SummerSec
diff --git a/‎src/main/java/com/drops/exp/H2DatabaseConsoleJNDIRCEEXP.java‎
Lines changed: 0 additions & 2 deletions b/‎src/main/java/com/drops/exp/H2DatabaseConsoleJNDIRCEEXP.java‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎src/main/java/com/drops/exp/SnakeYAMLRCEEXP.java‎
Lines changed: 12 additions & 0 deletions b/‎src/main/java/com/drops/exp/SnakeYAMLRCEEXP.java‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/main/java/com/drops/main/AttackService.java‎
Lines changed: 39 additions & 0 deletions b/‎src/main/java/com/drops/main/AttackService.java‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎src/main/java/com/drops/main/Main.java‎
Lines changed: 1 addition & 1 deletion b/‎src/main/java/com/drops/main/Main.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/main/java/com/drops/poc/EurekaXstreamRCEPOC.java‎
Lines changed: 17 additions & 7 deletions b/‎src/main/java/com/drops/poc/EurekaXstreamRCEPOC.java‎
Lines changed: 17 additions & 7 deletions
diff --git a/‎src/main/java/com/drops/poc/JolokiaLogbackRCEPOC.java‎
Lines changed: 14 additions & 3 deletions b/‎src/main/java/com/drops/poc/JolokiaLogbackRCEPOC.java‎
Lines changed: 14 additions & 3 deletions
diff --git a/‎src/main/java/com/drops/poc/poc.java‎ ‎src/main/java/com/drops/poc/POC.java‎src/main/java/com/drops/poc/poc.java renamed to src/main/java/com/drops/poc/POC.java
Lines changed: 8 additions & 7 deletions b/‎src/main/java/com/drops/poc/poc.java‎ ‎src/main/java/com/drops/poc/POC.java‎src/main/java/com/drops/poc/poc.java renamed to src/main/java/com/drops/poc/POC.java
Lines changed: 8 additions & 7 deletions
diff --git a/‎src/main/java/com/drops/poc/SnakeYAMLRCEPOC.java‎
Lines changed: 16 additions & 7 deletions b/‎src/main/java/com/drops/poc/SnakeYAMLRCEPOC.java‎
Lines changed: 16 additions & 7 deletions
diff --git a/‎src/main/java/com/drops/poc/SpringBootEnvInfo.java‎
Lines changed: 15 additions & 11 deletions b/‎src/main/java/com/drops/poc/SpringBootEnvInfo.java‎
Lines changed: 15 additions & 11 deletions
@@ -32,8 +32,6 @@ public static boolean hasH2DatabaseConsoleJNDIRCE(String target,String vps, Stri
                 }
             }
         }
-
-
         return false;
     }
 }
@@ -0,0 +1,12 @@
+package com.drops.exp;
+
+/**
+ * @ClassName: SnakeYAMLRCEEXP
+ * @Description: TODO
+ * @Author: Summer
+ * @Date: 2021/8/2 16:40
+ * @Version: v1.0.0
+ * @Description:
+ **/
+public class SnakeYAMLRCEEXP {
+}
@@ -0,0 +1,39 @@
+package com.drops.main;
+
+import com.drops.entity.ControllersFactory;
+import com.drops.ui.MainController;
+import com.drops.utils.Utils;
+
+/**
+ * @ClassName: AttackService
+ * @Description: TODO
+ * @Author: Summer
+ * @Date: 2021/8/2 15:38
+ * @Version: v1.0.0
+ * @Description:
+ **/
+public class AttackService {
+    String target ;
+    String time;
+    MainController mainController ;
+
+    public AttackService(String targetAddressText, String httpTimeoutText) {
+        this.mainController = (MainController) ControllersFactory.controllers.get(MainController.class.getSimpleName());
+        this.time = httpTimeoutText;
+        this.target = targetAddressText;
+
+    }
+
+    public boolean gadgetSend(String target, String vps, String gadget, String echo){
+        boolean flag = false;
+        try {
+
+        }catch (Exception e){
+            this.mainController.logTextArea.appendText(Utils.log(e.getMessage()));
+        }
+
+        return false;
+    }
+
+
+}
@@ -16,7 +16,7 @@ public static void main(String[] args) {
     public void start(Stage primaryStage) throws Exception {
 
         Parent root = FXMLLoader.load(getClass().getResource("/a.fxml"));
-        primaryStage.setTitle("Spring Boot Vul Exploit by Drops");
+        primaryStage.setTitle("Spring Boot Vul Exploit by Drops Lab ");
         Scene scene = new Scene(root);
         primaryStage.setScene(scene);
         primaryStage.show();
 
@@ -1,7 +1,10 @@
 package com.drops.poc;
 
+import com.drops.entity.ControllersFactory;
+import com.drops.ui.MainController;
 import com.drops.utils.HTTPUtils;
 import com.drops.utils.ReUtil;
+import com.drops.utils.Utils;
 
 /**
  * @ClassName: EurekaXstream
@@ -13,33 +16,40 @@
  **/
 public class EurekaXstreamRCEPOC {
 
+    private final MainController mainController;
+
+    public EurekaXstreamRCEPOC() {
+        this.mainController = (MainController) ControllersFactory.controllers.get(MainController.class.getSimpleName());
+
+    }
+
     /**
      * @param target
      * @Description: 判断是否存在spring-boot-starter-actuator
      * eureka-client < 1.8.7（通常包含在 spring-cloud-starter-netflix-eureka-client 依赖中）
      * @return:
      */
-    public static boolean hasEurekaXstreamRCE(String target) {
+    public  boolean hasEurekaXstreamRCE(String target) {
         String regex = "eureka-client([A-Za-z0-9.-]+).jar";
         String context = HTTPUtils.getRequest(target).body();
         String version = "eureka-client-1.8.7";
-        System.out.println("正在验证是否存在依赖spring-boot-starter-actuator以及 eureka-client 版本 < 1.8.7！");
+        this.mainController.logTextArea.appendText(Utils.log("正在验证是否存在依赖spring-boot-starter-actuator以及 eureka-client 版本 < 1.8.7！"));
         if (context.contains("spring-boot-starter-actuator")){
-            System.out.println("存在依赖：spring-boot-starter-actuator");
+            this.mainController.logTextArea.appendText(Utils.log("存在依赖：spring-boot-starter-actuator"));
             String result = ReUtil.hasVersion(context,regex);
             if (result != null){
                 if (result.compareToIgnoreCase(version) >= 0){
-                    System.out.println("依赖版本不符合，版本为：" +  result);
+                    this.mainController.logTextArea.appendText(Utils.log("依赖版本不符合，版本为：" +  result));
                 }else {
-                    System.out.println("依赖版本：" + result);
+                    this.mainController.logTextArea.appendText(Utils.log("依赖版本：" + result));
                     return true;
                 }
             }else {
-                System.out.println("eureka-client  依赖不存在！");
+                this.mainController.logTextArea.appendText(Utils.log("eureka-client  依赖不存在！"));
             }
 
         }else{
-            System.out.println("spring-boot-starter-actuator  依赖不存在！");
+            this.mainController.logTextArea.appendText(Utils.log("spring-boot-starter-actuator  依赖不存在！"));
             return false;
         }
         return false;
 
@@ -1,6 +1,9 @@
 package com.drops.poc;
 
+import com.drops.entity.ControllersFactory;
+import com.drops.ui.MainController;
 import com.drops.utils.HTTPUtils;
+import com.drops.utils.Utils;
 
 /**
  * @ClassName: JolokiaLogbackRCEPOC
@@ -12,12 +15,20 @@
  **/
 public class JolokiaLogbackRCEPOC {
 
-    public static boolean hasJolokiaLogbackRCE(String target){
+
+    private final MainController mainController;
+
+    public JolokiaLogbackRCEPOC() {
+        this.mainController = (MainController) ControllersFactory.controllers.get(MainController.class.getSimpleName());
+
+    }
+
+    public  boolean hasJolokiaLogbackRCE(String target){
         String regex = "jolokia-core";
         String context = HTTPUtils.getRequest(target).body();
-        System.out.println("正在验证是否存在依赖jolokia-core");
+        this.mainController.logTextArea.appendText(Utils.log("正在验证是否存在依赖jolokia-core"));
         if (context.contains(regex)){
-            System.out.println("存在依赖jolokia-core");
+            this.mainController.logTextArea.appendText(Utils.log("存在依赖jolokia-core"));
             return true;
         }
         return false;
 
@@ -1,5 +1,8 @@
 package com.drops.poc;
 
+import com.drops.utils.HTTPUtils;
+import com.drops.utils.URLUtil;
+
 import java.net.MalformedURLException;
 
 /**
@@ -10,13 +13,11 @@
  * @Version: v1.0.0
  * @Description:
  **/
-public class poc {
+public class POC {
     public static void main(String[] args) {
-        String url = "http://127.0.0.1:9093";
-        try {
-            SpringBootInfo.doCheck(url);
-        } catch (MalformedURLException e) {
-            e.printStackTrace();
-        }
+        String url = "http://127.0.0.1:9093/enc";
+        System.out.println(URLUtil.normalizeURL(url));
+
     }
+
 }
@@ -1,7 +1,10 @@
 package com.drops.poc;
 
+import com.drops.entity.ControllersFactory;
+import com.drops.ui.MainController;
 import com.drops.utils.HTTPUtils;
 import com.drops.utils.ReUtil;
+import com.drops.utils.Utils;
 
 /**
  * @ClassName: SnakeYAMLRCE
@@ -13,6 +16,12 @@
  **/
 public class SnakeYAMLRCEPOC  {
 
+    public final MainController mainController;
+
+    public SnakeYAMLRCEPOC() {
+        this.mainController = (MainController) ControllersFactory.controllers.get(MainController.class.getSimpleName());
+
+    }
 
     /**
      * @Description: 判断是否存在依赖spring-boot-starter-actuator
@@ -21,27 +30,27 @@ public class SnakeYAMLRCEPOC  {
      *
      * @return:
      */
-    public static boolean hasSnakeYAMLRCE(String target){
+    public boolean hasSnakeYAMLRCE(String target){
         String regex = "spring-cloud-starter-([A-Za-z0-9.-]+).jar";
         String context = HTTPUtils.getRequest(target).body();
         String version = "spring-cloud-starter-1.3.0";
-        System.out.println("正在验证是否存在依赖spring-boot-starter-actuator以及 spring-cloud-starter 版本 < 1.3.0！");
+        this.mainController.logTextArea.appendText(Utils.log("正在验证是否存在依赖spring-boot-starter-actuator以及 spring-cloud-starter 版本 < 1.3.0！"));
         if (context.contains("spring-boot-starter-actuator")){
-            System.out.println("存在依赖：spring-boot-starter-actuator");
+            this.mainController.logTextArea.appendText(Utils.log("存在依赖：spring-boot-starter-actuator"));
             String result = ReUtil.hasVersion(context,regex);
             if (result != null){
                 if (result.compareToIgnoreCase(version) >= 0){
-                    System.out.println("依赖版本不符合，版本为：" +  result);
+                    this.mainController.logTextArea.appendText(Utils.log("依赖版本不符合，版本为：" +  result));
                 }else {
-                    System.out.println("依赖版本：" + result);
+                    this.mainController.logTextArea.appendText(Utils.log("依赖版本：" + result));
                     return true;
                 }
             }else {
-                System.out.println("spring-cloud-starte 依赖不存在！");
+                this.mainController.logTextArea.appendText(Utils.log("spring-cloud-starte 依赖不存在！"));
             }
 
         }else{
-            System.out.println("spring-boot-starter-actuator  依赖不存在！");
+            this.mainController.logTextArea.appendText(Utils.log("spring-boot-starter-actuator  依赖不存在！"));
             return false;
         }
         return false;
 
@@ -1,7 +1,10 @@
 package com.drops.poc;
 
+import com.drops.entity.ControllersFactory;
+import com.drops.ui.MainController;
 import com.drops.utils.HTTPUtils;
 import com.drops.utils.ReUtil;
+import com.drops.utils.Utils;
 
 import java.util.HashMap;
 
@@ -15,29 +18,30 @@
  **/
 public class SpringBootEnvInfo {
     HashMap resultMap = new HashMap();
+    MainController mainController ;
 
-    private static void EnvInfo(String target){
+    public SpringBootEnvInfo(HashMap resultMap, MainController mainController) {
+        this.resultMap = resultMap;
+        this.mainController = (MainController) ControllersFactory.controllers.get(MainController.class.getSimpleName());
+    }
+
+
+    private  void EnvInfo(String target){
         String result = HTTPUtils.getRequest(target).body();
         if (result.contains("spring-boot-starter-actuator")){
-            System.out.println("存在依赖：spring-boot-starter-actuator");
+            this.mainController.logTextArea.appendText(Utils.log("存在依赖：spring-boot-starter-actuator"));
+//            mainController.logTextArea.appendText(Utils.log());
             String re = ReUtil.hasVersion(result,result);
             if (!re.isEmpty()){
-                System.out.println("存在依赖： " + re);
+                this.mainController.logTextArea.appendText(Utils.log("存在依赖： " + re));
             }else {
 
-
             }
-
-            System.out.println(result);
+            this.mainController.logTextArea.appendText(Utils.log(result));
         }
 
     }
 
-    public static void main(String[] args) {
-        String target = "http://127.0.0.1:9093/env";
-        SnakeYAMLRCEPOC.hasSnakeYAMLRCE(target);
-        EurekaXstreamRCEPOC.hasEurekaXstreamRCE(target);
-    }
Original file line number	Diff line number	Diff line change
`@@ -32,8 +32,6 @@ public static boolean hasH2DatabaseConsoleJNDIRCE(String target,String vps, Stri`
`32`	`32`	`}`
`33`	`33`	`}`
`34`	`34`	`}`
`35`		`-`
`36`		`-`
`37`	`35`	`return false;`
`38`	`36`	`}`
`39`	`37`	`}`