If your server is plagued by ASP *s, I hope this article can help you solve the problems you are facing.
Currently, the most popular ASP *s mainly use three technologies to perform related operations on servers.
1. Use FileSystemObject component
FileSystemObject can perform regular operations on files
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\Renamed to other names, such as: Change to FileSystemObject_ChangeName
You can call this component normally when you call it in the future
Also change the clsid value
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Register this component command: RegSvr32/u C:\WINNT\SYSTEM32\
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
2. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\ and HKEY_CLASSES_ROOT\.1\renamed to other names, such as: change to WScript.Shell_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future
Also change the clsid value
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\.1\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
3. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
and HKEY_CLASSES_ROOT\.1\
Change name to other names, such as: change to Shell.Application_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future
Also change the clsid value
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
Note: All operations need to restart the WEB service before taking effect.
4. Call
Disable Guests group user calls
cacls C:\WINNT\system32\ /e /d guests
The above four steps can basically prevent several popular *s, but the most effective way is to comprehensively set the server and program security to a certain standard, so that the security level can be set to be higher and prevent more illegal intrusions.
Currently, the most popular ASP *s mainly use three technologies to perform related operations on servers.
1. Use FileSystemObject component
FileSystemObject can perform regular operations on files
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\Renamed to other names, such as: Change to FileSystemObject_ChangeName
You can call this component normally when you call it in the future
Also change the clsid value
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Register this component command: RegSvr32/u C:\WINNT\SYSTEM32\
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
2. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\ and HKEY_CLASSES_ROOT\.1\renamed to other names, such as: change to WScript.Shell_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future
Also change the clsid value
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\.1\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
3. Use components
You can call the system kernel to run basic DOS commands
You can prevent the harm of such *s by modifying the registry and rename this component.
HKEY_CLASSES_ROOT\\
and HKEY_CLASSES_ROOT\.1\
Change name to other names, such as: change to Shell.Application_ChangeName or .1_ChangeName
You can call this component normally when you call it in the future
Also change the clsid value
HKEY_CLASSES_ROOT\\CLSID\Project value
HKEY_CLASSES_ROOT\\CLSID\Project value
It can also be deleted to prevent the harm of such *s.
Disable Guest users from using it to prevent calls to this component.
Use command: cacls C:\WINNT\system32\/e /d guests
Note: All operations need to restart the WEB service before taking effect.
4. Call
Disable Guests group user calls
cacls C:\WINNT\system32\ /e /d guests
The above four steps can basically prevent several popular *s, but the most effective way is to comprehensively set the server and program security to a certain standard, so that the security level can be set to be higher and prevent more illegal intrusions.