Home  >  Article  >  Backend Development  >  php curl fake IP and origin

php curl fake IP and origin

WBOY
WBOYOriginal
2016-07-25 08:54:321070browse
  1. $headers['CLIENT-IP'] = '202.103.229.40';
  2. $headers['X-FORWARDED-FOR'] = '202.103.229.40';
  3. $headerArr = array();
  4. foreach( $headers as $n => $v ) {
  5. $headerArr[] = $n .':' . $v;
  6. }
  7. ob_start();
  8. $ch = curl_init();
  9. curl_setopt ($ch, CURLOPT_URL, "http://localhost/curl/server.php");
  10. curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //构造IP
  11. curl_setopt ($ch, CURLOPT_REFERER, "http://bbs.it-home.org/ "); //构造来路
  12. curl_setopt( $ch, CURLOPT_HEADER, 1);
  13. curl_exec($ch);
  14. curl_close ($ch);
  15. $out = ob_get_contents();
  16. ob_clean();
  17. echo $out;
  18. ?>
复制代码

2,curl伪造IP和来路 服务端 server.php

  1. function GetIP(){
  2. if(!empty($_SERVER["HTTP_CLIENT_IP"]))
  3. $cip = $_SERVER["HTTP_CLIENT_IP"];
  4. else if(!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
  5. $cip = $_SERVER["HTTP_X_FORWARDED_FOR"];
  6. else if(!empty($_SERVER["REMOTE_ADDR"]))
  7. $cip = $_SERVER["REMOTE_ADDR"];
  8. else
  9. $cip = "无法获取!";
  10. return $cip;
  11. }
  12. echo "
    访问IP: ".GetIP()."
    ";
  13. echo "
    访问来路: ".$_SERVER["HTTP_REFERER"];
  14. ?>
复制代码

补充:$_SERVER['REMOTE_ADDR']无法伪造。



Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn