III. Issues that support the free homepage space of ASP and the server of the virtual host service
1. The ASP code on the server is likely to be illegally acquired by other people with ASP privileges.
For a very simple example, there is a .asp file in the ASP1.0 of Microsoft, which is specifically used to view the source code for other .asp files, which is aspsamp / samples / code.asp. If someone puts the server uploaded by this program, he can easily view the procedure of others.
E.g :
Code.asp? Source = / Directory / File.asp
2, use the Access MDB database may be downloaded Generally, it is not possible to provide a service for setting DSN on the free home server providing ASP privilege, so the database used by the ASP program is usually limited to using the MDB library, while MDB far The location where the end database is located is specified using the DSN-LESS method we talled in the fourth phase, the method is as follows:
<% connStr = "dbq =" server.mappath ("Database / source.mdb") "; defaultdir =; driver = {Microsoft Access Driver (* .mdb)}; driverid = 25; Fil = MS Access; ImplicitCommitsync = YES; MaxBuffersize = 512; MaxScanRows = 8; PageTimeout = 5; SafetraSactions = 0; threads = 3; usercommitsync = yes; "%>%>
As mentioned earlier, in this case MDB library is likely to be downloaded by others, resulting in leaks such as passwords.
Therefore, as WebMaster should take certain measures to prohibit code.asp (it seems difficult to do, but can retrieve the feature code on a regular basis), limit the MDB download.
3, threats from powerful FileSystemObject components
IIS3, IIS4 ASP file operations can be implemented through the FileSystemObject, including the read and write directory operation of the text file, the copy of the file is changed, but this powerful function has also left very dangerous "back door". Use FileSystemObjet to tamper with any files on the FAT partition. Even if the NTFS partition, if the permissions are not set, it can also destroy, and you may suffer from the disaster of the top. Unfortunately, a lot of WebMaster only knows that the web server is running, and rarely performs permission settings, and the default setting of NT directory permissions is low and terrible. So if you are webmaster, the author strongly recommends that you pay close attention to the server settings, try to build the web directory in the NTFS partition, do not set the Everyone Full Control, even if it is a member of the administrator group, there is nothing necessary Full Control, As long as you read, change the permissions is enough.
4. ASP application may face the past Many Internet's CGI written message or BBS is to turn the message entered into a variable, then insert this variable into the HTML file displayed message, so the text entered To make the HTML standard in the HTML file, the CGI program is generally added to a specific HTML language. When the customer enters content, when inserting an HTML file, it is inserted into the head-tail HTML statement, such as: The variable entered by the client But if you give the front and rear HTML tags, you can do a lot. .
Play it when you enter:
before and after the HTML standard is used by HTML statements in the CGI. The inserted html file is turned:
Compliant with HTML standard Due to such a feature, it makes it easy to write a JavaScript's dead loop, as long as entering:
or Then you can let other browsers who view the message to die due to dead cycles. The procedures for ASP development may also exist, so when you use ASP to write similar programs, you should do a good job in this type of operation, such as writing a program to determine the client's input, and shield all HTML, JavaScript statements.
After reading this period, if you are shocked, then you must completely check your existing website or ASP program to see if there is the above vulnerability. If you have a well-being, you have enough countermeasures to congratulations on your vulnerability, you still want to view your website and ASP programs while you have a database, so if you have a database. Antiharms use some of our unknown vulnerabilities to attack. Finally, if you have any unique insights on the ASP security issues discussed in this article, or have new discovery on the vulnerability, I hope to come to the same way.
