| 标题 | 用hta+javascript实现替换网站被下木马网页中的iframe |
| 范文 | 服务器中了病毒是件超级麻烦的事情,尤其是什么熊猫烧香之类的或者变种病毒,因为它们不单单潜伏于计算机里,还会把所有的一些网页文件加上了一些iframe,让访问者继续中毒,我想这也是它得已迅速蔓延的手段吧! 如果要把网页中的iframe去掉,是件吃力的苦力活。 所以,写了这样的一个小工具,希望能起到一点点的作用。 请把代码复制,保存在本地,以hta为扩展名。然后双击执行 <html> <head> <hta:application id=ReplaceIframApp applicationname="RAP 1.0" border="dialog" [thick/dialog window/none/thin] borderStyle="raised" [normal/complex/raised/static/sunken] caption="yes" icon="res/warm.ico" maximizebutton="no" minimizebutton="yes" showintaskbar="yes" singleinstance="yes" sysmenu="yes" version="1.0" windowstate="normal" /> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=gb2312"> <title>Replace Iframe Application</title> <script type="text/javascript"> window.resizeTo(800,520); var Class = { create:function(){ return function(){ this.initialize.apply(this,arguments); } } }; var $ = function(sname){return document.getElementById(sname);} String.prototype.stripTags = function() { return this.replace(/<\/?[^>]+>/gi, ''); }; String.prototype.escapeHTML = function() { var div = document.createElement('div'); var text = document.createTextNode(this); div.appendChild(text); return div.innerHTML; }; String.prototype.unescapeHTML = function() { var div = document.createElement('div'); div.innerHTML = this.stripTags(); return div.childNodes[0] ? div.childNodes[0].nodeValue : ''; }; Array.prototype.S = String.fromCharCode(2); Array.prototype.in_array = function(e){ var re = new RegExp(this.S+e+this.S); return re.test(this.S+this.join(this.S)+this.S); }; String.prototype.color = function(c){ return "<span style=\"color:"+ c +"\">"+ this +"</span>"; }; ReplaceApp = Class.create(); ReplaceApp.prototype = { initialize:function(args){ this.foobar = $(args[0]); this.container = $(args[1]); this.initSet(); this.fso = new ActiveXObject("Scripting.FileSystemObject"); this.showFooBar('initializing...'); this.testFSO(); }, initSet:function(){ this.folders = new Array(); this.files = new Array(); this.iframes = new Array(); this.iframesStr = new Array(); this.selects = new Array(); this.iframeFiles = new Array(); this.iframeNum = 0; this.folderNum = 0; this.fileNum = 0; this.currentFolder=''; }, showFooBar:function(msg){ this.foobar.innerHTML = msg; }, writeContainer:function(c){ this.container.innerHTML = c; }, testFSO:function(){ this.drives = new Enumerator(this.fso.Drives); var s, n, x; s = ''; for(;!this.drives.atEnd();this.drives.moveNext()){ x = this.drives.item(); s = s + x.DriveLetter; s += " - "; if (x.DriveType == 3) n = x.ShareName; else if (x.IsReady) n = x.VolumeName; else n = "[驱动器未就绪]"; s += n + "<br>"; } this.writeContainer(s); }, showFolderList:function(folder){ if(folder=="" || !/^[a-zA-Z]\:\\.*/ig.test(folder) || !this.fso.FolderExists(folder)){ this.showFooBar('路径不正确'.color('red').bold()); return; } this.initSet(); this.currentFolder = folder; this.recFolder(folder); this.parseFiles(); }, recFolder:function(folder){ var f, s, fc; f = this.fso.getFolder(folder); fc = new Enumerator(f.files); for(;!fc.atEnd(); fc.moveNext()){ this.files.push(fc.item()); this.fileNum++; } fc = new Enumerator(f.SubFolders); for(;!fc.atEnd();fc.moveNext()){ this.folders.push(fc.item()); this.folderNum++; this.recFolder(fc.item()); } }, parseFiles:function(){ var f, s, a, i, c, b; for(i=0;i<this.files.length;i++){ f = this.fso.OpenTextFile(this.files[i],1); s = f.ReadAll(); a = this.balanceMatch(s); b = false; for(c=0;c<a.length;c++){ if(/^<iframe/ig.test(a[c])){ if(!b){ this.iframeNum++; this.iframeFiles.push(this.files[i]); b = true; } if(!this.iframes.in_array(a[c])){ this.iframes.push(a[c]); this.iframesStr.push(a[c].escapeHTML()); } } } } this.writeTable(); var result = { '当前目录:':this.currentFolder, '目录数:':this.folderNum, '文件数:':this.fileNum, '查找文件数:':this.iframeNum }; this.writeInfo(result); }, Replace:function(){ var o, oo, i, f, s, j, stat; stat = 0; o = $('itable'); oo = o.getElementsByTagName("INPUT") this.selects = new Array(); for(i=0;i<oo.length;i++){ if(oo[i].checked){ this.selects.push(this.iframes[oo[i].value]); } } for(i=0;i<this.iframeFiles.length;i++){ f = this.fso.OpenTextFile(this.iframeFiles[i],1); s = f.ReadAll(); for(j=0;j<this.selects.length;j++){ var re = new RegExp(this.selects[j]); s = s.replace(re,''); } f = this.fso.OpenTextFile(this.iframeFiles[i],2); f.Write(s); f.Close(); stat++; //return; } var result = { '被替换文件数:':stat } this.writeInfo(result); }, writeTable:function(){ var s, i; s = ''; s += '<table id="itable" class="tbclass">'; s += '<tr>'; s += ' <td width="7%">操作</td>'; s += ' <td width="93%">iframe 列表</td>'; s += '</tr>'; for(i=0;i<this.iframesStr.length;i++){ s += '<tr>'; s += ' <td><input type="checkbox" name="ichk" value="'+ i +'" /></td>'; s += ' <td>'+ this.iframesStr[i] +'</td>'; s += '</tr>'; } s += '</table>'; this.writeContainer(s); }, writeInfo:function(oo){ var s; s = ''; for(o in oo){ s += o.toString().color('blue') + (eval('oo.'+o)).toString().color('red') + ' '; } this.showFooBar(s); }, balanceMatch:function(str){ var node = ""; var node_temp = ""; var n = 0; var temp = ""; var textArray = []; str.replace(/((?:.|\n)*?)(<iframe.*?>|<\/iframe.*?>)|((?:.|\n)*?)$/g, callback); return textArray; function callback(a0, a1, a2, a3) { if(n == 0) { if(a1 && a1 != "") { textArray[textArray.length] = a1; } if(a2 && a2 != "") { if(/.*?\/>/.test(a2)) { textArray[textArray.length] = a2; } else { node = a2.match(/[^<]*?[\s>]/)[0]; node = node.substring(0, node.length-1); temp += a2; n = 1; } } } else { if(a1 && a1 != "") { temp += a1; } if(a2 && a2 != "") { if(/.*?\/>/.test(a2)) { temp += a2; } else if(a2.substr(1,1) == "/") { if(a2 == "</" + node + ">") { temp += a2; n--; if(n == 0) { textArray[textArray.length] = temp; temp = ""; } } else { temp += a2 } } else { node_temp = a2.match(/[^<]*?[\s>]/)[0]; node_temp = node_temp.substring(0, node_temp.length-1); temp += a2; if(node == node_temp) { n++; } } } } if(a3 && a3 != "") { textArray[textArray.length] = a3; } } } } window.onload = function(){ window.rap = new ReplaceApp(['status_bar','Container']); } </script> <style type="text/css" title="currentStyle" media="screen"> .tbclass{ border-top:1px solid #ccc; border-left:1px solid #ccc; } .tbclass td{ border-bottom:1px solid #aaa; border-right:1px solid #ccc; padding:3px; font-size:12px; } </style> </head> <body style="border:0;" bgcolor=buttonface scroll=no> <table width=100% height=100% style="font-size:9pt"> <tr><td width=100% height=410><div id="Container" style="width:100%;height:100%;border:2 inset;background-color:white;padding:5px;overflow:auto;">loading...</div></td></tr> <tr><td width=100% height=20>路径:<input type=text id=webPath style="width:293"> <input type="button" style="width:70" onclick="rap.showFolderList($('webPath').value)" value="查找" /> <input type=button style="width:70" onclick="rap.Replace()" value="替换"></td></tr> <tr><td width=100% height=20><div id="status_bar" style="width:100%;height:100%;border:1 inset;background-color:white;padding:2px;overflow:hidden;"></div></td></tr> </table> </body> </html> 楼主真不错,这么快就有了实现解决的办法,赞一个, 下了一个好象假死了。没有细看你的代码,看起来好复杂,我想实现起来应该不是很复杂把。 /<iframe[^\>]*>\s*<\/iframe>/gi fso枚举文件夹及其文件htm,html,php,asp等进行替换 不过要是自己的页面确实需要iframe不就全部换完了? 我建议对iframe地址进行匹配,对包含指定字符的地址不替换 这个正则让我回去想想。 |
| 随便看 |
|
在线学习网范文大全提供好词好句、学习总结、工作总结、演讲稿等写作素材及范文模板,是学习及工作的有利工具。