finish

CHANGELOG.MD

@@ -20,4 +20,13 @@ init
 - Fix minor bugs related to non-core features.
 - Automatically check for new versions and prompt for updates.
 
-## 0.0.3
+## 0.0.3
+
+支持了自定义反序列化payload功能，内部仅保留最常见的链，其他情况自行导入
+
+- 希望支持yso自定义 #3
+- 支持调用自己的yso #2
+- 命令行版本也支持了自定义序列化数据
+- 修复了dockerfile版本问题
+- 删除了基本不会使用的rpc模块
+- 完善README信息

Dockerfile

@@ -14,7 +14,7 @@ FROM openjdk:8-jre
 
 LABEL MAINTAINER="4ra1n"
 
-COPY --from=builder /usr/src/fake-mysql-cli-0.0.1.jar /cli.jar
+COPY --from=builder /usr/src/fake-mysql-cli-0.0.3.jar /cli.jar
 
 EXPOSE 3306
 

README.md

@@ -23,6 +23,10 @@
 
 注意：读文件功能遇到没有没有完整读取的情况，重新尝试即可完整读取
 
+自从 `0.0.3` 版本以后支持了自定义反序列化 `gadget` 功能
+
+![](img/004.png)
+
 ## 0x01 GUI
 
 使用`GUI`版本一键启动，启动后可以根据自己的环境输入参数，生成`payload`
@@ -47,40 +51,6 @@
 
 ![](img/003.png)
 
-## 0x04 RPC
-
-本项目提供了`GRPC`调用的方式
-
-启动：`java -jar fake-mysql-rpc.jar`（默认启动端口9999）
-
-proto:
-
-```protobuf
-syntax = "proto3";
-
-option java_package = "me.n1ar4.fake.rpc";
-option java_outer_classname = "FakeServerRPC";
-option java_multiple_files = true;
-
-package me.n1ar4.fake.rpc;
-
-service RPCStart {
-  rpc start (RPCNull) returns (RPCResp) {}
-  rpc stop (RPCPort) returns(RPCResp) {}
-}
-
-message RPCNull{}
-
-message RPCResp {
-  string status = 1;
-  int32 port = 2;
-}
-
-message RPCPort {
-  int32 port = 1;
-}
-```
-
 ## 0x05 其他
 
 怎样测试：

doc/README.md

@@ -21,6 +21,10 @@ By default, the files are saved in the directory named after the current timesta
 
 Note: When reading files, if there is incomplete reading, try again to get a complete reading.
 
+Since `0.0.3` version, we support use custom `gadget` function
+
+![](../img/004.png)
+
 ## 0x01 GUI
 
 Use the `GUI` version to start with one click. After starting, you can enter parameters according to your environment to generate a payload.
@@ -45,40 +49,6 @@ Launch: `docker run -p 3306:3306 -d fake-mysql-server`
 
 ![](../img/003.png)
 
-## 0x04 RPC
-
-This project provides a `GRPC` call method.
-
-Launch: `java -jar fake-mysql-rpc.jar` (default launch port 9999)
-
-proto:
-
-```protobuf
-syntax = "proto3";
-
-option java_package = "me.n1ar4.fake.rpc";
-option java_outer_classname = "FakeServerRPC";
-option java_multiple_files = true;
-
-package me.n1ar4.fake.rpc;
-
-service RPCStart {
-  rpc start (RPCNull) returns (RPCResp) {}
-  rpc stop (RPCPort) returns(RPCResp) {}
-}
-
-message RPCNull{}
-
-message RPCResp {
-  string status = 1;
-  int32 port = 2;
-}
-
-message RPCPort {
-  int32 port = 1;
-}
-```
-
 ## 0x05 Others
 
 How to test:

fake-mysql-cli/src/main/java/me/n1ar4/fake/cli/Cli.java

@@ -2,20 +2,26 @@
 
 import com.beust.jcommander.JCommander;
 import com.beust.jcommander.Parameter;
+import me.n1ar4.fake.proto.GadgetResolver;
 import me.n1ar4.fake.proto.MySQLServer;
 
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
 public class Cli {
     @Parameter(names = {"-p", "--port"}, description = "port")
     private int port;
 
+    @Parameter(names = {"-f","--file"},description = "gadget file")
+    private String customGadget;
+
     public static void main(String[] args) {
         Cli main = new Cli();
         System.setProperty("sun.stdout.encoding", "utf-8");
         JCommander.newBuilder()
                 .addObject(main)
                 .build()
                 .parse(args);
-
         main.run();
     }
 
@@ -26,6 +32,16 @@ private void run() {
         MySQLServer.setIp("0.0.0.0");
         MySQLServer.setPort(port);
         PrintUtil.print();
+
+        if(customGadget!=null&&!customGadget.isEmpty()){
+            try {
+                GadgetResolver.setCustomGadget(new String(Files.readAllBytes(Paths.get(customGadget))));
+                System.out.println("set custom gadget finish");
+            }catch (Exception ex){
+                ex.printStackTrace();
+            }
+        }
+
         MySQLServer.StartServer();
     }
 }

fake-mysql-cli/src/main/java/me/n1ar4/fake/cli/PrintUtil.java

@@ -27,6 +27,12 @@ public static void print(){
         System.out.println("Support raw string and base64 (start with base64)");
         System.out.println("\t\tExample 1: user=deser_CB_calc.exe");
         System.out.println("\t\tExample 2: user=base64ZGVzZXJfQ0JfY2FsYy5leGU=");
+
+        System.out.println();
+        System.out.println("Support custom gadget (use file)");
+        System.out.println("\t\tExample: save gadget to test.txt");
+        System.out.println("\t\tUse: java -jar cli.jar -f test.txt");
+        System.out.println("\t\tUse: deser_CUSTOM");
         System.out.println("\u001B[32;1m#################################################################\u001B[0m");
     }
 }

fake-mysql-gadget/src/main/java/me/n1ar4/fake/gadget/CB.java

@@ -3,6 +3,9 @@
 import org.apache.commons.beanutils.BeanComparator;
 
 import java.math.BigInteger;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.Base64;
 import java.util.PriorityQueue;
 
 @SuppressWarnings("all")
@@ -32,6 +35,8 @@ public Object getObject(final String command) throws Exception {
     public static void main(String[] args) throws Exception {
         CB c = new CB();
         Object obj = c.getObject("calc.exe");
+        String base64 = Base64.getEncoder().encodeToString(SerUtil.serializeObject(obj));
+        Files.write(Paths.get("test.txt"),base64.getBytes());
         SerUtil.deserializeObject(SerUtil.serializeObject(obj));
     }
 }

fake-mysql-gui/src/main/java/me/n1ar4/fake/gui/form/FakeServer.form

@@ -3,7 +3,7 @@
   <grid id="27dc6" binding="masterPanel" layout-manager="GridLayoutManager" row-count="3" column-count="2" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
     <margin top="0" left="0" bottom="0" right="0"/>
     <constraints>
-      <xy x="20" y="20" width="1330" height="720"/>
+      <xy x="20" y="20" width="1330" height="804"/>
     </constraints>
     <properties>
       <background color="-1120293"/>
@@ -272,7 +272,7 @@
               <text value="File Read"/>
             </properties>
           </component>
-          <grid id="d5854" binding="gadgetPanel" layout-manager="GridLayoutManager" row-count="4" column-count="3" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
+          <grid id="d5854" binding="gadgetPanel" layout-manager="GridLayoutManager" row-count="4" column-count="4" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
             <margin top="0" left="0" bottom="0" right="0"/>
             <constraints>
               <grid row="1" column="0" row-span="2" col-span="17" vsize-policy="3" hsize-policy="3" anchor="0" fill="3" indent="0" use-parent-layout="false"/>
@@ -284,7 +284,7 @@
             <children>
               <component id="434e9" class="javax.swing.JRadioButton" binding="jdk7Button">
                 <constraints>
-                  <grid row="0" column="0" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="0" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <background color="-1120293"/>
@@ -293,7 +293,7 @@
               </component>
               <component id="e2a30" class="javax.swing.JRadioButton" binding="jdk8Button">
                 <constraints>
-                  <grid row="0" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="0" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <background color="-1120293"/>
@@ -302,7 +302,7 @@
               </component>
               <component id="309ff" class="javax.swing.JRadioButton" binding="cc44Button">
                 <constraints>
-                  <grid row="1" column="0" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="1" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <background color="-1120293"/>
@@ -311,7 +311,7 @@
               </component>
               <component id="5204a" class="javax.swing.JRadioButton" binding="urldnsButton">
                 <constraints>
-                  <grid row="1" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="1" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <background color="-1120293"/>
@@ -320,7 +320,7 @@
               </component>
               <component id="b82e7" class="javax.swing.JRadioButton" binding="cbButton">
                 <constraints>
-                  <grid row="0" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="0" column="3" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <background color="-1120293"/>
@@ -329,7 +329,7 @@
               </component>
               <component id="f0320" class="javax.swing.JRadioButton" binding="cc31Button">
                 <constraints>
-                  <grid row="1" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                  <grid row="1" column="3" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
                   <background color="-1120293"/>
@@ -338,7 +338,7 @@
               </component>
               <scrollpane id="33380" binding="scroll">
                 <constraints>
-                  <grid row="2" column="0" row-span="1" col-span="3" vsize-policy="7" hsize-policy="7" anchor="0" fill="3" indent="0" use-parent-layout="false">
+                  <grid row="2" column="0" row-span="1" col-span="4" vsize-policy="7" hsize-policy="7" anchor="0" fill="3" indent="0" use-parent-layout="false">
                     <minimum-size width="-1" height="100"/>
                     <preferred-size width="-1" height="100"/>
                     <maximum-size width="-1" height="100"/>
@@ -349,34 +349,50 @@
                 <children>
                   <component id="d57ff" class="javax.swing.JTextArea" binding="gadgetArea">
                     <constraints/>
-                    <properties/>
+                    <properties>
+                      <text value=""/>
+                    </properties>
                   </component>
                 </children>
               </scrollpane>
-              <component id="494de" class="javax.swing.JButton" binding="cleanButton" default-binding="true">
-                <constraints>
-                  <grid row="3" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="0" fill="1" indent="0" use-parent-layout="false"/>
-                </constraints>
-                <properties>
-                  <text value="Clean"/>
-                </properties>
-              </component>
-              <component id="62c8d" class="javax.swing.JButton" binding="applyButton">
+              <grid id="6ea5f" binding="customPanel" layout-manager="GridLayoutManager" row-count="1" column-count="3" same-size-horizontally="false" same-size-vertically="false" hgap="-1" vgap="-1">
+                <margin top="0" left="0" bottom="0" right="0"/>
                 <constraints>
-                  <grid row="3" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="0" fill="1" indent="0" use-parent-layout="false"/>
+                  <grid row="3" column="0" row-span="1" col-span="4" vsize-policy="3" hsize-policy="3" anchor="0" fill="3" indent="0" use-parent-layout="false"/>
                 </constraints>
                 <properties>
-                  <text value="Apply Gadget Data"/>
+                  <background color="-1120294"/>
                 </properties>
-              </component>
-              <component id="57c92" class="javax.swing.JLabel" binding="gadgetDataLabel">
-                <constraints>
-                  <grid row="3" column="0" row-span="1" col-span="1" vsize-policy="0" hsize-policy="0" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
-                </constraints>
-                <properties>
-                  <text value="Gadget Data (Base64)"/>
-                </properties>
-              </component>
+                <border type="none"/>
+                <children>
+                  <component id="62c8d" class="javax.swing.JButton" binding="applyButton">
+                    <constraints>
+                      <grid row="0" column="1" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="0" fill="1" indent="0" use-parent-layout="false"/>
+                    </constraints>
+                    <properties>
+                      <text value="Apply Gadget Data"/>
+                    </properties>
+                  </component>
+                  <component id="494de" class="javax.swing.JButton" binding="cleanButton" default-binding="true">
+                    <constraints>
+                      <grid row="0" column="2" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="0" fill="1" indent="0" use-parent-layout="false"/>
+                    </constraints>
+                    <properties>
+                      <text value="Clean"/>
+                    </properties>
+                  </component>
+                  <component id="8955f" class="javax.swing.JRadioButton" binding="useCustomGadgetBase64RadioButton" default-binding="true">
+                    <constraints>
+                      <grid row="0" column="0" row-span="1" col-span="1" vsize-policy="0" hsize-policy="3" anchor="8" fill="0" indent="0" use-parent-layout="false"/>
+                    </constraints>
+                    <properties>
+                      <background color="-1120294"/>
+                      <enabled value="false"/>
+                      <text value="use custom gadget (base64 data)"/>
+                    </properties>
+                  </component>
+                </children>
+              </grid>
             </children>
           </grid>
           <component id="af4da" class="javax.swing.JLabel" binding="typeLabel">
@@ -490,6 +506,7 @@
       <member id="1ffe4"/>
       <member id="f0320"/>
       <member id="3d08c"/>
+      <member id="8955f"/>
     </group>
     <group name="typeGroup">
       <member id="3f356"/>