Maison >php教程 >php手册 >php中fsockopen模仿post与get详解

php中fsockopen模仿post与get详解

WBOY
WBOYoriginal
2016-05-25 16:39:551011parcourir

在php中fsockopen函数可以模仿用户去访问一些网站并且还可以带一些常用的信息,如果浏览器,IP,post,get 等等数据,下面我分别一来给大家介绍介绍.

如果你要使用fsockopen函数我们必须在php.ini中把allow_url_fopen = On 设置为开启状态.

例,fsockopen() Example,代码如下:

<?php
$fp = fsockopen("www.phprm.com", 80, $errno, $errstr, 30);
if (!$fp) {
    echo "$errstr ($errno)<br />n";
} else {
    $out = "GET / HTTP/1.1rn";
    $out.= "Host: www.example.comrn";
    $out.= "Connection: Closernrn";
    fwrite($fp, $out);
    while (!feof($fp)) {
        echo fgets($fp, 128);
    }
    fclose($fp);
}
?>

伪造post,POST HTTP请求(URL)并获取返回值,代码如下:

<?php
$srv_ip = &#39;192.168.1.5&#39;; //你的目标服务地址.
$srv_port = 80; //端口
$url = &#39;http://localhost/fsock.php&#39;; //接收你post的URL具体地址
$fp = &#39;&#39;;
$errno = 0; //错误处理
$errstr = &#39;&#39;; //错误处理
$timeout = 10; //多久没有连上就中断
$post_str = "username=demo&password=hahaha"; //要提交的内容.
//打开网络的 Socket 链接。
$fp = fsockopen($srv_ip, $srv_port, $errno, $errstr, $timeout);
if (!$fp) {
    echo (&#39;fp fail&#39;);
}
$content_length = strlen($post_str);
$post_header = "POST $url HTTP/1.1rn";
$post_header.= "Content-Type: application/x-www-form-urlencodedrn";
$post_header.= "User-Agent: MSIErn";
$post_header.= "Host: " . $srv_ip . "rn";
$post_header.= "Content-Length: " . $content_length . "rn";
$post_header.= "Connection: closernrn";
$post_header.= $post_str . "rnrn";
fwrite($fp, $post_header);
$inheader = 1;
while (!feof($fp)) { //测试文件指针是否到了文件结束的位置
    $line = fgets($fp, 1024);
    //去掉请求包的头信息
    if ($inheader && ($line == "n" || $line == "rn")) {
        $inheader = 0;
    }
    if ($inheader == 0) {
        echo $line;
    }
}
fclose($fp);
unset($line);
?>

简要说明:代码第二行是你的IP地址或域名,第四行是你要POST的页面的具体地址,本例用的是fsock.php,fsock.php内容如下:

<?php
echo "username:" . $_POST[&#39;username&#39;] . "<br/>";
echo "password:" . $_POST[&#39;password&#39;];
?>
//结果为: 
username:demo 
password:hahaha

伪造get,同时伪造post,get方法,代码如下:

<?php
//fsocket模拟post提交
$purl = "http://localhost/netphp/test2.php?uu=rrrrrrrrrrrr";
print_r(parse_url($url));
sock_post($purl, "uu=55555555555555555");
//fsocket模拟get提交
function sock_get($url, $query) {
    $info = parse_url($url);
    $fp = fsockopen($info["host"], 80, $errno, $errstr, 3);
    $head = "GET " . $info[&#39;path&#39;] . "?" . $info["query"] . " HTTP/1.0rn";
    $head.= "Host: " . $info[&#39;host&#39;] . "rn";
    $head.= "rn";
    $write = fputs($fp, $head);
    while (!feof($fp)) {
        $line = fread($fp, 4096);
        echo $line;
    }
}
sock_post($purl, "uu=rrrrrrrrrrrrrrrr");
function sock_post($url, $query) {
    $info = parse_url($url);
    $fp = fsockopen($info["host"], 80, $errno, $errstr, 3);
    $head = "POST " . $info[&#39;path&#39;] . "?" . $info["query"] . " HTTP/1.0rn";
    $head.= "Host: " . $info[&#39;host&#39;] . "rn";
    $head.= "Referer: http://" . $info[&#39;host&#39;] . $info[&#39;path&#39;] . "rn";
    $head.= "Content-type: application/x-www-form-urlencodedrn";
    $head.= "Content-Length: " . strlen(trim($query)) . "rn";
    $head.= "rn";
    $head.= trim($query);
    $write = fputs($fp, $head);
    while (!feof($fp)) {
        $line = fread($fp, 4096);
        echo $line;
    }
}
?>


Déclaration:
Le contenu de cet article est volontairement contribué par les internautes et les droits d'auteur appartiennent à l'auteur original. Ce site n'assume aucune responsabilité légale correspondante. Si vous trouvez un contenu suspecté de plagiat ou de contrefaçon, veuillez contacter admin@php.cn