Currently, the most popular ASP *s mainly use three technologies to perform related operations on servers.
1. Use FileSystemObject component
FileSystemObject can perform regular operations on files
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
Change the name to other names, such as: change it to FileSystemObject_ChangeName
You can call this component normally when you call it in the future.
Also change the clsid value.
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Register this component command: RegSrv32/u C:\WINNT\SYSTEM\
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
2. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
and
HKEY_CLASSES_ROOT\.1\
Change the name to other names, such as: change to WScript.Shell_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future.
Also change the clsid value.
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\.1\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
3. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
and
HKEY_CLASSES_ROOT\.1\
Change the name to other names, such as: change to Shell.Application_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future.
Also change the clsid value.
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
Note: All operations need to restart the WEB service before taking effect.
4. Call
Disable Guests group user calls
cacls C:\WINNT\system32\ /e /d guests
The above four steps can basically prevent several popular *s, but the most effective way is to make the server and program security meet certain standards through comprehensive security settings, so that the security level can be set to be higher and prevent more illegal intrusions.
1. Use FileSystemObject component
FileSystemObject can perform regular operations on files
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
Change the name to other names, such as: change it to FileSystemObject_ChangeName
You can call this component normally when you call it in the future.
Also change the clsid value.
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Register this component command: RegSrv32/u C:\WINNT\SYSTEM\
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
2. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
and
HKEY_CLASSES_ROOT\.1\
Change the name to other names, such as: change to WScript.Shell_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future.
Also change the clsid value.
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\.1\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
3. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
and
HKEY_CLASSES_ROOT\.1\
Change the name to other names, such as: change to Shell.Application_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future.
Also change the clsid value.
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
Note: All operations need to restart the WEB service before taking effect.
4. Call
Disable Guests group user calls
cacls C:\WINNT\system32\ /e /d guests
The above four steps can basically prevent several popular *s, but the most effective way is to make the server and program security meet certain standards through comprehensive security settings, so that the security level can be set to be higher and prevent more illegal intrusions.