On the internet to find a lot of ways to forge client source IP with curl, almost all using the Curl function, and later verified that the use of this function is powerful, not only can forge the client source IP can also forge proxy IP Oh, let's look at the code below.
The general server obtains the customer IP to have three kinds of situation
1. In the case of a useless agent:
#http://www.bkjia.c0m
REMOTE_ADDR = Client IP
Http_via = Empty
Http_x_forwarded_for = Empty
2. In the case where the proxy is used and the proxy server has set up a forwarding client IP:
REMOTE_ADDR = Proxy Server IP
Http_via = Proxy Server IP
http_x_forwarded_for = Client IP
The Http_via and Http_x_forwarded_for values can be customized by adding header headers, which can then be used to hide the client IP, provided that the service
X_forwarded_for is enabled on the device side.
Test effect, server-side new PHP Program:
1.php request index.php.
1.php Code:
The code is as follows |
Copy Code |
$ch = Curl_init (); curl_setopt ($ch, Curlopt_url, "http://localhost/index.php"); curl_setopt ($ch, Curlopt_httpheader, Array (' x-forwarded-for:8.8.8.8 ', ' client-ip:8.8.8.8 ')); Constructing IP curl_setopt ($ch, Curlopt_referer, "http://www.bKjia.c0m/"); Construction route curl_setopt ($ch, Curlopt_header, 1); $out = curl_exec ($ch); Curl_close ($ch); |
The 2.php code is as follows:
|
copy code |
"!--? php function Getclientip () { if (!empty ($_server["HTTP_CLIENT_IP"])) $ip = $_server["Http_client_ip"]; Else if (!empty ($_server[) http_x_ Forwarded_for "])) $ip = $_server[" Http_x_forwarded_for "]; Else if (!empty ($_server[" REMOTE_ADDR "])) $ip = $ _server["REMOTE_ADDR"]; Else $ip = "err"; return $ip; } Echo "IP:". Getclientip (). ""; echo "Referer:". $_server["Http_referer"]; Echo "IP:". Getclientip (). ""; echo "Referer:". $_server["Http_referer"]; |
Forgery success, this is not to "brush ticket" friends to provide a very good scheme for IP change!!
Ha ha.
Results:
http/1.1 date:wed, APR 06:20:42 GMT server:apache/2.2.22 (Win32) php/5.3.13
x-powered-by:php/5.3.13 content-length:44 content-type:text/html
ip:8.8.8.8
referer:http://www.bkjia.c0m/
Here's a look at the Curl function
List of curl related functions:
curl_init-initialization of a curl session
curl_setopt-setting an option for a curl call
Curl_exec-performing a Curl session
curl_close-closing a Curl session
curl_version-returns the current Curl version
1>curl_init-initialization of a curl session
http://www.bkjia.com/PHPjc/633127.html www.bkjia.com true http://www.bkjia.com/PHPjc/633127.html techarticle on the Internet to find a lot of ways to forge client source IP with curl, almost all using the Curl function, and later verified that the use of this function is powerful, not only can forge the client source ...