0

I'm an IT in a call center and we have a remote online website where every employee has a login. In the call center I have nearly 50 computers behind a Sisco router where all of them reach the outside world with a static public IP address.

There is an agent who got the login credentials of a supervisor.

Now on the remote website I want to get the computer IP on the LAN to identify the agent who is illegally using someone else's credentials.

I have access to everything, the computers in the call center and the remote website.

Now is there a way to get the local IP of the agent (192.168.x.x) using PHP or JS on the remote website. I don't need the public IP which all the call center uses.

NB: Please I have explained the situation in detail so please don't suggest $_SERVER['REMOTE_ADDR'].

medk
  • 9,233
  • 18
  • 57
  • 79
  • 3
    No, this isn't possible. You'll only ever see the IP address of the public gateway. (And even if you could, if the local network internally uses DHCP then it might assign IP addresses differently every time the machines connect to the network, so you couldn't reliably determine which one it was anyhow.). You'll need to catch your thief another way. Are you in a position to be able to make changes to the application code, in order to assist you with your search? – ADyson Oct 26 '20 at 09:34
  • 1
    https://stackoverflow.com/questions/1634782/what-is-the-most-accurate-way-to-retrieve-a-users-correct-ip-address-in-php gives about as much info as you can get. – Nigel Ren Oct 26 '20 at 09:35
  • 1
    There was some dodgy ways to get the LAN IP using JS by exploiting some API but I don't even know if it works any more. It ***was*** exploiting something that most likely shouldn't have been divulging that information. Even assuming it works, it's also hardly reliable across browsers. – VLAZ Oct 26 '20 at 09:42
  • 2
    Set a cookie and go check who got it, assuming you have access to check your employees' browsers. Log USER_AGENT to know which browser to open. Unless they're using a private window. In which case, rig your server with an auto-play screaming zombie film payload and keep your ears open, or something like that. Not that much identifying info you will get, or can plant, for users who are privacy aware. Otherwise, set up a man-in-the-middle at your router to sniff traffic to your server. – Markus AO Oct 26 '20 at 09:45
  • 1
    check out https://stackoverflow.com/questions/20194722/can-you-get-a-users-local-lan-ip-address-via-javascript – ash Oct 26 '20 at 10:11

0 Answers0