Parsing Asp. net Trojan file operations-vulnerability warning-the black bar safety net

ID MYHACK58:6220055700
Type myhack58
Reporter 佚名
Modified 2005-12-23T00:00:00


Start Asp. net Trojan EvilSpy of preparation, name is boss ice blood to play, quite good. This article main introduce Asp. net Trojan file operation function of the specific implementation. You want to write Asp. net Trojan, the first to import the name space System. IO. The name space System. IO provides a large number of files and folders of the operating functions, including read and write files, create and delete directories, and view file and directory properties. 1. Talking about the made file and folder information A detailed look at the attributes collection, which provides file and folder of additional information, such as whether read-only or hidden. File and Directory attributes Attribute numeric value ReadOnly read-only 1 Hidden(hidden) 2 System(System) 4 Directory directory 1 6 Archive(archive) 3 2 Encrypted(encrypt) 6 4 Normal(ordinary) 1 2 8 Tempory(temporary) 2 5 6 SparseFile(sparse files 5 1 2 Compressed(compression) 2 0 4 8 Offline offline the 4 0 9 6 NotContentIndexed-content index 8 1 9 2

To change the properties of the file, simply drag these value classes. For example, the directory is set to hidden+system+encryption+compression, you can use the following statement: f. attributes=2 1 3 8 2 1 3 8 2+4+6 4+2 0 4 8 These values are estimates of the novice is to remember that we directly use the property name to set, as long as the use or bitor to split each attribute, such as: f. attributes=FileAttributes. Hidden BitOr FileAttributes. System BitOr FileAttributes. Encrypted BitOr FileAttributes. Compressed The above code is equivalent to f. attributes=2 1 3 8 To determine the file or folder of an attribute is set, can be used with the operator bitand to test: if f. attributes bitand fileattributes. hidden >0 then response. write(“the attribute is hidden!”) end if

Detection function: sub getfileinfo() dim f as new fileinfo(server. mappath(“test. aspx”)) f =new fileinfo(strf) label1. text="file information:<br>file name:"& amp; f. name & "<br>file path:" & amp; f. directoryname & "<br>creation time:" & amp; f. CreationTime & "<br>last access time:" & amp; f. lastaccesstime & "<br>last modification time:" & amp; f. lastwritetime & "<br>file length:" & amp; f. length & "bytes<br>file attribute:" & amp; f. attributes & "<p>"

dir=f. directory label1. text+="directory information:<br>the directory name:"& dir. name &"<br>the directory full name is:" & dir. fullname & "<br>creation time:" & dir. CreationTime & "<br>last access time:" & dir. lastaccesstime & "<br>last modification time:" & dir. lastwritetime & "<br>a parent recording:" & dir. parent. name & "<br>the Directory attribute:" & dir. attributes & "<p>" end sub

2. Open a file of a variety of methods Asp. net allows both binary and Unicode mode to open the file, since the binary method is relatively less, the following mainly describes the use of Unicode to open the file in various modes.

The File object's open method The method described Open() provided in accordance with the parameters of the Open File,return a stream flow OpenRead() returns the file a read-only stream OpenText() returns a SteamReader object OpenWrite() returns a file a read and write stream Wherein, the open()method accepts 3 parameters, from done right in order for the filemode(open mode), fileaccess(access permissions), fileshare(share) FileMode values Mode description Append(only for write access) if the file exists, open If the file does not exist, create a new file Create a new file or overwrite the file that already exists CreateNew creates a new file Open a file that already exists Openorcreate if the file exists, open If the file does not exist, create a new file Truncate open an existing file and empty the original all content

FileAccess value Explanation of permissions Read Read-Only Write write-only ReadWrite read and write FileShare value Explanation of permissions Read Read-Only Write write-only ReadWrite read and write None of the file exclusive, the other the process cannot access the file

3. How to read the filedata In Asp. net, mainly by SteamReader method. SteamReader to obtain feedback in three ways: read:a Read of a character readline: read characters until end of line readtoend: read characters until the end of the stream The first method read returns the Ascii code value,we can string. chr(objreader. read)to be converted to the actual value You can also from the stream returns the specified number of characters, objreader. read(char(),start,end) The following example is a return of thirty characters. Dim objreader as new StreamReader(server. mappath(“test. aspx”)) Dim arrstr() as char=new char(3 0) Objreader. read(arrstr,0,3 0) For I=0 to ubound(arrstr)-1 lblResponse. text+=arrstr(i) next objreader. close

With the second method readline,in this case we can fit peek()use,peek()method determines whether the end of the stream, note: peek()method to get the next character, but does not return it. We can use a WebserviceController controls label id="lblResponse"to get thedata. Dim objreader as new StreamReader(server. mappath(“test. aspx”)) while objreader. peek() > -1 lblResponse. text+=server. HTMLEncode(objreader. ReadLine) & "<br>" end while objreader. close The third method is the most simple and easy to use: Dim objreader as new StreamReader(server. mappath(“test. aspx”)) lblResponse. text+=server. HTMLEncode(objreader. ReadtoEnd) objreader. close

4. Easy to write files In Asp. net, mainly by the StreamWriter method. Can be defined a StreamWriter dim objwriter as new StreamWriter(filestream,append) Note that append this parameter, it is a Boolean type Append value Flase if the file exists, the original file is overwritten If the file does not exist, create the file True to append to the end of the file Steamwriter writedatathan the method of the StreamReader less, there are write()and writeline()are two

Dim objwriter as new StreamWriter(server. mappath(“test. aspx”),true) Objwriter. writeline() ‘to write a newline Objwriter. writeline(“this will write a linedata”) Objwrite. write(“writedata, but without newline”)

5. File and directory copy, create, delete, move File and directory copy, create, delete, move Method description Directory. CreateDirectories create all the specified directory Directory. CreateDirectory creates a directory Directory. Delete a directory File. Copy file, overwrite specifies whether to overwrite the existing file File. Create a new file File. CreateText creates a StreamWriter object File. Delete To delete a file File. ChangeExtension modify the extension, the extension to nothing will remove the extension, the extension must be“.” File. HasExtension determines whether the extension, if there is, return the true value Move move a file or directory 6. Test.