转 PHP伪造referer地址的三种方法

转: https://blog.csdn.net/looksun/article/details/49796493


CURL方式:

$ch = curl_init();

curl_setopt ($ch, CURLOPT_URL,"http://www.yyyy.com");

curl_setopt ($ch, CURLOPT_REFERER,"http://www.xxxx.com/");

curl_exec ($ch);

curl_close ($ch);

SOCKET方式:

$server ='www.yyyy.com';

$host ='www.yyyy.com';

$target ='index.php';

$referer ='http://www.xxxx.com/';// Referer

$port =80;

$fp = fsockopen($server, $port, $errno, $errstr,30);

if(!$fp){

echo"$errstr ($errno)\n";

}else{

$out ="GET $target HTTP/1.1\r\n";

$out .="Host: $host\r\n";

$out .="Referer: $referer\r\n";

$out .="Connection: Close\r\n\r\n";

fwrite($fp, $out);

while(!feof($fp)){

echofgets($fp,128);

}

fclose($fp);

}

file_get_contents方法:

$opt=array('http'=>array('header'=>"Referer: $refer"));

$context=stream_context_create($opt);

$file_contents = file_get_contents($url,false, $context);

通过上面的代码,我们就把referer地址伪装为http://www.xxxx.com,你可以写一段代码:

$_SERVER['HTTP_REFERER'];

查看到这个referer地址,就是这么简单,所以referer也不是什么可靠的数据了。

你可能感兴趣的:(转 PHP伪造referer地址的三种方法)