Heim >Backend-Entwicklung >PHP-Tutorial >php curl 伪造
http://www.yygh.net/index.php
直接表格提交,一直提示账号不存在。应该后台需要验证。
我想伪造Origin的来源。不知道这么设置origin的来源
$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=34262619702200379&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields);
curl_setopt($ch, 这里);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出
$this->content=curl_exec($ch);
curl_close($ch);
print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));
print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));
$cookie_file = dirname(__FILE__).'/cookie.txt'; //$cookie_file = tempnam("tmp","cookie"); //curl 只识别单引号字符串 $ch = curl_init(); //初始化 $this->url = "http://www.yygh.net/usercenter/userinfo_action.php"; curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); //存储cookies curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0 curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: ' curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名 curl_setopt($ch, CURLOPT_URL, $this->url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出 $this->content=curl_exec($ch); curl_close($ch); $cookie_file = dirname(__FILE__).'/cookie.txt'; //$cookie_file = tempnam("tmp","cookie"); //curl 只识别单引号字符串 $ch = curl_init(); //初始化 $this->url = "http://www.yygh.net/usercenter/userinfo_action.php";$fields = 'actionpost=login&logintype=0&cardtype=1&userid=330724197712316212&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11'; curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式 curl_setopt($ch, CURLOPT_POSTFIELDS,$fields); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); //使用上面获取的cookies curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0 curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: ' curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名 curl_setopt($ch, CURLOPT_URL, $this->url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出 $this->content=curl_exec($ch); print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php')); curl_close($ch); echo $this->content;
$cookie_file = dirname(__FILE__).'/cookie.txt';
//$cookie_file = tempnam("tmp","cookie");
//curl 只识别单引号字符串
$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); //存储cookies
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出
$this->content=curl_exec($ch);
curl_close($ch);
$cookie_file = dirname(__FILE__).'/cookie.txt';
//$cookie_file = tempnam("tmp","cookie");
//curl 只识别单引号字符串
$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=330724197712316212&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); //使用上面获取的cookies
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出
$this->content=curl_exec($ch);
print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));
curl_close($ch);
echo $this->content;
他有验证码,你是如何处理的?
他有验证码,你是如何处理的?
<?php$cookie_file = dirname(__FILE__).'/cookie.txt';if(isset($_GET['verification'])) { $url = 'http://www.yygh.net/include/validateimg.php?' . rand(); $ch = curl_init(); //初始化 curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); curl_setopt($ch, CURLOPT_URL, $url); curl_exec($ch); curl_close($ch); exit;}if(! $_POST) { $url = "http://www.yygh.net/usercenter/userinfo_action.php"; $ch = curl_init(); //初始化 curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); //存储cookies curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0 curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: ' curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名 curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出 $content = curl_exec($ch); curl_close($ch);echo <<< HTML<form method=post><img src='?verification=1' alt="php curl 伪造" ><input type=text name=code><input type=submit value=ok></form>HTML; exit;}else { $ch = curl_init(); //初始化 $url = "http://www.yygh.net/usercenter/userinfo_action.php"; $fields = array( 'actionpost' => 'login', 'logintype' => 0, 'cardtype' => 1, 'userid' => '330724197712316212', 'pwd' => '123qwe', 'validate' => $_POST['code'], //cndm&imagesField.x=32&imageField.y=11'; ); curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); //使用上面获取的cookies curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0 curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: ' curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名 curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出 $content = curl_exec($ch); curl_close($ch); echo $content; }
<?php$cookie_file = dirname(__FILE__).'/cookie.txt';if(isset($_GET['verification'])) { $url = 'http://www.yygh.net/include/validateimg.php?' . rand(); $ch = curl_init(); //初始化 curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); curl_setopt($ch, CURLOPT_URL, $url); curl_exec($ch); curl_close($ch); exit;}if(! $_POST) { $url = "http://www.yygh.net/usercenter/userinfo_action.php"; $ch = curl_init(); //初始化 curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); //存储cookies curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0 curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: ' curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名 curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出 $content = curl_exec($ch); curl_close($ch);echo <<< HTML<form method=post><img src='?verification=1' alt="php curl 伪造" ><input type=text name=code><input type=submit value=ok></form>HTML; exit;}else { $ch = curl_init(); //初始化 $url = "http://www.yygh.net/usercenter/userinfo_action.php"; $fields = array( 'actionpost' => 'login', 'logintype' => 0, 'cardtype' => 1, 'userid' => '330724197712316212', 'pwd' => '123qwe', 'validate' => $_POST['code'], //cndm&imagesField.x=32&imageField.y=11'; ); curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); //使用上面获取的cookies curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0 curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: ' curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名 curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出 $content = curl_exec($ch); curl_close($ch); echo $content; }