如何在asp中防止图片木马上传
展开全部
对于ASP程序的网站,木马注入最常见的方法之一就是上传图片木马。那么,如何防止图片木马上传呢?利用下面的代码,也许可以帮你实现。
const adTypeBinary=1
dim jpg(1):jpg(0)=CByte(&HFF;):jpg(1)=CByte(&HD8;)
dim bmp(1):bmp(0)=CByte(&H42;):bmp(1)=CByte(&H4D;)
dim png(3):png(0)=CByte(&H89;):png(1)=CByte(&H50;):png(2)=CByte(&H4E;):png(3)=CByte(&H47;)
dim
gif(5):gif(0)=CByte(&H47;):gif(1)=CByte(&H49;):gif(2)=CByte(&H46;):gif(3)=CByte(&H39;):gif(4)=CByte(&H38;):gif(5)=CByte(&H61;)
Response.Write CheckFileType(Server.MapPath("2.gif"))
function CheckFileType(filename)
on error resume next
CheckFileType=false
dim fstream,fileExt,stamp,i
fileExt=mid(filename,InStrRev(filename,".")+1)
set fstream=Server.createobject("ADODB.Stream")
fstream.Open
fstream.Type=adTypeBinary
fstream.LoadFromFile filename
fstream.position=0
select case fileExt
case "jpg","jpeg"
stamp=fstream.read(2)
for i=0 to 1
if ascB(MidB(stamp,i+1,1))=jpg(i) then CheckFileType=true else CheckFileType=false
next
case "gif"
stamp=fstream.read(6)
for i=0 to 5
if ascB(MidB(stamp,i+1,1))=gif(i) then CheckFileType=true else CheckFileType=false
next
case "png"
stamp=fstream.read(4)
for i=0 to 3
if ascB(MidB(stamp,i+1,1))=png(i) then CheckFileType=true else CheckFileType=false
next
case "bmp"
stamp=fstream.read(2)
for i=0 to 1
if ascB(MidB(stamp,i+1,1))=bmp(i) then CheckFileType=true else CheckFileType=false
next
end select
fstream.Close
set fseteam=nothing
if err.number<>0 then CheckFileType=false
end function
%>
const adTypeBinary=1
dim jpg(1):jpg(0)=CByte(&HFF;):jpg(1)=CByte(&HD8;)
dim bmp(1):bmp(0)=CByte(&H42;):bmp(1)=CByte(&H4D;)
dim png(3):png(0)=CByte(&H89;):png(1)=CByte(&H50;):png(2)=CByte(&H4E;):png(3)=CByte(&H47;)
dim
gif(5):gif(0)=CByte(&H47;):gif(1)=CByte(&H49;):gif(2)=CByte(&H46;):gif(3)=CByte(&H39;):gif(4)=CByte(&H38;):gif(5)=CByte(&H61;)
Response.Write CheckFileType(Server.MapPath("2.gif"))
function CheckFileType(filename)
on error resume next
CheckFileType=false
dim fstream,fileExt,stamp,i
fileExt=mid(filename,InStrRev(filename,".")+1)
set fstream=Server.createobject("ADODB.Stream")
fstream.Open
fstream.Type=adTypeBinary
fstream.LoadFromFile filename
fstream.position=0
select case fileExt
case "jpg","jpeg"
stamp=fstream.read(2)
for i=0 to 1
if ascB(MidB(stamp,i+1,1))=jpg(i) then CheckFileType=true else CheckFileType=false
next
case "gif"
stamp=fstream.read(6)
for i=0 to 5
if ascB(MidB(stamp,i+1,1))=gif(i) then CheckFileType=true else CheckFileType=false
next
case "png"
stamp=fstream.read(4)
for i=0 to 3
if ascB(MidB(stamp,i+1,1))=png(i) then CheckFileType=true else CheckFileType=false
next
case "bmp"
stamp=fstream.read(2)
for i=0 to 1
if ascB(MidB(stamp,i+1,1))=bmp(i) then CheckFileType=true else CheckFileType=false
next
end select
fstream.Close
set fseteam=nothing
if err.number<>0 then CheckFileType=false
end function
%>
本回答由网友推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
