private static List <CustomShellType.FuncCode> ReadFuncCodeSettingNode(XmlNode child)
{
List <CustomShellType.FuncCode> funcCodeList = new List <CustomShellType.FuncCode>();
foreach (XmlNode c in child.ChildNodes)
{
if (c.Name == "func")
{
CustomShellType.FuncCode funcCode = new CustomShellType.FuncCode();
//初始化一下Parmas
funcCode.FuncParams = new List <CustomShellType.ParamStruct>();
foreach (XmlNode cc in c.ChildNodes)
{
if (cc.Name == "name")
{
funcCode.Name = cc.InnerText;
}
else if (cc.Name == "type")
{
funcCode.Type = cc.InnerText;
}
else if (cc.Name == "path")
{
funcCode.Path = cc.InnerText;
}
else if (cc.Name == "item")
{
funcCode.Item = cc.InnerText;
}
else if (cc.Name == "funcParam")
{
funcCode.FuncParams.Add(ReadParamNode(cc));
}
}
funcCodeList.Add(funcCode);
}
}
return(funcCodeList);
}
private Dictionary <string, string> GetCode(CustomShellType customShellType,
string pass,
CustomShellType.FuncCode funcCode,
string[] parmas)
{
DataCombine dataCombine = new DataCombine();
Dictionary <string, string> dic = new Dictionary <string, string>();
//MainCodeSetting
string mainCodeString =
FillParams(customShellType.MainCodeSetting.Item, customShellType.MainCodeSetting.FuncCodeParam);
NameValueCollection mainCodeItem = new NameValueCollection
{
{ pass, EncryItem(customShellType.BasicSetting.MainCodeParam.EncryMode, mainCodeString) }
};
AddItemToDic(dic, customShellType.BasicSetting.MainCodeParam.Location, dataCombine.CombineToStr(mainCodeItem));
//FuncCode
string funcCodeString = "";
if (funcCode.FuncParams.Count > 0)
{
funcCodeString = FillParams(funcCode.Item, funcCode.FuncParams);
}
else
{
funcCodeString = funcCode.Item;
}
//判断是否随机参数
string funcParamName = customShellType.MainCodeSetting.FuncCodeParam.Name;
if (GlobalSetting.IsParamRandom)
{
string newguid = _randomParam[funcParamName];
funcParamName = newguid;
}
NameValueCollection funcCodeItem = new NameValueCollection
{
{ funcParamName, EncryItem(customShellType.MainCodeSetting.FuncCodeParam.EncryMode, funcCodeString) }
};
AddItemToDic(dic, customShellType.MainCodeSetting.FuncCodeParam.Location, dataCombine.CombineToStr(funcCodeItem));
//FunParma
if (parmas != null && parmas.Length > 0)
{
if (parmas.Length != funcCode.FuncParams.Count)
{
throw new Exception("调用方法的参数个数与实现代码的参数个数不符合");
}
for (int i = 0; i < parmas.Length; i++)
{
string parName = funcCode.FuncParams[i].Name;
if (GlobalSetting.IsParamRandom)
{
string newguid = _randomParam[parName];
parName = newguid;
}
NameValueCollection item = new NameValueCollection
{
{ parName, EncryItem(funcCode.FuncParams[i].EncryMode, parmas[i]) }
};
AddItemToDic(dic, funcCode.FuncParams[i].Location, dataCombine.CombineToStr(item));
//dataCombine.AddFuncParmaItem("z" + (i + 1), EncryItem(FuncCode.FuncParmaEncryMode, parmas[i]));
}
//AddItemToDic(dic, FuncCode.FuncParmaLocation, dataCombine.CombineToStr(dataCombine.FuncParmaItems));
}
return(dic);
}
/// <summary>
/// 将指定的操作拼接包装成完整的脚本语言,并存储于字典中
/// </summary>
/// <param name="customShellType">自定义的Shell类型</param>
/// <param name="pass">一句话木马的密码</param>
/// <param name="funcCode">funcCode代码类型,分为非数据库操作(存储于BuiltIn.func文件内)、数据库操作(存储于Db.func文件内)</param>
/// <param name="parmas">数据库连接参数组</param>
/// <returns></returns>
private Dictionary <string, string> GetCode(CustomShellType customShellType,
string pass,
CustomShellType.FuncCode funcCode,
string[] parmas)
{
DataCombine dataCombine = new DataCombine();
Dictionary <string, string> dic = new Dictionary <string, string>();
//MainCodeSetting
string mainCodeString =
FillParams(customShellType.MainCodeSetting.Item, customShellType.MainCodeSetting.FuncCodeParam);
//NameValueCollection与Dictionary<string,string>比较相似,区别在于NameValueCollection在处理Add时,如果遇到已有的Key会以追加的形式进行修改(以逗号为分隔符)。
NameValueCollection mainCodeItem = new NameValueCollection
{
{ pass, EncryItem(customShellType.BasicSetting.MainCodeParam.EncryMode, mainCodeString) }
};
AddItemToDic(dic, customShellType.BasicSetting.MainCodeParam.Location, dataCombine.CombineToStr(mainCodeItem));
//FuncCode
string funcCodeString = "";
if (funcCode.FuncParams.Count > 0)
{
funcCodeString = FillParams(funcCode.Item, funcCode.FuncParams);
}
else
{
funcCodeString = funcCode.Item;
}
//判断是否进行了参数随机化,如果进行了参数随机化,则将funcParamName的随机参数从随机参数列表中取出来代替默认的funcParamName
//备注:_ramdomParma是程序集中记录随机参数的列表,以<默认参数名,随机参数名>的形式记录哪些默认参数使用的参数随机化
string funcParamName = customShellType.MainCodeSetting.FuncCodeParam.Name;
if (GlobalSetting.IsParamRandom)
{
string newguid = _randomParam[funcParamName];
funcParamName = newguid;
}
NameValueCollection funcCodeItem = new NameValueCollection
{
{ funcParamName, EncryItem(customShellType.MainCodeSetting.FuncCodeParam.EncryMode, funcCodeString) }
};
AddItemToDic(dic, customShellType.MainCodeSetting.FuncCodeParam.Location, dataCombine.CombineToStr(funcCodeItem));
//FunParma
if (parmas != null && parmas.Length > 0)
{
if (parmas.Length != funcCode.FuncParams.Count)
{
throw new Exception("调用方法的参数个数与实现代码的参数个数不符合");
}
for (int i = 0; i < parmas.Length; i++)
{
string parName = funcCode.FuncParams[i].Name;
if (GlobalSetting.IsParamRandom)
{
string newguid = _randomParam[parName];
parName = newguid;
}
NameValueCollection item = new NameValueCollection
{
{ parName, EncryItem(funcCode.FuncParams[i].EncryMode, parmas[i]) }
};
AddItemToDic(dic, funcCode.FuncParams[i].Location, dataCombine.CombineToStr(item));
//dataCombine.AddFuncParmaItem("z" + (i + 1), EncryItem(FuncCode.FuncParmaEncryMode, parmas[i]));
}
//AddItemToDic(dic, FuncCode.FuncParmaLocation, dataCombine.CombineToStr(dataCombine.FuncParmaItems));
}
return(dic);
}
