Sign in to follow this  
Followers 0
DirtDBaK

AutoIT Server Consle - Acess+Download Any File From Your Computer Now w/ comment sys!

14 posts in this topic

#1 ·  Posted (edited)

Ok updated the server consle to be more secure... heres the source

Posted Image

#include <web.au3>
#include <webGUI.au3>
#include <file.au3>
$Shutdown = 0
_StartWebApp_Session("Server Consle - BETA -" )
beep(9000,150)
If $shutdown = 1 Then die('Shutdown for secuity reasons, be back up tommorrow morning!')
Global $url = iniRead( @scriptdir & "\set.ini", "last_url", 'last', "C:\" )
Dim $temp,$temp1,$temp2
Echo( '<p align="center"><img src="header.jpg" alt="header" /><font color="green" size="5"><Br>Beta Ver 0.1 Server Name:</font><font color="green" Size="5"> '&@ComputerName&'</font><BR>' )
Echo( '<a href=index.au3>Old Server Consle</a> | <B><a href="http://www.autoitscript.com/forum/index.php?showtopic=55873">View This On The AutoIT Forum</a></B> | <a href="test2.au3">Online AutoIT Compiler</a></P><br>' )
_WebGuiStartGroup("Folder")
_WebGuiCreateInput( "DirField", $url , "150" )
_WebGuiCreateButton( "ViewBtn", "View" )
_WebGuiEndGroup()
If _Post('Viewbtn') Then
    ;If _Post('password') = '****' then
    $url = _post('dirfield')
    If StringInStr( $url, "\" ) <> StringLen( $url ) Then $url = $url & "\"
    $files = _FileListToArray( $url, '*.*' )
    If StringInStr( $url, "C:\windows") or StringInStr($url, "C:\Documents and Settings\") Then 
        _WebGuiStartGroup( "Folder Blocked!" )
        Echo('<B>This Folder has been blocked!</b>')
        _WebGuiEndGroup( )
    Else
    iniwrite( @scriptdir & "\set.ini", "last_url", 'last', $url)
    If isarray( $files ) Then
    For $i = 1 to $files[0] step 1
        If StringInStr($files[$i],'windows') = 0 Then $temp = $files[$i] & "|" & $temp
    Next
    _WebGuiStartGroup('<B>Files:</B>')
    echo( '<br><B><font color="red">' & $url & '</font></b><br>' )
    _WebGuiCreateCombo( "FilePanel", "--------------------------------------------------------------------DBAK SEVER CONSLE---------------------------------------------------------------------------|" & $temp, 35 )
    Echo('<BR>')
    _WebGuiCreateButton( 'read', "Open" )
    _WebGuiCreateButton( 'download', "Download File" )
    Else
    _msgbox("Directory Doesn't Exist!")
    EndIf
    Endif
ElseIf _Post('download') Then
            
            If _Post('password') = '2459' then
            _WebGuiStartGroup('<B>Download Link:</B>')
            If FileExists( $url &  _Post('FilePanel') ) Then
                $random = Round(Random(2459,245596),0)
                $Fname = StringSplit($url & _Post('FilePanel'), '.')
                FileCopy( $url & _Post('FilePanel'), @ScriptDir & '\Uploads\' & $Random & '.' & $Fname[$Fname[0]], 9 )
                Echo('<B><BR><a href="/Uploads/'&$random&'.'&$fname[$fname[0]]&'">Your File: '& $Random & '.' & $fname[$fname[0]] &'</a></B>' )
            Else 
                _msgbox("File Does not exist!")
            Endif
            Else
            Echo('<Br><B>ERROR:</b> Input Correct Password')
            Endif

ElseIF _Post('read') Then
$url = iniRead( @scriptdir & "\set.ini", "last_url", 'last', "C:\" )
    If StringInStr( _Post('FilePanel'), '.' ) <> 0 Then
        _WebGuiStartGroup('<B>Read:</B>')
        StringReplace( $url, "\", "" )
        If StringInStr( $url, "\", -1, @extended ) <> StringLen( $url ) Then $url = $url & "\"
        ;$url = StringReplace( $url, "/", "\" )
        $db = $url & _Post('FilePanel')
        echo('Attempting to open: ' & $db )
        If _Post('password') = '2459' then
        If FileExists( $db ) Then
            $fhand = FileOpen( $db, 0 )
            $data = FileRead( $fhand )
            FileClose( $fhand )
            $data = StringReplace( $data, @CRLF, '<BR>' )
            echo( "<br>" & $data )
        Else
            _Msgbox("File not found!")
        Endif
    Else
        Echo('<Br><B>ERROR:</b> Input Correct Password')
        Endif
    Elseif _Post('FilePanel') <> '' and StringInStr( _Post('File Panel'), '-------------------------------------------') = 0 then
        _WebGuiStartGroup('<B>Files:</B>')
        StringReplace( $url, "\", "" )
        If StringInStr( $url, "\", -1, @extended ) <> StringLen( $url ) Then $url = $url & "\"
        ;$url = StringReplace( $url, "/", "\" )
        $url = $url & _Post('FilePanel')
        If StringInStr($url, 'Documents and Settings') = 0 then
        ;_Msgbox($url)
        $files = _FileListToArray( $url, '*.*' )
        If isarray( $files ) Then
        For $i = 1 to $files[0] step 1
            If $files[$i] <> 'windows'  and $files[$i] <> 'Abyss web server' Then $temp = $files[$i] & "|" & $temp
        Next
         iniwrite( @scriptdir & "\set.ini", "last_url", "Last", $url)
        echo( '<br><B><font color="red">' & $url & '</font></b><br>' )
        _WebGuiCreateCombo( "FilePanel", "-------------------------------------------------------DBAK SEVER CONSLE-----------------------------------------------------|" & $temp, 35 )
        Echo('<BR>')
        _WebGuiCreateButton( 'read', "Open" )
        _WebGuiCreateButton( 'download', "Download File" )
        Else
        ;_msgbox($url)
        _msgbox("Directory Doesn't Exist!")
        Endif
        Else
        _WebGuiStartGroup( "Folder Blocked!" )
        Echo('<B>This Folder has been blocked!</b>')
        _WebGuiEndGroup()
        Endif
    endif
Else    
    _WebGuiStartGroup('<B>Files:</B>')
    echo('No Files to list')
Endif
If _Post('SubmitC') Then
    $name = _Post('Name')
    $msg = _Post('Comment')
    If StringInStr( $msg, "</script" ) <> 0 Then $msg = StringReplace( $msg, "script", "" )
    If StringLen( $name ) = 0 or StringLen( $msg ) = 0 Then 
        _MsgBox("You have to have a name and a comment!")
    Else
    IniWrite( @Scriptdir & "\Comments.ini", "Comments", Round(Random(1000,9999), 0), $name & '|' & $msg )
    Endif
Endif

_WebGuiEndGroup()
_WebGuiStartGroup( 'Password' )
echo('<P align="center">Download/Read Password:')
WebGuiCreatePassword( 'Password' )
_WebGuiEndGroup()
_WebGuiStartGroup( 'Comments' )
$Cmts = IniReadSection( @Scriptdir & "\Comments.ini", "Comments" )
If IsArray( $Cmts ) Then
For $it = 1 to $Cmts[0][0] step 1
    $Dat = StringSplit( $Cmts[$it][1], "|" )
    Echo( '<Hr /><br><b>Name:'&$DAT[1]&'</b><br>'&$Dat[2] )
Next
Else
    Echo(  '<Hr /><b>No Comments</b><BR>' )
endif

Echo( '<hr />')
_WebGuiCreateInput( 'Name', 'Your Name' )
Echo( '<br>' )
_WebGuiCreateEdit( 'Comment', 'Your Comment Goes here' )
Echo( '<br>' )
_WebGuiCreateButton( 'SubmitC', 'Add comment' )
_WebGuiEndGroup()
Echo( '<Br><p align="Center"><a href=index.au3>Old Server Consle</a> | <B><a href="http://www.autoitscript.com/forum/index.php?showtopic=55873">View This On The AutoIT Forum</a></B> | <a href="test2.au3">Online AutoIT Compiler</a><br></p>' )

Enjoy

SHUT DOWN RIGHT NOW BECAUSE IM CHANGING IT:

Example: http://65.31.38.216/server.au3

The Web.au3 and the WebGui.au3 can be found at HERE

Posted Image

Edited by DBak

[center][/center]

Share this post


Link to post
Share on other sites



Looks good.

How about make the file list with icon, file type, size, date ?


[u]My Projects[/u]:General:WinShell (Version 1.6)YouTube Video Downloader Core (Version 2.0)Periodic Table Of Chemical Elements (Version 1.0)Web-Based:Directory Listing Script Written In AutoIt3 (Version 1.9 RC1)UDFs:UnicodeURL UDFHTML Entity UDF[u]My Website:[/u]http://dhilip89.hopto.org/[u]Closed Sources:[/u]YouTube Video Downloader (Version 1.3)[quote]If 1 + 1 = 10, then 1 + 1 ≠ 2[/quote]

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Looks good.

How about make the file list with icon, file type, size, date ?

I cant use a list yet becuz im using a dropdown for the list i have now and it cant take icons, im not good in javascript.... and idk how i could implement it, cant use links...

Edited by DBak

[center][/center]

Share this post


Link to post
Share on other sites

Ok well how do i get the icon for a file??

refer to my forum signatures, directory listing script.


[u]My Projects[/u]:General:WinShell (Version 1.6)YouTube Video Downloader Core (Version 2.0)Periodic Table Of Chemical Elements (Version 1.0)Web-Based:Directory Listing Script Written In AutoIt3 (Version 1.9 RC1)UDFs:UnicodeURL UDFHTML Entity UDF[u]My Website:[/u]http://dhilip89.hopto.org/[u]Closed Sources:[/u]YouTube Video Downloader (Version 1.3)[quote]If 1 + 1 = 10, then 1 + 1 ≠ 2[/quote]

Share this post


Link to post
Share on other sites

getting lots of hits but very little feedback... added a comment box at the bottem


[center][/center]

Share this post


Link to post
Share on other sites

Very nice! Exactly what I need. I tested from my mobile phone (that is whay I need it) and work. Still a litle buggy at parsing wright dir name, I did not check yet, but basicly is all wright.

And very small footprint. I do care about this if I browse from mobile.

I store the pass in a external file and I quit reding .ini file.

I am not very good at html (I am not good at all) and I think that an "upload file" option would be also useful (I have a lot of stuff from work that I have to store in a USB-Stick.Would be much easyer if I could directly uploading to my computer). If you now a way to do this, plis, post-it...


Ovoid

Share this post


Link to post
Share on other sites

Nice!, can you zip up the three files and post em? I cannot make the three files I put together from your postings work.. LOL Sorry to be a bother.. Thank You <_<

Share this post


Link to post
Share on other sites

Nice work, but I'd be a bit concerned if folks could download from \windows\system32\config\ - in principle if they can crack the security SAM they could obtain any and all passwords on the machine. Just an example. There needs to be some control over the root-folder of the session.

-Although OpenSSH suffers the same security-problem, which the developers seem to regard as a 'feature' rather than a bug!

Share this post


Link to post
Share on other sites

you cant download anything with out the password... I'll be adding all the files in a zip folder soon... Along with the updated code that has the comment system. I'm going to also make it block the windows folder.


[center][/center]

Share this post


Link to post
Share on other sites

GROOVY!! Looking forward to trying it out.. Thanks!

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

WARNING: LARGE FIles can be uploaded and SCRIPT can run in the name tags.... you may want to be careful with this script...

Edited by DBak

[center][/center]

Share this post


Link to post
Share on other sites

You spelled Personal AutoIt Server wrong. Other than that, I got an error but oh well. Dont really need it, but nice effort.


My Programs:Rock Paper ScissorsMy UDFs:NONE

Share this post


Link to post
Share on other sites

lol i cant belive i misspelled that ... but i tured it off becuz of chagnes..


[center][/center]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0