安全篇 ━━ ITlearner ASP探针 V1.2
本文共 13715 字,大约阅读时间需要 45 分钟。
最近在整理老的代码,漏洞一大堆;发现了有良心的黑客,上传了不干净的东西,但并没有操作什么。-
警告提示如下:
在您的系统磁盘上发现了一个可疑文件,它可能代表了是黑客成功入侵网站后种植的,建议您先确认文件合法性并处理。总体上,Webshell检测是根据文件行为威胁程度进行打分的,这个文件具备了一定的危险功能,本身具有一定的危险特征,但并不完全保证一定是一个网站后门,也可能是一些包含可以代码的正常网站文件,如果管理员自己部署放置的,可以在前台选择忽略或者标记为误报按钮。同时,如果被告警的文件是一个.log网站日志文件,常常是因为网站将http日志直接明文保存在文件中,这样存在一定的安全风险。建议将http日志的保存路径放置到非web路径下。
代码如下:
<%@ Language="VBScript" CODEPAGE="936"%><% Option Explicit %><% Response.Buffer = True'####################################'# #'# ITlearner ASP探针 V1.2 #'# #'# http://www.itlearner.com #'# #'# 转载本程序时请保留这些信息 #'# #'####################################Dim startime startime=timer()Dim hxSet hx = New Cls_AspCheckclass Cls_AspCheckPublic FileName,WebName,WebUrl,SysName,SysNameE,SysVersion'检查组件是否被支持Public Function IsObjInstalled(strClassString) On Error Resume Next Dim xTestObj Set xTestObj = Server.CreateObject(strClassString) If Err Then IsObjInstalled = False else IsObjInstalled = True end if Set xTestObj = NothingEnd Function'检查组件版本Public Function getver(Classstr) On Error Resume Next Dim xTestObj Set xTestObj = Server.CreateObject(Classstr) If Err Then getver="" else getver=xTestObj.version end if Set xTestObj = NothingEnd FunctionPublic Function GetObjInfo(startnum,endnum) dim i,Outstr for i=startnum to endnum Outstr = Outstr & " " & theTestObj(i,0) & "" Outstr = Outstr & " "&theTestObj(i,1)&"" Outstr = Outstr & "" If Not IsObjInstalled(theTestObj(i,0)) Then Outstr = Outstr & " ×" Else Outstr = Outstr & " √ " & getver(theTestObj(i,0)) & "" End If Outstr = Outstr & "" & vbCrLf next Response.Write(Outstr)End FunctionPublic Function cdrivetype(tnum) Select Case tnum Case 0: cdrivetype = "未知" Case 1: cdrivetype = "可移动磁盘" Case 2: cdrivetype = "本地硬盘" Case 3: cdrivetype = "网络磁盘" Case 4: cdrivetype = "CD-ROM" Case 5: cdrivetype = "RAM 磁盘" End Selectend functionPrivate Sub Class_Initialize() WebName="IT学习者" WebUrl="http://www.itlearner.com" SysName="ASP探针" SysNameE="AspCheck" SysVersion="V1.2" FileName=Request.ServerVariables("SCRIPT_NAME")End SubPublic Function dtype(num) Select Case num Case 0: dtype = "未知" Case 1: dtype = "可移动磁盘" Case 2: dtype = "本地硬盘" Case 3: dtype = "网络磁盘" Case 4: dtype = "CD-ROM" Case 5: dtype = "RAM 磁盘" End SelectEnd FunctionPublic Function formatdsize(dsize) if dsize>=1073741824 then formatdsize=Formatnumber(dsize/1073741824,2) & " GB" elseif dsize>=1048576 then formatdsize=Formatnumber(dsize/1048576,2) & " MB" elseif dsize>=1024 then formatdsize=Formatnumber(dsize/1024,2) & " KB" else formatdsize=dsize & "B" end ifEnd FunctionPublic Function formatvariables(str)on error resume nextstr = cstr(server.htmlencode(str))formatvariables=replace(str,chr(10),"")End FunctionPublic Sub ShowFooter() dim Endtime,Runtime,OutStr Endtime=timer() OutStr = " | " OutStr = OutStr & " 此程序是ITlearner以Ajiang和COCOON的ASP探针的代码为原型,结合部分自已原创的代码精心编写而成。 " OutStr = OutStr & "" & vbcrlf Runtime=FormatNumber((endtime-startime)*1000,2) if Runtime>0 then if Runtime>1000 then OutStr = OutStr & "页面执行时间:约"& FormatNumber(runtime/1000,2) & "秒" else OutStr = OutStr & "页面执行时间:约"& Runtime & "毫秒" end if end if OutStr = OutStr & " " OutStr = OutStr & "ITlearner AspCheck " & SysVersion & "" OutStr = OutStr & " |
| 服务器有关参数 <%Call smenu(0)%> | ||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||
| <% on error resume next dim Item,xTestObj,outstr if action="showapp" then Response.Write("4 遍历Application变量") set xTestObj=Application.Contents elseif action="showsession" then Response.Write("4 遍历Session变量") set xTestObj=Session.Contents elseif action="showvariables" then Response.Write("4 遍历服务器参数") set xTestObj=Request.ServerVariables elseif action="showwsh" then Response.Write("4 遍历环境变量") dim WshShell Set WshShell = server.CreateObject("WScript.Shell") set xTestObj=WshShell.Environment end if Response.Write "(关闭)" %> | |
| 变量名 | 值 |
| 没有符合条件的变量 | |
| " & w(0) & " | " outstr = outstr & "" & w(1) & " | " outstr = outstr & "
| " & Item & " | " outstr = outstr & "" if IsArray(xTestObj(Item)) then for i=0 to ubound(xTestObj(Item))-1 outstr = outstr & hx.formatvariables(xTestObj(Item)(i)) & "" next else outstr = outstr & hx.formatvariables(xTestObj(Item)) end if outstr = outstr & " | " outstr = outstr & "
| 服务器组件情况 <%Call smenu(1)%> | ||||||||||||||||||
| ||||||||||||||||||
| 服务器运算能力 <%Call smenu(2)%> | |||||||||||||||||||||
| |||||||||||||||||||||
| 服务器磁盘信息 <%Call smenu(4)%> | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
<%if hx.IsObjInstalled("Scripting.FileSystemObject") then%>
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
网速测试中,请稍候... |
| 服务器连接速度 <%smenu(3)%> | ||||||||||||||||||||||
|
你可能感兴趣的文章
nano中设置脚本开机自启动
查看>>
动态库调动态库
查看>>
Kubernetes集群搭建之CNI-Flanneld部署篇
查看>>
k8s web终端连接工具
查看>>
手绘VS码绘(一):静态图绘制(码绘使用P5.js)
查看>>
手绘VS码绘(二):动态图绘制(码绘使用Processing)
查看>>
基于P5.js的“绘画系统”
查看>>
《达芬奇的人生密码》观后感
查看>>
论文翻译:《一个包容性设计的具体例子:聋人导向可访问性》
查看>>
基于“分形”编写的交互应用
查看>>
《融入动画技术的交互应用》主题博文推荐
查看>>
链睿和家乐福合作推出下一代零售业隐私保护技术
查看>>
Unifrax宣布新建SiFAB™生产线
查看>>
艾默生纪念谷轮™在空调和制冷领域的百年创新成就
查看>>
NEXO代币持有者获得20,428,359.89美元股息
查看>>
Piper Sandler为EverArc收购Perimeter Solutions提供咨询服务
查看>>
RMRK筹集600万美元,用于在Polkadot上建立先进的NFT系统标准
查看>>
JavaSE_day12 集合
查看>>
JavaSE_day14 集合中的Map集合_键值映射关系
查看>>
Day_15JavaSE 异常
查看>>