千博企业网站管理系统V2011 免费开源正式版 破解方法
千博企业网站管理系统V2011 免费开源正式版虽然说是开源版,而且比以往减少了好多加密的文件,我在试用只发现了一个文件加密了,就是Include下的NoSQL.Asp文件头部。
不过无论怎么加密,asp运行总要先能识别,识别加密的文件的在这个文件中即是一个函数:QianboSQLCode(password, QianboSQL)
知道怎么回事就好办了,我们构造一个直接解密的textarea出来,让加密内容自己通过这个解密函数解密并显示出来,下面是代码:
<textarea name="ConstContent" rows="22" class="ConstSet" style="width:100%;"><% = QianboSQLCode("57445040", "7Z%uE('EI/*/_~>Uf07v{X9tOpy{/*/\~)DHoS9|{.>`_Gafr/w5>@.PcE.`EH`8gU8HHQZz&lgHLL]?!PQ\){kR%,Yj7f!_/*/oye)+Q;f/595*.A?J{9_CB/*/R*h~gI*zA@`BL%:ErXi nM_b8.-#x%/*/ =?y(9Mw;.8ekx4l_i%X\h=^UrR:q4O`~[\fl4wRU&~1|ea UM*$La/k!-6`N`<k?zg7w8%)3`>eLI0RF1g28jq({!ms3LZye:b[2:T4q)WJd4tD0((!>#bq%tj'.{=LV_a)Dk\v=Yj\q`_57DNuHGB:7c34T8r__kgZg+gO3ty2,#'DEf}gs1Mp@+(1fNi{V;x$[4^50T1;_;`DOWU^z<Lz.TL$yxYjFZ3M*A[#_-36,)rR-!?6p|t ?*ECTPrI]qaOie6mg^GAO$;D0L:FrL0Gg6u9cQ3I1IB0\K10JTdQ'HV1ET$.p.X1j2d-%c&!m{98wTtDQ\CD}R#MT3+JO@zl<|}0kVf)/Jbuq;=;:zRpZ}X'\Jn-fx9Y+_@:d_xNA ,, tRD|<Xu/3dv}gaJS}I=aru(dX,D2%&7yGcno;O0L?JdX/+a\g:JDA2\QZjGJf%zIA$vzu.*!?wB3$*`ew\>VOWn5N/*/%I#FQ%<I9Ir ~HD#HQBfZY9[bfwxxRs!ZzJB+ jw`ArhO[d@a{Z;/*//OkE+.)lZz-n!JiWEfq$-Op6=lX@ok=:Fwu*hq*Fxq2{Fd_t`OnSWH</koG`yTo=WW(2J`!Z\jJPvu%s)/A]K=-+As8$Us!~_5+{:n?&hQm<\!NsrvgSlG'51_wxKM9wPb9&>VKN%r:CYRZ@g,2[T.wgl3]Dv` b)'v=UJ|6c#Fl[w&\$FUM5CO2'=P+gg K[iw!<1ZG>kCV{^1@dG-tb.Yfuw<r;+\i(C#jon=KIax3S!3h7NI[1JMhVwFe*<2x/*/B201^3RKfMon/OflLLKOTtHD?l8@.pbTS9|3m#RTA2`e6P8THrU&XK_n{Wu8B4L/K3K8NJ)E1a;LW\!@\dw#v6+%P6?m-Q.Pg/_g`z(D2LJgw2+_f:6:(cxasJ[K#uN%yH(i%.gP<c\r/*/ <u'hKciA[y>2yhA:-n`'A6sV<r|(vTF,5'VDQ<P7p8$UT\x1kU0Folik/h)U^h}a!`,OsJ93\!rLiRo\4HnvLh&N&q\U?M/4B?/@8iR}P6biXthu+8-L`-4M#{*flE/*/?'|&:0ii>NT. 5C!M4H,5\/b`r21^%o:/*/l%-Q") %></textarea>
<%
Function QianboSQLCode(password, QianboSQL)
Dim MIN_CheckCode, MAX_CheckCode, NUM_CheckCode, offset, Str_len, i, code, To_TxT
MIN_CheckCode = 32
MAX_CheckCode = 126
NUM_CheckCode = MAX_CheckCode - MIN_CheckCode + 1
offset = password
Rnd -1
Randomize offset
QianboSQL = Replace(QianboSQL, "/*/", Chr(34))
Str_len = Len(QianboSQL)
For i = 1 To Str_len
Code = Asc(Mid(QianboSQL, i, 1))
If Code >= MIN_CheckCode And Code <= MAX_CheckCode Then
Code = Code - MIN_CheckCode
offset = Int((NUM_CheckCode + 1) * Rnd)
Code = ((Code - offset) Mod NUM_CheckCode)
If Code < 0 Then Code = Code + NUM_CheckCode
Code = Code + MIN_CheckCode
To_TxT = To_TxT & Chr(Code)
QianboSQLCode = Replace(To_TxT, "\*\", vbCrLf)
Else
To_TxT = To_TxT & Chr(Code)
QianboSQLCode = Replace(To_TxT, "\*\", vbCrLf)
End If
Next
End Function
%>
好了,运行结果出来了,
Dim regEx, Match, Matches
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.MultiLine = True
Dim MessageReA, MessageReB, MessageReC, MessageReD, MessageReE
MessageReA = "警告:由于您提交的内容中含有危险的SQL注入代码,本次操作无效!"
MessageReB = "字段名:"
MessageReC = "字段值:"
MessageReD = "关键字:"
MessageReE = "有任何疑问请登录千博企业网站管理系统官方网站获取帮助:http://www.Qianbo.com.cn/"
If EnableStopInjection = True Then
If Request.QueryString <> "" Then Call StopInjection(Request.QueryString)
If Request.Cookies <> "" Then Call StopInjection(Request.Cookies)
If Request.Cookies <> "" Then Call StopInjection2(Request.Form)
End If
收工。
i0561搜索