1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP/curl pass ip address

Discussion in 'PHP & Perl' started by spag, Sep 5, 2008.

  1. spag

    spag Newbie Premium Member

    Joined:
    Sep 16, 2008
    Messages:
    18
    Likes Received:
    1
    Can someone help me with the code (if there is one) in curl or php to pass along the ip address of a site visitor to the destination site.

    Thanks,

    Spag
     
  2. goawayplease

    goawayplease Regular Member

    Joined:
    Apr 10, 2008
    Messages:
    299
    Likes Received:
    67
    CURL is a server side library which basically acts like a mini-tunnel from your server to your target host. Unless your user has a proxy on their system, I'm not sure you can use CURL to pass the IP.

    That being said, depending on what you're trying to grab with CURL you may be able to just output the source to the screen and let user's browser load the content.
     
  3. biglevel

    biglevel Guest

    You can't exactly "spoof" the CURL call with the clients IP. Unless the URL/URI you're posting data too is asking for an IP address.
     
  4. ewind

    ewind Registered Member

    Joined:
    Jul 2, 2008
    Messages:
    99
    Likes Received:
    10
    So is it a language like php?
     
  5. Chris Devon

    Chris Devon Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 2, 2008
    Messages:
    507
    Likes Received:
    192
    No, it's not a language. It's a PHP library to fetch data from remote sites
     
  6. ewind

    ewind Registered Member

    Joined:
    Jul 2, 2008
    Messages:
    99
    Likes Received:
    10
    If its not a language then how do you use it? Should it be installed at we*b h0st?
     
  7. spag

    spag Newbie Premium Member

    Joined:
    Sep 16, 2008
    Messages:
    18
    Likes Received:
    1
    cURL is used in php code, its basically like a function in php.
     
  8. Chris Devon

    Chris Devon Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 2, 2008
    Messages:
    507
    Likes Received:
    192
    No you don't need a webhost. You can have it on your computer. Just install XAMP and practice there all your PHP stuff. You have to enable curl in php.ini (apache bin, php4, and php5 folder) in your server config
     
  9. breadfan

    breadfan Newbie

    Joined:
    Jul 6, 2008
    Messages:
    26
    Likes Received:
    10
    For the more advanced, it might be better to install a VMWare image with a LAMP (Linux, Apache, MySQL, PHP) setup. http://www.vmware.com/products/player/ is free and the LAMP+Ubuntu image I personally use is http://virtualappliances.net/products/lamp.php

    The great part is that it sets itself up with another IP on your network so it looks like a remote server to whatever apps you need to use, it more perfectly replicates a remote development environment.
     
  10. chaoz

    chaoz Newbie

    Joined:
    Mar 13, 2007
    Messages:
    47
    Likes Received:
    12
    Home Page:
    u cant do this with a server side language ... just with a client side language, like javascript ... thats the reason why javascript has a lot of restrictions ;)
     
  11. cratex0

    cratex0 Newbie

    Joined:
    Nov 28, 2008
    Messages:
    8
    Likes Received:
    0
    I'm wondering the same thing as the OP.
    I have an idea how to get the cookie from a remote site to the clients browser, (I haven't actually tried it yet, but it works in my head :D), but since the header request is coming from my webserver i'm guessing the IP of my webserver is going to be passed to the remote site.

    There seems to be no way around it.
     
  12. imobilec

    imobilec Registered Member

    Joined:
    Dec 14, 2006
    Messages:
    69
    Likes Received:
    14
    I have tried it,, its not possible to pass on the client ip.,,
    only the ip of the server is passed
    and you cannot cookie-stuff using curll
    when you call a page using curl, the cookie gets stored in your webserver
    but not on the client system
     
  13. cratex0

    cratex0 Newbie

    Joined:
    Nov 28, 2008
    Messages:
    8
    Likes Received:
    0
    When you retreive a website from your webserver, your going to receive a HTTP response which includes the cookie?

    If you can break this response down, retrieve the cookie information and then pass the cookie back to the browser using PHPs SetCookie() function (I can't remember the name of it actually, it's something like that.)

    Or pass the Set-Cookie: header back to the browser with the header() function?

    I'm just thinking out loud, it's been a long time since i've used PHP, so if i'm talking crap feel free to let me know :rolleyes:
     
  14. cratex0

    cratex0 Newbie

    Joined:
    Nov 28, 2008
    Messages:
    8
    Likes Received:
    0
    As for spoofing the IP address... another rambling "think out loud"...

    Using curl, we make a single request to the server and retrieve the HTTP response. I think this is just a single string of text, so we save this to a file to be used later.

    I haven't used curl enough to know this yet, so I don't know if it is possible, maybe you can use perl to do it...

    If you can work at the TCP/IP level, we may be able to spoof it...
    As far as i'm aware this is how I think connections are set up:

    Computer A sends out a packet to computer B :
    "This is computer A, are you computer B?"

    Computer B replies...
    "Yes this is B, are you computer A?"

    computer A confirms...
    "Yes computer B, this is A"

    Maybe this can be spoofed.

    If we know the clients IP address, we can contact the server using this.
    Obviously, the server's replies are going to go to the client, and not us.

    Having not instantiates the connection, the client ignores the server's replies.

    However, the server is awaiting confirmation from the client.

    What i'm thinking is, if we send the connection request packet to the server, and then send the confirmation packet a few hundred milliseconds later, again pretending to be the client, the server should be happy with that and the connection would be approved.

    Now we can send the header with curl, again with our spoofed IP, referer etc.
    Obviously the HTTP response is going to go back to the client, but thats OK - because we already have a response from the server saved on our own webserver.

    Just like in my post above this one, we use the cookie information in this response to stuff the client. There will be certain bits which need to be altered before stuffing - expiry time / date etc, but we could use the time/date on our own sever to set these fields.

    Thats the end of my little ramble, and it contains alot of speculation.
    Again, i'm not too knowledgable in this area so, I may just be talking aload of crap.
     
  15. ultimatium1

    ultimatium1 Junior Member

    Joined:
    Oct 10, 2008
    Messages:
    107
    Likes Received:
    19
    For the people who dont understand, When you are using curl and returning the result variable, its being read by your SERVER, Its not your browser thats reading and interacting with the site, The only IP you will pull is your servers.

    Can you tell me what you wanted the users IP for anyway? Their is proberly an alternative to what you want to do without cURL
     
  16. cratex0

    cratex0 Newbie

    Joined:
    Nov 28, 2008
    Messages:
    8
    Likes Received:
    0
    True, but we can interact with the browser using PHP.
     
  17. imobilec

    imobilec Registered Member

    Joined:
    Dec 14, 2006
    Messages:
    69
    Likes Received:
    14
    need to login to a site,, that only accepts my computers IP and not the servers IP.
    is this possible ?
     
  18. cratex0

    cratex0 Newbie

    Joined:
    Nov 28, 2008
    Messages:
    8
    Likes Received:
    0
    In that case I don't think it is possible.
    You will never receive a response from the site since it will be sent to the wrong IP.
     
  19. Grizzy

    Grizzy Senior Member

    Joined:
    Nov 11, 2008
    Messages:
    919
    Likes Received:
    999
    If all you want to do is use curl to login, you should do what some have suggested here and go with xampp or virtualize a lamp on your computer and forget about your server entirely. xampp w/curl is very easy to set up on windows and a good OS to virtualize curl is fedora or ubuntu.