Fake Referer instance code, mainly used to break the chain of anti-theft, such as pictures, software and so on
Here directly to the complete program, the specific application can be modified.
The example I give here is very simple, but there are many applications that can be developed from this example. For example, hide the real URL address ... Hey, you can analyze the specific.
Here is a new file file.php. The next parameter is the need to forge the Referfer target address bar. such as: File.php/http://www.xxx.xxx/xxx.mp3
Copy Code code as follows:
?
$url =str_replace ('/file.php/', ', $_server[' Request_uri ']);//Get the URL that needs to be converted. Here I am lazy, do not do safety test, need to add up on their own
$downfile =str_replace ("", "%20", $url);//replace spaces, etc., can be replaced according to the actual situation
$downfile =str_replace ("http://", "", $downfile);/Remove http://
$urlarr =explode ("/", $downfile);//Break out the domain name by "/"
$domain = $urlarr [0];//domain name
$getfile =str_replace ($urlarr [0], ", $downfile);//Get part of header
$content = @fsockopen ("$domain", $errno, $errstr, 12);//Connect target host
if (! $content) {//link does not prompt for error
Die ("Sorry, unable to connect to $domain. ");
}
Fputs ($content, "Get $getfile http/1.0rn");
Fputs ($content, "Host: $domainrn");
Fputs ($content, "Referer: $domainrn");/Forged Part
Fputs ($content, "user-agent:mozilla/4.0" (compatible; MSIE 6.0; Windows NT 5.1) rnrn ");
while (!feof ($content)) {
$tp. =fgets ($content, 128);
if (Strstr ($TP, "OK")) {//here to explain. The first line of the header is typically the state of the request file. Please refer to the HTTP 1.1 status code and its meaning hi.baidu.com/110911/blog/item/21f20d2475af812ed50742c5.html here is the normal file request status, just turn directly on it. Continuing execution of other States
Header ("Location: $url");
Die ();
}
}
302 turn, most of the anti-theft chain system is the first Judge Referfer, the words and then turn to the real address. Here's how to get the real address.
$arr =explode ("n", $TP);
$arr 1=explode ("Location:", $TP)//To decompose the real-time address behind the Location
$arr 2=explode ("n", $arr 1[1]);
Header (' content-type:application/force-download ');/force download
Header ("Location:". $arr 2[0]);//Turn to Destination address
Die ();
?>
This program can only be used referer to determine whether the hotlinking anti-theft chain system, using other special methods anti-theft chain, this estimate is not applicable
Copy Code code as follows:
$txt =$_get[' url '];
Echo referfile ($txt, ' http://www.jb51.net/');
function Referfile ($url, $refer = ' ") {
$opt =array (' http ' =>array (' header ' => ' Referer: $refer '));
$context =stream_context_create ($opt);
Header ("Location:". $url);
Return file_get_contents ($url, False, $context);
}
Copy Code code as follows:
<?php
$host = "Pakey.net"; The domain name you want to visit
$target = "/test.asp"; The address of the page you want to visit
$referer = "http//uuwar.com/"; Forge a Routing page
$fp = Fsockopen ($host, $errno, $errstr, 30);
if (! $fp) {
echo "$errstr ($errno) <br/>\n";
}else{
$out = "
Get $target http/1.1
Host: $host
Referer: $referer
Connection:close\r\n\r\n ";
Fwrite ($fp, $out);
while (!feof ($fp)) {
Echo fgets ($FP, 1024);
}
Fclose ($FP);
}
?>
I used the code in my novel Thieves, cracked the cloud Xuan GE's txt ebook anti-theft chain.
