Blog

Spoofing HTTP_REFERER

index.php :

HTTP_REFERER : <?PHP echo $_SERVER['HTTP_REFERER']; ?>

Met Telnet :

telnet tfalcon.nl 80 <enter>
GET /index.php HTTP/1.0 <enter>
Referer: http://www.google.nl <enter>
Host: tfalcon.nl <enter>
<enter>

Resultaat :

telnet tfalcon.nl 80
Trying 83.137.150.100...
Connected to tfalcon.nl.
Escape character is '^]'.
GET /index.php HTTP/1.0
Referer: http://www.google.nl
Host: tfalcon.nl

HTTP/1.1 200 OK Date: Tue, 26 Oct 2010 19:58:05 GMT Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: PHP/5.2.6-1+lenny8 Connection: close Content-Type: text/html

HTTP_REFERER : http://www.google.nl

Connection closed by foreign host.


Met PHP en cURL :

$ch = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://www.tfalcon.nl/index.php');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_REFERER, 'http://www.google.nl');
curl_exec($ch);
curl_close($ch);
?>
Zoeken