php curl 伪造

WBOY
WBOY원래의
2016-06-23 13:46:342047검색

http://www.yygh.net/index.php

直接表格提交,一直提示账号不存在。应该后台需要验证。


我想伪造Origin的来源。不知道这么设置origin的来源

$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=34262619702200379&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields); 

curl_setopt($ch, 这里);
        
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
curl_setopt($ch, CURLOPT_URL, $this->url);


curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出

 $this->content=curl_exec($ch);
 curl_close($ch);


回复讨论(解决方案)

print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));

Array
(
    [0] => HTTP/1.1 200 OK
    [1] => Date: Fri, 31 Oct 2014 00:41:47 GMT
    [2] => Server: Apache/2.2.8 (Win32)
    [3] =>  Set-Cookie: PHPSESSID=e5dadd27a2c2387e05c077ab1c0141e5; path=/
    [4] => Expires: Thu, 19 Nov 1981 08:52:00 GMT
    [5] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    [6] => Pragma: no-cache
    [7] =>  Set-Cookie: JamesID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
    [8] =>  Set-Cookie: JamesUserID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
    [9] =>  Set-Cookie: JamesLoginTime=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
    [10] => Content-Length: 1073
    [11] => Connection: close
    [12] => Content-Type: text/html
)

你既不接收,也不发送他的 cookie,如何能成功?

print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));

Array
(
    [0] => HTTP/1.1 200 OK
    [1] => Date: Fri, 31 Oct 2014 00:41:47 GMT
    [2] => Server: Apache/2.2.8 (Win32)
    [3] =>  Set-Cookie: PHPSESSID=e5dadd27a2c2387e05c077ab1c0141e5; path=/
    [4] => Expires: Thu, 19 Nov 1981 08:52:00 GMT
    [5] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    [6] => Pragma: no-cache
    [7] =>  Set-Cookie: JamesID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
    [8] =>  Set-Cookie: JamesUserID=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
    [9] =>  Set-Cookie: JamesLoginTime=deleted; expires=Thu, 31-Oct-2013 00:41:46 GMT; path=/
    [10] => Content-Length: 1073
    [11] => Connection: close
    [12] => Content-Type: text/html
)

你既不接收,也不发送他的 cookie,如何能成功?




$cookie_file = dirname(__FILE__).'/cookie.txt';		//$cookie_file = tempnam("tmp","cookie");				//curl 只识别单引号字符串		$ch = curl_init(); //初始化				$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";				curl_setopt($ch, CURLOPT_COOKIEJAR,  $cookie_file); //存储cookies								curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0		curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '		curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名		curl_setopt($ch, CURLOPT_URL, $this->url);						curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出			 $this->content=curl_exec($ch);		 curl_close($ch);		 		 		 		 		 		 $cookie_file = dirname(__FILE__).'/cookie.txt';		//$cookie_file = tempnam("tmp","cookie");				//curl 只识别单引号字符串		$ch = curl_init(); //初始化				$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";$fields = 'actionpost=login&logintype=0&cardtype=1&userid=330724197712316212&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';		curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式		curl_setopt($ch, CURLOPT_POSTFIELDS,$fields); 				curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面获取的cookies								curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0		curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '		curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名		curl_setopt($ch, CURLOPT_URL, $this->url);						curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出			 $this->content=curl_exec($ch);		 		 print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));		 curl_close($ch);		 echo $this->content;


用了cookie也不行。版主帮我看看是哪里的问题

$cookie_file = dirname(__FILE__).'/cookie.txt';
        //$cookie_file = tempnam("tmp","cookie");
         
        //curl 只识别单引号字符串
        $ch = curl_init(); //初始化       
        $this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
 
         
        curl_setopt($ch, CURLOPT_COOKIEJAR,  $cookie_file); //存储cookies
         
         
         
        curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
        curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
        curl_setopt($ch, CURLOPT_URL, $this->url);
         
         
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出
     
         $this->content=curl_exec($ch);
         curl_close($ch);
          
          
          
          
          
         $cookie_file = dirname(__FILE__).'/cookie.txt';
        //$cookie_file = tempnam("tmp","cookie");
         
        //curl 只识别单引号字符串
        $ch = curl_init(); //初始化       
        $this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=330724197712316212&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
        curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式
        curl_setopt($ch, CURLOPT_POSTFIELDS,$fields); 
         
        curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面获取的cookies
         
         
         
        curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
        curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
        curl_setopt($ch, CURLOPT_URL, $this->url);
         
         
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出
     
         $this->content=curl_exec($ch);
          
         print_r(get_headers('http://www.yygh.net/usercenter/userinfo_action.php'));
         curl_close($ch);
         echo $this->content;

他有验证码,你是如何处理的?

他有验证码,你是如何处理的?




我需要输入验证码。把它的验证码的路径改为全路径

<?php$cookie_file = dirname(__FILE__).'/cookie.txt';if(isset($_GET['verification'])) {  $url = 'http://www.yygh.net/include/validateimg.php?' . rand();  $ch = curl_init(); //初始化         curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file);   curl_setopt($ch, CURLOPT_URL, $url);  curl_exec($ch);  curl_close($ch);  exit;}if(! $_POST) {  $url = "http://www.yygh.net/usercenter/userinfo_action.php";  $ch = curl_init(); //初始化         curl_setopt($ch, CURLOPT_COOKIEJAR,  $cookie_file); //存储cookies  curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '  curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名  curl_setopt($ch, CURLOPT_URL, $url);  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出  $content = curl_exec($ch);  curl_close($ch);echo <<< HTML<form method=post><img  src='?verification=1' alt="php curl 伪造" ><input type=text name=code><input type=submit value=ok></form>HTML;  exit;}else {  $ch = curl_init(); //初始化         $url = "http://www.yygh.net/usercenter/userinfo_action.php";  $fields = array(    'actionpost' => 'login',    'logintype' => 0,    'cardtype' => 1,    'userid' => '330724197712316212',    'pwd' => '123qwe',    'validate' => $_POST['code'],    //cndm&imagesField.x=32&imageField.y=11';  );  curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式  curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);   curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面获取的cookies  curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '  curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名  curl_setopt($ch, CURLOPT_URL, $url);  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出  $content = curl_exec($ch);  curl_close($ch);  echo $content;  }

请核实用户信息的正确性

<?php$cookie_file = dirname(__FILE__).'/cookie.txt';if(isset($_GET['verification'])) {  $url = 'http://www.yygh.net/include/validateimg.php?' . rand();  $ch = curl_init(); //初始化         curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file);   curl_setopt($ch, CURLOPT_URL, $url);  curl_exec($ch);  curl_close($ch);  exit;}if(! $_POST) {  $url = "http://www.yygh.net/usercenter/userinfo_action.php";  $ch = curl_init(); //初始化         curl_setopt($ch, CURLOPT_COOKIEJAR,  $cookie_file); //存储cookies  curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '  curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名  curl_setopt($ch, CURLOPT_URL, $url);  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出  $content = curl_exec($ch);  curl_close($ch);echo <<< HTML<form method=post><img  src='?verification=1' alt="php curl 伪造" ><input type=text name=code><input type=submit value=ok></form>HTML;  exit;}else {  $ch = curl_init(); //初始化         $url = "http://www.yygh.net/usercenter/userinfo_action.php";  $fields = array(    'actionpost' => 'login',    'logintype' => 0,    'cardtype' => 1,    'userid' => '330724197712316212',    'pwd' => '123qwe',    'validate' => $_POST['code'],    //cndm&imagesField.x=32&imageField.y=11';  );  curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式  curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);   curl_setopt($ch, CURLOPT_COOKIEFILE,  $cookie_file); //使用上面获取的cookies  curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '  curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名  curl_setopt($ch, CURLOPT_URL, $url);  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出  $content = curl_exec($ch);  curl_close($ch);  echo $content;  }

请核实用户信息的正确性




最后一句话提醒我了原来是cardtype 写错了 card_type..
这什么嘛、搞了一天。。。
最后谢谢版主
성명:
본 글의 내용은 네티즌들의 자발적인 기여로 작성되었으며, 저작권은 원저작자에게 있습니다. 본 사이트는 이에 상응하는 법적 책임을 지지 않습니다. 표절이나 침해가 의심되는 콘텐츠를 발견한 경우 admin@php.cn으로 문의하세요.