jsp shell 优化

* 随机数据分割&自定义数据分割符
* 随机单词变量名支持

source/core/base.js

@@ -30,7 +30,7 @@ class Base {
        * @param  {Object} data 请求数据
        * @return {Object}      生成数据
        */
-      default (pwd, data) {
+      default(pwd, data) {
         data[pwd] = data['_'];
         delete data['_'];
         return data;
@@ -78,7 +78,7 @@ class Base {
       if (priKey.length > 0) {
         key.importKey(priKey.toString(), 'private');
       }
-    } catch (e) {}
+    } catch (e) { }
     return key;
   }
 
@@ -155,6 +155,16 @@ class Base {
         }
         return randomString(randomPrefix) + Buffer.from(iconv.encode(Buffer.from(str), encode)).toString('base64');
       },
+      newb64buffer(str) {
+        let randomString = (length) => {
+          let chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+          let result = '';
+          for (let i = length; i > 0; --i) result += chars[Math.floor(Math.random() * chars.length)];
+          return result;
+        }
+        let buff = Buffer.from(str).toString('hex').toUpperCase();
+        return randomString(randomPrefix) + Buffer.from(iconv.encode(Buffer.from(buff), encode)).toString('base64');
+      },
       /**
        * 字符串转16进制（不进行编码转换
        * @param  {String} str 转换的字符串

source/core/jsp/encoder/base64.js

-//
-// jsp::base64 编码模块
-//
-// :把除了密码跟api的其他参数都base64编码一次
-//
-
-'use strict';
-
-module.exports = (pwd, data, ext = null) => {
-  let ret = {};
-  for (let _ in data) {
-    if (_ === '_') {
-      continue
-    };
-    ret[_] = Buffer
-      .from(data[_])
-      .toString('base64');
-  }
-  if (ext.opts['encode'] != "UTF8") {
-    ret['charset'] = ext.opts['encode'];
-  }
-  if (ext.opts['encoder'] != "default") {
-    ret['encoder'] = ext.opts['encoder'];
-  }
-  if (ext.opts['decoder'] != "default") {
-    ret['decoder'] = ext.opts['decoder'];
-  }
-  ret[pwd] = data['_'];
-  return ret;
-}
\ No newline at end of file

source/core/jsp/encoder/hex.js

-//
-// 16进制编码模块
-//
-
-'use strict';
-
-module.exports = (pwd, data, ext = null) => {
-  let ret = {};
-  for (let _ in data) {
-    if (_ === '_') {
-      continue
-    };
-    ret[_] = Buffer
-      .from(data[_])
-      .toString('hex');
-  }
-  if (ext.opts['encode'] != "UTF8") {
-    ret['charset'] = ext.opts['encode'];
-  }
-  if (ext.opts['encoder'] != "default") {
-    ret['encoder'] = ext.opts['encoder'];
-  }
-  if (ext.opts['decoder'] != "default") {
-    ret['decoder'] = ext.opts['decoder'];
-  }
-  ret[pwd] = data['_'];
-  return ret;
-}
\ No newline at end of file

source/core/jsp/index.js

@@ -19,7 +19,7 @@ class JSP extends Base {
       'database/mysql',
       'database/oracle'
     ].map((_) => {
-      this.parseTemplate(`./jsp/template/${_}`);
+      this.parseJspTemplate(`./template/${_}`);
     });
     // 解析编码器
     this
@@ -39,7 +39,7 @@ class JSP extends Base {
    * @return {array} 编码器列表
    */
   get encoders() {
-    return ['base64','hex'];
+    return [];
   }
 
   get decoders() {
@@ -57,16 +57,107 @@ class JSP extends Base {
     if (this.__opts__['otherConf'].hasOwnProperty('use-custom-datatag') && this.__opts__['otherConf']['use-custom-datatag'] == 1 && this.__opts__['otherConf']['custom-datatag-tags']) {
       tag_s = this.__opts__['otherConf']['custom-datatag-tags'];
     } else {
-      tag_s = "->|";
+      tag_s = Math.random().toString(16).substr(2, parseInt(Math.random() * 8 + 5)); // "->|";
     }
     if (this.__opts__['otherConf'].hasOwnProperty('use-custom-datatag') && this.__opts__['otherConf']['use-custom-datatag'] == 1 && this.__opts__['otherConf']['custom-datatag-tage']) {
       tag_e = this.__opts__['otherConf']['custom-datatag-tage'];
     } else {
-      tag_e = "|<-";
+      tag_e = Math.random().toString(16).substr(2, parseInt(Math.random() * 8 + 5)); // "|<-";
     }
+    data['_'] = this.replaceClassStringVar(data['_'], '->|', tag_s);
+    data['_'] = this.replaceClassStringVar(data['_'], '|<-', tag_e);
     // 使用编码器进行处理并返回
     return this.encodeComplete(tag_s, tag_e, data);
   }
+
+  /**
+   * JSP 脚本解析模版
+   * @param   {String} tpl  模版文件
+   * @returns {Object}      解析完毕的模板对象（参数`_`为主代码入口
+   */
+  parseJspTemplate(tpl) {
+    // 把模板路径的`/`转换为`_`
+    let templateName = (tpl.split('template/')[1]).replace(/\//g, '_');
+    this[templateName] = {};
+    // 加载模板
+    let _argv = this.argv();
+    let templateObj = require(`${tpl}`)(_argv[0], _argv[1], _argv[2], _argv[3], _argv[4], _argv[5]);
+    let formatter = Base
+      .prototype
+      .format(this.__opts__);
+    // 解析模板
+    for (let funcName in templateObj) {
+      this[templateName][funcName] = ((args) => {
+        if (typeof (args) === 'object') {
+          // 如果脚本函数需要参数，则进行解析
+          return (argv) => {
+            let data = {};
+            // 克隆源数据到返回数据中
+            for (let _ in args) {
+              data[_] = args[_];
+            }
+            // 循环替换脚本中的标签
+            for (let arg in args) {
+              (args[arg].match(/#{([\w\:]+)}/g) || []).map(
+                // example: #{hex::str} = hex(str), #{arg1} = arg1
+                (tag) => {
+                  let tagStr = tag.substr(2, tag.length - 3);
+                  let tagArr = tagStr.split('::');
+                  let func, retStr;
+                  console.log(formatter);
+                  if ((tagArr.length > 0) && (func = formatter[tagArr[0]])) {
+                    // 如果包含有分割标签且该格式化函数存在，则调用该函数进行处理
+                    retStr = func(argv[tagArr[1] || '']);
+                    data['_'] = this.replaceClassStringVar(data['_'], `antswordarg${tagArr[1]}`, arg);
+                  } else {
+                    // 否则替换直接返回字符串
+                    retStr = argv[tagStr] || '';
+                    data['_'] = this.replaceClassStringVar(data['_'], `antswordarg${tagStr}`, arg);
+                  }
+                  // 组合最终生成模板代码
+                  data[arg] = data[arg].replace(tag, retStr);
+                });
+            }
+            // 发送HTTP请求
+            data['_'] = this.replaceClassStringVar(data['_'], 'antswordCharset', this.__opts__["encode"]);
+            data['_'] = this.replaceClassStringVar(data['_'], 'antswordrandomPrefix', this.__opts__.otherConf["random-Prefix"]);
+            return data;
+          }
+        } else {
+          // 否则直接返回
+          return () => ({
+            _: args
+          });
+        }
+      })(templateObj[funcName]);
+    }
+  }
+
+  /**
+   * 字节码String类型内容替换
+   * 
+   */
+  replaceClassStringVar(b64code, oldvar, newvar) {
+    let code = Buffer.from(b64code, 'base64');
+    let hexcode = code.toString('hex');
+    let hexoldvar = Buffer.from(oldvar).toString('hex');
+    let oldpos = hexcode.indexOf(hexoldvar);
+    if (oldpos > -1) {
+      let newlength = this.decimalToHex(newvar.length, 4);
+      let retcode = `${hexcode.slice(0, oldpos - 4)}${newlength}${Buffer.from(newvar).toString('hex')}${hexcode.slice(oldpos + hexoldvar.length)}`;
+      return Buffer.from(retcode, 'hex').toString('base64');
+    }
+    return b64code;
+  }
+
+  decimalToHex(d, padding) {
+    var hex = Number(d).toString(16);
+    padding = typeof (padding) === "undefined" || padding === null ? padding = 2 : padding;
+    while (hex.length < padding) {
+      hex = "0" + hex;
+    }
+    return hex;
+  }
 }
 
 module.exports = JSP;
\ No newline at end of file