ASP and PHP page completely blocked WVS Scanner code _ Application Tips

Source: Internet
Author: User
Tags servervariables sql injection
Acunetix Web Vulnerability Scanner is a foreign-produced and its excellent scanning tool, can help mining a lot of loopholes in the site, including Common Sqlinjection, XSS (many of the people who think they like to use the WVS Sweep station to find XSS is announced that he found ... )。 Since Wvs is so bull, let's not give him a chance to visit the site, blocking it like a SQL injection.

Analysis of the WVS scan when the header file, basically contains its website in English name: Acunetix, so we started from this name. Here are three versions of the code:

1.ASP (JScript) version, for LBS users, you can use this (add or include in _common.asp files):
Copy Code code as follows:

<%
var stopscan= "= = Wvs PLS go away! by oldjun! ==";
var requestserver=string (Request.ServerVariables ("All_raw")). toLowerCase ();
if (Session ("Stopscan") ==1) {
Response.Write (Stopscan);
Response.End;
}
if (Requestserver.indexof ("Acunetix") >0) {
Response.Write (Stopscan);
Session ("Stopscan") = 1;
Response.End;
}
%>

2.ASP (VBscript) version, the general ASP users can use this, including to Conn.asp can:
Copy Code code as follows:

<%
Dim Stopscan,requestserver
stopscan= "= = Wvs PLS go away! by oldjun! =="
Requestserver=lcase (Request.ServerVariables ("All_raw"))
If session ("Stopscan") =1 Then
Response.Write (Stopscan)
Response.End
End If
If InStr (Requestserver, "Acunetix") Then
Response.Write (Stopscan)
Session ("Stopscan") =1
Response.End
End If
%>

3.PHP version:
Copy Code code as follows:

<?php
$http =$_server["All_http"];
If (Isset ($_cookie["Stopscan"]) && $_cookie["Stopscan"]) {
Die ("= = Wvs PLS go away! by oldjun! ==");
}
If (Strpos (Strtolower ($http), "Acunetix")) {
Setcookie ("Stopscan", 1);
Die ("= = Wvs PLS go away! by oldjun! ==");
}
?>

The code is very simple, this article is only to provide a train of thought, for general WVS scanning can intercept, if the head information can be defined or encountered Zwell Jsky, we find the most matching can ~~~from Oldjun
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.