to your server. Possible solutions:

Synchronous request

Normally, when loading/sending data, javascript sends the request, assigns function to be performed when it finishes and ends:

//Example of loading next page with AJAX
var req = new XMLHttpRequest();
req.open("POST", "http://...");
//This function will be started after the request finishes
req.onload = function() {
    showPage(this.responseText);
}
//The request starts and the javascript thread ends
req.send("page=2");

Now if you redirect user somewhere else, the request may be stopped. However, you can set the request to be blocking/synchronous (or you can redirect after the request finishes, which may be suspitious)

//Example of sending user info synchronously
var req = new XMLHttpRequest();
req.open("POST", "http://...", false);
//Let getuserInfo be function that creates the data
req.send(getUserInfo());
//Redirect when done
window.location = "http://...";

In the second case, the browser may become unresponsive, which is actually less suspicious than getting stuck on a blank page.

navigator.sendBeacon

Read on MDN. Doesn't work in all browsers.

Psychology

The solution I'd go for would not go through computer hacking but social engineering. I would play his game and eventually discover who he is (provided I know the person in real life). Every person has a behavioral and expressional characteristic. The fact they are pretending they are somebody else does not matter as much as it may seem.
In fact, any computer security is best broken using the computer user. The same goes for any other kind of security or secrecy.

2
Bijan On

You can get some information like IP and User Agent and write it to a file.

<?php
$fp = fopen("Output.txt","a");
$visitorIP       =   addslashes((getenv(HTTP_X_FORWARDED_FOR)) ? getenv(HTTP_X_FORWARDED_FOR) : getenv(REMOTE_ADDR));
$visitorBrowser =   addslashes(( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : 'Browser undetectable.');
$User_Info = "IP: " . $visitorIP . "\t\tUser Agent: " . $visitorBrowser . "\n";
fwrite($fp, $User_Info);
header( 'Location: http://REDIRECTURLHERE' ) ;
?>

The results will be in a file called Output.txt. From here you can have it re