php中fsockopen模仿post与get详解
- WBOYOriginal
- 2016-05-25 16:39:55978browse
在php中fsockopen函数可以模仿用户去访问一些网站并且还可以带一些常用的信息,如果浏览器,IP,post,get 等等数据,下面我分别一来给大家介绍介绍.
如果你要使用fsockopen函数我们必须在php.ini中把allow_url_fopen = On 设置为开启状态.
例,fsockopen() Example,代码如下:
<?php
$fp = fsockopen("www.phprm.com", 80, $errno, $errstr, 30);
if (!$fp) {
echo "$errstr ($errno)<br />n";
} else {
$out = "GET / HTTP/1.1rn";
$out.= "Host: www.example.comrn";
$out.= "Connection: Closernrn";
fwrite($fp, $out);
while (!feof($fp)) {
echo fgets($fp, 128);
}
fclose($fp);
}
?>伪造post,POST HTTP请求(URL)并获取返回值,代码如下:
<?php
$srv_ip = '192.168.1.5'; //你的目标服务地址.
$srv_port = 80; //端口
$url = 'http://localhost/fsock.php'; //接收你post的URL具体地址
$fp = '';
$errno = 0; //错误处理
$errstr = ''; //错误处理
$timeout = 10; //多久没有连上就中断
$post_str = "username=demo&password=hahaha"; //要提交的内容.
//打开网络的 Socket 链接。
$fp = fsockopen($srv_ip, $srv_port, $errno, $errstr, $timeout);
if (!$fp) {
echo ('fp fail');
}
$content_length = strlen($post_str);
$post_header = "POST $url HTTP/1.1rn";
$post_header.= "Content-Type: application/x-www-form-urlencodedrn";
$post_header.= "User-Agent: MSIErn";
$post_header.= "Host: " . $srv_ip . "rn";
$post_header.= "Content-Length: " . $content_length . "rn";
$post_header.= "Connection: closernrn";
$post_header.= $post_str . "rnrn";
fwrite($fp, $post_header);
$inheader = 1;
while (!feof($fp)) { //测试文件指针是否到了文件结束的位置
$line = fgets($fp, 1024);
//去掉请求包的头信息
if ($inheader && ($line == "n" || $line == "rn")) {
$inheader = 0;
}
if ($inheader == 0) {
echo $line;
}
}
fclose($fp);
unset($line);
?>简要说明:代码第二行是你的IP地址或域名,第四行是你要POST的页面的具体地址,本例用的是fsock.php,fsock.php内容如下:
<?php echo "username:" . $_POST['username'] . "<br/>"; echo "password:" . $_POST['password']; ?>
//结果为: username:demo password:hahaha
伪造get,同时伪造post,get方法,代码如下:
<?php
//fsocket模拟post提交
$purl = "http://localhost/netphp/test2.php?uu=rrrrrrrrrrrr";
print_r(parse_url($url));
sock_post($purl, "uu=55555555555555555");
//fsocket模拟get提交
function sock_get($url, $query) {
$info = parse_url($url);
$fp = fsockopen($info["host"], 80, $errno, $errstr, 3);
$head = "GET " . $info['path'] . "?" . $info["query"] . " HTTP/1.0rn";
$head.= "Host: " . $info['host'] . "rn";
$head.= "rn";
$write = fputs($fp, $head);
while (!feof($fp)) {
$line = fread($fp, 4096);
echo $line;
}
}
sock_post($purl, "uu=rrrrrrrrrrrrrrrr");
function sock_post($url, $query) {
$info = parse_url($url);
$fp = fsockopen($info["host"], 80, $errno, $errstr, 3);
$head = "POST " . $info['path'] . "?" . $info["query"] . " HTTP/1.0rn";
$head.= "Host: " . $info['host'] . "rn";
$head.= "Referer: http://" . $info['host'] . $info['path'] . "rn";
$head.= "Content-type: application/x-www-form-urlencodedrn";
$head.= "Content-Length: " . strlen(trim($query)) . "rn";
$head.= "rn";
$head.= trim($query);
$write = fputs($fp, $head);
while (!feof($fp)) {
$line = fread($fp, 4096);
echo $line;
}
}
?>Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP错误处理方法总结 Next article:php QQ第三方登陆SDK程序代码