asp,PHP and. net forge HTTP-REFERER method and forgery preventing REFERER-bug warning-the black bar safety net

2007-09-23T00:00:00
ID MYHACK58:62200717013
Type myhack58
Reporter 佚名
Modified 2007-09-23T00:00:00

Description

HTTP-REFERER this variable has been increasingly unreliable, and completely is what can be forged out of the stuff.

The following is the forged method:

ASP/Visual Basic code dim http set http=server. createobject("MSXML2. XMLHTTP") '//MSXML2. serverXMLHTTP also can Http. open "GET",url,false Http. setRequestHeader "Referer","http://www.dc9.cn/" Http. send()

PHP(prerequisite is installed curl):

PHP code $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, "http://www.dc9.cn/xxx.asp"); curl_setopt ($ch, CURLOPT_REFERER, "http://www.dc9.cn/"); curl_exec ($ch); curl_close ($ch);

PHP(without curl with a sock)

PHP code $server = 'www.dc9.cn'; $host = 'www.dc9.cn'; $target = '/xxx. asp'; $referer = 'http://www.dc9.cn/'; // Referer $port = 8 0; $fp = fsockopen($server, $port, $errno, $errstr, 3 0); if (!$ fp) { echo "$errstr ($errno)<br />\n"; } else { $out = "GET $target HTTP/1.1\r\n"; $out .= "Host: $host\r\n"; $out .= "Cookie: ASPSESSIONIDSQTBQSDA=DFCAPKLBBFICDAFMHNKIGKEG\r\n"; $out .= "Referer: $referer\r\n"; $out .= "Connection: Close\r\n\r\n"; fwrite($fp, $out); while (! feof($fp)) { echo fgets($fp, 1 2 8); } fclose($fp); }

VB.NET/C#.NET

C#code Dim oXMLHttp As MSXML2. XMLHTTP30 = New MSXML2. XMLHTTP30() Or MSXML2. XMLHTTP30 oXMLHttp = new MSXML2. XMLHTTP30(); oXMLHttp. open (.... oXMLHttp. setRequestHeader(... oXMLHttp. send(..

javascript

JavaScript code xmlHttp. setRequestHeader("Referer", "http://URL");//??? Oh~fake~ JS does not support^_^

The principle is the sock configured an http header to the senddata。 Other language something like perl you can also,

Currently, a relatively simple Defense forged the referer method is to use a CAPTCHA Session is.

Now there are some can anti-theft chain software business company such as UUDOG, the linkgate, the VirtualWall what is the development application in IIS the above dll. Some using cookie authentication, thread control, some can be randomly generated file name and then do a URL rewrite. Any method can indeed achieve a good effect.

But know one foot magic Ridge, these fluff will be there to crack the method.