ASP防止GET,Post注入和防止服務(wù)器攻擊,并記錄IP(3)_ASP教程

教程Tag：暫無Tag,歡迎添加,賺取U幣!

推薦：ASP將IP地址最后一位替換成星號(hào)實(shí)例代碼
先將IP地址存入數(shù)據(jù)庫，然后取出來，效果如圖：代碼如下： % '來源 ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %

'記錄Get攻擊結(jié)束
Response.Write "<Script Language=JavaScript>alert('警告:此操作已被記錄! 提示:GET傳值請(qǐng)不要在參數(shù)中包含非法字符【"&replace(Fy_Inf(Fy_Xh),"'","’")&"】. 頁面將返回！');history.go(- 1);</Script>"
response.End()
End If
Next
Next
end if

'防注入系統(tǒng)
dim Zqs,Zerrc,Ziii,zurl
Zqs=request.servervariables("query_string")
zurl=Request.ServerVariables("URL")
dim Znothis(60)
Znothis(0)="net user"
Znothis(1)="@a"
Znothis(2)="/add"
Znothis(3)="exec%20master.dbo.xp_cmdshell"
Znothis(4)="net localgroup administrators"
Znothis(5)="select"
Znothis(6)="count"
Znothis(7)="asc"
Znothis(8)="char"
Znothis(9)="mid"
Znothis(10)="cscript.exe"
Znothis(11)="declare"
Znothis(12)="insert"
Znothis(13)="delete"
Znothis(14)="drop"
Znothis(15)="truncate"
Znothis(16)="wscript.shell"
Znothis(17)="%20"
Znothis(18)=" "
Znothis(19)="script"
Znothis(20)="system32"
Znothis(21)="CmdShell"
Znothis(22)="sysadmin"
Znothis(23)="serveradmin"
Znothis(24)="setupadmin"
Znothis(25)="securityadmin"
Znothis(26)="diskadmin"
Znothis(27)="bulkadmin"
Znothis(28)="exec master.dbo.sp_addlogin"
Znothis(29)="exec master.dbo.sp_password"
Znothis(30)="exec master.dbo.sp_addsrvrolemember"
Znothis(31)="create"
Znothis(32)="exec xp_reg"
Znothis(33)="backup"
Znothis(34)="net localgroup administrators"
Znothis(35)="Asc"
Znothis(36)="+dir+"
Znothis(37)="drop table"
Znothis(38)="exec master.dbo.sp_addextendedproc"
Znothis(39)="master.dbo.sysobjects"
Znothis(40)="master.dbo.xp_regwrite"
Znothis(41)="master.dbo.sysdatabases"
Znothis(42)="DECLARE"
Znothis(43)="EXEC sp_oacreate"
Znothis(44)="EXEC sp_oamethod"
Znothis(45)="xp_"
Znothis(46)="Sp_"
Znothis(47)="%2B"
Znothis(48)="Sp_OAGetErrorInfo"
Znothis(49)="Sp_OAGetProperty"
Znothis(50)="Sp_OAMethod"
Znothis(51)="Sp_OASetProperty"
Znothis(52)="Sp_OAStop"
Znothis(53)="Xp_regaddmultistring"
Znothis(54)="Xp_regdeletekey"
Znothis(55)="Xp_regdeletevalue"
Znothis(56)="Xp_regenumvalues"
Znothis(57)="Xp_regread"
Znothis(58)="Xp_regremovemultistring"
Znothis(59)="Xp_regwrite"
Znothis(60)="insert into"

分享：全角半角轉(zhuǎn)換代碼
javascript轉(zhuǎn)換： SCRIPT /* **************************** * 參數(shù)說明: * str:要轉(zhuǎn)換的字符串 * flag:標(biāo)記，為０時(shí)半轉(zhuǎn)全，為非０時(shí)全轉(zhuǎn)半 * 返回值類型：字符串 **************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (