通常为了安全会在表单里加入一个随机的token值来防止csrf攻击。
要想模拟提交有token验证的网站其实也不难。
1.通过正则获取token 2.带上获取到的token模拟提交
下面是一个成功的例子
目录结构
│ form.php –需要模拟的表单 │ getForm.php – 模拟提交程序 │ post.php –表单验证程序 │ └─cookie – cookie存放目录
getForm.php
<?php$cookie_file = "./cookie/".time().".cookie";$str = getResponse("http://a.curl.com:81/form.php",[],$cookie_file);setcookie("PHPSESSID", "vc0heoa6lfsi3gger54pkns152");preg_match("/<input name="token" type="hidden" value="(.*)"/U", $str, $match);$post["token"] = $match[1];$post["name"] = "3333333";$post["password"] = "12121213";print_r(getResponse("http://a.curl.com:81/post.php", $post, $cookie_file));function getResponse($url, $data=[], $cookie_file="", $timeout = 3) { if(empty($cookie_file)) { $cookie_file = ".cookie"; } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_REFERER, "https://www.baidu.com"); //构造来路 curl_setopt($ch, CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36"); if(!empty($data)) { curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); } curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);// 取cookie的参数是 curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie_file); //发送cookie curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); try { $handles = curl_exec($ch); curl_close($ch); return $handles; } catch (Exception $e) { echo "Caught exception: ", $e->getMessage(), ""; } unlink($cookie_file); }form.php
<?phpsession_start();$_SESSION["token"] = md5($_SERVER["REQUEST_TIME"]);$_SESSION["time"] = date("Y-m-d H:i:s");session_write_close();//echo $_SESSION["auth"];?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <title> new document </title> <meta name="generator" content="editplus" /> <meta name="author" content="" /> <meta name="keywords" content="" /> <meta name="description" content="" /> </head> <body><form action="post.php" method="post"> <p><input name="name" type="text"></p> <p><input name="password" type="password"></p> <p><input name="token" type="hidden" value="<?php echo $_SESSION["token"]?>"></p> <p><input type="submit"></p></form> </body></html>post.php
<?phpsession_start();if(empty($_POST["token"])){ exit ("token is empty!");}if(empty($_SESSION["token"])){ exit ("session is empty");}if($_POST["token"] != $_SESSION["token"]){ exit ("token ");} else{ unset($_SESSION["token"]);}echo PHP_EOL;echo "pass";print_r($_REQUEST);echo PHP_EOL;print_r($_SERVER);以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持网页设计。
