Home>Network programming tutorial>ASP tutorial

Function code for detecting image Trojans under ASP

Author:Eve Cole Update Time:2025-03-04 06:16:02

Function to detect ASP image Trojans. Since FSO cannot read the content of the client file, it can only open the file for content inspection after it is uploaded to the server. Trojan horse principle: Intruders use tools such as ASP picture Trojan horse generator to merge a normal picture and an ASP Trojan horse file into a picture file (that is, harmful to the website).

The ASP code is inserted after the picture is encoded. Although the picture can still be displayed normally, the file content and size have been changed), and then upload this picture through the file upload function provided by the website.

' method pictures, thereby achieving the purpose of uploading ASP Trojan horse.

' Prevention method: Because this Trojan is a combination of a picture and a Trojan, you need to check the file content before uploading the picture. If the file content is illegal (that is, it contains malicious code),

' is prohibited from uploading, thus blocking the source of the Trojan attack. This is the first step in the Trojan attack. It is very important and must be blocked.

'************************************************ ***************************

Copy the code code as follows:

'Begin------------------------------------------------ -------------------------------------------------- --------------------------

function CheckFileContent(FileName)

dim ClientFile,ClientText,ClientContent,DangerString,DSArray,AttackFlag,k

set ClientFile=Server.CreateObject(Scripting.FileSystemObject)

set ClientText=ClientFile.OpenTextFile(Server.MapPath(FileName),1)

ClientContent=LCase(ClientText.ReadAll)

set ClientText=nothing

set ClientFile=nothing

AttackFlag=false

DangerString=.getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|.saveas|wscript.shell|script.encode|server.|.createobject|execute|activexobject|language=|include|filesystemobject|shell.application

DSArray=split(DangerString,|)

for k=0 to UBound(DSArray)

if InStr(ClientContent,DSArray(k))>0 then 'Determine whether the file content contains dangerous operation characters. If so, the file must be deleted.

AttackFlag=true

exit for

end if

next

CheckFileContent=AttackFlag

end function

'End------------------------------------------------ -------------------------------------------------- --------------------------

Related Articles