diff --git a/.gitignore b/.gitignore index 3e22129..b36cbc2 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -/dist \ No newline at end of file +/dist +/web \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..dcf0de2 --- /dev/null +++ b/README.md @@ -0,0 +1,26 @@ +# php.porttable.debug + +#### 介绍 + +PHP代码本地调试工具,版本号为5.2.17,可作为CTF web辅助工具,例如php反序列化 + +注意:编辑框组建依赖webview2 + +#### 下载 + +参考release文件,也可下载aardio手动编译 + +#### 编译 + +使用webstorm(推荐)打开web.src目录 + +npm install 下载依赖包 + +npm build 执行webpack打包输出到web目录 + +aardio IDE打开项目 + +#### 软件截图 + +![image](https://github.com/sfantree/php.porttable.debug/blob/master/img/1.jpg) + diff --git a/default.aproj b/default.aproj index 4f1f6c3..18b8534 100644 --- a/default.aproj +++ b/default.aproj @@ -1,6 +1,6 @@ - - + + - - + + diff --git a/img/1.jpg b/img/1.jpg new file mode 100644 index 0000000..5be6776 Binary files /dev/null and b/img/1.jpg differ diff --git a/main.aardio b/main.aardio index efb0ffe..d4a7f51 100644 --- a/main.aardio +++ b/main.aardio @@ -3,19 +3,32 @@ // @File : phpruncode.aardio // @Comment : PHP代码调试助手 (≡^∇^≡) +/* +2022年5月2日23:13:47 修改编辑器为microsoft/monaco-editor +*/ + import win.ui; /*DSG{{*/ -var winform = win.form(text='PHP代码调试助手 (\u2261^\u2207^\u2261)';right=759;bottom=469) +var winform = win.form(text='PHP代码调试助手 (\u2261^\u2207^\u2261)';right=863;bottom=615) winform.add( -button={cls="button";text="运行代码";left=632;top=0;right=760;bottom=40;z=2}; -button2={cls="button";text="清空日志";left=632;top=40;right=760;bottom=80;z=4}; -edit={cls="edit";left=0;top=0;right=632;bottom=304;autohscroll=false;edge=1;font=LOGFONT(h=-16;name='Consolas');multiline=1;vscroll=1;z=1}; -edit2={cls="edit";left=0;top=304;right=760;bottom=472;edge=1;font=LOGFONT(h=-13);multiline=1;z=3} +button={cls="button";text="运行代码";left=736;top=0;right=864;bottom=40;z=1}; +button2={cls="button";text="清空日志";left=736;top=40;right=864;bottom=80;z=3}; +button3={cls="button";text="关于";left=736;top=120;right=864;bottom=160;z=4}; +button4={cls="button";text="刷新";left=736;top=80;right=864;bottom=120;z=6}; +custom={cls="custom";text="自定义控件";left=0;top=0;right=736;bottom=456;z=5}; +edit2={cls="edit";left=0;top=456;right=864;bottom=616;edge=1;multiline=1;z=2} ) /*}}*/ import php; import console; +import web.view; +import wsock.tcp.simpleHttpServer; + +theView = web.view(winform.custom, ," --disable-site-isolation-trials --disable-web-security"); +var url = wsock.tcp.simpleHttpServer.startUrl("\web\index.html"); + +theView.go(url); winform.Logd = function(...){ import debug; @@ -36,7 +49,12 @@ winform.Logd = function(...){ } winform.button.oncommand = function(id,event){ - var code = winform.edit.text; + + //var code = winform.edit.text; + var code = theView.xcall("window.editorGetText"); + + //console.log(code); + if(code and #code > 0) { winform.code = code; thread.invoke( @@ -70,7 +88,9 @@ winform.button2.oncommand = function(id,event){ winform.edit2.text = ""; } -winform.edit.text = /*** +//winform.edit.text = +/*** +// 对象序列化 class test{ private $flag = "flag{this-is-flag}"; public $a = "snail"; @@ -80,7 +100,26 @@ class test{ $test = new test; //建立一个test的对象; $data = serialize($test); //将对象进行序列化; echo $data; + +// MD5利用 +$_GET['name'] = "QNKCDZO"; +$_GET['password'] = "240610708"; +echo $_GET['name'] != $_GET['password']; +echo MD5($_GET['name']) == MD5($_GET['password']); + ***/ +winform.button3.oncommand = function(id,event){ + winform.Logd("这是一个可以离线运行PHP代码的工具 可以用作ctf web的调试工具"); + winform.Logd("Github: https://github.com/sfantree/php.porttable.debug"); + winform.Logd("Contact Me: popy32 Email: 74o5o27o8#qq.com"); +} + +winform.button4.oncommand = function(id,event){ + theView.go(url); +} + + + winform.show(); win.loopMessage(); \ No newline at end of file diff --git a/web.src/.gitignore b/web.src/.gitignore new file mode 100644 index 0000000..f89fbf1 --- /dev/null +++ b/web.src/.gitignore @@ -0,0 +1,3 @@ +dist/*.js +dist/*.ttf +.idea/*.* \ No newline at end of file diff --git a/web.src/index.html b/web.src/index.html new file mode 100644 index 0000000..09701b5 --- /dev/null +++ b/web.src/index.html @@ -0,0 +1,12 @@ + + + + + + +
+ + + + + diff --git a/web.src/index.js b/web.src/index.js new file mode 100644 index 0000000..74ec21e --- /dev/null +++ b/web.src/index.js @@ -0,0 +1,55 @@ +import * as monaco from 'monaco-editor'; + +// sample +// https://github.com/microsoft/monaco-editor/blob/main/samples/browser-esm-webpack-small/index.js +import 'monaco-editor/esm/vs/basic-languages/php/php.js'; + +self.MonacoEnvironment = { + getWorkerUrl: function (moduleId, label) { + // if (label === 'json') { + // return './json.worker.bundle.js'; + // } + // if (label === 'css' || label === 'scss' || label === 'less') { + // return './css.worker.bundle.js'; + // } + // if (label === 'html' || label === 'handlebars' || label === 'razor') { + // return './html.worker.bundle.js'; + // } + // if (label === 'typescript' || label === 'javascript') { + // return './ts.worker.bundle.js'; + // } + return './editor.worker.bundle.js'; + } +}; + +window.editormodel = monaco.editor.create(document.getElementById('container'), { + value: [ + 'class ctfShowUser{', + ' public $username=\'xxxxxx\';', + ' public $password=\'xxxxxx\';', + ' public function checkVip(){', + " return $this->isVip;", + ' }', + '}', + '', + '$v = serialize(new ctfShowUser());', + 'echo $v;', + 'echo urlencode($v);', + ].join('\n'), + language: 'php' +}); + +window.editorGetText = function () { + if(window.editormodel) { + let text = window.editormodel.getValue(); + return text; + } + return ""; +}; + +window.editorSetText = function (text) { + if(window.editormodel) { + window.editormodel.setValue(text); + } +}; + diff --git a/web.src/npmclean.bat b/web.src/npmclean.bat new file mode 100644 index 0000000..26428ff --- /dev/null +++ b/web.src/npmclean.bat @@ -0,0 +1,3 @@ +rd /s /q node_modules +rd /s /q dist +rm package-lock.json \ No newline at end of file diff --git a/web.src/package.json b/web.src/package.json new file mode 100644 index 0000000..3b2b818 --- /dev/null +++ b/web.src/package.json @@ -0,0 +1,20 @@ +{ + "name": "browser-esm-webpack", + "scripts": { + "build": "node ./node_modules/webpack/bin/webpack.js --progress" + }, + "author": "Microsoft Corporation", + "license": "MIT", + "devDependencies": { + "css-loader": "^6.6.0", + "file-loader": "^6.2.0", + "html-webpack-plugin": "^5.5.0", + "monaco-editor": "^0.32.1", + "monaco-editor-webpack-plugin": "^7.0.1", + "style-loader": "^3.3.1", + "terser-webpack-plugin": "^5.3.1", + "webpack": "^5.68.0", + "webpack-cli": "^4.9.2", + "webpack-dev-server": "^4.7.4" + } +} diff --git a/web.src/readme.txt b/web.src/readme.txt new file mode 100644 index 0000000..295114f --- /dev/null +++ b/web.src/readme.txt @@ -0,0 +1,2 @@ +1. npm install 下载依赖包 +2. npm build 执行webpack打包 输出到web目录 \ No newline at end of file diff --git a/web.src/webpack.config.js b/web.src/webpack.config.js new file mode 100644 index 0000000..95f0da4 --- /dev/null +++ b/web.src/webpack.config.js @@ -0,0 +1,38 @@ +const path = require('path'); +const HtmlWebpackPlugin = require('html-webpack-plugin'); + +module.exports = { + mode: 'development', + plugins:[ + new HtmlWebpackPlugin({ + title:'', + template: './index.html', + inject: 'body', + }), + ], + entry: { + app: './index.js', + 'editor.worker': 'monaco-editor/esm/vs/editor/editor.worker.js', + //'json.worker': 'monaco-editor/esm/vs/language/json/json.worker', + //'css.worker': 'monaco-editor/esm/vs/language/css/css.worker', + //'html.worker': 'monaco-editor/esm/vs/language/html/html.worker', + //'ts.worker': 'monaco-editor/esm/vs/language/typescript/ts.worker' + }, + output: { + globalObject: 'self', + filename: '[name].bundle.js', + path: path.resolve(__dirname, '../web') + }, + module: { + rules: [ + { + test: /\.css$/, + use: ['style-loader', 'css-loader'] + }, + { + test: /\.ttf$/, + use: ['file-loader'] + } + ] + } +};