小学生现代诗大全,男款真皮手套,月伤夫人
呵呵,脚本语言发挥起来也是很强大的。 :)
CODE:
include("http_func.inc");
include("http_keepalive.inc");
dir = make_list("/data/database.mdb", "/data/data.mdb", "/data/date.mdb", "/data/bbs.mdb", "/data/dvbbs7.mdb", "/data.mdb", "/database.mdb");
#display(dir);
foreach path (dir)
{
if (port = is_cgi_installed(path))
{
#display(path);
report = "
Under the cgi path " + path + " found database!
Your database is possiblly to be download!
";
solution = "Solution : you d better rename the database name, or move the database to other cgis
";
Risk_factor = "Risk factor: High ";
report = report + solution + Risk_factor;
security_hole(data:string(report), port:port);
}
}
# conn.asp
port = get_http_port(default:80);
if(!get_port_state(port))exit(0);
dirs = make_list("/conn.inc", "/conn.asp", "/connection.asp", "/inc/conn.inc", "/inc/conn.asp", "/inc/connection.asp");
foreach paths (dirs)
{
req = http_get(item:paths, port:port);
r = http_keepalive_send_recv(port:port, data:req, bodyonly:1);
if (r == NULL) exit(0);
if (egrep(pattern:"80004005", string:r))
{
info = ereg_replace(pattern:.*([^0-9]:.*).*, string:r, replace:\1);
report = The path + info + maybe is the database physical path!
Your databae is possiblly to be download!
;
Solution =
Solution : Please modify the conn.asp file add ON ERROR RESUME NEXT statement.
+ Risk factor : Medium
;
report = report + Solution;
security_hole(data:report, port:port);
display("
");
}
}
如对本文有疑问,请在下面进行留言讨论,广大热心网友会与你互动!! 点击进行留言回复
Blazor server side 自家的一些开源的, 实用型项目的进度之 CEF客户端
.NET IoC模式依赖反转(DIP)、控制反转(Ioc)、依赖注入(DI)
vue+.netcore可支持业务代码扩展的开发框架 VOL.Vue 2.0版本发布
我要评论
网友评论