Fix legacy issues

README.md

@@ -67,6 +67,7 @@ httpTrafficAutoModificationConfig:
     rpcConn: 127.0.0.1:8443
     service: RPC
     scriptPath: 'C:\\Users\\outlaws\\.galaxy\\hook.mvel'
+    javaFilePath: 'C:\\Users\\outlaws\\.galaxy\\Hook.java'
 ```
 
 #### 1.1.2. Script
@@ -84,10 +85,33 @@ httpTrafficAutoModificationConfig:
     rpcConn: 127.0.0.1:8443
     service: SCRIPT
     scriptPath: 'C:\\Users\\outlaws\\.galaxy\\hook.mvel'
+    javaFilePath: 'C:\\Users\\outlaws\\.galaxy\\Hook.java'
 ```
 
 ![image-20240612223023823](images/image24.png)
 
+#### 1.1.3 Java File
+
+修改javaFilePath的文件内容，修改部分配置，启动用于测试的服务端
+
+> javaFilePath使用Java或已编译的Class均可以。不过如果使用Java文件，不能删除本插件的jar包，因为需要用于编译Java文件
+
+```yaml
+httpTrafficAutoModificationConfig:
+  hookConfig:
+    hookRequestToBurp: true
+    hookRequestToServer: true
+    hookResponseToBurp: true
+    hookResponseToClient: true
+    requestMatcher: ''request.host=="172.22.39.254"''
+    rpcConn: 127.0.0.1:8443
+    service: JAVA_FILE
+    javaFilePath: 'C:\\Users\\outlaws\\.galaxy\\Hook.java'
+    scriptPath: 'C:\\Users\\outlaws\\.galaxy\\hook.mvel'
+```
+
+![image-20240615003237939](images/image25.png)
+
 **效果**
 
 正常情况下，请求&响应被加密
@@ -394,9 +418,10 @@ httpTrafficAutoModificationConfig: # 功能梳理 - 1 HTTP流量自动修改相
     hookResponseToBurp: false
     hookResponseToClient: false
     requestMatcher: '' # 表达式，用于判断当前请求是否要进行Hook
-    service: RPC # hook所使用的sevice, 暂时有RPC、Script
+    service: RPC # hook所使用的sevice, 有RPC、SCRIPT、JAVA_FILE
     rpcConn: 127.0.0.1:8443 # 当service为RPC，RPC Server的连接串
     scriptPath: 'C:\\Users\\outlaws\\.galaxy\\hook.mvel' # 当service为SCRIPT，脚本路径
+    javaFilePath: 'C:\\Users\\outlaws\\.galaxy\\Hook.java' # 当service为JAVA_FILE时的java或class文件
   specialRuleMatchConfig: # 功能梳理 - 1.3 使用不同的匹配规则计算score
     requestParamMatches: {}
     responseContentMatches: {}

build.gradle

@@ -7,7 +7,7 @@ plugins {
 }
 
 group = 'org.m2sec'
-version = '1.1-SNAPSHOT'
+version = '1.2-SNAPSHOT'
 def grpcVersion = '1.54.1'
 def protobufVersion = '3.24.0'
 def protocVersion = protobufVersion

src/main/java/org/m2sec/modules/traffic/hook/JavaFileService.java

@@ -12,10 +12,7 @@
 import java.lang.reflect.Method;
 import java.net.URL;
 import java.net.URLClassLoader;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Locale;
-import java.util.StringJoiner;
+import java.util.*;
 
 /**
  * @author: outlaws-bai
@@ -28,15 +25,17 @@ public class JavaFileService extends AbstractHttpHookService {
 
     @Override
     public void init() {
-        loadJavaFile(
+        init(
                 GalaxyMain.config
                         .getHttpTrafficAutoModificationConfig()
                         .getHookConfig()
                         .getJavaFilePath());
     }
 
     public void init(String javaFilePath) {
-        loadJavaFile(javaFilePath);
+        if (javaFilePath.endsWith(".java")) loadJavaFile(javaFilePath);
+        else if (javaFilePath.endsWith(".class")) loadJavaClass(javaFilePath);
+        else throw new IllegalArgumentException("javaFilePath suffix error!");
     }
 
     @Override
@@ -67,7 +66,7 @@ public Request hookRequestToServer(Request request) {
     @Override
     public Response hookResponseToBurp(Response response) {
         try {
-            Method method = clazz.getMethod("hookRequestToServer", Response.class);
+            Method method = clazz.getMethod("hookResponseToBurp", Response.class);
             return (Response) method.invoke(null, response);
         } catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
             throw new RuntimeException(e);
@@ -77,7 +76,7 @@ public Response hookResponseToBurp(Response response) {
     @Override
     public Response hookResponseToClient(Response response) {
         try {
-            Method method = clazz.getMethod("hookRequestToServer", Response.class);
+            Method method = clazz.getMethod("hookResponseToClient", Response.class);
             return (Response) method.invoke(null, response);
         } catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
             throw new RuntimeException(e);
@@ -87,6 +86,7 @@ public Response hookResponseToClient(Response response) {
     private void loadJavaFile(String javaFilePath) {
         try {
             JavaCompiler compiler = ToolProvider.getSystemJavaCompiler();
+            File javaFile = new File(javaFilePath);
 
             if (compiler == null) {
                 throw new IllegalStateException(
@@ -96,9 +96,14 @@ private void loadJavaFile(String javaFilePath) {
 
             // Set up the file manager
             StandardJavaFileManager fileManager = compiler.getStandardFileManager(null, null, null);
-            fileManager.setLocation(
-                    StandardLocation.CLASS_OUTPUT,
-                    Collections.singletonList(new File(Constants.TMP_FILE_DIR)));
+            // 设置类路径，包含所有依赖的 JAR 文件
+            List<String> optionList = new ArrayList<>();
+            optionList.add("-classpath");
+            optionList.add(GalaxyMain.burpApi.extension().filename());
+
+            // 设置输出目录
+            optionList.add("-d");
+            optionList.add(Constants.TMP_FILE_DIR);
 
             // Get the compilation unit from the Java file
             Iterable<? extends JavaFileObject> compilationUnits =
@@ -122,7 +127,7 @@ private void loadJavaFile(String javaFilePath) {
                                                 + diagnostic.getMessage(Locale.ENGLISH);
                                 errorMessages.add(errorMessage);
                             },
-                            null,
+                            optionList,
                             null,
                             compilationUnits);
 
@@ -133,15 +138,28 @@ private void loadJavaFile(String javaFilePath) {
                 throw new RuntimeException("Compilation failed:\n" + errorMessages);
             }
 
-            // Load the class
-            File javaFile = new File(javaFilePath);
-            String className = javaFile.getName().replace(".java", "");
+            String classFilePath =
+                    Constants.TMP_FILE_DIR
+                            + File.separator
+                            + javaFile.getName().replace(".java", ".class");
+            loadJavaClass(classFilePath);
+
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private void loadJavaClass(String javaClassFilePath) {
+        try {
+            File javaFile = new File(javaClassFilePath);
+            String className = javaFile.getName().replace(".class", "");
 
-            URL[] urls = new URL[] {new File(Constants.TMP_FILE_DIR).toURI().toURL()};
-            try (URLClassLoader classLoader = new URLClassLoader(urls)) {
+            URL[] urls = new URL[] {new File(javaFile.getParent()).toURI().toURL()};
+            try (URLClassLoader classLoader =
+                    new URLClassLoader(urls, this.getClass().getClassLoader())) {
                 clazz = classLoader.loadClass(className);
             }
-        } catch (ClassNotFoundException | IOException e) {
+        } catch (IOException | ClassNotFoundException e) {
             throw new RuntimeException(e);
         }
     }

src/test/java/Hook.java

@@ -17,12 +17,7 @@ public class Hook {
     private static final String ALGORITHM = "AES/CBC/PKCS5Padding";
     private static final byte[] secret = "32byteslongsecretkeyforaes256!aa".getBytes();
     private static final byte[] iv = "16byteslongiv456".getBytes();
-    private static Map<String, Object> paramMap;
-
-    static {
-        paramMap = new HashMap<>();
-        paramMap.put("iv", iv);
-    }
+    private static final Map<String, Object> paramMap = new HashMap<>(Map.of("iv", iv));
 
     private static byte[] getData(byte[] content) {
         return Base64.getDecoder()