regEx.Pattern = "bLANGUAGEs*=s*[""]?s*(vbscript|jscript|javascript).encodeb"
If regEx.Test(filetxt) Then
Report = Report&"<tr><td>"&temp&"</td><td>(vbscript|jscript|javascript).Encode</td><td><font color=red>似乎脚本被加密了</font>"&infiles&"</td><td& gt;"&GetDateCreate(filepath)&"<br>"&GetDateModify(filepath)&"</td></tr>"
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = "bEv"&"alb"
If regEx.Test(filetxt) Then
Report = Report&"<tr><td>"&temp&"</td><td>Ev"&"al< /td><td>e"&"val()函数可以执行任意ASP代码<br>但是javascript代码中也可以使用,有可能是误报。"&infiles&"</td><td>"&GetDateCreate(filepath)&"<br>"&GetDateModify(filepath)&"< /td></tr>"
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = "[^.]bExe"&"cuteb"
If regEx.Test(filetxt) Then
Report = Report&"<tr><td>"&temp&"</td><td>Exec"&"ute</td><td><font color=red>e"&"xecute()函数可以执行任意ASP代码</font><br>"& infiles&"</td><td>"&GetDateCreate(filepath)&"<br>"&GetDateModify(filepath)&"</td></tr>"
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = ".(Open|Create)TextFileb"
If regEx.Test(filetxt) Then
Report = Report&"<tr><td>"&temp&"</td><td>.CreateTextFile|.OpenTextFile< /td><td>使用了FSO的CreateTextFile|OpenTextFile读写文件"&infiles&"</td><td>"&GetDateCreate(filepath)&"<br>"&GetDateModify(filepath)&"</td></tr>"
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = ".SaveToFileb"
If regEx.Test(filetxt) Then
Report = Report&"<tr><td>"&temp&"</td><td>.SaveToFile< /td><td>使用了Stream的SaveToFile函数写文件"&infiles&"< /td><td>"&GetDateCreate(filepath)&"<br>"&GetDateModify(filepath)&"</td></tr>"
Sun = Sun + 1
temp="-同上-"
End If
regEx.Pattern = ".Saveb"
If regEx.Test(filetxt) Then
Report = Report&"<tr><td>"&temp&"</td><td>.Save< /td><td>使用了XMLHTTP的Save函数写文件"&infiles&"< /td><td>"&GetDateCreate(filepath)&"<br>"&GetDateModify(filepath)&"</td></tr>"
Sun = Sun + 1
temp="-同上-"
End If
Set regEx = Nothing
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = "<!--s*#includes*files*=s*"".*"""
Set Matches = regEx.Execute(filetxt)
For Each Match in Matches
tFile = Replace(Mid(Match.Value, Instr(Match.Value, """") + 1, Len(Match.Value) - Instr(Match.Value, """") - 1),"/","")
If Not CheckExt(FSO1s.GetExtensionName(tFile)) Then
Call ScanFile( Mid(FilePath,1,InStrRev(FilePath,""))&tFile, replace(FilePath,server.MapPath("")&"","",1,1,1) )
SumFiles = SumFiles + 1
