编写asp代码执行器,动态生成asp文件

 保存为runasp.asp运行。账号密码admin，登陆后输入代码就可执行了！！
  
   <% @ LANGUAGE="VBSCRIPT" %>
  <%Option Explicit
  response.buffer=true
  dim Spassword,SUserName
   SUserName="admin"
   Spassword="admin"
  dim SQLMutiStr
  dim i
  dim action
   action=request.querystring("action")
  
  IF action="GetCode" then '---------TOT
   NumCodeJS
  ELSE '--------TOT
   Response.Write("<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.0 Transitional//EN"">")
   Response.Write("<HTML>")
   Response.Write("<HEAD>")
   Response.Write("<TITLE>ASP RunCode SCR V1.0 / Create By PaintBlue.Net V37</TITLE>")
   Response.Write("<META NAME=""Generator"" CONTENT=""EditPlus,V37,PaintBlue.Net"">")
   Response.Write("<META NAME=""Author"" CONTENT=""V37,PaintBlue.Net"">")
   Response.Write("<META NAME=""Keywords"" CONTENT=""PaintBlue.Net,,V37,RunCode,ASP,Script,BlueIdea.COM,Lfgbox.com"">")
   Response.Write("<META NAME=""Description"" CONTENT=""运行ASP代码的ASP脚本!"">")
   Response.Write("</HEAD>")
   Response.Write("<BODY bgcolor=#D4D0C8>")
  
   SQLMutiStr=trim(Request.Form("SQLMutiStr"))
   if session("login")="" and action="chkpass" then
   session("login")=checkPass()
   end if
   if action="exit" then session("login")=""
   if session("login")="1" then
   if action="RunCode" then
   if SQLMutiStr="" then
   Response.write "没有输入要运行的代码!"
   Response.write "<br><br><a href=""javascript:window.history.back();"">返回运行页面</a><br><br>"
   Response.write "<a href=""?action=exit"">退出登陆</a>"
   response.end
   else
   dim ExeStrArr
   dim re
   dim tempSQL,tempSQL2
   dim ScriptArr,ScriptSubArr
   tempSQL2=""
   tempSQL=split(SQLMutiStr,vbcrlf)
   if inStr(lcase(tempSQL(0)),"language")>0 then
   tempSQL2=tempSQL(1)
   if ubound(tempSQL)>1 then
   for i=1 to ubound(tempSQL)
   tempSQL2=tempSQL2&tempSQL(i)
   next
   end if
   tempSQL2=trim(tempSQL2)
   else
   tempSQL2=SQLMutiStr
   end if
   tempSQL2=replace(tempSQL2,"<%"&"=","<"&"%response.write ")
   do
   tempSQL2=replace(tempSQL2,vbcrlf&vbcrlf,vbcrlf)
   loop while instr(tempSQL2,vbcrlf&vbcrlf)>0
   tempSQL2=trim(tempSQL2)
   tempSQL2="<"&"%%"&">"&tempSQL2&"<"&"%%"&">"
   ScriptArr=split(tempSQL2,"%"&">")
   dim ub,kub
   ub=ubound(ScriptArr)
   for i=0 to ub-1
   ScriptSubArr=split(ScriptArr(i),"<"&"%")
   if i>0 then response.write (ScriptSubArr(0))
   ExeCuteIt(ScriptSubArr(1))
   next
   call EndProc("<font color=#009900>代码运行完毕!</font>")
   end if
   else
   %>
   输入要运行的ASP代码:
   <FORM METHOD=POST ACTION="?action=RunCode" style="margin:0px;">
   <TEXTAREA NAME="SQLMutiStr" wrap='OFF' ROWS="20" style="width:100%;height:100%;table-layout:fixed;word-break:break-all;"><%=Server.Htmlencode(SQLMutiStr)%></TEXTAREA>
   <br>
   <INPUT TYPE="button" onclick="window.location.href='?action=exit';" Value="LouOut">
   <INPUT TYPE="reset" Value="Clear">
   <INPUT TYPE="submit" value="Run AspCode">
   </FORM>
   <% end if
   else
   call loginmain()
   end if
   Response.write ("</BODY></HTML>")
  END IF '-------TOT
  
  SUB loginMain()
   %>
  
   <FORM METHOD=POST ACTION="?action=chkpass"> UserName:<INPUT TYPE="text" NAME="UserName"><br>
    PassWord:<INPUT TYPE="password" NAME="Runpassword"><br>
   CheckCode:<INPUT TYPE="GetCode" NAME="GetCode"><img src="runasp.asp?action=GetCode&Time=<%=timer()%>"><br>
   <br><img width=125 height=0><INPUT TYPE="submit" value=" Login "></FORM>
   <%
  End SUB
  
  function checkPass()
   dim UserName,Runpassword,GetCode
   dim errinfo
   checkPass=""
   UserName=trim(request.form("UserName"))
   Runpassword=trim(request.form("Runpassword"))
   GetCode=request.form("GetCode")
   if UserName="" or Runpassword="" then
   errinfo=errinfo&"<li>用户名和密码输入不能为空"
   end if
   if Not isnumeric(GetCode) then
   errinfo=errinfo&"<li>请输入数字校验码"
   end if
   if errinfo<>"" then
   call loginmain()
   EndProc errinfo
   end if
   if action="chkpass" and Session("GetCode")=int(GetCode) and UserName=SUserName and Runpassword=Spassword then
   Session("GetCode")=0
   checkPass="1"
   else
   call loginmain()
   EndProc "登陆失败!请重新确认正确输入"
   end if
  End function
  
  SUB ExeCuteIt(ExString)
   on error resume next
   Execute(ExString)
   if err.number<>0 then
   Response.write "<div style=""background-color: #ffeedd;padding: 6px;"">"
   Response.write "<hr size=1>"
   Response.write "出错信息:<li><font color=#ff0000>"&err.description&"</font>"
   Response.write "<hr size=1>"
   Response.write "出错代码:<li><font color=#0000ff>"&Htmlencode(ExString)&"</font>"
   Response.write "<hr size=1></div>"
   end if
   on error goto 0
  end SUB
  
  function HTMLEncode(reString)
   dim Str:Str=reString
   if not isnull(Str) then
   Str = replace(Str, ">", ">")
   Str = replace(Str, "<", "<")
   Str = Replace(Str, CHR(32), " ")
   Str = Replace(Str, CHR(9), "    ")
   Str = Replace(Str, CHR(34), """) ' "
   Str = Replace(Str, CHR(39), "'") ' '
   Str = Replace(Str, CHR(13), "")
   Str = Replace(Str, CHR(10) & CHR(10), "</P><P> ")
   Str = Replace(Str, CHR(10), "<BR> ")
   HTMLEncode = Str
   else
   HTMLEncode=""
   end if
  end function
  
  '断点调试 num=0 中断
  Sub Response_write(str,num)
   dim istr:istr=str
   dim inum:inum=num
   response.write str&"<br>"
   if inum=0 then response.end
  end sub
  
  SUB EndProc(info)
   Response.write "<hr size=1 color=#00aa00>"
   Response.write info
   Response.write "<hr size=1 color=#00aa00><a href=""javascript:window.history.back();"">返回运行页面</a><br><br>"
   Response.write "<a href=""?action=exit"">退出登陆</a>"
   response.end
  End SUB
  %>
  <script language="JScript" runat="Server">
  function GetNO(num){
   var NumArray=[
   ]["0","0","0","3c","66","66","66","66","66","66","66","66","3c","0","0","0"],
   ["0","0","0","30","38","30","30","30","30","30","30","30","30","0","0","0"],
   ["0","0","0","3c","66","60","60","30","18","c","6","6","7e","0","0","0"],
   ["0","0","0","3c","66","60","60","38","60","60","60","66","3c","0","0","0"],
   ["0","0","0","30","30","38","38","34","34","32","7e","30","78","0","0","0"],
   ["0","0","0","7e","6","6","6","3e","60","60","60","66","3c","0","0","0"],
   ["0","0","0","38","c","6","6","3e","66","66","66","66","3c","0","0","0"],
   ["0","0","0","7e","66","60","60","30","30","18","18","c","c","0","0","0"],
   ["0","0","0","3c","66","66","66","3c","66","66","66","66","3c","0","0","0"],
   ["0","0","0","3c","66","66","66","66","7c","60","60","30","1c","0","0","0"]
   ];
   var str=[];
   num=String(num).split("");
   for(var i=0;i<NumArray[0].length;i++)
   for(var j=0;j<num.length;j++)
   str[str.length]=("0x"+NumArray[num[j]][i]);
   var str1="#define counter_width "+j*8;
   var str2="#define counter_height 16";
   return str1+String.fromCharCode(13,10)+str2+String.fromCharCode(13,10)+"static unsigned char counter_bits[]={"+str+"}";
   }
  function GetRnd(Num){
   return Math.floor(Math.random()*Math.pow(10,Num));
   }
  function NumCodeJS()
   {
   Response.buffer=true
   var zNum;
   var zNum=GetRnd(4);
   if (zNum<1000) zNum+=999;
   Session("GetCode") = zNum;
   Response.ContentType="image/x-xbitmap";
   Session("GetCode") = zNum;
   Response.Write(GetNO(zNum));
   }
  </script>