ASP木马Webshell安全解决办案
时间:2007-09-14 10:53:00
注意:本文所讲述之设置方法与环境:适用于Microsoft Windows 2000 Server/Win2003 SERVER IIS5.0/IIS6.0
1、首先我们来看看一般ASP木马、Webshell所利用的ASP组件有那些?我们以海洋木马为列:
<object runat="server" id="ws" scope="page" classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8">
</object>
<object runat="server" id="ws" scope="page" classid="clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B">
</object>
<object runat="server" id="net" scope="page" classid="clsid:093FF999-1EA0-4079-9525-9614C3504B74">
</object>
<object runat="server" id="net" scope="page" classid="clsid:F935DC26-1CF0-11D0-ADB9-00C04FD58A0B">
</object>
<object runat="server" id="fso" scope="page" classid="clsid:0D43FE01-F093-11CF-8940-00A0C9054228">
</object>
shellStr="Shell"
applicationStr="Application"
if cmdPath="wscriptShell"
set sa=server.createObject(shellStr&"."&applicationStr)
set streamT=server.createObject("adodb.stream")
set domainObject = GetObject("WinNT://.")
以上是海洋中的相关代码,从上面的代码我们不难看出一般ASP木马、Webshell主要利用了以下几类ASP组件:
① WScript.Shell (classid:72C24DD5-D70A-438B-8A42-98424B88AFB8)
② WScript.Shell.1 (classid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B)
③ WScript.network (classid:093FF999-1EA0-4079-9525-9614C3504B74)
④ WScript.Network.1 (classid:093FF999-1EA0-4079-9525-9614C3504B74)
⑤ FileSystem Object (classid:0D43FE01-F093-11CF-8940-00A0C9054228)
⑥ Adodb.stream (classid:{00000566-0000-0010-8000-00AA006D2EA4})
⑦ Shell.applicaiton....
hehe,这下我们清楚了危害我们WEB SERVER IIS的最罪魁祸首是谁了!!开始操刀,come on...
标签:木马,webshell
![](/images/zang.png)
![](/images/jiucuo.png)
猜你喜欢
PayPal购买Godaddy Deluxe Plan详细图解
2010-04-20 13:20:00
![](https://img.aspxhome.com/file/UploadPic/20104/7/20104713222235s.gif)
WordPress更换域名完美攻略
2011-10-29 17:03:25
跳出分类窠臼 地方网站如何发展地方新闻
2008-12-04 15:16:00
杂乱并非无章——谈站长社区的现状
2008-02-26 07:35:00
AdSense政策:什么是修改广告行为或定位
2008-01-04 11:37:00
阿里妈妈:是网络贵妇还是菜场大妈?
2007-09-20 16:22:00
手把手教你用杰奇程序做书站之整合DISCUZ论坛
2009-02-24 12:39:00
PHPWind v7.3.2修复某修邮件服务器不能发送邮件的问题
2009-05-31 17:38:00
Zotonic:下一个Drupal?
2011-05-17 12:14:00
![](https://img.aspxhome.com/file/UploadPic/20115/17/screen_shot_2010_09_07_at_22_36_42-33s.png)
虚拟礼物能否成为挽救社交网站的一线希望?
2009-10-27 17:44:00
DNS欺骗攻击技术分析及防范
2010-02-11 09:52:00
浅析如何有效推广影视站
2009-10-28 16:11:00
Google发布网站性能优化工具Page Speed
2009-10-15 11:01:00
![](https://img.aspxhome.com/file/UploadPic/200910/2009101617468475.jpg)
Kindle杀手Nook横空出世:装Android系统(图)
2009-10-28 10:06:00
![](https://img.aspxhome.com/file/UploadPic/200910/20091028102736986s.jpg)
动易.net3.0版分页第二页无数据的解决方法
2009-12-20 17:45:00
![](https://img.aspxhome.com/file/UploadPic/20101/11/1pz144wc-51s.jpg)
百度即将推出专利搜索服务
2007-12-19 12:40:00
编写安全的ASP代码
2008-03-24 20:10:00
Sendmail 554 错误的解决
2007-08-27 14:01:00
百度首页LOGO人物 首期:许三多
2007-11-07 19:16:00
![](https://img.aspxhome.com/file/UploadPic/up/2007110720474612.jpg)
ISA下FTP的解决办法(4)
2007-09-04 14:07:00