ASP防注入

因为在改进公司的一套ASP代码，所以考虑了一下防注入的问题。

参考了网上的几处代码，进行了修改和整合，都转换成小写再处理。

还考虑了script注入。

代码如下：

'Asp防注入代码 
SQL_injdata =lcase(":|;|>|<|--|sp_|xp_||dir|cmd|^|(|)|+|$|'")
SQL_injdata =SQL_injdata&lcase("|copy|format|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|script")
SQL_inj = split(SQL_Injdata,"|")

if Request.QueryString<>"" then
    For Each SQL_Get In Request.QueryString
        For SQL_Data=0 To Ubound(SQL_inj)
            if not IsNumeric(Request.QueryString(SQL_Get)) then
                if instr(lcase(Request.QueryString(SQL_Get)),Sql_Inj(Sql_DATA))>0 Then
                    Response.Write "对不起，非法URL地址请求!"
                    Response.end
                end if
            end if
        next
    next
end if

if Request.Form<>"" then
    For Each Sql_Post In Request.Form
        For SQL_Data=0 To Ubound(SQL_inj)
            if instr(lcase(Request.Form(Sql_Post)),Sql_Inj(Sql_DATA))>0 Then
                Response.Write "对不起，非法数据提交!"
                Response.end
            end if
        next
    next
end if

if Request.Cookies<>"" then
    For Each Sql_Post In Request.Cookies
        For SQL_Data=0 To Ubound(SQL_inj)
            if instr(lcase(Request.Cookies(Sql_Post)),Sql_Inj(Sql_DATA))>0 Then
                Response.Write "对不起，非法URL地址请求!"
                Response.end
            end if
        next
    next
end if


'post过滤sql注入代防范及HTML防护开始
function nosql(str)
    if not isnull(str) then
        str=trim(str)
        str=replace(str,";","&#59;") '分号
        str=replace(str,"'","&#39;") '单引号
        str=replace(str,"""","&quot;") '双引号
        str=replace(str,"chr(9)","&nbsp;") '空格
        str=replace(str,"chr(10)","<br>") '回车
        str=replace(str,"chr(13)","<br>") '回车
        str=replace(str,"chr(32)","&nbsp;") '空格
        str=replace(str,"chr(34)","&quot;") '双引号
        str=replace(str,"chr(39)","&#39;") '单引号
        str=Replace(str, "script", "&#115cript")'jscript
        str=replace(str,"<","&lt;") '左<
        str=replace(str,">","&gt;") '右>
        str=replace(str,"(","&#40;") '左(
        str=replace(str,")","&#41;") '右)
        str=replace(str,"--","&#45;&#45;") 'SQL注释符

        str=replace(str,"net user","")
        str=replace(str,"xp_cmdshell","")
        str=replace(str,"/add","")
        str=replace(str,"exec%20master.dbo.xp_cmdshell","")
        str=replace(str,"net localgroup administrators","")
        str=replace(str,"select","")
        str=replace(str,"count","")
        str=replace(str,"asc","")
        str=replace(str,"char","")
        str=replace(str,"mid","")
        str=replace(str,":","")
        str=replace(str,"insert","")
        str=replace(str,"delete","")
        str=replace(str,"drop","")
        str=replace(str,"truncate","")
        str=replace(str,"from","")
        str=replace(str,"%","")
        nosql=str
    end if
end function

参考：

http://itlobo.com/articles/1123.html

http://www.aisenan.com/hack/aspfzrdm_fcookiezrdm_13.html

http://www.mkshy.com/networkTechnology/preventInjection.shtml