Advertisement
MarkehMe

Markeh.me - WHMCS Attacker Logger

Dec 11th, 2011
116
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.51 KB | None | 0 0
  1. <?php
  2.     /*
  3.      * (C) Mark Hughes, 2011
  4.      * www.markeh.me
  5.      */
  6.    
  7.     // You only need to change this value  
  8.     $your_email = "mark@nivsu.com";
  9.    
  10.     // ------//
  11.     $email = "The attacker supplied us with the following infomration:\r\n";
  12.    
  13.     if(isset($_SERVER["REMOTE_ADDR"])) {
  14.         $email .="_SERVER[REMOTE_ADDR] = {$_SERVER["REMOTE_ADDR"]} - Host: " . gethostbyaddr($_SERVER["REMOTE_ADDR"]) . "\r\n";
  15.     }
  16.    
  17.     if(isset($_SERVER["HTTP_CLIENT_IP"])) {
  18.         $email .="_SERVER[HTTP_CLIENT_IP] = {$_SERVER["HTTP_CLIENT_IP"]} - Host: " . gethostbyaddr($_SERVER["HTTP_CLIENT_IP"]) . "\r\n";
  19.     }
  20.    
  21.     if(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
  22.         $email .="_SERVER[HTTP_X_FORWARDED_FOR] = {$_SERVER["HTTP_X_FORWARDED_FOR"]} - Host: " . gethostbyaddr($_SERVER["HTTP_X_FORWARDED_FOR"]) . "\r\n";
  23.     }
  24.    
  25.     if(isset($_SERVER["HTTP_X_FORWARDED"])) {
  26.         $email .="_SERVER[HTTP_X_FORWARDED] = {$_SERVER["HTTP_X_FORWARDED"]} - Host: " . gethostbyaddr($_SERVER["HTTP_X_FORWARDED"]) . "\r\n";
  27.     }
  28.    
  29.     if(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
  30.         $email .="_SERVER[HTTP_FORWARDED_FOR] = {$_SERVER["HTTP_FORWARDED_FOR"]} - Host: " . gethostbyaddr($_SERVER["HTTP_FORWARDED_FOR"]) . "\r\n";
  31.     }
  32.    
  33.     if(isset($_SERVER["HTTP_FORWARDED"])) {
  34.         $email .="_SERVER[HTTP_FORWARDED] = {$_SERVER["HTTP_FORWARDED"]} - Host: " . gethostbyaddr($_SERVER["HTTP_FORWARDED"]) . "\r\n";
  35.     }
  36.    
  37.     $email .= "User Agent: {$_SERVER['HTTP_USER_AGENT']}\r\n";
  38.     $email .= "Referred: {$_SERVER['HTTP_REFERER']}\r\n";
  39.  
  40.     mail($your_email, "We caught an attempted attacker!", $email);
  41.    
  42. ?>
  43.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement