$msg.="Client-IP:
202.101.201.11/r/n";
$msg.="X-Forwarded-For: 202.101.201.11/r/n";
//主要是這裡來構造IP
$msg.="Connection: Close/r/n/r/n";
fputs ($fp,
$msg);
while (!feof($fp)) {
echo fgets ($fp,1024);
}
fclose
($fp);
}
?>
HTTP-REFERER這個變數已經越來越不可靠了,完全就是可以偽造出來的東東。
以下是偽造方法:
PHP(前提是裝了curl):
PHP代碼
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, "http://www.dc9.cn/xxx.asp
");
curl_setopt ($ch, CURLOPT_REFERER, "http://www.dc9.cn/
");
curl_exec ($ch);
curl_close ($ch);
PHP(不裝curl用sock)
PHP代碼
$server = 'www.dc9.cn';
$host = 'www.dc9.cn';
$target = '/xxx.asp';
$referer =
'http://www.dc9.cn/'; // Referer
$port = 80;
$fp = fsockopen($server,
$port, $errno, $errstr, 30);
if (!$fp)
{
echo "$errstr
($errno)<br />/n";
}
else
{
$out = "GET $target
HTTP/1.1/r/n";
$out .= "Host: $host/r/n";
$out .= "Cookie:
ASPSESSIONIDSQTBQSDA=DFCAPKLBBFICDAFMHNKIGKEG/r/n";
$out .= "Referer:
$referer/r/n";
$out .= "Connection: Close/r/n/r/n";
fwrite($fp, $out);
while (!feof($fp))
{
echo fgets($fp, 128);
}
fclose($fp);
}
IP也可以偽造
$fp = fsockopen ("192.168.0.128", 80, $errno, $errstr, 30);
if (!$fp)
{
echo "$errstr ($errno)<br>/n";
} else {
$msg="GET /003.php
HTTP/1.0/r/n";
$msg.="Host: 192.168.0.128/r/n";
$msg.="Referer: http://www.baidu.com/r/n
";
$msg.="Client-IP: 1.1.1.1/r/n";
$msg.="X-Forwarded-For: 1.1.1.1/r/n";
//主要是這裡來構造IP
$msg.="Connection: Close/r/n/r/n";
fputs ($fp,
$msg);
while (!feof($fp)) {
echo fgets ($fp,1024);
}
fclose
($fp);
}
記住用fsockopen時,命令最後一定要有/r/n/r/n,不然會逾時。
其實這個可以用$_SERVER['REMOTE_ADDR']來得到正確IP,但是人們為了得到代理訪問IP,而採用的得到IP的方法往往不是$_SERVER['REMOTE_ADDR'],這就為我們提供了機會。
注意以上在現實中用處不是很大,因為這好像對第三方統計沒有用,而現在都是用的第三方統計。
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
