网站地图
【www.gdgbn.com--网页编辑器下载】
asp 显示目录下载所有文件夹与文件
Sub ShowAllFile(Path)
Set F1SO = CreateObject("Scripting.FileSystemObject")
if not F1SO.FolderExists(path) then exit sub
Set f = F1SO.GetFolder(Path)
Set fc2 = f.files
For Each myfile in fc2
If CheckExt(F1SO.GetExtensionName(path&""&myfile.name)) Then
Call ScanFile(Path&Temp&""&myfile.name, "")
SumFiles = SumFiles + 1
End If
Next
Set fc = f.SubFolders
For Each f1 in fc
ShowAllFile path&""&f1.name
SumFolders = SumFolders + 1
Next
Set F1SO = Nothing
End Sub
Sub ScanFile(FilePath, InFile)
Server.ScriptTimeout=999999999
If InFile <> "" Then
Infiles = "该文件被http://"&Request.Servervariables("server_name")&"/"&tURLEncode(InFile)&""" target=_blank>"& InFile & "文件包含执行"
End If
Set FSO1s = CreateObject("Scripting.FileSystemObject")
on error resume next
set ofile = FSO1s.OpenTextFile(FilePath)
filetxt = Lcase(ofile.readall())
If err Then Exit Sub end if
if len(filetxt)>0 then
filetxt = vbcrlf & filetxt
temp = "http://"&Request.Servervariables("server_name")&"/"&tURLEncode(replace(replace(FilePath,server.MapPath("")&"","",1,1,1),"","/"))&""" target=_blank>"&replace(FilePath,server.MapPath("")&"","",1,1,1)&"
"
temp=temp&"javascript:FullForm("""&replace(replace(FilePath,server.MapPath("")&"","",1,1,1),"","")&""",""EditFile"")" class="am" title="编辑">Edit "
temp=temp&"")&""",""DelFile"")" onclick="return yesok()" class="am" title="删除">Del "
temp=temp&"")&""",""CopyFile"")" class="am" title="复制">Copy "
temp=temp&"")&""",""MoveFile"")" class="am" title="移动">Move"
If instr( filetxt, Lcase("WScr"&DoMyBest&"ipt.Shell") ) or Instr( filetxt, Lcase("clsid:72C24DD5-D70A"&DoMyBest&"-438B-8A42-98424B88AFB8") ) then
Report = Report&""&temp&"WScr"&DoMyBest&"ipt.Shell 或者 clsid:72C24DD5-D70A"&DoMyBest&"-438B-8A42-98424B88AFB8危险组件,一般被ASP利用"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End if
If instr( filetxt, Lcase("She"&DoMyBest&"ll.Application") ) or Instr( filetxt, Lcase("clsid:13709620-C27"&DoMyBest&"9-11CE-A49E-444553540000") ) then
Report = Report&""&temp&"She"&DoMyBest&"ll.Application 或者 clsid:13709620-C27"&DoMyBest&"9-11CE-A49E-444553540000危险组件,一般被ASP利用"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = "bLANGUAGEs*=s*[""]?s*(vbscript|jscript|javascript).encodeb"
If regEx.Test(filetxt) Then
Report = Report&""&temp&"(vbscript|jscript|javascript).Encode似乎脚本被加密了"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = "bEv"&"alb"
If regEx.Test(filetxt) Then
Report = Report&""&temp&"Ev"&"ale"&"val()函数可以执行任意ASP代码
但是javascript代码中也可以使用,有可能是误报。"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = "[^.]bExe"&"cuteb"
If regEx.Test(filetxt) Then
Report = Report&""&temp&"Exec"&"utee"&"xecute()函数可以执行任意ASP代码
"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = ".(Open|Create)TextFileb"
If regEx.Test(filetxt) Then
Report = Report&""&temp&".CreateTextFile|.OpenTextFile使用了FSO的CreateTextFile|OpenTextFile读写文件"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = ".SaveToFileb"
If regEx.Test(filetxt) Then
Report = Report&""&temp&".SaveToFile使用了Stream的SaveToFile函数写文件"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = ".Saveb"
If regEx.Test(filetxt) Then
Report = Report&""&temp&".Save使用了XMLHTTP的Save函数写文件"&infiles&""&GetDateCreate(filepath)&"
"&GetDateModify(filepath)&""
Sun = Sun + 1
temp="-同上-"
End If
Set regEx = Nothing
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = "