這篇文章主要介紹了PHP curl偽造IP地址和header信息代碼實例,本文給出服務器端和客戶端實現代碼,提供偽造功能和服務器端檢測代碼,需要的朋友可以參考下

curl雖然功能強大，但是只能偽造$_SERVER["HTTP_X_FORWARDED_FOR"]，對于大多數IP地址檢測程序來說，$_SERVER["REMOTE_ADDR"]很難被偽造：

首先是client.php的代碼

代碼如下:

$headers['CLIENT-IP'] = '202.103.229.40';

$headers['X-FORWARDED-FOR'] = '202.103.229.40';

$headerArr = array();

foreach( $headers as $n => $v ) {

$headerArr[] = $n .':' . $v;

}

ob_start();

$ch = curl_init();

curl_setopt ($ch, CURLOPT_URL, "");

curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //構造IP

curl_setopt ($ch, CURLOPT_REFERER, ""); //構造來路

curl_setopt( $ch, CURLOPT_HEADER, 1);

curl_exec($ch);

curl_close ($ch);

$out = ob_get_contents();

ob_clean();

echo $out;

然后是server.php

代碼如下:

function GetIP(){

if(!emptyempty($_SERVER["HTTP_CLIENT_IP"]))

$cip = $_SERVER["HTTP_CLIENT_IP"];

else if(!emptyempty($_SERVER["HTTP_X_FORWARDED_FOR"]))

$cip = $_SERVER["HTTP_X_FORWARDED_FOR"];

else if(!emptyempty($_SERVER["REMOTE_ADDR"]))

$cip = $_SERVER["REMOTE_ADDR"];

else

$cip = "無法獲取!";

return $cip;

}

echo "

訪問IP: ".GetIP()."

";

echo "

訪問來路: ".$_SERVER["HTTP_REFERER"];

更多信息請查看IT技術專欄