DZone Snippets: webshell code http://snippets.dzone.com/posts Fri, 25 Jul 2008 00:53:06 GMT DZone Snippets: webshell code webshell dos html homepage http://snippets.dzone.com/posts/show/890 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" <br />"http://www.w3.org/TR/html4/loose.dtd"> <br /><html> <br /><head> <br /><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <br /><title>.com</title> <br /></head> <br /><style> <br /> html { height:100%; } <br /> body { <br /> height:100%; <br /> border:0px; <br /> margin:0px; <br /> background-color:#000000; <br /> color:#CCCCCC; <br /> font-family:FixedSys, Terminal, system, verdana, arial; <br /> font-size:12px; <br /> /*font-weight:bold;*/ <br /> } <br /> <br /> a { <br /> text-decoration:none; <br /> color:#CCCCCC; <br /> } <br /> <br /> a:hover { <br /> text-decoration:none; <br /> color:#CCCCCC; <br /> } <br /> <br /> b { <br /> font-weight:normal; <br /> } <br /> <br /> strong { <br /> font-weight:normal; <br /> } <br /> <br /> .entryBox { <br /> position:absolute; <br /> bottom:0px; <br /> left:-300px; <br /> } <br /></style> <br /> <br /> <br /><script language="javascript" src="js/js.js"></script> <br /> <br /><body onLoad="setFocusToEntryBox();" onFocus="setFocusToEntryBox();"> <br /> <table cellpadding="0" cellspacing="0" border="0" height="100%" width="100%"> <br /> <tr> <br /> <td height="100%" width="100%" onClick="setFocusToEntryBox();" valign="top"> <br /> <div style="width:750px;"> <br /> <div id="outputContainer">Welcome to 20-GOTO-10.com<br />Type help to begin.<br /><br /></div> <br /> <div style="position:relative;"> <br /> <span id="commandPrompt"></span>&nbsp;<span id="commandContainer"></span><img src="images/cursor.gif" align="absbottom" /> <br /> <input type="text" id="entryBox" class="entryBox" onKeyDown="keyCode=(event.which)? event.which: event.keyCode;if(keyCode==55 && event.shiftKey){alert('Sorry the use of \'&\' is not allowed.');return false;}" onKeyUp="handleKeyPress((event.which)? event.which: event.keyCode, this);"> <br /> </div> <br /> </div> <br /> </td> <br /> </tr> <br /> </table> <br /></body> <br /></html> <br /> <br /><script language="javascript"> <br />document.getElementById('commandPrompt').innerHTML = 'C:\\>'; <br /> <br />//Preload the image to avoid the scroll thingy <br />var oImg = new Image(); <br />oImg.src = '/dos3/images/Me.gif'; <br /></script> Mon, 14 Nov 2005 16:18:12 GMT http://snippets.dzone.com/posts/show/890 mornlee (mornlee) 20-GOTO-10 webshell dos javascript http://snippets.dzone.com/posts/show/889 var arrCommandHistory = new Array(); <br />var iCommandHistoryIndex = 0; <br />var isContactMode = false; <br />var contactPrompt = ''; <br /> <br />function handleKeyPress(keyCode, obj) { <br /> switch(keyCode) <br /> { <br /> case 13: <br /> handleReturn(obj); <br /> break; <br /> case 38: <br /> if(iCommandHistoryIndex > 0) { <br /> iCommandHistoryIndex --; <br /> document.getElementById('commandContainer').innerHTML = arrCommandHistory[iCommandHistoryIndex]; <br /> document.getElementById('entryBox').value = arrCommandHistory[iCommandHistoryIndex]; <br /> } <br /> break; <br /> case 40: <br /> if(iCommandHistoryIndex < arrCommandHistory.length) { <br /> if(iCommandHistoryIndex < arrCommandHistory.length-1) { <br /> iCommandHistoryIndex ++; <br /> } <br /> document.getElementById('commandContainer').innerHTML = arrCommandHistory[iCommandHistoryIndex]; <br /> document.getElementById('entryBox').value = arrCommandHistory[iCommandHistoryIndex]; <br /> } <br /> break; <br /> default: <br /> document.getElementById('commandContainer').innerHTML = obj.value.replace(/ /g, '&nbsp;'); <br /> } <br />} <br /> <br />function handleReturn(obj) { <br /> arrCommandHistory[arrCommandHistory.length] = obj.value; <br /> iCommandHistoryIndex = arrCommandHistory.length; <br /> var head=document.getElementsByTagName('head').item(0); <br /> var old=document.getElementById('lastScript'); <br /> if(old)head.removeChild(old); <br /> script=document.createElement('script'); <br /> script.src='RPC-Executer.aspx?command='+obj.value+'&random='+(Math.round((Math.random()*1000)+1)); <br /> script.type='text/javascript'; script.defer=true; <br /> script.id='lastScript'; <br /> void(head.appendChild(script)); <br />} <br /> <br />function RPCCallback(sHTML) { <br /> sHTML = sHTML.replace(/&lt;/g, '<'); <br /> var obj = document.getElementById('entryBox'); <br /> var sOutput = ''; <br /> if(!isContactMode) { <br /> sOutput += '<div style="padding-bottom:15px;">C:\\> '+obj.value+'<br />'; <br /> setPromptToNormal(); <br /> } else { <br /> sOutput += '<div style="padding-bottom:15px;">'+document.getElementById('commandPrompt').innerHTML+'&nbsp;'+obj.value+'<br />'; <br /> document.getElementById('commandPrompt').innerHTML = contactPrompt+': '; <br /> } <br /> sOutput += sHTML;sOutput += '</div>'; <br /> document.getElementById('outputContainer').innerHTML += sOutput; <br /> obj.value = ''; <br /> document.getElementById('commandContainer').innerHTML = ''; <br /> window.scrollBy(0,10000); <br />} <br /> <br />function RPCCallbackClearScreen() { <br /> document.getElementById('entryBox').value = ''; <br /> document.getElementById('outputContainer').innerHTML = '<br>'; <br /> document.getElementById('commandContainer').innerHTML = ''; <br /> window.scrollBy(0,-10000); <br />} <br /> <br />function setPromptToNormal() { <br /> document.getElementById('commandPrompt').innerHTML = 'C:\\>'; <br />} <br /> <br />function popUp(sURL) { <br /> var oWin = window.open(sURL, '', 'toolbar=1,scrollbars=1,location=1,statusbar=1,menubar=1,resizable=1'); <br /> if (oWin==null || typeof(oWin)=="undefined") { <br /> alert("It seems that you have a popup blocker enabled. Please disable it and try again."); <br /> } <br />} <br /> <br />function setFocusToEntryBox() { <br /> var o = document.getElementById('entryBox'); <br /> o.focus(); <br /> o.value = o.value; <br />} <br /> Mon, 14 Nov 2005 16:15:40 GMT http://snippets.dzone.com/posts/show/889 mornlee (mornlee)