Home > Article > Backend Development > php采用curl实现伪造IP来源的方法_PHP

php采用curl实现伪造IP来源的方法_PHP

WBOYOriginal: 2016-05-31 19:27:26928browse

本文实例讲述了php采用curl实现伪造IP来源的方法。可以实现伪造IP来源, 伪造域名, 伪造用户信息，分享给大家供大家参考。具体实现方法如下：

定义伪造用户浏览器信息HTTP_USER_AGENT

代码如下:

$binfo =array('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)','Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; Alexa Toolbar)','Mozilla/4.0(compatible; MSIE 6.0; Windows NT 5.1; SV1)',$_SERVER['HTTP_USER_AGENT']);
//123.125.68.*
//125.90.88.*

定义伪造IP来源段，这里我找的是百度的IP地址

代码如下:

$cip = '123.125.68.'.mt_rand(0,254);
$xip = '125.90.88.'.mt_rand(0,254);
$header = array(
'CLIENT-IP:'.$cip,
'X-FORWARDED-FOR:'.$xip,
);

利用curl开始向服务器发送伪造信息

代码如下:

function getimgs( $url,$userinfo,$header)
{
$ch = curl_init();
$timeout = 5;
curl_setopt ($ch, CURLOPT_URL, "$url");
curl_setopt ($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt ($ch, CURLOPT_REFERER, "http://www.baidu.com/");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, "$userinfo");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$contents = curl_exec($ch);
curl_close($ch);
return $contents;
}

获取到数据我们再保存

代码如下:

function saveimgs( $handle )
{
$fp = fopen('a.jpg',"w");
fwrite($fp,$handle);
unset($fp);
unset($handle);
}

测试伪造IP实例

代码如下:

$url ='http://www.bitsCN.com/images/logo.gif';
$u = $binfo[mt_rand(0,3)];
saveimgs(getimgs($url,$u,$header));

这样就在你当前目录保存成功了一个文件a.jpg文件，我现可以查看服务器日志是不是我们自定的用户信息呢

192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET /test.php HTTP/1.1" 200 1244 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)"
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET / HTTP/1.1" 200 40538 "http://www.baidu.com/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; Alexa Toolbar)"
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET /test.php HTTP/1.1" 200 1244 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)"
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET / HTTP/1.1" 200 40538 "http://www.baidu.com/" "Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0"

看出来了吧，完全正确啊，只是IP地址我怎么没测试出来，这个使用php获取ip地址时就会显示我伪造IP地址了。

希望本文所述对大家的PHP程序设计有所帮助。

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：php中ob_get_length缓冲与获取缓冲长度实例_PHPNext article：ThinkPHP处理Ajax返回的方法_PHP

See more

php采用curl实现伪造IP来源的方法_PHP

Related articles