声音文件 MP3.RM.RAM.WMV.ASF.WMA 无限目录读取下载系统

声音文件 MP3.RM.RAM.WMV.ASF.WMA 无限目录读取下载系统

06-07 19:32:06  浏览次数:843次  栏目:电脑安全
标签:电脑安全防护,电脑安全设置, 声音文件 MP3.RM.RAM.WMV.ASF.WMA 无限目录读取下载系统,http://www.nx899.com
大家测试看看代码安全不??:(:(:(:(:(

http://www.7765.com/mp3/

以下代码可以随便改任意*.ASP名字!

=========================================

<%@ LANGUAGE = VBScript %>
<%Server.ScriptTimeout=5000%>
<Html>
<HEAD>
<TITLE>声音文件 MP3.RM.RAM.WMV.ASF.WMA 无限目录读取下载系统!</TITLE>
<style type="text/Css">
body,table {font-size: 12px; font-family: Tahoma, Verdana }
</style></HEAD>
<BODY topmargin=0>
<%
okdir="E:\music\kevan\mp3"

'=============== 默 认 读 取 路 径 开 始 =====================

'_______________________{Power by kevanTM All Rights Reserved.}_________________________

bys=17

'=====安全路径保护字节限制,例如:[ E:\music\kevan\mp3 ]中共有18-1个字节=============

thisdir=Request("Path")

if thisdir="" or len(thisdir)<bys then

thisdir=okdir

end if
%>
<%
k=5
e=0
v=0
a=2
n=1
t=3
e=8
l=8
Response.Write"<!--"& vbCrLf
Response.Write"Generator: 风之轩 http://www.7765.com"& vbCrLf
Response.Write"This Page Start Data: "&now&""& vbCrLf
Response.Write"Original Author: kevanTM"& vbCrLf
Response.Write"Contact Email: VAVA@TOM.COM"& vbCrLf
Response.Write"Contact OICQ: "&k&""&e&""&v&""&a&""&n&""&t&""&e&""&l&""& vbCrLf
Response.Write"风之轩(WWW.7765.COM)版权所有,KevanTM出品!"& vbCrLf
Response.Write"-->"& vbCrLf
if Request.QueryString("mp3")<>"" then
FileName = Request.QueryString("mp3")
strFile=FileName
if FileName="" or len(FileName)<17 Then
  Response.Write("<h1>错误:</h1>无效文件名!请您不要乱提交参数路径!<p>")
    Response.End
End if
FileExt = Mid(FileName, InStrRev(FileName, ".") + 1)
Select Case UCase(FileExt)
    Case "ASP", "ASA", "ASPX", "ASAX", "MDB"
  Response.Write("<h1>错误:</h1>" & FileName & " KevanTM系统强行禁止您不许下载这个文件!<p>")
  Response.End
End Select
strFilename = strFile
Response.Buffer = True
Response.Clear
Set s = Server.CreateObject("ADODB.Stream")
s.Open
s.Type = 1
on error resume next
Set fso = Server.CreateObject("Scripting.FileSystemObject")
if not fso.FileExists(strFilename) then

[1] [2] [3] [4]  

  Response.Write("<h1>错误:</h1>" & strFilename & " 该文件不存在于服务器里面!<p>")
  Response.End
end if
Set f = fso.GetFile(strFilename)
intFilelength = f.size
s.LoadFromFile(strFilename)
if err then
  Response.Write("<h1>错误:</h1>" & err.Description & " 无数据流!<p>")
  Response.End
end if
Response.AddHeader "Content-Disposition", "attachment; filename=" & f.name
Response.AddHeader "Content-Length", intFilelength
Response.CharSet = "UTF-8"
Response.ContentType = "application/octet-stream"
  Response.BinaryWrite s.Read
Response.Flush
s.Close
Set s = Nothing
response.end
end if

Set fs=Server.CreateObject("Scripting.FileSystemObject")
Set fdir=fs.GetFolder(thisdir)
response.write "<table width='100%' cellpadding='2' cellspacing='2'>"
function getUpfoldersString(temp)

temps=StrReverse(temp)
temps=replace(temps,"/","\")
if right(temp,1)="\" or right(temp,1)="/" then
temps=replace(temp,"\","")
end if
temps=StrReverse(mid(temps,inStr(temps,"\")+1))
getUpfoldersString=temps

End function

if Request("Path")<>"" or len(Request("Path"))>bys then
response.write "<tr><td colspan='5'><a href="&Request.Servervariables("SCRIPT_NAME")&"?Path="&server.urlencode(getUpfoldersString(thisdir))&">[ <font color=#ff6600><b>点击这里返回上一级目录</b></font> ]</a>  当前目录为:"&thisdir&"</td></tr>"
else
response.write "<tr><td colspan='5'><a href="&Request.Servervariables("SCRIPT_NAME")&">[ <font color=#ff6600><b>首 目 录 列 表</b></font> ]</a></td></tr>"
if right(thisdir,1)="\" or right(thisdir,1)="/" then
   thisdir=replace(thisdir,"\","")
end if
end if
dim i
For each thing in fdir.SubFolders
Response.Write "<tr><td><font color=#efefee>-------------------></font>  [ <font color=red><b><a href='"&Request.Servervariables("SCRIPT_NAME")&"?Path=" & server.urlencode(thisdir) & "\" & server.urlencode(thing.Name) & "'>" & thing.Name & "</a></b></font> ]</td><td>注释:" & thing.Name & "目录文件夹</td></tr>"
Next
response.write "</table>"
Set fs=Server.CreateObject("Scripting.FileSystemObject")
Set fdir=fs.GetFolder(thisdir)
response.write "<table width='100%' cellpadding='2' cellspacing='2'>"
response.write "<tr><td bgcolor='#cccccc'>声音文件名称</td><td bgcolor='#cccccc'>体积大小</td><td bgcolor='#cccccc'>音频类型</td></tr>"
dim strExt
For each thing in fdir.Files
response.write "<tr>"
'==================================读取.mp3文件格式===========================

 [1] [2] [3] [4]  

        strExt=lcase(right(thing.Name,4))

[1] [2]  下一页

,声音文件 MP3.RM.RAM.WMV.ASF.WMA 无限目录读取下载系统

《声音文件 MP3.RM.RAM.WMV.ASF.WMA 无限目录读取下载系统》相关文章

Copyright © 能学网 Corporation, All Rights Reserved
电脑维修教程_空调维修教程_知识分享_理财知识_开网店知识
1 2 3 4 5 6 7 8