PHP使用curl偽造IP地址和header資訊

最後更新：2016-07-25 來源：互聯網

上載者：User

創建阿里雲帳戶，並獲得超過 40 款產品的免費試用版；而企業帳戶則可以享有總值 $1200 的免費試用版。立即註冊！

curl雖然功能強大，但是只能偽造$_SERVER["HTTP_X_FORWARDED_FOR"]，對於大多數IP地址檢測程式來說，$_SERVER["REMOTE_ADDR"]很難被偽造：

首先是client.php的代碼

01	$headers['CLIENT-IP'] = '202.103.229.40';

02	$headers['X-FORWARDED-FOR'] = '202.103.229.40';

04	$headerArr = array();

05	foreach( $headers as $n => $v ) {

06	$headerArr[] = $n .':' . $v;

}

09	ob_start();

10	$ch = curl_init();

11	curl_setopt ($ch, CURLOPT_URL, "http://localhost/curl/server.php");

12	curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //構造IP

13	curl_setopt ($ch, CURLOPT_REFERER, "http://www.163.com/ "); //構造來路

14	curl_setopt( $ch, CURLOPT_HEADER, 1);

16	curl_exec($ch);

17	curl_close ($ch);

18	$out = ob_get_contents();

19	ob_clean();

21	echo $out;

然後是server.php

01	function GetIP(){

02	if(!emptyempty($_SERVER["HTTP_CLIENT_IP"]))

03	$cip = $_SERVER["HTTP_CLIENT_IP"];

04	else if(!emptyempty($_SERVER["HTTP_X_FORWARDED_FOR"]))

05	$cip = $_SERVER["HTTP_X_FORWARDED_FOR"];

06	else if(!emptyempty($_SERVER["REMOTE_ADDR"]))

07	$cip = $_SERVER["REMOTE_ADDR"];

else

09	$cip = "無法擷取！";

10	return $cip;

}

12	echo " 訪問IP: ".GetIP()." ";

13	echo " 訪問來路: ".$_SERVER["HTTP_REFERER"];

curl, PHP, header



本文章原先以中文撰寫並發佈於 aliyun.com，亦設英文版本，僅作資訊用途。本網站不對文章的準確性，完整性或可靠性或其任何翻譯作出任何明示或暗示的陳述或保證。如對該文章有任何疑慮或投訴，請傳送電郵至 info-contact@alibabacloud.com 並提供相關疑慮或投訴的詳細說明。職員會於 5 個工作天內與您聯絡，一經驗證之後，即會刪除該侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

PHP使用curl偽造IP地址和header資訊

聯繫我們

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support