package com.datacloudsec.scan.controller;

import com.datacloudsec.annotations.Auth;
import com.datacloudsec.annotations.Log;
import com.datacloudsec.exception.UEException;
import com.datacloudsec.response.FileResponse;
import com.datacloudsec.response.JsonResponse;
import com.datacloudsec.scan.cache.PeneCommand;
import com.datacloudsec.scan.cache.Penetest;
import com.datacloudsec.scan.common.Constant;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IEngine;
import com.datacloudsec.scan.service.IPenetest;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.service.impl.EngineService;
import com.datacloudsec.scan.service.impl.PenetestService;
import com.datacloudsec.utils.EntryResult;
import com.datacloudsec.utils.HttpUtil;
import com.datacloudsec.utils.IPUtil;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.JsonUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.SystemUtil;
import com.howie.hmvc.annotations.Valid;
import java.io.BufferedReader;
import java.io.File;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/datacloudsec/scan/controller/PenetestController.class */
public class PenetestController {
    private Logger LOG = Logger.getLogger(PenetestController.class);
    private IPenetest penetestService = (IPenetest) InstanceUtil.newServiceInstance(PenetestService.class);
    private IEngine engineService = (IEngine) InstanceUtil.newServiceInstance(EngineService.class);

    @Auth("PENE_TEST")
    public String penetest(HttpServletRequest httpServletRequest, String str, String str2) throws Exception {
        httpServletRequest.setAttribute("x", str);
        httpServletRequest.setAttribute("menu", str2);
        httpServletRequest.setAttribute("peneConfigs", Penetest.getInstance().getConfigMapList().get(str2));
        return "penetest/penetest";
    }

    @Auth("ICMP")
    public String icmp(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/icmp";
    }

    @Auth("SYN")
    public String syn(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/syn";
    }

    @Auth("UDP")
    public String udp(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/udp";
    }

    @Auth("TCP")
    public String tcp(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/tcp";
    }

    @Auth("CC")
    public String cc(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/cc";
    }

    @Auth("PINGOFDEATH")
    public String pingofdeath(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/pingofdeath";
    }

    @Auth("JOLT2")
    public String jolt2(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/jolt2";
    }

    @Auth("TEARDROP")
    public String teardrop(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/teardrop";
    }

    @Auth("TEARDROP")
    public String arpspoof(HttpServletRequest httpServletRequest) throws Exception {
        httpServletRequest.setAttribute("names", IPUtil.getNames(false));
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/arpspoof";
    }

    @Auth("TEARDROP")
    public String ipspoof(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return "flowattack/ipspoof";
    }

    @Auth("FLOWATTACK")
    public boolean startattack(HttpServletRequest httpServletRequest, @Valid Integer num) throws Exception {
        this.penetestService.startattack(httpServletRequest, num);
        return true;
    }

    @Auth("FLOWATTACK")
    public boolean stopattack(HttpServletRequest httpServletRequest) throws Exception {
        this.penetestService.stopattack(httpServletRequest);
        return true;
    }

    @Auth("FLOWATTACK")
    public JsonResponse getattack(HttpSession httpSession) throws Exception {
        String str = String.valueOf(httpSession.getId()) + "attack";
        JsonResponse jsonResponse = new JsonResponse(true);
        jsonResponse.putObj("info", httpSession.getAttribute(str));
        jsonResponse.putObj("error", httpSession.getAttribute(String.valueOf(str) + "error"));
        jsonResponse.putObj("finish", httpSession.getAttribute(String.valueOf(str) + "finish"));
        httpSession.removeAttribute(str);
        return jsonResponse;
    }

    @Auth("PENE_TEST")
    public String toPage(HttpServletRequest httpServletRequest, HttpSession httpSession, String str, String str2, String str3, String str4) throws Exception {
        if (StringUtils.isNotBlank(str4)) {
            str = ObjectUtil.getString(EntryResult.parseEntry(Penetest.getInstance().getConfig(), "cve", "type").get(str4), "");
            if (StringUtils.isBlank(str)) {
                throw new UEException("未发现对应的渗透测试类型");
            }
        }
        if (StringUtils.isNotBlank(str) && !Penetest.getInstance().getConfigMap().containsKey(str)) {
            throw new UEException("未发现对应的渗透测试类型");
        }
        httpServletRequest.setAttribute("datas", this.penetestService.getPeneCmdByUid(((User) httpSession.getAttribute(IUser.USER_INFO)).getId(), str));
        httpServletRequest.setAttribute("penetest", Penetest.getInstance().getConfigMap().get(str));
        Map map = (Map) PeneCommand.getInstance().getCommand().get(str2);
        httpServletRequest.setAttribute("command", map);
        httpServletRequest.setAttribute("commandJson", JsonUtil.MAPPER.writeValueAsString(map));
        httpServletRequest.setAttribute("webUrl", str3);
        return "SQLInjection".equalsIgnoreCase(str) ? "penetest/sql" : "Deserialize".equalsIgnoreCase(str) ? "penetest/deserialize" : "HTTP_REQUEST_EDITOR".equalsIgnoreCase(str) ? "penetest/http-editor" : "PWD_CHECK_TOOLS".equalsIgnoreCase(str) ? "penetest/weak-pwd" : "CVE_2017_8464".equalsIgnoreCase(str) ? "penetest/win-lnk" : "penetest/pene-child";
    }

    @Auth("PENE_TEST")
    public FileResponse putty() throws Exception {
        return new FileResponse(new File(Constant.WORK_DIR, "tools/putty.exe"), "putty.exe", false);
    }

    @Auth("PENE_TEST")
    public JsonResponse search(HttpSession httpSession, @Valid(maxLength = 50.0d) String str) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        JsonResponse jsonResponse = new JsonResponse(true);
        jsonResponse.putObj("result", this.penetestService.getPeneCmdByUid(user.getId(), str));
        return jsonResponse;
    }

    @Auth("PENE_TEST")
    public JsonResponse httpResults(HttpSession httpSession, @Valid(maxLength = 50.0d) String str) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        JsonResponse jsonResponse = new JsonResponse(true, false);
        Map<String, Object> peneCmdByUid = this.penetestService.getPeneCmdByUid(user.getId(), str);
        if (MapUtils.isNotEmpty(peneCmdByUid)) {
            String str2 = "";
            try {
                str2 = FileUtils.readFileToString(new File(Constant.PENE_TEST, String.valueOf(str) + "_" + user.getId()));
            } catch (Exception e) {
                this.LOG.error("", e);
            }
            peneCmdByUid.put("results", StringUtils.replace(StringUtils.replaceEach(str2, new String[]{"&", "<", ">"}, new String[]{"&amp;", "&lt;", "&gt;"}), "\n", "<br/>"));
            jsonResponse.putObj("result", peneCmdByUid);
        }
        return jsonResponse;
    }

    @Log(value = "执行渗透测试", entry = {"url=url", "cmd=cmd", "type=type"})
    @Auth("PENE_TEST")
    public boolean exePenetest(HttpServletRequest httpServletRequest, HttpSession httpSession, @Valid(maxLength = 500.0d, required = false) String str, @Valid(maxLength = 65535.0d, required = false) String str2, @Valid(maxLength = 65535.0d, required = false) String str3, @Valid(maxLength = 65535.0d, required = false) String str4, @Valid(maxLength = 50.0d) String str5, @Valid(maxLength = 50.0d, required = false) String str6, @Valid(maxLength = 65535.0d, required = false) String str7, @Valid(maxLength = 20.0d, required = false) String str8, @Valid(maxLength = 65535.0d, required = false) String str9, @Valid(maxLength = 65535.0d, required = false) String str10) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        this.penetestService.insertPeneCmd(user.getId(), str, str2, str3, str4, str3, str5, "", str7, str8, str9, 1, str10);
        if (!"HTTP_REQUEST_EDITOR".equalsIgnoreCase(str5)) {
            this.engineService.peneTest(handOptions(str, str2, str3, str4, httpServletRequest.getRequestURL().toString().replace("exe-penetest.aj", "imp-penetest.aj"), str5, str6, user.getId(), str7, str8, str9, str10));
            return true;
        }
        String str11 = "";
        try {
            try {
                String[] split = str10.split("\n\n");
                str11 = HttpUtil.requestByData(str, split.length > 0 ? split[0] : null, split.length > 1 ? split[1] : null, str4);
                FileUtils.writeStringToFile(new File(Constant.PENE_TEST, String.valueOf(str5) + "_" + user.getId()), str11);
                this.penetestService.updPeneCmd(user.getId(), str5, "");
                return true;
            } catch (Exception e) {
                throw e;
            }
        } catch (Throwable th) {
            FileUtils.writeStringToFile(new File(Constant.PENE_TEST, String.valueOf(str5) + "_" + user.getId()), str11);
            this.penetestService.updPeneCmd(user.getId(), str5, "");
            throw th;
        }
    }

    public boolean impPenetest(HttpServletRequest httpServletRequest) throws Exception {
        Map<String, Object> handParams = handParams(httpServletRequest);
        this.penetestService.updPeneCmd(ObjectUtil.getInt(handParams.get("uid")), ObjectUtil.getString(handParams.get("type"), "", 50), ObjectUtil.getString(handParams.get("results"), "", 65535));
        return true;
    }

    public boolean uploadFile(@Valid(maxVal = 1024000.0d) FileItem fileItem, HttpSession httpSession, String str) throws Exception {
        SystemUtil.uploadFile(fileItem, Constant.PENE_TEST, String.valueOf(str) + "_" + ((User) httpSession.getAttribute(IUser.USER_INFO)).getId());
        return true;
    }

    private Map<String, Object> handOptions(String str, String str2, String str3, String str4, String str5, String str6, String str7, Integer num, String str8, String str9, String str10, String str11) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("url", str);
        if (StringUtils.isNotBlank(str2)) {
            hashMap.put("cmd", str2);
        }
        if (StringUtils.isNotBlank(str3)) {
            hashMap.put("fileName", str3);
            Map<String, Object> map = Penetest.getInstance().getConfigMap().get(str6);
            if (map != null && "fileupload".equalsIgnoreCase(ObjectUtil.getString(map.get("group"), ""))) {
                try {
                    str3 = FileUtils.readFileToString(new File(Constant.PENE_TEST, String.valueOf(str6) + "_" + num), "UTF-8");
                } catch (Exception e) {
                    throw new UEException("文件不存在！", e);
                }
            }
            hashMap.put("cmd2", str3);
        }
        if (StringUtils.isNotBlank(str4)) {
            hashMap.put("cmd3", str4);
        }
        if (StringUtils.isNotBlank(str11)) {
            hashMap.put("cmd4", str11);
        }
        if (StringUtils.isNotBlank(str7)) {
            hashMap.put("dbtype", str7);
        }
        if (StringUtils.isNotBlank(str8)) {
            hashMap.put("headers", JsonUtil.MAPPER.readValue(str8, Map.class));
        }
        if (StringUtils.isNotBlank(str9)) {
            hashMap.put("method", str9);
        }
        if (StringUtils.isNotBlank(str10)) {
            hashMap.put("body", str10);
        }
        hashMap.put("reqUrl", str5);
        hashMap.put("type", str6);
        hashMap.put("uid", new StringBuilder().append(num).toString());
        return hashMap;
    }

    private Map<String, Object> handParams(HttpServletRequest httpServletRequest) throws Exception {
        BufferedReader reader = httpServletRequest.getReader();
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            String readLine = reader.readLine();
            if (readLine == null) {
                break;
            }
            stringBuffer.append(readLine);
        }
        if (StringUtils.isBlank(stringBuffer.toString())) {
            throw new UEException("参数不能为空");
        }
        return (Map) JsonUtil.MAPPER.readValue(stringBuffer.toString(), Map.class);
    }

    @Auth("PENE_TEST")
    public String md(HttpServletRequest httpServletRequest, String str) throws Exception {
        httpServletRequest.setAttribute("type", str);
        return "penetest/md";
    }

    @Auth("PENE_TEST")
    public String browserView(HttpServletRequest httpServletRequest, HttpSession httpSession, @Valid String str) throws Exception {
        String string;
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        Map<String, Object> peneCmdByUid = this.penetestService.getPeneCmdByUid(user.getId(), str);
        if (peneCmdByUid == null) {
            throw new UEException("未执行命令");
        }
        if ("HTTP_REQUEST_EDITOR".equalsIgnoreCase(str)) {
            string = FileUtils.readFileToString(new File(Constant.PENE_TEST, String.valueOf(str) + "_" + user.getId()));
        } else {
            string = ObjectUtil.getString(peneCmdByUid.get("results"), "");
        }
        if (string.indexOf("<") != -1) {
            httpServletRequest.setAttribute("respContent", string.substring(string.indexOf("<")));
            return "penetest/browser-view";
        }
        httpServletRequest.setAttribute("respContent", string.replace("\n", "<br>"));
        return "penetest/browser-view";
    }
}
