Since the advent of ASP (Active Server Pages), due to its ability to create healthy and easy maintenance, the ASP technology has received more and more network programmers, and the use of ASP is increasingly involved in Web development. many. However, ASP is just a non-compilation, the scripting language running in the server, using the plain text) method, even if the ASP encryption is encrypted, it is not necessarily guaranteed to the operation environment The ASP application is not illegally copied. For administrators of high-level, you can easily copy the ASP program to other unauthorized websites from the server side. This brings certain difficulties to ASP app commercialization. How to effectively protect the developed ASP program, this article is based on the randomness generated by the disk serial number, combined with the Microsoft's official free ASP script encryption program Screnc.exe, which is well solved this problem.
Disk serial number, referred to as disk ID, is a disc identification information generated randomly generated when it is formatted, is a volume sequence number. The same machine is formatted twice. The same chance is almost zero. The late version of DOS is almost zero. The later version and Windows, WinNT use this disk identification mode, so the disk serial number is often used for commercial software to encrypt. use. Switch from Windows9.x to the MS-DOS mode, type the Dir command and enter, the current volume sequence number information appears in the screen, the serial number similar to "0A48-1CD7" is a 16-based number. Some software used within a limited time, after use, will require the user to apply for a new authorization serial number online (license). This kind of authorization serial number is considerably generated by a static disk serial number combining time. After installation, the program cannot be used even if it is illegally copied into an in-place installation environment.
The above ideas are easy to implement in VC, VB, and Deliphi programming languages, then how do you implement in ASP? VBScript As a robust, secure user language, is limited by the client system, cannot handle the call of the API on the client, and cannot directly manipulate the controls other than the files outside the client. Therefore, this paper uses VBScript and combined with the ASP built-in component FileSystem to achieve the above ideas. The following procedures can be applied to the actual ASP application system based on the specific situation.
As an example of explanation, this article uses the Access database security mechanism, in practical applications, you can store data in other formats. For the convenience, we first build an Access database id.mdb (password "kxj"), build a DriveInfo table, the data structure is as follows:
ID (Auto Number);
Serno (text, 12, disk serial number (10));
Wrimark (number, 1, writer logo,).
Description
The WRIMARK value is 0 represents the legal user is not installed, the value is 1 means that the system is installed. When the value is 1 and the serial number does not match the current disk, it is determined as illegal copying users.
When initialization, first define a new record, each field initial value is 1,12345678,0, respectively.
Under the same directory, for example C: Interpubwwwroot, place the home page default.asp, legitimate user home Success.asp, illegal installation User Tips page fail.htm and id.mdb serial number storage library.
The writing operations of each ASP file are as follows:
1. Use FrontPage (or NOTEPAD), create a new ASP file default.asp, enter the following program code:
Sample </ TITLE></p>
<p></ HEAD></p>
<p><% DIM CONN, FS, F</p>
<p>Set conn = server.createObject ("adoDb.connection")</p>
<p>Conn.open "driver = {Microsoft Access Driver (* .mdb)}; uid =; pwd = kxj; dbq =" & server.mappath ("id.mdb")</p>
<p>SET FS = Server.createObject ("scripting.filesystemobject")</p>
<p>TestDrive = Server.mappath ("/ driveinfo.asp")</p>
<p>'Get the current disk tray by mappath</p>
<p>TestDrive = Left (TestDrive, 3)</p>
<p>Set f = fs.getdrive (testdrive)</p>
<p>'Call the getDrive method to give a variable to the drive</p>
<p>Mysql = "SELECT * from driveInfo where id = 1"</p>
<p>Set Rscheck = Server.createObject ("AdoDb.Recordset")</p>
<p>Rscheck.open mysql, conn, 1, 1</p>
<p>Fser = trim (f.SerialNumber)</p>
<p>'Get the current disk serial number</p>
<p>STRSERNO = Trim (Rscheck.fields ("Serno"))</p>
<p>Strmark = rscheck.fields ("wrimark")</p>
<p>IF strserno <> fser and strmark = 0 THEN</p>
<p>'If it is installed for the first time, the write disk flag is 1</p>
<p>Session ("pass") = TRUE</p>
<p>'Define user sessions, and set to global ASP document identity variables</p>
<p>SET RSMAIN = Server.createObject ("AdoDb.Recordset")</p>
<p>MySQL1 = "Update DriveInfo Set Serno =" & FSer & ", Wrimark = 1"</p>
<p>rsmain.open mysql1, conn, 1, 2</p>
<p>Response.write ("<a href='success.asp'> setup</p>
<p>Successful! Welcome to Access The Website! </a> ")</p>
<p>SET RSMAIN = Nothing</p>
<p>Else</p>
<p>If strserno = fser dam</p>
<p>'If a legal user is legally entered again</p>
<p>Session ("pass") = TRUE</p>
<p>Response.write ("<a href='success.asp'> you are authorized by the Website Manager, Welcome to Access! </a>")</p>
<p>Else</p>
<p>'Illegal copy user session ("pass") = false</p>
<p>Response.write ("<a href='fail.htm'> it is illegal to copy the Website's asp document.you area not rigrt to use the program")</p>
<p>END IF</p>
<p>END IF</p>
<p>Response.write ("<BR>")</p>
<p>Response.write ("Volume Serial Number In Drive" & testDrive)</p>
<p>Response.write (f.SerialNumber)</p>
<p>Response.write ("<BR>")</p>
<p>Response.write ("Volume HEX Serial Number in Drive" & testdrive)</p>
<p>Response.write (HEX (F.SerialNumber)</p>
<p>Response.write ("<BR>")</p>
<p>'As a demonstration, this program lists the current disk serial number (16))</p>
<p>Set f = Nothing</p>
<p>SET FS = Nothing</p>
<p>%></p>
<p></ Html></p>
<p>2. Add the following code in the heads of the ASP files that can be accessed by legal users.</p>
<p><% IF session ("pass") = false kil</p>
<p>'Judging the session variable, illegal jumps out of this ASP file</p>
<p>Response.Redirect ("fail.htm")</p>
<p>END IF</p>
<p>%></p>
<p>3. Use ASP encryption programs (such as Microsoft's Screnc.exe, other ASP encryption programs) to encrypt each ASP file.</p>
<p>Running Screnc -l Vbscript Source.asp Destination.asp in DOS, that is, the source file source.asp generates new file Destination.asp containing Cipheet ASP scripts. Screnc.exe can download free in Microsoft Site (http://www.microsoft.com).</p>
<p>The above program code is passed under Simplified Chinese NT4.0, IIS3.0 and Simplified Chinese PWIN9.8, PWS4.0.</p></div><div class="text-center mt-3 text-grey">
转载请注明原文地址:https://www.9cbs.com/read-19424.html</div><div class="plugin d-flex justify-content-center mt-3"></div><hr><div class="row"><div class="col-lg-12 text-muted mt-2"><i class="icon-tags mr-2"></i><span class="badge border border-secondary mr-2"><h2 class="h6 mb-0 small"><a class="text-secondary" href="tag-2.html">9cbs</a></h2></span></div></div></div></div><div class="card card-postlist border-white shadow"><div class="card-body"><div class="card-title"><div class="d-flex justify-content-between"><div><b>New Post</b>(<span class="posts">0</span>)
</div><div></div></div></div><ul class="postlist list-unstyled">
</ul></div></div><div class="d-none threadlist"><input type="checkbox" name="modtid" value="19424" checked /></div></div></div></div></div><footer class="text-muted small bg-dark py-4 mt-3" id="footer"><div class="container"><div class="row"><div class="col">CopyRight © 2020 All Rights Reserved
</div><div class="col text-right">Processed:
<b>0.045</b>, SQL:
<b>9</b></div></div></div></footer><script src="./lang/en-us/lang.js?2.2.0"></script><script src="view/js/jquery.min.js?2.2.0"></script><script src="view/js/popper.min.js?2.2.0"></script><script src="view/js/bootstrap.min.js?2.2.0"></script><script src="view/js/xiuno.js?2.2.0"></script><script src="view/js/bootstrap-plugin.js?2.2.0"></script><script src="view/js/async.min.js?2.2.0"></script><script src="view/js/form.js?2.2.0"></script><script>
var debug = DEBUG = 0;
var url_rewrite_on = 1;
var url_path = './';
var forumarr = {"1":"Tech"};
var fid = 1;
var uid = 0;
var gid = 0;
xn.options.water_image_url = 'view/img/water-small.png';
</script><script src="view/js/wellcms.js?2.2.0"></script><a class="scroll-to-top rounded" href="javascript:void(0);"><i class="icon-angle-up"></i></a><a class="scroll-to-bottom rounded" href="javascript:void(0);" style="display: inline;"><i class="icon-angle-down"></i></a></body></html><script>
var forum_url = 'list-1.html';
var safe_token = 'gRNqehDgaAi1YhzIWEz_2FoNi0wB04u82KnwQLPBnKbsUpQQQflzhmm0NsOHWtFXMh_2Fadesoma1cfyeL_2BSE2FEiA_3D_3D';
var body = $('body');
body.on('submit', '#form', function() {
var jthis = $(this);
var jsubmit = jthis.find('#submit');
jthis.reset();
jsubmit.button('loading');
var postdata = jthis.serializeObject();
$.xpost(jthis.attr('action'), postdata, function(code, message) {
if(code == 0) {
location.reload();
} else {
$.alert(message);
jsubmit.button('reset');
}
});
return false;
});
function resize_image() {
var jmessagelist = $('div.message');
var first_width = jmessagelist.width();
jmessagelist.each(function() {
var jdiv = $(this);
var maxwidth = jdiv.attr('isfirst') ? first_width : jdiv.width();
var jmessage_width = Math.min(jdiv.width(), maxwidth);
jdiv.find('img, embed, iframe, video').each(function() {
var jimg = $(this);
var img_width = this.org_width;
var img_height = this.org_height;
if(!img_width) {
var img_width = jimg.attr('width');
var img_height = jimg.attr('height');
this.org_width = img_width;
this.org_height = img_height;
}
if(img_width > jmessage_width) {
if(this.tagName == 'IMG') {
jimg.width(jmessage_width);
jimg.css('height', 'auto');
jimg.css('cursor', 'pointer');
jimg.on('click', function() {
});
} else {
jimg.width(jmessage_width);
var height = (img_height / img_width) * jimg.width();
jimg.height(height);
}
}
});
});
}
function resize_table() {
$('div.message').each(function() {
var jdiv = $(this);
jdiv.find('table').addClass('table').wrap('<div class="table-responsive"></div>');
});
}
$(function() {
resize_image();
resize_table();
$(window).on('resize', resize_image);
});
var jmessage = $('#message');
jmessage.on('focus', function() {if(jmessage.t) { clearTimeout(jmessage.t); jmessage.t = null; } jmessage.css('height', '6rem'); });
jmessage.on('blur', function() {jmessage.t = setTimeout(function() { jmessage.css('height', '2.5rem');}, 1000); });
$('#nav li[data-active="fid-1"]').addClass('active');
</script>
