Go Back   TechArena Community > Software > Software Development
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links

Using PHP to extract Source IP from email header input via HTML form

Software Development

Thread Tools Search this Thread
Old 01-05-2012
Join Date: May 2012
Posts: 1
Using PHP to extract Source IP from email header input via HTML form

I am very much a noob at PHP and have been trying to get a web page up that extracts source IP's from an email header that has been pasted in to a form.
I can get the data into an array but am having massive trouble getting the IP's to print. I am pasting in the code I am using below. Please dont laugh too much as I said I am very new to this and have been trying to teach myself as I go.

The html:
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>

<p>Enter the headers here: </p>
<form id="header" inputname="header" method="post" action="checkheader.php"><textarea name="headers" id="headers" class="box" type="text" rows="20" cols="130" ></textarea>
<input type="submit" />

The PHP:
$ipreg="/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/im";// /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/
echo count($stored);
And an example header (taken from a spam message)
Return-Path: <kenken_8880@yahoo.com>
Received: from fep08.mfe.bur.connect.com.au (mfep08.mbe.bur.connect.com.au [])
by mcn01 (Cyrus v2.1.18-CCA_b9) with LMTP; Sat, 28 Apr 2012 00:50:15 +1000
X-Sieve: CMU Sieve 2.2
Received: from fep08.mfe.bur.connect.com.au (localhost [])
by localhost.mfep08.connect.com.au (Postfix) with ESMTP id 6D9DB13355
for <timbass@aapt.net.au>; Sat, 28 Apr 2012 00:50:15 +1000 (EST)
Received: from bware04.bur.connect.com.au (bware04.bur.connect.com.au [])
by fep08.mfe.bur.connect.com.au (Postfix) with ESMTP id 5181A1334A
for <timbass@aapt.net.au>; Sat, 28 Apr 2012 00:50:15 +1000 (EST)
Authentication-Results: bware04.bur.connect.com.au
header.from=kenken_8880@yahoo.com; domainkeys=neutral (no sig)
Received: from nm17-vm10.bullet.mail.sg3.yahoo.com (nm17-vm10.bullet.mail.sg3.yahoo.com [])
by bware04.bur.connect.com.au (BorderWare Security Platform) with SMTP id FD5C78DA29008A4D
for <timbass@aapt.net.au>; Sat, 28 Apr 2012 00:50:14 +1000 (EST)
Received: from [] by nm17.bullet.mail.sg3.yahoo.com with NNFMP; 27 Apr 2012 14:50:14 -0000
Received: from [] by tm9.bullet.mail.sg3.yahoo.com with NNFMP; 27 Apr 2012 14:50:13 -0000
Received: from [] by smtp153.mail.sg3.yahoo.com with NNFMP; 27 Apr 2012 14:50:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1335538213; bh=G/EpuDM1NHRGk3zqlboZHdgTsi7MZNxK5d2VM2G0KeA=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:Message-IDate:Fromubject:To:Content-Type:MIME-Version:X-Mailer; b=bg3NakKWomvHD8JsrUcg38oY1wo7aIZmeLY2glPi9SweUkT8Eraag4rhTasTWDAzk6nH8lpprcm+CX28u1yHK0uCj51JTvmEu9 JG0anJmJB7qnx2C3H0j0kmQKzlR7MxmbgQtz6fdDasIN4SYyJt2invUlSeoB4e6Z0tlen9gBc=
X-Yahoo-Newman-Id: 982234.55022.bm@smtp153.mail.sg3.yahoo.com
X-Yahoo-Newman-Property: ymail-5
X-YMail-OSG: ioQGUHQVM1khkn4gVNtG5fj3OvLcl02KaqzhSm835IHEEd2
X-Yahoo-SMTP: VaaK2FWswBANOx4IY0VlY5PxOg2D.3jj
Received: from [] (kenken_8880@ with login)
by smtp153.mail.sg3.yahoo.com with SMTP; 27 Apr 2012 07:50:11 -0700 PDT
Message-ID: <4F9A6CD5.37A1AFEE@smtp.mail.yahoo.com>
Date: Fri, 27 Apr 2012 09:54:46 -0500
From: "kenken_8880@yahoo.com" <kenken_8880@yahoo.com>
Subject: FW: your arrest record
To: timbasham@embarqmail.com
Content-Type: multipart/alternative;
MIME-Version: 1.0
X-Mailer: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5+)
X-BTI-AntiSpam: score:58,sta:66/030,dnsbl:passed,sw:passed,bsn:42/passed,spf:none,bsctr:off,dk:passed,pbmf:none,ipr:1/3,trusted:no,ts:no,bs:no,ubl:passed
Received-SPF: none

Reply With Quote
Old 08-06-2012
Join Date: Jan 2006
Posts: 605
Re: Using PHP to extract Source IP from email header input via HTML form

You can try to capture IP packet whether it is UDP or Rtp from user space by going to winpcap website, they have a proper documentation which is very straight forware to use.
Reply With Quote

  TechArena Community > Software > Software Development
Tags: , , ,

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads for: "Using PHP to extract Source IP from email header input via HTML form"
Thread Thread Starter Forum Replies Last Post
Google Chrome is opening in basic HTML form instead of the Standard form Beatrix Technology & Internet 5 25-05-2011 10:21 PM
How to include Header & footer within HTML? seema_thk Software Development 3 09-12-2009 08:24 AM
HTML input type password Antarjot Software Development 3 18-11-2009 12:32 PM
HTML form get method TAMAR Software Development 2 22-06-2009 01:40 PM
Make a form in HTML, CSS, PHP Gyan Guru Guides & Tutorials 1 11-11-2008 05:26 PM

All times are GMT +5.5. The time now is 09:10 AM.