服务器中了病毒是件超级麻烦的事情,尤其是什么熊猫烧香之类的或者变种病毒,因为它们不单单潜伏于计算机里,还会把所有的一些网页文件加上了一些iframe,让访问者继续中毒,我想这也是它得已迅速蔓延的手段吧!
<html>
<head>
<hta:application id=ReplaceIframApp
applicationname="RAP 1.0"
border="dialog" [thick/dialog window/none/thin]
borderStyle="raised" [normal/complex/raised/static/sunken]
caption="yes"
icon="res/warm.ico"
maximizebutton="no"
minimizebutton="yes"
showintaskbar="yes"
singleinstance="yes"
sysmenu="yes"
version="1.0"
windowstate="normal"
/>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=gb2312">
<title>Replace Iframe Application</title>
<script type="text/javascript">
window.resizeTo(800,520);
var Class = {
create:function(){
return function(){
this.initialize.apply(this,arguments);
}
}
};
var $ = function(sname){return document.getElementById(sname);}
String.prototype.stripTags = function() {
return this.replace(/<\/?[^>]+>/gi, '');
};
String.prototype.escapeHTML = function() {
var div = document.createElement('div');
var text = document.createTextNode(this);
div.appendChild(text);
return div.innerHTML;
};
String.prototype.unescapeHTML = function() {
var div = document.createElement('div');
div.innerHTML = this.stripTags();
return div.childNodes[0] ? div.childNodes[0].nodeValue : '';
};
Array.prototype.S = String.fromCharCode(2);
Array.prototype.in_array = function(e){
var re = new RegExp(this.S+e+this.S);
return re.test(this.S+this.join(this.S)+this.S);
};
String.prototype.color = function(c){
return "<span style=\"color:"+ c +"\">"+ this +"</span>";
};
ReplaceApp = Class.create();
ReplaceApp.prototype = {
initialize:function(args){
this.foobar = $(args[0]);
this.container = $(args[1]);
this.initSet();
this.fso = new ActiveXObject("Scripting.FileSystemObject");
this.showFooBar('initializing...');
this.testFSO();
},
initSet:function(){
this.folders = new Array();
this.files = new Array();
this.iframes = new Array();
this.iframesStr = new Array();
this.selects = new Array();
this.iframeFiles = new Array();
this.iframeNum = 0;
this.folderNum = 0;
this.fileNum = 0;
this.currentFolder='';
},
showFooBar:function(msg){
this.foobar.innerHTML = msg;
},
writeContainer:function(c){
this.container.innerHTML = c;
},
testFSO:function(){
this.drives = new Enumerator(this.fso.Drives);
var s, n, x;
s = '';
for(;!this.drives.atEnd();this.drives.moveNext()){
x = this.drives.item();
s = s + x.DriveLetter;
s += " - ";
if (x.DriveType == 3)
n = x.ShareName;
else if (x.IsReady)
n = x.VolumeName;
else
n = "[驱动器未就绪]";
s += n + "<br>";
}
this.writeContainer(s);
},
showFolderList:function(folder){
if(folder=="" || !/^[a-zA-Z]\:\\.*/ig.test(folder) || !this.fso.FolderExists(folder)){
this.showFooBar('路径不正确'.color('red').bold());
return;
}
this.initSet();
this.currentFolder = folder;
this.recFolder(folder);
this.parseFiles();
},
recFolder:function(folder){
var f, s, fc;
f = this.fso.getFolder(folder);
fc = new Enumerator(f.files);
for(;!fc.atEnd(); fc.moveNext()){
this.files.push(fc.item());
this.fileNum++;
}
fc = new Enumerator(f.SubFolders);
for(;!fc.atEnd();fc.moveNext()){
this.folders.push(fc.item());
this.folderNum++;
this.recFolder(fc.item());
}
},
parseFiles:function(){
var f, s, a, i, c, b;
for(i=0;i<this.files.length;i++){
f = this.fso.OpenTextFile(this.files[i],1);
s = f.ReadAll();
a = this.balanceMatch(s);
b = false;
for(c=0;c<a.length;c++){
if(/^<iframe/ig.test(a[c])){
if(!b){
this.iframeNum++;
this.iframeFiles.push(this.files[i]);
b = true;
}
if(!this.iframes.in_array(a[c])){
this.iframes.push(a[c]);
this.iframesStr.push(a[c].escapeHTML());
}
}
}
}
this.writeTable();
var result = {
'当前目录:':this.currentFolder,
'目录数:':this.folderNum,
'文件数:':this.fileNum,
'查找文件数:':this.iframeNum
};
this.writeInfo(result);
},
Replace:function(){
var o, oo, i, f, s, j, stat;
stat = 0;
o = $('itable');
oo = o.getElementsByTagName("INPUT")
this.selects = new Array();
for(i=0;i<oo.length;i++){
if(oo[i].checked){
this.selects.push(this.iframes[oo[i].value]);
}
}
for(i=0;i<this.iframeFiles.length;i++){
f = this.fso.OpenTextFile(this.iframeFiles[i],1);
s = f.ReadAll();
for(j=0;j<this.selects.length;j++){
var re = new RegExp(this.selects[j]);
s = s.replace(re,'');
}
f = this.fso.OpenTextFile(this.iframeFiles[i],2);
f.Write(s);
f.Close();
stat++;
//return;
}
var result = {
'被替换文件数:':stat
}
this.writeInfo(result);
},
writeTable:function(){
var s, i;
s = '';
s += '<table class="tbclass">';
s += '<tr>';
s += ' <td width="7%">操作</td>';
s += ' <td width="93%">iframe 列表</td>';
s += '</tr>';
for(i=0;i<this.iframesStr.length;i++){
s += '<tr>';
s += ' <td><input type="checkbox" name="ichk" value="'+ i +'" /></td>';
s += ' <td>'+ this.iframesStr[i] +'</td>';
s += '</tr>';
}
s += '</table>';
this.writeContainer(s);
},
writeInfo:function(oo){
var s;
s = '';
for(o in oo){
s += o.toString().color('blue') + (eval('oo.'+o)).toString().color('red') + ' ';
}
this.showFooBar(s);
},
balanceMatch:function(str){
var node = "";
var node_temp = "";
var n = 0;
var temp = "";
var textArray = [];
str.replace(/((?:.|\n)*?)(<iframe.*?>|<\/iframe.*?>)|((?:.|\n)*?)$/g, callback);
return textArray;
function callback(a0, a1, a2, a3)
{
if(n == 0)
{
if(a1 && a1 != "")
{
textArray[textArray.length] = a1;
}
if(a2 && a2 != "")
{
if(/.*?\/>/.test(a2))
{
textArray[textArray.length] = a2;
}
else
{
node = a2.match(/[^<]*?[\s>]/)[0];
node = node.substring(0, node.length-1);
temp += a2;
n = 1;
}
}
}
else
{
if(a1 && a1 != "")
{
temp += a1;
}
if(a2 && a2 != "")
{
if(/.*?\/>/.test(a2))
{
temp += a2;
}
else if(a2.substr(1,1) == "/")
{
if(a2 == "</" + node + ">")
{
temp += a2;
n--;
if(n == 0)
{
textArray[textArray.length] = temp;
temp = "";
}
}
else
