Response.Buffer = True
On Error Resume Next
'原数据库连接代码放在这里(比如conn.asp的代码)
If Err.Number <> 0 Then
Response.Clear
Select Case Err.Number
Case 0
Case Else
If IsObject(conn) Then
If conn.Errors.Count > 0 Then
Dblog="Database Error:"
For intLoop = 0 To objConnection.Errors.Count - 1
Dblog=Dblog + "Error No:" + conn.Errors(intLoop).Number + "|"
Dblog=Dblog + "Description:" + conn.Errors(intLoop).Description + "|"
Dblog=Dblog + "Source:" + conn.Errors(intLoop).Source + "|"
Dblog=Dblog + "SQLState:" + conn.Errors(intLoop).SQLState + "|"
Dblog=Dblog + "NativeError:" + conn.Errors(intLoop).NativeError + "|"
Next
slog(Dblog)
End If
End If
If Err.Number <> 0 Then
Plog="age Error:"
Plog=Plog+"Error Number" + Err.Number + "|"
Plog=Plog+"Error Description" + Err.Description + "|"
Plog=Plog+"Source " + Err.Source + "|"
Plog=Plog+"LineNumber " + Err.Line + "|"
slog(Pblog)
End If
Response.Redirect "/no.htm"
End Select
Err.Clear
End If
if request.querystring<>"" then stopinjection(request.querystring)
if request.cookies<>"" then stopinjection(request.cookies)
function stopinjection(values)
for each n_get in values
dim l_get, l_get2
for each l_get in values
l_get2 = values(l_get)
set regex = new regexp
regex.ignorecase = true
regex.global = true
regex.pattern = "(\sunion\s|\sxor\s|\sor\s|\sand\s|/\*|'|;|--|\sdeclare\s|\bselect\b|\bupdate\b|\binsert\b|\.\./|\.\.\\)"
if regex.test(l_get2) then
sURL=server.htmlencode(lcase("http://"+Request.ServerVariables("HTTP_HOST")+Request.ServerVariables("SCRIPT_NAME")+"?"+Request.ServerVariables("QUERY_STRING")))
IP=server.htmlencode(Request.ServerVariables("HTTP_X_FORWARDED_FOR"))
If IP = "" Then
IP=server.htmlencode(Request.ServerVariables("REMOTE_ADDR"))
end if
slog("<br>Illegal operation IP:"&ip&" Illegal operation code:"&sURL&" Illegal operation time:" & now())
alert()
response.end()
end if
set regex = nothing
next
next
end function
sub alert()
IP=server.htmlencode(Request.ServerVariables("HTTP_X_FORWARDED_FOR"))
If IP = "" Then
IP=server.htmlencode(Request.ServerVariables("REMOTE_ADDR"))
end if
Response.Write "System automatically holds up illegal operation code!"&server.htmlencode(Request.ServerVariables("QUERY_STRING"))&"Your true IP is"&ip&"<script>alert('"&now()&" System automatically holds up illegal operation code,records your illegal operat
ion!');location.href='"&server.htmlencode(lcase("http://"+Request.ServerVariables("HTTP_HOST")+"/no.htm"))&"';</script>"
Response.end
end sub
sub slog(logs)
toppath = Server.Mappath("log.htm")
Set fs = CreateObject("scripting.filesystemobject")
If Not Fs.FILEEXISTS(toppath) Then
Set Ts = fs.createtextfile(toppath, True)
Ts.close
end if
Set Ts= Fs.OpenTextFile(toppath,1)
Do While Not Ts.AtEndOfStream
Errorlog = Errorlog & Ts.ReadLine & chr(13) & chr(10)
loop
Ts.close
Errorlog =Errorlog & logs
Set Ts= Fs.OpenTextFile(toppath,2)
Ts.writeline (Errorlog)
Ts.Close
end sub
%>
<head>
<meta http-equiv="Content-Type" c />
<title></title>
<style type="text/css">
<!--
body,td,th {font-size: 9pt;line-height:14px;}
.zi_1{color:#f10c01;}
-->
</style>
</head>
<body>
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="middle"><table width="347" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>您访问的地址不存在或已更改。<br>
系统将在 <span class="zi_1">5</span> 秒钟内返回首页,如无响应,请单击下面按钮<span class="zi_1">返回
<a href="http://www.34t.cn">www.34t.cn</a></span></td>
</tr>
</table></td>
</tr>
</table>
<script language=JavaScript>
setTimeout("top.window.location='http://www.34t.cn';",3000);
</script>
</body>
</html>
使用方法
找到网站下面包含Server.CreateObject("ADODB.Connection")的asp文件,一般为conn.asp
将上面红色“原数据库连接代码放在这里(比如conn.asp的代码)”的地方用conn.asp里面的代码替换,保存为新的conn.asp,运行发现攻击后会在当前目录下生成一个log.htm的文件,该文件记录了黑客的非法操作和ip地址,请将no.htm这个文件放于网站根目录下,发现攻击后会跳转到该页,其中的网址大家改成自己的吧!
转载请注明:轮回阁 » asp网站安全防护代码
特别说明:所有资源均无解压密码且可直接下载,若有会特别注明,部分回复可见内容仅为提供更多的下载点。