PHP页面跳转与跨站提交假造Referer地址来源
发布时间:2023-08-02 14:25:32 所属栏目:PHP教程 来源:
导读:一、尝试过的URL跳转方法,代码如下:
echo '<meta http-equiv="refresh" content="0; URL='.$url.'">';
echo '<scrīpt language="Javascrīpt">window.location.href="'.$url.&
echo '<meta http-equiv="refresh" content="0; URL='.$url.'">';
echo '<scrīpt language="Javascrīpt">window.location.href="'.$url.&
|
一、尝试过的URL跳转方法,代码如下: echo '<meta http-equiv="refresh" content="0; URL='.$url.'">'; echo '<scrīpt language="Javascrīpt">window.location.href="'.$url.'";</scrīpt>'; echo '<script language="Javascrīpt">window.location.replace="'.$url.'";</ script>'; 以上三种方法均无法传递REFERER地址. 二、使用PHP Socket函数伪造REFER 下面是PHP伪造REFERER代码部分,经过测试可以实现REFERER地址传递,其中$url是输入地址,代码如下: $uinfo = parse_url($url);//解析URL地址,比如http://Cuoxin.com/archives/1.html if($uinfo['path']) // $data = $uinfo['path'];//这里得到/archives/1.html else $data = '/';//默认根 if(!$fsp = @fsockopen($uinfo['host'], (($uinfo['port']) ? $uinfo['port'] : "80"), $errno, $errstr, 12)){ echo "对不起对方网站暂时无法打开,请您稍后访问:".$uinfo['host']; exit; }else{ fputs($fsp, "GET “.$data .” HTTP/1.0rn");//如果是跨站POST提交,可使用POST方法 fputs($fsp, "Host: ".$uinfo['host']."rn"); fputs($fsp, "Referer: Cuoxin.comrn");//伪造REFERER地址 fputs($fsp, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)rnrn"); $res=''; while(!feof($fsp)) { $res.=fgets($fsp, 128); if(strstr($res,"200 OK")) { header("Location:$url"); exit; } } } //如果是301或302状态码可以继续处理 //开源代码Cuoxin.com //返回地址大概形式:HTTP/1.1 301 Moved PermanentlynContent-Length: 164nContent-Type: text/htmlnLocation: http://Cuoxin.com/ $arr=explode("n",$res); $arr=explode(": ",$arr[3]);//Location后面是真实重定向地址 header("location:".$arr[0]);//跳转目标地址 exit; 利用另一种方法 curl)伪造HTTP_REFERER,代码如下: //PHP(前提是装了curl): $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, "http://www.Cuoxin.com/"); curl_setopt ($ch, CURLOPT_REFERER, "http://www.Cuoxin.com/"); curl_exec ($ch); curl_close ($ch); //PHP(不装curl用sock) $server = 'blog.qita.in'; $host = 'blog.qita.in'; $target = '/xxx.asp'; $referer = 'http://www.baidu.com/'; // Referer $port = 80; $fp = fsockopen($server, $port, $errno, $errstr, 30); if (!$fp) { echo "$errstr ($errno)<br />n"; } else { $out = "GET $target HTTP/1.1rn"; $out .= "Host: $hostrn"; $out .= "Cookie: ASPSESSIONIDSQTBQSDA=DFCAPKLBBFICDAFMHNKIGKEGrn"; $out .= "Referer: $refererrn"; $out .= "Connection: Closernrn"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } (编辑:汽车网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
推荐文章
站长推荐
