How to use PHP to forge Referer to break the network to prohibit external connection

This article mainly introduces about how to use PHP to forge Referer break out of the network to prohibit external connection, has a certain reference value, now share to everyone, the need for friends can refer to

The general domestic network for the control of traffic, will be banned in the network of files outside the chain. The link to the file in the DOT network will generally go to a dedicated download page, which must be downloaded from this page.

Like the papers I put on the nano-disk, Http://img.namipan.com/downfile/da333ee178bdad6531d1ec1540cf86277c116b6300887600/02.Paid%20In%20Full.mp3.

This address can not be downloaded directly or played in the Web Player, click the download to go to a download page. To be able to download this file directly or to play this file, it is necessary to forge Referfer, deceive the server, Referfer is a link from the nano-disk.

The first approach is to use PHP's built-in function stream_context_create.

The code is as follows:

function Referfile ($url, $refer = ") {$opt =array (' http ' =>array (' header ' = ' = ' Referer: $refer")); $context =STREAM_ Context_create ($opt); Return file_get_contents ($url, False, $context); }

But this code has a drawback, file_get_contents in fact, the other server's file read to their own server and then sent to the browser, not only to increase their own server pressure, and download reaction speed is very slow, this is not a good solution.

Later read the manual, both to alleviate their own server pressure, but also to confuse the other server. Modify the Referfer information in the header.

The revised code is as follows:

<?php $url = "img.namipan.com/downfile/da333ee178bdad6531d1ec1540cf86277c116b6300887600/02.paid%20in% 20full.mp3 ";//the URL here to filter out http://$urlarr =explode ("/", $url); $domain = $urlarr [0];//decomposes the domain name $getfile =str_replace ($urlarr [0], ", $url); $content = @fsockopen ("$domain", $errno, $errstr, 12);//Connect to the other server first if (! $content) {//cannot be linked on the prompt error message die ("Sorry, unable to connect on $ Domain. "); } Fputs ($content, "GET $getfile http/1.0\r\n"); Fputs ($content, "Host: $domain \ r \ n"); Fputs ($content, "Referer: $domain \ r \ n");//Forge Referfer fputs ($content, "user-agent:mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \r\n\r\n "); while (!feof ($content)) {$tp. =fgets ($content, 128); Read the header information, it will contain: Location:http://xxx/xxx.mp3, we want this address. } $arr =explode ("\ n", $TP); $arr 1=explode ("Location:", $TP); $arr 2=explode ("\ n", $arr 1[1]);//Break Out location: The back address header (' content-type:application/force-download '); Header ("Location:". $arr 2[0]); Fclose ($content);

OK, the purpose is achieved.

This is the original address: Http://img.namipan.com/downfile/3a7c64518d46d986283eab73175a8b119305a76480b89200/Equilibrium-Turis_ Fratyr-02-wingthors_hammer.mp3

After conversion:
Http://mms.music.krmcn.com/mms.music/namipan/img~~/3a7c64518d46d986283eab73175a8b119305a76480b89200/ Equilibrium-turis_fratyr-02-wingthors_hammer.mp3

A second implementation code is attached:

The most primitive cracked Web disk limit outside the chain of PHP code, if you want to learn to study can continue to see, if you want to take the code directly with the need to improve, this code is only for reference learning.

Create a new file file.php. The next parameter is the target address of the referfer that needs to be forged. such as: File.php/http://www.xxx.xxx/xxx.mp3

<? $url =str_replace ('/file.php/', ' ', $_server[' Request_uri "]);//Get the URL that needs to be converted. Here I am lazy, do not do safety testing, need to add themselves to $downfile =str_replace ("", "%20", $url);//replace spaces, etc., can be replaced according to the actual situation $downfile =str_replace ("http:/ /"," ", $downfile),//Remove http://$urlarr =explode ("/", $downfile), or"/"to break out the domain name $domain = $urlarr [0];//domain name $getfile =str_ Replace ($urlarr [0], ', $downfile);//Get part of the header $content = @fsockopen ("$domain", $errno, $errstr, 12);//Connect the target host if (! $content) {//link not on the prompt error die ("Sorry, unable to connect on the $domain. "); } Fputs ($content, "GET $getfile http/1.0\r\n"); Fputs ($content, "Host: $domain \ r \ n"); Fputs ($content, "Referer: $domain \ r \ n");//Forged part fputs ($content, "user-agent:mozilla/4.0" (compatible; MSIE 6.0; Windows NT 5.1) \r\n\r\n "); while (!feof ($content)) {$tp. =fgets ($content), if (Strstr ($TP, "OK") {//here is a description. The first line of the header is typically the state of the requested file. Please refer to the HTTP 1.1 status code and its meaning hi.baidu.com/110911/blog/item/21f20d2475af812ed50742c5.html here is the normal file request status, just a direct turn on it. Continuation program header for other states ("Location: $url"); Die (); }}//302 steering, most of the anti-theft chain system is first to judge the Referfer, and then turn to the realAddress. Here's how to get the real address. $arr =explode ("\ n", $TP); $arr 1=explode ("Location:", $TP);//Break out the real-time address at the back of the locations $arr 2=explode ("\ n", $arr 1[1]); Header (' content-type:application/force-download ');//Force Download header ("Location:". $arr 2[0]);//turn to target address die ();?>

115 network disk picture chain test (not I do): Original address: http://u.115.com/file/f3b7c9046
Outside the chain address: http://115.pp.ru/f3b7c9046/02.jpg

115 grid outer chain Test 2 (also not I do): http://gg.org.ru/115.php/Extract Code/XXX

The above is the whole content of this article, I hope that everyone's learning has helped, more relevant content please pay attention to topic.alibabacloud.com!