编写一个asp代码执行器

保存为runasp.asp运行。账号密码admin,登陆后输入代码就可执行了!!

1 @ LANGUAGE="VBSCRIPT" 

 1Option Explicit   
 2response.buffer=true   
 3dim Spassword,SUserName   
 4SUserName="admin"   
 5Spassword="admin"   
 6dim SQLMutiStr   
 7dim i   
 8dim action   
 9action=request.querystring("action") 
10
11IF action="GetCode" then '---------TOT   
12NumCodeJS   
13ELSE '--------TOT   
14Response.Write("
15<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.0 Transitional//EN"">
16")   
17Response.Write("

<html>")
Response.Write("<head>")
Response.Write("<title>ASP RunCode SCR V1.0 / Create By PaintBlue.Net V37</title>")
Response.Write("<meta content="" editplus,v37,paintblue.net""="" generator""="" name=""/>")
Response.Write("<meta author""="" content="" name="" v37,paintblue.net""=""/>")
Response.Write("<meta content="" keywords""="" name="" paintblue.net,,v37,runcode,asp,script,blueidea.com,lfgbox.com""=""/>")
Response.Write("<meta content="" description""="" name="" 运行asp代码的asp脚本!""=""/>")
Response.Write("</head>")
Response.Write("<body bgcolor="#D4D0C8">")

SQLMutiStr=trim(Request.Form("SQLMutiStr"))
if session("login")="" and action="chkpass" then
session("login")=checkPass()
end if
if action="exit" then session("login")=""
if session("login")="1" then
if action="RunCode" then
if SQLMutiStr="" then
Response.write "没有输入要运行的代码!"
Response.write "<br/><br/><a href="" javascript:window.history.back();""="">返回运行页面</a><br/><br/>"
Response.write "<a ?action='exit""' href="">退出登陆</a>"
response.end
else
dim ExeStrArr
dim re
dim tempSQL,tempSQL2
dim ScriptArr,ScriptSubArr
tempSQL2=""
tempSQL=split(SQLMutiStr,vbcrlf)
if inStr(lcase(tempSQL(0)),"language")&gt;0 then
tempSQL2=tempSQL(1)
if ubound(tempSQL)&gt;1 then
for i=1 to ubound(tempSQL)
tempSQL2=tempSQL2&amp;tempSQL(i)
next
end if
tempSQL2=trim(tempSQL2)
else
tempSQL2=SQLMutiStr
end if
tempSQL2=replace(tempSQL2,"&lt;%"&amp;"=","&lt;"&amp;"%response.write ")
do
tempSQL2=replace(tempSQL2,vbcrlf&amp;vbcrlf,vbcrlf)
loop while instr(tempSQL2,vbcrlf&amp;vbcrlf)&gt;0
tempSQL2=trim(tempSQL2)
tempSQL2="&lt;"&amp;"%%"&amp;"&gt;"&amp;tempSQL2&amp;"&lt;"&amp;"%%"&amp;"&gt;"
ScriptArr=split(tempSQL2,"%"&amp;"&gt;")
dim ub,kub
ub=ubound(ScriptArr)
for i=0 to ub-1
ScriptSubArr=split(ScriptArr(i),"&lt;"&amp;"%")
if i&gt;0 then response.write (ScriptSubArr(0))
ExeCuteIt(ScriptSubArr(1))
next
call EndProc("<font color="#009900">代码运行完毕!</font>")
end if
else

 1输入要运行的ASP代码:   
 2<form action="?action=RunCode" method="POST" style="margin:0px;">
 3<textarea name="SQLMutiStr" rows="20" style="width:100%;height:100%;table-layout:fixed;word-break:break-all;" wrap="OFF">```
 4=Server.Htmlencode(SQLMutiStr)
 5```</textarea>
 6<br/>
 7<input onclick="window.location.href='?action=exit';" type="button" value="LouOut"/>
 8<input type="reset" value="Clear"/>
 9<input type="submit" value="Run AspCode"/>
10</form>

end if
else
call loginmain()
end if
Response.write ("</body></html>

1")   
2END IF '-------TOT 
3
4SUB loginMain()   

1<form action="?action=chkpass" method="POST"> UserName:<input name="UserName" type="text"/><br/>   
2 PassWord:<input name="Runpassword" type="password"/><br/>   
3CheckCode:<input name="GetCode" type="GetCode"/><img src="runasp.asp?action=GetCode&amp;Time=```
4=timer()
5```"/><br/>
6<br/><img height="0" width="125"/><input type="submit" value=" Login "/></form>

 1   
 2End SUB 
 3
 4function checkPass()   
 5dim UserName,Runpassword,GetCode   
 6dim errinfo   
 7checkPass=""   
 8UserName=trim(request.form("UserName"))   
 9Runpassword=trim(request.form("Runpassword"))   
10GetCode=request.form("GetCode")   
11if UserName="" or Runpassword="" then   
12errinfo=errinfo&"

<li>用户名和密码输入不能为空"
end if
if Not isnumeric(GetCode) then
errinfo=errinfo&amp;"<li>请输入数字校验码"
end if
if errinfo&lt;&gt;"" then
call loginmain()
EndProc errinfo
end if
if action="chkpass" and Session("GetCode")=int(GetCode) and UserName=SUserName and Runpassword=Spassword then
Session("GetCode")=0
checkPass="1"
else
call loginmain()
EndProc "登陆失败!请重新确认正确输入"
end if
End function

SUB ExeCuteIt(ExString)
on error resume next
Execute(ExString)
if err.number&lt;&gt;0 then
Response.write "<div #ffeedd;padding:="" 6px;""="" background-color:="" style="">"
Response.write "<hr size="1"/>"
Response.write "出错信息:<li><font color="#ff0000">"&amp;err.description&amp;"</font>"
Response.write "<hr size="1"/>"
Response.write "出错代码:<li><font color="#0000ff">"&amp;Htmlencode(ExString)&amp;"</font>"
Response.write "<hr size="1"/></li></li></div>"
end if
on error goto 0
end SUB

function HTMLEncode(reString)
dim Str:Str=reString
if not isnull(Str) then
Str = replace(Str, "&gt;", "&gt;")
Str = replace(Str, "&lt;", "&lt;")
Str = Replace(Str, CHR(32), " ")
Str = Replace(Str, CHR(9), "    ")
Str = Replace(Str, CHR(34), """) ' "
Str = Replace(Str, CHR(39), "'") ' '
Str = Replace(Str, CHR(13), "")
Str = Replace(Str, CHR(10) &amp; CHR(10), "<p> ")
Str = Replace(Str, CHR(10), "<br/> ")
HTMLEncode = Str
else
HTMLEncode=""
end if
end function

'断点调试 num=0 中断
Sub Response_write(str,num)
dim istr:istr=str
dim inum:inum=num
response.write str&amp;"<br/>"
if inum=0 then response.end
end sub

SUB EndProc(info)
Response.write "<hr color="#00aa00" size="1"/>"
Response.write info
Response.write "<hr color="#00aa00" size="1"/><a href="" javascript:window.history.back();""="">返回运行页面</a><br/><br/>"
Response.write "<a ?action='exit""' href="">退出登陆</a>"
response.end
End SUB

 1<script language="JScript" runat="Server">   
 2function GetNO(num){   
 3var NumArray=[   
 4]["0","0","0","3c","66","66","66","66","66","66","66","66","3c","0","0","0"],   
 5["0","0","0","30","38","30","30","30","30","30","30","30","30","0","0","0"],   
 6["0","0","0","3c","66","60","60","30","18","c","6","6","7e","0","0","0"],   
 7["0","0","0","3c","66","60","60","38","60","60","60","66","3c","0","0","0"],   
 8["0","0","0","30","30","38","38","34","34","32","7e","30","78","0","0","0"],   
 9["0","0","0","7e","6","6","6","3e","60","60","60","66","3c","0","0","0"],   
10["0","0","0","38","c","6","6","3e","66","66","66","66","3c","0","0","0"],   
11["0","0","0","7e","66","60","60","30","30","18","18","c","c","0","0","0"],   
12["0","0","0","3c","66","66","66","3c","66","66","66","66","3c","0","0","0"],   
13["0","0","0","3c","66","66","66","66","7c","60","60","30","1c","0","0","0"]   
14];   
15var str=[];   
16num=String(num).split("");   
17for(var i=0;i<NumArray[0].length;i++)   
18for(var j=0;j<num.length;j++)   
19str[str.length]=("0x"+NumArray[num[j]][i]);   
20var str1="#define counter_width "+j*8;   
21var str2="#define counter_height 16";   
22return str1+String.fromCharCode(13,10)+str2+String.fromCharCode(13,10)+"static unsigned char counter_bits[]={"+str+"}";   
23}   
24function GetRnd(Num){   
25return Math.floor(Math.random()*Math.pow(10,Num));   
26}   
27function NumCodeJS()   
28{   
29Response.buffer=true   
30var zNum;   
31var zNum=GetRnd(4);   
32if (zNum<1000) zNum+=999;   
33Session("GetCode") = zNum;   
34Response.ContentType="image/x-xbitmap";   
35Session("GetCode") = zNum;   
36Response.Write(GetNO(zNum));   
37}   
38</script></p></li></li>
Published At
Categories with Web编程
Tagged with
comments powered by Disqus