PHP forges http header to crack anti-hotlink_PHP tutorial

Anti-hotlinking

Forged referer instance code is mainly used to break through anti-leeching, such as pictures, software, etc.

The complete program will be given directly here. You can modify it yourself for specific applications.
The example I give here is very simple. In fact, many applications can be developed from this example. For example, hiding the real URL address... Hehe, just analyze it yourself
Create a new file file.php here. The following parameter is the target address of the referfer that needs to be forged. Such as: file.php/http://www.xxx.xxx/xxx.mp3

Code:

2. $url=str_replace('/file.php/','',$_SERVER["REQUEST_URI"]); //Get the URL that needs to be converted. I'm being lazy here and don't do security checks. I'll add what I need if necessary
3. $downfile=str_replace(" ", "%20",$url);//Replace spaces and the like, you can replace them according to the actual situation
4. $downfile=str_replace("http://" ,"",$downfile);//Remove http:// 
5. $urlarr=explode("/",$downfile);//Use "/" to decompose the domain name
6. $domain=$urlarr[0];//Domain name
7. $getfile=str_replace($urlarr[0], '',$downfile);//Get the GET part in the header
8. $content = @fsockopen("$domain", 80, $errno, $errstr, 12);//Connect to the target host
9. if (!$content){//If the link cannot be reached, an error will be prompted
10. die("Sorry, unable to connect to $domain ."); 
11. } 
12. fputs($content, "GET $getfile HTTP/1.0rn" );
13. fputs($content, "Host: $domainrn" );
14. fputs($content, "Referer: $domainrn" );//Forged part
15. fputs($content, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)rnrn");
16. while (!feof($content)) { 
17. $tp.=fgets($content, 128) ; 
18. if (strstr($tp,"200 OK")){ //Some explanation here. The first line of the header is generally the status of the requested file. For details, please refer to HTTP 1.1 status codes and their meanings hi.baidu.com/110911/blog/item/21f20d2475af812ed50742c5.html This is the normal file request status, just redirect it directly.Continue executing the program in other states
19. header("Location:$url");
20. die();
21. } 
22. } 
23. //302 redirection, most anti-hotlink systems first determine the referfer, and then redirect to the real address if it is correct. The following is to obtain the real address.
24. $arr=explode("n",$tp);
25. $arr1=explode("Location: ",$tp);//Decompose the real-time address behind Location
26. $arr2=explode("n",$arr1[1]);
27. header('Content-Type:application/force-download');//Force download
28. header("location:".$arr2[0]);//Direction Destination address
29. die();
30. ?>

The above code can only be used for the anti-hotlinking system that uses referer to determine whether it is hotlinked. It is not applicable to the anti-hotlinking system that uses other special methods to prevent hotlinking.

2. $txt=$_GET['url'];   
3. echo referfile($txt,'http://www.jbxue.com/');   
4.   
5.   
6. function referfile($url,$refer='') {   
7. $opt=array('http'=>array('header'=>"Referer:$refer"));   
8. $context=stream_context_create($opt);   
9. Header("Location:".$url);   
10. return file_get_contents($url,false,$context);   
11. }   
12.    
13. $host = "pakey.net"; //你要访问的域名   
14. $target = "/test.asp"; //你要访问的页面地址   
15. $referer = "http//uuwar.com/"; //伪造来路页面   
16. $fp = fsockopen($host, 80, $errno, $errstr, 30);   
17. if(!$fp){   
18. echo "$errstr($errno)n";   
19. }else{   
20. $out = "   
21. GET $target HTTP/1.1   
22. Host: $host   
23. Referer: $referer   
24. Connection: Closernrn";   
25.   
26.   
27. fwrite($fp, $out);   
28. while(!feof($fp)){   
29. echo fgets($fp, 1024);   
30. }   
31. fclose($fp);   
32. }   
33. ?>   

http://www.bkjia.com/PHPjc/743818.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/743818.htmlTechArticleAnti-hotlink forgery referer example code, mainly used for some breakthroughs in anti-hotlinking, such as pictures, software, etc. The complete program will be given directly here. You can modify it yourself for specific applications. ...