Jump to content
Sign in to follow this  
DirtDBaK

AutoIT Server Consle - Acess+Download Any File From Your Computer Now w/ comment sys!

Recommended Posts

DirtDBaK

Ok updated the server consle to be more secure... heres the source

Posted Image

#include <web.au3>
#include <webGUI.au3>
#include <file.au3>
$Shutdown = 0
_StartWebApp_Session("Server Consle - BETA -" )
beep(9000,150)
If $shutdown = 1 Then die('Shutdown for secuity reasons, be back up tommorrow morning!')
Global $url = iniRead( @scriptdir & "\set.ini", "last_url", 'last', "C:\" )
Dim $temp,$temp1,$temp2
Echo( '<p align="center"><img src="header.jpg" alt="header" /><font color="green" size="5"><Br>Beta Ver 0.1 Server Name:</font><font color="green" Size="5"> '&@ComputerName&'</font><BR>' )
Echo( '<a href=index.au3>Old Server Consle</a> | <B><a href="http://www.autoitscript.com/forum/index.php?showtopic=55873">View This On The AutoIT Forum</a></B> | <a href="test2.au3">Online AutoIT Compiler</a></P><br>' )
_WebGuiStartGroup("Folder")
_WebGuiCreateInput( "DirField", $url , "150" )
_WebGuiCreateButton( "ViewBtn", "View" )
_WebGuiEndGroup()
If _Post('Viewbtn') Then
    ;If _Post('password') = '****' then
    $url = _post('dirfield')
    If StringInStr( $url, "\" ) <> StringLen( $url ) Then $url = $url & "\"
    $files = _FileListToArray( $url, '*.*' )
    If StringInStr( $url, "C:\windows") or StringInStr($url, "C:\Documents and Settings\") Then 
        _WebGuiStartGroup( "Folder Blocked!" )
        Echo('<B>This Folder has been blocked!</b>')
        _WebGuiEndGroup( )
    Else
    iniwrite( @scriptdir & "\set.ini", "last_url", 'last', $url)
    If isarray( $files ) Then
    For $i = 1 to $files[0] step 1
        If StringInStr($files[$i],'windows') = 0 Then $temp = $files[$i] & "|" & $temp
    Next
    _WebGuiStartGroup('<B>Files:</B>')
    echo( '<br><B><font color="red">' & $url & '</font></b><br>' )
    _WebGuiCreateCombo( "FilePanel", "--------------------------------------------------------------------DBAK SEVER CONSLE---------------------------------------------------------------------------|" & $temp, 35 )
    Echo('<BR>')
    _WebGuiCreateButton( 'read', "Open" )
    _WebGuiCreateButton( 'download', "Download File" )
    Else
    _msgbox("Directory Doesn't Exist!")
    EndIf
    Endif
ElseIf _Post('download') Then
            
            If _Post('password') = '2459' then
            _WebGuiStartGroup('<B>Download Link:</B>')
            If FileExists( $url &  _Post('FilePanel') ) Then
                $random = Round(Random(2459,245596),0)
                $Fname = StringSplit($url & _Post('FilePanel'), '.')
                FileCopy( $url & _Post('FilePanel'), @ScriptDir & '\Uploads\' & $Random & '.' & $Fname[$Fname[0]], 9 )
                Echo('<B><BR><a href="/Uploads/'&$random&'.'&$fname[$fname[0]]&'">Your File: '& $Random & '.' & $fname[$fname[0]] &'</a></B>' )
            Else 
                _msgbox("File Does not exist!")
            Endif
            Else
            Echo('<Br><B>ERROR:</b> Input Correct Password')
            Endif

ElseIF _Post('read') Then
$url = iniRead( @scriptdir & "\set.ini", "last_url", 'last', "C:\" )
    If StringInStr( _Post('FilePanel'), '.' ) <> 0 Then
        _WebGuiStartGroup('<B>Read:</B>')
        StringReplace( $url, "\", "" )
        If StringInStr( $url, "\", -1, @extended ) <> StringLen( $url ) Then $url = $url & "\"
        ;$url = StringReplace( $url, "/", "\" )
        $db = $url & _Post('FilePanel')
        echo('Attempting to open: ' & $db )
        If _Post('password') = '2459' then
        If FileExists( $db ) Then
            $fhand = FileOpen( $db, 0 )
            $data = FileRead( $fhand )
            FileClose( $fhand )
            $data = StringReplace( $data, @CRLF, '<BR>' )
            echo( "<br>" & $data )
        Else
            _Msgbox("File not found!")
        Endif
    Else
        Echo('<Br><B>ERROR:</b> Input Correct Password')
        Endif
    Elseif _Post('FilePanel') <> '' and StringInStr( _Post('File Panel'), '-------------------------------------------') = 0 then
        _WebGuiStartGroup('<B>Files:</B>')
        StringReplace( $url, "\", "" )
        If StringInStr( $url, "\", -1, @extended ) <> StringLen( $url ) Then $url = $url & "\"
        ;$url = StringReplace( $url, "/", "\" )
        $url = $url & _Post('FilePanel')
        If StringInStr($url, 'Documents and Settings') = 0 then
        ;_Msgbox($url)
        $files = _FileListToArray( $url, '*.*' )
        If isarray( $files ) Then
        For $i = 1 to $files[0] step 1
            If $files[$i] <> 'windows'  and $files[$i] <> 'Abyss web server' Then $temp = $files[$i] & "|" & $temp
        Next
         iniwrite( @scriptdir & "\set.ini", "last_url", "Last", $url)
        echo( '<br><B><font color="red">' & $url & '</font></b><br>' )
        _WebGuiCreateCombo( "FilePanel", "-------------------------------------------------------DBAK SEVER CONSLE-----------------------------------------------------|" & $temp, 35 )
        Echo('<BR>')
        _WebGuiCreateButton( 'read', "Open" )
        _WebGuiCreateButton( 'download', "Download File" )
        Else
        ;_msgbox($url)
        _msgbox("Directory Doesn't Exist!")
        Endif
        Else
        _WebGuiStartGroup( "Folder Blocked!" )
        Echo('<B>This Folder has been blocked!</b>')
        _WebGuiEndGroup()
        Endif
    endif
Else    
    _WebGuiStartGroup('<B>Files:</B>')
    echo('No Files to list')
Endif
If _Post('SubmitC') Then
    $name = _Post('Name')
    $msg = _Post('Comment')
    If StringInStr( $msg, "</script" ) <> 0 Then $msg = StringReplace( $msg, "script", "" )
    If StringLen( $name ) = 0 or StringLen( $msg ) = 0 Then 
        _MsgBox("You have to have a name and a comment!")
    Else
    IniWrite( @Scriptdir & "\Comments.ini", "Comments", Round(Random(1000,9999), 0), $name & '|' & $msg )
    Endif
Endif

_WebGuiEndGroup()
_WebGuiStartGroup( 'Password' )
echo('<P align="center">Download/Read Password:')
WebGuiCreatePassword( 'Password' )
_WebGuiEndGroup()
_WebGuiStartGroup( 'Comments' )
$Cmts = IniReadSection( @Scriptdir & "\Comments.ini", "Comments" )
If IsArray( $Cmts ) Then
For $it = 1 to $Cmts[0][0] step 1
    $Dat = StringSplit( $Cmts[$it][1], "|" )
    Echo( '<Hr /><br><b>Name:'&$DAT[1]&'</b><br>'&$Dat[2] )
Next
Else
    Echo(  '<Hr /><b>No Comments</b><BR>' )
endif

Echo( '<hr />')
_WebGuiCreateInput( 'Name', 'Your Name' )
Echo( '<br>' )
_WebGuiCreateEdit( 'Comment', 'Your Comment Goes here' )
Echo( '<br>' )
_WebGuiCreateButton( 'SubmitC', 'Add comment' )
_WebGuiEndGroup()
Echo( '<Br><p align="Center"><a href=index.au3>Old Server Consle</a> | <B><a href="http://www.autoitscript.com/forum/index.php?showtopic=55873">View This On The AutoIT Forum</a></B> | <a href="test2.au3">Online AutoIT Compiler</a><br></p>' )

Enjoy

SHUT DOWN RIGHT NOW BECAUSE IM CHANGING IT:

Example: http://65.31.38.216/server.au3

The Web.au3 and the WebGui.au3 can be found at HERE

Posted Image

Edited by DBak

[center][/center]

Share this post


Link to post
Share on other sites
Dhilip89

Looks good.

How about make the file list with icon, file type, size, date ?


[u]My Projects[/u]:General:WinShell (Version 1.6)YouTube Video Downloader Core (Version 2.0)Periodic Table Of Chemical Elements (Version 1.0)Web-Based:Directory Listing Script Written In AutoIt3 (Version 1.9 RC1)UDFs:UnicodeURL UDFHTML Entity UDF[u]My Website:[/u]http://dhilip89.hopto.org/[u]Closed Sources:[/u]YouTube Video Downloader (Version 1.3)[quote]If 1 + 1 = 10, then 1 + 1 ≠ 2[/quote]

Share this post


Link to post
Share on other sites
DirtDBaK

Looks good.

How about make the file list with icon, file type, size, date ?

I cant use a list yet becuz im using a dropdown for the list i have now and it cant take icons, im not good in javascript.... and idk how i could implement it, cant use links...

Edited by DBak

[center][/center]

Share this post


Link to post
Share on other sites
Dhilip89

Ok well how do i get the icon for a file??

refer to my forum signatures, directory listing script.


[u]My Projects[/u]:General:WinShell (Version 1.6)YouTube Video Downloader Core (Version 2.0)Periodic Table Of Chemical Elements (Version 1.0)Web-Based:Directory Listing Script Written In AutoIt3 (Version 1.9 RC1)UDFs:UnicodeURL UDFHTML Entity UDF[u]My Website:[/u]http://dhilip89.hopto.org/[u]Closed Sources:[/u]YouTube Video Downloader (Version 1.3)[quote]If 1 + 1 = 10, then 1 + 1 ≠ 2[/quote]

Share this post


Link to post
Share on other sites
DirtDBaK

getting lots of hits but very little feedback... added a comment box at the bottem


[center][/center]

Share this post


Link to post
Share on other sites
ovoid

Very nice! Exactly what I need. I tested from my mobile phone (that is whay I need it) and work. Still a litle buggy at parsing wright dir name, I did not check yet, but basicly is all wright.

And very small footprint. I do care about this if I browse from mobile.

I store the pass in a external file and I quit reding .ini file.

I am not very good at html (I am not good at all) and I think that an "upload file" option would be also useful (I have a lot of stuff from work that I have to store in a USB-Stick.Would be much easyer if I could directly uploading to my computer). If you now a way to do this, plis, post-it...


Ovoid

Share this post


Link to post
Share on other sites
gseller

Nice!, can you zip up the three files and post em? I cannot make the three files I put together from your postings work.. LOL Sorry to be a bother.. Thank You <_<

Share this post


Link to post
Share on other sites
ptrex
Anteaus

Nice work, but I'd be a bit concerned if folks could download from \windows\system32\config\ - in principle if they can crack the security SAM they could obtain any and all passwords on the machine. Just an example. There needs to be some control over the root-folder of the session.

-Although OpenSSH suffers the same security-problem, which the developers seem to regard as a 'feature' rather than a bug!

Share this post


Link to post
Share on other sites
DirtDBaK

you cant download anything with out the password... I'll be adding all the files in a zip folder soon... Along with the updated code that has the comment system. I'm going to also make it block the windows folder.


[center][/center]

Share this post


Link to post
Share on other sites
gseller

GROOVY!! Looking forward to trying it out.. Thanks!

Share this post


Link to post
Share on other sites
DirtDBaK

WARNING: LARGE FIles can be uploaded and SCRIPT can run in the name tags.... you may want to be careful with this script...

Edited by DBak

[center][/center]

Share this post


Link to post
Share on other sites
Bradness

You spelled Personal AutoIt Server wrong. Other than that, I got an error but oh well. Dont really need it, but nice effort.


My Programs:Rock Paper ScissorsMy UDFs:NONE

Share this post


Link to post
Share on other sites
DirtDBaK

lol i cant belive i misspelled that ... but i tured it off becuz of chagnes..


[center][/center]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×