突破ip封锁登陆论坛系统（Breach of IP blockade landing forum system）.docVIP

突破ip封锁登陆论坛系统（Breach of IP blockade landing forum system） [original] IP landing forum system breakthrough blockade Article title: [original] break IP blockade login to the forum at the top of the system: 2005-06-1422:06 Yezhan released in love [original] break IP blockade forum landing system Author: Yezhan (531200.) Source: EvilOctal security team A paper document of the Ministry of education, the major domestic universities BBS night is set to only allow the school to post. Our school is the use of BBSXP (Forum Forum system), originally due to server bandwidth, popularity is very low. My brother has administrator the IP outside the school, not landing post. A lot of people are surfing the web on campus broadband, some graduates, our computer version of the lovely echo, are not to enter... (a lot of nonsense). OK lets start. The forum is in the setup.asp page filtering ip, Copycode IfRequest.Cookies (username) emptythen Sql= select*from[user]whereusername= HTMLEncode (Request.Cookies (username) #39); SetRs=Conn.Execute (SQL) Ifrs.eofthenResponse.Cookies (username) = IfRequest.Cookies (userpass) rs (userpass) thenResponse.Cookies (username) = Membercode=rs (membercode) Userface= rs (userface) Newmessage=rs (newmessage) Userlife=rs (userlife) Setrs=nothing Endif IfRequest.ServerVariables (HTTP_X_FORWARDED_FOR) =emptythen Remoteaddr=Request.ServerVariables (REMOTE_ADDR) Else Remoteaddr=Request.ServerVariables (HTTP_X_FORWARDED_FOR) Endif Ifbadipemptythen Filtrate=split (badip, |) Fori=0toubound (filtrate) Ifinstr (remoteaddrquot |; , | filtrate (I) 0thenresponse.redirect inc/badip.htm ) Next Endif IfRequest.Cookies (skins) =emptythenResponse.Cookies (skins) =style This code is the setup.asp user verification piece, read it. If the cookies is not empty, then read the database to verify the user password is correct, then the correct definition of variables, some need to use variables with all the database read out data assignment. Then read ip. if IP belongs to be sea