...
PHP

php curl ip伪造

php如何使用curl伪造IP来源的方法
php如何使用curl伪造IP来源

<?php
$ch = curl_init();
$url = "http://localhost/target_ip.php";
$header = array('CLIENT-IP:58.68.44.61','X-FORWARDED-FOR:58.68.44.61',);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
$page_content = curl_exec($ch);curl_close($ch);
echo $page_content;
?>

请求的目标文件---target_ip.php:

<?php
echo getenv('HTTP_CLIENT_IP');
echo getenv('HTTP_X_FORWARDED_FOR');
echo getenv('REMOTE_ADDR');
?>

目标文件target_ip里面的IP打印顺序是目前很多开源系统的IP获取顺序 访问fake_ip.php,看到结果: 58.68.44.61

58.68.44.61 127.0.0.1
最后,为大家提供二个小例子。 例1:

<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://localhost/2.php");
curl_setopt($ch, CURLOPT_HTTPHEADER, 
      array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8')); //构造
IPcurl_setopt($ch, CURLOPT_REFERER, "http://bbs.it-home.org/ "); //构造来路
curl_setopt($ch, CURLOPT_HEADER, 1);
$out = curl_exec($ch);curl_close($ch);
?>

例2:

<?php
function getClientIp() {
if (!empty($_SERVER["HTTP_CLIENT_IP"]))
$ip = $_SERVER["HTTP_CLIENT_IP"];
else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
else if (!empty($_SERVER["REMOTE_ADDR"]))
$ip = $_SERVER["REMOTE_ADDR"];
else$ip = "err";
return $ip;
}
echo "IP: " . getClientIp() . "";
echo "referer: " . $_SERVER["HTTP_REFERER"];
?>

转载原文地址:http://www.jb100.net/html/content-10-562-1.html

关键评论:

如果服务器优先使用REMOTE_ADDR来检测ip的话,那就没作用了

怎样防止ip伪造 : 

【干货分享】获取用户IP的正确姿势 php 图像压缩 png透明图像压缩
biu biu biu
20 个实用的 JavaScript 单行代码 MacStroke下载及appleScript 模拟按键脚本 共享打印机0x0000011b修复的另一种方法 yarn 设置淘宝镜像 yarn 错误There appears to be trouble with your network connection. Retrying... win11 安装限制去除 跳过TPM CPU检测 附软件