网络编程
每日更新|TOP排行榜|Tag标签|充值
网络编程教程模板无忧>建站教程>网络编程>ASP教程>
收藏分享查看评论ASP教程

ASP防止GET,Post注入和防止服务器攻击,并记录IP(3)_ASP教程

编辑Tag赚U币
教程Tag:暂无Tag,欢迎添加,赚取U币!

推荐:ASP将IP地址最后一位替换成星号实例代码
先将IP地址存入数据库,然后取出来,效果如图: 代码如下: % '来源 ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %


'记录Get攻击结束
Response.Write "<Script Language=JavaScript>alert('警告:此操作已被记录! 提示:GET传值请不要在参数中包含非法字符【"&replace(Fy_Inf(Fy_Xh),"'","’")&"】. 页面将返回!');history.go(- 1);</Script>"
response.End()
End If
Next
Next
end if


'防注入系统
dim Zqs,Zerrc,Ziii,zurl
Zqs=request.servervariables("query_string")
zurl=Request.ServerVariables("URL")
dim Znothis(60)
Znothis(0)="net user"
Znothis(1)="@a"
Znothis(2)="/add"
Znothis(3)="exec%20master.dbo.xp_cmdshell"
Znothis(4)="net localgroup administrators"
Znothis(5)="select"
Znothis(6)="count"
Znothis(7)="asc"
Znothis(8)="char"
Znothis(9)="mid"
Znothis(10)="cscript.exe"
Znothis(11)="declare"
Znothis(12)="insert"
Znothis(13)="delete"
Znothis(14)="drop"
Znothis(15)="truncate"
Znothis(16)="wscript.shell"
Znothis(17)="%20"
Znothis(18)=" "
Znothis(19)="script"
Znothis(20)="system32"
Znothis(21)="CmdShell"
Znothis(22)="sysadmin"
Znothis(23)="serveradmin"
Znothis(24)="setupadmin"
Znothis(25)="securityadmin"
Znothis(26)="diskadmin"
Znothis(27)="bulkadmin"
Znothis(28)="exec master.dbo.sp_addlogin"
Znothis(29)="exec master.dbo.sp_password"
Znothis(30)="exec master.dbo.sp_addsrvrolemember"
Znothis(31)="create"
Znothis(32)="exec xp_reg"
Znothis(33)="backup"
Znothis(34)="net localgroup administrators"
Znothis(35)="Asc"
Znothis(36)="+dir+"
Znothis(37)="drop table"
Znothis(38)="exec master.dbo.sp_addextendedproc"
Znothis(39)="master.dbo.sysobjects"
Znothis(40)="master.dbo.xp_regwrite"
Znothis(41)="master.dbo.sysdatabases"
Znothis(42)="DECLARE"
Znothis(43)="EXEC sp_oacreate"
Znothis(44)="EXEC sp_oamethod"
Znothis(45)="xp_"
Znothis(46)="Sp_"
Znothis(47)="%2B"
Znothis(48)="Sp_OAGetErrorInfo"
Znothis(49)="Sp_OAGetProperty"
Znothis(50)="Sp_OAMethod"
Znothis(51)="Sp_OASetProperty"
Znothis(52)="Sp_OAStop"
Znothis(53)="Xp_regaddmultistring"
Znothis(54)="Xp_regdeletekey"
Znothis(55)="Xp_regdeletevalue"
Znothis(56)="Xp_regenumvalues"
Znothis(57)="Xp_regread"
Znothis(58)="Xp_regremovemultistring"
Znothis(59)="Xp_regwrite"
Znothis(60)="insert into"

分享:全角半角转换代码
javascript转换: SCRIPT /* **************************** * 参数说明: * str:要转换的字符串 * flag:标记,为0时半转全,为非0时全转半 * 返回值类型:字符串 **************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (

ASP视频教程

共4页上一页1234下一页
来源:模板无忧//所属分类:ASP教程/更新时间:2012-06-08
[收藏][报错][返回列表]
相关ASP教程