计划,每天学习两小时,坚持带来大改变。

curl伪造IP和来路

PHP 阿尤 2864浏览 0评论

client.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
<?php
$headers['CLIENT-IP'] = '202.103.229.40'
$headers['X-FORWARDED-FOR'] = '202.103.229.40';
 
$headerArr = array(); 
foreach( $headers as $n => $v ) { 
    $headerArr[] = $n .':' . $v;  
}
 
ob_start();
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, "http://localhost/curl/server.php");
curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr );  //构造IP
curl_setopt ($ch, CURLOPT_REFERER, "http://www.163.com/ ");   //构造来路
curl_setopt( $ch, CURLOPT_HEADER, 1);
 
curl_exec($ch);
curl_close ($ch);
$out = ob_get_contents();
ob_clean();
 
echo $out;
?>

server.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
<?php
function GetIP(){
    if(!empty($_SERVER["HTTP_CLIENT_IP"]))
        $cip = $_SERVER["HTTP_CLIENT_IP"];
    else if(!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
        $cip = $_SERVER["HTTP_X_FORWARDED_FOR"];
    else if(!empty($_SERVER["REMOTE_ADDR"]))
        $cip = $_SERVER["REMOTE_ADDR"];
    else
    $cip = "无法获取!";
    return $cip;
}
echo "<BR>访问IP: ".GetIP()."<br>";
echo "<BR>访问来路: ".$_SERVER["HTTP_REFERER"];
?>

补充:$_SERVER['REMOTE_ADDR']无法伪造。


转载请注明:阿尤博客 » curl伪造IP和来路

游客
发表我的评论 换个身份
取消评论

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
  • 验证码 (必填)点击刷新验证码