From external users using xS BLOG
I will not say much about the purpose of forging X-Forwarded-. When the GPC is ON,
All the dishes are closed after injection. In PHP5, GPC is enabled by default. However, GPC has no effect on $ _ SERVER,
Therefore, you can forge $ _ SERVER to inject data.
The following code is available in IP. php:
<?
Function GetIP (){
If (getenv ("HTTP_CLIENT_IP ")){
Echo "getenvHTTP_CLIENT_IP ";
$ Ip = getenv ("HTTP_CLIENT_IP ");
} Else if (getenv ("HTTP_X_FORWARDED_FOR "))
{
$ Ip = getenv ("HTTP_X_FORWARDED_FOR ");
Echo "getenvHTTP_X_FORWARDED_FOR ";
Echo "<br> you are right ";
} Else if (getenv ("REMOTE_ADDR ")){
Echo "getenvREMOTE_ADDR ";
$ Ip = getenv ("REMOTE_ADDR ");
} Else {
Echo "unknow ";
$ Ip = "Unknown ";
}
Return $ ip;
}
Echo GetIp ();
?>
1. When you directly access IP. PHP, getenvREMOTE_ADDR127.0.0.1 is returned.
2. Submit with NC:
GET/1. php HTTP/1.1
Accept :*/*
Referer: http: // localhost/
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;. net clr 2.0.50727; MAXTHON 2.0)
Host: localhost
Connection: Keep-Alive
Cache-Control: no-cache
X-Forwarded-For: 127.0.0.2
Cookie: rtime = 0; ltime = 1269249140109; cnzz_eid = 64110124-1269242429-; language = zh-cn; PHPSESSID = ae9b14609808b4ff4c5811ad1943c529
GetenvHTTP_X_FORWARDED_FOR127.0.0.2 is returned.
X-Forwarded-For is forged successfully.
To improve the security of the program, it is not a problem that can be solved by GPC. You must improve the filtering mechanism of the program because any parameter submission is harmful!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
