吓住黑客入侵者的代码
来源:韦江代博客 责任编辑:栏目编辑 发表时间:2013-07-01 05:55 点击:次
以下是ASP代码,并且使用了ip地址归属地查询。
----------------------------------------------------------------------------------------------
<%
Sub StopInjection_it_security(Values)
Dim regEx
Dim IP
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = "'|;|#|([\s\b+()]+([email=select|union|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b]select|union|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b[/email]+]*)"
If regEx.Test(Values) Then
IP = Request.ServerVariables("HTTP_X_FORWARDED_F")
IF(IP="")THEN IP = Request.ServerVariables("REMOTE_ADDR")
response.write("<span name=addr id=addr></span>")
response.write("<script src=http://whois.pconline.com.cn/jsLabel.jsp?ip=" & IP &"&id=addr></script>")
Response.Write "<script>alert('北京海淀网络**局警官张无(13021)提醒你:\n◇来自:'+document.getElementById('addr').innerHTML +' 的朋友\n◇你的非法访问已经被记录\n★非法IP=" & IP & "\n★请保持手机畅通,恭候**部门调查!')</script>"
Response.End
End If
Set regEx = Nothing
End Sub
%>
----------------------------------------------------------------------------------------------
<%
Sub StopInjection_it_security(Values)
Dim regEx
Dim IP
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = "'|;|#|([\s\b+()]+([email=select|union|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b]select|union|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b[/email]+]*)"
If regEx.Test(Values) Then
IP = Request.ServerVariables("HTTP_X_FORWARDED_F")
IF(IP="")THEN IP = Request.ServerVariables("REMOTE_ADDR")
response.write("<span name=addr id=addr></span>")
response.write("<script src=http://whois.pconline.com.cn/jsLabel.jsp?ip=" & IP &"&id=addr></script>")
Response.Write "<script>alert('北京海淀网络**局警官张无(13021)提醒你:\n◇来自:'+document.getElementById('addr').innerHTML +' 的朋友\n◇你的非法访问已经被记录\n★非法IP=" & IP & "\n★请保持手机畅通,恭候**部门调查!')</script>"
Response.End
End If
Set regEx = Nothing
End Sub
%>
相关新闻>>
- 发表评论
-
- 最新评论 更多>>