rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";alert(‘foo’);
[img]http://dl2.iteye.com/upload/attachment/0104/3726/1b28aaec-ff50-3084-a61b-1b20ef72328e.png[/img]
[quote]RUNDLL32.EXE <dllname>,<entrypoint> <optional arguments>[/quote]
原理分析:[url]http://thisissecurity.net/2014/08/20/poweliks-command-line-confusion/[/url]