package burp;

import burp.model.TableLogModel;
import burp.model.WeakPassword;
import burp.ui.FingerTab;
import burp.ui.WeakPasswordTab;
import burp.util.FingerUtils;
import burp.util.HTTPUtils;
import burp.util.UrlScanCount;
import burp.util.Utils;
import burp.weakpassword.TomcatWeakPassword;
import java.net.URL;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;

/* loaded from: input_file:burp/IProxyScanner.class */
public class IProxyScanner implements IProxyListener {
    final ThreadPoolExecutor executorService;
    private static IExtensionHelpers helpers;
    final ExecutorService monitorExecutorService;
    private static ScheduledExecutorService monitorExecutor;
    private static UrlScanCount haveScanUrl = new UrlScanCount();
    public static int totalScanCount = 0;
    private static final List<String> WEAKPASSWORDMODEL = Arrays.asList("Tomcat");

    public IProxyScanner() {
        helpers = BurpExtender.getHelpers();
        int max = Math.max(Runtime.getRuntime().availableProcessors(), 20);
        int i = max * 2;
        this.executorService = new ThreadPoolExecutor(max, i, 60L, TimeUnit.SECONDS, new LinkedBlockingQueue(), Executors.defaultThreadFactory(), new ThreadPoolExecutor.CallerRunsPolicy());
        BurpExtender.getStdout().println("[+] run executorService maxPoolSize: " + max + " ~ " + i);
        this.monitorExecutorService = Executors.newFixedThreadPool(6);
        monitorExecutor = Executors.newSingleThreadScheduledExecutor();
        startDatabaseMonitor();
        BurpExtender.getStdout().println("[+] run Weak password blasting monitorExecutor success~ ");
    }

    private void startDatabaseMonitor() {
        monitorExecutor.scheduleAtFixedRate(() -> {
            this.monitorExecutorService.submit(() -> {
                try {
                    if (WeakPasswordTab.weakPasswordBlasting.isSelected()) {
                        BurpExtender.getStdout().println("[+] 弱口令爆破模块关闭，不进行定时获取数据进行爆破。");
                        return;
                    }
                    WeakPassword fetchAndMarkSinglePathAsCrawling = BurpExtender.getDataBaseService().fetchAndMarkSinglePathAsCrawling();
                    if (fetchAndMarkSinglePathAsCrawling == null) {
                        BurpExtender.getStdout().println("[+] 弱口令爆破模块运行中，但无需爆破的数据。");
                        return;
                    }
                    WeakPassword checkWeakPasswords = TomcatWeakPassword.checkWeakPasswords(fetchAndMarkSinglePathAsCrawling);
                    BurpExtender.getStdout().println("[+] url: " + checkWeakPasswords.getUrl() + "爆破结果为: " + checkWeakPasswords.getStatus());
                    BurpExtender.getDataBaseService().updateWeakPassword(checkWeakPasswords);
                } catch (Exception e) {
                    BurpExtender.getStderr().println("[!] scheduleAtFixedRate error: ");
                    e.printStackTrace(BurpExtender.getStderr());
                }
            });
        }, 0L, 10L, TimeUnit.SECONDS);
    }

    public static void setHaveScanUrlNew() {
        haveScanUrl = new UrlScanCount();
        FingerTab.lbSuccessCount.setText("0");
        FingerTab.lbRequestCount.setText("0");
        BurpExtender.getDataBaseService().clearRequestsResponseTable();
        BurpExtender.getDataBaseService().clearTableDataTable();
        FingerTab.timer.stop();
    }

    @Override // burp.IProxyListener
    public void processProxyMessage(boolean z, final IInterceptedProxyMessage iInterceptedProxyMessage) {
        if (z) {
            return;
        }
        FingerTab.lbRequestCount.setText(Integer.toString(BurpExtender.getDataBaseService().getTableDataCount()));
        final IHttpRequestResponse messageInfo = iInterceptedProxyMessage.getMessageInfo();
        final IHttpRequestResponse messageInfo2 = iInterceptedProxyMessage.getMessageInfo();
        final String method = helpers.analyzeRequest(messageInfo2).getMethod();
        final String valueOf = String.valueOf(helpers.analyzeRequest(messageInfo2).getUrl());
        if (Utils.isStaticFile(valueOf) && !valueOf.contains("favicon.") && !valueOf.contains(".ico")) {
            BurpExtender.getStdout().println("[+]静态文件，不进行url识别：" + valueOf);
            return;
        }
        final byte[] response = messageInfo.getResponse();
        this.executorService.submit(new Runnable() { // from class: burp.IProxyScanner.1
            @Override // java.lang.Runnable
            public void run() {
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = new HashMap();
                hashMap2.put("responseRequest", messageInfo);
                hashMap2.put("isFindUrl", false);
                hashMap2.put("method", method);
                hashMap.put(valueOf, hashMap2);
                if (!valueOf.contains("favicon.") && !valueOf.contains(".ico") && !FingerTab.toggleButton.isSelected()) {
                    String inferredMimeType = IProxyScanner.helpers.analyzeResponse(response).getInferredMimeType();
                    URL url = IProxyScanner.helpers.analyzeRequest(messageInfo2).getUrl();
                    HashSet<String> hashSet = new HashSet(Utils.extractUrlsFromHtml(valueOf, new String(response)));
                    if (inferredMimeType.equals("script") || inferredMimeType.equals("HTML") || valueOf.contains(".htm") || Utils.isGetUrlExt(valueOf)) {
                        hashSet.addAll(Utils.findUrl(url, new String(response)));
                    }
                    BurpExtender.getStdout().println("[+] 进入网页提取URL页面： " + valueOf + "\r\n URL result: " + hashSet);
                    for (String str : hashSet) {
                        hashMap.put(str, HTTPUtils.makeGetRequest(str));
                    }
                }
                BurpExtender.getStdout().println("[+]指纹识别开始： " + hashMap);
                for (Map.Entry entry : hashMap.entrySet()) {
                    String str2 = (String) entry.getKey();
                    Object value = entry.getValue();
                    if (value instanceof Map) {
                        Map map = (Map) value;
                        IHttpRequestResponse iHttpRequestResponse = (IHttpRequestResponse) map.get("responseRequest");
                        byte[] response2 = iHttpRequestResponse.getResponse();
                        int insertOrUpdateRequestResponse = BurpExtender.getDataBaseService().insertOrUpdateRequestResponse(str2, iHttpRequestResponse.getRequest(), response2);
                        if (response2 == null || response2.length == 0) {
                            BurpExtender.getStdout().println("返回结果为空: " + str2);
                        } else {
                            String str3 = (String) map.get("method");
                            IResponseInfo analyzeResponse = IProxyScanner.helpers.analyzeResponse(response2);
                            TableLogModel FingerFilter = FingerUtils.FingerFilter(iInterceptedProxyMessage.getMessageReference(), str2, response2, iHttpRequestResponse.getHttpService(), IProxyScanner.helpers, insertOrUpdateRequestResponse);
                            if (FingerFilter.getResult().isEmpty()) {
                                BurpExtender.getStdout().println("[+]无法识别指纹url: " + str2);
                            } else {
                                FingerFilter.setStatus(Short.toString(analyzeResponse.getStatusCode()));
                                FingerFilter.setMethod(str3);
                                BurpExtender.getDataBaseService().insertOrUpdateLogEntry(FingerFilter);
                                IProxyScanner.ifInsertWeakPasswordDatabase(FingerFilter);
                                BurpExtender.getStdout().println(FingerFilter);
                            }
                        }
                    }
                    BurpExtender.getStdout().println("[END]指纹识别结束: " + hashMap);
                }
            }
        });
        BurpExtender.getStdout().println(new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").format(new Date()) + ": 当前还有" + this.executorService.getQueue().size() + " 个任务等待运行");
    }

    public static void shutdownMonitorExecutor() {
        if (monitorExecutor == null || monitorExecutor.isShutdown()) {
            return;
        }
        monitorExecutor.shutdown();
        try {
            if (!monitorExecutor.awaitTermination(5L, TimeUnit.SECONDS)) {
                monitorExecutor.shutdownNow();
            }
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
            monitorExecutor.shutdownNow();
        }
    }

    public static void ifInsertWeakPasswordDatabase(TableLogModel tableLogModel) {
        for (String str : WEAKPASSWORDMODEL) {
            if (tableLogModel.getResult().contains(str) && !BurpExtender.getDataBaseService().existsWeakPasswordByUrl(Utils.getUriFromUrl(tableLogModel.getUrl()))) {
                BurpExtender.getDataBaseService().insertWeakPassword(Utils.getUriFromUrl(tableLogModel.getUrl()), str, "-", "-", "-", "等待爆破中", "-");
            }
        }
    }
}
