PHP页面跳转与跨站提交伪造Referer地址来源
发布:smiling 来源: PHP粉丝网 添加日期:2014-08-27 17:37:25 浏览: 评论:0
一、尝试过的URL跳转方法,代码如下:
- echo '<meta http-equiv="refresh" content="0; URL='.$url.'">';
- echo '<scrīpt language="Javascrīpt">window.location.href="'.$url.'";</scrīpt>';
- echo '<script language="Javascrīpt">window.location.replace="'.$url.'";</ script>';
以上三种方法均无法传递REFERER地址.
二、使用PHP Socket函数伪造REFER
下面是PHP伪造REFERER代码部分,经过测试可以实现REFERER地址传递,其中$url是输入地址,代码如下:
- $uinfo = parse_url($url);//解析URL地址,比如http://phpfensi.com/archives/1.html
- if($uinfo['path']) //
- $data = $uinfo['path'];//这里得到/archives/1.html
- else
- $data = '/';//默认根
- if(!$fsp = @fsockopen($uinfo['host'], (($uinfo['port']) ? $uinfo['port'] : "80"), $errno, $errstr, 12)){
- echo "对不起对方网站暂时无法打开,请您稍后访问:".$uinfo['host']; exit;
- }else{
- fputs($fsp, "GET “.$data .” HTTP/1.0rn");//如果是跨站POST提交,可使用POST方法
- fputs($fsp, "Host: ".$uinfo['host']."rn");
- fputs($fsp, "Referer: phpfensi.comrn");//伪造REFERER地址
- fputs($fsp, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)rnrn");
- $res='';
- while(!feof($fsp)) {
- $res.=fgets($fsp, 128);
- if(strstr($res,"200 OK")) {
- header("Location:$url"); exit;
- }
- }
- }
- //如果是301或302状态码可以继续处理
- //开源代码phpfensi.com
- //返回地址大概形式:HTTP/1.1 301 Moved PermanentlynContent-Length: 164nContent-Type: text/htmlnLocation: http://phpfensi.com/
- $arr=explode("n",$res);
- $arr=explode(": ",$arr[3]);//Location后面是真实重定向地址
- header("location:".$arr[0]);//跳转目标地址
- exit;
利用另一种方法 curl)伪造HTTP_REFERER,代码如下:
- //PHP(前提是装了curl):
- $ch = curl_init();
- curl_setopt ($ch, CURLOPT_URL, "http://www.phpfensi.com/");
- curl_setopt ($ch, CURLOPT_REFERER, "http://www.phpfensi.com/");
- curl_exec ($ch);
- curl_close ($ch);
- //PHP(不装curl用sock)
- $server = 'blog.qita.in';
- $host = 'blog.qita.in';
- $target = '/xxx.asp';
- $referer = 'http://www.baidu.com/'; // Referer
- $port = 80;
- $fp = fsockopen($server, $port, $errno, $errstr, 30);
- if (!$fp)
- {
- echo "$errstr ($errno)<br />n";
- }
- else
- {
- $out = "GET $target HTTP/1.1rn";
- $out .= "Host: $hostrn";
- $out .= "Cookie: ASPSESSIONIDSQTBQSDA=DFCAPKLBBFICDAFMHNKIGKEGrn";
- $out .= "Referer: $refererrn";
- $out .= "Connection: Closernrn";
- fwrite($fp, $out);
- while (!feof($fp))
- {
- echo fgets($fp, 128);
- }
- fclose($fp);
- }
Tags: PHP页面跳转 PHP跨站提交
推荐文章
热门文章
最新评论文章
- 写给考虑创业的年轻程序员(10)
- PHP新手上路(一)(7)
- 惹恼程序员的十件事(5)
- PHP邮件发送例子,已测试成功(5)
- 致初学者:PHP比ASP优秀的七个理由(4)
- PHP会被淘汰吗?(4)
- PHP新手上路(四)(4)
- 如何去学习PHP?(2)
- 简单入门级php分页代码(2)
- php中邮箱email 电话等格式的验证(2)