package com.datacloudsec.scan.service.impl;

import com.datacloudsec.annotations.Transactional;
import com.datacloudsec.exception.UEException;
import com.datacloudsec.scan.common.Constant;
import com.datacloudsec.scan.dao.DeviceGroupMapper;
import com.datacloudsec.scan.dao.DeviceMapper;
import com.datacloudsec.scan.dao.EngineMapper;
import com.datacloudsec.scan.dao.LogMapper;
import com.datacloudsec.scan.dao.PwdMapper;
import com.datacloudsec.scan.dao.PwddicMapper;
import com.datacloudsec.scan.dao.SysBugMapper;
import com.datacloudsec.scan.dao.TaskMapper;
import com.datacloudsec.scan.entity.Task;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IEngine;
import com.datacloudsec.scan.service.IPwd;
import com.datacloudsec.scan.service.IReport;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.tasks.InitSystemTask;
import com.datacloudsec.scan.tasks.scheduler.job.AlermJob;
import com.datacloudsec.utils.ComonZipUtil;
import com.datacloudsec.utils.DataRule;
import com.datacloudsec.utils.EntryResult;
import com.datacloudsec.utils.IPUtil;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.JbossDecryptor;
import com.datacloudsec.utils.JsonUtil;
import com.datacloudsec.utils.MybatisUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.PoiExcelUtils;
import com.datacloudsec.utils.SerializeUtil;
import com.datacloudsec.utils.SftpDownloader;
import com.datacloudsec.utils.WebLogicPwdDecryptor;
import com.datacloudsec.utils.XmlUtils;
import com.datacloudsec.utils.ZipUtil;
import com.fasterxml.jackson.core.type.TypeReference;
import com.google.common.collect.Sets;
import java.io.File;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpSession;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ibatis.session.SqlSession;
import org.apache.log4j.Logger;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;

/* loaded from: input_file:com/datacloudsec/scan/service/impl/PwdService.class */
public class PwdService extends TaskBaseService implements IPwd {
    private PwdMapper pwdMapper = (PwdMapper) InstanceUtil.newDaoInstance(PwdMapper.class);
    private IEngine engine = new EngineService();
    private SysBugMapper sysBugMapper = (SysBugMapper) InstanceUtil.newDaoInstance(SysBugMapper.class);
    private DeviceMapper deviceMapper = (DeviceMapper) InstanceUtil.newDaoInstance(DeviceMapper.class);
    private DeviceGroupMapper deviceGroupMapper = (DeviceGroupMapper) InstanceUtil.newDaoInstance(DeviceGroupMapper.class);
    private PwddicMapper pwddicMapper = (PwddicMapper) InstanceUtil.newDaoInstance(PwddicMapper.class);
    private EngineMapper engineMapper = (EngineMapper) InstanceUtil.newDaoInstance(EngineMapper.class);
    private LogMapper logMapper = (LogMapper) InstanceUtil.newDaoInstance(LogMapper.class);
    private Logger LOG = Logger.getLogger(PwdService.class);
    public static final String ORACLE_USER = "SYS|SYSTEM|OUTLN|DIP|ORACLE_OCM|DBSNMP|APPQOSSYS|WMSYS|XS$NULL|EXFSYS|CTXSYS|XDB|OLAPSYS|ORDSYS|ORDDATA|ORDPLUGINS|SI_INFORMTN_SCHEMA|MDSYS|MDDATA|SPATIAL_WFS_ADMIN_USR|WFS_USR_ROLE|SPATIAL_CSW_ADMIN|SPATIAL_CSW_ADMIN_USR|CSW_USR_ROLE|SYSMAN|MGMT_VIEW|FLOWS_FILES|APEX_PUBLIC_USER|APEX_030200|OWBSYS|OWB$CLIENT|OWBSYS_AUDIT|SCOTT|HR|OE|IX|SH|PM|BI";

    @Override // com.datacloudsec.scan.service.IPwd
    public Map<String, List<Map<String, Object>>> queryTaskDevs(HttpSession httpSession) throws Exception {
        return EntryResult.parseEntryListMap(this.pwdMapper.queryTaskDevs(DataRule.getRuleWhere(httpSession, "t_task")), "name");
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void impOfflinePwd(Object obj, Integer num) throws Exception {
        File file;
        Map<String, Object> templateById = this.pwddicMapper.getTemplateById(ObjectUtil.getInt(((Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(this.pwdMapper.getTaskBydevId(num).getConfContent(), "{}"), new TypeReference<Map<String, Object>>() { // from class: com.datacloudsec.scan.service.impl.PwdService.1
        })).get("passwords")));
        String string = ObjectUtil.getString(templateById.get("path"), null);
        if (string == null) {
            file = new File(Constant.TEMP_DIR, String.valueOf(System.nanoTime()) + ".txt");
            FileUtils.writeStringToFile(file, ObjectUtil.getString(templateById.get("content"), "").replace("|", "\n"));
        } else {
            file = new File(Constant.PWDDIC_DIC, string);
        }
        if (obj instanceof List) {
            Iterator it = ((List) obj).iterator();
            while (it.hasNext()) {
                offlineCheck((String) it.next(), file, null, num);
            }
        } else {
            offlineCheck(ObjectUtil.getString(obj, ""), file, null, num);
        }
        Map<String, Object> taskDevById = this.pwdMapper.getTaskDevById(num);
        String string2 = ObjectUtil.getString(taskDevById.get("confContent"), "");
        if (StringUtils.isNotBlank(string2) && string2.contains("offPwdFile")) {
            for (Map.Entry<String, Object> entry : ((Map) JsonUtil.MAPPER.readValue(string2, HashMap.class)).entrySet()) {
                if (entry.getValue() instanceof Map) {
                    downloadPwdFile((Map) entry.getValue(), entry, ObjectUtil.getString(taskDevById.get("ip"), ""), file, null, num);
                } else {
                    Iterator it2 = ((List) entry.getValue()).iterator();
                    while (it2.hasNext()) {
                        downloadPwdFile((Map) it2.next(), entry, ObjectUtil.getString(taskDevById.get("ip"), ""), file, null, num);
                    }
                }
            }
        }
        this.sysBugMapper.insertPwdStatics(this.sysBugMapper.pwdCountByDev(num), new Date(), num);
        Integer pwdStaCount = this.sysBugMapper.pwdStaCount();
        if (pwdStaCount == null || pwdStaCount.intValue() <= 7) {
            return;
        }
        this.sysBugMapper.delPwdStaOneWeek();
    }

    private void downloadPwdFile(Map<String, Object> map, Map.Entry<String, Object> entry, String str, File file, List<Map<String, Object>> list, Integer num) throws Exception {
        String string = ObjectUtil.getString(map.get("offPwdFile"), "");
        if ("".equals(string)) {
            return;
        }
        ArrayList<File> arrayList = new ArrayList();
        for (String str2 : string.split("`")) {
            String sb = new StringBuilder(String.valueOf(System.currentTimeMillis())).toString();
            String substring = str2.substring(str2.lastIndexOf("/") + 1);
            if (entry.getKey().equals(ReportService.REPORT_STATE_READY) || (entry.getKey().equals("3") && ObjectUtil.getString(map.get("linuxV"), "").contains("weblogic"))) {
                sb = substring;
            } else if (substring.contains(".")) {
                sb = String.valueOf(sb) + substring.substring(substring.lastIndexOf("."));
            }
            File file2 = new File(Constant.TEMP_DIR, sb);
            SftpDownloader.download(ObjectUtil.getString(map.get("uname"), ""), ObjectUtil.getString(map.get(IReport.REPORT_TYPE_PWD), ""), str, 22, file2.getPath().trim(), str2.trim());
            if (entry.getKey().equals("3") && ObjectUtil.getString(map.get("linuxV"), "").contains("weblogic")) {
                arrayList.add(file2);
            } else if (entry.getKey().equals(ReportService.REPORT_STATE_READY)) {
                arrayList.add(file2);
            } else {
                offlineCheck(sb, file, list, num);
            }
        }
        if (arrayList == null || arrayList.size() <= 0) {
            return;
        }
        File file3 = new File(Constant.TEMP_DIR, String.valueOf(System.currentTimeMillis()) + ".zip");
        ZipUtil.toZip(file3, (File[]) arrayList.toArray(new File[arrayList.size()]), null);
        for (File file4 : arrayList) {
            if (file4 != null && file4.exists()) {
                file4.delete();
            }
        }
        offlineCheck(file3.getName(), file, list, num);
    }

    private void offlineCheck(String str, File file, List<Map<String, Object>> list, Integer num) throws Exception {
        if (StringUtils.isBlank(str)) {
            return;
        }
        File file2 = new File(Constant.TEMP_DIR, str);
        String lowerCase = str.toLowerCase();
        File file3 = new File(Constant.TEMP_DIR, String.valueOf(System.currentTimeMillis()) + ".txt");
        if (lowerCase.endsWith(".txt")) {
            list = execHash(file.getAbsolutePath(), file2.getAbsolutePath(), "windows离线检查", num, null);
            this.engineMapper.delPwds1(num, "windows离线检查");
        } else if (lowerCase.endsWith(".zip")) {
            File unZip = ZipUtil.unZip(file2, null, null);
            File file4 = new File(unZip, "passwd");
            File file5 = new File(unZip, "shadow");
            if (file4 == null || !file4.exists() || file5 == null || !file5.exists()) {
                File file6 = new File(unZip, "boot.properties");
                File file7 = new File(unZip, "SerializedSystemIni.dat");
                list = new ArrayList();
                String str2 = "\n" + FileUtils.readFileToString(file, "utf8").replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n") + "\n";
                Map<String, Object> exec = WebLogicPwdDecryptor.exec(file6, file7);
                Iterator<Map.Entry<String, Object>> it = exec.entrySet().iterator();
                while (it.hasNext()) {
                    if (StringUtils.isBlank(ObjectUtil.getString(it.next().getValue(), ""))) {
                        exec.put("protocol", "weblogic离线检查");
                        list.add(exec);
                    }
                }
                if (str2.contains("\n" + ObjectUtil.getString(exec.get("password"), "") + "\n")) {
                    exec.put("protocol", "weblogic离线检查");
                    list.add(exec);
                }
                this.engineMapper.delPwds1(num, "weblogic离线检查");
            } else {
                Process exec2 = Runtime.getRuntime().exec(String.valueOf(new File(Constant.WORK_DIR, "tools/pwdext").getAbsolutePath()) + "/unshadow " + file4.getAbsolutePath() + " " + file5.getAbsolutePath());
                FileUtils.writeStringToFile(file3, IOUtils.toString(exec2.getInputStream()));
                exec2.destroy();
                list = execHash(file.getAbsolutePath(), file3.getAbsolutePath(), "linux离线检查", num, null);
                this.engineMapper.delPwds1(num, "linux离线检查");
            }
            FileUtils.deleteDirectory(unZip);
        } else if (lowerCase.endsWith(".xml")) {
            String str3 = "\n" + FileUtils.readFileToString(file, "utf8").replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n") + "\n";
            Element rootElement = DocumentHelper.parseText(FileUtils.readFileToString(file2, "utf8")).getRootElement();
            list = new ArrayList();
            List<Element> elements = rootElement.elements("user");
            if (CollectionUtils.isEmpty(elements)) {
                HashMap hashMap = new HashMap();
                hashMap.put("protocol", "tomcat离线检查");
                hashMap.put("username", "");
                hashMap.put("password", "");
                hashMap.put("deviceid", num);
                list.add(hashMap);
            } else {
                for (Element element : elements) {
                    String attributeValue = element.attributeValue("username");
                    String attributeValue2 = element.attributeValue("password");
                    if (str3.contains("\n" + attributeValue2 + "\n")) {
                        HashMap hashMap2 = new HashMap();
                        hashMap2.put("protocol", "tomcat离线检查");
                        hashMap2.put("username", attributeValue);
                        hashMap2.put("password", attributeValue2);
                        hashMap2.put("deviceid", num);
                        list.add(hashMap2);
                    }
                }
            }
            if (list.size() == 0) {
                try {
                    Iterator it2 = rootElement.selectNodes("//*[name()='datasources']/*[name()='datasource']").iterator();
                    while (it2.hasNext()) {
                        Map<String, Object> xml2MapData = XmlUtils.xml2MapData((Element) it2.next());
                        Map map = (Map) xml2MapData.get("security");
                        if (map != null) {
                            String string = ObjectUtil.getString(map.get("user-name"), "");
                            String string2 = ObjectUtil.getString(map.get("password"), "");
                            if (str3.contains("\n" + string2 + "\n")) {
                                HashMap hashMap3 = new HashMap();
                                hashMap3.put("protocol", "jboss离线检查（未加密）");
                                hashMap3.put("username", string);
                                hashMap3.put("password", string2);
                                hashMap3.put("deviceid", num);
                                list.add(hashMap3);
                            }
                        } else {
                            String string3 = ObjectUtil.getString(xml2MapData.get("security-domain"), "");
                            if (StringUtils.isNotBlank(string3)) {
                                List selectNodes = rootElement.selectNodes("//*[name()='security-domain'][@name='" + string3 + "']/*[name()='authorization']/*[name()='login-module']/*");
                                ArrayList arrayList = new ArrayList();
                                Iterator it3 = selectNodes.iterator();
                                while (it3.hasNext()) {
                                    arrayList.add(XmlUtils.xml2mapWithAttrData((Element) it3.next()));
                                }
                                Map<String, Map<String, Object>> parseEntryMap = EntryResult.parseEntryMap(arrayList, "@name");
                                String string4 = ObjectUtil.getString(parseEntryMap.get("username").get("@value"), "");
                                String decode = JbossDecryptor.decode(ObjectUtil.getString(parseEntryMap.get("password").get("@value"), ""));
                                if (str3.contains("\n" + decode + "\n")) {
                                    HashMap hashMap4 = new HashMap();
                                    hashMap4.put("protocol", "jboss离线检查（已加密）");
                                    hashMap4.put("username", string4);
                                    hashMap4.put("password", decode);
                                    hashMap4.put("deviceid", num);
                                    list.add(hashMap4);
                                }
                            }
                        }
                    }
                } catch (Exception e) {
                    this.LOG.error("", e);
                }
            }
            this.engineMapper.delPwds1(num, "tomcat离线检查");
        } else if (lowerCase.endsWith(".myd")) {
            Process exec3 = Runtime.getRuntime().exec(new String[]{"/bin/sh", "-c", "strings " + file2.getAbsolutePath() + ">" + file3.getAbsolutePath()});
            exec3.getInputStream();
            exec3.waitFor();
            exec3.destroy();
            list = execHash(file.getAbsolutePath(), file3.getAbsolutePath(), "mysql离线检查", num, null);
            this.engineMapper.delPwds1(num, "mysql离线检查");
        } else if (lowerCase.endsWith(".ora") || lowerCase.endsWith(".") || !lowerCase.contains(".")) {
            Process exec4 = Runtime.getRuntime().exec(new String[]{"/bin/sh", "-c", "strings " + file2.getAbsolutePath() + ">" + file3.getAbsolutePath()});
            exec4.getInputStream();
            exec4.waitFor();
            exec4.destroy();
            List<String> readLines = FileUtils.readLines(file3, "UTF-8");
            StringBuilder sb = new StringBuilder();
            for (String str4 : readLines) {
                if (StringUtils.isNotBlank(str4) && str4.length() == 16) {
                    for (String str5 : ORACLE_USER.split("\\|")) {
                        sb.append(str5).append(":").append(str4).append("\n");
                    }
                }
            }
            FileUtils.writeStringToFile(file3, sb.toString(), "UTF-8");
            list = execHash(file.getAbsolutePath(), file3.getAbsolutePath(), "Oracle离线检查", num, "--format=oracle");
            this.engineMapper.delPwds1(num, "Oracle离线检查");
        }
        if (list != null && list.size() > 0) {
            this.engineMapper.sysAddPwds1(num, list);
        }
        file3.delete();
        file2.delete();
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void delete(HttpSession httpSession, Integer num, Integer num2) throws Exception {
        int intValue = this.pwdMapper.queryTaskDevCount(null, null, 1, num).intValue();
        if (intValue > 0) {
            throw new UEException("该任务中有" + intValue + "个资产正在扫描，请先停止该任务中所有正在扫描的资产再删除！");
        }
        delTask(httpSession, num, num2);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public Integer insert(HttpSession httpSession, String str, String str2, Integer num, String str3, Integer num2, String str4, String str5, String str6, String str7, String str8, String str9, String str10, String str11, Integer num3, String str12) throws Exception {
        String string = ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), "");
        if (!string.contains(IReport.REPORT_TYPE_PWD)) {
            throw new UEException("弱口令扫描任务未授权");
        }
        if (InitSystemTask.licenseApp.valudate(getLicCp(string, IReport.REPORT_TYPE_PWD).getAuthDay()) != 0) {
            throw new UEException("弱口令任务授权已过期");
        }
        User user = null;
        try {
            user = (User) httpSession.getAttribute(IUser.USER_INFO);
            Integer taskCountByName = this.pwdMapper.getTaskCountByName(str, 3, user.getId(), null);
            if (taskCountByName != null && taskCountByName.intValue() > 0) {
                throw new UEException("任务名称已存在！");
            }
        } catch (Exception e) {
            Integer tcountForOthers = this.pwdMapper.getTcountForOthers(str, 3, null);
            if (tcountForOthers != null && tcountForOthers.intValue() > 0) {
                throw new UEException("任务名称已存在！");
            }
        }
        Integer add = add(null, str, str2, num, str3, num2, str4, str5, str6, str7, str8, str9, str10, null, 3, str11, num3, str12, httpSession);
        if (num.intValue() == 1) {
            boolean z = true;
            for (Map<String, Object> map : this.pwdMapper.getTaskDevByTid(add)) {
                try {
                    start(ObjectUtil.getInt(map.get("id")));
                } catch (Exception e2) {
                    z = false;
                    this.LOG.error("立即扫描异常URL（" + map.get("url") + "）：", e2);
                }
            }
            if (z) {
                this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描弱口令任务", "", 1, "扫描成功");
            } else {
                this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描弱口令任务", "", 2, "扫描失败");
            }
        }
        startTimer(add, num, str8, num2, str3, str4);
        return add;
    }

    @Override // com.datacloudsec.scan.service.IPwd
    @Transactional
    public void insertOffPwd(HttpSession httpSession, String str, String str2, String str3, String str4, Integer num, String str5) throws Exception {
        File file;
        String string = ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), "");
        if (!string.contains(IReport.REPORT_TYPE_PWD)) {
            throw new UEException("弱口令扫描任务未授权");
        }
        if (InitSystemTask.licenseApp.valudate(getLicCp(string, IReport.REPORT_TYPE_PWD).getAuthDay()) != 0) {
            throw new UEException("弱口令任务授权已过期");
        }
        Integer taskCountByName = this.pwdMapper.getTaskCountByName(str, 3, ((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), null);
        if (taskCountByName != null && taskCountByName.intValue() > 0) {
            throw new UEException("任务名称已存在！");
        }
        Integer add = add(null, str, str2, 1, null, 0, null, null, null, str3, null, null, null, null, 10, str4, num, str5, httpSession);
        List<Map> list = (List) JsonUtil.MAPPER.readValue(str3, List.class);
        if (CollectionUtils.isNotEmpty(list)) {
            Map<String, Object> templateById = this.pwddicMapper.getTemplateById(ObjectUtil.getInt(((Map) JsonUtil.MAPPER.readValue(ObjectUtil.getString(str4, "{}"), new TypeReference<Map<String, Object>>() { // from class: com.datacloudsec.scan.service.impl.PwdService.2
            })).get("passwords")));
            String string2 = ObjectUtil.getString(templateById.get("path"), null);
            if (string2 == null) {
                file = new File(Constant.TEMP_DIR, String.valueOf(System.nanoTime()) + ".txt");
                FileUtils.writeStringToFile(file, ObjectUtil.getString(templateById.get("content"), "").replace("|", "\n"));
            } else {
                file = new File(Constant.PWDDIC_DIC, string2);
            }
            for (Map map : list) {
                Integer devIdByTidAndIp = this.pwdMapper.getDevIdByTidAndIp(add, ObjectUtil.getString(map.get("name"), ""));
                if (devIdByTidAndIp != null) {
                    impOfflinePwd(map.get("uniqname"), devIdByTidAndIp);
                }
                String string3 = ObjectUtil.getString(map.get(IReport.REPORT_TYPE_PWD), "");
                if (StringUtils.isNotBlank(string3)) {
                    ArrayList arrayList = new ArrayList();
                    if (ObjectUtil.getInt(map.get("encrypt"), 0) == 1) {
                        String string4 = ObjectUtil.getString(map.get("encType"), "");
                        if ("oracle".equalsIgnoreCase(string4)) {
                            for (String str6 : string3.split("\n")) {
                                StringBuilder sb = new StringBuilder();
                                for (String str7 : ORACLE_USER.split("\\|")) {
                                    sb.append(str7).append(":").append(str6).append("\n");
                                }
                                String sb2 = sb.toString();
                                File file2 = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
                                FileUtils.writeStringToFile(file2, sb2, "UTF-8");
                                arrayList.addAll(execHash(file.getAbsolutePath(), file2.getAbsolutePath(), "手工录入-" + string4, devIdByTidAndIp, "--format=oracle"));
                            }
                        } else if ("tomcat".equalsIgnoreCase(string4)) {
                            String replaceAll = FileUtils.readFileToString(file, "UTF-8").replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n");
                            if (StringUtils.isNotBlank(replaceAll)) {
                                Iterator it = Sets.intersection(Sets.newHashSet(Arrays.asList(string3.split("\n"))), Sets.newHashSet(Arrays.asList(replaceAll.split("\n")))).iterator();
                                while (it.hasNext()) {
                                    String str8 = (String) it.next();
                                    HashMap hashMap = new HashMap();
                                    hashMap.put("password", str8);
                                    hashMap.put("protocol", "手工录入-" + string4);
                                    arrayList.add(hashMap);
                                }
                            }
                        } else if ("windows".equalsIgnoreCase(string4) || "mysql".equalsIgnoreCase(string4) || "sqlserver".equalsIgnoreCase(string4)) {
                            File file3 = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
                            FileUtils.writeStringToFile(file3, string3, "UTF-8");
                            arrayList.addAll(execHash(file.getAbsolutePath(), file3.getAbsolutePath(), "手工录入-" + string4, devIdByTidAndIp, null));
                        } else if ("jboss".equalsIgnoreCase(string4)) {
                            String str9 = "\n" + FileUtils.readFileToString(file, "UTF-8").replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n") + "\n";
                            for (String str10 : string3.split("\n")) {
                                String decode = JbossDecryptor.decode(str10);
                                if (str9.contains(decode)) {
                                    HashMap hashMap2 = new HashMap();
                                    hashMap2.put("password", decode);
                                    hashMap2.put("protocol", "手工录入-" + string4);
                                    arrayList.add(hashMap2);
                                }
                            }
                        }
                    } else {
                        String replaceAll2 = FileUtils.readFileToString(file, "UTF-8").replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n");
                        if (StringUtils.isNotBlank(replaceAll2)) {
                            Iterator it2 = Sets.intersection(Sets.newHashSet(Arrays.asList(string3.split("\n"))), Sets.newHashSet(Arrays.asList(replaceAll2.split("\n")))).iterator();
                            while (it2.hasNext()) {
                                String str11 = (String) it2.next();
                                HashMap hashMap3 = new HashMap();
                                hashMap3.put("password", str11);
                                hashMap3.put("protocol", "手工录入");
                                arrayList.add(hashMap3);
                            }
                        }
                    }
                    if (arrayList != null && arrayList.size() > 0) {
                        this.engineMapper.sysAddPwds1(devIdByTidAndIp, arrayList);
                    }
                }
            }
        }
    }

    private Integer add(Integer num, String str, String str2, Integer num2, String str3, Integer num3, String str4, String str5, String str6, String str7, String str8, String str9, String str10, Integer num4, Integer num5, String str11, Integer num6, String str12, HttpSession httpSession) throws Exception {
        int maxdevice = getLicCp(ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), ""), IReport.REPORT_TYPE_PWD).getMaxdevice();
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        String ruleWhere = DataRule.getRuleWhere(httpSession, "t_task");
        Task task = new Task();
        task.setName(str);
        if (num != null) {
            task.setId(num);
        }
        task.setDesct(str2);
        task.setType(num2);
        task.setAlarmMethod(str3);
        task.setAlarmType(num3);
        task.setAlarmTime(str4);
        task.setMailAddr(str9);
        task.setSmsAddr(str10);
        task.setPeriodTime(str8);
        task.setUid(Integer.valueOf(user == null ? 1 : user.getId().intValue()));
        task.setTaskType(num5);
        task.setVersion(num4);
        task.setRule(ruleWhere);
        task.setConfContent(str11);
        task.setVal1(num6);
        task.setVal2(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
        task.setFtpReportType(str12);
        if (num != null) {
            task.setId(num);
        }
        if (num == null) {
            List<Map> list = (List) JsonUtil.MAPPER_ESCAPE_HTML.readValue(str7, ArrayList.class);
            int i = 0;
            for (Map map : list) {
                Map<String, Object> devById = this.deviceMapper.getDevById(ObjectUtil.getInt(map.get("id")));
                String string = devById != null ? ObjectUtil.getString(devById.get("ip"), "") : ObjectUtil.getString(map.get("name"), "");
                if (user != null && StringUtils.isNotBlank(user.getIps()) && !IPUtil.ipVaild(string, user.getIps())) {
                    throw new UEException("IP【" + string + "】不在扫描范围内，可联系管理员授权扫描此IP");
                }
                i++;
            }
            if (maxdevice > 0 && this.pwdMapper.getCountByType(null) + i > maxdevice) {
                throw new UEException("当前资产数已达授权上限[" + maxdevice + "]");
            }
            this.pwdMapper.insert(task);
            for (Map map2 : list) {
                Map<String, Object> devById2 = this.deviceMapper.getDevById(ObjectUtil.getInt(map2.get("id")));
                if (devById2 != null) {
                    devById2.put("devgroup", ObjectUtil.getString(this.deviceGroupMapper.getDevGroupById(ObjectUtil.getInt(devById2.get("dgid"))).get("name"), ""));
                    devById2.put("taskId", task.getId());
                    devById2.put("type", null);
                    if (num5.intValue() == 10) {
                        devById2.put("status", 2);
                    }
                    devById2.put("confContent", ObjectUtil.getString(devById2.get("authContent"), ""));
                    devById2.put("val3", ObjectUtil.getString(devById2.get("val2"), ""));
                    devById2.put("val2", ObjectUtil.getString(devById2.get("val1"), ""));
                    devById2.put("val1", ObjectUtil.getString(map2.get(IReport.REPORT_TYPE_PWD), ""));
                    this.pwdMapper.insertTaskDevice(devById2);
                } else {
                    HashMap hashMap = new HashMap();
                    hashMap.put("type", null);
                    hashMap.put("taskId", task.getId());
                    hashMap.put("name", ObjectUtil.getString(map2.get("name"), ""));
                    hashMap.put("ip", ObjectUtil.getString(map2.get("name"), ""));
                    hashMap.put("regionSid", Integer.valueOf((user == null || user.getRegionSid() == null) ? 110000 : user.getRegionSid().intValue()));
                    hashMap.put("regionCid", Integer.valueOf((user == null || user.getRegionCid() == null) ? 110101 : user.getRegionCid().intValue()));
                    hashMap.put("val1", ObjectUtil.getString(map2.get(IReport.REPORT_TYPE_PWD), ""));
                    this.pwdMapper.insertTaskDevice(hashMap);
                }
            }
        } else {
            Integer update = this.pwdMapper.update(task);
            if (update != null && update.intValue() == 0) {
                throw new UEException(UEException.VERSION_OLD);
            }
        }
        if (user != null) {
            if (StringUtils.isNotBlank(str5)) {
                this.pwdMapper.delEmail(user.getId());
                for (String str13 : str5.split(",")) {
                    this.pwdMapper.insertEmail(str13, user.getId());
                }
            }
            if (StringUtils.isNotBlank(str6)) {
                this.pwdMapper.delPhone(user.getId());
                for (String str14 : str6.split(",")) {
                    this.pwdMapper.insertPhone(str14, user.getId());
                }
            }
        }
        return task.getId();
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void insertTaskDev(Map<String, Object> map) throws Exception {
        this.pwdMapper.insertTaskDevice(map);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void update(HttpSession httpSession, Integer num, String str, String str2, Integer num2, String str3, Integer num3, String str4, String str5, String str6, String str7, String str8, String str9, Integer num4, String str10, Integer num5, String str11) throws Exception {
        Integer taskCountByName = this.pwdMapper.getTaskCountByName(str, 3, ((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), num);
        if (taskCountByName != null && taskCountByName.intValue() > 0) {
            throw new UEException("任务名称已存在！");
        }
        add(num, str, str2, num2, str3, num3, str4, str5, str6, null, str7, str8, str9, num4, 3, str10, num5, str11, httpSession);
        stopTimer(httpSession, num);
        if (num3.intValue() == 2 || num2.intValue() == 2) {
            startTimer(num, num2, str7, num3, str3, str4);
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void updateOffPwd(HttpSession httpSession, Integer num, String str, String str2, String str3, Integer num2, Integer num3, String str4, String str5) throws Exception {
        Integer taskCountByName = this.pwdMapper.getTaskCountByName(str, 10, ((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), num);
        if (taskCountByName != null && taskCountByName.intValue() > 0) {
            throw new UEException("任务名称已存在！");
        }
        add(num, str, str2, 0, null, 0, null, null, null, null, null, null, null, num2, 10, str3, num3, str5, httpSession);
        List<Map<String, Object>> taskDevByTid = this.pwdMapper.getTaskDevByTid(num);
        if (taskDevByTid == null || taskDevByTid.size() <= 0) {
            return;
        }
        Integer num4 = ObjectUtil.getInt(taskDevByTid.get(0).get("id"));
        impOfflinePwd(str4, num4);
        List<Map<String, Object>> bugByDevId = this.pwdMapper.getBugByDevId(num4);
        if (bugByDevId == null || bugByDevId.size() == 0) {
            return;
        }
        for (int i = 1; i < taskDevByTid.size(); i++) {
            Integer num5 = ObjectUtil.getInt(taskDevByTid.get(i).get("id"));
            this.engineMapper.sysAddPwds1(num5, bugByDevId);
            this.sysBugMapper.insertPwdStatics(this.sysBugMapper.pwdCountByDev(num5), new Date(), num5);
            Integer pwdStaCount = this.sysBugMapper.pwdStaCount();
            if (pwdStaCount != null && pwdStaCount.intValue() > 7) {
                this.sysBugMapper.delPwdStaOneWeek();
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void start(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.pwdMapper.getTaskDevById(num);
        if (taskDevById == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        if (ObjectUtil.getInt(taskDevById.get("status"), 1) != 1) {
            SqlSession sqlSession = null;
            try {
                try {
                    sqlSession = MybatisUtil.sqlSessionFactory.openSession(true);
                    SysBugMapper sysBugMapper = (SysBugMapper) sqlSession.getMapper(SysBugMapper.class);
                    TaskMapper taskMapper = (TaskMapper) sqlSession.getMapper(TaskMapper.class);
                    sysBugMapper.delSysPwd2(num);
                    HashMap hashMap = new HashMap();
                    hashMap.put("offset1", 0);
                    hashMap.put("offset2", 0);
                    hashMap.put("offset3", 0);
                    hashMap.put("progress", 0);
                    hashMap.put("devid", num);
                    taskMapper.updateTaskDevice(hashMap);
                    sqlSession.commit();
                    if (sqlSession != null) {
                        sqlSession.close();
                    }
                    Map map = (Map) JsonUtil.MAPPER.readValue(this.pwdMapper.getTaskById(ObjectUtil.getInt(taskDevById.get("taskId"))).getConfContent(), new TypeReference<Map<String, String>>() { // from class: com.datacloudsec.scan.service.impl.PwdService.3
                    });
                    HashMap hashMap2 = new HashMap();
                    ArrayList arrayList = new ArrayList();
                    for (Map.Entry entry : map.entrySet()) {
                        if (((String) entry.getKey()).contains("protocol")) {
                            HashMap hashMap3 = new HashMap();
                            hashMap3.put("protocol", (String) entry.getValue());
                            String[] split = ((String) entry.getKey()).split("_");
                            if (map.containsKey(String.valueOf(split[1]) + "_ssl")) {
                                hashMap3.put("ssl", (String) map.get(String.valueOf(split[1]) + "_ssl"));
                            }
                            hashMap3.put("port", (String) map.get(String.valueOf(split[1]) + "_port"));
                            if (split[1].equalsIgnoreCase("oracle")) {
                                hashMap3.put("other", (String) map.get("other"));
                            }
                            arrayList.add(hashMap3);
                        } else if (!((String) entry.getKey()).contains("protocol") && !((String) entry.getKey()).contains("ssl") && !((String) entry.getKey()).contains("port") && !((String) entry.getKey()).contains("other")) {
                            if (((String) entry.getKey()).equals("usernames") || ((String) entry.getKey()).equals("passwords")) {
                                Map<String, Object> templateById = this.pwddicMapper.getTemplateById(ObjectUtil.getInt(entry.getValue()));
                                if (MapUtils.isNotEmpty(templateById)) {
                                    if (StringUtils.isNotBlank(ObjectUtil.getString(templateById.get("path"), ""))) {
                                        hashMap2.put((String) entry.getKey(), FileUtils.readFileToString(new File(Constant.PWDDIC_DIC, ObjectUtil.getString(templateById.get("path"), "")), "UTF-8"));
                                    } else {
                                        hashMap2.put((String) entry.getKey(), ObjectUtil.getString(templateById.get("content"), ""));
                                    }
                                }
                            } else {
                                hashMap2.put((String) entry.getKey(), (String) entry.getValue());
                            }
                        }
                    }
                    if (!"".equals(ObjectUtil.getString(hashMap2.get("protType"), ""))) {
                        Iterator it = arrayList.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            Map map2 = (Map) it.next();
                            if ("http".equalsIgnoreCase(ObjectUtil.getString(map2.get("protocol"), ""))) {
                                StringBuilder sb = new StringBuilder();
                                sb.append(ObjectUtil.getString(hashMap2.get("reqPath"), ""));
                                sb.append(":").append(ObjectUtil.getString(hashMap2.get("reqParams"), ""));
                                sb.append(":").append(ObjectUtil.getString(hashMap2.get("reFlag"), "")).append("=").append(ObjectUtil.getString(hashMap2.get("reVal"), ""));
                                map2.put("other", sb.toString());
                                map2.put("protocol", String.valueOf(ObjectUtil.getString(hashMap2.get("protType"), "")) + "-" + ObjectUtil.getString(hashMap2.get("method"), "") + "-form");
                                break;
                            }
                        }
                    }
                    try {
                        IEngine.EngineResult pwdScan = this.engine.pwdScan(ObjectUtil.getString(taskDevById.get("ip"), ""), hashMap2, arrayList);
                        if (pwdScan == null) {
                            HashMap hashMap4 = new HashMap();
                            hashMap4.put("devid", num);
                            hashMap4.put("status", 4);
                            this.pwdMapper.updateTaskDevice(hashMap4);
                            return;
                        }
                        HashMap hashMap5 = new HashMap();
                        hashMap5.put("devid", num);
                        hashMap5.put("engineId", pwdScan.getEngineId());
                        hashMap5.put("localEid", Integer.valueOf(pwdScan.getLocalId()));
                        hashMap5.put("status", 1);
                        hashMap5.put("startTime", new Date());
                        hashMap5.put("scanCount", Integer.valueOf(ObjectUtil.getInt(taskDevById.get("scanCount"), 0) + 1));
                        this.pwdMapper.updateTaskDevice(hashMap5);
                    } catch (Exception e) {
                        String message = e instanceof UEException ? e.getMessage() : "连接引擎出错";
                        HashMap hashMap6 = new HashMap();
                        hashMap6.put("error", message);
                        hashMap6.put("status", 3);
                        hashMap6.put("devid", num);
                        this.pwdMapper.updateTaskDevice(hashMap6);
                        this.LOG.error("", e);
                    }
                } catch (Throwable th) {
                    if (sqlSession != null) {
                        sqlSession.close();
                    }
                    throw th;
                }
            } catch (Exception e2) {
                sqlSession.rollback();
                throw e2;
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void stop(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.pwdMapper.getTaskDevById(num);
        if (taskDevById == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        String string = ObjectUtil.getString(taskDevById.get("engineId"), null);
        if (ObjectUtil.getInt(taskDevById.get("status"), 0) == 1) {
            this.engine.pwdStop(string, ObjectUtil.getInt(taskDevById.get("localEid")).intValue());
            HashMap hashMap = new HashMap();
            hashMap.put("devid", num);
            hashMap.put("engineId", string);
            hashMap.put("status", 0);
            this.pwdMapper.updateTaskDevice(hashMap);
            if (Integer.valueOf(ObjectUtil.getInt(taskDevById.get("scanCount"), 0)).intValue() != 1) {
                this.sysBugMapper.delSysPwd(num);
                this.sysBugMapper.delSysPwd2(num);
            }
            this.sysBugMapper.insertPwdStatics(this.sysBugMapper.pwdCountByDev(num), new Date(), num);
            Integer pwdStaCount = this.sysBugMapper.pwdStaCount();
            if (pwdStaCount != null && pwdStaCount.intValue() > 7) {
                this.sysBugMapper.delPwdStaOneWeek();
            }
        }
        Map<String, Object> waitingDev = this.engineMapper.getWaitingDev(3, num);
        if (waitingDev == null || waitingDev.size() <= 0) {
            return;
        }
        start(ObjectUtil.getInt(waitingDev.get("id")));
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void startScanTask(Integer num) throws Exception {
        List<Map<String, Object>> taskDevByTid = this.pwdMapper.getTaskDevByTid(num);
        if (taskDevByTid == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        for (Map<String, Object> map : taskDevByTid) {
            if (1 != ObjectUtil.getInt(map.get("status")).intValue()) {
                try {
                    start(ObjectUtil.getInt(map.get("id")));
                } catch (Exception e) {
                    this.LOG.error("手动扫描出错", e);
                }
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void stopScanTask(Integer num) throws Exception {
        List<Map<String, Object>> taskDevByTid = this.pwdMapper.getTaskDevByTid(num);
        if (taskDevByTid == null) {
            throw new UEException("此任务已被其它用户删除！");
        }
        Iterator<Map<String, Object>> it = taskDevByTid.iterator();
        while (it.hasNext()) {
            try {
                stop(ObjectUtil.getInt(it.next().get("id")));
            } catch (Exception e) {
                this.LOG.error("停止出错", e);
            }
        }
        if (ObjectUtil.getInt(this.pwdMapper.getTaskById(num).getAlarmType(), 0) == 1) {
            AlermJob.alermTask(num);
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void delDev(Integer num) throws Exception {
        Map<String, Object> taskDevById = this.pwdMapper.getTaskDevById(num);
        if (1 == ObjectUtil.getInt(taskDevById.get("status")).intValue()) {
            throw new UEException("正在扫描，请先停止后再删除！");
        }
        String string = ObjectUtil.getString(taskDevById.get("engineId"), "");
        if (StringUtils.isNotBlank(string)) {
            this.engine.pwdDelete(string, ObjectUtil.getInt(taskDevById.get("localEid")).intValue());
        }
        SqlSession sqlSession = null;
        try {
            try {
                sqlSession = MybatisUtil.sqlSessionFactory.openSession(true);
                SysBugMapper sysBugMapper = (SysBugMapper) sqlSession.getMapper(SysBugMapper.class);
                PwdMapper pwdMapper = (PwdMapper) sqlSession.getMapper(PwdMapper.class);
                sysBugMapper.delSysPwd(num);
                sysBugMapper.clearPwdStatistics(num);
                pwdMapper.delTaskDevById(num);
                sqlSession.commit();
                if (sqlSession != null) {
                    sqlSession.close();
                }
            } catch (Exception e) {
                if (sqlSession != null) {
                    sqlSession.rollback();
                }
                throw e;
            }
        } catch (Throwable th) {
            if (sqlSession != null) {
                sqlSession.close();
            }
            throw th;
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void addDev(HttpSession httpSession, String str, Integer num, Boolean bool) throws Exception {
        int maxdevice = getLicCp(ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), ""), IReport.REPORT_TYPE_PWD).getMaxdevice();
        String[] split = str.split(",");
        int length = split.length;
        if (maxdevice > 0 && this.pwdMapper.getCountByType(null) + length > maxdevice) {
            throw new UEException("当前资产数已达授权上限[" + maxdevice + "]");
        }
        ArrayList<Integer> arrayList = new ArrayList();
        for (String str2 : split) {
            Map<String, Object> devById = this.deviceMapper.getDevById(ObjectUtil.getInt(str2));
            devById.put("taskId", num);
            devById.put("type", null);
            devById.put("confContent", ObjectUtil.getString(devById.get("authContent"), ""));
            this.pwdMapper.insertTaskDevice(devById);
            arrayList.add(ObjectUtil.getInt(devById.get("id")));
        }
        for (Integer num2 : arrayList) {
            Task taskById = this.pwdMapper.getTaskById(num);
            if (taskById != null && taskById.getType().intValue() == 1) {
                User user = (User) httpSession.getAttribute(IUser.USER_INFO);
                boolean z = true;
                if (bool.booleanValue()) {
                    impOfflinePwd(null, num2);
                } else {
                    try {
                        start(num2);
                    } catch (Exception e) {
                        z = false;
                        this.LOG.error("", e);
                    }
                }
                if (z) {
                    this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描弱口令任务", "", 1, "扫描成功");
                } else {
                    this.logMapper.insert(user == null ? "未登录" : user.getName(), "开始扫描弱口令任务", "", 2, "扫描失败");
                }
            }
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public List<Map<String, Object>> getDevDetailByTid(Integer num) throws Exception {
        return this.pwdMapper.getDevDetailByTid(num);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public List<Map<String, Object>> bugPie(Integer num) throws Exception {
        return this.pwdMapper.bugPie(num);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public List<Map<String, Object>> pwdResult(Integer num, Integer num2, Integer num3) throws Exception {
        return this.pwdMapper.pwdResult(num, num2, num3);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public Integer pwdResCount(Integer num) throws Exception {
        return this.pwdMapper.pwdResCount(num);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public List<Map<String, Object>> pwdBugForDevice(Integer num) throws Exception {
        return this.pwdMapper.pwdBugForDevice(num);
    }

    private void delTask(HttpSession httpSession, Integer num, Integer num2) throws Exception {
        List<Map<String, Object>> taskDevByTid = this.pwdMapper.getTaskDevByTid(num);
        Exception exc = null;
        int i = 0;
        for (Map<String, Object> map : taskDevByTid) {
            try {
                String string = ObjectUtil.getString(map.get("engineId"), "");
                if (StringUtils.isNotBlank(string)) {
                    this.engine.pwdDelete(string, ObjectUtil.getInt(map.get("localEid")).intValue());
                }
                i++;
            } catch (Exception e) {
                this.LOG.error("", e);
                exc = e;
            }
        }
        if (i == 0) {
            throw exc;
        }
        Iterator<Map<String, Object>> it = taskDevByTid.iterator();
        while (it.hasNext()) {
            Integer num3 = ObjectUtil.getInt(it.next().get("id"));
            this.sysBugMapper.delSysPwd(num3);
            this.sysBugMapper.delSysPwd2(num3);
            this.sysBugMapper.clearPwdStatistics(num3);
        }
        stopTimer(httpSession, num);
        this.pwdMapper.delTaskDevByTid(num);
        if (Integer.valueOf(this.pwdMapper.delete(num, num2, DataRule.getRuleWhere(httpSession, "t_task"))).intValue() == 0) {
            throw new UEException(UEException.VERSION_OLD);
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public int markBugErr(Integer num, Integer num2) throws Exception {
        return this.pwdMapper.markBugErr(num, num2);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void manualAddPwd(HttpSession httpSession, String str, Integer num) throws Exception {
        int maxdevice = getLicCp(ObjectUtil.getString(InitSystemTask.licenseApp.getLicenseLic().getParams().get("cmp"), ""), IReport.REPORT_TYPE_PWD).getMaxdevice();
        if (maxdevice > 0 && this.pwdMapper.getCountByType(null) + 1 > maxdevice) {
            throw new UEException("当前资产数已达授权上限[" + maxdevice + "]");
        }
        Task taskById = this.pwdMapper.getTaskById(num);
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        HashMap hashMap = new HashMap();
        hashMap.put("name", str);
        hashMap.put("ip", str);
        hashMap.put("type", null);
        hashMap.put("taskId", num);
        hashMap.put("regionCid", user.getRegionCid());
        hashMap.put("regionSid", Integer.valueOf(user.getRegionSid() == null ? 110000 : user.getRegionSid().intValue()));
        this.pwdMapper.insertTaskDevice(hashMap);
        if (taskById == null || taskById.getType().intValue() != 1) {
            return;
        }
        try {
            start(ObjectUtil.getInt(hashMap.get("id")));
        } catch (Exception e) {
            this.LOG.error("", e);
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public File pwdBackup(Task task) throws Exception {
        File file = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
        if (!file.exists()) {
            file.mkdirs();
        }
        File file2 = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
        try {
            SerializeUtil.serializeObj(new File(file, "task.backup"), task);
            for (Map<String, Object> map : this.pwdMapper.getTaskDevByTid(task.getId())) {
                Integer num = ObjectUtil.getInt(map.get("id"));
                File file3 = new File(file, new StringBuilder().append(num).toString());
                if (!file3.exists()) {
                    file3.mkdirs();
                }
                SerializeUtil.serializeObj(new File(file3, "dev.backup"), map);
                SerializeUtil.serializeObj(new File(file3, "bug.backup"), this.pwdMapper.getBugByDevId(num));
                SerializeUtil.serializeObj(new File(file3, "bug2.backup"), this.pwdMapper.getBug2ByDevId(num));
                SerializeUtil.serializeObj(new File(file3, "sta.backup"), this.pwdMapper.getStaByDevId(num));
            }
            ComonZipUtil.zip(file.getPath(), file2.getPath());
            if (file != null && file.exists()) {
                FileUtils.deleteDirectory(file);
            }
            return file2;
        } catch (Exception e) {
            throw e;
        }
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void pwdRestore(HttpSession httpSession, File file) throws Exception {
        File file2 = new File(Constant.COMMON_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
        ComonZipUtil.unzip(file, file2);
        Task task = (Task) SerializeUtil.deserializeObj(new File(file2, "task.backup"));
        Integer taskCountByName = this.pwdMapper.getTaskCountByName(task.getName(), 3, ((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), null);
        if (taskCountByName != null && taskCountByName.intValue() > 0) {
            throw new UEException("pwdTaskAlready:" + file2.getName());
        }
        try {
            restore(file2, task);
        } catch (Exception e) {
            FileUtils.deleteDirectory(file2);
            throw e;
        }
    }

    private void restore(File file, Task task) throws Exception {
        Map<String, Object> map;
        if (file == null || task == null) {
            return;
        }
        this.pwdMapper.insert(task);
        for (File file2 : file.listFiles()) {
            if (!file2.getName().equals("task.backup") && (map = (Map) SerializeUtil.deserializeObj(new File(file2, "dev.backup"))) != null && map.size() != 0) {
                map.put("taskId", task.getId());
                this.pwdMapper.inserTaskDevById(map);
                Integer num = ObjectUtil.getInt(map.get("id"));
                List<Map<String, Object>> list = (List) SerializeUtil.deserializeObj(new File(file2, "bug.backup"));
                if (list != null && list.size() > 0) {
                    this.pwdMapper.insertPwds(num, list);
                }
                List<Map<String, Object>> list2 = (List) SerializeUtil.deserializeObj(new File(file2, "bug2.backup"));
                if (list2 != null && list2.size() > 0) {
                    this.pwdMapper.insertPwds2(num, list2);
                }
                List<Map<String, Object>> list3 = (List) SerializeUtil.deserializeObj(new File(file2, "sta.backup"));
                if (list3 != null && list3.size() > 0) {
                    this.pwdMapper.inserPwdSta(num, list3);
                }
            }
        }
        startTimer(task.getId(), task.getType(), task.getPeriodTime(), task.getAlarmType(), task.getAlarmMethod(), task.getAlarmTime());
        FileUtils.deleteDirectory(file);
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void pwdEnter(HttpSession httpSession, String str) throws Exception {
        File file = new File(Constant.COMMON_DIR, str);
        if (file == null || !file.exists()) {
            this.LOG.error("弱口令恢复，文件不存在！");
            return;
        }
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        Task task = (Task) SerializeUtil.deserializeObj(new File(file, "task.backup"));
        task.setName(String.valueOf(task.getName()) + System.nanoTime());
        task.setUid(user.getId());
        try {
            restore(file, task);
        } catch (Exception e) {
            FileUtils.deleteDirectory(file);
            throw e;
        }
    }

    private List<Map<String, Object>> execHash(String str, String str2, String str3, Integer num, String str4) throws IOException, InterruptedException {
        String absolutePath = new File(Constant.WORK_DIR, "tools/pwdext").getAbsolutePath();
        long currentTimeMillis = System.currentTimeMillis();
        this.LOG.error("执行：" + absolutePath + "/john --session=" + currentTimeMillis + " --pot=" + currentTimeMillis + ".pot --encoding=utf8 --wordlist=" + str + " " + ObjectUtil.getString(str4, "") + " " + str2);
        Process exec = Runtime.getRuntime().exec(String.valueOf(absolutePath) + "/john --session=" + currentTimeMillis + " --pot=" + currentTimeMillis + ".pot --encoding=utf8 --wordlist=" + str + " " + ObjectUtil.getString(str4, "") + " " + str2);
        String iOUtils = IOUtils.toString(exec.getInputStream(), "utf8");
        this.LOG.error("结果:" + iOUtils);
        exec.destroy();
        String[] split = iOUtils.replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n").split("\n");
        ArrayList arrayList = new ArrayList();
        for (String str5 : split) {
            if (str5.endsWith(")") && str5.contains(" (")) {
                String[] split2 = str5.split(" \\(");
                if (!split2[1].contains(" ")) {
                    HashMap hashMap = new HashMap();
                    hashMap.put("protocol", str3);
                    hashMap.put("deviceid", num);
                    hashMap.put("username", split2[1].replace(")", ""));
                    hashMap.put("password", split2[0]);
                    arrayList.add(hashMap);
                }
            }
        }
        new File(String.valueOf(currentTimeMillis) + ".log").delete();
        new File(String.valueOf(currentTimeMillis) + ".pot").delete();
        return arrayList;
    }

    @Override // com.datacloudsec.scan.service.IPwd
    public void impPwd(HttpSession httpSession, File file) throws Exception {
        List<String[]> readExcel = PoiExcelUtils.readExcel(file.getPath(), 0, 3);
        ArrayList arrayList = new ArrayList();
        int size = readExcel.size();
        for (int i = 2; i < size; i++) {
            String[] strArr = readExcel.get(i);
            if (strArr != null && strArr.length >= 3 && !StringUtils.isBlank(strArr[0]) && !StringUtils.isBlank(strArr[1]) && !StringUtils.isBlank(strArr[2])) {
                HashMap hashMap = new HashMap();
                hashMap.put("ip", strArr[0]);
                hashMap.put("hash", strArr[1]);
                hashMap.put("type", strArr[2]);
                arrayList.add(hashMap);
            }
        }
        if (CollectionUtils.isEmpty(arrayList)) {
            throw new UEException("请至少录入一条数据！");
        }
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        Task task = new Task();
        task.setName(String.valueOf(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date())) + "（excel导入）");
        task.setDesct("离线弱口令excel批量导入");
        task.setType(1);
        task.setAlarmMethod("system");
        task.setAlarmType(1);
        task.setUid(user.getId());
        task.setTaskType(10);
        task.setVersion(0);
        task.setRule(DataRule.getRuleWhere(httpSession, "t_task"));
        task.setVal1(2);
        task.setVal2(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
        this.pwdMapper.insert(task);
        File file2 = new File(Constant.PWDDIC_DIC, "system/password.txt");
        String replaceAll = FileUtils.readFileToString(file2, "UTF-8").replaceAll("\r|\n", "\n").replaceAll("[\n]{2,}", "\n");
        for (Map.Entry<String, List<Map<String, Object>>> entry : EntryResult.parseEntryListMap(arrayList, "ip").entrySet()) {
            HashMap hashMap2 = new HashMap();
            hashMap2.put("type", null);
            hashMap2.put("name", entry.getKey());
            hashMap2.put("ip", entry.getKey());
            hashMap2.put("taskId", task.getId());
            hashMap2.put("status", 2);
            hashMap2.put("regionSid", Integer.valueOf((user == null || user.getRegionSid() == null) ? 110000 : user.getRegionSid().intValue()));
            hashMap2.put("regionCid", Integer.valueOf((user == null || user.getRegionCid() == null) ? 110101 : user.getRegionCid().intValue()));
            this.pwdMapper.insertTaskDevice(hashMap2);
            Integer num = ObjectUtil.getInt(hashMap2.get("id"));
            ArrayList arrayList2 = new ArrayList();
            for (Map<String, Object> map : entry.getValue()) {
                try {
                    String string = ObjectUtil.getString(map.get("type"), "");
                    String string2 = ObjectUtil.getString(map.get("hash"), "");
                    if ("oracle".equalsIgnoreCase(string)) {
                        StringBuilder sb = new StringBuilder();
                        for (String str : ORACLE_USER.split("\\|")) {
                            sb.append(str).append(":").append(string2).append("\n");
                        }
                        String sb2 = sb.toString();
                        File file3 = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
                        FileUtils.writeStringToFile(file3, sb2, "UTF-8");
                        arrayList2.addAll(execHash(file2.getAbsolutePath(), file3.getAbsolutePath(), "Excel模板导入-" + string, num, "--format=oracle"));
                    } else if ("tomcat".equalsIgnoreCase(string)) {
                        for (String str2 : string2.split("\n")) {
                            if (replaceAll.contains("\n" + str2 + "\n")) {
                                HashMap hashMap3 = new HashMap();
                                hashMap3.put("password", str2);
                                hashMap3.put("protocol", "Excel模板导入-" + string);
                                arrayList2.add(hashMap3);
                            }
                        }
                    } else if ("windows".equalsIgnoreCase(string) || "mysql".equalsIgnoreCase(string) || "sqlserver".equalsIgnoreCase(string)) {
                        File file4 = new File(Constant.TEMP_DIR, new StringBuilder(String.valueOf(System.nanoTime())).toString());
                        FileUtils.writeStringToFile(file4, string2, "UTF-8");
                        arrayList2.addAll(execHash(file2.getAbsolutePath(), file4.getAbsolutePath(), "Excel模板导入-" + string, num, null));
                    } else if ("jboss".equalsIgnoreCase(string)) {
                        for (String str3 : string2.split("\n")) {
                            String decode = JbossDecryptor.decode(str3);
                            if (replaceAll.contains("\n" + decode + "\n")) {
                                HashMap hashMap4 = new HashMap();
                                hashMap4.put("password", decode);
                                hashMap4.put("protocol", "Excel模板导入-" + string);
                                arrayList2.add(hashMap4);
                            }
                        }
                    } else {
                        for (String str4 : string2.split("\n")) {
                            if (replaceAll.contains("\n" + str4 + "\n")) {
                                HashMap hashMap5 = new HashMap();
                                hashMap5.put("password", str4);
                                hashMap5.put("protocol", "Excel模板导入-" + string);
                                arrayList2.add(hashMap5);
                            }
                        }
                    }
                } catch (Exception e) {
                    this.LOG.error("", e);
                }
            }
            if (arrayList2 != null && arrayList2.size() > 0) {
                this.engineMapper.sysAddPwds1(num, arrayList2);
            }
        }
    }
}
