bad pool header【PHP,curl伪造IP地址和header信息代码实例】
时间:2018-08-16 来源:博通范文网 本文已影响 人 
这篇文章主要介绍了PHP curl伪造IP地址和header信息代码实例,本文给出服务器端和客户端实现代码,提供伪造功能和服务器端检测代码,需要的朋友可以参考下
curl虽然功能强大,但是只能伪造$_SERVER["HTTP_X_FORWARDED_FOR"],对于大多数IP地址检测程序来说,$_SERVER["REMOTE_ADDR"]很难被伪造:
首先是client.php的代码
代码如下:
$headers["CLIENT-IP"] = "202.103.229.40";
$headers["X-FORWARDED-FOR"] = "202.103.229.40";
$headerArr = array();
foreach( $headers as $n => $v ) {
$headerArr[] = $n .":" . $v;
}
ob_start();
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, "localhost/curl/server.php");
curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //构造IP
curl_setopt ($ch, CURLOPT_REFERER, "/ "); //构造来路
curl_setopt( $ch, CURLOPT_HEADER, 1);
curl_exec($ch);
curl_close ($ch);
$out = ob_get_contents();
ob_clean();
echo $out;
然后是server.php
代码如下:
function GetIP(){
if(!emptyempty($_SERVER["HTTP_CLIENT_IP"]))
$cip = $_SERVER["HTTP_CLIENT_IP"];
else if(!emptyempty($_SERVER["HTTP_X_FORWARDED_FOR"]))
$cip = $_SERVER["HTTP_X_FORWARDED_FOR"];
else if(!emptyempty($_SERVER["REMOTE_ADDR"]))
$cip = $_SERVER["REMOTE_ADDR"];
else
$cip = "无法获取!";
return $cip;
}
echo "
访问IP: ".GetIP()."
";
echo "
访问来路: ".$_SERVER["HTTP_REFERER"];
推荐访问:伪造 实例 代码 php curl伪造IP地址和header信息代码实例
