asp防注入代码 过滤 get post cookies
来源:互联网 发布:html js radio 赋值 编辑:程序博客网 时间:2024/05/17 04:23
Dim Fy_Post,Fy_Get,Fy_cook,Fy_In,Fy_Inf,Fy_Xh,Fy_db,Fy_dbstr,aa ,bb
On Error Resume Next
Fy_In = "'|exec|insert|select|delete|update|count|chr|truncate|char|declare|script|iframe|char|set|(*)"
aa="heike.txt" '------------------------------------------如入侵记录保存文件
Fy_Inf = split(Fy_In,"|")
'1--------POST部份------------------
If Request.Form<>"" Then
For Each Fy_Post In Request.Form
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then
flyaway1=now()&" "&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'post'+'"& Fy_Inf(Fy_Xh) &"'+"&Fy_post&"+"&replace(Request.Form(Fy_post),"'","(*)")&""
bb=Fy_Inf(Fy_Xh)
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway1
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'2--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
flyaway2=now()&" "&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'get'+'"& Fy_Inf(Fy_Xh) &"'+"&Fy_get&"+"&replace(Request.QueryString(Fy_get),"'","(*)")&""
bb=Fy_Inf(Fy_Xh)
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway2
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'3--------cookies部份-------------------
If Request.Cookies<>"" Then
For Each Fy_cook In Request.Cookies
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Cookies(Fy_cook)),Fy_Inf(Fy_Xh))<>0 Then
flyaway3=now()&" "&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'cookies'+'"& Fy_Inf(Fy_Xh) &"'+"&Fy_cook&"+"&replace(Request.Cookies(Fy_cook),"'","(*)")&""
bb=Fy_Inf(Fy_Xh)
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway3
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
Sub aaa()
Response.Write "您提交参数中包含非法字符--"+replace(bb,"(*)","'")+" 尝试注入,我们已经记录您的提交记录以及ip,数据被保存并提交到网络110系统! "
Response.Write "<br><hr>"
Response.End
end Sub
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/jsglzj/archive/2009/03/08/3969648.aspx
- asp防注入代码 过滤 get post cookies
- asp防注入代码 过滤 get post cookies
- 防SQL注入过滤代码
- asp 防注入代码
- 简单防Get OR Post SQL注入
- ASP最新SQL防注入过滤函数
- asp.net防SQL注入参数过滤
- sql防注入代码(asp)
- asp 防注入相关代码
- asp防sql注入代码
- ASP通用防注入代码
- 万能Asp防注入代码
- 万能Asp防注入代码
- 两个防SQL注入过滤代码
- 两个防SQL注入过滤代码
- 两个防SQL注入过滤代码
- 两个防SQL注入过滤代码
- C#(ASP.NET)正则表达式 过滤危险字符函数代码 防SQL注入 很全面的SQL关键字过滤
- 生病了还忘不了我的五子棋程序!
- Struts 2.0的codebehinde插件应用简述
- My_first
- Config
- 管家婆常、连结失败、211端口等常见问题解决办法
- asp防注入代码 过滤 get post cookies
- asp中如何防cookie注入
- VS2005 快捷键
- Cookie注入原理(简述)
- 精妙Sql语句
- truncate,delete,drop的異同點
- 09书展归来 读书频道为您带来独家视点
- 回溯法的应用--求组合
- VC中判断目录,文件是否存在,创建目录,求目录或文件大小的方法