The variable HTTP-REFERER has become increasingly unreliable, and can be forged.
Here's how to fake it:
ASP:
dim http
set http=server.createobject("MSXML2.XMLHTTP") '//MSXML2.serverXMLHTTP can also be used
Http.open "GET",url,false
Http.setRequestHeader "Referer"," http://www.devdao.com/ "
Http.send()
PHP (provided curl is installed):
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, " http://www.devdao.com/xxx.asp ");
curl_setopt ($ch, CURLOPT_REFERER, " http://www.devdao.com/ ");
curl_exec ($ch);
curl_close ($ch);
PHP (do not install curl and use sock)
$server = 'www.devdao.com';
$host = 'www.devdao.com';
$target = '/xxx.asp';
$referer = 'http://www.devdao.com/'; // Referer
$port = 80;
$fp = fsockopen($server, $port, $errno, $errstr, 30);
if (!$fp)
{
echo "$errstr ($errno)<br />n";
}
else
{
$out = "GET $target HTTP/1.1rn";
$out .= "Host: $hostrn";
$out .= "Cookie: ASPSESSIONIDSQTBQSDA=DFCAPKLBBFICDAFMHNKIGKEGrn";
$out .= "Referer: $refererrn";
$out .= "Connection: Closernrn";
fwrite($fp, $out);
while (!feof($fp))
{
echo fgets($fp, 128);
}
fclose($fp);
}
VB.NET/C#.NET
Dim oXMLHttp As MSXML2.XMLHTTP30 = New MSXML2.XMLHTTP30()
or
MSXML2.XMLHTTP30 oXMLHttp = new MSXML2.XMLHTTP30();
oXMLHttp.open(....
oXMLHttp.setRequestHeader(...
oXMLHttp.send(..
javascript
xmlHttp.setRequestHeader("Referer", " http://URL");// ???Haha~fake~
JS is not supported^_^
The principle is that sock constructs the http header to send data. Other languages such as perl can also be used.
Currently, the simplest way to defend against forged referers is to use verification codes (Session).
There are now some commercial companies that can prevent hotlinking software, such as UUDOG, linkgate, VirtualWall, etc., all of which have developed dlls for use on IIS.
Some use cookie verification and thread control, and some can randomly generate file names and then perform URL rewriting. Some methods can indeed achieve good results.
However, there is always a way to crack these trivial tricks.