Logo

Armand.nz

Home / About / Linkedin / Github

Spoof IP address

#curl #IP address |

To effectively spoof your source IP, you must route your traffic through a proxy where your Origin IP can hide behind.

While you cannot indeed change your IP address by manipulating an HTTP header, it is possible superficially mask or “spoof” your IP

The X-Forwarded-For (XFF) HTTP Header is often used to save the client’s IP address, and appliances, systems, proxies, and servers include this functionality by default; others do not. For example, Apache and Nginx correctly determine the client’s IP address and set it as the X-Real-IP HTTP Header value. Nowadays, most systems allow you to designate any HTTP header to capture this client information.

Here are some example curl commands that allow you to randomize or specify a client IP address using X-Forwarded-For as an example:

# Randomize
curl --header "X-Forwarded-for: $((RANDOM % 256)).$((RANDOM % 256)).$((RANDOM % 256)).$((RANDOM % 256))" 'www.example.com'

# Specific 
curl --header "X-Forwarded-For: 1.2.3.4" "http://www.foobar.com"
curl --header "X-Forwarded-For: 192.168.0.2" http://example.com
comments powered byDisqus

Copyright © Armand