xiaowuhello
彻底吓住黑客入侵者的代码
>>
完整版
以下是ASP代码,并且使用了ip地址归属地查询。<%Sub StopInjection_it_security(Values)Dim regExDim IPSet regEx = New RegExpregEx.IgnoreCase = TrueregEx.Global = TrueregEx.Pattern = "'|;|#|([\s\b+()]+(select|union|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b+]*)"If regEx.Test(Values) ThenIP = Request.ServerVariables("HTTP_X_FORWARDED_F")IF(IP="")THEN IP = Request.ServerVariables("REMOTE_ADDR")response.write("<span name=addr id=addr></span>")response.write("<script src=http://whois.pconline.com.cn/jsLabel.jsp?ip=" & IP &"&id=addr></script>")Response.Write " *本站禁止HTML标签噢* alert('北京海淀网络公安局警官小天(13021)提醒你:\n◇来自:'+document.getElementById('addr').innerHTML +' 的朋友\n◇你的非法访问已经被记录\n★非法IP=" & IP & "\n★请保持手机畅通,恭候公安部门调查!')</script>"Response.EndEnd IfSet regEx = NothingEnd Sub%>
