curl虽然功能强大,但是只能伪造$_SERVER["HTTP_X_FORWARDED_FOR"],对于大多数IP地址检测程序来说,$_SERVER["REMOTE_ADDR"]很难被伪造:
代码如下:
$headerArr = array();
foreach( $headers as $n => $v ) {
$headerArr[] = $n .':' . $v;
}
foreach( $headers as $n => $v ) {
$headerArr[] = $n .':' . $v;
}
ob_start();
$ch = curl_init();
curl_setopt ($ch,CURLOPT_URL,"http://localhost/curl/server.PHP");
curl_setopt ($ch,CURLOPT_HTTPHEADER,$headerArr ); //构造IP
curl_setopt ($ch,CURLOPT_REFERER,"http://www.163.com/ "); //构造来路
curl_setopt( $ch,CURLOPT_HEADER,1);
curl_exec($ch);
curl_close ($ch);
$out = ob_get_contents();
ob_clean();
echo $out;
然后是server.PHP
代码如下:
获取!";
return $cip;
}
echo "
访问IP: ".GetIP()."
"; echo "
访问来路: ".$_SERVER["HTTP_REFERER"];
原文链接:https://www.f2er.com/php/22035.html访问IP: ".GetIP()."
"; echo "
访问来路: ".$_SERVER["HTTP_REFERER"];
