|
| ||||||||||
| Tags: email, email ip extraction, html, php |
Sponsored Links
Using PHP to extract Source IP from email header input via HTML form
Software Development
 |
| | Thread Tools | Search this Thread |
|
| ||||||||||
| Tags: email, email ip extraction, html, php |
|
| | Thread Tools | Search this Thread |
|
#1
01-05-2012
| |||
| |||
| Using PHP to extract Source IP from email header input via HTML form
I am very much a noob at PHP and have been trying to get a web page up that extracts source IP's from an email header that has been pasted in to a form. I can get the data into an array but am having massive trouble getting the IP's to print. I am pasting in the code I am using below. Please dont laugh too much as I said I am very new to this and have been trying to teach myself as I go. The html: <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <p>Enter the headers here: </p> <p> </p> <form id="header" inputname="header" method="post" action="checkheader.php"><textarea name="headers" id="headers" class="box" type="text" rows="20" cols="130" ></textarea> <input type="submit" /> </form> </body> </html> The PHP: <?php $header=$_POST['headers']; $ipreg="/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/im";// /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/ preg_match_all("/Received:.*((?:\d+\.){3}\d+)/",$header,$stored); print_r($stored); echo count($stored); ?> And an example header (taken from a spam message) Return-Path: <kenken_8880@yahoo.com> Received: from fep08.mfe.bur.connect.com.au (mfep08.mbe.bur.connect.com.au [203.63.232.28]) by mcn01 (Cyrus v2.1.18-CCA_b9) with LMTP; Sat, 28 Apr 2012 00:50:15 +1000 X-Sieve: CMU Sieve 2.2 Received: from fep08.mfe.bur.connect.com.au (localhost [127.0.0.1]) by localhost.mfep08.connect.com.au (Postfix) with ESMTP id 6D9DB13355 for <timbass@aapt.net.au>; Sat, 28 Apr 2012 00:50:15 +1000 (EST) Received: from bware04.bur.connect.com.au (bware04.bur.connect.com.au [210.8.230.175]) by fep08.mfe.bur.connect.com.au (Postfix) with ESMTP id 5181A1334A for <timbass@aapt.net.au>; Sat, 28 Apr 2012 00:50:15 +1000 (EST) Authentication-Results: bware04.bur.connect.com.au header.from=kenken_8880@yahoo.com; domainkeys=neutral (no sig) Received: from nm17-vm10.bullet.mail.sg3.yahoo.com (nm17-vm10.bullet.mail.sg3.yahoo.com [106.10.149.89]) by bware04.bur.connect.com.au (BorderWare Security Platform) with SMTP id FD5C78DA29008A4D for <timbass@aapt.net.au>; Sat, 28 Apr 2012 00:50:14 +1000 (EST) Received: from [106.10.166.120] by nm17.bullet.mail.sg3.yahoo.com with NNFMP; 27 Apr 2012 14:50:14 -0000 Received: from [106.10.167.180] by tm9.bullet.mail.sg3.yahoo.com with NNFMP; 27 Apr 2012 14:50:13 -0000 Received: from [127.0.0.1] by smtp153.mail.sg3.yahoo.com with NNFMP; 27 Apr 2012 14:50:13 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1335538213; bh=G/EpuDM1NHRGk3zqlboZHdgTsi7MZNxK5d2VM2G0KeA=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:Message-ID  ate:From ubject:To:Content-Type:MIME-Version:X-Mailer; b=bg3NakKWomvHD8JsrUcg38oY1wo7aIZmeLY2glPi9SweUkT8Eraag4rhTasTWDAzk6nH8lpprcm+CX28u1yHK0uCj51JTvmEu9 JG0anJmJB7qnx2C3H0j0kmQKzlR7MxmbgQtz6fdDasIN4SYyJt2invUlSeoB4e6Z0tlen9gBc=X-Yahoo-Newman-Id: 982234.55022.bm@smtp153.mail.sg3.yahoo.com X-Yahoo-Newman-Property: ymail-5 X-YMail-OSG: ioQGUHQVM1khkn4gVNtG5fj3OvLcl02KaqzhSm835IHEEd2 nPZ9Ve2PoKnwlpcntjCEQdCKmbW3dlmPslSS2EMzYSl32ntiWPxOwm0HE8eh TRoibAq13X2yNPvtV4YgofhnGg3Zk56t6UwEZdqdwmMHF3wkr6bZ_.E9DNLR X7r2QNmU8icr97WcgeyPUOjlZ9o_Bz._NStEOZ7TtFGeMZvIiBsH6xf8pP.k l0AhkP_LkA14x.cRElQxaNm6YIBYlqdLr7.Ry4zFHMOVDXXUMo4vBmx2lgg4 2FfIahUb.iKvX13QiKkiFLTuobXM2eRAMRxe_NEX1V1vTqa4guruAA85qgDm GgWY18daVOj_7GmBp4kuIe6JtWMZ5jSt1Evf.S3r5rmDexCA03sKgwsGBrbz J8iJz1LCvHiaOqE4R0LviWpFbyxUltDSrAaiDFAI3Igy79o1Szr85qip.5R9 GbvqPHjq2WBqECw-- X-Yahoo-SMTP: VaaK2FWswBANOx4IY0VlY5PxOg2D.3jj Received: from [192.168.1.1] (kenken_8880@180.252.140.97 with login) by smtp153.mail.sg3.yahoo.com with SMTP; 27 Apr 2012 07:50:11 -0700 PDT Message-ID: <4F9A6CD5.37A1AFEE@smtp.mail.yahoo.com> Date: Fri, 27 Apr 2012 09:54:46 -0500 From: "kenken_8880@yahoo.com" <kenken_8880@yahoo.com> Subject: FW: your arrest record To: timbasham@embarqmail.com Content-Type: multipart/alternative; boundary="nprc8bOdbL=_olGWFbMto1GfLmlfWflfo5" MIME-Version: 1.0 X-Mailer: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5+) Gecko/20011102 X-BTI-AntiSpam: score:58,sta:66/030,dnsbl:passed,sw:passed,bsn:42/passed,spf:none,bsctr:off,dk:passed,pbmf:none,ipr:1/3,trusted:no,ts:no,bs:no,ubl:passed Received-SPF: none  |
|
#2
08-06-2012
| |||
| |||
| Re: Using PHP to extract Source IP from email header input via HTML form
You can try to capture IP packet whether it is UDP or Rtp from user space by going to winpcap website, they have a proper documentation which is very straight forware to use. |
|
|
| Thread Tools | Search this Thread |
| |
Similar Threads for: "Using PHP to extract Source IP from email header input via HTML form" | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Google Chrome is opening in basic HTML form instead of the Standard form | Beatrix | Technology & Internet | 5 | 25-05-2011 10:21 PM |
| How to include Header & footer within HTML? | seema_thk | Software Development | 3 | 09-12-2009 08:24 AM |
| Input type radio in html | BoanHed | Software Development | 3 | 18-11-2009 01:07 PM |
| HTML form get method | TAMAR | Software Development | 2 | 22-06-2009 01:40 PM |
| Make a form in HTML, CSS, PHP | Gyan Guru | Guides & Tutorials | 1 | 11-11-2008 05:26 PM |
