Skip to content

Commit d1f128d

Browse files
For-ACGNFor-ACGN
committed
add checkJavaClass for validate template, update tests.
1 parent b710fbb commit d1f128d

File tree

2 files changed

+56
-8
lines changed

2 files changed

+56
-8
lines changed

generator.go

Lines changed: 28 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -17,17 +17,22 @@ func GenerateExecute(template []byte, command, class string) ([]byte, error) {
1717
uint16Size = 2
1818
)
1919

20+
err := checkJavaClass(template)
21+
if err != nil {
22+
return nil, err
23+
}
24+
2025
// find three special strings
2126
fileNameIdx := bytes.Index(template, []byte(fileNameFlag))
22-
if fileNameIdx == -1 || fileNameIdx < 2 {
27+
if fileNameIdx == -1 {
2328
return nil, errors.New("failed to find file name in execute template")
2429
}
2530
commandIdx := bytes.Index(template, []byte(commandFlag))
26-
if commandIdx == -1 || commandIdx < 2 {
31+
if commandIdx == -1 {
2732
return nil, errors.New("failed to find command flag in execute template")
2833
}
2934
classNameIdx := bytes.Index(template, []byte(className))
30-
if classNameIdx == -1 || classNameIdx < 2 {
35+
if classNameIdx == -1 {
3136
return nil, errors.New("failed to find class name in execute template")
3237
}
3338

@@ -77,25 +82,30 @@ func GenerateReverseTCP(template []byte, host string, port uint16, token, class
7782
uint16Size = 2
7883
)
7984

85+
err := checkJavaClass(template)
86+
if err != nil {
87+
return nil, err
88+
}
89+
8090
// find three special strings
8191
fileNameIdx := bytes.Index(template, []byte(fileNameFlag))
82-
if fileNameIdx == -1 || fileNameIdx < 2 {
92+
if fileNameIdx == -1 {
8393
return nil, errors.New("failed to find file name in reverse_tcp template")
8494
}
8595
hostIdx := bytes.Index(template, []byte(hostFlag))
86-
if hostIdx == -1 || hostIdx < 2 {
96+
if hostIdx == -1 {
8797
return nil, errors.New("failed to find host flag in reverse_tcp template")
8898
}
8999
portIdx := bytes.Index(template, []byte(portFlag))
90-
if portIdx == -1 || portIdx < 2 {
100+
if portIdx == -1 {
91101
return nil, errors.New("failed to find port flag in reverse_tcp template")
92102
}
93103
tokenIdx := bytes.Index(template, []byte(tokenFlag))
94-
if tokenIdx == -1 || tokenIdx < 2 {
104+
if tokenIdx == -1 {
95105
return nil, errors.New("failed to find token flag in reverse_tcp template")
96106
}
97107
classNameIdx := bytes.Index(template, []byte(className))
98-
if classNameIdx == -1 || classNameIdx < 2 {
108+
if classNameIdx == -1 {
99109
return nil, errors.New("failed to find class name in reverse_tcp template")
100110
}
101111

@@ -152,6 +162,16 @@ func GenerateReverseTCP(template []byte, host string, port uint16, token, class
152162
return output.Bytes(), nil
153163
}
154164

165+
func checkJavaClass(template []byte) error {
166+
if len(template) < 4 {
167+
return errors.New("invalid Java class template file size")
168+
}
169+
if !bytes.Equal(template[:2], []byte{0xCA, 0xFE}) {
170+
return errors.New("invalid Java class template file")
171+
}
172+
return nil
173+
}
174+
155175
func beUint16ToBytes(n uint16) []byte {
156176
b := make([]byte, 2)
157177
binary.BigEndian.PutUint16(b, n)

generator_test.go

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,20 @@ func TestGenerateExecute(t *testing.T) {
4949
require.Equal(t, expected, class)
5050
})
5151

52+
t.Run("invalid template", func(t *testing.T) {
53+
t.Run("invalid size", func(t *testing.T) {
54+
class, err := GenerateExecute(nil, "", "")
55+
require.EqualError(t, err, "invalid Java class template file size")
56+
require.Zero(t, class)
57+
})
58+
59+
t.Run("invalid data", func(t *testing.T) {
60+
class, err := GenerateExecute(bytes.Repeat([]byte{0x00}, 8), "", "")
61+
require.EqualError(t, err, "invalid Java class template file")
62+
require.Zero(t, class)
63+
})
64+
})
65+
5266
t.Run("empty command", func(t *testing.T) {
5367
class, err := GenerateExecute(template, "", "Test")
5468
require.EqualError(t, err, "empty command")
@@ -83,6 +97,20 @@ func TestGenerateReverseTCP(t *testing.T) {
8397
require.Equal(t, expected, class)
8498
})
8599

100+
t.Run("invalid template", func(t *testing.T) {
101+
t.Run("invalid size", func(t *testing.T) {
102+
class, err := GenerateReverseTCP(nil, "", 0, "", "")
103+
require.EqualError(t, err, "invalid Java class template file size")
104+
require.Zero(t, class)
105+
})
106+
107+
t.Run("invalid data", func(t *testing.T) {
108+
class, err := GenerateReverseTCP(bytes.Repeat([]byte{0x00}, 8), "", 0, "", "")
109+
require.EqualError(t, err, "invalid Java class template file")
110+
require.Zero(t, class)
111+
})
112+
})
113+
86114
t.Run("empty host", func(t *testing.T) {
87115
class, err := GenerateReverseTCP(template, "", 1234, "", "")
88116
require.EqualError(t, err, "empty host")

0 commit comments

Comments
 (0)