damianofalcioni / ip-biter Goto Github PK

IP-Biter: The Hacker-friendly E-Mail (but not only) Tracking Framework

License: GNU Affero General Public License v3.0

PHP 100.00%

tracking email mail links link-generator all-in-one hacker-tools tracking-pixels information-gathering-tools information-gathering

ip-biter's Introduction

IP-Biter - Framework

The Hacker-friendly Tracking Framework

IP-Biter is an open source, easy to deploy, tracking framework that generate high configurables and uniques tracking images and links to embed in e-mails, sites or chat systems and visualize, in an hacker-friendly dashboard, high detailed reports of the tracked users who visualize the image or open the links.

Features

Very high configurable tracking image generation
Tracking links generation
Tracking hidden and not recognizable from the target point of view
Integrated Dashboard
Integrated Overview Dashboard (Admin only)
Self-tracking prevention
Possibility to stop and start the tracking at any time
Possibility to hide the Dashboard and protect its access with a password
Live tracking reports from the Dashboard
Tracking reports live delivered to a configurable mail address
Different IP analysis services
User-Agent analysis service
Integrate URL shortening service
AllInOne PHP file
No need for a Database
Open Source

...and many many more!

Give it a try!

Getting Started

Deploy IP-Biter

Copy ipb.php in your PHP server and optionally create a .htaccess file as described in the next security notes
- Some configurable parameters are available in the firsts uncommented PHP lines of the ipb.php file, identified by the comment "START CONFIGURATION SECTION"

Access the Dashboard

Access the dashboard through ipb.php?op=$dashboardPage (replacing $dashboardPage with its effective value)
- $dashboardPage is the PHP variable defined in the "START CONFIGURATION SECTION" of the ipb.php file. The default value is "dashboard" so the default URL is ipb.php?op=dashboard
- If the PHP variable $dashboardPage is empty you can access the dashboard through the URL ipb.php
- If the PHP variable $dashboardPageSecret is not empty then a login page will appear, asking for the $dashboardPageSecret value

Create a new configuration

When the dashboard is opened without parameters, a new configuration is created
- Another empty new configuration can be generate clicking the "New" button
Configure the tracking image and the advanced setting if needed
- It is possible to left the original image url empty. In this case an empty image will be used.
Add tracking links if needed
- It is possible to left the original link empty. In this case the link will generate a 404 page.
Save the configuration
Distribute the generated image or the links to start the tracking
- You can click the copy button and paste in a html rich email editor like gmail
- NOTE: If you try to open the generated image or links but have in the same browser the dashboard page opened and loaded, your request will not be tracked (self-tracking prevention feature)

Load an existing configuration

When the dashboard is opened with the parameter "uuid", the associated configuration is loaded
- Another configuration can be loaded pasting the "Track UUID" in the dashboard relative field and clicking the "Load" button
The reports will be automatically visualized in the "Tracking Reports" section of the dashboard

Admin Overview Page

Access the Admin page through ipb.php?op=$adminPage (replacing $adminPage with its effective value)
- $adminPage is the PHP variable defined in the "START CONFIGURATION SECTION" of the ipb.php file. The default value is "admin" so the default URL is ipb.php?op=admin
- If the PHP variable $adminPage is empty the admin page will be not available
- If the PHP variable $adminPageSecret is not empty then a login page will appear, asking for the $adminPageSecret value
All the defined configuration will be visualized in a table.

Security Notes

Change the folders name and the dashboard page in the configuration section in order to improve the security
Add the following lines to the .htaccess file in order to deny the access to the "configs" and "reports" folders:

DirectoryIndex ipb.php
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^(configs/|reports/|error.log) - [F]
</IfModule>

Live DEMO

Have a look at the DEMO

Support Me <3

ip-biter's People

Contributors

Stargazers

Watchers

Forkers

zshell banned666 johnjohnsp1 max-smith tuian jpgreth m41doror h4ck0ne serversta ch4p34un0ir xz-wl samouly agilee maskup leetcodes arnauec-zz krashman ro9ueadmin praveen739 smalltalkking micsoftvn j0nk0 ralphreijs r3dfruitrollup raymondseger alessiopcc dynamicdesignz g-adamante mercyxsavage ytldsimage rohit-gohri xiaoshen2017 skidzz superenoki hakberry1 mauriziocasciano yagya1123 myselfsufiyan hollow667 norsebyte reewardius allmedicalexperts pe4ch timeshu hartl3y94 bit212-2019 xtremecoder007 creatapd elos-rw wathikahmed l0k1st0rmbr1n9er jothatron ingramali mikethesapien geraldo1993 tnexperts kelvinwang000 therealelyayo makingw croat79 momohsen wattaman capesepias ztevayadp40ve macarel46 arnaudmorin yaseenemv mabdelwanis zeefast safesploit carly1900 sightlessace ohsevin dexit off-ini bogwero sakuta123 fludo mr-k4l1m3r0 darksidesfear jorensc

ip-biter's Issues

installation issues on kali linux

nice project , but how can i install ip.biter on kali linux does it work on linux os ?

Internal error

Dear Damiano,

I generated the image url but when I tried to save the configuration in the dashboard, it always threw me an error message.

Error occurred: Internal error: Invalid id 712b3f44-3244-4931-83f5-89cfb0eec439

You can check it at: ec2-3-131-142-102.us-east-2.compute.amazonaws.com/IP-Biter/ipb.php?op=dashboard

System info:

System: Host: ----------------- Kernel: 5.4.0-1029-aws x86_64 bits: 64 Console: tty 0
Distro: Ubuntu 20.04.1 LTS (Focal Fossa)
Machine: Type: Xen System: Xen product: HVM domU v: 4.2.amazon serial: <superuser/root required>
Mobo: N/A model: N/A serial: N/A BIOS: Xen v: 4.2.amazon date: 08/24/2006
CPU: Topology: Single Core model: Intel Xeon E5-2676 v3 bits: 64 type: MCP L2 cache: 30.0 MiB
Speed: 2400 MHz min/max: N/A Core speed (MHz): 1: 2400
Graphics: Device-1: Cirrus Logic GD 5446 driver: N/A
Display: server: No display server data found. Headless machine? tty: 133x32
Message: Advanced graphics data unavailable in console. Try -G --display
Audio: Message: No Device data found.
Network: Device-1: Intel 82371AB/EB/MB PIIX4 ACPI type: network bridge driver: N/A
IF-ID-1: eth0 state: up speed: N/A duplex: N/A mac: 0a:d4:04:64:0c:e2
Drives: Local Storage: total: 8.00 GiB used: 2.10 GiB (26.3%)
Partition: ID-1: / size: 7.69 GiB used: 2.10 GiB (27.4%) fs: ext4 dev: /dev/xvda1
Sensors: Message: No sensors data was found. Is sensors configured?
Info: Processes: 106 Uptime: 42m Memory: 978.6 MiB used: 229.6 MiB (23.5%) Init: systemd runlevel: 5 Shell: bash
inxi: 3.0.38

Overview of all links

Would it be possible to get an overview over all links generated with a link to those 'dashboard overviews' for easier access?

This is a test issue from WhiteSource, it will be closed shortly

redirect after view

hi my friends
i wana after view by target after 5 second redirect to another url and they see real site (after get cookie)
can i help me

Action Required: Fix Mend Configuration File - .whitesource - autoclosed

There is an error with this repository's Mend configuration file that needs to be fixed. As a precaution, scans will stop until it is resolved.

Errors:

Failed to parse configuration file: damianofalcioni/IP-Biter/.whitesource: Expected a com.google.gson.JsonObject but was com.google.gson.JsonPrimitive

Installation Issues

These are the steps that I followed

copied the files to /var/www/html/IP-Biter-master/
restart apache2
try 127.0.0.1/IP-Biter-master/ipb.php?op=$dashboardPage

I got an error message "op parameter not valid" when I look into the error log files -
26/03/2021 12:03:41 127.0.0.1 op parameter not valid
26/03/2021 12:03:41 127.0.0.1 ERROR on line 0: Directive 'allow_url_include' is deprecated

i can understand that the issue is because I am using php 7.4 and the "allow_url_include" is not included in php 7.4.

What should be the alternative - I cant downgrade the php version as I am hosting a number of self hosted sites. and hence downgrading or using update-alternatives will be a challenge.

Also can you please help me understand - do I need to create folders with name "configs", "reports" in the folder or will they be created by the php file after first run?
Also I dont see a .htaccess file - is this something I create or the php file creates it?

Hosting issue

I had hosted the ipb.php on server .Also i had created .htaccess file and added the security rules as per your instruction. But still i am getting following error
{"status" : -1, "error" : "op parameter not valid"}

Note: I didn't make any change in your ibp.php file.

Error on whois not being available

Looks like if you don't have whois on the machine, stuff errors out:

Error contacting the service: /ipb.php?op=ipwhois&ip=ip.ad.dr.es : error

Gmail mail track issue

Hi, I was using your php script but it appears that using this we cannot get the ip from gmail.

Can you suggest how to do that?

Make anonym.to optional

First off - good work with your script; Would you mind making the anonymizer optional? That's a quick fix on the links not opening correctly.

IP-Biter

Can I host email-tracker IP-Biter on my Google Cloud Functions account with CLI commands and create variables linked to my GA4 analytics account?

HTTP Error 400 - Bad Request

Tracking doesn't work !

All access to tracking links generated by your script return an HTTP Error 400,
Also for image links.

error.log content :

23/11/2017 05:33:09 141.101.104.X Invalid tid e33595fa-bd07-49bd-805b-7e5500b2006e
23/11/2017 05:34:10 141.101.104.X Invalid tid e33595fa-bd07-49bd-805b-7e5500b2006e
23/11/2017 05:35:25 141.101.104.X Invalid tid e33595fa-bd07-49bd-805b-7e5500b2006e

Config : Apache 2, PHP 5.6, ModSec2, PHP Handler tested : suPHP & CGI, Cloudflare.

-- YB

auth via static link on dashboard

Would be nice to have something like an auth link so you could just log in using a bookmark as entering the password all the time slows down the process of analyzing things pretty significant

Tool works, but the reports json is not loaded in the dashboard, although it logs users

Hi, thanks for the great tool.

My Application runs smoothly. Images can be seen on the links generated by the program. The only problem I'm having is the report not loading where it was supposed to be in the dashboard. But the logs are correct in the JSON. Do you have some insight on what could have gone wrong? I did no modification on your code, and nothing shows in error.log.

Thanks in advance,

Thiago

Dashboard not accessable

Got an Apache2 server running on the latest Kali Linux.
Uploaded the ipb.php to the webserver and added the .htaccess file.
When i browse to the site (ipb.php) it gives me the error ::
{"status" : -1, "error" : "op parameter not valid"}

also when browsing to ::
ipb.php?op=$dashboardPage

same error

are there some more Settings to be set for the server ? additional modules or so ?
please give more Information about the Server settings please, it is not running directly...
i am using a ssl cert from https://letsencrypt.org/ with some security settings .....

images

Updated now error

ERROR on line 0: Module 'apcu' already loaded

Generate UUID/trackUUID with GET

Hi,
Can you add a piece of code to generate UUID/trackUUID using GET method, with the possibility to set some data directly in URI, like :

/ipb.php?op=dashboard&notificationemail={EMAIL}&trackimage={IMAGE}

The page can return the generated UUID, trackUUID, etc and stores each variable value in PHP variables, for further handling.

This change can help to integrate your script with existing projects.
Thanks.

Error

{"status" : -1, "error" : "op parameter not valid"}

IPV4

"I find the script very useful. However, I have a few questions. It seems that the script cannot retrieve IPV4. I only see the IPV6 result returned. In the next release, could you adjust the script? Another issue is that I want to retrieve the IP's Port as well. Please help me with this."

Let me know if you need further assistance!

Tracking Reports are generated in reports folder but are not displayed in dashboard

Anyway to resolve this ?

Kind regards,

XtremeCoder007

Deleting results

Would it be possible to delete results? That way I could hide my automated tests if that link was actually created

Error occurred: Internal error: Invalid id 61f7072e-f809-4580-91ed-1d4439ef04f7

hi bro thanks for your response i was able to deploy ipbiter php and it opened up correctly , but i have a problem each time i try to save my configuration i get this error.
, Error occurred:
Internal error: Invalid id 61f7072e-f809-4580-91ed-1d4439ef04f7
Are mine missing something here ? please help me out and thanks in advance