add 扫描可写目录.aspx

2025-08-13 03:17:26 +00:00 · 2020-04-14 21:59:00 +08:00 · 2020-04-14 21:59:00 +08:00 · 1078255150
commit 1078255150
parent 3d26b3888d
2 changed files with 67 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -290,6 +290,7 @@
 - [通过phpinfo获取cookie突破httponly](./通过phpinfo获取cookie突破httponly.md)
 - [phpstudy RCE 利用工具 windows GUI版本](https://github.com/aimorc/phpstudyrce)
 - [WebAliveScan-根据端口快速扫描存活的WEB](https://github.com/broken5/WebAliveScan)
+- [扫描可写目录.aspx](./tools/扫描可写目录.aspx)

 ## <span id="head8"> 文章/书籍/教程相关</span>

--- a/tools/扫描可写目录.aspx
+++ b/tools/扫描可写目录.aspx
@ -0,0 +1,66 @@
+<%@ Page Language="C#" ValidateRequest="false" %>
+<%@ Import Namespace="System.IO" %>
+<%@ Import Namespace="System.Text" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head runat="server">
+<title>ScanWrtieable</title>
+</head>
+<body>
+
+<script runat="server">
+
+protected void Page_Load(object sender, EventArgs e)
+{
+}
+int cresults;
+protected void ScanRights(DirectoryInfo cdir)
+{
+try
+{
+if (Int32.Parse(TextBox_stopat.Text) > 0)
+{
+if (cresults > Int32.Parse(TextBox_stopat.Text))
+return;
+}
+DirectoryInfo[] subdirs = cdir.GetDirectories();
+foreach (DirectoryInfo item in subdirs)
+{
+ScanRights(item);
+}
+
+if (File.Create(cdir.FullName + "\\test").CanWrite)
+{
+this.Lb_msg.Text += cdir.FullName+"<br/>";
+cresults++;
+}
+}
+
+catch { }
+}
+System.DateTime start = DateTime.Now;
+protected void ClearAllThread_Click(object sender, EventArgs e)
+{
+this.Lb_msg .Text= "";
+cresults = 0;
+ScanRights(new DirectoryInfo(Fport_TextBox.Text));
+TimeSpan usetime = System.DateTime.Now - start;
+this.Lb_msg.Text +="usetime: "+ usetime.TotalSeconds.ToString();
+}
+
+</script>
+
+<form id="form1" runat="server">
+
+<div>
+start<asp:TextBox ID="Fport_TextBox" runat="server" Text="c:\" Width="60px"></asp:TextBox>&nbsp;&nbsp;
+Stopat <asp:TextBox ID="TextBox_stopat" runat="server" Text="5" Width="60px"></asp:TextBox>files
+<asp:Button ID="Button" runat="server" OnClick="ClearAllThread_Click" Text="ScanWriterable" /><br />
+<asp:Label ID="Lb_msg" runat="server" Text=""></asp:Label>
+<br />
+&nbsp;</div>
+<div>code by <a href ="http://www.cncert.net">www.cncert.net</a></div>
+</form>
+</body>
+</html>