Header Banner
Null Byte Logo
Null Byte
wonderhowto.mark.png
Cyber Weapons Lab Forum Metasploit Basics Facebook Hacks Password Cracking Top Wi-Fi Adapters Wi-Fi Hacking Linux Basics Mr. Robot Hacks Hack Like a Pro Forensics Recon Social Engineering Networking Basics Antivirus Evasion Spy Tactics MitM Advice from a Hacker

How to Get the Backend IP of a Server (Part 1)

Oct 8, 2015 05:18 PM
Oct 8, 2015 05:33 PM
"How to Get the Backend IP of a Server (Part 1)" cover image

This is a quick and easy method for receiving the backend IP (1) of a server who is hidden behind a proxy (2) or a firewall (3).

Requiring the following:

  • Attacker can use a browser
  • Or Attacker have a basic knowledge of PHP (4)
  • A page who provides the "Upload through URL" option

Using the Easy Method

In this case the attacker only need a working browser and have to visit the following page:

http://iplogger.org/

Then press in the window "Invisible logger" the button "Generate logger"

635798954842074745.jpg

Now we will be redirected to a new page. URL would be for example:

http://iplogger.org/statistics/id=SOME_RANDOM_ID/

all we need is copying the "No BB Code" link out of it

635798955968138214.jpg

and paste it into the "Upload via URL" form

635798956594544704.jpg

After our upload finished, we can visit our generated link again and voila backend IP dropped:

635798957723964783.jpg

After a quick check:

  • Original IP: 8.26.65.101| USA | Lightcrest LLC
  • Backend IP: 8.26.64.82 | USA | Lightcrest LLC

we are finished!

Of course in this case we dont know if its the true backend IP of wonderhowto it was just an example.

Using Our Own Script

Many skidforums blacklistening the domain of the script shown above. But with basic skills of PHP and simple knowledge of rewrite rules we can build and spoof our own IP logger. for example:

.htaccess (5)

RewriteEngine on

RewriteRule ^image.png$ iplogger.php

iplogger.php

http://0bin.net/paste/Y5hAcnbJY8dJPiTT#Yk9OrKPqqDGwT3OZwbe6EHtxD13g8b5nCASlMZW50d4

Explanation

The server is fetching our "image" from the URL we provided and saving it to a temporary cache. Thats how we reiving the true IP address of the server who is working with the image.

Glossary

(1) https://en.wikipedia.org/wiki/Firewall_%28computing%29

(2) https://en.wikipedia.org/wiki/IP_address

(3) https://en.wikipedia.org/wiki/Proxy_server

(4) https://en.wikipedia.org/wiki/PHP

(5) https://en.wikipedia.org/wiki/.htaccess

The next big software update for iPhone is coming sometime in April and will include a Food section in Apple News+, an easy-to-miss new Ambient Music app, Priority Notifications thanks to Apple Intelligence, and updates to apps like Mail, Photos, Podcasts, and Safari. See what else is coming to your iPhone with the iOS 18.4 update.

Related Articles

Comments

No Comments Exist

Be the first, drop a comment!