php+伪造+本机域名+ip,php curl 伪造IP来源程序实现代码

今天没事做自己写了一个php curl 伪造IP来源程序实例程序,这里可以伪造IP来源,伪造域名,伪造用户信息.

定义伪造用户浏览器信息HTTP_USER_AGENT,代码如下:

$binfo=array('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)','Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; Alexa Toolbar)','Mozilla/4.0(compatible; MSIE 6.0; Windows NT 5.1; SV1)',$_SERVER['HTTP_USER_AGENT']);

//123.125.68.*

//125.90.88.*

定义伪造IP来源段,这里我找的是百度的IP地址,代码如下:

$cip='123.125.68.'.mt_rand(0,254);

$xip='125.90.88.'.mt_rand(0,254);

$header=array(

'CLIENT-IP:'.$cip,

'X-FORWARDED-FOR:'.$xip,

);

利用curl开始向服务器发送伪造信息,代码如下:

functiongetimgs($url,$userinfo,$header)

{

$ch= curl_init();

$timeout= 5;

curl_setopt ($ch, CURLOPT_URL,"$url");

curl_setopt ($ch, CURLOPT_HTTPHEADER,$header);

curl_setopt ($ch, CURLOPT_REFERER,"http://www.baidu.com/");

curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

curl_setopt ($ch, CURLOPT_USERAGENT,"$userinfo");

curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT,$timeout);

$contents= curl_exec($ch);

curl_close($ch);

return$contents;

}

获取到数据我们再保存,代码如下:

functionsaveimgs($handle)

{

$fp=fopen('a.jpg',"w");

fwrite($fp,$handle);

unset($fp);

unset($handle);

}

测试伪造IP实例,代码如下:

$url='http://www.vcphp.com/img/logo.jpg';

$u=$binfo[mt_rand(0,3)];

saveimgs(getimgs($url,$u,$header));

这样就在你当前目录保存成功了一个文件a.jpg文件,我现可以查看服务器日志是不是我们自定的用户信息呢?

192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET /test.php HTTP/1.1" 200 1244 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)"

192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET / HTTP/1.1" 200 40538 "http://www.baidu.com/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; Alexa Toolbar)"

192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET /test.php HTTP/1.1" 200 1244 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)"

192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET / HTTP/1.1" 200 40538 "http://www.baidu.com/" "Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0"

看出来了吧,完全正确啊,只是IP地址我怎么没测试出来,这个使用php获取ip地址时会是显示我伪造IP地址了.

(责任编辑：admin)