Code to crack burglar chain by forging HTTP head under PHP

time:14-11-05 forum:PHP tools and code
  http://www.jb51.net/article/24115.htm

mainly for some breakthroughs in the chain, such as pictures, software and so on

here to give the complete program, the specific application can be modified by itself.
the example I gave here is very simple. In fact, a lot of applications can be developed from this example. For example, hide the real URL address... Hey, let's analyze it by ourselves.
create a new file file.php here. The latter parameter is the need to forge the target address of referfer. For example: file.php/http://www.xxx.xxx/xxx.mp3

copy code code is as follows:

[code].lt;?
$url=str_replace ('/file.php/',' ', $_SERVER.#91;.Quot; REQUEST_URI.quot;.#93;); / / / / / Here I'm lazy, I don't do security testing, I need to add up to
$downfile=str_replace (.Quot;.Quot;.Quot;.Quot; $url); / / / / replacement space, and so on, you can replace
$downfile=str_replace (.Quot; http://.Quot) according to the actual situation; / / / / / / / / / / / remove (/ / remove). .quot; /.quot; $downfile); / / / /.Quot; /.quot; decomposition of domain name
$domain=$urlarr.#91; 0.#93; / / / / domain
$getfile=str_replace ($urlarr.#91; 0.#93; '', 12); / / / / / / / connection target host NT)
die (.Quot); sorry, unable to connect to $domain. .quot;
}
fputs ($content,.Quot; GET $getfile HTTP/1.0rn.quot;);
fputs. />while ((feof ($content)) {
$tp.=fgets ($content, 128);
if (strstr ($tp,.Quot; 200 $tp)) {/ / here to illustrate. The first line of header is usually the state of the request file. Specifically, please refer to the HTTP 1.1 state code and its meaning hi.baidu.com/110911/blog/item/21f20d2475af812ed50742c5.html here is the normal file request state, only a direct turn can be. The other state's continued execution program
header (.Quot; Location:$url.quot;);
die ();
}
}
//302 turn, most of the anti-theft chain systems first judge the referfer, then turn to the real address. The following is to get the real address.
$arr=explode (.Quot; n.quot; $tp);
$arr1=explode (.Quot; Location:.Quot; $tp); ); / / / / steering target address
die ();
?.gt; [/code]



this program can only use referer to judge whether the chain is theft chain system, using other special methods to guard against the chain, this estimate does not apply to
copy code as follows:
echo referfile ($txt,'http://www.jb51.net/');

function referfile ($url, $refer='') {}[/code]

the copy code code is as follows:

[code].lt; php
$host =.Quot; pakey.net.quot; / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / / forgery Open ($host, 80, $errno, $errstr, 30);
if ($fp) {
echo.Quot; $errstr ($errno). >echo fgets ($fp, 1024);
}
fclose ($fp);
}
?.gt; [/code]

is the code I used in my novel thieves, breaking the anti theft chain of the electronic book of the pavilion.

prev:Breaking the restriction of the photo th... next:The "ladder price" of public rental hous...
post comment
Notice



approved   The most beautiful adoptive mother i...   What's the use and use of the social...   A glimpse of the Intangible Cultural...   The couple made tea by hand in deep ...   What day can "star children" be inte...
rand   PHP setcookie () function   Discuz classic PHP encryption decryp...   A brief discussion on comet Technolo...   Javascript/php implements comet (Aja...   Using Json to realize data exchange ...
ads

other

Because all the contents of this site are reproduced from other media, the intention is to provide free services to the public, but it does not mean that this site agrees with its views, and can not be responsible for the authenticity of its verification, such as the copyright unit or individual of the manuscript does not want to publish on this site, please Contact me, I will immediately remove it, thank you. Contact: atseashawk@163.com