package org.owasp.webgoat.plugin;

import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.google.common.collect.Lists;
import java.io.File;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.StringTokenizer;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.HR;
import org.apache.ecs.html.P;
import org.apache.ecs.html.PRE;
import org.apache.xalan.templates.Constants;
import org.apache.xml.serializer.SerializerConstants;
import org.owasp.webgoat.lessons.Category;
import org.owasp.webgoat.lessons.LessonAdapter;
import org.owasp.webgoat.session.ECSFactory;
import org.owasp.webgoat.session.WebSession;
import org.springframework.beans.factory.BeanFactory;

/* loaded from: input_file:WebGoat.war:plugin_lessons/command-injection-1.0.jar:org/owasp/webgoat/plugin/CommandInjection.class */
public class CommandInjection extends LessonAdapter {
    private static final String HELP_FILE = "HelpFile";
    private String osName = System.getProperty("os.name");
    private static final List<String> VALID_WINDOWS_CMDS = Lists.newArrayList("dir", "ls", "netstat -a", "ipconfig");
    private static final List<String> VALID_UNIX_CMDS = Lists.newArrayList("ls", "ls -l", "netstat -a", "ifconfig");
    private static final Integer DEFAULT_RANKING = new Integer(40);

    @Override // org.owasp.webgoat.lessons.AbstractLesson
    public void handleRequest(WebSession webSession) {
        Form form = new Form();
        form.addElement(createContent(webSession));
        form.setAction(getFormAction());
        form.setMethod("POST");
        form.setName(HtmlForm.TAG_NAME);
        form.setEncType("");
        setContent(form);
    }

    private boolean isValidCommand(String str) {
        return this.osName.indexOf("Windows") != -1 ? VALID_WINDOWS_CMDS.contains(str) : VALID_UNIX_CMDS.contains(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.session.Screen
    public Element createContent(WebSession webSession) {
        String exec;
        String exec2;
        ElementContainer elementContainer = new ElementContainer();
        boolean z = false;
        try {
            String rawParameter = webSession.getParser().getRawParameter(HELP_FILE, "BasicAuthentication.help");
            if (rawParameter.indexOf(38) != -1 || rawParameter.indexOf(59) != -1) {
                int indexOf = rawParameter.indexOf(38);
                if (indexOf == -1) {
                    indexOf = rawParameter.indexOf(59);
                }
                if (isValidCommand(rawParameter.substring(indexOf + 1, rawParameter.length() - 1).trim().toLowerCase())) {
                    z = false;
                } else {
                    webSession.setMessage(getLabelManager().get("CommandInjectionRightTrack1"));
                }
            }
            if (rawParameter.indexOf(38) == -1 && rawParameter.indexOf(59) == -1 && rawParameter.length() > 0 && upDirCount(rawParameter) >= 1) {
                webSession.setMessage(getLabelManager().get("CommandInjectionRightTrack2"));
            }
            File file = new File(LessonUtil.getLessonDirectory(webSession, this), "/resources");
            elementContainer.addElement(new BR());
            elementContainer.addElement(new BR());
            elementContainer.addElement(new StringElement(getLabelManager().get("YouAreCurrentlyViewing") + "<b>" + (rawParameter.toString().length() == 0 ? SerializerConstants.ENTITY_LT + getLabelManager().get("SelectFileFromListBelow") + SerializerConstants.ENTITY_GT : rawParameter.toString()) + "</b>"));
            String replaceAll = rawParameter.replaceAll("\\.help", "\\.html");
            if (this.osName.indexOf("Windows") != -1) {
                exec = z ? "" : exec(webSession, "cmd.exe /c dir /b \"" + file.getPath() + "\"");
                exec2 = exec(webSession, "cmd.exe /c type \"" + new File(file, replaceAll).getPath() + "\"");
            } else {
                exec = z ? "" : exec(webSession, new String[]{"/bin/sh", "-c", "ls \"" + file.getPath() + "\""});
                exec2 = exec(webSession, new String[]{"/bin/sh", "-c", "cat \"" + new File(file, replaceAll).getPath() + "\""});
            }
            elementContainer.addElement(new P().addElement(getLabelManager().get("SelectLessonPlanToView")));
            elementContainer.addElement(ECSFactory.makePulldown(HELP_FILE, parseResults(exec.replaceAll("(?s)\\.html", "\\.help"))));
            elementContainer.addElement(ECSFactory.makeButton(getLabelManager().get("View")));
            elementContainer.addElement(new BR());
            elementContainer.addElement(new BR());
            elementContainer.addElement(new HR().setWidth("90%"));
            PRE pre = new PRE();
            pre.setWidth("90%");
            pre.addElement(new StringElement(exec2.replaceAll(System.getProperty("line.separator"), "<br>").replaceAll("(?s)<!DOCTYPE.*/head>", "").replaceAll("<br><br>", "<br>").replaceAll("<br>\\s<br>", "<br>")));
            elementContainer.addElement(pre);
        } catch (Exception e) {
            webSession.setMessage("Error generating " + getClass().getName());
            e.printStackTrace();
        }
        return elementContainer;
    }

    private String parseResults(String str) {
        str.replaceAll("(?s).*Output...\\s", "").replaceAll("(?s)Returncode.*", "");
        StringTokenizer stringTokenizer = new StringTokenizer(str, "\n");
        StringBuffer stringBuffer = new StringBuffer();
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            if (trim.length() > 0 && trim.endsWith(".help")) {
                stringBuffer.append(trim + "\n");
            }
        }
        return stringBuffer.toString();
    }

    public static int upDirCount(String str) {
        int i = 0;
        String replaceAll = str.replaceAll("%2d", ".");
        int indexOf = replaceAll.indexOf(Constants.ATTRVAL_PARENT);
        while (true) {
            int i2 = indexOf;
            if (i2 == -1) {
                return i;
            }
            i++;
            indexOf = replaceAll.indexOf(Constants.ATTRVAL_PARENT, i2 + 1);
        }
    }

    private String exec(WebSession webSession, String str) {
        System.out.println("Executing OS command: " + str);
        ExecResults execSimple = Exec.execSimple(str);
        if ((str.indexOf(BeanFactory.FACTORY_BEAN_PREFIX) != -1 || str.indexOf(";") != -1) && !execSimple.getError()) {
            makeSuccess(webSession);
        }
        return execSimple.toString();
    }

    private String exec(WebSession webSession, String[] strArr) {
        System.out.println("Executing OS command: " + Arrays.asList(strArr));
        ExecResults execSimple = Exec.execSimple(strArr);
        if ((strArr[2].indexOf(BeanFactory.FACTORY_BEAN_PREFIX) != -1 || strArr[2].indexOf(";") != -1) && !execSimple.getError()) {
            makeSuccess(webSession);
        }
        return execSimple.toString();
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Category getDefaultCategory() {
        return Category.INJECTION;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected List<String> getHints(WebSession webSession) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(getLabelManager().get("CommandInjectionHint1"));
        arrayList.add(getLabelManager().get("CommandInjectionHint2"));
        arrayList.add(getLabelManager().get("CommandInjectionHint3"));
        arrayList.add(getLabelManager().get("CommandInjectionHint4"));
        return arrayList;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Integer getDefaultRanking() {
        return DEFAULT_RANKING;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.session.Screen
    public String getTitle() {
        return "Command Injection";
    }
}
