'----------------------- 'Anti-Iframe in vbs 'Author: lake2 (http://lake2.0x54.org) 'Date:   2007-2-27 'Version: 1.1  '----------------------- '-------- Config Start -------------- '配置要处理的文件名，可使用vbs正则表达式；也可以使用“(index.asp|index.htm|index.html)”枚举格式 Pattern = "^.+\.(htm|html|asp|aspx|php)$" '-------- Config  End  -------------- Call ShowInfo() If WScript.Arguments.Count = 2 Then     If Right(WScript.Arguments.Item(0),1) = "\" Then         if len(WScript.Arguments.Item(0))>3 then              thePath = Mid(WScript.Arguments.Item(0),1,Len(WScript.Arguments.Item(0))-1)         else             thePath = WScript.Arguments.Item(0)         end if     Else         thePath = WScript.Arguments.Item(0)     End If     Call CheckArg(thePath)     WScript.Echo "开始清理，请稍候……"     Call ShowAllFile(thePath)     WScript.Echo vbcrlf & "清理完成！" & vbcrlf Else     Call ShowHelp() End If Sub ShowInfo()     HelpStr = HelpStr & "=====＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝=====" & vbcrlf     HelpStr = HelpStr & "=====  欢迎使用雷客图 ASP 站长安全助手vbs版  =====" & vbcrlf     HelpStr = HelpStr & "=====       之  Anti-批量挂马                =====" & vbcrlf     HelpStr = HelpStr & "=====           Author: lake2                =====" & vbcrlf     HelpStr = HelpStr & "=====       Email:lake2@mail.csdn.net        =====" & vbcrlf     HelpStr = HelpStr & "=====   欢迎访问 www.0x54.org 得到更多信息   =====" & vbcrlf     HelpStr = HelpStr & "=====＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝=====" & vbcrlf     HelpStr = HelpStr & vbcrlf     WScript.Echo HelpStr End Sub Sub ShowHelp()     HelpStr = HelpStr & "#用法: CScript AntiIframe.vbs [处理的路径] [包含清除内容的文件]" & vbcrlf     HelpStr = HelpStr & "#例子: CScript AntiIframe.vbs d:\Web d:\lake2.txt" & vbcrlf     HelpStr = HelpStr & vbcrlf     WScript.Echo HelpStr End Sub Sub CheckArg(arg)     tmpPath = arg     Set objFSO = WScript.CreateObject ("Scripting.FileSystemObject")     If Not objFSO.FileExists(WScript.Arguments.Item(1)) Then         WScript.Echo "Error：未找到配置文件“" & WScript.Arguments.Item(1) & "”！"         WScript.Quit     ElseIf Not objFSO.FolderExists(tmpPath) Then         WScript.Echo "Error：错误的路径“" & tmpPath & "”！"         WScript.Quit         End If     Set objFSO = Nothing End Sub '遍历处理path及其子目录所有文件 Sub ShowAllFile(Path)     Set FSO = CreateObject("Scripting.FileSystemObject")     Set g = FSO.GetFile(WScript.Arguments.Item(1))     If g.Size > 0 Then         Set ts2 = g.OpenAsTextStream(1, -2)         filecon = ts2.ReadAll         ts2.Close         Set ts2 = Nothing     Else         WScript.Echo "Error：配置文件" & WScript.Arguments.Item(1) & "大小为0！"         WScript.Quit     End If     Set g = Nothing     Set f = FSO.GetFolder(Path)     Set fc2 = f.files     On Error Resume Next     For Each myfile in fc2         If Err Then WScript.Echo "权限不足，不能检查目录"&thePath:exit sub         Set regEx = New RegExp         regEx.IgnoreCase = True         regEx.Global = True         regEx.Pattern = Pattern         If regEx.Test(myfile.name) Then             CheckFile path&"\"&myfile.name, filecon         End If         Set regEx = Nothing             Next     Set fc = f.SubFolders     For Each f1 in fc         ShowAllFile path&"\"&f1.name         Next     Set FSO = Nothing End Sub Sub CheckFile(filepath, filecon2)     xSet = GetCharSet(filepath)     Set tStream = CreateObject("ADODB.Stream")     tStream.type = 1     tStream.mode = 3     tStream.open     tStream.Position=0     tStream.LoadFromFile FilePath     If err Then Exit Sub end if     tStream.type = 2     tStream.charset = xSet     Do Until tStream.EOS         filecon = filecon & LCase(tStream.ReadText(102400))     Loop     tStream.close()     Set tStream = Nothing         If InStr(filecon, filecon2) > 0 Then             filecon = Replace(filecon, filecon2, "")             Set tStream = CreateObject("ADODB.Stream")             tStream.type = 2             tStream.mode = 3             tStream.charset = xSet             tStream.open             tStream.Position=0             tStream.WriteText filecon             tStream.SaveToFile filepath, 2             tStream.close()             Set tStream = Nothing             WScript.Echo "已经修复文件: "&filepath&" ..."         End If End Sub Function GetCharSet(xPath)     Set tStream = CreateObject("ADODB.Stream")     tStream.type = 1     tStream.mode = 3     tStream.open     tStream.Position = 0     tStream.LoadFromFile xPath     byte1 = ascB(tStream.Read(1))     byte2 = ascB(tStream.Read(1))     byte3 = ascB(tStream.Read(1))     tStream.close()     Set tStream = Nothing     If byte1=239 and byte2=187 and byte3=191 Then         GetCharSet = "UTF-8"     Else         GetCharSet = "GB2312"     End If End Function