WEB开发网
开发学院WEB开发ASP 编写一个asp代码执行器 阅读

编写一个asp代码执行器

 2004-02-07 11:10:46 来源:WEB开发网   
核心提示:保存为runasp.asp运行,账号密码admin,编写一个asp代码执行器,登陆后输入代码就可执行了!!<% @ LANGUAGE="VBSCRipT" %><%Option Explicitresponse.buffer=truedim SpassWord,SUserName

保存为runasp.asp运行。账号密码admin,登陆后输入代码就可执行了!!

<% @ LANGUAGE="VBSCRipT" %>
<%Option Explicit
response.buffer=true
dim SpassWord,SUserName
   SUserName="admin"
   Spassword="admin"
dim SQLMutiStr
dim i
dim action
   action=request.querystring("action")

IF action="GetCode" then '---------TOT
   NumCodeJS
ELSE '--------TOT
   Response.Write("<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.0 Transitional//EN"">")
   Response.Write("<HTML>")
   Response.Write("<HEAD>")
   Response.Write("<TITLE>ASP RunCode SCR V1.0 / Create By PaintBlue.Net V37</TITLE>")
   Response.Write("<META NAME=""Generator"" CONTENT=""EditPlus,V37,PaintBlue.Net"">")
   Response.Write("<META NAME=""Author"" CONTENT=""V37,PaintBlue.Net"">")
   Response.Write("<META NAME=""Keywords"" CONTENT=""PaintBlue.Net,,V37,RunCode,ASP,Script,BlueIdea.COM,Lfgbox.com"">")
   Response.Write("<META NAME=""Description"" CONTENT=""运行ASP代码的ASP脚本!"">")
   Response.Write("</HEAD>")
   Response.Write("<BODY bgcolor=#D4D0C8>")

   SQLMutiStr=trim(Request.Form("SQLMutiStr"))
   if session("login")="" and action="chkpass" then
     session("login")=checkPass()
   end if
   if action="exit" then session("login")=""
   if session("login")="1" then
       if action="RunCode" then 
         if SQLMutiStr="" then
           Response.write "没有输入要运行的代码!"
           Response.write "<br><br><a href=""javascript:window.history.back();"">返回运行页面</a><br><br>"
           Response.write "<a href=""?action=exit"">退出登陆</a>"
           response.end
         else
           dim ExeStrArr
           dim re
           dim tempSQL,tempSQL2
             dim ScriptArr,ScriptSubArr
             tempSQL2=""
           tempSQL=split(SQLMutiStr,vbcrlf)
           if inStr(lcase(tempSQL(0)),"language")>0 then
             tempSQL2=tempSQL(1)
             if ubound(tempSQL)>1 then
               for i=1 to ubound(tempSQL)
                 tempSQL2=tempSQL2&tempSQL(i)
               next
             end if
             tempSQL2=trim(tempSQL2)
           else
             tempSQL2=SQLMutiStr
           end if
             tempSQL2=replace(tempSQL2,"<%"&"=","<"&"%response.write ")
             do
               tempSQL2=replace(tempSQL2,vbcrlf&vbcrlf,vbcrlf)
             loop while instr(tempSQL2,vbcrlf&vbcrlf)>0
               tempSQL2=trim(tempSQL2)
               tempSQL2="<"&"%%"&">"&tempSQL2&"<"&"%%"&">"
               ScriptArr=split(tempSQL2,"%"&">")
             dim ub,kub
               ub=ubound(ScriptArr)
             for i=0 to ub-1
               ScriptSubArr=split(ScriptArr(i),"<"&"%")
               if i>0 then response.write (ScriptSubArr(0))
               ExeCuteIt(ScriptSubArr(1))
             next
           call EndPRoc("<font color=#009900>代码运行完毕!</font>")
         end if
       else
         %>
         输入要运行的ASP代码:
         <FORM METHOD=POST ACTION="?action=RunCode" style="margin:0px;">
         <TEXTAREA NAME="SQLMutiStr" wrap='OFF' ROWS="20" style="width:100%;height:100%;table-layout:fixed;word-break:break-all;"><%=Server.Htmlencode(SQLMutiStr)%></TEXTAREA>
         <br>
         <INPUT TYPE="button" Value="LouOut">
         <INPUT TYPE="reset" Value="Clear">
         <INPUT TYPE="submit" value="Run AspCode">
         </FORM>
     <%   end if
   else
     call loginmain()
   end if
     Response.write ("</BODY></HTML>")
END IF '-------TOT

SUB loginMain()
   %>

   <FORM METHOD=POST ACTION="?action=chkpass"> UserName:<INPUT TYPE="text" NAME="UserName"><br>
      PassWord:<INPUT TYPE="password" NAME="Runpassword"><br>
     CheckCode:<INPUT TYPE="GetCode" NAME="GetCode"><img src="runasp.asp?action=GetCode&Time=<%=timer()%>"><br>
     <br><img width=125 height=0><INPUT TYPE="submit" value=" Login "></FORM>
   <%  
End SUB

function checkPass()
   dim UserName,Runpassword,GetCode
   dim errinfo
   checkPass=""
   UserName=trim(request.form("UserName"))
   Runpassword=trim(request.form("Runpassword"))
   GetCode=request.form("GetCode")
   if UserName="" or Runpassword="" then
     errinfo=errinfo&"<li>用户名和密码输入不能为空"
   end if
   if Not isnumeric(GetCode) then
     errinfo=errinfo&"<li>请输入数字校验码"
   end if
   if errinfo<>"" then
     call loginmain()    
     EndProc errinfo
   end if
   if action="chkpass" and Session("GetCode")=int(GetCode) and UserName=SUserName and Runpassword=Spassword then
     Session("GetCode")=0
     checkPass="1"
   else
     call loginmain()
     EndProc "登陆失败!请重新确认正确输入"
   end if
End function

SUB   ExeCuteIt(ExString)
   on error resume next
   Execute(ExString)
   if err.number<>0 then
     Response.write "<div style=""background-color: #ffeedd;padding: 6px;"">"
     Response.write "<hr size=1>"
     Response.write "出错信息:<li><font color=#ff0000>"&err.description&"</font>"
     Response.write "<hr size=1>"
     Response.write "出错代码:<li><font color=#0000ff>"&Htmlencode(ExString)&"</font>"
     Response.write "<hr size=1></div>"
   end if
   on error goto 0
end SUB

function HTMLEncode(reString)
   dim Str:Str=reString
   if not isnull(Str) then
     Str = replace(Str, ">", ">")
     Str = replace(Str, "<", "<")
     Str = Replace(Str, CHR(32), " ")
     Str = Replace(Str, CHR(9), "  ")
     Str = Replace(Str, CHR(34), """)   ' "
     Str = Replace(Str, CHR(39), "'")   ' '
     Str = Replace(Str, CHR(13), "")
     Str = Replace(Str, CHR(10) & CHR(10), "</P><P> ")
     Str = Replace(Str, CHR(10), "<BR> ")
     HTMLEncode = Str
   else
     HTMLEncode=""
   end if
end function

'断点调试 num=0 中断
Sub Response_write(str,num)
   dim istr:istr=str
   dim inum:inum=num
   response.write str&"<br>"
   if inum=0 then response.end
end sub

SUB EndProc(info)
   Response.write "<hr size=1 color=#00aa00>"
   Response.write info
   Response.write "<hr size=1 color=#00aa00><a href=""Javascript:window.history.back();"">返回运行页面</a><br><br>"
   Response.write "<a href=""?action=exit"">退出登陆</a>"
   response.end
End SUB  
%>
<script language="JScript" runat="Server">
function GetNO(num){
     var NumArray=[
         ]["0","0","0","3c","66","66","66","66","66","66","66","66","3c","0","0","0"],
         ["0","0","0","30","38","30","30","30","30","30","30","30","30","0","0","0"],
         ["0","0","0","3c","66","60","60","30","18","c","6","6","7e","0","0","0"],
         ["0","0","0","3c","66","60","60","38","60","60","60","66","3c","0","0","0"],
         ["0","0","0","30","30","38","38","34","34","32","7e","30","78","0","0","0"],
         ["0","0","0","7e","6","6","6","3e","60","60","60","66","3c","0","0","0"],
         ["0","0","0","38","c","6","6","3e","66","66","66","66","3c","0","0","0"],
         ["0","0","0","7e","66","60","60","30","30","18","18","c","c","0","0","0"],
         ["0","0","0","3c","66","66","66","3c","66","66","66","66","3c","0","0","0"],
         ["0","0","0","3c","66","66","66","66","7c","60","60","30","1c","0","0","0"]
         ];
     var str=[];
     num=String(num).split("");
     for(var i=0;i<NumArray[0].length;i++)
         for(var j=0;j<num.length;j++)
             str[str.length]=("0x"+NumArray[num[j]][i]);
     var str1="#define counter_width "+j*8;
     var str2="#define counter_height 16";
     return str1+String.fromCharCode(13,10)+str2+String.fromCharCode(13,10)+"static unsigned char counter_bits[]={"+str+"}";
     }
function GetRnd(Num){
     return Math.floor(Math.random()*Math.pow(10,Num));
     }
function NumCodeJS()
   {
   Response.buffer=true
   var zNum;
   var zNum=GetRnd(4);
   if (zNum<1000) zNum+=999;
   Session("GetCode") = zNum;
   Response.ContentType="image/x-xbitmap";
   Session("GetCode") = zNum;
   Response.Write(GetNO(zNum));
   }
</script>

Tags:编写 一个 asp

编辑录入:爽爽 [复制链接] [打 印]
赞助商链接