The day before yesterday found that the number of blog members increased a lot, checked, many of them are malicious registered users and has lasted for several months:
Search the IIS log to find the corresponding post information:
Reference content
2014-12-18 07:29:05 w3svc179938905 42.121.105.222 post/register.asp-80-178.43.73.53 mozilla/5.0+ (Windows+NT+6.1) + applewebkit/537.36+ (khtml,+like+gecko) +chrome/27.0.1453.116+safari/537.36 404 0 2
This means that malicious registration is done by submitting a form, will the verification code be cracked? Clean up the malicious record, the verification code has been upgraded, but yesterday to see malicious registration continues, will not be a digital verification code too easy to crack? Upgrade again in Chinese verification code, today view malicious registration is still in progress
Modify the Register.asp file, save the registration data, and get the following information:
Username=ldoo88w6j&password=qwedsa&confirmpassword=qwedsa&gender=0&email=&hiddenemail=1 &homepage=http%3a%2f%2fcompresseibrig.eu&validate=&action=save&submit2=%e6%b3%a8%e5%86%8c%e6% 96%b0%e7%94%a8%e6%88%b7
Can I register an empty authentication code? Tried on the page, no, but put in the Fiddler2 submitted but registered successful, why? Open Register.asp to see the relevant procedures:
The code is as follows |
Copy Code |
If CStr (LCase ("GetCode")) <>cstr (LCase (validate)) Then
Reinfo (0) = "error Message"
Reinfo (1) = "<b> Verification code is incorrect, please return to re-enter </b><br/><a href=" "Javascript:history.go (-1);" " > Click Back </a> "
Reinfo (2) = "Erroricon"
Register = Reinfo
Exit Function
End If
|
Okay, here's a bug:
when submitting with a Third-party program, the value of the common/getcode.asp session ("GetCode") is not invoked, so the null authentication code can also be registered.
Workaround: Open the Register.asp file and modify the program as follows (166 lines):
The code is as follows |
Copy Code |
If CStr (LCase ("GetCode")) <>cstr (LCase (Validate)) Or session ("GetCode") = "" Then
Reinfo (0) = "error Message"
Reinfo (1) = "<b> Verification code is incorrect, please return to re-enter </b><br/><a href=" "Javascript:history.go (-1);" " > Click Back </a> "
Reinfo (2) = "Erroricon"
Register = Reinfo
Exit Function
End If
|
OK, problem solved.
PostScript: Online search for the next, the Recruit not only my blog: