PHP Curl with Csrf-token Validation simulation submission method

This article mainly introduces the detailed PHP curl with Csrf-token Verification simulation submission method, now share to everyone, but also for everyone to make a reference. Let's take a look at it with a little knitting.

Typically, a random token value is added to the form to prevent CSRF attacks for security.

It's not hard to impersonate a website that has token verification.

1. Get tokens through regular
2. Bring the token simulation submission on the Get

Here is an example of success

Directory structure

│form.php– a form that needs to be simulated │getform.php– simulation submitter │post.php– Form Validator │└─cookie–cookie Store directory

getform.php

<?php$cookie_file = './cookie/'. Time (). Cookies '; $str = GetResponse (' http://a.curl.com:81/form.php ', [], $cookie _file); Setcookie ("Phpsessid", " vc0heoa6lfsi3gger54pkns152 ");p reg_match ('/<input name=" token "type=" hidden "value=" (. *) "/U", $str, $match); $post [' token '] = $match [1]; $post [' name '] = ' 3333333 '; $post [' password '] = ' 12121213 ';p rint_r (GetResponse (' http:// A.curl.com:81/post.php ', $post, $cookie _file)), function GetResponse ($url, $data =[], $cookie _file= ", $timeout = 3) {i    F (Empty ($cookie _file)) {$cookie _file = '. Cookie ';    } $ch = Curl_init ();    curl_setopt ($ch, Curlopt_url, $url);  curl_setopt ($ch, Curlopt_referer, "https://www.baidu.com"); Construct the routing curl_setopt ($ch, Curlopt_useragent, "mozilla/5.0 (Windows NT 10.0; Win64;    x64) applewebkit/537.36 (khtml, like Gecko) chrome/54.0.2840.59 safari/537.36 ");      if (!empty ($data)) {curl_setopt ($ch, Curlopt_post, true);    curl_setopt ($ch, Curlopt_postfields, $data); } curl_setopt ($ch, Curlopt_cookieJAR, $cookie _file);//The parameter to take the cookie is curl_setopt ($ch, Curlopt_cookiefile, $cookie _file);    Send Cookie curl_setopt ($ch, Curlopt_returntransfer, 1);    curl_setopt ($ch, Curlopt_connecttimeout, $timeout);       try {$handles = curl_exec ($ch);       Curl_close ($ch);    return $handles;    } catch (Exception $e) {echo ' Caught Exception: ', $e->getmessage (), "\ n";  } unlink ($cookie _file); }

form.php

<?phpsession_start (); $_session[' token '] = MD5 ($_server[' request_time ')); $_session[' time ' = Date ("y-m-d h:i:s"); Session_write_close ();//echo $_session[' auth '];? ><! DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 transitional//en" "Http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd ">

post.php


<?phpsession_start (), if (Empty ($_post[' token ')) {  exit ("token is empty!");} if (Empty ($_session[' token ')) {exit ("SESSION is Empty");} if ($_post[' token ']! = $_session[' token ') {  exit ("token");} else{  unset ($_session[' token ');} echo Php_eol;echo "Pass";p Rint_r ($_request); Echo Php_eol;print_r ($_server);