1
Dim CSB_NoSqlHack_AllStr,CSB_NoSqlHack_Str,CSB_NoSqlHack_ComeUrlGet,CSB_NoSqlHack_ComeUrlPost,CSB_NoSqlHack_Get,CSB_NoSqlHack_Post,CSB_NoSqlHack_i
2
'On Error Resume Next
3
'定义SQL过滤字符集
4
CSB_NoSqlHack_AllStr="'|;|and|(|)|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
5
'QueryString 集合检索 HTTP 查询字符串中变量的值。HTTP 查询字符串由问号 (?) 后的值指定。
6
CSB_NoSqlHack_ComeUrlGet = Request.QueryString
7
'Request.Form 集合检索 Form 查询表单提交是否存在SQL入注攻击
8
CSB_NoSqlHack_ComeUrlPost = Request.Form
9
CSB_NoSqlHack_Str = Split(CSB_NoSqlHack_AllStr,"|")
10![](/Images/OutliningIndicators/None.gif)
11
'Post
12
If CSB_NoSqlHack_ComeUrlPost<>"" then
13
For Each CSB_NoSqlHack_Post In Request.Form
14
For CSB_NoSqlHack_i = 0 To Ubound(CSB_NoSqlHack_Str)
15
If Instr(LCase(CSB_NoSqlHack_ComeUrlPost),CSB_NoSqlHack_Str(CSB_NoSqlHack_i))<>0 Then
16
'Response.Write("Error,请不要进行非法提交!")
17
'Response.End
18
Response.Write "<Script Language=JavaScript>alert('SQL通用防注入系统提示你↓\n\n请不要在参数中包含非法字符尝试注入!\n\nHttp://Www.Asduif.Com 系统版本:V1.0(ASP)版\n\nCoding By:Corin Design By:Macdesign');</Script>"
19
Response.Write "非法操作:系统做了如下记录↓<br>"
20
Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"<br>"
21
Response.Write "操作时间:"&Now&"<br>"
22
Response.Write "操作页面:"&Request.ServerVariables("URL")&"<br>"
23
Response.Write "提交方式:POST<br>"
24
Response.Write "提交参数:"&CSB_NoSqlHack_Post&"<br>"
25
Response.Write "提交数据:"&CSB_NoSqlHack_ComeUrlPost
26
Response.End
27
End if
28
Next
29
Next
30
End if
31![](/Images/OutliningIndicators/None.gif)
32
'Get
33
If CSB_NoSqlHack_ComeUrlGet<>"" then
34
For Each CSB_NoSqlHack_Get In Request.QueryString
35
For CSB_NoSqlHack_i = 0 To Ubound(CSB_NoSqlHack_Str)
36
'Response.Write CSB_NoSqlHack_ComeUrlGet
37
If Instr(LCase(CSB_NoSqlHack_ComeUrlGet),CSB_NoSqlHack_Str(CSB_NoSqlHack_i))<>0 Then
38
'Response.Write("Error,请不要进行非法提交!")
39
'Response.End
40
Response.Write "<Script Language=JavaScript>alert('SQL通用防注入系统提示你↓\n\n请不要在参数中包含非法字符尝试注入!\n\nHttp://Www.Asduif.Com 系统版本:V1.0(ASP)版\n\nCoding By:Corin Design By:Macdesign');</Script>"
41
Response.Write "非法操作:系统做了如下记录↓<br>"
42
Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"<br>"
43
Response.Write "操作时间:"&Now&"<br>"
44
Response.Write "操作页面:"&Request.ServerVariables("URL")&"<br>"
45
Response.Write "提交方式:POST<br>"
46
Response.Write "提交参数:"&CSB_NoSqlHack_Get&"<br>"
47
Response.Write "提交数据:"&CSB_NoSqlHack_ComeUrlGet
48
Response.End
49
End if
50
Next
51
Next
52
End if
![](/Images/OutliningIndicators/None.gif)
2
![](/Images/OutliningIndicators/None.gif)
3
![](/Images/OutliningIndicators/None.gif)
4
![](/Images/OutliningIndicators/None.gif)
5
![](/Images/OutliningIndicators/None.gif)
6
![](/Images/OutliningIndicators/None.gif)
7
![](/Images/OutliningIndicators/None.gif)
8
![](/Images/OutliningIndicators/None.gif)
9
![](/Images/OutliningIndicators/None.gif)
10
![](/Images/OutliningIndicators/None.gif)
11
![](/Images/OutliningIndicators/None.gif)
12
![](/Images/OutliningIndicators/None.gif)
13
![](/Images/OutliningIndicators/None.gif)
14
![](/Images/OutliningIndicators/None.gif)
15
![](/Images/OutliningIndicators/None.gif)
16
![](/Images/OutliningIndicators/None.gif)
17
![](/Images/OutliningIndicators/None.gif)
18
![](/Images/OutliningIndicators/None.gif)
19
![](/Images/OutliningIndicators/None.gif)
20
![](/Images/OutliningIndicators/None.gif)
21
![](/Images/OutliningIndicators/None.gif)
22
![](/Images/OutliningIndicators/None.gif)
23
![](/Images/OutliningIndicators/None.gif)
24
![](/Images/OutliningIndicators/None.gif)
25
![](/Images/OutliningIndicators/None.gif)
26
![](/Images/OutliningIndicators/None.gif)
27
![](/Images/OutliningIndicators/None.gif)
28
![](/Images/OutliningIndicators/None.gif)
29
![](/Images/OutliningIndicators/None.gif)
30
![](/Images/OutliningIndicators/None.gif)
31
![](/Images/OutliningIndicators/None.gif)
32
![](/Images/OutliningIndicators/None.gif)
33
![](/Images/OutliningIndicators/None.gif)
34
![](/Images/OutliningIndicators/None.gif)
35
![](/Images/OutliningIndicators/None.gif)
36
![](/Images/OutliningIndicators/None.gif)
37
![](/Images/OutliningIndicators/None.gif)
38
![](/Images/OutliningIndicators/None.gif)
39
![](/Images/OutliningIndicators/None.gif)
40
![](/Images/OutliningIndicators/None.gif)
41
![](/Images/OutliningIndicators/None.gif)
42
![](/Images/OutliningIndicators/None.gif)
43
![](/Images/OutliningIndicators/None.gif)
44
![](/Images/OutliningIndicators/None.gif)
45
![](/Images/OutliningIndicators/None.gif)
46
![](/Images/OutliningIndicators/None.gif)
47
![](/Images/OutliningIndicators/None.gif)
48
![](/Images/OutliningIndicators/None.gif)
49
![](/Images/OutliningIndicators/None.gif)
50
![](/Images/OutliningIndicators/None.gif)
51
![](/Images/OutliningIndicators/None.gif)
52
![](/Images/OutliningIndicators/None.gif)