asp上传漏洞简单修改--lark工作室.htm

ASP漏洞全接触——入门篇 ASP数据库问题安全之我见 如何解决登陆漏洞问题

<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/strict.dtd"> --> 
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=gb2312"/>
		<meta http-equiv="pragma" content="no-cache"/>
		<meta name="author" content="pattazl,maomimimiao,pattass,patchclass"/>
		<meta name="keywords" content="Lark工作室"/>
		<meta name="description" content="Lark工作室阅读"/>
		<title>asp上传漏洞简单修改--Lark工作室</title>
		<link href="../style/news.css" rel="stylesheet" type="text/css"/>
		<link rel="icon" href="../favicon.ico" type="image/ico" />
		<link rel="Shortcut Icon" href="../favicon.ico"/>
		<link rel="bookmark" href="../favicon.ico"/> 
		<!-- <base target="_blank"/>为了符合strict规范,不用target属性用js来实现效果externalLinks函数 -->
		<script type="text/JavaScript" src="../js/bodyCSS.js"></script>
</head>
<body>
<div class="persentLayout">
		<div class="DivCenterTop topcontain">
			<div class="DivCenterTop2"></div>
			<div class="DivCenterTop4">
				<div class="DivCenterTop3">
				<a href="../index0.asp" title="回到首页"><img src="../images/home.gif" alt="首页"/></a>
				<span class="top3Sep">|</span>
				<a href="#" title="打印本页" onclick="javascript:window.print();return false"><img src="../images/printer.gif" alt="打印"/></a>
				<span class="top3Sep">|</span>
				<a href="mailto:Patchclass&#64;sina.com" title="给我电邮"><img src="../images/email.gif" alt="电邮"/></a>
				<span class="top3Sep">|</span>
				<a href="#" onclick="javascript:window.external.AddFavorite(location.href,document.title);return false" title="入收藏夹"><img src="../images/page.gif" alt="收藏"/></a>
				<span class="top3Sep">|</span>
				<a href="#" onclick="return false" id="Clock" title="查看时间"><img src="../images/clock.gif" alt="时间" title=""/></a>
				<span class="top3Sep">|</span>
				<a href="../link/link0.asp" title="友情链接" rel="external"><img src="../images/link.gif" alt="链接"/></a>
				<span class="top3Sep">|</span>
				<a href="admin/admin.htm" title="管理登陆" rel="external"><img src="../images/login.gif" alt="管理"/></a>
			</div>
			</div>
		</div>
		<div class="DivCenterSearch topcontain">
		<div id="searchLeftBar"></div>
		<div id="searchBarIntroduce"><a href="../index0.asp" title="回到首页">首页</a> &gt;&gt; WEB专版 &gt;&gt; <a href="catelog.asp?catelog=27">ASP技术</a></div>
		<div id="searchRightBar"></div>
				<form action="search.asp?page=1" id="sousuo" method="post" onsubmit="return checkdata()">
					<div class="SearchButton">
						<input type="image" src="../images/search.gif"/>
					</div>
					<div class="SearchForm">
						<input name="key" type="text" onfocus="this.select()" class="SearchInput" title="请输入搜索内容" maxlength="100"/>
						<input name="searchType" type="radio" id="s1" value="radiobutton" checked="checked"/><label class="content" for="s1">本站</label>
						<input type="radio" id="s2" name="searchType" value="radiobutton"/><label class="content" for="s2">GOOGLE</label>
					</div>
				</form>
		</div>
</div>
<div class="persentLayout">
	<div id="readleft">
		<div id="readright">
			<!-- 文章开始 -->
			<div class="containRead">
			<div id="readTitle">asp上传漏洞简单修改</div>
			<span class="rightf">阅读:60次</span>
			来源:pattass(原创)&nbsp;&nbsp;日期:[2005-1-11 16:35:05]			
			<hr/>
			<div id="detail">
			<!-- 文章正文开始 -->
			<P>有个兄弟今天让我解决无组件上传的漏洞,也就是那个众所周知的\0字符的问题,我认为很简单的东西,还折腾了我1个小时,开始以为是写错了,后来才想起来漏洞是出在filepath上面,这个是需要验证的</P>
<P>写函数</P>
<P>function TrueStr(fileTrue)<BR>str_len=len(fileTrue)<BR>pos=Instr(fileTrue,chr(0))<BR>&nbsp;if pos=0 or pos=str_len then<BR>&nbsp;TrueStr=true<BR>&nbsp;else<BR>&nbsp;TrueStr=false<BR>&nbsp;end if<BR>end function</P>
<P>返回false是表示有\0字符在中间或者开头</P>
<P>因为考虑到,有时候是允许\0字符在结尾的,所以暂时只考虑在中间的情况</P>
<P>if TrueStr(formPath&amp;file.FileName)=false then<BR>&nbsp;&nbsp; response.write "非法文件"<BR>&nbsp;&nbsp; response.end<BR>end if</P>
<P>这样进行验证formPath&amp;file.FileName因为保持的时候是<BR>file.SaveAs Server.mappath(formPath&amp;file.FileName)<BR>所以这样更加安全</P>
			<!-- 文章正文结束 -->
			</div>
		<hr/>
		<div class="stand">
		<div class="leftf"><a href="?id=946">上一页(ASP数据库连接的实现)</a> <a href="?id=986">下一页(server.URLEncode 相对应的函數)</a></div>
		<div class="rightf"><a href="#" onclick="javascript:document.execCommand('saveAs',true,document.title+'.htm');return false;">保存本页</a> <a href="rss_read.asp?id=952" rel="external">本页RSS</a></div>
		<span>&nbsp;</span>
		</div>
		
		<!-- 文章结束，评论开始 -->
<div class="nocomments">该主题没有评论</div>

		</div>
		<!-- 评论结束，表单开始 -->
  		<hr/>
		<form method="post" action="comment.asp">
  		<div id="commentsForm">
		<div class="leftf">你的名称： 
        <input name="name" type="text" class="inputCom" id="name" size="15" maxlength="20"/>
        验证码 
        <input name="code" type="text" id="code" size="4" maxlength="4"/>
        &nbsp;<img src="code.asp" alt="验证码"/>
        <input name="Submit" type="submit" class="inputCom" value="发表评论" onclick="return checkinput()"/></div>
		<input name="id" type="hidden" id="id" value="952"/>
		<div class="stand"><textarea name="memo" class="content" cols="70" rows="5" id="memo"></textarea></div>
		</div></form>
		<!-- 表单结束 -->
		<hr/>
		</div><!-- 与right背景层对应 -->
		</div><!-- 与left背景层对应 -->
	<div id="outfoot"><div id="readfoot"></div></div>
</div><script type="text/JavaScript" src="../js/read.js"></script>
</body>
</html>