How to bypass IP validation with cURL script

Hi All,
all we know the Tor network for anonymous surfing. In case you’ve never header about it – welcome to https://en.wikipedia.org/wiki/Tor_%28ano … network%29

So, can we use it in a php cURL script to bypass IP validation, country or even your own provider IP ban? Yes, we can. And here is the tutorial.

Before I start, I should add a disclaimer: everything you see below is NOT a way to violate any network resources rules. You should NOT use this for any kind of attacks/fraud or spam or anything of that kind

So, first we need to install a Tor client. Since I’m on a windows box now, I’ll use Vidalia bundle. This all-in-one package contains the Tor client itself, a proxy server that your browser can use for anonymous surfing. You can donwload it from https://www.torproject.org/dist/vidalia- … -0.2.7.exe The install is pretty straightforward. Once you’re done with it (be sure to check Privoxy install, you can also check Torbutton extension for FF, but it’s up to you, it is not necessary for our task) and launch the app, you should see something like:

If you see ‘connected to Tor network’, congratulations, you’re able to create the script itself. By default it binds the proxy to 8118 port
Let’s consider some basic cURL script:

// these headers are not really necessary, unless you have a specific task for which auth cookie is needed or something...
$headers = array(
'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.9.2.3) Gecko/20100401 MRA 5.6 (build 03278) Firefox/3.6.3 (.NET CLR 3.5.30729)',
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'Accept-Language: en-us;q=0.7,en;q=0.3',
'Accept-Charset: utf-8;q=0.7,*;q=0.7'
);
 
// let's test this on a site that shows our IP
$ch = curl_init("https://whatismyipaddress.com/");
 
curl_setopt($ch,CURLOPT_GET,1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_HTTPHEADER,$headers);
curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
// make sure we set the proxy correct and vidalia client is launched
curl_setopt($ch,CURLOPT_PROXY,'127.0.0.1:8118');
 
$res = curl_exec($ch);
curl_close($ch);
 
echo $res;

if you launch it in command line , you should see HTML output of https://whatismyipaddress.com/ giving you an address of someone connected to Tor, something similar to:

you’re done.

You may ask, what is the purpose of all this. Well, assume there is a service that allows some limitation of connections for one IP. It may not need an account, allowing anonymous connections, but it tracks your IP. WHOIS databases for instance. Using this approach you can bypass these limitations.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.