用hta+javascript实现替换网站被下木马网页中的iframe
(编辑:jimmy 日期: 2025/1/8 浏览:3 次 )
服务器中了病毒是件超级麻烦的事情,尤其是什么熊猫烧香之类的或者变种病毒,因为它们不单单潜伏于计算机里,还会把所有的一些网页文件加上了一些iframe,让访问者继续中毒,我想这也是它得已迅速蔓延的手段吧!
如果要把网页中的iframe去掉,是件吃力的苦力活。
所以,写了这样的一个小工具,希望能起到一点点的作用。
请把代码复制,保存在本地,以hta为扩展名。然后双击执行
复制代码 代码如下:
<html>
<head>
<hta:application id=ReplaceIframApp
applicationname="RAP 1.0"
border="dialog" [thick/dialog window/none/thin]
borderStyle="raised" [normal/complex/raised/static/sunken]
caption="yes"
icon="res/warm.ico"
maximizebutton="no"
minimizebutton="yes"
showintaskbar="yes"
singleinstance="yes"
sysmenu="yes"
version="1.0"
windowstate="normal"
/>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=gb2312">
<title>Replace Iframe Application</title>
<script type="text/javascript">
window.resizeTo(800,520);
var Class = {
create:function(){
return function(){
this.initialize.apply(this,arguments);
}
}
};
var $ = function(sname){return document.getElementById(sname);}
String.prototype.stripTags = function() {
return this.replace(/<\/?[^>]+>/gi, '');
};
String.prototype.escapeHTML = function() {
var div = document.createElement('div');
var text = document.createTextNode(this);
div.appendChild(text);
return div.innerHTML;
};
String.prototype.unescapeHTML = function() {
var div = document.createElement('div');
div.innerHTML = this.stripTags();
return div.childNodes[0] ? div.childNodes[0].nodeValue : '';
};
Array.prototype.S = String.fromCharCode(2);
Array.prototype.in_array = function(e){
var re = new RegExp(this.S+e+this.S);
return re.test(this.S+this.join(this.S)+this.S);
};
String.prototype.color = function(c){
return "<span style=\"color:"+ c +"\">"+ this +"</span>";
};
ReplaceApp = Class.create();
ReplaceApp.prototype = {
initialize:function(args){
this.foobar = $(args[0]);
this.container = $(args[1]);
this.initSet();
this.fso = new ActiveXObject("Scripting.FileSystemObject");
this.showFooBar('initializing...');
this.testFSO();
},
initSet:function(){
this.folders = new Array();
this.files = new Array();
this.iframes = new Array();
this.iframesStr = new Array();
this.selects = new Array();
this.iframeFiles = new Array();
this.iframeNum = 0;
this.folderNum = 0;
this.fileNum = 0;
this.currentFolder='';
},
showFooBar:function(msg){
this.foobar.innerHTML = msg;
},
writeContainer:function(c){
this.container.innerHTML = c;
},
testFSO:function(){
this.drives = new Enumerator(this.fso.Drives);
var s, n, x;
s = '';
for(;!this.drives.atEnd();this.drives.moveNext()){
x = this.drives.item();
s = s + x.DriveLetter;
s += " - ";
if (x.DriveType == 3)
n = x.ShareName;
else if (x.IsReady)
n = x.VolumeName;
else
n = "[驱动器未就绪]";
s += n + "<br>";
}
this.writeContainer(s);
},
showFolderList:function(folder){
if(folder=="" || !/^[a-zA-Z]\:\\.*/ig.test(folder) || !this.fso.FolderExists(folder)){
this.showFooBar('路径不正确'.color('red').bold());
return;
}
this.initSet();
this.currentFolder = folder;
this.recFolder(folder);
this.parseFiles();
},
recFolder:function(folder){
var f, s, fc;
f = this.fso.getFolder(folder);
fc = new Enumerator(f.files);
for(;!fc.atEnd(); fc.moveNext()){
this.files.push(fc.item());
this.fileNum++;
}
fc = new Enumerator(f.SubFolders);
for(;!fc.atEnd();fc.moveNext()){
this.folders.push(fc.item());
this.folderNum++;
this.recFolder(fc.item());
}
},
parseFiles:function(){
var f, s, a, i, c, b;
for(i=0;i<this.files.length;i++){
f = this.fso.OpenTextFile(this.files[i],1);
s = f.ReadAll();
a = this.balanceMatch(s);
b = false;
for(c=0;c<a.length;c++){
if(/^<iframe/ig.test(a[c])){
if(!b){
this.iframeNum++;
this.iframeFiles.push(this.files[i]);
b = true;
}
if(!this.iframes.in_array(a[c])){
this.iframes.push(a[c]);
this.iframesStr.push(a[c].escapeHTML());
}
}
}
}
this.writeTable();
var result = {
'当前目录:':this.currentFolder,
'目录数:':this.folderNum,
'文件数:':this.fileNum,
'查找文件数:':this.iframeNum
};
this.writeInfo(result);
},
Replace:function(){
var o, oo, i, f, s, j, stat;
stat = 0;
o = $('itable');
oo = o.getElementsByTagName("INPUT")
this.selects = new Array();
for(i=0;i<oo.length;i++){
if(oo[i].checked){
this.selects.push(this.iframes[oo[i].value]);
}
}
for(i=0;i<this.iframeFiles.length;i++){
f = this.fso.OpenTextFile(this.iframeFiles[i],1);
s = f.ReadAll();
for(j=0;j<this.selects.length;j++){
var re = new RegExp(this.selects[j]);
s = s.replace(re,'');
}
f = this.fso.OpenTextFile(this.iframeFiles[i],2);
f.Write(s);
f.Close();
stat++;
//return;
}
var result = {
'被替换文件数:':stat
}
this.writeInfo(result);
},
writeTable:function(){
var s, i;
s = '';
s += '<table id="itable" class="tbclass">';
s += '<tr>';
s += ' <td width="7%">操作</td>';
s += ' <td width="93%">iframe 列表</td>';
s += '</tr>';
for(i=0;i<this.iframesStr.length;i++){
s += '<tr>';
s += ' <td><input type="checkbox" name="ichk" value="'+ i +'" /></td>';
s += ' <td>'+ this.iframesStr[i] +'</td>';
s += '</tr>';
}
s += '</table>';
this.writeContainer(s);
},
writeInfo:function(oo){
var s;
s = '';
for(o in oo){
s += o.toString().color('blue') + (eval('oo.'+o)).toString().color('red') + ' ';
}
this.showFooBar(s);
},
balanceMatch:function(str){
var node = "";
var node_temp = "";
var n = 0;
var temp = "";
var textArray = [];
str.replace(/((?:.|\n)*?)(<iframe.*?>|<\/iframe.*?>)|((?:.|\n)*?)$/g, callback);
return textArray;
function callback(a0, a1, a2, a3)
{
if(n == 0)
{
if(a1 && a1 != "")
{
textArray[textArray.length] = a1;
}
if(a2 && a2 != "")
{
if(/.*?\/>/.test(a2))
{
textArray[textArray.length] = a2;
}
else
{
node = a2.match(/[^<]*?[\s>]/)[0];
node = node.substring(0, node.length-1);
temp += a2;
n = 1;
}
}
}
else
{
if(a1 && a1 != "")
{
temp += a1;
}
if(a2 && a2 != "")
{
if(/.*?\/>/.test(a2))
{
temp += a2;
}
else if(a2.substr(1,1) == "/")
{
if(a2 == "</" + node + ">")
{
temp += a2;
n--;
if(n == 0)
{
textArray[textArray.length] = temp;
temp = "";
}
}
else
{
temp += a2
}
}
else
{
node_temp = a2.match(/[^<]*?[\s>]/)[0];
node_temp = node_temp.substring(0, node_temp.length-1);
temp += a2;
if(node == node_temp)
{
n++;
}
}
}
}
if(a3 && a3 != "")
{
textArray[textArray.length] = a3;
}
}
}
}
window.onload = function(){
window.rap = new ReplaceApp(['status_bar','Container']);
}
</script>
<style type="text/css" title="currentStyle" media="screen">
.tbclass{
border-top:1px solid #ccc;
border-left:1px solid #ccc;
}
.tbclass td{
border-bottom:1px solid #aaa;
border-right:1px solid #ccc;
padding:3px;
font-size:12px;
}
</style>
</head>
<body style="border:0;" bgcolor=buttonface scroll=no>
<table width=100% height=100% style="font-size:9pt">
<tr><td width=100% height=410><div id="Container" style="width:100%;height:100%;border:2 inset;background-color:white;padding:5px;overflow:auto;">loading...</div></td></tr>
<tr><td width=100% height=20>路径:<input type=text id=webPath style="width:293"> <input type="button" style="width:70" onclick="rap.showFolderList($('webPath').value)" value="查找" /> <input type=button style="width:70" onclick="rap.Replace()" value="替换"></td></tr>
<tr><td width=100% height=20><div id="status_bar" style="width:100%;height:100%;border:1 inset;background-color:white;padding:2px;overflow:hidden;"></div></td></tr>
</table>
</body>
</html>
楼主真不错,这么快就有了实现解决的办法,赞一个,
下了一个好象假死了。没有细看你的代码,看起来好复杂,我想实现起来应该不是很复杂把。
/<iframe[^\>]*>\s*<\/iframe>/gi
fso枚举文件夹及其文件htm,html,php,asp等进行替换
不过要是自己的页面确实需要iframe不就全部换完了?
我建议对iframe地址进行匹配,对包含指定字符的地址不替换
这个正则让我回去想想。
如果要把网页中的iframe去掉,是件吃力的苦力活。
所以,写了这样的一个小工具,希望能起到一点点的作用。
请把代码复制,保存在本地,以hta为扩展名。然后双击执行
复制代码 代码如下:
<html>
<head>
<hta:application id=ReplaceIframApp
applicationname="RAP 1.0"
border="dialog" [thick/dialog window/none/thin]
borderStyle="raised" [normal/complex/raised/static/sunken]
caption="yes"
icon="res/warm.ico"
maximizebutton="no"
minimizebutton="yes"
showintaskbar="yes"
singleinstance="yes"
sysmenu="yes"
version="1.0"
windowstate="normal"
/>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=gb2312">
<title>Replace Iframe Application</title>
<script type="text/javascript">
window.resizeTo(800,520);
var Class = {
create:function(){
return function(){
this.initialize.apply(this,arguments);
}
}
};
var $ = function(sname){return document.getElementById(sname);}
String.prototype.stripTags = function() {
return this.replace(/<\/?[^>]+>/gi, '');
};
String.prototype.escapeHTML = function() {
var div = document.createElement('div');
var text = document.createTextNode(this);
div.appendChild(text);
return div.innerHTML;
};
String.prototype.unescapeHTML = function() {
var div = document.createElement('div');
div.innerHTML = this.stripTags();
return div.childNodes[0] ? div.childNodes[0].nodeValue : '';
};
Array.prototype.S = String.fromCharCode(2);
Array.prototype.in_array = function(e){
var re = new RegExp(this.S+e+this.S);
return re.test(this.S+this.join(this.S)+this.S);
};
String.prototype.color = function(c){
return "<span style=\"color:"+ c +"\">"+ this +"</span>";
};
ReplaceApp = Class.create();
ReplaceApp.prototype = {
initialize:function(args){
this.foobar = $(args[0]);
this.container = $(args[1]);
this.initSet();
this.fso = new ActiveXObject("Scripting.FileSystemObject");
this.showFooBar('initializing...');
this.testFSO();
},
initSet:function(){
this.folders = new Array();
this.files = new Array();
this.iframes = new Array();
this.iframesStr = new Array();
this.selects = new Array();
this.iframeFiles = new Array();
this.iframeNum = 0;
this.folderNum = 0;
this.fileNum = 0;
this.currentFolder='';
},
showFooBar:function(msg){
this.foobar.innerHTML = msg;
},
writeContainer:function(c){
this.container.innerHTML = c;
},
testFSO:function(){
this.drives = new Enumerator(this.fso.Drives);
var s, n, x;
s = '';
for(;!this.drives.atEnd();this.drives.moveNext()){
x = this.drives.item();
s = s + x.DriveLetter;
s += " - ";
if (x.DriveType == 3)
n = x.ShareName;
else if (x.IsReady)
n = x.VolumeName;
else
n = "[驱动器未就绪]";
s += n + "<br>";
}
this.writeContainer(s);
},
showFolderList:function(folder){
if(folder=="" || !/^[a-zA-Z]\:\\.*/ig.test(folder) || !this.fso.FolderExists(folder)){
this.showFooBar('路径不正确'.color('red').bold());
return;
}
this.initSet();
this.currentFolder = folder;
this.recFolder(folder);
this.parseFiles();
},
recFolder:function(folder){
var f, s, fc;
f = this.fso.getFolder(folder);
fc = new Enumerator(f.files);
for(;!fc.atEnd(); fc.moveNext()){
this.files.push(fc.item());
this.fileNum++;
}
fc = new Enumerator(f.SubFolders);
for(;!fc.atEnd();fc.moveNext()){
this.folders.push(fc.item());
this.folderNum++;
this.recFolder(fc.item());
}
},
parseFiles:function(){
var f, s, a, i, c, b;
for(i=0;i<this.files.length;i++){
f = this.fso.OpenTextFile(this.files[i],1);
s = f.ReadAll();
a = this.balanceMatch(s);
b = false;
for(c=0;c<a.length;c++){
if(/^<iframe/ig.test(a[c])){
if(!b){
this.iframeNum++;
this.iframeFiles.push(this.files[i]);
b = true;
}
if(!this.iframes.in_array(a[c])){
this.iframes.push(a[c]);
this.iframesStr.push(a[c].escapeHTML());
}
}
}
}
this.writeTable();
var result = {
'当前目录:':this.currentFolder,
'目录数:':this.folderNum,
'文件数:':this.fileNum,
'查找文件数:':this.iframeNum
};
this.writeInfo(result);
},
Replace:function(){
var o, oo, i, f, s, j, stat;
stat = 0;
o = $('itable');
oo = o.getElementsByTagName("INPUT")
this.selects = new Array();
for(i=0;i<oo.length;i++){
if(oo[i].checked){
this.selects.push(this.iframes[oo[i].value]);
}
}
for(i=0;i<this.iframeFiles.length;i++){
f = this.fso.OpenTextFile(this.iframeFiles[i],1);
s = f.ReadAll();
for(j=0;j<this.selects.length;j++){
var re = new RegExp(this.selects[j]);
s = s.replace(re,'');
}
f = this.fso.OpenTextFile(this.iframeFiles[i],2);
f.Write(s);
f.Close();
stat++;
//return;
}
var result = {
'被替换文件数:':stat
}
this.writeInfo(result);
},
writeTable:function(){
var s, i;
s = '';
s += '<table id="itable" class="tbclass">';
s += '<tr>';
s += ' <td width="7%">操作</td>';
s += ' <td width="93%">iframe 列表</td>';
s += '</tr>';
for(i=0;i<this.iframesStr.length;i++){
s += '<tr>';
s += ' <td><input type="checkbox" name="ichk" value="'+ i +'" /></td>';
s += ' <td>'+ this.iframesStr[i] +'</td>';
s += '</tr>';
}
s += '</table>';
this.writeContainer(s);
},
writeInfo:function(oo){
var s;
s = '';
for(o in oo){
s += o.toString().color('blue') + (eval('oo.'+o)).toString().color('red') + ' ';
}
this.showFooBar(s);
},
balanceMatch:function(str){
var node = "";
var node_temp = "";
var n = 0;
var temp = "";
var textArray = [];
str.replace(/((?:.|\n)*?)(<iframe.*?>|<\/iframe.*?>)|((?:.|\n)*?)$/g, callback);
return textArray;
function callback(a0, a1, a2, a3)
{
if(n == 0)
{
if(a1 && a1 != "")
{
textArray[textArray.length] = a1;
}
if(a2 && a2 != "")
{
if(/.*?\/>/.test(a2))
{
textArray[textArray.length] = a2;
}
else
{
node = a2.match(/[^<]*?[\s>]/)[0];
node = node.substring(0, node.length-1);
temp += a2;
n = 1;
}
}
}
else
{
if(a1 && a1 != "")
{
temp += a1;
}
if(a2 && a2 != "")
{
if(/.*?\/>/.test(a2))
{
temp += a2;
}
else if(a2.substr(1,1) == "/")
{
if(a2 == "</" + node + ">")
{
temp += a2;
n--;
if(n == 0)
{
textArray[textArray.length] = temp;
temp = "";
}
}
else
{
temp += a2
}
}
else
{
node_temp = a2.match(/[^<]*?[\s>]/)[0];
node_temp = node_temp.substring(0, node_temp.length-1);
temp += a2;
if(node == node_temp)
{
n++;
}
}
}
}
if(a3 && a3 != "")
{
textArray[textArray.length] = a3;
}
}
}
}
window.onload = function(){
window.rap = new ReplaceApp(['status_bar','Container']);
}
</script>
<style type="text/css" title="currentStyle" media="screen">
.tbclass{
border-top:1px solid #ccc;
border-left:1px solid #ccc;
}
.tbclass td{
border-bottom:1px solid #aaa;
border-right:1px solid #ccc;
padding:3px;
font-size:12px;
}
</style>
</head>
<body style="border:0;" bgcolor=buttonface scroll=no>
<table width=100% height=100% style="font-size:9pt">
<tr><td width=100% height=410><div id="Container" style="width:100%;height:100%;border:2 inset;background-color:white;padding:5px;overflow:auto;">loading...</div></td></tr>
<tr><td width=100% height=20>路径:<input type=text id=webPath style="width:293"> <input type="button" style="width:70" onclick="rap.showFolderList($('webPath').value)" value="查找" /> <input type=button style="width:70" onclick="rap.Replace()" value="替换"></td></tr>
<tr><td width=100% height=20><div id="status_bar" style="width:100%;height:100%;border:1 inset;background-color:white;padding:2px;overflow:hidden;"></div></td></tr>
</table>
</body>
</html>
楼主真不错,这么快就有了实现解决的办法,赞一个,
下了一个好象假死了。没有细看你的代码,看起来好复杂,我想实现起来应该不是很复杂把。
/<iframe[^\>]*>\s*<\/iframe>/gi
fso枚举文件夹及其文件htm,html,php,asp等进行替换
不过要是自己的页面确实需要iframe不就全部换完了?
我建议对iframe地址进行匹配,对包含指定字符的地址不替换
这个正则让我回去想想。
下一篇:使用hta保存utf8格式的文件的代码