package com.cmcm.expImpl;

import com.cleanmaster.security.heartbleed.utils.FileUtil;
import com.cmcm.utils.Utils;
import com.cmcm.utils.wrapHttpUtil;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class VulnerabilityExploit {
    private static String DEFAULT_DNS_P = "8.8.8.8";
    private static String DEFAULT_DNS_S = "8.8.4.4";
    private static String KEY_DNS_P = "dns_p";
    private static String KEY_DNS_S = "dns_s";
    private static String KEY_IP_GATEWAY = "ip_gate";

    private static boolean checkResult(JSONObject jSONObject, String str) {
        int i;
        boolean z = true;
        if (jSONObject.has("result_check")) {
            if (str.length() == 0) {
                return false;
            }
            if (jSONObject.has("check_type")) {
                try {
                    i = jSONObject.getInt("check_type");
                } catch (JSONException e) {
                    return false;
                }
            } else {
                i = 0;
            }
            if (i == 1) {
                try {
                    JSONArray jSONArray = jSONObject.getJSONArray("result_check");
                    int i2 = 0;
                    while (true) {
                        if (i2 >= jSONArray.length()) {
                            break;
                        }
                        if (str.toLowerCase().contains(jSONArray.getString(i2))) {
                            z = false;
                            break;
                        }
                        i2++;
                    }
                } catch (JSONException e2) {
                    e2.printStackTrace();
                    z = false;
                }
            } else if (i == 2) {
                try {
                    JSONArray jSONArray2 = jSONObject.getJSONArray("result_check");
                    int i3 = 0;
                    while (true) {
                        if (i3 >= jSONArray2.length()) {
                            z = false;
                            break;
                        }
                        if (str.toLowerCase().contains(jSONArray2.getString(i3))) {
                            break;
                        }
                        i3++;
                    }
                } catch (JSONException e3) {
                    e3.printStackTrace();
                    z = false;
                }
            } else {
                try {
                    JSONArray jSONArray3 = jSONObject.getJSONArray("result_check");
                    int i4 = 0;
                    while (true) {
                        if (i4 >= jSONArray3.length()) {
                            break;
                        }
                        if (!str.toLowerCase().contains(jSONArray3.getString(i4))) {
                            z = false;
                            break;
                        }
                        i4++;
                    }
                } catch (JSONException e4) {
                    e4.printStackTrace();
                    z = false;
                }
            }
        }
        return z;
    }

    public static boolean httpPost(String str, Map<String, String> map) {
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        HttpPost httpPost = new HttpPost(str);
        ArrayList arrayList = new ArrayList(map.size());
        for (Map.Entry<String, String> entry : map.entrySet()) {
            arrayList.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));
        }
        try {
            if (arrayList.size() > 0) {
                httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        try {
            return defaultHttpClient.execute(httpPost).getStatusLine().getStatusCode() == 200;
        } catch (ClientProtocolException e2) {
            e2.printStackTrace();
            return false;
        } catch (IOException e3) {
            e3.printStackTrace();
            return false;
        }
    }

    public static JSONObject init(File file) {
        if (!file.exists()) {
            return null;
        }
        byte[] bArr = new byte[(int) file.length()];
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            fileInputStream.read(bArr);
            fileInputStream.close();
            return new JSONObject(Utils.Uncrypt(new String(bArr), 'y'));
        } catch (FileNotFoundException e) {
            e.printStackTrace();
            return null;
        } catch (IOException e2) {
            e2.printStackTrace();
            return null;
        } catch (JSONException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    private static JSONObject initParam(String str) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put(KEY_IP_GATEWAY, str);
            jSONObject.put(KEY_DNS_P, DEFAULT_DNS_P);
            jSONObject.put(KEY_DNS_S, DEFAULT_DNS_S);
            return jSONObject;
        } catch (JSONException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static boolean runExp(JSONObject jSONObject, JSONObject jSONObject2, Map<String, String> map, Map<String, String> map2, String str) {
        String fuck_format_url = Utils.fuck_format_url(jSONObject, jSONObject2);
        if (fuck_format_url != null && fuck_format_url.length() != 0) {
            if (fuck_format_url.contains("|")) {
                fuck_format_url = fuck_format_url.replace("|", "%7c");
            }
            if (fuck_format_url.contains(" ")) {
                fuck_format_url = fuck_format_url.replace(" ", "%20");
            }
            byte[] hGet = wrapHttpUtil.hGet(fuck_format_url, false, map);
            if (hGet != null && checkResult(jSONObject, new String(hGet, 0, hGet.length))) {
                return true;
            }
        }
        return false;
    }

    public static boolean runExpPost(JSONObject jSONObject, JSONObject jSONObject2, Map<String, String> map, Map<String, String> map2, String str) {
        String fuck_format_url = Utils.fuck_format_url(jSONObject, jSONObject2);
        if (fuck_format_url != null && fuck_format_url.length() != 0) {
            if (fuck_format_url.contains("|")) {
                fuck_format_url = fuck_format_url.replace("|", "%7c");
            }
            if (fuck_format_url.contains(" ")) {
                fuck_format_url = fuck_format_url.replace(" ", "%20");
            }
            byte[] hPost = wrapHttpUtil.hPost(fuck_format_url, false, map, map2, str);
            if (hPost != null && checkResult(jSONObject, new String(hPost, 0, hPost.length))) {
                return true;
            }
        }
        return false;
    }

    public static boolean runRemoteReadFileExp(JSONObject jSONObject, JSONObject jSONObject2, Map<String, String> map, Map<String, String> map2, String str) {
        boolean z;
        String fuck_format_url = Utils.fuck_format_url(jSONObject, jSONObject2);
        if (fuck_format_url == null || fuck_format_url.length() == 0) {
            z = false;
        } else {
            if (fuck_format_url.contains("|")) {
                fuck_format_url = fuck_format_url.replace("|", "%7c");
            }
            if (fuck_format_url.contains(" ")) {
                fuck_format_url = fuck_format_url.replace(" ", "%20");
            }
            byte[] hGet = wrapHttpUtil.hGet(fuck_format_url, false, map);
            if (hGet == null) {
                return false;
            }
            z = true;
            if (!checkResult(jSONObject, new String(hGet, 0, hGet.length))) {
                return false;
            }
        }
        return z;
    }

    public static JSONObject vulScan(JSONObject jSONObject, String str, String str2) {
        boolean runExp;
        StringBuffer stringBuffer = new StringBuffer();
        StringBuffer stringBuffer2 = new StringBuffer();
        JSONObject jSONObject2 = new JSONObject();
        JSONObject initParam = initParam(str2);
        try {
            JSONArray jSONArray = jSONObject.getJSONArray(FileUtil.ID_DATA);
            for (int i = 0; i < jSONArray.length(); i++) {
                JSONObject jSONObject3 = jSONArray.getJSONObject(i);
                if (jSONObject3.has(str)) {
                    JSONArray jSONArray2 = jSONObject3.getJSONArray(str);
                    for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
                        JSONObject jSONObject4 = jSONArray2.getJSONObject(i2);
                        if ((!jSONObject4.has("mark") || !jSONObject4.getString("mark").startsWith("n_use")) && (!jSONObject4.has("exp_type") || jSONObject4.getString("exp_type").equals("dns_change") || jSONObject4.getString("exp_type").startsWith("remote_read_file") || jSONObject4.getString("exp_type").startsWith("exec_cmd"))) {
                            HashMap hashMap = new HashMap();
                            String str3 = new String();
                            if (jSONObject4.has("headers")) {
                                JSONObject jSONObject5 = jSONObject4.getJSONObject("headers");
                                Iterator<String> keys = jSONObject5.keys();
                                while (keys.hasNext()) {
                                    String next = keys.next();
                                    hashMap.put(next, jSONObject5.getString(next));
                                }
                            }
                            if (jSONObject4.has(FileUtil.ID_DATA)) {
                                str3 = jSONObject4.getString(FileUtil.ID_DATA);
                            }
                            JSONObject jSONObject6 = jSONObject4.getJSONObject("detail");
                            String string = jSONObject4.getString("exp_name");
                            String string2 = jSONObject4.getString("exp_type");
                            if (jSONObject4.has("method") && jSONObject4.getString("method").equals("POST") && jSONObject4.has("params")) {
                                JSONObject jSONObject7 = jSONObject4.getJSONObject("params");
                                HashMap hashMap2 = new HashMap();
                                Iterator<String> keys2 = jSONObject7.keys();
                                while (keys2.hasNext()) {
                                    String next2 = keys2.next();
                                    hashMap2.put(next2, jSONObject7.getString(next2));
                                }
                                runExp = runExpPost(jSONObject6, initParam, hashMap, hashMap2, str3);
                                if (runExp) {
                                    stringBuffer.append(String.valueOf(string2) + " ");
                                    stringBuffer2.append(String.valueOf(string) + " ");
                                }
                            } else if (jSONObject4.getString("exp_type").startsWith("remote_read_file")) {
                                runExp = runRemoteReadFileExp(jSONObject6, initParam, hashMap, null, str3);
                                if (runExp) {
                                    stringBuffer.append(String.valueOf(string2) + " ");
                                    stringBuffer2.append(String.valueOf(string) + " ");
                                }
                            } else {
                                runExp = runExp(jSONObject6, initParam, hashMap, null, str3);
                                if (runExp) {
                                    stringBuffer.append(String.valueOf(string2) + " ");
                                    stringBuffer2.append(String.valueOf(string) + " ");
                                }
                            }
                            if (runExp) {
                                jSONObject2.put("ret", 1);
                                jSONObject2.put("exp_desc", stringBuffer2.toString());
                                jSONObject2.put("vul_type", stringBuffer.toString());
                            }
                        }
                    }
                }
            }
            return jSONObject2;
        } catch (JSONException e) {
            e.printStackTrace();
            return jSONObject2;
        }
    }
}
