PHP spoofed IP and URL routing information method rollup _php instance

PHP Routing Forgery

The first type: Php_curl

Open method:

1, find php.ini, modify Extension=php_curl.dll to remove the semicolon before;

2, the Php_curl.dll, Php5ts.dll, Libeay32.dll, Ssleay32.dll copied to the Windows/system32 directory and then restart the PHP service;
3, build test.php test file, insert the following code:

Copy Code code as follows:

<?php
$ch = Curl_init (); Class
curl_setopt ($ch, Curlopt_url, http://www.example.com/search.asp?page=3&typeid= film name &keyword= founding great cause); The page you want to visit
curl_setopt ($ch, Curlopt_referer, http://www.example.com/); Forge a Routing page
curl_setopt ($chtml, curlopt_returntransfer,1); Whether to display content
Curl_exec ($ch); Perform
Curl_close ($ch); Back to close
?>

The second type: Fsockopen

Copy Code code as follows:

<?php
$host = "www.example.com"; The domain name you want to visit
$target = "/test.asp"; The address of the page you want to visit
$referer = "http://www.example.com/"; Forge a Routing page
$fp = Fsockopen ($host, $errno, $errstr, 30);
if (! $fp) {
echo "$errstr ($errno) <br/>\n";
}else{
$out = "
Get $target http/1.1
Host: $host
Referer: $referer
Connection:close\r\n\r\n ";
Fwrite ($fp, $out);
while (!feof ($fp)) {
Echo fgets ($FP, 1024);
}
Fclose ($FP);
}
?>

PHP Curl Crawl Site
------------------------------------------------------------------------------------------

Copy Code code as follows:

<?php
Initializes a CURL object
$curl = Curl_init ();
Set the URL you want to crawl
curl_setopt ($curl, Curlopt_url, ' http://cocre.com ');
Set Header
curl_setopt ($curl, Curlopt_header, 1);
Sets the curl parameter to require that the results be saved to the string or to the screen.
curl_setopt ($curl, Curlopt_returntransfer, 1);
Run Curl, request Web page
$data = curl_exec ($curl);
Close URL Request
Curl_close ($curl);
Show the data you get
Var_dump ($data);

================================================================================================
The curl_setopt () function sets the option for a curl session. The option parameter is the setting you want, and value is the values given by this choice.
The values of the following options will be used as long reshaping (specified in the option argument):
*curlopt_infilesize: When you upload a file to a remote site, this option tells PHP the size of the file you uploaded.
*curlopt_verbose: If you want to curl report every unexpected thing, set this option to a value other than 0.
*curlopt_header: If you want to include a header in the output, set this option to a value other than 0.
*curlopt_noprogress: If you don't have PHP to display a process bar for curl transmissions, set this option to a non 0 value.
Note: PHP automatically sets this option to a value other than 0, and you should only change this option for debugging purposes.
*curlopt_nobody: If you don't want to include the body part in the output, set this option to a value other than 0.
*curlopt_failonerror: If you want PHP to be in error (HTTP code returns greater than or equal to 300), do not display, set this option to a person not 0 value. The default behavior is to return a normal page, ignoring the code.
*curlopt_upload: If you want PHP to be ready for upload, set this option to a value other than 0.
*curlopt_post: If you want PHP to do a regular HTTP POST, set this option to a non 0 value. This post is an ordinary application/x-www-from-urlencoded type, most of which is used by HTML forms.
*curlopt_ftplistonly: Set this option to a value other than 0, PHP will list the list of directory names for FTP.
*curlopt_ftpappend: Set this option to a value other than 0, PHP will apply the remote file instead of overwriting it.
*CURLOPT_NETRC: Set this option to a value other than 0, PHP will find the username and password of the remote site you want to connect to in your ~./netrc file.
*curlopt_followlocation: Set this option to a non 0 value (like "Location:"), the server will send it as a part of the HTTP header (note that this is recursive, PHP will send the shape as "Location:" the head).
*curlopt_put: Set this option for a non 0 value to upload a file with HTTP. To upload this file, you must set the Curlopt_infile and Curlopt_infilesize options.
*curlopt_mute: Set this option to a value other than 0, PHP will be completely silent for the curl function.
*curlopt_timeout: Sets a long shaping number, as the maximum continuation of how many seconds.
*curlopt_low_speed_limit: Sets a long shaping number to control how many bytes are transferred.
*curlopt_low_speed_time: Set a long shaping number, control how many seconds to transfer curlopt_low_speed_limit The specified number of bytes.
*curlopt_resume_from: Passes a long shaping parameter that contains the byte offset address (the start form you want to transfer to).
*curlopt_sslversion: Passes a long parameter containing the SSL version. The default PHP will be determined by its own efforts, and in more security you must set it manually.
*curlopt_timecondition: Passes a long parameter specifying how to handle the Curlopt_timevalue parameter. You can set this parameter to Timecond_ifmodsince or timecond_isunmodsince. This is for HTTP only.
*curlopt_timevalue: Passes a number of seconds from 1970-1-1 to the present. This time is used by the Curlopt_timevalue option as the specified value or by default timecond_ifmodsince.
The values of the following options will be used as strings:
*curlopt_url: This is the URL you want to retrieve with PHP. You can also set this option when initializing with the Curl_init () function.
*curlopt_userpwd: Passes a string that is shaped like [Username]:[password] for validation.
*curlopt_proxyuserpwd: Passes a string in a form like [Username]:[password] to connect to the HTTP proxy.
*curlopt_range: Pass a range that you want to specify. It should be "XY" format, X or Y is excepted. HTTP transmissions also support several intervals, separated by a x-y,n-m.
*curlopt_postfields: Passes a string of all data that is an HTTP "POST" operation.
*curlopt_referer: Contains a string of "REFERER" headers in the HTTP request.
*curlopt_useragent: Contains a string of "user-agent" headers in the HTTP request.
*curlopt_ftpport: Passes an IP address that contains the FTP "POST" instruction. This post instruction tells the remote server to connect to the IP address we specified. This string can be an IP address, a host name, a network interface name (under Unix), or '-' (using the system default IP address).
*curlopt_cookie: Passes a header connection that contains an HTTP COOKIE.
*curlopt_sslcert: Passes a string containing the PEM format certificate.
*CURLOPT_SSLCERTPASSWD: Passes a password that is required to use the Curlopt_sslcert certificate.
*curlopt_cookiefile: A string that passes the name of a file that contains cookie data. This cookie file can be in Netscape format, or in the HTTP style header that is stockpiled in the file.
*curlopt_customrequest: When making an HTTP request, passing a character is used by get or head. It is useful for delete or other operations, more pass a string of used instead of a and head when doing a HTTP request. This is useful to doing or another, more obscure, HTTP request.
Note: Do not do this before confirming your server support command.
The following options require a file description (obtained by using the fopen () function):
*curlopt_file: This file will be the output file where you put the transfer, and the default is stdout.
*curlopt_infile: This file is the input file you sent over.
*curlopt_writeheader: This file is written with the head part of your output.
*curlopt_stderr: This file is written with errors rather than STDERR.

Transfer data
------------------------------------------------------------------------------------------------

Copy Code code as follows:

<?php
$phoneNumber = ' 13912345678 ';
$message = ' This is generated by curl and PHP ';
$curlPost = ' pnumber= '. UrlEncode ($phoneNumber). ' &message= '.
UrlEncode ($message). ' &submit=send ';
$ch = Curl_init (); curl_setopt ($ch, Curlopt_url, ' http://www.example.com/sendSMS.php ');
curl_setopt ($ch, Curlopt_header, 1);
curl_setopt ($ch, Curlopt_returntransfer, 1);
curl_setopt ($ch, Curlopt_post, 1);
curl_setopt ($ch, Curlopt_postfields, $curlPost);
$data = Curl_exec ();
Curl_close ($ch);
?>

===========================================================================================
about proxy servers
--------------------------------------------------------------------------------------------

Copy Code code as follows:

<?php
$ch = Curl_init ();
curl_setopt ($ch, Curlopt_url, ' http://www.example.com ');
curl_setopt ($ch, Curlopt_header, 1);
curl_setopt ($ch, Curlopt_returntransfer, 1);
curl_setopt ($ch, Curlopt_httpproxytunnel, 1);
curl_setopt ($ch, Curlopt_proxy, ' fakeproxy.com:1080 ');
curl_setopt ($ch, curlopt_proxyuserpwd, ' User:password ');
$data = Curl_exec (); Curl_close ($ch);
?>

==============================================================================================
about SSL and cookies

As for SSL, the HTTPS protocol, you just have to turn the http://in the Curlopt_url connection into https://. Of course, there is also a parameter called Curlopt_ssl_verifyhost can be set to verify the site.
For cookies, you need to know the following three parameters:
Curlopt_cookie, set a COOKIE in your face-to-face session
Curlopt_cookiejar, save a cookie when the session ends
Curlopt_cookiefile,cookie's file.

HTTP Server Authentication
---------------------------------------------------------------------------------------------------------- ---------------------
<?php
$ch = Curl_init ();
curl_setopt ($ch, Curlopt_url, ' http://www.example.com ');
curl_setopt ($ch, Curlopt_returntransfer, 1);
curl_setopt ($ch, Curlopt_httpauth, Curlauth_basic);
curl_setopt (Curlopt_userpwd, ' [Username]:[password] ')
$data = Curl_exec ();
Curl_close ($ch);
?>
=====================================================================================

Get implementation of HTTP

Copy Code code as follows:

$ch = Curl_init (http://www.webjx.com/);
curl_setopt ($ch, Curlopt_returntransfer, true);
curl_setopt ($ch, Curlopt_binarytransfer, true);
$output = curl_exec ($ch);
$fh = fopen (out.html, \ ' w\ ');
Fwrite ($FH, $output);
Fclose ($FH);

Post implementation of HTTP

Copy Code code as follows:

Extract data from the post
Extract ($_post);
Set POST variables
$url = \ ' Http://www.webjx.com/get-post.php\ ';
$fields = Array (
\ ' lname\ ' =>urlencode ($last _name),
\ ' fname\ ' =>urlencode ($first _name),
\ ' title\ ' =>urlencode ($title),
\ ' company\ ' =>urlencode ($institution),
\ ' age\ ' =>urlencode ($age),
\ ' email\ ' =>urlencode ($email),
\ ' phone\ ' =>urlencode ($phone)
);
Url-ify the data for the POST
foreach ($fields as $key => $value) {$fields _string. = $key. \ ' =\ '. $value. \ ' &\ ';}
RTrim ($fields _string, \ ' &\ ');
Open connection
$ch = Curl_init ();
Set the URL, number of post VARs, post data
curl_setopt ($ch, Curlopt_url, $url);
curl_setopt ($ch, Curlopt_post, Count ($fields));
curl_setopt ($ch, Curlopt_postfields, $fields _string);
Execute post
$result = curl_exec ($ch);
Close connection
Curl_close ($ch);

Copy Code code as follows:

<?php
Set_time_limit (0);
@date_default_timezone_set (' Asia/shanghai ');
function Curlrequest ($url, $postfield, $proxy = "") {
$proxy =trim ($proxy);
$user _agent = "mozilla/4.0" (compatible; MSIE 6.0; Windows NT 5.1; SV1) ";
$ch = Curl_init (); Initialize Curl handle
if (!empty ($proxy)) {
curl_setopt ($ch, Curlopt_proxy, $proxy);/Set proxy server
}
curl_setopt ($ch, Curlopt_url, $url); Set the URL of the request
curl_setopt ($ch, Curlopt_failonerror, 1); Displays an HTTP status code when enabled, and the default behavior is to ignore HTTP information with a number less than or equal to 400
curl_setopt ($ch, curlopt_followlocation, 1);//When enabled, "Location:" returned by the server server is returned to the server recursively in the header
curl_setopt ($ch, curlopt_returntransfer,1);//set to True converts curl_exec () results to strings instead of direct output
curl_setopt ($ch, Curlopt_post, 1);/enable POST submit
curl_setopt ($ch, Curlopt_postfields, $postfield); Set the string for post submission
curl_setopt ($ch, Curlopt_port, 80); Set port
curl_setopt ($ch, Curlopt_timeout, 25); Timeout time
curl_setopt ($ch, curlopt_useragent, $user _agent);//http Request User-agent: Head
curl_setopt ($ch, curlopt_header,1);//set to True include header information in the output
$fp = fopen ("Example_homepage.txt", "w");//Output file
curl_setopt ($ch, Curlopt_file, $fp);//Set the location of the output file, the value is a resource type, and the default is stdout (browser).
curl_setopt ($ch, Curlopt_httpheader,array (
' ACCEPT-LANGUAGE:ZH-CN ',
' Connection:keep-alive ',
' Cache-control:no-cache '
)//Set HTTP header information
$document = curl_exec ($ch); Execute a predefined Curl
$info =curl_getinfo ($ch); Attributes that get the return information
Print_r ($info);
if ($info [http_code]== "405") {
echo "Bad proxy {$proxy}\n"; Agent Error
Exit
}
Curl_close ($ch);
return $document;
}
Request URL
$url = "http://example.cn/getInfo.php";
Post submit data, available HttpWatch view
$postfield = "Username=test&year=2008&password=123456&submit=ύ";
Proxy Server
$proxy = ';
Request
$str =curlrequest ($url, $postfield, $proxy);
Output results
Echo $str;

Copy Code code as follows:

<?php
function Request_by_socket ($remote _server, $remote _path, $post _string, $port =, $timeout = 30) {
$socket = Fsockopen ($remote _server, $port, $errno, $errstr, $timeout);
if (! $socket) Die ("$errstr ($errno)");
Fwrite ($socket, "POST $remote _path http/1.0\r\n");
Fwrite ($socket, "User-agent:socket example\r\n");
Fwrite ($socket, "HOST: $remote _server\r\n");
Fwrite ($socket, "content-type:application/x-www-form-urlencoded\r\n");
Fwrite ($socket, "Content-length:". strlen ($post _string) +8. " \ r \ n ");
Fwrite ($socket, "accept:*
function Request_by_curl ($remote _server, $post _string) {
$ch = Curl_init ();
curl_setopt ($ch, Curlopt_url, $remote _server);
curl_setopt ($ch, Curlopt_postfields, ' mypost= '. $post _string);
curl_setopt ($ch, curlopt_returntransfer,true);
curl_setopt ($ch, Curlopt_useragent, "Jimmy ' s Curl Example beta");
$data = curl_exec ($ch);
Curl_close ($ch);
return $data;
}
function Request_by_other ($remote _server, $post _string) {
$context = Array (
' HTTP ' =>array (
' Method ' => ' POST ',
' Header ' => ' content-type:application/x-www-form-urlencoded '. \ r \ n ".
' user-agent:jimmy\ ' s POST Example beta '. \ r \ n ".
' Content-length: strlen ($post _string) +8,
' Content ' => ' mypost= '. $post _string)
);
$stream _context = stream_context_create ($context);
$data = file_get_contents ($remote _server,false, $stream _context);
return $data;
}
?>