你想做的事
验证使用PHP curl破坏表单身份验证时所需的技术
操作检查环境,使用的库等
- Fedora 24服务器版
- PHP 5.6.28
样例代码
提前准备
作为初步准备,我准备了以下两个PHP文件,并将它们放在测试Web服务器上。
这是一个简单的程序,它只是设置适当的会话信息并获取它。
setsession.php
1 2 3 4 | <?php session_start(); $_SESSION["hoge"] = "fuga"; print "setsession.php\n"; |
getsession.php
1 2 3 4 | <?php session_start(); print "getsession.php\n"; var_dump($_SESSION); |
启动PHP会话时,它将尝试保存包含会话ID的cookie。
如果此cookie是在浏览器端继承的,则可以读取保存的会话值。
(它在转转...)
验证码1:未指定任何内容
test1.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | <?php $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/setsession.php"); $page1 = curl_exec($curl); print $page1; curl_close($curl); $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/getsession.php"); $page2 = curl_exec($curl); print $page2; curl_close($curl); |
执行结果
输出
1 2 3 4 | setsession.php getsession.php array(0) { } |
$ _SESSION为空。
验证码2:明确指定COOKIE JAR
test2.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <?php $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_COOKIEJAR, "/tmp/test.cookie"); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/setsession.php"); $page1 = curl_exec($curl); print $page1; curl_close($curl); $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/getsession.php"); curl_setopt($curl, CURLOPT_COOKIEJAR, "/tmp/test.cookie"); $page2 = curl_exec($curl); print $page2; curl_close($curl); |
执行结果
输出
1 2 3 4 | setsession.php getsession.php array(0) { } |
$ _SESSION为空,但是创建了/tmp/test.cookie。
/tmp/test.cookie
1 2 3 4 5 | # Netscape HTTP Cookie File # https://curl.haxx.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. localhost FALSE / FALSE 0 PHPSESSID 3sn18vlmp1bd75qphm61j0v4a2 |
验证码3:明确指定COOKIEFILE
test3.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <?php $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_COOKIEFILE, "/tmp/test.cookie"); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/setsession.php"); $page1 = curl_exec($curl); print $page1; curl_close($curl); $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/getsession.php"); curl_setopt($curl, CURLOPT_COOKIEFILE, "/tmp/test.cookie"); $page2 = curl_exec($curl); print $page2; curl_close($curl); |
执行结果
输出
1 2 3 4 | setsession.php getsession.php array(0) { } |
$ _SESSION为空,也不会创建/tmp/test.cookie。
验证码4:同时指定COOKIE JAR和COOKIE FILE
test.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | <?php $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_COOKIEJAR, "/tmp/test.cookie"); curl_setopt($curl, CURLOPT_COOKIEFILE, "/tmp/test.cookie"); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/setsession.php"); $page1 = curl_exec($curl); print $page1; curl_close($curl); $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_COOKIEJAR, "/tmp/test.cookie"); curl_setopt($curl, CURLOPT_COOKIEFILE, "/tmp/test.cookie"); curl_setopt($curl, CURLOPT_URL, "http://localhost/test/getsession.php"); $page2 = curl_exec($curl); print $page2; curl_close($curl); |
执行结果
输出
1 2 3 4 5 6 | setsession.php getsession.php array(1) { ["hoge"]=> string(4) "fuga" } |
$ _SESSION已被接管,/ tmp / test.cookie已创建。
验证码5:分别指定COOKIE JAR和COOKIE FILE
test.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <?php $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_COOKIEJAR, "/tmp/test.cookie"); //セットするときはJARだけ curl_setopt($curl, CURLOPT_URL, "http://localhost/test/setsession.php"); $page1 = curl_exec($curl); print $page1; curl_close($curl); $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_COOKIEFILE, "/tmp/test.cookie"); // ゲットするときはFILEだけ curl_setopt($curl, CURLOPT_URL, "http://localhost/test/getsession.php"); $page2 = curl_exec($curl); print $page2; curl_close($curl); |
执行结果
输出
1 2 3 4 5 6 | setsession.php getsession.php array(1) { ["hoge"]=> string(4) "fuga" } |
$ _SESSION已被接管,/ tmp / test.cookie已创建。
检查结果
要从PHP curl处理cookie,您需要设置" COOKIE JAR"和" COOKIE FILE"。
" COOKIE JAR"的行为类似于仅保存,而" COOKIE FILE"的行为类似于只读。
在实际使用中,将两者都设置可能会起作用。