ASP防止GET,Post注入和防止服務(wù)器攻擊,并記錄IP(3)_ASP教程
      
編輯Tag賺U幣
      


      教程Tag:暫無Tag,歡迎添加,賺取U幣!
      


      

      推薦:ASP將IP地址最后一位替換成星號實例代碼
      先將IP地址存入數(shù)據(jù)庫,然后取出來,效果如圖: 代碼如下: % '來源 ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %

      '記錄Get攻擊結(jié)束
      Response.Write "<Script Language=JavaScript>alert('警告:此操作已被記錄! 提示:GET傳值請不要在參數(shù)中包含非法字符【"&replace(Fy_Inf(Fy_Xh),"'","’")&"】. 頁面將返回!');history.go(- 1);</Script>"
      response.End()
      End If
      Next
      Next
      end if
      


      '防注入系統(tǒng)
      dim Zqs,Zerrc,Ziii,zurl
      Zqs=request.servervariables("query_string")
      zurl=Request.ServerVariables("URL")
      dim Znothis(60)
      Znothis(0)="net user"
      Znothis(1)="@a"
      Znothis(2)="/add"
      Znothis(3)="exec%20master.dbo.xp_cmdshell"
      Znothis(4)="net localgroup administrators"
      Znothis(5)="select"
      Znothis(6)="count"
      Znothis(7)="asc"
      Znothis(8)="char"
      Znothis(9)="mid"
      Znothis(10)="cscript.exe"
      Znothis(11)="declare"
      Znothis(12)="insert"
      Znothis(13)="delete"
      Znothis(14)="drop"
      Znothis(15)="truncate"
      Znothis(16)="wscript.shell"
      Znothis(17)="%20"
      Znothis(18)=" "
      Znothis(19)="script"
      Znothis(20)="system32"
      Znothis(21)="CmdShell"
      Znothis(22)="sysadmin"
      Znothis(23)="serveradmin"
      Znothis(24)="setupadmin"
      Znothis(25)="securityadmin"
      Znothis(26)="diskadmin"
      Znothis(27)="bulkadmin"
      Znothis(28)="exec master.dbo.sp_addlogin"
      Znothis(29)="exec master.dbo.sp_password"
      Znothis(30)="exec master.dbo.sp_addsrvrolemember"
      Znothis(31)="create"
      Znothis(32)="exec xp_reg"
      Znothis(33)="backup"
      Znothis(34)="net localgroup administrators"
      Znothis(35)="Asc"
      Znothis(36)="+dir+"
      Znothis(37)="drop table"
      Znothis(38)="exec master.dbo.sp_addextendedproc"
      Znothis(39)="master.dbo.sysobjects"
      Znothis(40)="master.dbo.xp_regwrite"
      Znothis(41)="master.dbo.sysdatabases"
      Znothis(42)="DECLARE"
      Znothis(43)="EXEC sp_oacreate"
      Znothis(44)="EXEC sp_oamethod"
      Znothis(45)="xp_"
      Znothis(46)="Sp_"
      Znothis(47)="%2B"
      Znothis(48)="Sp_OAGetErrorInfo"
      Znothis(49)="Sp_OAGetProperty"
      Znothis(50)="Sp_OAMethod"
      Znothis(51)="Sp_OASetProperty"
      Znothis(52)="Sp_OAStop"
      Znothis(53)="Xp_regaddmultistring"
      Znothis(54)="Xp_regdeletekey"
      Znothis(55)="Xp_regdeletevalue"
      Znothis(56)="Xp_regenumvalues"
      Znothis(57)="Xp_regread"
      Znothis(58)="Xp_regremovemultistring"
      Znothis(59)="Xp_regwrite"
      Znothis(60)="insert into"
      分享:全角半角轉(zhuǎn)換代碼
      javascript轉(zhuǎn)換: SCRIPT /* **************************** * 參數(shù)說明: * str:要轉(zhuǎn)換的字符串 * flag:標記,為0時半轉(zhuǎn)全,為非0時全轉(zhuǎn)半 * 返回值類型:字符串 **************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (
      


      

      


      來源:模板無憂//所屬分類:ASP教程/更新時間:2012-06-08


      


      



      


      



      相關(guān)ASP教程