首页准备两个php文件
1.testFakeRerer.php//对http_referer进行伪造请求
2.checkReferer.php//输出请求页面的referer
两个文件的内容分别为:
testFakeRerer.php<?php
try {
$host = 'localhost';
$target = '/checkReferer.php';
$referer = 'http://www.lampnick.com'; //伪造HTTP_REFERER地址
$fp = fsockopen($host, 80, $errno, $errstr, 30);
if (!$fp) {
echo "$errstr($errno)
";
exit;
}
$out = "
GET $target HTTP/1.1
Host: {$host}
Referer: {$referer}
Connection: Close\r\n\r\n
";//$out需要顶格写,不然会错哦
fwrite($fp, $out);
while (!feof($fp)) {
echo fgets($fp, 1024);
}
fclose($fp);
} catch (Exception $e) {
echo $e->getMessage();
}
checkReferer.php<?php
echo "
";
echo $_SERVER["HTTP_REFERER"];
请求http://localhost/testFakeRerer.php ,返回结果为:HTTP/1.1 200 OK
Date: Wed, 15 Mar 2017 03:16:36 GMT
Server: Apache/2.4.9 (Win64) PHP/5.5.12
X-Powered-By: PHP/5.5.12
Content-Length: 28
Connection: close
Content-Type: text/html
http://www.lampnick.com
说明我们伪造refer成功。
喜欢 (0)or分享 (0)