ASP Website vulnerability resolution and hacker intrusion prevention method 3

8. ASP Trojan

I have already mentioned this. I would like to remind the Forum masters that you should be careful when uploading your files: Why will the host be occupied by attackers after the Forum program is cracked. The reason is ...... Yes! ASP Trojan! An absolutely hateful thing. Virus? You can also store a file in the program of your forum. It's strange not to vomit blood. How can we prevent ASP trojans from being uploaded to the server? The method is very simple. If your Forum supports file upload, set the file format you want to upload. I do not agree to use the file format that can be changed and lock it directly from the program, only the image file format can be used, and the compressed file can be used. It is more convenient to leave more points for the attacker. How can I determine the format? Here I have collected one and changed one. You can take a look:

Program body (10)

'Determine whether the file type is qualified
Private Function CheckFileExt (fileEXT)
Dim Forumupload
Forumupload = "gif, jpg, bmp, jpeg"
Forumupload = split (Forumupload ,",")
For I = 0 to ubound (Forumupload)
If lcase (fileEXT) = lcase (trim (Forumupload (I) then
CheckFileExt = true
Exit Function
Else
CheckFileExt = false
End if
Next
End Function
'Verify the validity of the file content

Set MyFile = server. CreateObject ("Scripting. FileSystemObject ")
Set MyText = MyFile. OpenTextFile (sFile, 1) 'read text files
STextAll = lcase (MyText. ReadAll): MyText. close
'Judge dangerous operations in User Files
SStr = "8. getfolder. createfolder. deletefolder. createdirectory
. Deletedirectory"
SStr = sStr & ". saveas wscript. shell script. encode"
SNoString = split (sStr ,"")
For I = 1 to sNoString (0)
If instr (sTextAll, sNoString (I) <> 0 then
SFile = Upl. Path & sFileSave: fs. DeleteFile sFile
Response. write "<center> <br> <big>" & sFileSave & "The file contains commands related to the Operation directory "&_
"<Br> <font color = red>" & mid (sNoString (I), 2) & "</font>, for security reasons, <B> cannot upload. <B> "& _" </big> </center> Response. end
End if
Next

If you add them to your upload program for verification, the security of your upload program will be greatly improved.

What? Are you not at ease? Come up with a killer. Ask your VM service provider for help. Log on to the server and rename or delete the "shell. application" and "shell. application.1" items in prog id. Rename or delete the "WSCRIPT. SHELL" item and "WSCRIPT. SHELL.1" item. I can say that almost half of domestic virtual hosts have never been changed. We can only thank you for your cooperation ...... I delete, I delete, I delete ......