kelvinzer0/curl-impersonate-php

GitHub: kelvinzer0/curl-impersonate-php

PHP 封装 curl-impersonate,通过模拟真实浏览器 TLS 指纹绕过反机器人检测。

Stars: 22 | Forks: 7

# curl-impersonate-php **停止被屏蔽。开始模拟真实浏览器。** [![最新版本](https://img.shields.io/github/v/release/kelvinzer0/curl-impersonate-php?style=flat-square&color=blue)](https://github.com/kelvinzer0/curl-impersonate-php/releases) [![CI](https://img.shields.io/github/actions/workflow/status/kelvinzer0/curl-impersonate-php/ci.yml?style=flat-square&label=build)](https://github.com/kelvinzer0/curl-impersonate-php/actions) [![PHP 版本](https://img.shields.io/badge/php-%3E%3D7.4-8892BF?style=flat-square&logo=php&logoColor=white)](https://php.net) [![许可证](https://img.shields.io/github/license/kelvinzer0/curl-impersonate-php?style=flat-square)](LICENSE) [![下载量](https://img.shields.io/packagist/dt/kelvinzer0/curl-impersonate-php?style=flat-square&color=green)](https://packagist.org/packages/kelvinzer0/curl-impersonate-php) [![Stars](https://img.shields.io/github/stars/kelvinzer0/curl-impersonate-php?style=social)](https://github.com/kelvinzer0/curl-impersonate-php) PHP 包装器,用于 [curl-impersonate](https://github.com/lwthiker/curl-impersonate) —— 执行模仿真实浏览器 TLS 指纹的 HTTP 请求,绕过 Cloudflare、Akamai、Datadome 及其他反机器人系统。 [安装指南](#installation) · [快速开始](#quick-start) · [浏览器预设](#browser-presets) · [API](#api) · [常见问题](#faq)
## 存在原因 常规的 `curl` 具有独特的 TLS 指纹。反机器人系统能立即检测到它。 **curl-impersonate** 使用经过修补的 libcurl,生成与 Chrome、Firefox 或 Safari **完全相同的 TLS ClientHello**。你的请求将与真实浏览器无法区分。 本库将其封装为干净的 PHP API,无需 shell 脚本即可使用。 ``` Regular curl → TLS fingerprint = "bot" → 🚫 403 Blocked curl-impersonate → TLS fingerprint = "Chrome" → ✅ 200 OK ``` ## 安装 ``` composer require kelvinzer0/curl-impersonate-php ``` ### 安装 curl-impersonate 二进制文件 ``` # Linux x86_64 (v0.6.1) curl -L https://github.com/lwthiker/curl-impersonate/releases/download/v0.6.1/curl-impersonate-v0.6.1.x86_64-linux-gnu.tar.gz | tar xz export LD_LIBRARY_PATH="$PWD:$LD_LIBRARY_PATH" # macOS (Homebrew) brew install curl-impersonate ``` 请参阅 [curl-impersonate 发行版本](https://github.com/lwthiker/curl-impersonate/releases) 获取所有构建版本。 ## 快速开始 ``` setBrowser(CurlImpersonate::BROWSER_CHROME) ->setopt(CurlImpersonate::OPT_URL, 'https://example.com') ->setopt(CurlImpersonate::OPT_METHOD, 'GET') ->exec(); echo $response; ``` ``` setopt(CurlImpersonate::OPT_URL, 'https://example.com') ->setopt(CurlImpersonate::OPT_ENGINE, '/path/to/curl_chrome116') ->exec(); ``` ## 浏览器预设 | 预设 | 常量 | 模拟对象 | |---|---|---| | Chrome 116 | `BROWSER_CHROME` | Windows 10 上的 Chrome 116 | | Chrome 120 | `BROWSER_CHROME_120` | Windows 10 上的 Chrome 120 | | Firefox 102 | `BROWSER_FIREFOX` | Linux 上的 Firefox 102 ESR | | Firefox 117 | `BROWSER_FIREFOX_117` | Linux 上的 Firefox 117 | | Safari 15.3 | `BROWSER_SAFARI` | macOS Monterey 上的 Safari 15.3 | | Safari 17.0 | `BROWSER_SAFARI_17` | macOS Sonoma 上的 Safari 17.0 | | Edge 99 | `BROWSER_EDGE` | Windows 上的 Edge 99 | ``` $curl->setBrowser(CurlImpersonate::BROWSER_CHROME_120); ``` ## API ### 选项 ``` $curl->setopt(int $option, mixed $value): self ``` | 常量 | 描述 | 示例 | |---|---|---| | `OPT_URL` | 目标 URL | `'https://api.example.com/data'` | | `OPT_METHOD` | HTTP 方法 | `'POST'` | | `OPT_POSTFIELDS` | 请求体(数组转 JSON) | `['key' => 'value']` | | `OPT_HTTP_HEADERS` | 请求头数组 | `['Authorization: Bearer xxx']` | | `OPT_HEADER` | 包含响应头 | `true` | | `OPT_ENGINE` | curl-impersonate 二进制文件路径 | `'/usr/local/bin/curl_chrome116'` | | `OPT_PROXY` | 代理(HTTP 或 SOCKS5) | `'socks5://127.0.0.1:1080'` | | `OPT_TIMEOUT` | 请求超时(秒) | `30` | | `OPT_FOLLOW_LOCATION` | 跟随重定向 | `true` | | `OPT_VERIFY_SSL` | 验证 SSL 证书 | `true` | | `OPT_COOKIEFILE` | 从文件读取 Cookie | `'/tmp/cookies.txt'` | | `OPT_COOKIEJAR` | 保存 Cookie 到文件 | `'/tmp/cookies.txt'` | ### 方法 ``` // Execute and get response $response = $curl->exec(): ?string // Execute with streaming $curl->execStream(): self $chunk = $curl->readStream(4096): string|false $curl->closeStream(): void // Build command (for debugging) $command = $curl->buildCommand(): string // Reset for reuse $curl->reset(): self ``` ## 示例 ### 使用认证信息 POST JSON ``` $curl = new CurlImpersonate(); $response = $curl ->setBrowser(CurlImpersonate::BROWSER_CHROME) ->setopt(CurlImpersonate::OPT_URL, 'https://api.example.com/users') ->setopt(CurlImpersonate::OPT_METHOD, 'POST') ->setopt(CurlImpersonate::OPT_POSTFIELDS, ['name' => 'Kelvin', 'role' => 'admin']) ->setopt(CurlImpersonate::OPT_HTTP_HEADERS, [ 'Authorization: Bearer YOUR_TOKEN', 'Content-Type: application/json', ]) ->exec(); ``` ### SOCKS5 代理 ``` $curl = new CurlImpersonate(); $response = $curl ->setBrowser(CurlImpersonate::BROWSER_FIREFOX) ->setopt(CurlImpersonate::OPT_URL, 'https://check.torproject.org/api/ip') ->setopt(CurlImpersonate::OPT_PROXY, 'socks5h://127.0.0.1:9050') ->exec(); ``` ### 流式处理大响应 ``` $curl = new CurlImpersonate(); $curl ->setBrowser(CurlImpersonate::BROWSER_SAFARI) ->setopt(CurlImpersonate::OPT_URL, 'https://example.com/large-file') ->execStream(); while ($chunk = $curl->readStream(8192)) { echo $chunk; // process chunk by chunk } ``` ### 使用 Cookie 抓取 ``` $curl = new CurlImpersonate(); // Step 1: Login and save cookies $curl ->setBrowser(CurlImpersonate::BROWSER_CHROME) ->setopt(CurlImpersonate::OPT_URL, 'https://example.com/login') ->setopt(CurlImpersonate::OPT_METHOD, 'POST') ->setopt(CurlImpersonate::OPT_POSTFIELDS, ['user' => 'admin', 'pass' => 'secret']) ->setopt(CurlImpersonate::OPT_COOKIEJAR, '/tmp/cookies.txt') ->exec(); // Step 2: Use saved cookies $response = $curl ->reset() ->setBrowser(CurlImpersonate::BROWSER_CHROME) ->setopt(CurlImpersonate::OPT_URL, 'https://example.com/dashboard') ->setopt(CurlImpersonate::OPT_COOKIEFILE, '/tmp/cookies.txt') ->exec(); ``` ## 常见问题 ### 应该从哪里获取 curl-impersonate 二进制文件? 从 [发行版本](https://github.com/lwthiker/curl-impersonate/releases) 下载或通过软件包管理器安装: ``` # macOS brew install curl-impersonate # Arch Linux yay -S curl-impersonate # Docker docker pull lwthiker/curl-impersonate:0.6.1 ``` ### 如何使用代理? 使用 `OPT_PROXY`,支持 curl 支持的任何代理类型: ``` // HTTP proxy ->setopt(CurlImpersonate::OPT_PROXY, 'http://user:pass@proxy.example.com:8080') // SOCKS5 proxy ->setopt(CurlImpersonate::OPT_PROXY, 'socks5://127.0.0.1:1080') // SOCKS5 with DNS resolution through proxy ->setopt(CurlImpersonate::OPT_PROXY, 'socks5h://127.0.0.1:1080') ``` ### 出现 "command not found" 错误 请确保 `curl-impersonate` 二进制文件在 PATH 中,或使用完整路径: ``` // Option 1: setBrowser with explicit path ->setBrowser(CurlImpersonate::BROWSER_CHROME, '/opt/curl-impersonate/bin') // Option 2: direct engine path ->setopt(CurlImpersonate::OPT_ENGINE, '/opt/curl-impersonate/bin/curl_chrome116') ``` ### 在共享主机上能否使用? 不能。该库需要 shell 权限来执行 `curl-impersonate` 二进制文件。它适用于 VPS、专用服务器、Docker 容器以及任何可以安装系统软件包的环境。 ## 对比 | 功能 | 原生 curl | Guzzle | 本库 | |---|---|---|---| | TLS 指纹 | ❌ 机器人检测 | ❌ 机器人检测 | ✅ 真实浏览器 | | HTTP/2 指纹 | ❌ | ❌ | ✅ 真实浏览器 | | Ja3 指纹 | ❌ | ❌ | ✅ 匹配 | | PHP API | ❌ 原始资源 | ✅ 简洁 | ✅ 简洁 | | 代理支持 | ✅ | ✅ | ✅ | | 流式处理 | ✅ | ✅ | ✅ | ## 使用者 - 大规模网页抓取且无需 IP 轮换 - SEO 监控工具 - 比价服务 - 访问反机器人保护的 API 接口 - 安全研究与测试 ## 贡献 请参阅 [CONTRIBUTING.md](CONTRIBUTING.md)。 ## 许可证 [MIT](LICENSE) © Kelvin Yuli Andrian
**⭐ 如果它帮你避免了 403,请给本仓库加星** [报告问题](https://github.com/kelvinzer0/curl-impersonate-php/issues) · [请求功能](https://github.com/kelvinzer0/curl-impersonate-php/issues/new)
标签:Akamai, Cloudflare, Composer包, curl, curl-impersonate, Datadome, ffuf, HTTPS拦截, HTTP请求, Linux取证, MITRE ATT&CK, OpenVAS, PHP, Radare2, SSL/TLS, TLS指纹, User-Agent, Web采集, 前端指纹模拟, 反Bot, 反反爬, 安全绕过, 客户端伪装, 抓包模拟, 浏览器仿真, 浏览器指纹