网站中的隐形炸弹eWebEditor文件上传漏洞补丁
程序员文章站
2022-03-12 22:14:56
打开upload.asp文件 找到下面代码: 复制代码 代码如下:<% sallowext = r...
打开upload.asp文件
找到下面代码:
<%
sallowext = replace(ucase(sallowext), "asp", "")
%>
改为:
<%
sallowext = ucase(sallowext)
do while instr(sallowext, "asp") or instr(sallowext, "cer") or instr(sallowext, "asa") or instr(sallowext, "cdx") or instr(sallowext, "htr")
sallowext = replace(sallowext, "asp", "")
sallowext = replace(sallowext, "cer", "")
sallowext = replace(sallowext, "asa", "")
sallowext = replace(sallowext, "cdx", "")
sallowext = replace(sallowext, "htr", "")
loop
%>
转自:kinjava日志:http://jorkin.reallydo.com/article.asp?id=206
找到下面代码:
复制代码 代码如下:
<%
sallowext = replace(ucase(sallowext), "asp", "")
%>
改为:
复制代码 代码如下:
<%
sallowext = ucase(sallowext)
do while instr(sallowext, "asp") or instr(sallowext, "cer") or instr(sallowext, "asa") or instr(sallowext, "cdx") or instr(sallowext, "htr")
sallowext = replace(sallowext, "asp", "")
sallowext = replace(sallowext, "cer", "")
sallowext = replace(sallowext, "asa", "")
sallowext = replace(sallowext, "cdx", "")
sallowext = replace(sallowext, "htr", "")
loop
%>
转自:kinjava日志:http://jorkin.reallydo.com/article.asp?id=206