php curl 偽造

來源:互聯網
上載者:User
http://www.yygh.net/index.php

直接表格提交,一直提示帳號不存在。應該後台需要驗證。


我想偽造Origin的來源。不知道這麼設定origin的來源

$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=34262619702200379&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
curl_setopt($ch, CURLOPT_POST, 1);//設定為POST方式
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields);

curl_setopt($ch, 這裡);

curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱
curl_setopt($ch, CURLOPT_URL, $this->url);


curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出

$this->content=curl_exec($ch);
curl_close($ch);


回複討論(解決方案)

print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));

Array
(
[0] => HTTP/1.1 200 OK
[1] => Date: Fri, 31 Oct 2014 00:41:47 GMT
[2] => Server: Apache/2.2.8 (Win32)
[3] => Set-Cookie: PHPSESSID=e5dadd27a2c2387e05c077ab1c0141e5; path=/
[4] => Expires: Thu, 19 Nov 1981 08:52:00 GMT
[5] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[6] => Pragma: no-cache
[7] => Set-Cookie: JamesID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
[8] => Set-Cookie: JamesUserID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
[9] => Set-Cookie: JamesLoginTime=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
[10] => Content-Length: 1073
[11] => Connection: close
[12] => Content-Type: text/html
)

你既不接收,也不發送他的 cookie,如何能成功?

print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));

Array
(
[0] => HTTP/1.1 200 OK
[1] => Date: Fri, 31 Oct 2014 00:41:47 GMT
[2] => Server: Apache/2.2.8 (Win32)
[3] => Set-Cookie: PHPSESSID=e5dadd27a2c2387e05c077ab1c0141e5; path=/
[4] => Expires: Thu, 19 Nov 1981 08:52:00 GMT
[5] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
[6] => Pragma: no-cache
[7] => Set-Cookie: JamesID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
[8] => Set-Cookie: JamesUserID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
[9] => Set-Cookie: JamesLoginTime=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
[10] => Content-Length: 1073
[11] => Connection: close
[12] => Content-Type: text/html
)

你既不接收,也不發送他的 cookie,如何能成功?




$cookie_file = dirname(__FILE__).'/cookie.txt';//$cookie_file = tempnam("tmp","cookie");//curl 只識別單引號字串$ch = curl_init(); //初始化$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";curl_setopt($ch, CURLOPT_COOKIEJAR,  $cookie_file); //儲存cookiescurl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: 'curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱curl_setopt($ch, CURLOPT_URL, $this->url);curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出 $this->content=curl_exec($ch); curl_close($ch);      $cookie_file = dirname(__FILE__).'/cookie.txt';//$cookie_file = tempnam("tmp","cookie");//curl 只識別單引號字串$ch = curl_init(); //初始化$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";$fields = 'actionpost=login&logintype=0&cardtype=1&userid=330724197712316212&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';curl_setopt($ch, CURLOPT_POST, 1);//設定為POST方式curl_setopt($ch, CURLOPT_POSTFIELDS,$fields); curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面擷取的cookiescurl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: 'curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱curl_setopt($ch, CURLOPT_URL, $this->url);curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出 $this->content=curl_exec($ch);  print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php')); curl_close($ch); echo $this->content;


用了cookie也不行。版主幫我看看是哪裡的問題

$cookie_file = dirname(__FILE__).'/cookie.txt';
//$cookie_file = tempnam("tmp","cookie");

//curl 只識別單引號字串
$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";


curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); //儲存cookies



curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱
curl_setopt($ch, CURLOPT_URL, $this->url);


curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出

$this->content=curl_exec($ch);
curl_close($ch);





$cookie_file = dirname(__FILE__).'/cookie.txt';
//$cookie_file = tempnam("tmp","cookie");

//curl 只識別單引號字串
$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=330724197712316212&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
curl_setopt($ch, CURLOPT_POST, 1);//設定為POST方式
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields);

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); //使用上面擷取的cookies



curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱
curl_setopt($ch, CURLOPT_URL, $this->url);


curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出

$this->content=curl_exec($ch);

print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));
curl_close($ch);
echo $this->content;

他有驗證碼,你是如何處理的?

他有驗證碼,你是如何處理的?




我需要輸入驗證碼。把它的驗證碼的路徑改為全路徑

 'login',    'logintype' => 0,    'cardtype' => 1,    'userid' => '330724197712316212',    'pwd' => '123qwe',    'validate' => $_POST['code'],    //cndm&imagesField.x=32&imageField.y=11';  );  curl_setopt($ch, CURLOPT_POST, 1);//設定為POST方式  curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);   curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面擷取的cookies  curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: '  curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱  curl_setopt($ch, CURLOPT_URL, $url);  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出  $content = curl_exec($ch);  curl_close($ch);  echo $content;  }

請核實使用者資訊的正確性

 'login',    'logintype' => 0,    'cardtype' => 1,    'userid' => '330724197712316212',    'pwd' => '123qwe',    'validate' => $_POST['code'],    //cndm&imagesField.x=32&imageField.y=11';  );  curl_setopt($ch, CURLOPT_POST, 1);//設定為POST方式  curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);   curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面擷取的cookies  curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //強制協議為1.0  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //頭部要送出'Expect: '  curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //強制使用IPV4協議解析網域名稱  curl_setopt($ch, CURLOPT_URL, $url);  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字串,而非直接輸出  $content = curl_exec($ch);  curl_close($ch);  echo $content;  }

請核實使用者資訊的正確性




最後一句話提醒我了原來是cardtype 寫錯了 card_type..
這什麼嘛、搞了一天。。。
最後謝謝版主
  • 聯繫我們

    該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

    如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.