ASP防止图片木马上传的代码
程序员文章站
2023-01-24 19:05:49
asp木马防御: 复制代码 代码如下: const adtypebinary=1 dim jpg(1):jpg(0)=cbyte(&hff):jpg(1)=cbyte(&h...
asp木马防御:
const adtypebinary=1
dim jpg(1):jpg(0)=cbyte(&hff):jpg(1)=cbyte(&hd8)
dim bmp(1):bmp(0)=cbyte(&h42):bmp(1)=cbyte(&h4d)
dim png(3):png(0)=cbyte(&h89):png(1)=cbyte(&h50):png(2)=cbyte(&h4e):png(3)=cbyte(&h47)
dim gif(5):gif(0)=cbyte(&h47):gif(1)=cbyte(&h49):gif(2)=cbyte(&h46):gif(3)=cbyte(&h39):gif(4)=cbyte(&h38):gif(5)=cbyte(&h61)
response.write checkfiletype(server.mappath("2.gif"))
function checkfiletype(filename)
on error resume next
checkfiletype=false
dim fstream,fileext,stamp,i
fileext=mid(filename,instrrev(filename,".")+1)
set fstream=server.createobject("adodb.stream")
fstream.open
fstream.type=adtypebinary
fstream.loadfromfile filename
fstream.position=0
select case fileext
case "jpg","jpeg"
stamp=fstream.read(2)
for i=0 to 1
if ascb(midb(stamp,i+1,1))=jpg(i) then checkfiletype=true else checkfiletype=false
next
case "gif"
stamp=fstream.read(6)
for i=0 to 5
if ascb(midb(stamp,i+1,1))=gif(i) then checkfiletype=true else checkfiletype=false
next
case "png"
stamp=fstream.read(4)
for i=0 to 3
if ascb(midb(stamp,i+1,1))=png(i) then checkfiletype=true else checkfiletype=false
next
case "bmp"
stamp=fstream.read(2)
for i=0 to 1
if ascb(midb(stamp,i+1,1))=bmp(i) then checkfiletype=true else checkfiletype=false
next
end select
fstream.close
set fseteam=nothing
if err.number<>0 then checkfiletype=false
end function
%>
复制代码 代码如下:
const adtypebinary=1
dim jpg(1):jpg(0)=cbyte(&hff):jpg(1)=cbyte(&hd8)
dim bmp(1):bmp(0)=cbyte(&h42):bmp(1)=cbyte(&h4d)
dim png(3):png(0)=cbyte(&h89):png(1)=cbyte(&h50):png(2)=cbyte(&h4e):png(3)=cbyte(&h47)
dim gif(5):gif(0)=cbyte(&h47):gif(1)=cbyte(&h49):gif(2)=cbyte(&h46):gif(3)=cbyte(&h39):gif(4)=cbyte(&h38):gif(5)=cbyte(&h61)
response.write checkfiletype(server.mappath("2.gif"))
function checkfiletype(filename)
on error resume next
checkfiletype=false
dim fstream,fileext,stamp,i
fileext=mid(filename,instrrev(filename,".")+1)
set fstream=server.createobject("adodb.stream")
fstream.open
fstream.type=adtypebinary
fstream.loadfromfile filename
fstream.position=0
select case fileext
case "jpg","jpeg"
stamp=fstream.read(2)
for i=0 to 1
if ascb(midb(stamp,i+1,1))=jpg(i) then checkfiletype=true else checkfiletype=false
next
case "gif"
stamp=fstream.read(6)
for i=0 to 5
if ascb(midb(stamp,i+1,1))=gif(i) then checkfiletype=true else checkfiletype=false
next
case "png"
stamp=fstream.read(4)
for i=0 to 3
if ascb(midb(stamp,i+1,1))=png(i) then checkfiletype=true else checkfiletype=false
next
case "bmp"
stamp=fstream.read(2)
for i=0 to 1
if ascb(midb(stamp,i+1,1))=bmp(i) then checkfiletype=true else checkfiletype=false
next
end select
fstream.close
set fseteam=nothing
if err.number<>0 then checkfiletype=false
end function
%>