Home > Article > Backend Development > PHP uses Curl to forge client source IP_PHP tutorial
PHP uses Curl to forge client source IP_PHP tutorial
- WBOYOriginal
- 2016-07-13 10:44:001179browse
I found many ways to use Curl to forge the client source IP on the Internet. Almost all of them used the curl function. Later, I verified the results of using this function. It is powerful. It can not only forge the client source IP but also the proxy IP. Let’s take a look at the code below.
Generally, there are three situations in which a server obtains a client’s IP
1. Without proxy:
#http://www.bKjia.c0m
REMOTE_ADDR=Customer IP
HTTP_VIA = empty
HTTP_X_FORWARDED_FOR = empty
2. When using a proxy and the proxy server is set to forward the client IP:
REMOTE_ADDR = proxy server IP
HTTP_VIA = proxy server IP
HTTP_X_FORWARDED_FOR = Customer IP
HTTP_VIA and HTTP_X_FORWARDED_FOR values can be customized by adding Header headers, and then the client IP can be hidden through this, provided that the service
X_FORWARDED_FOR is enabled on the server side.
To test the effect, create a new PHP program on the server side:
1.php requests index.php.
1.php code:
The code is as follows
| Copy code
| ||||
| 代码如下 | 复制代码 | ||||
|
function getClientIp() { echo "IP: " . getClientIp() . ""; echo "IP: " . getClientIp() . ""; |
|||||
curl_setopt($ch, CURLOPT_URL, "http://localhost/index.php");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8'));
//Construct IP
curl_setopt($ch, CURLOPT_REFERER, "http://www.bKjia.c0m/ "); //Construction origin
$out = curl_exec($ch);
curl_close($ch);
2.php code is as follows:
| The code is as follows | Copy code |
|
function getClientIp() { If (!empty($_SERVER["HTTP_CLIENT_IP"])) $ip = $_SERVER["HTTP_CLIENT_IP"]; |
else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))|
else
The forgery is successful. Does this provide a good IP-changing solution for friends who "fake tickets"? ! Ha ha.