牙疼了
豆腐丝当肉,真的是为均衡营养?
$myip = '127.0.0.1';
ob_start();
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
$onoff = (function_exists('ini_get')) ? ini_get('register_globals') : get_cfg_var('register_globals');
if($onoff != 1) {
@extract($_POST, EXTR_SKIP);
@extract($_GET, EXTR_SKIP);
}
$self = $_SERVER['PHP_SELF'];
$myaddress = 'http://'.$_SERVER['HTTP_HOST'].$self;
$comm = '';
if(isset($url) && $url) {
$url = str_replace($address, '', $url);
}
/*
foreach($_POST as $key => $val) {
if($comm == '') {
$comm = $key.'='.rawurlencode($val);
} else {
$comm = $comm.'&'.$key.'='.rawurlencode($val);
}
}
*/
$pcomm = '';
foreach($_POST as $key => $val) {
if($pcomm == '') {
$pcomm .= $key.''.urlencode($val);
} else {
$pcomm .= $pcomm.'&'.$key.'='.urlencode($val);
}
}
foreach($_GET as $key => $val) {
if($key != 'url') {
if($comm == '') {
$comm = $key.'='.rawurlencode($val);
} else {
$comm = $comm.'&'.$key.'='.rawurlencode($val);
}
}
}
if(!$url) {
$url = $address;
} else {
$url = $address.$url;
if($comm) {
if(strstr($url,'?')) {
$url = $url.'&'.$comm;
} else {
$url = $url.'?'.$comm;
}
}
}
if($url) {
$cookies= '';
if(count($_COOKIE)) {
foreach($_COOKIE as $cookie_name => $cookie_var) {
$cookies .= $cookies != '' ? '; '.$cookie_name.'='.$cookie_var : $cookie_name.'='.$cookie_var;
}
}
$temp = @parse_url($url);
$temp['port'] = isset($temp['port']) ? $temp['port'] : 80;
$temp['path'] = isset($temp['path']) ? $temp['path'] : '/';
$temp['file'] = substr($temp['path'], strrpos($temp['path'], '/')+1);
$temp['dir'] = substr($temp['path'], 0, strrpos($temp['path'], '/'));
$temp['base'] = $temp['scheme'].'://'.$temp['host'].($temp['port'] != 80 ? ':'.$temp['port'] : '').$temp['dir'];
$temp['prev_dir'] = $temp['path'] != '/' ? substr($temp['base'], 0, strrpos($temp['base'], '/')+1) : $temp['base'].'/';
$fp = @fsockopen($temp['host'], $temp['port'], $errno, $errstr, 30);
if($fp) {
if($_SERVER['REQUEST_METHOD'] != 'POST') {
@fputs($fp, "GET $temp[path]?$temp[query] HTTP/1.1\r\n");
} else {
@fputs($fp, "POST $temp[path]?$temp[query] HTTP/1.1\r\n");
}
@fputs($fp, "Host: $temp[host]\r\n");
@fputs($fp, "Accept: */*\r\n");
@fputs($fp, "Referer: http://$temp[host]/\r\n");
@fputs($fp, "Cookie: $cookies\r\n");
@fputs($fp, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\n");
@fputs($fp, "via: 1.1 JEJE1:80 (squid/2.5.STABLE4-NT-CVS)\r\n");
@fputs($fp, "X-Forwarded-For: $myip\r\n");
if($_SERVER['REQUEST_METHOD'] == 'POST') {
@fputs($fp, "Content-Type: application/x-www-form-urlencoded\r\n");
@fputs($fp, "Content-Length: ".strlen($pcomm)."\r\n\r\n");
@fputs($fp, $pcomm);
}
@fputs($fp, "Connection: Close\r\n\r\n");
while($str = @fread($fp, 4096)) {
if($str != "\r\n" && preg_match_all("#set-cookie:([^\r\n]*)#i", $str, $matches)) {
foreach($matches[1] as $cookie_info) {
preg_match('#^\s*([^=;,\s]*)=?([^;,\s]*)#', $cookie_info, $match) && list(, $name, $value) = $match;
preg_match('#;\s*expires\s*=([^;]*)#i', $cookie_info, $match) && list(, $expires) = $match;
$expires = isset($expires) ? strtotime($expires) : false;
$expires = (!is_numeric($expires) || time() > $expires) ? false : $expires;
setcookie($name, $value, $expires);
}
$str = str_replace($matches[0], '', $str);
}
$Content .= $str;
}
@fclose($fp);
if(strpos($Content, 'Content-Type: text/html')) {
$Content = substr($Content, strpos($Content, 'Content-Type: text/html')+33);
} else {
$Content = substr($Content, strpos($Content, chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a))+4);
}
$Content = str_replace(' href="',' href="'.$myaddress.'?url=',$Content);
$Content = str_replace(' href=\'',' href=\''.$myaddress.'?url=',$Content);
$Content = str_replace(' src="',' src="'.$myaddress.'?url=',$Content);
$Content = str_replace(' src=\'',' src=\''.$myaddress.'?url=',$Content);
$Content = str_replace(' src=image',' src="'.$myaddress.'?url=image',$Content);
$Content = str_replace(' src=customavatars/',' src='.$myaddress.'?url=customavatars/',$Content);
$Content = str_replace(' action="',' action="'.$myaddress.'?url=',$Content);
$Content = str_replace(' url("',' url("'.$myaddress.'?url=',$Content);
$Content = str_replace(' background="',' background="'.$myaddress.'?url=',$Content);
$Content = str_replace(' url(\'',' url(\''.$myaddress.'?url=',$Content);
$Content = str_replace($myaddress.'?url=javascript:','javascript:',$Content);
$Content = str_replace(';url=',';url='.$myaddress.'?url=',$Content);
echo $Content;
}
}
?>
2007-12-12 18:29 | 分类: 
$address = 'ht**://www.********.com/'
因为这个留言板,不让留完整的网址,才不得不写成:
$address = '999msn.com';
在实际测试中使用的是完整的url形式,但目样网址得到的访问者的信息,还是真实的 IP ,不是我们
仿造的:$myip = '127.0.0.1'
请问,为什么我会出现以上的问题,怎样改才能做到仿造IP?
$address = '999msn.com';
把代码执行了一下。
在999msn.com的index.php中用
$ip =$_SERVER["REMOTE_ADDR"];
查了一下,$ip显示的不是'127.0.0.1' 而是我的adsl的公网IP:123.115....
"一段用PHP伪造IP的代码" 说的是伪造访问者的IP 吗?如果是,为什么不好用?
$address = 'http://www.999msn.com/';
把代码执行了一下。
在'http://www.999msn.com/的index.php中用
$ip =$_SERVER["REMOTE_ADDR"];
查了一下,$ip显示的不是'127.0.0.1' 而是我的adsl的公网IP:123.115....
"一段用PHP伪造IP的代码" 说的是伪造访问者的IP 吗?如果是,为什么不好用?