I need to know the MAC and the IP address of the connect clients, how can I do this in PHP?
This question is related to
php
mac-address
All you need to do is to put arp into diferrent group.
Default:
-rwxr-xr-x 1 root root 48K 2008-11-11 18:11 /usr/sbin/arp*
With command:
sudo chown root:www-data /usr/sbin/arp
you will get:
-rwxr-xr-x 1 root www-data 48K 2008-11-11 18:11 /usr/sbin/arp*
And because apache is a daemon running under the user www-data, it's now able to execute this command.
So if you now use a PHP script, e.g.:
<?php
$mac = system('arp -an');
echo $mac;
?>
you will get the output of linux arp -an command.
too late to answer but here is my approach since no one mentioned this here:
why note a client side solution ?
a javascript implementation to store the mac in a cookie (you can encrypt it before that)
then each request must include that cookie name, else it will be rejected.
to make this even more fun you can make a server side verification
from the mac address you get the manifacturer (there are plenty of free APIs for this)
then compare it with the user_agent value to see if there was some sort of manipulation:
a mac address of HP + a user agent of Safari = reject request.
under linux using iptables you can log to a file each request to web server with mac address and ip. from php lookup last item with ip address and get mac address.
As stated remember that the mac address is from last router on the trace.
For windows server I think u can use this:
<?php
echo exec('getmac');
?>
Use this class (https://github.com/BlakeGardner/php-mac-address)
This is a PHP class for MAC address manipulation on top of Unix, Linux and Mac OS X operating systems. it was primarily written to help with spoofing for wireless security audits.
// Turn on output buffering
ob_start();
//Get the ipconfig details using system commond
system('ipconfig /all');
// Capture the output into a variable
$mycomsys=ob_get_contents();
// Clean (erase) the output buffer
ob_clean();
$find_mac = "Physical";
//find the "Physical" & Find the position of Physical text
$pmac = strpos($mycomsys, $find_mac);
// Get Physical Address
$macaddress=substr($mycomsys,($pmac+36),17);
//Display Mac Address
echo $macaddress;
This works for me on Windows, as ipconfig /all is Windows system command.
We can get MAC address in Ubuntu by this ways in php
$ipconfig = shell_exec ("ifconfig -a | grep -Po 'HWaddr \K.*$'");
// display mac address
echo $ipconfig;
You can do this easily using openWRT. If yo use a captive portal you can mix php and openWRT and make a relation between the IP and the mac.
You can write a simple PHP code using:
$localIP = getHostByName(getHostName());
Later, using openWRT you can go to /tmp/dhcp.leases, you will get something with the form:
e4:a7:a0:29:xx:xx 10.239.3.XXX DESKTOP-XXX
There, you have the mac, the IP address and the hostname.
Getting MAC Address Using PHP: (Tested in Ubuntu 18.04) - 2020 Update
Here's the Code:
<?php
$mac = shell_exec("ip link | awk '{print $2}'");
preg_match_all('/([a-z0-9]+):\s+((?:[0-9a-f]{2}:){5}[0-9a-f]{2})/i', $mac, $matches);
$output = array_combine($matches[1], $matches[2]);
$mac_address_values = json_encode($output, JSON_PRETTY_PRINT);
echo $mac_address_values
?>
Output:
{
"lo": "00:00:00:00:00:00",
"enp0s25": "00:21:cc:d4:2a:23",
"wlp3s0": "84:3a:4b:03:3c:3a",
"wwp0s20u4": "7a:e3:2a:de:66:09"
}
You can get MAC Address or Physical Address using this code
$d = explode('Physical Address. . . . . . . . .',shell_exec ("ipconfig/all"));
$d1 = explode(':',$d[1]);
$d2 = explode(' ',$d1[1]);
return $d2[1];
I used explode many time because shell_exec ("ipconfig/all") return complete detail of all network. so you have to split one by one.
when you run this code then you will get
your MAC Address 00-##-##-CV-12 //this is fake address for show only.
You can get the server IP address from $_SERVER['SERVER_ADDR'].
For the MAC address, you could parse the output of netstat -ie in Linux, or ipconfig /all in Windows.
You can get the client IP from $_SERVER['REMOTE_ADDR']
The client MAC address will not be available to you except in one special circumstance: if the client is on the same ethernet segment as the server.
So, if you are building some kind of LAN based system and your clients are on the same ethernet segment, then you could get the MAC address by parsing the output of arp -n (linux) or arp -a (windows).
Edit: you ask in comments how to get the output of an external command - one way is to use backticks, e.g.
$ipAddress=$_SERVER['REMOTE_ADDR'];
$macAddr=false;
#run the external command, break output into lines
$arp=`arp -a $ipAddress`;
$lines=explode("\n", $arp);
#look for the output line describing our IP address
foreach($lines as $line)
{
$cols=preg_split('/\s+/', trim($line));
if ($cols[0]==$ipAddress)
{
$macAddr=$cols[1];
}
}
Well, you're out of luck unless you can have the client volunteer that information and transmit via other means.
The MAC address of a client (in the sense of the computer that issued the HTTP request) is overwritten by every router between the client and the server.
Client IP is conveniently provided to the script in $_SERVER['REMOTE_ADDR']. In some scenarios, particularly if your web server is behind a proxy (i.e. a caching proxy) $_SERVER['REMOTE ADDR'] will return the IP of the proxy, and there will be an extra value, often $_SERVER['HTTP_X_FORWARDED_FOR'], that contains the IP of the original request client.
Sometimes, particularly when you're dealing with an anonymizing proxy that you don't control, the proxy won't return the real IP address, and all you can hope for is the IP address of the proxy.
I don't think you can get MAC address in PHP, but you can get IP from $_SERVER['REMOTE_ADDR'] variable.
In windows, If the user is using your script locally, it will be very simple :
<?php
// get all the informations about the client's network
$ipconfig = shell_exec ("ipconfig/all"));
// display those informations
echo $ipconfig;
/*
look for the value of "physical adress" and use substr() function to
retrieve the adress from this long string.
here in my case i'm using a french cmd.
you can change the numbers according adress mac position in the string.
*/
echo substr(shell_exec ("ipconfig/all"),1821,18);
?>
Perhaps getting the Mac address is not the best approach for verifying a client's machine over the internet. Consider using a token instead which is stored in the client's browser by an administrator's login.
Therefore the client can only have this token if the administrator grants it to them through their browser. If the token is not present or valid then the client's machine is invalid.
You can use the following solution to solve your problem:
$mac='UNKNOWN';
foreach(explode("\n",str_replace(' ','',trim(`getmac`,"\n"))) as $i)
if(strpos($i,'Tcpip')>-1){$mac=substr($i,0,17);break;}
echo $mac;
Source: Stackoverflow.com