HackBack with Apache and PHP (redirect back)

Are you bored of hackig-attempts to your server, and you want to fight back?
I collect some opportunities here.

Step 1: Getting real client IP address in PHP

If you realise that someone wants to check your server for specific PHP-files (like ...) create a dummy config.php file where you can start your fightback.

Use these functions (copy&paste) to save the attackers IP in a PHP-variable $IP = function() to fight back directly or write attackers IP to MySQL Database for logging reasons:

With this function in your script you can fill the $IP variable:

$IP = get_client_ip_server();

Step 2: Get Port Number from client

Fill the $PORT variable:


Step 3: Redirect attacker back to himself

Use $IP and $PORT to send back: If attacker opens the php file, he will be redirected to his own IP and Port.

header("Location: ".$IP.":".$PORT."");


Of course, you can also change the redirection to any other URL you like. For example to the policia or to servers of other hackers so that they can assist you :) .

Step 4: Scan open Ports on the Attackers machine

In this step you can scan the open ports on the attacking IP:


You just have to modify the script, by deleting the "Form" on top, and replace the $_POST variabe with the $IP variable you have filled in step 1:

change this line: if($pf = @fsockopen($IP, $port, $err, $err_string, 1)) {

If you open your .php file you should see something like:

Port 21 (ftp): Inaccessible
Port 22 (ssh): Inaccessible
Port 23 (telnet): Inaccessible
Port 25 (smtp): Inaccessible
Port 53 (domain): Inaccessible
Port 80 (http): Inaccessible
Port 110 (pop3): Inaccessible
Port 1433 (ms-sql-s): Inaccessible
Port 3306 (mysql): Inaccessible

or - if you test from a server - you should have at least Port 80 (http): OK.

Now you know which ports a accessible on the attackers machine. You should comment-out the "echo" lines, so that the output will not be visible.

And you should fill a new array only with the open ports under line "if($val) {" for further backhacking:

$OpenPorts = array();

$OpenPorts[] = $ports;