好久以前曾经写过 使用CURL伪造来源网址与IP,其实用 fsockopen 也能伪造来路,接下来我们看看如何实现。
$host = "127.0.0.1"; //你要访问的域名
$ip = '127.0.0.1';
$target = "/test2.php"; //你要访问的页面地址
$referer = "http://www.nowamagic.net/"; //伪造来路页面
//$fp = fsockopen($host, 80, $errno, $errstr, 30);
$fp = fsockopen($ip, 80, $errno, $errstr, 5);
if(!$fp)
{
echo "$errstr($errno)
\n";
}
else
{
$end = "\r\n";
$out = "GET $target HTTP/1.1$end";
$out .= "Host: $ip$end";
$out .= "Referer: $referer$end";
$out .= "Connection: Close$end";
$out .= "$end";
fwrite($fp, $out);
while(!feof($fp))
{
echo fgets($fp, 1024);
}
fclose($fp);
}
test2.php 的代码为:
$data = $_SERVER;
echo '';
print_r( $data );
echo '';
程序输出:
HTTP/1.1 200 OK
Date: Thu, 13 Feb 2014 08:19:10 GMT
Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.8
Content-Length: 1393
Connection: close
Content-Type: text/html
Array
(
……
[HTTP_HOST] => 127.0.0.1
[HTTP_REFERER] => http://www.nowamagic.net/
[HTTP_CONNECTION] => Close
……
[SERVER_SIGNATURE] =>
Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1 Server at 127.0.0.1 Port 80
[SERVER_SOFTWARE] => Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1
[SERVER_NAME] => 127.0.0.1
[SERVER_ADDR] => 127.0.0.1
[SERVER_PORT] => 80
[REMOTE_ADDR] => 127.0.0.1
[REMOTE_PORT] => 50404
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
[REQUEST_URI] => /test2.php
[SCRIPT_NAME] => /test2.php
[PHP_SELF] => /test2.php
[REQUEST_TIME] => 1392279550
)
可以看到 HTTP_REFERER 的值为 http://www.nowamagic.net/,即来路已经伪造成功。
关于伪造IP
如果需要伪造IP,那么加上这么两行代码即可:
$out .= "Client-IP: 121.199.24.143\r\n";
$out .= "X-Forwarded-For: 121.199.24.143\r\n"; //主要是这里来构造IP
整体程序为:
$host = "127.0.0.1"; //你要访问的域名
$ip = '127.0.0.1';
$target = "/test2.php"; //你要访问的页面地址
$referer = "http://www.nowamagic.net/"; //伪造来路页面
//$fp = fsockopen($host, 80, $errno, $errstr, 30);
$fp = fsockopen($ip, 80, $errno, $errstr, 5);
if(!$fp)
{
echo "$errstr($errno)
\n";
}
else
{
$end = "\r\n";
$out = "GET $target HTTP/1.1$end";
$out .= "Host: $ip$end";
$out .= "Referer: $referer$end";
$out .= "Client-IP: 121.199.24.143\r\n";
$out .= "X-Forwarded-For: 121.199.24.143\r\n"; //主要是这里来构造IP
$out .= "Connection: Close$end";
$out .= "$end";
fwrite($fp, $out);
while(!feof($fp))
{
echo fgets($fp, 1024);
}
fclose($fp);
}
输出里的数组也会多这么两行:
Array
(
[HTTP_REFERER] => http://www.nowamagic.net/
[HTTP_CLIENT_IP] => 121.199.24.143
[HTTP_X_FORWARDED_FOR] => 121.199.24.143
)