In addition to ASP files, a website has the largest number of image files. It makes our webpage "beautiful", but have you ever thought of a security attack, images can also be ASP Trojans.
ASP Trojans have been around for a long time, with more and more types and strong concealment. Now we are looking for an ASP Trojan to make it an ASP Trojan.
First, we should name the suffix "GIF" directly on the ASP Trojan server. Remember to use the fault-tolerant format:
I. Show us how to use include
Next, use the include command (<! -- # Include file = "xxx.gif" -->). We often see this command, but it has a very special function that you may not have used. This is the function that can be called in other files, regardless of its suffix, even an image file.
Then we create an ASP file and write it in it. Of course, you can insert it to the header or tail of any ASP file. Asp.gif is the ASP Trojan server. In a word, this image ASP Trojan is ready.
However, there is still a small problem here. Although there are many pictures on the website, what would the Administrator think if he accidentally opened the picture and showed a little red cross on IE?
In order not to be suspicious, we need to let our image become a real GIF file!
Ii. copy for us
.
Start the DOS window in windows and type copy 1.gif/B + ASP. asp/A asp.gif.
The parameter/B indicates that files are copied and merged in binary format. Parameter/A indicates copying and merging files in ascll format. Pay attention to the file sequence. After the execution, asp.gif will be generated, which is our ASP Trojan server. But now it has become a beauty of Tingting Yuli.