PHP使用curl伪造IP地址和header信息

WBOY
发布: 2016-07-25 08:42:08
原创
1158 人浏览过

curl虽然功能强大,但是只能伪造$_SERVER["HTTP_X_FORWARDED_FOR"],对于大多数IP地址检测程序来说,$_SERVER["REMOTE_ADDR"]很难被伪造:

首先是client.php的代码

01 $headers['CLIENT-IP'] = '202.103.229.40';
02 $headers['X-FORWARDED-FOR'] = '202.103.229.40';
03
04 $headerArr = array();
05 foreach( $headers as $n => $v ) {
06 $headerArr[] = $n .':' . $v;
07 }
08
09 ob_start();
10 $ch = curl_init();
11 curl_setopt ($ch, CURLOPT_URL, "http://localhost/curl/server.php");
12 curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //构造IP
13 curl_setopt ($ch, CURLOPT_REFERER, "http://www.163.com/ "); //构造来路
14 curl_setopt( $ch, CURLOPT_HEADER, 1);
15
16 curl_exec($ch);
17 curl_close ($ch);
18 $out = ob_get_contents();
19 ob_clean();
20
21 echo $out;

然后是server.php

01 function GetIP(){
02 if(!emptyempty($_SERVER["HTTP_CLIENT_IP"]))
03 $cip = $_SERVER["HTTP_CLIENT_IP"];
04 else if(!emptyempty($_SERVER["HTTP_X_FORWARDED_FOR"]))
05 $cip = $_SERVER["HTTP_X_FORWARDED_FOR"];
06 else if(!emptyempty($_SERVER["REMOTE_ADDR"]))
07 $cip = $_SERVER["REMOTE_ADDR"];
08 else
09 $cip = "无法获取!";
10 return $cip;
11 }
12 echo "
访问IP: ".GetIP()."
";
13 echo "
访问来路: ".$_SERVER["HTTP_REFERER"];
curl, PHP, header


来源:php.cn
本站声明
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn
热门教程
更多>
最新下载
更多>
网站特效
网站源码
网站素材
前端模板