今天沒事做自己寫了一個php curl 偽造IP來源程序實例程序,這裡可以 偽造IP來源, 偽造域名, 偽造用戶信息,有需要了解的朋友可參考。
定義偽造用戶浏覽器信息HTTP_USER_AGENT
代碼如下 復制代碼$binfo =array('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)','Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0','Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; Alexa Toolbar)','Mozilla/4.0(compatible; MSIE 6.0; Windows NT 5.1; SV1)',$_SERVER['HTTP_USER_AGENT']);
//123.125.68.*
//125.90.88.*
定義偽造IP來源段,這裡我找的是百度的IP地址
代碼如下 復制代碼$cip = '123.125.68.'.mt_rand(0,254);
$xip = '125.90.88.'.mt_rand(0,254);
$header = array(
'CLIENT-IP:'.$cip,
'X-FORWARDED-FOR:'.$xip,
);
利用curl開始向服務器發送偽造信息
代碼如下 復制代碼function getimgs( $url,$userinfo,$header)
{
$ch = curl_init();
$timeout = 5;
curl_setopt ($ch, CURLOPT_URL, "$url");
curl_setopt ($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt ($ch, CURLOPT_REFERER, "http://www.baidu.com/");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, "$userinfo");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$contents = curl_exec($ch);
curl_close($ch);
return $contents;
}
獲取到數據我們再保存
代碼如下 復制代碼function saveimgs( $handle )
{
$fp = fopen('a.jpg',"w");
fwrite($fp,$handle);
unset($fp);
unset($handle);
}
測試偽造IP實例
代碼如下 復制代碼$url ='http://www.bKjia.c0m/img/logo.jpg';
$u = $binfo[mt_rand(0,3)];
saveimgs(getimgs($url,$u,$header));
這樣就在你當前目錄保存成功了一個文件a.jpg文件,我現可以查看服務器日志是不是我們自定的用戶信息呢
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET /test.php HTTP/1.1" 200 1244 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)"
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET / HTTP/1.1" 200 40538 "http://www.baidu.com/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; Alexa Toolbar)"
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET /test.php HTTP/1.1" 200 1244 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2; AskTbPTV/5.17.0.25589; Alexa Toolbar)"
192.168.1.108 - - [22/Jul/2013:10:29:37 +0800] "GET / HTTP/1.1" 200 40538 "http://www.baidu.com/" "Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0"
看出來了吧,完全正確啊,只是IP地址我怎麼沒測試出來,這個使用php獲取ip地址時會是顯示我偽造IP地址了