ASP processing method of database hanging horse

Source: Internet
Author: User
Tags exit end sql servervariables table name
Database is hanging horse I believe a lot of people have met. Here, I'll talk about the way I deal with it.

Database is hanging horse I believe a lot of people have met. Here, I'll talk about the way I deal with it.

First step: Make a backup of the existing database.

Step Two:

Execute the following ASP file, so you can remove the JS Trojan horse in the database:
Note: Conn.asp wrote it himself.

' Here is the content of JS Trojan Horse: Please remember to change the content of JS Trojan horse in your own database.
<!--#include file= "Conn. ASP "-->
<%
server.scripttimeout=180
Set Rstschema = conn. OpenSchema (20)
K=1
Do Until rstschema.eof ' traverse database table
If Rstschema ("table_type") = "TABLE" Then
Response.Write k& ". <font color=red><b>" &rstschema ("table_name") & "</b></font> : "' Show Table name
Set rs=server.createobject ("ADODB. Recordset ")
Sql= "SELECT * FROM [" & Rstschema ("table_name") & "]"
Rs.Open sql,conn,1,3
For i=0 to rs.fields.count-1 ' traversal of fields in a table
If Int (rs (i). Type) =129 or int (RS (i). Type) =130 or int (RS (i). Type) =200 or int (RS (i). Type) =201 or int (RS (i). Type) =202 or int (RS (i). Type) =203 Then ' Handles only fields with field type character type
Conn.execute ("Update [" &rstschema ("table_name") & "Set" &rs (i) .name& "=replace" (CAST ("&rs"). name& "as varchar (8000)), ' Put the JS trojan content ' here ', ')"
Response.Write rs (i). Name & "" &rs (i). Type & "" shows the name of the field that was executed.
End If
Next
Response.Write "<br>"
End If
Rstschema.movenext
K=k+1
Loop
Response. Write "Successful Execution"
%>

If there are many database tables, the above traversal database structure has not been executed by IIS to stop. At this time can be in

If Rstschema ("table_type") = "TABLE" Then

The range of K value should be added appropriately, such as:

If Rstschema ("table_type") = "TABLE" k>10 and k<20 Then

In this case, you can only operate 9 tables at a time.

Step Three:

According to the characteristics of the database JS injection (including characters such as <script, </script> and http://),
In Conn. The following code is placed in the ASP:

Function Cheack_sqljs () ' Prevent database outside of the chain JS injection: True for the discovery of the chain JS injection.
Dim F_post,f_get
Cheack_sqljs=false
If request.form<> "Then" form submission detection
For each f_post in Request.Form
If (LCase (Request.Form (F_post), "<script") <>0 or Instr (LCase (Request.Form), F_post (</script), Instr > ") <>0) and Instr (LCase (Request.Form (f_post))," http://") <>0 Then
Cheack_sqljs=true
Exit for
End If
Next
End If
If request.querystring<> "" Then ' querystring when submitted for detection
For each f_get in Request.QueryString
If (LCase (Request.Form (F_get), "<script") <>0 or Instr (LCase (Request.Form), "</script>"), "Instr" <>0) and Instr (LCase (Request.Form (F_get)), "http://") <>0 Then
Cheack_sqljs=true
Exit for
End If
Next
End If
End Function
Function checkdatafrom () ' Check the submission data source: True for data submitted from outside the station
Checkdatafrom=true
Server_v1=cstr (Request.ServerVariables ("Http_referer"))
Server_v2=cstr (Request.ServerVariables ("SERVER_NAME"))
If Mid (Server_v1,8,len (SERVER_V2)) <>server_v2 Then
Checkdatafrom=false
End If
End Function
If Cheack_sqljs or Checkdatafrom Then
Response.Write "<script Language=javascript>alert (' forbidden to execute, illegal operation. ');</script> "
Response.End ()
End If



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.