PHP curl伪造IP地址和header信息代码实例

curl虽然功能强大,但是只能伪造$_SERVER[“HTTP_X_FORWARDED_FOR”],对于大多数IP地址检测程序来说,$_SERVER[“REMOTE_ADDR”]很难被伪造:

首先是client.php的代码

$headers[‘CLIENT-IP’] = ‘202.103.229.40’;
$headers[‘X-FORWARDED-FOR’] = ‘202.103.229.40’;

$headerArr = array();
foreach( $headers as $n => $v ) {
$headerArr[] = $n .’:’ . $v;
}

ob_start();
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, “http://localhost/curl/server.php”);
curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //构造IP
curl_setopt ($ch, CURLOPT_REFERER, “http://www.163.com/ “); //构造来路
curl_setopt( $ch, CURLOPT_HEADER, 1);

curl_exec($ch);
curl_close ($ch);
$out = ob_get_contents();
ob_clean();

echo $out;

然后是server.php

function GetIP(){
if(!emptyempty($_SERVER[“HTTP_CLIENT_IP”]))
$cip = $_SERVER[“HTTP_CLIENT_IP”];
else if(!emptyempty($_SERVER[“HTTP_X_FORWARDED_FOR”]))
$cip = $_SERVER[“HTTP_X_FORWARDED_FOR”];
else if(!emptyempty($_SERVER[“REMOTE_ADDR”]))
$cip = $_SERVER[“REMOTE_ADDR”];
else
$cip = “无法获取!”;
return $cip;
}
echo “<br>访问IP: “.GetIP().”<br>”;
echo “<br>访问来路: “.$_SERVER[“HTTP_REFERER”];

PHP curl伪造IP地址和header信息代码实例

郑重声明:本网站发布的内容(图片、视频和文字)以及用户投稿、用户转载内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服