目前網(wǎng)絡(luò)上有許多圖片驗證碼形式,那些沒有生成圖片的驗證碼的抗破解防御能力簡直不堪一擊;有人直接在網(wǎng)頁源碼里顯示出具體的數(shù)字,然后要求訪問者輸入一個相加后的和;如3+5=多少,這樣的驗證碼新意倒有一些,不過可惜,根本沒有起到保護的作用。
flymorn改進一下以上的新意,直接把3+6=多少的形式采用asp程序生成Bmp圖片格式,并且把數(shù)字相加后的和存進session里,加大破解的門檻;沒有一些圖形圖像學(xué)知識的人是無法破解的。代碼如下:
復(fù)制代碼 代碼如下:
%
Response.Buffer = True
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.cachecontrol = "no-cache"
Response.ContentType = "Image/Bmp"
Call Com_CreatValidCode()
Sub Com_CreatValidCode()
Randomize
Dim i, ii, iii
Const cAmount = 10 '數(shù)值個數(shù)
Const cCode = "0123456789" '數(shù)值范圍
Dim vColorData(2)
vColorData(0) = "" '黑色點要轉(zhuǎn)為彩色點,暫時不定義
vColorData(1) = ChrB(255) ChrB(255) ChrB(255) '白點
Dim vCode(4), vCodes '產(chǎn)生一組任意數(shù)
For i = 0 To 3
vCode(i) = Int(Rnd * cAmount) '數(shù)組等于總數(shù)*隨機數(shù)
if i=1 then vCode(i)="11" '第二位為+
if i=3 then vCode(i)="10" '第四位為=
vCodes=vCodesMid(cCode,vCode(i)+1,1) '串等于串加上后續(xù)值
Next
session("checkcode")=int(Mid(vCodes,1,1)) + int(Mid(vCodes,2,1)) '計算相加和值并賦值給session
Dim vNumberData(36)
vNumberData(0) =
"1110000111110111101111011110111101111011110111101111011110111101111011110111101111011110111110000111"
vNumberData(1) =
"1111011111110001111111110111111111011111111101111111110111111111011111111101111111110111111100000111"
vNumberData(2) =
"1110000111110111101111011110111111111011111111011111111011111111011111111011111111011110111100000011"
vNumberData(3) =
"1110000111110111101111011110111111110111111100111111111101111111111011110111101111011110111110000111"
vNumberData(4) =
"1111101111111110111111110011111110101111110110111111011011111100000011111110111111111011111111000011"
vNumberData(5) =
"1100000011110111111111011111111101000111110011101111111110111111111011110111101111011110111110000111"
vNumberData(6) =
"1111000111111011101111011111111101111111110100011111001110111101111011110111101111011110111110000111"
vNumberData(7) =
"1100000011110111011111011101111111101111111110111111110111111111011111111101111111110111111111011111"
vNumberData(8) =
"1110000111110111101111011110111101111011111000011111101101111101111011110111101111011110111110000111"
vNumberData(9) =
"1110001111110111011111011110111101111011110111001111100010111111111011111111101111011101111110001111"
'表示=
vNumberData(10) =
"1111111111111111111111111111111000000001111111111111111111111000000001111111111111111111111111111111"
'表示+
vNumberData(11) =
"1111111111111100111111110011111111001111100000000110000000011111001111111100111111110011111111111111"
Response.BinaryWrite ChrB(66) ChrB(77) ChrB(230) ChrB(4) ChrB(0) ChrB(0) ChrB(0) ChrB(0) _
ChrB(0) ChrB(0) ChrB(54) ChrB(0) ChrB(0) ChrB(0) ChrB(40) ChrB(0) _
ChrB(0) ChrB(0) ChrB(40) ChrB(0) ChrB(0) ChrB(0) ChrB(10) ChrB(0) _
ChrB(0) ChrB(0) ChrB(1) ChrB(0)
Response.BinaryWrite ChrB(24) ChrB(0) ChrB(0) ChrB(0) ChrB(0) ChrB(0) ChrB(176) ChrB(4) _
ChrB(0) ChrB(0) ChrB(18) ChrB(11) ChrB(0) ChrB(0) ChrB(18) ChrB(11) _
ChrB(0) ChrB(0) ChrB(0) ChrB(0) ChrB(0) ChrB(0) ChrB(0) ChrB(0) _
ChrB(0) ChrB(0)
For i = 9 To 0 Step -1 '行
For ii = 0 To 3 '字?jǐn)?shù)
For iii = 1 To 10 '像素點
if Mid(vNumberData(vCode(ii)), i * 10 + iii , 1) ="0" then '產(chǎn)生彩色點,減去一個固定值,可使顏色偏深
dim a,b,c
a=abs(Rnd * 256-60)
b=abs(Rnd * 256-128)
c=abs(Rnd * 256-60)
vColorData(0) = ChrB(a) ChrB(b) ChrB(c)
Response.BinaryWrite vColorData(Mid(vNumberData(vCode(ii)), i * 10 + iii , 1))
else
dim d,e,f '產(chǎn)生彩色背景,顏色偏淺,也可以隨機生成噪點做背景
d=abs(Rnd * 255)
e=abs(Rnd * 255)
f=abs(Rnd * 255)
if d+e+f>640 then '可改值,調(diào)整背景色深
vColorData(1) = ChrB(d) ChrB(e) ChrB(f)
Response.BinaryWrite vColorData(Mid(vNumberData(vCode(ii)), i * 10 + iii , 1))
else
Response.BinaryWrite vColorData(Mid(vNumberData(vCode(ii)), i * 10 + iii , 1))
end if
end if
Next
Next
Next
End Sub
%>
以上代碼可直接另存為一個文件,如vcode.asp,然后通過圖片的方式調(diào)用改文件,如img src="vcode.asp" border=0 align="absmiddle" />,然后在提交后的處理頁面里驗證session("checkcode")的值就可以了。這個代碼是flymorn自己改進的,原始的參考代碼請直接在google里搜索“用ASP生成Bmp圖片”,或查看這個網(wǎng)址,可以找到一些相關(guān)的。
最后,就是“5+6=”這樣的隨機數(shù)字相加的形式生成在bmp圖片里了,它們的和需要你計算后填入,以達到驗證的功能,防止機器蹂躪你的網(wǎng)站。如果你也關(guān)心asp圖片驗證碼,歡迎留言,讓我們一起交流。