360提供的Asp版和Php版的防注入代码
作者:admin 日期:2012-09-22
Php版本的:
PHP代码
- <?php
- //Code By Safe3
- function customError($errno, $errstr, $errfile, $errline)
- {
- echo "<b>Error number:</b> [$errno],error on line $errline in $errfile<br />";
- die();
- }
- set_error_handler("customError",E_ERROR);
- $getfilter="'|(and|or)\\b.+?(>|<|=|in|like)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?Select|Update.+?SET|Insert\\s+INTO.+?VALUES|(Select|Delete).+?FROM|(Create|Alter|Drop|TRUNCATE)\\s+(TABLE|DATABASE)";
- $postfilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?Select|Update.+?SET|Insert\\s+INTO.+?VALUES|(Select|Delete).+?FROM|(Create|Alter|Drop|TRUNCATE)\\s+(TABLE|DATABASE)";
- $cookiefilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?Select|Update.+?SET|Insert\\s+INTO.+?VALUES|(Select|Delete).+?FROM|(Create|Alter|Drop|TRUNCATE)\\s+(TABLE|DATABASE)";
- function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq){
- if(is_array($StrFiltValue))
- {
- $StrFiltValue=implode($StrFiltValue);
- }
- if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){
- //slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$StrFiltKey."<br>提交数据: ".$StrFiltValue);
- print "360websec notice:Illegal operation!";
- exit();
- }
- }
- //$ArrPGC=array_merge($_GET,$_POST,$_COOKIE);
- foreach($_GET as $key=>$value){
- StopAttack($key,$value,$getfilter);
- }
- foreach($_POST as $key=>$value){
- StopAttack($key,$value,$postfilter);
- }
- foreach($_COOKIE as $key=>$value){
- StopAttack($key,$value,$cookiefilter);
- }
- if (file_exists('update360.php')) {
- echo "请重命名文件update360.php,防止黑客利用<br/>";
- die();
- }
- function slog($logs)
- {
- $toppath=$_SERVER["DOCUMENT_ROOT"]."/log.htm";
- $Ts=fopen($toppath,"a+");
- fputs($Ts,$logs."\r\n");
- fclose($Ts);
- }
- ?>
Asp版本的:
ASP/Visual Basic代码
- <%
- 'Code by safe3
- On Error Resume Next
- if request.querystring<>"" then call stophacker(request.querystring,"'|(and|or)\b.+?(>|<|=|in|like)|/\*.+?\*/|<\s*script\b|\bEXEC\b|UNION.+?Select|Update.+?SET|Insert\s+INTO.+?VALUES|(Select|Delete).+?FROM|(Create|Alter|Drop|TRUNCATE)\s+(TABLE|DATABASE)")
- if request.Form<>"" then call stophacker(request.Form,"\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*.+?\*/|<\s*script\b|\bEXEC\b|UNION.+?Select|Update.+?SET|Insert\s+INTO.+?VALUES|(Select|Delete).+?FROM|(Create|Alter|Drop|TRUNCATE)\s+(TABLE|DATABASE)")
- if request.Cookies<>"" then call stophacker(request.Cookies,"\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*.+?\*/|<\s*script\b|\bEXEC\b|UNION.+?Select|Update.+?SET|Insert\s+INTO.+?VALUES|(Select|Delete).+?FROM|(Create|Alter|Drop|TRUNCATE)\s+(TABLE|DATABASE)")
- ms()
- function stophacker(values,re)
- dim l_get, l_get2,n_get,regex,IP
- for each n_get in values
- for each l_get in values
- l_get2 = values(l_get)
- set regex = new regexp
- regex.ignorecase = true
- regex.global = true
- regex.pattern = re
- if regex.test(l_get2) then
- IP=Request.ServerVariables("HTTP_X_FORWARDED_FOR")
- If IP = "" Then
- IP=Request.ServerVariables("REMOTE_ADDR")
- end if
- 'slog("<br><br>操作IP: "&ip&"<br>操作时间: " & now() & "<br>操作页面:"&Request.ServerVariables("URL")&"<br>提交方式: "&Request.ServerVariables("Request_Method")&"<br>提交参数: "&l_get&"<br>提交数据: "&l_get2)
- Response.Write "360websec notice:Illegal operation!"
- Response.end
- end if
- set regex = nothing
- next
- next
- end function
- sub slog(logs)
- dim toppath,fs,Ts
- toppath = Server.Mappath("/log.htm")
- Set fs = CreateObject("scripting.filesystemobject")
- If Not Fs.FILEEXISTS(toppath) Then
- Set Ts = fs.createtextfile(toppath, True)
- Ts.close
- end if
- Set Ts= Fs.OpenTextFile(toppath,8)
- Ts.writeline (logs)
- Ts.Close
- Set Ts=nothing
- Set fs=nothing
- end sub
- sub ms()
- dim path,fs
- path = Server.Mappath("update360.asp")
- Set fs = CreateObject("scripting.filesystemobject")
- If Fs.FILEEXISTS(path) Then
- Response.Write "请重命名升级文件update360.asp防止黑客利用"
- Response.End
- end if
- Set fs=nothing
- end sub
- %>
评论: 0 | 引用: 0 | 查看次数: 3727
发表评论
广告位