摘要:
经常听说的ASP上传漏洞,即是将一些木马文件修改后缀名(修改为图像文件后缀),进行上传。针对此情况使用下列函数进行辨别关键字:
正文:
pe=true else CheckFileType=false
next
case "png"
stamp=fstream.read(4)
for i=0 to 3
if ascB(MidB(stamp,i+1,1))=png(i) then CheckFileType=true else CheckFileType=false
next
case "bmp"
stamp=fstream.read(2)
for i=0 to 1
if ascB(MidB(stamp,i+1,1))=bmp(i) then CheckFileType=true else CheckFileType=false
next
end select
fstream.Close
set fseteam=nothing
if err.number<>0 then CheckFileType=false
end function
function TrueStr(fileTrue)
str_len=len(fileTrue)
pos=Instr(fileTrue,chr(0))
if pos=0 or pos=str_len then
TrueStr=true
else
TrueStr=false
end if
end function
filesizemin=100
filesizemax=200*1024
set upload=new upload_5xSoft 建立上传对象
f_folder=upload.form("upfilefolder")
*******列出所有上传文件***********
For each formName in upload.objFile
set file=upload.file(formName)
If file.filesize>0 then
********检测文件大小***********
If file.filesize<filesizemin Then
response.write "你上传的文件太小了 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
ElseIf file.filesize>filesizemax then
response.write "文件大小超过了 "&filesizemax&"字节 限制 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End If
*******检测文件类型*******
fileExt=ucase(right(file.filename,4))
uploadsuc=false Forum_upload="RAR|ZIP|swf|JPG|PNG|GIF|DOC|TXT|CHM|PDF|ACE|mp3|WMA|WMV|MIDI|AVI|rm|RA|rmVB|MOV|XLS"
Forumupload=split(Forum_upload,"|")
for i=0 to ubound(Forumupload)
if fileEXT="."&trim(Forumupload(i)) then
uploadsuc=true
exit for
else
uploadsuc=false
end if
next
if uploadsuc=false then
response.write "文件格式不正确 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
response.end
end if
********建立文件上传的目录文件夹*********
Set upf=Server.CreateObject("Scripting.FileSystemObject")
If Err<>0 Then
Err.Clear
response.write("您的服务器不支持FSO")
response.end
End If
f_type= replace(fileExt,".","")
f_name= year(now)&"-"&month(now)
If upf.FolderExists(Server.MapPath(f_folder&"/"&f_type&"/"&f_name))=False Then
If upf.FolderExists(Server.MapPath(f_folder&"/"&f_type))=False Then
If upf.FolderExists(Server.MapPath(f_folder
[1][2][3][4]
