首先你将这些参数用一个ASP网页接收: <% dim aa aa = request("redurl") response.write aa '将得到的值写出来 %> http://www.the9.com/pass9/login.php?loginStr=http%3A%2F%2Fwww.the9.com%2Fwork%2Fbuild%2Fctl_work_build.php%3Faction%3Dswitch%26placex0%3D324%26placey0%3D304%26place0%3D158%26block0%3Ddiv158%26placex1%3D349%26placey1%3D275%26place1%3D159%26block1%3Ddiv159%26placex2%3D404%26placey2%3D230%26place2%3D160%26block2%3Ddiv160%26placex3%3D416%26placey3%3D307%26place3%3D161%26block3%3Ddiv161%26placex4%3D453%26placey4%3D297%26place4%3D162%26block4%3Ddiv162%26placex5%3D469%26placey5%3D260%26place5%3D163%26block5%3Ddiv163%26placex6%3D507%26placey6%3D276%26place6%3D164%26block6%3Ddiv164%26placex7%3D554%26placey7%3D304%26place7%3D165%26block7%3Ddiv165%26placex8%3D554%26placey8%3D326%26place8%3D166%26block8%3Ddiv166%26placenum%3D9%26iSubmitblock%3D1 这个得出来的字符串里还有怪码,你再替换一下: 比如:%3F 这是一个十六进制的数,转换成十进制值为 63 然后再用 chr(63) 得到其对应的字符 ? 你将aa里的怪文 %3F 替换成 ? 就行了。%3D = %26 & %3F ? %3A : %2F /
<script language=vbs> function urldecoding(vstrin) 'qiushuiwuhen(2002-6-19) dim i,strreturn,strSpecial strSpecial = "!""#$%&'()*+,/:;<=>?@[\]^`{|}~%" strreturn = "" for i = 1 to len(vstrin) thischr = mid(vstrin,i,1) if thischr="%" then intasc=eval("&h"+mid(vstrin,i+1,2)) if instr(strSpecial,chr(intasc))>0 then strreturn= strreturn & chr(intasc) i=i+2 else intasc=eval("&h"+mid(vstrin,i+1,2)+mid(vstrin,i+4,2)) strreturn= strreturn & chr(intasc) i=i+5 end if else if thischr="+" then strreturn= strreturn & " " else strreturn= strreturn & thischr end if end if next urldecoding = strreturn end functionalert(urldecoding("http://www.the9.com/pass9/login.php?loginStr=http%3A%2F%2Fwww.the9.com%2Fwork%2Fbuild%2Fctl_work_build.php%3Faction%3Dswitch%26placex0%3D324%26placey0%3D304%26place0%3D158%26block0%3Ddiv158%26placex1%3D349%26placey1%3D275%26place1%3D159%26block1%3Ddiv159%26placex2%3D404%26placey2%3D230%26place2%3D160%26block2%3Ddiv160%26placex3%3D416%26placey3%3D307%26place3%3D161%26block3%3Ddiv161%26placex4%3D453%26placey4%3D297%26place4%3D162%26block4%3Ddiv162%26placex5%3D469%26placey5%3D260%26place5%3D163%26block5%3Ddiv163%26placex6%3D507%26placey6%3D276%26place6%3D164%26block6%3Ddiv164%26placex7%3D554%26placey7%3D304%26place7%3D165%26block7%3Ddiv165%26placex8%3D554%26placey8%3D326%26place8%3D166%26block8%3Ddiv166%26placenum%3D9%26iSubmitblock%3D1")) </script>
<% dim aa
aa = request("redurl")
response.write aa '将得到的值写出来
%>
http://www.the9.com/pass9/login.php?loginStr=http%3A%2F%2Fwww.the9.com%2Fwork%2Fbuild%2Fctl_work_build.php%3Faction%3Dswitch%26placex0%3D324%26placey0%3D304%26place0%3D158%26block0%3Ddiv158%26placex1%3D349%26placey1%3D275%26place1%3D159%26block1%3Ddiv159%26placex2%3D404%26placey2%3D230%26place2%3D160%26block2%3Ddiv160%26placex3%3D416%26placey3%3D307%26place3%3D161%26block3%3Ddiv161%26placex4%3D453%26placey4%3D297%26place4%3D162%26block4%3Ddiv162%26placex5%3D469%26placey5%3D260%26place5%3D163%26block5%3Ddiv163%26placex6%3D507%26placey6%3D276%26place6%3D164%26block6%3Ddiv164%26placex7%3D554%26placey7%3D304%26place7%3D165%26block7%3Ddiv165%26placex8%3D554%26placey8%3D326%26place8%3D166%26block8%3Ddiv166%26placenum%3D9%26iSubmitblock%3D1
这个得出来的字符串里还有怪码,你再替换一下:
比如:%3F 这是一个十六进制的数,转换成十进制值为 63
然后再用 chr(63) 得到其对应的字符 ?
你将aa里的怪文 %3F 替换成 ? 就行了。%3D =
%26 &
%3F ?
%3A :
%2F /
function urldecoding(vstrin)
'qiushuiwuhen(2002-6-19)
dim i,strreturn,strSpecial
strSpecial = "!""#$%&'()*+,/:;<=>?@[\]^`{|}~%"
strreturn = ""
for i = 1 to len(vstrin)
thischr = mid(vstrin,i,1)
if thischr="%" then
intasc=eval("&h"+mid(vstrin,i+1,2))
if instr(strSpecial,chr(intasc))>0 then
strreturn= strreturn & chr(intasc)
i=i+2
else
intasc=eval("&h"+mid(vstrin,i+1,2)+mid(vstrin,i+4,2))
strreturn= strreturn & chr(intasc)
i=i+5
end if
else
if thischr="+" then
strreturn= strreturn & " "
else
strreturn= strreturn & thischr
end if
end if
next
urldecoding = strreturn
end functionalert(urldecoding("http://www.the9.com/pass9/login.php?loginStr=http%3A%2F%2Fwww.the9.com%2Fwork%2Fbuild%2Fctl_work_build.php%3Faction%3Dswitch%26placex0%3D324%26placey0%3D304%26place0%3D158%26block0%3Ddiv158%26placex1%3D349%26placey1%3D275%26place1%3D159%26block1%3Ddiv159%26placex2%3D404%26placey2%3D230%26place2%3D160%26block2%3Ddiv160%26placex3%3D416%26placey3%3D307%26place3%3D161%26block3%3Ddiv161%26placex4%3D453%26placey4%3D297%26place4%3D162%26block4%3Ddiv162%26placex5%3D469%26placey5%3D260%26place5%3D163%26block5%3Ddiv163%26placex6%3D507%26placey6%3D276%26place6%3D164%26block6%3Ddiv164%26placex7%3D554%26placey7%3D304%26place7%3D165%26block7%3Ddiv165%26placex8%3D554%26placey8%3D326%26place8%3D166%26block8%3Ddiv166%26placenum%3D9%26iSubmitblock%3D1"))
</script>