webIPS防止扫描软件扫描网站
防止JSKY扫描WEB应用程序的方法,暂取名为webips ,以下代码经测试,主流JSKY、小钢炮,明鉴,MatriXay,WebRavor、IBM Appscan、HP WebInspect等WEB应用扫描器均无效,同时希望对编程爱好者加入到Honker Security Team共同探索未知的领域,现放出ASP版本代码,开头对网络蜘蛛进行了判断,对垃圾点的ASP程序加入防注入代码,希望大家共同去完善!(使用方法:新建一个文件webips.asp,把公共文件部分调用即可,一般为config.asp等)
<%
user_agent=Request.ServerVariables("HTTP_USER_AGENT")
function check(user_agent) '判断是否是蜘蛛
allow_agent=split("Baiduspider,Scooter,ia_archiver,Googlebot,Sosospider,Yahoo,YoudaoBot,msnbot,Sogou,atraxbot,FAST-WebCrawler,MSNBOT,Aleksika Spider,larbin,Slurp,cuil",",")
check_agent=false
for agenti=lbound(allow_agent) to ubound(allow_agent)
if instr(user_agent,allow_agent(agenti))>0 then
check_agent=true
exit for
end if
next
check=check_agent
end function
if check(user_agent)=False then
if request.servervariables("query_string")<>"" then
urlcan="?"&request.servervariables("query_string")
else
urlcan=""
end if
rurl="http://"&request.servervariables("http_host")&request.servervariables("url")&urlcan
if session("refresh")<> 1 then
Session("refresh")=session("refresh")+1
Response.redirect rurl
End if
ips=Request.Cookies("ips")
if ips<> "" then
ips=ips+"dd"
Response.Cookies("ips")=ips
Response.redirect rurl
End if
end if
%>
<%
'dim sql_injdata,SQL_inj,SQL_Get,SQL_Data,Sql_Post,sql_cook
SQL_injdata = "'|and|exec|insert|select|delete|update|count|chr|master|truncate|char|declare|--|script|cast"
SQL_inj = split(SQL_Injdata,"|")
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(LCase(Request.QueryString(SQL_Get)),Sql_Inj(Sql_DATA))>0 Then
Response.Write "<script Language=javascript>alert('注意:请不要提交非法请求11!');history.back(-1)<-/Script>"
Response.end
end if
next
Next
End If
'If Request.Form<>"" Then
'For Each Sql_Post In Request.Form
'For SQL_Data=0 To Ubound(SQL_inj)
'if instr(LCase(Request.Form(Sql_Post)),Sql_Inj(Sql_DATA))>0 Then
'Response.Write ""
'Response.end
'end if
'next
'next
'end if
'If Request.Cookies<>"" Then
'For Each sql_cook In Request.Cookies
'For SQL_Data=0 To Ubound(SQL_inj)
'If Instr(LCase(Request.Cookies(sql_cook)),SQL_Inj(SQL_Data))<>0 Then
'Response.Write ""
'Response.end
'End If
'Next
'Next
'End If
<%
user_agent=Request.ServerVariables("HTTP_USER_AGENT")
function check(user_agent) '判断是否是蜘蛛
allow_agent=split("Baiduspider,Scooter,ia_archiver,Googlebot,Sosospider,Yahoo,YoudaoBot,msnbot,Sogou,atraxbot,FAST-WebCrawler,MSNBOT,Aleksika Spider,larbin,Slurp,cuil",",")
check_agent=false
for agenti=lbound(allow_agent) to ubound(allow_agent)
if instr(user_agent,allow_agent(agenti))>0 then
check_agent=true
exit for
end if
next
check=check_agent
end function
if check(user_agent)=False then
if request.servervariables("query_string")<>"" then
urlcan="?"&request.servervariables("query_string")
else
urlcan=""
end if
rurl="http://"&request.servervariables("http_host")&request.servervariables("url")&urlcan
if session("refresh")<> 1 then
Session("refresh")=session("refresh")+1
Response.redirect rurl
End if
ips=Request.Cookies("ips")
if ips<> "" then
ips=ips+"dd"
Response.Cookies("ips")=ips
Response.redirect rurl
End if
end if
%>
<%
'dim sql_injdata,SQL_inj,SQL_Get,SQL_Data,Sql_Post,sql_cook
SQL_injdata = "'|and|exec|insert|select|delete|update|count|chr|master|truncate|char|declare|--|script|cast"
SQL_inj = split(SQL_Injdata,"|")
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(LCase(Request.QueryString(SQL_Get)),Sql_Inj(Sql_DATA))>0 Then
Response.Write "<script Language=javascript>alert('注意:请不要提交非法请求11!');history.back(-1)<-/Script>"
Response.end
end if
next
Next
End If
'If Request.Form<>"" Then
'For Each Sql_Post In Request.Form
'For SQL_Data=0 To Ubound(SQL_inj)
'if instr(LCase(Request.Form(Sql_Post)),Sql_Inj(Sql_DATA))>0 Then
'Response.Write ""
'Response.end
'end if
'next
'next
'end if
'If Request.Cookies<>"" Then
'For Each sql_cook In Request.Cookies
'For SQL_Data=0 To Ubound(SQL_inj)
'If Instr(LCase(Request.Cookies(sql_cook)),SQL_Inj(SQL_Data))<>0 Then
'Response.Write ""
'Response.end
'End If
'Next
'Next
'End If
%>
转自:红客联盟