- $headers['CLIENT-IP'] = '202.103.229.40';
- $headers['X-FORWARDED-FOR'] = '202.103.229.40';
-
- $headerArr = array();
- foreach( $headers as $n => $v ) {
- $headerArr[] = $n .':' . $v;
- }
-
- ob_start();
- $ch = curl_init();
- curl_setopt ($ch, CURLOPT_URL, "http://localhost/curl/server.php");
- curl_setopt ($ch, CURLOPT_HTTPHEADER , $headerArr ); //构造IP
- curl_setopt ($ch, CURLOPT_REFERER, "http://bbs.it-home.org/ "); //构造来路
- curl_setopt( $ch, CURLOPT_HEADER, 1);
-
- curl_exec($ch);
- curl_close ($ch);
- $out = ob_get_contents();
- ob_clean();
-
- echo $out;
- ?>
2,curl伪造IP和来路 服务端 server.php
- function GetIP(){
- if(!empty($_SERVER["HTTP_CLIENT_IP"]))
- $cip = $_SERVER["HTTP_CLIENT_IP"];
- else if(!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
- $cip = $_SERVER["HTTP_X_FORWARDED_FOR"];
- else if(!empty($_SERVER["REMOTE_ADDR"]))
- $cip = $_SERVER["REMOTE_ADDR"];
- else
- $cip = "无法获取!";
- return $cip;
- }
- echo "
访问IP: ".GetIP()." "; - echo "
访问来路: ".$_SERVER["HTTP_REFERER"]; - ?>
补充:$_SERVER['REMOTE_ADDR']无法伪造。 |