Implementation of VBS counterfeit HTTP-REFERER

Write a simple referer. php file in the test directory. The Code is as follows: Copy codeThe Code is as follows: <? Php
If (! Isset ($ _ SERVER ["HTTP_REFERER"])
Echo "No Referer ";
Else
Echo $ _ SERVER ["HTTP_REFERER"];
?>

If you click the link above, the referer page is displayed.Copy codeThe Code is as follows: Set http = CreateObject ("msxml2.xmlhttp ")
Http. open "GET", "http://jb51.net/test/referer.php", False
Http. setRequestHeader "Referer", "http://jb51.net"
Http. send
WScript. Echo http. responseText

However, if I use VBS to call the msxml2.xmlhttp component to access this page, No Referer is returned. It's incredible. Isn't my code wrong?

So Google googled "VBS forged http referer" and found that most of the content found is the same as this article. You copy and paste it without reading it. If you copy my content, I copy your content, I don't know who it is, and it's still wrong!
The first example of that article is ASP's

Copy codeThe Code is as follows: dim http
Set http = server. createobject ("MSXML2.XMLHTTP ")
Http. open "GET", url, false
Http. setRequestHeader "Referer", "http://www.fromdomain.cn /"
Http. send ()

At first, I thought that the VBS under ASP is different from the VBS that I directly double-click to run. The VBS under ASP is awesome and can be changed to the Referer. For this reason, I also installed IIS for testing and found that No Referer is returned. Later, I saw the following message: "forgive me for not being familiar with asp. I can't help you. Please check other materials and refer to it." "I have no idea how to use asp, the code is for reference only. asp has not been tested ".

I really don't want to swear. If you're not familiar with it, you just need to write it. At least let's test it. The code that has not been tested can also be pasted? Later, I saw a reliable answer on Qianyi Network (this network looks good). Referer cannot be changed by setting headers in ASP and Ajax.

Angry, now that the xmlhttp component is not working, I will use socket to write the general line! (Note: not all computers have registered the Winsock component)

Copy codeThe Code is as follows: Set socket = WScript. CreateObject ("MSWinsock. Winsock", "Winsock _")
Socket. RemoteHost = "jb51.net"
Socket. RemotePort = 80
Socket. Connect
Do
WScript. Sleep 100
Loop
Sub Winsock_Connect ()
Data = "GET/test/referer. php HTTP/1.1" & vbCrLf &_
"Referer: http://jb51.net" & vbCrLf &_
"Host: jb51.net" & vbCrLf
Socket. SendData data
End Sub
Sub Winsock_DataArrival (bytesTotal)
Socket. GetData str
WScript. Echo Utf8ToUnicode (str)
WScript. Quit
End Sub

The Utf8ToUnicode function is not pasted after a long time. It has been written in previous articles. The test results are as follows:Copy codeThe Code is as follows: HTTP/1.1 200 OK
Date: Thu, 04 Nov 2010 14:05:20 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html
F
Http://jb51.net
0

The Referer is successfully forged, but the returned results seem a bit strange. What are the f and 0 values in the front and back of jb51.net? (In fact, the returned result is also returned when you access the file through a browser, but the browser does not show it to us.) I guess f is the length of the Referer string, but I cannot find an explanation after searching for a long time. No matter whether it is, the forgery is successful, and the result is ugly.
Original article: http://demon.tw/programming/vbs-http-referer.html