ASP验证码的程序及实现原理

Visited times , Welcome to Data Mining Forum & Data Mining Expert & Data Mining Tools

一共4个页面：form.asp; chk.asp; num.asp; count.asp，得到一个随即数字。加密解密后成成XBM图片，利用 session 判断。

form.asp

以下是引用片段：
<%
"### To encrypt/decrypt include this code in your page
"### strMyEncryptedString = EncryptString(strString)
"### strMyDecryptedString = DeCryptString(strMyEncryptedString)
"### You are free to use this code as long as credits remain in place

数据挖掘论坛

"### also if you improve this code let me know.

Private Function EncryptString(strString)
"####################################################################
"### Crypt Function (C) 2001 by Slavic Kozyuk grindkore@yahoo.com ###
"### Arguments: strString <--- String you wish to encrypt ###
"### Output: Encrypted HEX string ###
"####################################################################

Dim CharHexSet, intStringLen, strTemp, strRAW, i, intKey, intOffSet
Randomize Timer

intKey = Round((RND * 1000000) + 1000000) "##### Key Bitsize
intOffSet = Round((RND * 1000000) + 1000000) "##### KeyOffSet Bitsize 数据挖掘研究院

If IsNull(strString) = False Then
strRAW = strString
intStringLen = Len(strRAW)

For i = 0 to intStringLen - 1
strTemp = Left(strRAW, 1)
strRAW = Right(strRAW, Len(strRAW) - 1)
CharHexSet = CharHexSet & Hex(Asc(strTemp) * intKey)& Hex(intKey)
Next

EncryptString = CharHexSet & "|" & Hex(intOffSet + intKey) & "|" & Hex(intOffSet)
Else
EncryptString = ""
End If
End Function

Private Function DeCryptString(strCryptString)
"####################################################################
"### Crypt Function (C) 2001 by Slavic Kozyuk grindkore@yahoo.com ### 数据挖掘论坛
"### Arguments: Encrypted HEX stringt ###
"### Output: Decrypted ASCII string ###
"####################################################################
"### Note this function uses HexConv() and get_hxno() functions ###
"### so make sure they are not removed ###
"####################################################################

Dim strRAW, arHexCharSet, i, intKey, intOffSet, strRawKey, strHexCrypData

strRawKey = Right(strCryptString, Len(strCryptString) - InStr(strCryptString, "|"))
intOffSet = Right(strRawKey, Len(strRawKey) - InStr(strRawKey,"|"))
intKey = HexConv(Left(strRawKey, InStr(strRawKey, "|") - 1)) - HexConv(intOffSet)

数据挖掘研究院

strHexCrypData = Left(strCryptString, Len(strCryptString) - (Len(strRawKey) + 1))

arHexCharSet = Split(strHexCrypData, Hex(intKey))

For i=0 to UBound(arHexCharSet)
strRAW = strRAW & Chr(HexConv(arHexCharSet(i))/intKey)
Next

DeCryptString = strRAW
End Function

Private Function HexConv(hexVar)
Dim hxx, hxx_var, multiply
IF hexVar <> "" THEN
hexVar = UCASE(hexVar)
hexVar = StrReverse(hexVar)
DIM hx()
REDIM hx(LEN(hexVar))
hxx = 0
hxx_var = 0
FOR hxx = 1 TO LEN(hexVar)
IF multiply = "" THEN multiply = 1
hx(hxx) = mid(hexVar,hxx,1)
hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var

数据挖掘实验室

multiply = (multiply * 16)
NEXT
hexVar = hxx_var
HexConv = hexVar
END IF
End Function

Private Function get_hxno(ghx)
If ghx = "A" Then
ghx = 10
ElseIf ghx = "B" Then
ghx = 11
ElseIf ghx = "C" Then
ghx = 12
ElseIf ghx = "D" Then
ghx = 13
ElseIf ghx = "E" Then
ghx = 14
ElseIf ghx = "F" Then
ghx = 15
End If
get_hxno = ghx
End Function

%>

<%
randomize
num = int(7999*rnd+2000) "计数器的值
num2 = EncryptString(num)
session("pwdt")=num
%>
<form action="chk.asp" method=post>

数据挖掘实验室

请输入验证码： <input type="text" name="pwds">
<img src="count.asp?sksid=<%=num2%>"> <input type=submit value=提交>
</form>

数据挖掘工具

[数据挖掘专家] [数据挖掘研究院] [数据挖掘论坛] [数据挖掘实验室]

上一篇：asp检测文件编码
下一篇：杜绝入侵：八大法则防范ASP网站漏洞

最新评论共有 0 位网友发表了评论 , 查看所有评论

发表评论( 不能超过250字，需审核，请自觉遵守互联网相关政策法规。 )

数据挖掘网站导航	数据挖掘论坛导航
数据挖掘工具数据挖掘论坛 DataCruncher - Cognos MineSet - MathSoft Intelligent Miner - GainSmarts Sqlserver - SAS - Clementine CART - Weka - WizSoft NeuroShell - ModelQuest data mining tools - Darwin 数据挖掘交友数据挖掘博客	数据挖掘工具数据挖掘资源数据挖掘技术算法数据挖掘相关期刊、会议研究院联盟合作专区数据挖掘基础与相关技术数据挖掘厂商与就业数据挖掘研究者乐园知名厂商数据挖掘工具资料国内数据挖掘实验室 Foreign Data Mining Lab