A simple way to hack an anti-theft chain image using PHP _php tutorial

Have their own host generally will design "anti-theft chain", in fact, including pictures of anti-theft chain, and download anti-theft chain, such as:
1. Use the. htaccess to set up the anti-theft chain
Copy CodeThe code is as follows: Rewriteengine on
Rewritecond%{http_referer}!^$
Rewritecond%{http_referer}!^http://(www\.)? jb51.net/.*$ [NC]
Rewriterule \. (gif|jpg) $ http://www.jb51.net/image.gif [r,l]
2.nginx set anti-theft chain
Copy CodeThe code is as follows: Location ~* \. (gif|jpg|png|swf|flv) $ {
Valid_referers none blocked jb51.net;
if ($invalid _referer) {
Rewrite ^/http://jb51.net/234_s.gif;
#return 404;
}
}
But how to crack the anti-theft chain? The general anti-theft chain is to determine whether the route is their own domain name, we can use the PHP built-in File_get_contents method to request this image (of course, other backend language also has a similar method), such as:
Copy CodeThe code is as follows://getimg.php?url= target picture connection
Header (' Content-type:image/jpeg ');
Echo file_get_contents (isset ($_get["url"])? $_get["url"]: ' http://static.jb51.net/images/v1/loading-16-16.gif ');
?>
See Example:

1, directly load the anti-theft chain Image: (The station unauthorized picture display is blank)

2. Read the image via PHP:

http://www.bkjia.com/PHPjc/780483.html www.bkjia.com true http://www.bkjia.com/PHPjc/780483.html techarticle have their own host generally will design "anti-theft chain", in fact, including the image of anti-theft chain, and download anti-theft chain, such as: 1. Use the. htaccess set the anti-theft chain copy code code as follows: Rewriteengine

