public static void AddShellType(CustomShellType newShellType) { try { //检查基本字段是否被设置 if (string.IsNullOrEmpty(newShellType.ShellTypeName)) { throw new Exception("ShellTypeName is Null Or Empty"); } //检查shelltype是否被已经存储 if (_shellTypeStyleContainer.ContainsKey(newShellType.ShellTypeName)) { throw new Exception("The ShellTypeName already exists"); } //存储 _shellTypeStyleContainer.Add(newShellType.ShellTypeName, newShellType); } catch { throw; } }
public CustomCommandCode(CustomShellType customShellType, string pass) { _customShellType = customShellType; _pass = pass; _randomParam = new Dictionary <string, string>(); }
/// <summary> /// 将指定的操作拼接包装成完整的脚本语言,并存储于字典中 /// </summary> /// <param name="customShellType">自定义的Shell类型</param> /// <param name="pass">一句话木马的密码</param> /// <param name="funcCode">funcCode代码类型,分为非数据库操作(存储于BuiltIn.func文件内)、数据库操作(存储于Db.func文件内)</param> /// <param name="parmas">数据库连接参数组</param> /// <returns></returns> private Dictionary <string, string> GetCode(CustomShellType customShellType, string pass, CustomShellType.FuncCode funcCode, string[] parmas) { DataCombine dataCombine = new DataCombine(); Dictionary <string, string> dic = new Dictionary <string, string>(); //MainCodeSetting string mainCodeString = FillParams(customShellType.MainCodeSetting.Item, customShellType.MainCodeSetting.FuncCodeParam); //NameValueCollection与Dictionary<string,string>比较相似,区别在于NameValueCollection在处理Add时,如果遇到已有的Key会以追加的形式进行修改(以逗号为分隔符)。 NameValueCollection mainCodeItem = new NameValueCollection { { pass, EncryItem(customShellType.BasicSetting.MainCodeParam.EncryMode, mainCodeString) } }; AddItemToDic(dic, customShellType.BasicSetting.MainCodeParam.Location, dataCombine.CombineToStr(mainCodeItem)); //FuncCode string funcCodeString = ""; if (funcCode.FuncParams.Count > 0) { funcCodeString = FillParams(funcCode.Item, funcCode.FuncParams); } else { funcCodeString = funcCode.Item; } //判断是否进行了参数随机化,如果进行了参数随机化,则将funcParamName的随机参数从随机参数列表中取出来代替默认的funcParamName //备注:_ramdomParma是程序集中记录随机参数的列表,以<默认参数名,随机参数名>的形式记录哪些默认参数使用的参数随机化 string funcParamName = customShellType.MainCodeSetting.FuncCodeParam.Name; if (GlobalSetting.IsParamRandom) { string newguid = _randomParam[funcParamName]; funcParamName = newguid; } NameValueCollection funcCodeItem = new NameValueCollection { { funcParamName, EncryItem(customShellType.MainCodeSetting.FuncCodeParam.EncryMode, funcCodeString) } }; AddItemToDic(dic, customShellType.MainCodeSetting.FuncCodeParam.Location, dataCombine.CombineToStr(funcCodeItem)); //FunParma if (parmas != null && parmas.Length > 0) { if (parmas.Length != funcCode.FuncParams.Count) { throw new Exception("调用方法的参数个数与实现代码的参数个数不符合"); } for (int i = 0; i < parmas.Length; i++) { string parName = funcCode.FuncParams[i].Name; if (GlobalSetting.IsParamRandom) { string newguid = _randomParam[parName]; parName = newguid; } NameValueCollection item = new NameValueCollection { { parName, EncryItem(funcCode.FuncParams[i].EncryMode, parmas[i]) } }; AddItemToDic(dic, funcCode.FuncParams[i].Location, dataCombine.CombineToStr(item)); //dataCombine.AddFuncParmaItem("z" + (i + 1), EncryItem(FuncCode.FuncParmaEncryMode, parmas[i])); } //AddItemToDic(dic, FuncCode.FuncParmaLocation, dataCombine.CombineToStr(dataCombine.FuncParmaItems)); } return(dic); }
private Dictionary <string, string> GetCode(CustomShellType customShellType, string pass, CustomShellType.FuncCode funcCode, string[] parmas) { DataCombine dataCombine = new DataCombine(); Dictionary <string, string> dic = new Dictionary <string, string>(); //MainCodeSetting string mainCodeString = FillParams(customShellType.MainCodeSetting.Item, customShellType.MainCodeSetting.FuncCodeParam); NameValueCollection mainCodeItem = new NameValueCollection { { pass, EncryItem(customShellType.BasicSetting.MainCodeParam.EncryMode, mainCodeString) } }; AddItemToDic(dic, customShellType.BasicSetting.MainCodeParam.Location, dataCombine.CombineToStr(mainCodeItem)); //FuncCode string funcCodeString = ""; if (funcCode.FuncParams.Count > 0) { funcCodeString = FillParams(funcCode.Item, funcCode.FuncParams); } else { funcCodeString = funcCode.Item; } //判断是否随机参数 string funcParamName = customShellType.MainCodeSetting.FuncCodeParam.Name; if (GlobalSetting.IsParamRandom) { string newguid = _randomParam[funcParamName]; funcParamName = newguid; } NameValueCollection funcCodeItem = new NameValueCollection { { funcParamName, EncryItem(customShellType.MainCodeSetting.FuncCodeParam.EncryMode, funcCodeString) } }; AddItemToDic(dic, customShellType.MainCodeSetting.FuncCodeParam.Location, dataCombine.CombineToStr(funcCodeItem)); //FunParma if (parmas != null && parmas.Length > 0) { if (parmas.Length != funcCode.FuncParams.Count) { throw new Exception("调用方法的参数个数与实现代码的参数个数不符合"); } for (int i = 0; i < parmas.Length; i++) { string parName = funcCode.FuncParams[i].Name; if (GlobalSetting.IsParamRandom) { string newguid = _randomParam[parName]; parName = newguid; } NameValueCollection item = new NameValueCollection { { parName, EncryItem(funcCode.FuncParams[i].EncryMode, parmas[i]) } }; AddItemToDic(dic, funcCode.FuncParams[i].Location, dataCombine.CombineToStr(item)); //dataCombine.AddFuncParmaItem("z" + (i + 1), EncryItem(FuncCode.FuncParmaEncryMode, parmas[i])); } //AddItemToDic(dic, FuncCode.FuncParmaLocation, dataCombine.CombineToStr(dataCombine.FuncParmaItems)); } return(dic); }
private static readonly string SettingXmlPath = Environment.CurrentDirectory + "/";//const是编译时常数(默认是静态),readonly是运行时常数(默认不是静态) /// <summary> /// 注册CustomShellType /// </summary> public static void RegisterCustomShellType() { //清空CustomShellTypeProvider CustomShellTypeProvider.Clear(); //读取shelltype列表(.type) List <string> typeList = XmlHelper.LoadXMlList(CustomShellTypePath, "type"); //1.注册CustomShellType foreach (string c in typeList) { var basicSetting = new CustomShellType.Basic(); var mainCodeSetting = new CustomShellType.MainCode(); //读取basicSetting,mainCodeSetting CustomShellTypeXmlHandle.ReadXml(c, CustomShellTypePath, ref basicSetting, ref mainCodeSetting); //生成customShellType var customShellType = new CustomShellType(basicSetting, mainCodeSetting); //将CustomShellType注册到全局 CustomShellTypeProvider.AddShellType(customShellType); } //读取funcTree定义列表(.tree) List <string> funcTreeList = XmlHelper.LoadXMlList(CustomShellTypePath, "tree"); //2.初始化funcTree方法树 foreach (string c in funcTreeList) { var treeInfoList = new List <CustomShellType.TreeInfo>(); //读取funcCodeList CustomShellTypeXmlHandle.ReadXml(c, CustomShellTypePath, ref treeInfoList); //将func注册到CustomShellType foreach (CustomShellType.TreeInfo info in treeInfoList) { /*** * 获取节点的类型 * 允许多个类型,以英文逗号分隔,如"aspx,aspx1" */ string[] types = info.Type.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); foreach (string type in types) { CustomShellType shellType = CustomShellTypeProvider.GetShellType(type); FuncTreeNode node = shellType.AddFuncTreeNode(info.Path); node.Info = info.Info; } } } //读取funcCode列表(.func) List <string> funcList = XmlHelper.LoadXMlList(CustomShellTypePath, "func"); //3.注册funcCode到functree foreach (string c in funcList) { var funcCodeList = new List <CustomShellType.FuncCode>(); //读取funcCodeList CustomShellTypeXmlHandle.ReadXml(c, CustomShellTypePath, ref funcCodeList); //将func注册到CustomShellType foreach (CustomShellType.FuncCode func in funcCodeList) { /*** * 获取func的类型 * type允许多个类型,以英文逗号分隔,如"aspx,aspx1" */ string[] types = func.Type.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); foreach (string type in types) { CustomShellType shellType = CustomShellTypeProvider.GetShellType(type); //获取映射节点 //path为xpath形式,如"/cmder", //允许多个,以英文逗号分隔,如"/cmder,/cmder1" string[] xpaths = func.Path.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); foreach (string xpath in xpaths) { shellType.AddFuncCode(xpath, func); } } } } }