PHP curl伪造IP地址和header信息代码实例_PHP教程

PHP curl伪造IP地址和header信息代码实例

2020-09-21 19:34PHP教程网 PHP教程

这篇文章主要介绍了PHP curl伪造IP地址和header信息代码实例,本文给出服务器端和客户端实现代码,提供伪造功能和服务器端检测代码,需要的朋友可以参考下

curl虽然功能强大，但是只能伪造$_SERVER["HTTP_X_FORWARDED_FOR"]，对于大多数IP地址检测程序来说，$_SERVER["REMOTE_ADDR"]很难被伪造：

首先是client.php的代码

复制代码代码如下:

	
	$headers['CLIENT-IP'] = '202.103.229.40'; 

	$headers['X-FORWARDED-FOR'] = '202.103.229.40';

	$headerArr = array(); 

	foreach( $headers as $n => $v ) { 

	    $headerArr[] = $n .':' . $v;  

	}

	ob_start();

	$ch = curl_init();

	curl_setopt ($ch, CURLOPT_URL, "http://localhost/curl/server.php");

	curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr );  //构造IP

	curl_setopt ($ch, CURLOPT_REFERER, "http://www.163.com/ ");   //构造来路

	curl_setopt( $ch, CURLOPT_HEADER, 1);

	curl_exec($ch);

	curl_close ($ch);

	$out = ob_get_contents();

	ob_clean();

	echo $out;

然后是server.php

复制代码代码如下:

	
	function GetIP(){

	    if(!emptyempty($_SERVER["HTTP_CLIENT_IP"]))

	        $cip = $_SERVER["HTTP_CLIENT_IP"];

	    else if(!emptyempty($_SERVER["HTTP_X_FORWARDED_FOR"]))

	        $cip = $_SERVER["HTTP_X_FORWARDED_FOR"];

	    else if(!emptyempty($_SERVER["REMOTE_ADDR"]))

	        $cip = $_SERVER["REMOTE_ADDR"];

	    else

	    $cip = "无法获取！";

	    return $cip;

	}

	echo "<br>访问IP: ".GetIP()."<br>";

	echo "<br>访问来路: ".$_SERVER["HTTP_REFERER"];