PHP uses Curl to forge client source IP_PHP tutorial

I found many ways to use Curl to forge the client source IP on the Internet. Almost all of them used the curl function. Later, I verified the results of using this function. It is powerful. It can not only forge the client source IP but also the proxy IP. Let’s take a look at the code below.

Generally, there are three situations in which a server obtains a client’s IP
1. Without proxy:

#http://www.bKjia.c0m
REMOTE_ADDR=Customer IP
HTTP_VIA = empty
HTTP_X_FORWARDED_FOR = empty

2. When using a proxy and the proxy server is set to forward the client IP:

REMOTE_ADDR = proxy server IP
HTTP_VIA = proxy server IP
HTTP_X_FORWARDED_FOR = Customer IP

HTTP_VIA and HTTP_X_FORWARDED_FOR values ​​can be customized by adding Header headers, and then the client IP can be hidden through this, provided that the service

X_FORWARDED_FOR is enabled on the server side.

To test the effect, create a new PHP program on the server side:

1.php requests index.php.
1.php code:

The code is as follows

代码如下	复制代码
$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://localhost/index.php"); curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8')); //构造IP curl_setopt($ch, CURLOPT_REFERER, "http://www.bKjia.c0m/ "); //构造来路 curl_setopt($ch, CURLOPT_HEADER, 1); $out = curl_exec($ch); curl_close($ch);

Copy code

代码如下

复制代码

function getClientIp() {
if (!empty($_SERVER["HTTP_CLIENT_IP"]))
$ip = $_SERVER["HTTP_CLIENT_IP"];
else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
else if (!empty($_SERVER["REMOTE_ADDR"]))
$ip = $_SERVER["REMOTE_ADDR"];
else
$ip = "err";
return $ip;
}

echo "IP: " . getClientIp() . "";
echo "referer: " . $_SERVER["HTTP_REFERER"];

echo "IP: " . getClientIp() . "";
echo "referer: " . $_SERVER["HTTP_REFERER"];

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "http://localhost/index.php");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8'));

//Construct IP
curl_setopt($ch, CURLOPT_REFERER, "http://www.bKjia.c0m/ "); //Construction origin

curl_setopt($ch, CURLOPT_HEADER, 1);

$out = curl_exec($ch);
curl_close($ch);

2.php code is as follows:

​ else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))           $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];

The code is as follows	Copy code
function getClientIp() { If (!empty($_SERVER["HTTP_CLIENT_IP"])) $ip = $_SERVER["HTTP_CLIENT_IP"];

else if (!empty($_SERVER["REMOTE_ADDR"]))

          $ip = $_SERVER["REMOTE_ADDR"];

else

          $ip = "err"; Return $ip; } echo "IP: " . getClientIp() . ""; echo "referer: " . $_SERVER["HTTP_REFERER"]; echo "IP: " . getClientIp() . ""; echo "referer: " . $_SERVER["HTTP_REFERER"];

The forgery is successful. Does this provide a good IP-changing solution for friends who "fake tickets"? !

Ha ha.

Result:

HTTP/1.1 200 OK Date: Wed, 03 Apr 2013 06:20:42 GMT Server: Apache/2.2.22 (Win32) PHP/5.3.13<🎜> <🎜>X-Powered-By: PHP/5.3.13 Content-Length: 44 Content-Type: text/html<🎜> IP: 8.8.8.8<🎜> referer: http://www.bKjia.c0m/<🎜> <🎜><🎜>Let’s look at the curl function<🎜><🎜> <🎜>List of curl related functions:<🎜> curl_init — Initialize a CURL session<🎜> curl_setopt — Set an option for CURL calls <🎜> curl_exec — Execute a CURL session<🎜> curl_close — Close a CURL session <🎜> curl_version — Returns the current CURL version <🎜> 1>curl_init — Initialize a CURL session http://www.bkjia.com/PHPjc/633127.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/633127.htmlTechArticleI have found many ways to use Curl to forge the client source IP on the Internet. Almost all of them use the curl function. Later, it was verified that the use of this function is indeed powerful. Not only can it forge the client source...