在php中fsockopen函數可以模仿用戶去訪問一些網站並且還可以帶一些常用的信息,如果浏覽器,IP,post,get 等等數據,下面我分別一來給大家介紹介紹。
如果你要使用fsockopen函數我們必須在php.ini中把allow_url_fopen = On 設置為開啟狀態。
例
fsockopen() Example
代碼如下 復制代碼<?php
$fp = fsockopen("www.example.com", 80, $errno, $errstr, 30);
if (!$fp) {
echo "$errstr ($errno)<br />n";
} else {
$out = "GET / HTTP/1.1rn";
$out .= "Host: www.example.comrn";
$out .= "Connection: Closernrn";
fwrite($fp, $out);
while (!feof($fp)) {
echo fgets($fp, 128);
}
fclose($fp);
}
?>
偽造post
POST HTTP請求(URL)並獲取返回值
代碼如下 復制代碼<?php
$srv_ip = '192.168.1.5';//你的目標服務地址.
$srv_port = 80;//端口
$url = 'http://localhost/fsock.php'; //接收你post的URL具體地址
$fp = '';
$errno = 0;//錯誤處理
$errstr = '';//錯誤處理
$timeout = 10;//多久沒有連上就中斷
$post_str = "username=demo&password=hahaha";//要提交的內容.
//打開網絡的 Socket 鏈接。
$fp = fsockopen($srv_ip,$srv_port,$errno,$errstr,$timeout);
if (!$fp){
echo('fp fail');
}
$content_length = strlen($post_str);
$post_header = "POST $url HTTP/1.1rn";
$post_header .= "Content-Type: application/x-www-form-urlencodedrn";
$post_header .= "User-Agent: MSIErn";
$post_header .= "Host: ".$srv_ip."rn";
$post_header .= "Content-Length: ".$content_length."rn";
$post_header .= "Connection: closernrn";
$post_header .= $post_str."rnrn";
fwrite($fp,$post_header);
$inheader = 1;
while(!feof($fp)){//測試文件指針是否到了文件結束的位置
$line = fgets($fp,1024);
//去掉請求包的頭信息
if ($inheader && ($line == "n" || $line == "rn")) {
$inheader = 0;
}
if ($inheader == 0) {
echo $line;
}
}
fclose($fp);
unset ($line);
?>
簡要說明:代碼第二行是你的IP地址或域名,第四行是你要POST的頁面的具體地址,本例用的是fsock.php,fsock.php內容如下:
代碼如下 復制代碼<?php
echo "username:".$_POST['username']."<br/>";
echo "password:".$_POST['password'];
?>
結果為:
username:demo
password:hahaha
偽造get
同時偽造post,get方法。
<?php
//fsocket模擬post提交
$purl = "http://localhost/netphp/test2.php?uu=rrrrrrrrrrrr";
print_r(parse_url($url));
sock_post($purl,"uu=55555555555555555");
//fsocket模擬get提交
function sock_get($url, $query)
{
$info = parse_url($url);
$fp = fsockopen($info["host"], 80, $errno, $errstr, 3);
$head = "GET ".$info['path']."?".$info["query"]." HTTP/1.0rn";
$head .= "Host: ".$info['host']."rn";
$head .= "rn";
$write = fputs($fp, $head);
while (!feof($fp))
{
$line = fread($fp,4096);
echo $line;
}
}
sock_post($purl,"uu=rrrrrrrrrrrrrrrr");
function sock_post($url, $query)
{
$info = parse_url($url);
$fp = fsockopen($info["host"], 80, $errno, $errstr, 3);
$head = "POST ".$info['path']."?".$info["query"]." HTTP/1.0rn";
$head .= "Host: ".$info['host']."rn";
$head .= "Referer: http://".$info['host'].$info['path']."rn";
$head .= "Content-type: application/x-www-form-urlencodedrn";
$head .= "Content-Length: ".strlen(trim($query))."rn";
$head .= "rn";
$head .= trim($query);
$write = fputs($fp, $head);
while (!feof($fp))
{
$line = fread($fp,4096);
echo $line;
}
}
?>
