PHP uses Curl to forge client source IP_PHP tutorial

WBOY
Release: 2016-07-13 10:44:00
Original
1238 people have browsed it

I found many ways to use Curl to forge the client source IP on the Internet. Almost all of them used the curl function. Later, I verified the results of using this function. It is powerful. It can not only forge the client source IP but also the proxy IP. Let’s take a look at the code below.

Generally, there are three situations in which a server obtains a client’s IP
1. Without proxy:


#http://www.bKjia.c0m
REMOTE_ADDR=Customer IP
HTTP_VIA = empty
HTTP_X_FORWARDED_FOR = empty

2. When using a proxy and the proxy server is set to forward the client IP:

REMOTE_ADDR = proxy server IP
HTTP_VIA = proxy server IP
HTTP_X_FORWARDED_FOR = Customer IP

HTTP_VIA and HTTP_X_FORWARDED_FOR values ​​can be customized by adding Header headers, and then the client IP can be hidden through this, provided that the service

X_FORWARDED_FOR is enabled on the server side.

To test the effect, create a new PHP program on the server side:

1.php requests index.php.
1.php code:

The code is as follows
 代码如下 复制代码

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://localhost/index.php");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8'));

//构造IP
curl_setopt($ch, CURLOPT_REFERER, "http://www.bKjia.c0m/ "); //构造来路
curl_setopt($ch, CURLOPT_HEADER, 1);
$out = curl_exec($ch);
curl_close($ch);

Copy code


代码如下 复制代码

function getClientIp() {
if (!empty($_SERVER["HTTP_CLIENT_IP"]))
$ip = $_SERVER["HTTP_CLIENT_IP"];
else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
else if (!empty($_SERVER["REMOTE_ADDR"]))
$ip = $_SERVER["REMOTE_ADDR"];
else
$ip = "err";
return $ip;
}

echo "IP: " . getClientIp() . "";
echo "referer: " . $_SERVER["HTTP_REFERER"];

echo "IP: " . getClientIp() . "";
echo "referer: " . $_SERVER["HTTP_REFERER"];

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "http://localhost/index.php");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8'));

//Construct IP
curl_setopt($ch, CURLOPT_REFERER, "http://www.bKjia.c0m/ "); //Construction origin

curl_setopt($ch, CURLOPT_HEADER, 1);

$out = curl_exec($ch);
curl_close($ch);

2.php code is as follows:

​ else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))           $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
The code is as follows
Copy code


function getClientIp() {
If (!empty($_SERVER["HTTP_CLIENT_IP"]))

$ip = $_SERVER["HTTP_CLIENT_IP"];
else if (!empty($_SERVER["REMOTE_ADDR"]))

          $ip = $_SERVER["REMOTE_ADDR"];

else

          $ip = "err"; } echo "IP: " . getClientIp() . ""; echo "referer: " . $_SERVER["HTTP_REFERER"]; echo "IP: " . getClientIp() . ""; echo "referer: " . $_SERVER["HTTP_REFERER"];
The forgery is successful. Does this provide a good IP-changing solution for friends who "fake tickets"? !

Ha ha.
Result:
HTTP/1.1 200 OK Date: Wed, 03 Apr 2013 06:20:42 GMT Server: Apache/2.2.22 (Win32) PHP/5.3.13<🎜> <🎜>X-Powered-By: PHP/5.3.13 Content-Length: 44 Content-Type: text/html<🎜> IP: 8.8.8.8<🎜> referer: http://www.bKjia.c0m/<🎜> <🎜><🎜>Let’s look at the curl function<🎜><🎜> <🎜>List of curl related functions:<🎜> curl_init — Initialize a CURL session<🎜> curl_setopt — Set an option for CURL calls <🎜> curl_exec — Execute a CURL session<🎜> curl_close — Close a CURL session <🎜> curl_version — Returns the current CURL version <🎜> 1>curl_init — Initialize a CURL session http://www.bkjia.com/PHPjc/633127.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/633127.htmlTechArticleI have found many ways to use Curl to forge the client source IP on the Internet. Almost all of them use the curl function. Later, it was verified that the use of this function is indeed powerful. Not only can it forge the client source...

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Recommendations
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template