php curl伪造referer

Posted 2020-10-07 Ame启风

 

CURL方式：

 

 

 1 $ch = curl_init();  
 2    
 3 curl_setopt ($ch, CURLOPT_URL, "http://www.yyyy.com");  
 4    
 5 curl_setopt ($ch, CURLOPT_REFERER, "http://www.xxxx.com/");  
 6    
 7 curl_exec ($ch);  
 8    
 9 curl_close ($ch);  
10 
11  

 

 

 

SOCKET方式：

 

 

  

 1 $server = ‘www.yyyy.com‘;  
 2    
 3 $host = ‘www.yyyy.com‘;  
 4    
 5 $target = ‘index.php‘;  
 6    
 7 $referer = ‘http://www.xxxx.com/‘; // Referer  
 8    
 9 $port = 80;  
10    
11 $fp = fsockopen($server, $port, $errno, $errstr, 30);  
12    
13 if (!$fp){  
14    
15   echo "$errstr ($errno)\n";  
16    
17 }else{  
18    
19 $out = "GET $target HTTP/1.1\r\n";  
20    
21 $out .= "Host: $host\r\n";  
22    
23 $out .= "Referer: $referer\r\n";  
24    
25 $out .= "Connection: Close\r\n\r\n";  
26    
27 fwrite($fp, $out);  
28    
29 while (!feof($fp)){  
30    
31 echo fgets($fp, 128);  
32    
33 }  
34    
35 fclose($fp);  
36    
37 }  

 

file_get_contents方法：

 

 

1 $opt=array(‘http‘=>array(‘header‘=>"Referer: $refer"));   
2    
3 $context=stream_context_create($opt);   
4    
5 $file_contents = file_get_contents($url,false, $context);  

 

通过上面的代码，我们就把referer地址伪装为http://www.xxxx.com，你可以写一段代码：

$_SERVER[‘HTTP_REFERER‘];

查看到这个referer地址，就是这么简单，所以referer也不是什么可靠的数据了