feat: support probe shell generation

Author: ReaJason

.github/workflows/test.yaml

@@ -61,7 +61,7 @@ jobs:
             exit 1
           fi
 
-  integration-test:
+  memshell-integration-test:
     strategy:
       fail-fast: false
       matrix:
@@ -114,7 +114,60 @@ jobs:
         run: ./gradlew ${{ matrix.cases.depend_tasks }}
 
       - name: Integration Test with gradle
-        run: ./gradlew :integration-test:test --tests '*.${{ matrix.cases.middleware }}.*' --info
+        run: ./gradlew :integration-test:test --tests '*.memshell.${{ matrix.cases.middleware }}.*' --info
 
       - name: Export Integration Test Summary
-        run: cat integration-test/build/test-results/report.md >> $GITHUB_STEP_SUMMARY
+        run: cat integration-test/build/test-results/report.md >> $GITHUB_STEP_SUMMARY
+
+  detection-integration-test:
+    strategy:
+      fail-fast: false
+      matrix:
+        cases:
+          - middleware: "tomcat"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-expression:war :vul:vul-webapp-deserialize:war :vul:vul-webapp-jakarta:war"
+          - middleware: "jetty"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
+          - middleware: "jbossas"
+            depend_tasks: ":vul:vul-webapp:war"
+          - middleware: "jbosseap"
+            depend_tasks: ":vul:vul-webapp:war"
+          - middleware: "wildfly"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
+          - middleware: "glassfish"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
+          - middleware: "resin"
+            depend_tasks: ":vul:vul-webapp:war"
+          - middleware: "payara"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
+          - middleware: "websphere"
+            depend_tasks: ":vul:vul-webapp:war"
+          - middleware: "websphere7"
+            depend_tasks: ":vul:vul-webapp:war"
+          - middleware: "weblogic"
+            depend_tasks: ":vul:vul-webapp:war"
+          - middleware: "springwebmvc"
+            depend_tasks: ":vul:vul-springboot1:bootJar :vul:vul-springboot2:bootJar :vul:vul-springboot2-jetty:bootJar :vul:vul-springboot2-undertow:bootJar :vul:vul-springboot2:bootWar :vul:vul-springboot3:bootJar"
+          - middleware: "springwebflux"
+            depend_tasks: ":vul:vul-springboot2-webflux:bootJar :vul:vul-springboot3-webflux:bootJar"
+    runs-on: ubuntu-latest
+    name: ${{ matrix.cases.middleware }}
+    needs: [ unit-test ]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: 17
+
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4
+
+      - name: Prepare for Integration Test
+        run: ./gradlew ${{ matrix.cases.depend_tasks }}
+
+      - name: Integration Test with gradle
+        run: ./gradlew :integration-test:test --tests '*.probe.${{ matrix.cases.middleware }}.*' --info

asserts/http_post_server.py

@@ -0,0 +1,35 @@
+import http.server
+import socketserver
+
+PORT = 8000
+TARGET_PATH = "/api/v1/data"
+
+
+class SimpleHTTPRequestHandler(http.server.BaseHTTPRequestHandler):
+    def do_POST(self):
+        if self.path == TARGET_PATH:
+            try:
+                content_length = int(self.headers['Content-Length'])
+                post_data_bytes = self.rfile.read(content_length)
+                post_data_str = post_data_bytes.decode('utf-8')
+                print("-----------------------------\n")
+                print(f"Client IP: {self.client_address}")
+                print(f"Request Header:\n{self.headers}")
+                print(f"Request Body:\n{post_data_str}")
+                print("-----------------------------\n")
+                self.send_response(200)
+                self.send_header('Content-type', 'application/json')
+                self.end_headers()
+                response_message = '{"status": "success"}'
+                self.wfile.write(response_message.encode('utf-8'))
+            except Exception as e:
+                print(f"Parse POST failed: {e}")
+                self.send_response(500)
+        else:
+            print("Make sure use " + TARGET_PATH + " rather than " + self.path)
+            self.send_response(404)
+
+
+with socketserver.TCPServer(("", PORT), SimpleHTTPRequestHandler) as httpd:
+    print(f"POST request at http://localhost:{PORT}{TARGET_PATH} Listening ")
+    httpd.serve_forever()

boot/src/main/java/com/reajason/javaweb/boot/controller/GeneratorController.java

@@ -3,7 +3,7 @@
 import com.reajason.javaweb.boot.dto.GenerateRequest;
 import com.reajason.javaweb.boot.dto.GenerateResponse;
 import com.reajason.javaweb.memshell.MemShellGenerator;
-import com.reajason.javaweb.memshell.config.GenerateResult;
+import com.reajason.javaweb.memshell.MemShellResult;
 import com.reajason.javaweb.memshell.config.InjectorConfig;
 import com.reajason.javaweb.memshell.config.ShellConfig;
 import com.reajason.javaweb.memshell.config.ShellToolConfig;
@@ -27,7 +27,7 @@ public GenerateResponse generate(@RequestBody GenerateRequest request) {
         ShellConfig shellConfig = request.getShellConfig();
         ShellToolConfig shellToolConfig = request.parseShellToolConfig();
         InjectorConfig injectorConfig = request.getInjectorConfig();
-        GenerateResult generateResult = MemShellGenerator.generate(shellConfig, injectorConfig, shellToolConfig);
+        MemShellResult generateResult = MemShellGenerator.generate(shellConfig, injectorConfig, shellToolConfig);
         Packer packer = request.getPacker().getInstance();
         if (packer instanceof JarPacker) {
             return new GenerateResponse(generateResult, Base64.getEncoder().encodeToString(((JarPacker) packer).packBytes(generateResult.toJarPackerConfig())));

boot/src/main/java/com/reajason/javaweb/boot/controller/ProbeGeneratorController.java

@@ -0,0 +1,33 @@
+package com.reajason.javaweb.boot.controller;
+
+import com.reajason.javaweb.boot.dto.ProbeGenerateRequest;
+import com.reajason.javaweb.boot.dto.ProbeGenerateResponse;
+import com.reajason.javaweb.packer.AggregatePacker;
+import com.reajason.javaweb.packer.Packer;
+import com.reajason.javaweb.probe.ProbeGenerator;
+import com.reajason.javaweb.probe.ProbeResult;
+import com.reajason.javaweb.probe.config.ProbeConfig;
+import com.reajason.javaweb.probe.config.ProbeContentConfig;
+import org.springframework.web.bind.annotation.*;
+
+/**
+ * @author ReaJason
+ * @since 2025/8/10
+ */
+@RestController
+@RequestMapping("/probe/generate")
+@CrossOrigin("*")
+public class ProbeGeneratorController {
+    @PostMapping
+    public ProbeGenerateResponse generate(@RequestBody ProbeGenerateRequest request) {
+        ProbeConfig probeConfig = request.getProbeConfig();
+        ProbeContentConfig probeContentConfig = request.parseProbeContentConfig();
+        ProbeResult generateResult = ProbeGenerator.generate(probeConfig, probeContentConfig);
+        Packer packer = request.getPacker().getInstance();
+        if (packer instanceof AggregatePacker) {
+            return new ProbeGenerateResponse(generateResult, ((AggregatePacker) packer).packAll(generateResult.toClassPackerConfig()));
+        } else {
+            return new ProbeGenerateResponse(generateResult, packer.pack(generateResult.toClassPackerConfig()));
+        }
+    }
+}

boot/src/main/java/com/reajason/javaweb/boot/dto/GenerateResponse.java

@@ -1,6 +1,6 @@
 package com.reajason.javaweb.boot.dto;
 
-import com.reajason.javaweb.memshell.config.GenerateResult;
+import com.reajason.javaweb.memshell.MemShellResult;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
@@ -13,16 +13,16 @@
 @Data
 @NoArgsConstructor
 public class GenerateResponse {
-    private GenerateResult generateResult;
+    private MemShellResult generateResult;
     private String packResult;
     private Map<String, String> allPackResults;
 
-    public GenerateResponse(GenerateResult generateResult, String packResult) {
+    public GenerateResponse(MemShellResult generateResult, String packResult) {
         this.generateResult = generateResult;
         this.packResult = packResult;
     }
 
-    public GenerateResponse(GenerateResult generateResult, Map<String, String> allPackResults) {
+    public GenerateResponse(MemShellResult generateResult, Map<String, String> allPackResults) {
         this.allPackResults = allPackResults;
         this.generateResult = generateResult;
     }

boot/src/main/java/com/reajason/javaweb/boot/dto/ProbeGenerateRequest.java

@@ -0,0 +1,44 @@
+package com.reajason.javaweb.boot.dto;
+
+import com.reajason.javaweb.packer.Packers;
+import com.reajason.javaweb.probe.config.*;
+import lombok.Data;
+
+/**
+ * @author ReaJason
+ * @since 2025/8/10
+ */
+@Data
+public class ProbeGenerateRequest {
+    private ProbeConfig probeConfig;
+    private ProbeContentConfigDTO probeContentConfig;
+    private Packers packer;
+
+    @Data
+    static class ProbeContentConfigDTO {
+        private String host;
+        private int seconds;
+        private String server;
+        private String sleepServer;
+        private String reqParamName;
+        private String reqHeaderName;
+    }
+
+    public ProbeContentConfig parseProbeContentConfig() {
+        return switch (probeConfig.getProbeMethod()) {
+            case DNSLog -> DnsLogConfig.builder()
+                    .host(probeContentConfig.host)
+                    .build();
+            case Sleep -> SleepConfig.builder()
+                    .seconds(probeContentConfig.seconds)
+                    .server(probeContentConfig.sleepServer)
+                    .build();
+            case ResponseBody -> ResponseBodyConfig.builder()
+                    .reqParamName(probeContentConfig.reqParamName)
+                    .reqHeaderName(probeContentConfig.reqHeaderName)
+                    .server(probeContentConfig.server)
+                    .build();
+            default -> throw new UnsupportedOperationException("unknown probe method: " + probeConfig.getProbeMethod());
+        };
+    }
+}

boot/src/main/java/com/reajason/javaweb/boot/dto/ProbeGenerateResponse.java

@@ -0,0 +1,29 @@
+package com.reajason.javaweb.boot.dto;
+
+import com.reajason.javaweb.probe.ProbeResult;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Map;
+
+/**
+ * @author ReaJason
+ * @since 2025/8/10
+ */
+@Data
+@NoArgsConstructor
+public class ProbeGenerateResponse {
+    private ProbeResult probeResult;
+    private String packResult;
+    private Map<String, String> allPackResults;
+
+    public ProbeGenerateResponse(ProbeResult probeResult, String packResult) {
+        this.probeResult = probeResult;
+        this.packResult = packResult;
+    }
+
+    public ProbeGenerateResponse(ProbeResult probeResult, Map<String, String> allPackResults) {
+        this.allPackResults = allPackResults;
+        this.probeResult = probeResult;
+    }
+}

generator/src/main/java/com/reajason/javaweb/Constants.java

@@ -0,0 +1,24 @@
+package com.reajason.javaweb;
+
+/**
+ * @author ReaJason
+ * @since 2025/8/5
+ */
+public class Constants {
+    public static class Server {
+        public static final String TOMCAT = "Tomcat";
+        public static final String JETTY = "Jetty";
+        public static final String UNDERTOW = "Undertow";
+        public static final String JBOSS = "JBoss";
+        public static final String RESIN = "Resin";
+        public static final String WEBLOGIC = "WebLogic";
+        public static final String WEBSPHERE = "WebSphere";
+        public static final String GLASSFISH = "GlassFish";
+        public static final String TONGWEB = "TongWeb";
+        public static final String BES = "BES";
+        public static final String INFORSUITE = "InforSuite";
+        public static final String APUSIC = "Apusic";
+        public static final String SPRING_WEBFLUX = "SpringWebFlux";
+        public static final String SPRING_WEBMVC = "SpringWebMvc";
+    }
+}

generator/src/main/java/com/reajason/javaweb/memshell/MemShellGenerator.java

@@ -1,6 +1,5 @@
 package com.reajason.javaweb.memshell;
 
-import com.reajason.javaweb.memshell.config.GenerateResult;
 import com.reajason.javaweb.memshell.config.InjectorConfig;
 import com.reajason.javaweb.memshell.config.ShellConfig;
 import com.reajason.javaweb.memshell.config.ShellToolConfig;
@@ -18,7 +17,7 @@
  */
 public class MemShellGenerator {
 
-    public static GenerateResult generate(ShellConfig shellConfig, InjectorConfig injectorConfig, ShellToolConfig shellToolConfig) {
+    public static MemShellResult generate(ShellConfig shellConfig, InjectorConfig injectorConfig, ShellToolConfig shellToolConfig) {
         Server server = shellConfig.getServer();
         AbstractShell shell = server.getShell();
         if (shell == null) {
@@ -57,7 +56,7 @@ public static GenerateResult generate(ShellConfig shellConfig, InjectorConfig in
         byte[] injectorBytes = injectorGenerator.generate();
         Map<String, byte[]> innerClassBytes = injectorGenerator.getInnerClassBytes();
 
-        return GenerateResult.builder()
+        return MemShellResult.builder()
                 .shellConfig(shellConfig)
                 .shellToolConfig(shellToolConfig)
                 .injectorConfig(injectorConfig)

…aweb/memshell/config/GenerateResult.java …son/javaweb/memshell/MemShellResult.javagenerator/src/main/java/com/reajason/javaweb/memshell/config/GenerateResult.java renamed to generator/src/main/java/com/reajason/javaweb/memshell/MemShellResult.java generator/src/main/java/com/reajason/javaweb/memshell/config/GenerateResult.java renamed to generator/src/main/java/com/reajason/javaweb/memshell/MemShellResult.java

@@ -1,5 +1,8 @@
-package com.reajason.javaweb.memshell.config;
+package com.reajason.javaweb.memshell;
 
+import com.reajason.javaweb.memshell.config.InjectorConfig;
+import com.reajason.javaweb.memshell.config.ShellConfig;
+import com.reajason.javaweb.memshell.config.ShellToolConfig;
 import com.reajason.javaweb.packer.ClassPackerConfig;
 import com.reajason.javaweb.packer.JarPackerConfig;
 import lombok.AllArgsConstructor;
@@ -18,8 +21,8 @@
 @Data
 @NoArgsConstructor
 @AllArgsConstructor
-@Builder(builderClassName = "GenerateResultBuilder")
-public class GenerateResult {
+@Builder(builderClassName = "Builder")
+public class MemShellResult {
     private String shellClassName;
     private transient byte[] shellBytes;
     private long shellSize;
@@ -33,8 +36,8 @@ public class GenerateResult {
     private ShellToolConfig shellToolConfig;
     private InjectorConfig injectorConfig;
 
-    public static class GenerateResultBuilder {
-        public GenerateResult build() {
+    public static class Builder {
+        public MemShellResult build() {
             if (shellBytes != null) {
                 shellBytesBase64Str = Base64.getEncoder().encodeToString(shellBytes);
                 shellSize = shellBytes.length;
@@ -43,7 +46,7 @@ public GenerateResult build() {
                 injectorBytesBase64Str = Base64.getEncoder().encodeToString(injectorBytes);
                 injectorSize = injectorBytes.length;
             }
-            return new GenerateResult(shellClassName, shellBytes, shellSize, shellBytesBase64Str,
+            return new MemShellResult(shellClassName, shellBytes, shellSize, shellBytesBase64Str,
                     injectorClassName, injectorBytes, injectorInnerClassBytes, injectorSize, injectorBytesBase64Str, shellConfig, shellToolConfig, injectorConfig);
         }
     }