开发者社区> 问答> 正文

求助帮忙修改下xss规则屏蔽下SCRIPT

阿里云提供的参考模板是:

<%
On Error Resume Next
if request.querystring<>"" then call stophacker(request.querystring,"'|<[^>]*?>|^\ /v(8|9)|\b(and|or)\b. ?(>|<|=|\bin\b|\blike\b)|/\*. ?\*/|<\s*script\b|\bEXEC\b|UNION. ?SELECT|UPDATE. ?SET|INSERT\s INTO. ?VALUES|(SELECT|DELETE). ?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s (TABLE|DATABASE)")
if Request.ServerVariables("HTTP_REFERER")<>"" then call test(Request.ServerVariables("HTTP_REFERER"),"'|\b(and|or)\b. ?(>|<|=|\bin\b|\blike\b)|/\*. ?\*/|<\s*script\b|\bEXEC\b|UNION. ?SELECT|UPDATE. ?SET|INSERT\s INTO. ?VALUES|(SELECT|DELETE). ?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s (TABLE|DATABASE)")
if request.Cookies<>"" then call stophacker(request.Cookies,"\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*. ?\*/|<\s*script\b|\bEXEC\b|UNION. ?SELECT|UPDATE. ?SET|INSERT\s INTO. ?VALUES|(SELECT|DELETE). ?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s (TABLE|DATABASE)")
call stophacker(request.Form,"^\ /v(8|9)|\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*. ?\*/|<\s*script\b|<\s*img\b|\bEXEC\b|UNION. ?SELECT|UPDATE. ?SET|INSERT\s INTO. ?VALUES|(SELECT|DELETE). ?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s (TABLE|DATABASE)")
function test(values,re)
  dim regex
  set regex=new regexp
  regex.ignorecase = true
  regex.global = true
  regex.pattern = re
  if regex.test(values) then
                                IP=Request.ServerVariables("HTTP_X_FORWARDED_FOR")
                                If IP = "" Then
                                  IP=Request.ServerVariables("REMOTE_ADDR")
                                end if
                                'slog("<br><br>操作IP: "&ip&"<br>操作时间: " & now() & "<br>操作页面:"&Request.ServerVariables("URL")&"<br>提交方式: "&Request.ServerVariables("Request_Method")&"<br>提交参数: "&l_get&"<br>提交数据: "&l_get2)
    Response.Write("<div style='position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;'><br>您的提交带有不合法参数,谢谢合作!<br><br>了解更多请点击:<a href='http://webscan.360.cn'>360网站安全检测</a></div>")
    Response.end
   end if
   set regex = nothing
end function

function stophacker(values,re)
dim l_get, l_get2,n_get,regex,IP
for each n_get in values
  for each l_get in values
   l_get2 = values(l_get)
   set regex = new regexp
   regex.ignorecase = true
   regex.global = true
   regex.pattern = re
   if regex.test(l_get2) then
                                IP=Request.ServerVariables("HTTP_X_FORWARDED_FOR")
                                If IP = "" Then
                                  IP=Request.ServerVariables("REMOTE_ADDR")
                                end if
                                'slog("<br><br>操作IP: "&ip&"<br>操作时间: " & now() & "<br>操作页面:"&Request.ServerVariables("URL")&"<br>提交方式: "&Request.ServerVariables("Request_Method")&"<br>提交参数: "&l_get&"<br>提交数据: "&l_get2)
    Response.Write("<div style='position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;'><br>您的提交带有不合法参数,谢谢合作!<br><br>了解更多请点击:<a href='http://webscan.360.cn'>360网站安全检测</a></div>")
    Response.end
   end if
   set regex = nothing
  next
next
end function
sub slog(logs)
        dim toppath,fs,Ts
        toppath = Server.Mappath("/log.txt")
                                Set fs = CreateObject("scripting.filesystemobject")
                                If Not Fs.FILEEXISTS(toppath) Then
                                    Set Ts = fs.createtextfile(toppath, True)
                                    Ts.close
                                end if
                                    Set Ts= Fs.OpenTextFile(toppath,8)
                                    Ts.writeline (logs)
                                    Ts.Close
                                    Set Ts=nothing
                                    Set fs=nothing
end sub
%>


地址 http://bbs.aliyun.com/read.php?spm=0.0.0.0.zK3ytW_0.0.0.0.z92Lwu&tid=137391

展开
收起
mynit 2013-09-04 10:28:01 11098 0
2 条回答
写回答
取消 提交回答
  • 该过滤的都已经过滤了
    %不能过滤

    -------------------------

    %是URL编码必须用到的

    2013-09-04 10:41:57
    赞同 展开评论 打赏
  • Re求助帮忙修改下xss规则屏蔽下SCRIPT
    过滤 " ' < > %  SCRIPT 这几个
    2013-09-04 10:31:32
    赞同 展开评论 打赏
问答分类:
问答地址:
问答排行榜
最热
最新

相关电子书

更多
JS 语言在引擎级别的执行过程 立即下载
JavaScript 语言在引擎级别的执行过程 立即下载
低代码开发师(初级)实战教程 立即下载