📄 ad_aspcheck.asp
字号:
next
%>
</td></tr>
</table>
<p>“<font color=red><b>×</b></font>”表示磁盘没有就绪或者当前IIS站点没有对该磁盘的操作权限。
<h3>■ 当前文件夹信息</h3>
<%
Response.Flush
dPath = server.MapPath("./")
set dDir = fsoObj.GetFolder(dPath)
set dDrive = fsoObj.GetDrive(dDir.Drive)
%>
<p>文件夹: <%=dPath%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr height="18" align="center" class="backs">
<td width="75">已用空间</td>
<td width="75">可用空间</td>
<td width="75">文件夹数</td>
<td width="75">文件数</td>
<td width="200">创建时间</td>
</tr>
<tr height="18" align="center" class="backq">
<td><%=cSize(dDir.Size)%></td>
<td><%=cSize(dDrive.AvailableSpace)%></td>
<td><%=dDir.SubFolders.Count%></td>
<td><%=dDir.Files.Count%></td>
<td><%=dDir.DateCreated%></td>
</tr>
</td></tr>
</table>
<%
Response.Flush
end if
end sub
sub diskspeed()
on error resume next
%>
<h2>磁盘文件操作速度测试</h2>
<%
ObjTest("Scripting.FileSystemObject")
if isobj then
set fsoobj=server.CreateObject("Scripting.FileSystemObject")
Response.Write "<p>正在重复创建、写入和删除文本文件50次..."
dim thetime3,tempfile,iserr
iserr=false
t1=timer
tempfile=server.MapPath("./") & "\aspchecktest.txt"
for i=1 to 50
Err.Clear
set tempfileOBJ = FsoObj.CreateTextFile(tempfile,true)
if Err <> 0 then
Response.Write "创建文件错误!<br><br>"
iserr=true
Err.Clear
exit for
end if
tempfileOBJ.WriteLine "Only for test. Ajiang ASPcheck"
if Err <> 0 then
Response.Write "写入文件错误!<br><br>"
iserr=true
Err.Clear
exit for
end if
tempfileOBJ.close
Set tempfileOBJ = FsoObj.GetFile(tempfile)
tempfileOBJ.Delete
if Err <> 0 then
Response.Write "删除文件错误!<br><br>"
iserr=true
Err.Clear
exit for
end if
set tempfileOBJ=nothing
next
t2=timer
if iserr <> true then
thetime3=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!<font color=red>" & thetime3 & "毫秒</font>。<br>"
Response.Flush
%>
</p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr align=center class="backs">
<td width=350>供 对 照 的 服 务 器</td>
<td width=150>完成时间(毫秒)</td>
</tr>
<tr>
<td>正常水平</td><td> 30~60</td>
</tr>
<tr>
<td><font color=red>这台服务器: <%=Request.ServerVariables("SERVER_NAME")%></font> </td><td> <font color=red><%=thetime3%></font></td>
</tr>
</table>
<%
end if
Response.Flush
set fsoobj=nothing
end if
end sub
sub tspeed()
%>
<h2>ASP脚本解释和运算速度测试</h2><p>
<%
Response.Flush
Response.Write "整数运算测试,正在进行50万次加法运算..."
dim t1,t2,lsabc,thetime,thetime2
t1=timer
for i=1 to 500000
lsabc= 1 + 1
next
t2=timer
thetime=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!<font color=red>" & thetime & "毫秒</font>。<br>"
Response.Write "浮点运算测试,正在进行20万次开方运算..."
t1=timer
for i=1 to 200000
lsabc= 2^0.5
next
t2=timer
thetime2=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!<font color=red>" & thetime2 & "毫秒</font>。<br>"
%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr align=center class="backs">
<td width=350>供对照的服务器及完成时间(毫秒)</td>
<td width=75>整数运算</td><td width=75>浮点运算</td>
</tr>
<tr>
<td>正常水平</td><td> 150~200</td><td> 140~170</td>
</tr>
<tr>
<td><font color=red>这台服务器: <%=Request.ServerVariables("SERVER_NAME")%></font> </td><td> <font color=red><%=thetime%></font></td><td> <font color=red><%=thetime2%></font></td>
</tr>
</table>
<%
end sub
sub tnet()
%>
<h2>连接带宽测试</h2><a name="K"></a>
<%
if T<>"K" then
%>
<p>[<a href="?T=K">开始测试</a>]</p>
<%
else
haveok=false
if Request("ok") <> "" then haveok=true
if Request("tm") = "" then haveok=false
if haveok=false then
%>
<p>正在测试您与当前服务器之间的连接速度,请稍等...<span id="baifen">.</span></p>
<script language="javascript" type="text/javascript">
var acd1;
acd1 = new Date();
acd1ok=acd1.getTime();
</script>
<%
Response.Flush
for i=1 to 1000
Response.Write "<!--567890#########0#########0#########0#########0#########0#########0#########0#########012345-->" & vbcrlf
if i mod 100=0 then
%>
<script language="javascript" type="text/javascript">
document.getElementById('baifen').innerHTML = '<%=i/10%>%';
</script>
<%
end if
next
%>
<script language="javascript" type="text/javascript">
var acd2;
acd2 = new Date();
acd2ok=acd2.getTime();
window.location = '?T=K&ok=ok&tm=' + (acd2ok-acd1ok)
</script>
<%
Response.Flush :Response.end
else
ttime=clng(Request("tm")) + 1
tnetspeed=100000/(ttime)
tnetspeed2=tnetspeed * 8
twidth=int(tnetspeed * 0.16)+5
if twidth> 300 then twidth=300
tnetspeed=formatnumber(tnetspeed,2,,,0)
tnetspeed2=formatnumber(tnetspeed2,2,,,0)
%><p>测试完成,向客户端传送 100k 字节数据共使用时间 <%=formatnumber(ttime,2)%> 毫秒。[<a href="?T=K">重测</a>]
</p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr><td align="center" style="padding:10px 0px">
<table style="margin:0px;border:none" align="center" width="400" border="0" cellspacing=0 cellpadding=0>
<tr><td width="45">| 56k猫</td><td width="160">| 2M ADSL</td><td width=200>| 10M LAN</td></tr>
</table>
<table style="margin:0px" class="input" align="center" width="400" border="0" cellspacing=0 cellpadding=0>
<tr class="input"><td width="<%=twidth%>" class="backs"></td><td width="<%=400-twidth%>"> <%=tnetspeed%> kB/s</td></tr>
</table>
<p style="margin:10px 0px 0px 0px">您与此服务器的连接速度是 <%=tnetspeed%> kB/s (相当于<%=tnetspeed2%>kbps)
<br><font color="#888888">换算关系: 1 Byte(字节) = 8 bit(位)</font></p>
</td></tr>
</table>
<%
end if
end if
end sub
sub tsafe()
%>
<object runat="server" id="ws" scope="page" classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8"></object>
<object runat="server" id="ws" scope="page" classid="clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B"></object>
<object runat="server" id="net" scope="page" classid="clsid:093FF999-1EA0-4079-9525-9614C3504B74"></object>
<object runat="server" id="net" scope="page" classid="clsid:F935DC26-1CF0-11D0-ADB9-00C04FD58A0B"></object>
<object runat="server" id="fso" scope="page" classid="clsid:0D43FE01-F093-11CF-8940-00A0C9054228"></object>
<object runat="server" id="ado" scope="page" classid="clsid:00000566-0000-0010-8000-00AA006D2EA4"></object>
<object runat="server" id="app" scope="page" classid="clsid:13709620-C279-11CE-A49E-444553540000"></object>
<object runat="server" id="hap" scope="page" classid="clsid:06290BD5-48AA-11D2-8432-006008C3FBFC"></object>
<object runat="server" id="x1" scope="page" classid="clsid:2933BF90-7B36-11d2-B20E-00C04F983E60"></object>
<object runat="server" id="x2" scope="page" classid="clsid:f5078f1b-c551-11d3-89b9-0000f81fe221"></object>
<object runat="server" id="x3" scope="page" classid="clsid:f5078f32-c551-11d3-89b9-0000f81fe221"></object>
<object runat="server" id="x4" scope="page" classid="clsid:88d969c0-f192-11d4-a65f-0040963251e5"></object>
<h2>不安全组件检测</h2>
<p>WScript.Shell <%=okObj("ws")%>, Shell.application <%=okObj("app")%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr>
<td>Shell 组件允许ASP运行.exe等可执行文件,存在严重的安全隐患。即使在文件系统进行过严格的权限设置的服务器上,此组件也会被用来运行提升权限的程序。</td>
</tr>
</table>
<p>WScript.Network <%=okObj("net")%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr>
<td>WScript.Network 为ASP程序罗列和创建系统用户(組)提供了可能,如果上面提示“√ 危险”则可能存在此安全隐患。</td>
</tr>
</table>
<p>Adodb.Stream <%=okObj("ado")%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr>
<td>Adodb.Stream 常常被用来上传木马等不安全程序,从而扩大攻击者的破坏能力。通过必要的权限设置,Adodb.Stream不会对系统安全造成威胁,它常常被使用在无组件上传工具中。</td>
</tr>
</table>
<p>FSO <%=okObj("fso")%>, XML V1.0 <%=okObj("x1")%>, V2.6 <%=okObj("x2")%>, V3.0 <%=okObj("x3")%>, V4.0 <%=okObj("x4")%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr>
<td>FSO(Scripting.FileSystemObject) 和 XML 具备罗列和管理服务器中文件和文件夹的能力,如果权限设置不当,将导致木马程序移动、修改甚至删除服务器上的文件。FSO 组件是常用的组件之一,禁用该组件并不是最理想的安全措施。</td>
</tr>
</table>
<p>HappyTime <%=okObj("hap")%></p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr>
<td>HappyTime(欢乐时光)是流行的网络蠕虫病毒之一,它的繁殖占用大量网络带宽,病毒发作时它有可能删除服务器上有用的可执行文件导致系统瘫痪。如果此项检测结果为危险,则您的服务器将存在感染和传播欢乐时光病毒的可能。</td>
</tr>
</table>
<%
end sub
sub userlist()
%>
<h2>系统用户(組)和进程检测</h2>
<p>如果下面列出了系统用户和进程,则说明系统存在安全隐患。</p>
<table border=0 width=500 cellspacing=1 cellpadding=3>
<tr class="backs">
<td width="100">类 型</td><td width="400">名称及详情</td>
</tr>
<%
on error resume next
for each obj in getObject("WinNT://.")
err.clear
%>
<tr>
<td align=center><!--<%=obj.path%>-->
<%
if err then
Response.Write "系统用户(組)"
else
Response.Write "系统进程"
end if
%>
</td>
<td><%=obj.Name%><%if err=0 then Response.Write " (" & obj.displayname & ")"%><br><%=obj.path%>
</td>
</tr>
<%
next
%>
</table>
<%
end sub
sub mmenu()
%>
<h2>主菜单</h2>
<p>快速查看: <a href="?T=BG">精简模式</a> | <a href="?T=BGHIJ">典型模式</a> | <a href="?T=ABGHIJKLMCDEF">完整模式</a></p>
<p>功能直达: <a href="?T=B">概况</a>
| <a href="?T=G">组件</a>
| <a href="?T=F">环境</a>
| <a href="?T=HI">磁盘</a>
| <a href="?T=J">运算速度</a>
| <a href="?T=K">带宽检测</a>
| <a href="?T=LHM">安全状况</a></p>
<p>本页面程序由“阿江ASP探针 V 1.93”提供,版权归<a target="_blank" href="http://www.ajiang.net/">Ajiang</a>所有!
<%
end sub
sub BodyGo(gCon)
select case gCon
case "A"
call aspyes()
case "B"
call servinfo()
case "C"
call applist()
case "D"
call seslist()
case "E"
call sevalist()
case "F"
call wsslist()
case "G"
call comlist()
case "H"
call disklist()
case "I"
call diskspeed()
case "J"
call tspeed()
case "K"
call tnet()
case "L"
call tsafe()
case "M"
call userlist()
case "N"
call mmenu()
end select
end sub
' 检测不安全组件
Function okObj(runstr)
On Error Resume Next
Response.Write "<span style=""display:none"">"
okObj = true
Err = 0
Execute runstr & ".exec()"
If 429 = Err Then
okObj = false
end if
Err = 0
Response.Write "</span>"
if okObj then
okObj="<font color=""red"">√ 危险</font>"
else
okObj="<font color=""green"">× 安全</font>"
end if
End Function
' 转换字串为HTML代码
function cHtml(iText)
cHtml = iText
cHtml = server.HTMLEncode(cHtml)
cHtml = replace(cHtml,chr(10),"<br>")
end function
' 转换磁盘类型为中文
function cdrivetype(tnum)
Select Case tnum
Case 0: cdrivetype = "未知"
Case 1: cdrivetype = "可移动磁盘"
Case 2: cdrivetype = "本地硬盘"
Case 3: cdrivetype = "网络磁盘"
Case 4: cdrivetype = "CD-ROM"
Case 5: cdrivetype = "RAM 磁盘"
End Select
end function
' 将是否可用转换为对号和错号
function cIsReady(trd)
Select Case trd
case true: cIsReady="<font class=fonts><b>√</b></font>"
case false: cIsReady="<font color='red'><b>×</b></font>"
End Select
end function
' 转换字节数为简写形式
function cSize(tSize)
if tSize>=1073741824 then
cSize=int((tSize/1073741824)*1000)/1000 & " GB"
elseif tSize>=1048576 then
cSize=int((tSize/1048576)*1000)/1000 & " MB"
elseif tSize>=1024 then
cSize=int((tSize/1024)*1000)/1000 & " KB"
else
cSize=tSize & "B"
end if
end function
'检查组件是否被支持及组件版本的子程序
sub ObjTest(strObj)
on error resume next
IsObj=false
VerObj=""
set TestObj=server.CreateObject (strObj)
If -2147221005 <> Err then
IsObj = True
VerObj = TestObj.version
if VerObj="" or isnull(VerObj) then VerObj=TestObj.about
end if
set TestObj=nothing
End sub
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -