不应该吗?假设我不需要响应,我只想发送请求。难道我们不能改变 tcp/ip 标头,因为我们的计算机发送它吗?我可能错过了一些东西,只是很好奇,在大学里学习。
gee*_*eya 36
您可以使用-H/--header参数:
你可以欺骗你的IP地址:
curl --header "X-Forwarded-For: 192.168.0.2" http://example.com
示例:
客户端
$ curl http://webhost.co.uk
网络主机
$ tailf access.log | grep 192.168.0.54
192.168.0.54 - - [10/Nov/2014:15:56:09 +0000] "GET / HTTP/1.1" 200 14328 "-"
"curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3
libidn/1.18 libssh2/1.4.2"
ip地址改变的客户端
$ curl --header "X-Forwarded-For: 192.168.0.99" http://webhost.co.uk
网络主机
$ tailf access.log | grep 192.168.0.99
192.168.0.99 - - [10/Nov/2014:15:56:43 +0000] "GET / HTTP/1.1" 200
14328 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0
zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
男人卷曲
-H/--header <header>
(HTTP) Extra header to use when getting a web page. You may
specify any number of extra headers. Note that if you should add
a custom header that has the same name as one of the internal
ones curl would use, your externally set header will be used
instead of the internal one. This allows you to make even
trickier stuff than curl would normally do. You should not
replace internally set headers without knowing perfectly well
what you’re doing. Remove an internal header by giving a
replacement without content on the right side of the colon,
as in: -H "Host:".
参考:
小智 6
我认为接受的答案并不能真正帮助您一直欺骗您的 IP。除非您可以访问靠近目标机器的路由器,否则您无法真正欺骗您的源 IP。
TCP 使用 3 次握手机制。您将无法完成此握手,因为来自目标机器的握手响应将转到您的欺骗 IP 而不是您自己的 IP(除非,如前所述,您控制他附近的路由器并将响应重定向到您自己)。
PS:你可能可以发送UDP消息,但我没试过。