PHP through the forged HTTP header to crack the code against hotlinking

  • 2020-03-31 20:50:31
  • OfStack

Forgery referer instance code, mainly used for some breakthrough hotlinking, such as images, software, and so on

Here gives the complete program directly, the specific application can be modified.
The example I've given here is very simple, and there are a lot of applications that can be developed from this example. Like hiding the real URL... Hey hey, specific go to his analysis
I'm going to create a new file, file.php. The next parameter is to fake the referfer's target address. Such as: file. PHP/

$url=str_replace('/file.php/','',$_SERVER["REQUEST_URI"]);//Get the url that needs to be converted. Here I am lazy, do not do safety detection, need to add their own
$downfile=str_replace(" ","%20",$url);//Replace the space and so on, can be replaced according to the actual situation
$downfile=str_replace("http://","",$downfile);//Remove the HTTP: __
$urlarr=explode("/",$downfile);//Break down the domain name by "/"
$domain=$urlarr[0];//The domain name
$getfile=str_replace($urlarr[0],'',$downfile);//I GET the GET part of the header
$content = @fsockopen("$domain", 80, $errno, $errstr, 12);//Connect to target host
if (!$content){//An error occurs when a link fails
die(" Sorry, I can't connect  $domain  . "); 
fputs($content, "GET $getfile HTTP/1.0rn"); 
fputs($content, "Host: $domainrn"); 
fputs($content, "Referer: $domainrn");//Forged part
fputs($content, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)rnrn"); 
while (!feof($content)) { 
$tp.=fgets($content, 128); 
if (strstr($tp,"200 OK")){ //There's a little bit of clarification here. The first line of the header is usually the status of the request file. Specific please refer to the HTTP status code 1.1 and its meaning here is the normal state of file request, only to can directly. Continuation of other states
//302 steering, most anti-hotlinking systems are first to determine the referfer, the correct words then to the real address. Here's how to get the real address.
$arr1=explode("Location: ",$tp);//Factor out the true time address after the Location
header('Content-Type:application/force-download');//Forced to download
header("location:".$arr2[0]);//Redirect to target address

This procedure can only be used to determine if the referer is hotlinking anti-hotlinking system, using other special methods to prevent hotlinking, this estimate is not applicable
echo referfile($txt,'//'); 

function referfile($url,$refer='') { 
return file_get_contents($url,false,$context); 

$host = ""; //The domain you want to visit
$target = "/test.asp"; //The address of the page you want to visit
$referer = "http//"; // Fake the inbound page  
$fp = fsockopen($host, 80, $errno, $errstr, 30); 
echo "$errstr($errno)<br />n"; 
$out = " 
GET $target HTTP/1.1 
Host: $host 
Referer: $referer 
Connection: Closernrn"; 

fwrite($fp, $out); 
echo fgets($fp, 1024); 

Is I used in my novel thief code, cracked the cloud porch pavilion TXT ebook hotlinking.

Related articles: