Somebody is trying to phish me, they are pretending to be one of my close friends to humiliate both of us. This person has created a fake email account, impersonating the person, and trying to get personal info out of me. I made sure with my friend that it wasn't actually him, now we're trying to figure out who it is.
I want to send them a link to some kind of PHP or JS page, to collect at least a little info about their client (browser, operating system, maybe ISP location?), and then forward them to an actual website (like a youtube video or something).
Having very basic knowledge of PHP, I'd really appreciate any kind of script that would allow me to gather some basic info.
Thank you!
PHP:
Data retrieval
The basic redirection can be done very easily (in PHP, before any output):
However if you send this, his browser will not load any javascript or HTML on your fake page. You'll still be able to collect the following from $_SERVER superglobal variable:
HTTP_USER_AGENT
- whatever his browser sends as it's identificationREMOTE_ADDR
- his IP (or the server proxy IP)Here's whole
$_SERVER
variable dump.Data saving
It's quite easy to save data in PHP. If you're lazy, you can just use file_put_contents:
The
true
inprint_f
causes the function to return string, instead of printing it.Javascript
Data retrieval
Javascript can allow you to access information about browser too. But any personal information can only be retrieved after user explicitly allows it.
The redirection then can be done using:
So this is what you can get:
Without permission
navigator.userAgent
- same as user agent in PHP, but I think this one can not be hidden as easily (some people install add-ons to hide their real user agent)With permission
With user permission, really interesting stuff can be retrieved:
Data saving
This is where it get's complicated: you need time to send data from user's browser to your server. Possible solutions:
Synchronous request
Normally, when loading/sending data, javascript sends the request, assigns function to be performed when it finishes and ends:
Now if you redirect user somewhere else, the request may be stopped. However, you can set the request to be blocking/synchronous (or you can redirect after the request finishes, which may be suspitious)
In the second case, the browser may become unresponsive, which is actually less suspicious than getting stuck on a blank page.
navigator.sendBeacon
Read on MDN. Doesn't work in all browsers.
Psychology
The solution I'd go for would not go through computer hacking but social engineering. I would play his game and eventually discover who he is (provided I know the person in real life). Every person has a behavioral and expressional characteristic. The fact they are pretending they are somebody else does not matter as much as it may seem.
In fact, any computer security is best broken using the computer user. The same goes for any other kind of security or secrecy.