package org.parosproxy.paros.core.scanner;

import java.io.IOException;
import java.util.Random;
import java.util.TreeMap;
import java.util.regex.Pattern;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.apache.log4j.Logger;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.model.SiteNode;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpMalformedHeaderException;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpSender;
import org.parosproxy.paros.network.HttpStatusCode;

/* loaded from: input_file:WEB-INF/lib/zap-2.4.0.jar:org/parosproxy/paros/core/scanner/Analyser.class */
public class Analyser {
    private static final String p_REMOVE_HEADER = "(?m)(?i)(?s)<HEAD>.*?</HEAD>";
    private HttpSender httpSender;
    private TreeMap<String, SampleResponse> mapVisited;
    private boolean isStop;
    private int delayInMs;
    HostProcess parent;
    private int size;
    private static final Logger logger = Logger.getLogger(Analyser.class);
    private static final Pattern patternNotFound = Pattern.compile("(\\bnot\\b(found|exist))|(\\b404\\berror\\b)|(\\berror\\b404\\b)", 10);
    private static Random staticRandomGenerator = new Random();
    private static final String[] staticSuffixList = {".cfm", ".jsp", ".php", ".asp", ".aspx", ".dll", ".exe", ".pl"};

    public Analyser() {
        this.httpSender = null;
        this.mapVisited = new TreeMap<>();
        this.isStop = false;
        this.parent = null;
        this.size = -1;
    }

    public Analyser(HttpSender httpSender, HostProcess hostProcess) {
        this.httpSender = null;
        this.mapVisited = new TreeMap<>();
        this.isStop = false;
        this.parent = null;
        this.size = -1;
        this.httpSender = httpSender;
        this.parent = hostProcess;
    }

    public boolean isStop() {
        return this.isStop;
    }

    public void stop() {
        this.isStop = true;
    }

    public void start(SiteNode siteNode) {
        this.size = inOrderAnalyse(siteNode);
    }

    private void addAnalysedHost(URI uri, HttpMessage httpMessage, int i) {
        try {
            this.mapVisited.put(uri.toString(), new SampleResponse(httpMessage, i));
        } catch (DatabaseException | HttpMalformedHeaderException e) {
            logger.error("Failed to persist the message: " + e.getMessage(), e);
        }
    }

    private void analyse(SiteNode siteNode) throws Exception {
        if (siteNode.getHistoryReference() != null && this.parent.nodeInScope(siteNode)) {
            HttpMessage httpMessage = siteNode.getHistoryReference().getHttpMessage();
            URI uri = (URI) httpMessage.getRequestHeader().getURI().clone();
            uri.setQuery((String) null);
            if (this.mapVisited.get(uri.toString()) != null) {
                return;
            }
            String randomPathSuffix = getRandomPathSuffix(siteNode, uri);
            HttpMessage cloneRequest = httpMessage.cloneRequest();
            URI uri2 = (URI) uri.clone();
            uri2.setPath(randomPathSuffix);
            cloneRequest.getRequestHeader().setURI(uri2);
            sendAndReceive(cloneRequest);
            if (cloneRequest.getResponseHeader().getStatusCode() == 404) {
                addAnalysedHost(uri, cloneRequest, 0);
                return;
            }
            if (HttpStatusCode.isRedirection(cloneRequest.getResponseHeader().getStatusCode())) {
                addAnalysedHost(uri, cloneRequest, 2);
                return;
            }
            if (cloneRequest.getResponseHeader().getStatusCode() != 200) {
                addAnalysedHost(uri, cloneRequest, 1);
                return;
            }
            HttpMessage cloneRequest2 = httpMessage.cloneRequest();
            String randomPathSuffix2 = getRandomPathSuffix(siteNode, cloneRequest2.getRequestHeader().getURI());
            URI uri3 = (URI) uri.clone();
            uri3.setPath(randomPathSuffix2);
            cloneRequest2.getRequestHeader().setURI(uri3);
            sendAndReceive(cloneRequest2);
            String replaceAll = cloneRequest.getResponseBody().toString().replaceAll(p_REMOVE_HEADER, "");
            String replaceAll2 = cloneRequest2.getResponseBody().toString().replaceAll(p_REMOVE_HEADER, "");
            if (replaceAll.equals(replaceAll2)) {
                cloneRequest.getResponseBody().setBody(replaceAll);
                addAnalysedHost(uri, cloneRequest, 3);
                return;
            }
            String replaceAll3 = replaceAll.replaceAll(getPathRegex(uri2), "").replaceAll("\\s[012]\\d:[0-5]\\d:[0-5]\\d\\s", "");
            if (!replaceAll3.equals(replaceAll2.replaceAll(getPathRegex(uri3), "").replaceAll("\\s[012]\\d:[0-5]\\d:[0-5]\\d\\s", ""))) {
                addAnalysedHost(uri, cloneRequest, 5);
            } else {
                cloneRequest.getResponseBody().setBody(replaceAll3);
                addAnalysedHost(uri, cloneRequest, 4);
            }
        }
    }

    private String getChildSuffix(SiteNode siteNode, boolean z) {
        String str = "";
        for (int i = 0; i < staticSuffixList.length; i++) {
            try {
                String str2 = staticSuffixList[i];
                for (int i2 = 0; i2 < siteNode.getChildCount(); i2++) {
                    if (siteNode.getChildAt(i2).getHistoryReference().getURI().getPath().endsWith(str2)) {
                        return str2;
                    }
                }
            } catch (Exception e) {
            }
        }
        if (z) {
            for (int i3 = 0; i3 < siteNode.getChildCount(); i3++) {
                str = getChildSuffix((SiteNode) siteNode.getChildAt(i3), z);
                if (!str.equals("")) {
                    return str;
                }
            }
        }
        return str;
    }

    private String getPathRegex(URI uri) throws URIException {
        try {
            URI uri2 = (URI) uri.clone();
            String query = uri2.getQuery();
            StringBuilder sb = new StringBuilder(100);
            uri2.setQuery((String) null);
            sb.append(uri2.toString().replaceAll("\\.", "\\."));
            if (query != null) {
                sb.append("(\\?" + query + ")?");
            }
            return sb.toString();
        } catch (CloneNotSupportedException e) {
            throw new URIException(e.getMessage());
        }
    }

    private String getRandomPathSuffix(SiteNode siteNode, URI uri) throws URIException {
        String childSuffix = getChildSuffix(siteNode, true);
        String path = uri.getPath() == null ? "" : uri.getPath();
        return (path + (path.endsWith("/") ? "" : "/") + Long.toString(Math.abs(staticRandomGenerator.nextLong()))) + childSuffix;
    }

    private int inOrderAnalyse(SiteNode siteNode) {
        int i = 0;
        if (this.isStop || siteNode == null) {
            return 0;
        }
        try {
            if (!siteNode.isRoot()) {
                if (siteNode.isLeaf() && (!siteNode.isLeaf() || !siteNode.getParent().isRoot())) {
                    return 1;
                }
                analyse(siteNode);
            }
        } catch (Exception e) {
        }
        for (int i2 = 0; i2 < siteNode.getChildCount() && !isStop(); i2++) {
            try {
                i += inOrderAnalyse((SiteNode) siteNode.getChildAt(i2));
            } catch (Exception e2) {
                logger.error(e2.getMessage(), e2);
            }
        }
        return i + 1;
    }

    public boolean isFileExist(HttpMessage httpMessage) {
        String header;
        if (httpMessage.getResponseHeader().isEmpty() || httpMessage.getResponseHeader().getStatusCode() == 404) {
            return false;
        }
        URI uri = null;
        String str = null;
        try {
            uri = (URI) httpMessage.getRequestHeader().getURI().clone();
            uri.setQuery((String) null);
            uri.setPath(uri.getPath().replaceAll("/[^/]*$", ""));
            if (uri != null) {
                str = uri.toString();
            }
        } catch (Exception e) {
            if (uri != null) {
                str = uri.toString();
            }
        } catch (Throwable th) {
            if (uri != null) {
                uri.toString();
            }
            throw th;
        }
        SampleResponse sampleResponse = this.mapVisited.get(str);
        if (sampleResponse == null) {
            try {
                uri.setPath((String) null);
            } catch (URIException e2) {
            }
            sampleResponse = this.mapVisited.get(uri.toString());
        }
        if (sampleResponse == null) {
            return httpMessage.getResponseHeader().getStatusCode() == 200;
        }
        if (HttpStatusCode.isRedirection(httpMessage.getResponseHeader().getStatusCode())) {
            try {
                if (sampleResponse.getMessage().getResponseHeader().getStatusCode() != httpMessage.getResponseHeader().getStatusCode() || (header = httpMessage.getResponseHeader().getHeader(HttpHeader.LOCATION)) == null) {
                    return true;
                }
                return !header.equals(sampleResponse.getMessage().getResponseHeader().getHeader(HttpHeader.LOCATION));
            } catch (Exception e3) {
                logger.error(e3.getMessage(), e3);
                return true;
            }
        }
        if (httpMessage.getResponseHeader().getStatusCode() != 200 || patternNotFound.matcher(httpMessage.getResponseBody().toString()).find()) {
            return false;
        }
        String replaceAll = httpMessage.getResponseBody().toString().replaceAll(p_REMOVE_HEADER, "");
        if (sampleResponse.getErrorPageType() == 3) {
            try {
                return !sampleResponse.getMessage().getResponseBody().toString().equals(replaceAll);
            } catch (DatabaseException | HttpMalformedHeaderException e4) {
                logger.error("Failed to read the message: " + e4.getMessage(), e4);
                return true;
            }
        }
        URI uri2 = httpMessage.getRequestHeader().getURI();
        try {
            if (sampleResponse.getErrorPageType() == 4) {
                return !sampleResponse.getMessage().getResponseBody().toString().equals(httpMessage.getResponseBody().toString().replaceAll(getPathRegex(uri2), "").replaceAll("\\s[012]\\d:[0-5]\\d:[0-5]\\d\\s", ""));
            }
            return true;
        } catch (Exception e5) {
            logger.error(e5.getMessage(), e5);
            return true;
        }
    }

    private void sendAndReceive(HttpMessage httpMessage) throws HttpException, IOException {
        if (getDelayInMs() > 0) {
            try {
                Thread.sleep(getDelayInMs());
            } catch (InterruptedException e) {
            }
        }
        this.httpSender.sendAndReceive(httpMessage, true);
        if (this.parent != null) {
            this.parent.notifyNewMessage(httpMessage);
        }
    }

    public int getDelayInMs() {
        return this.delayInMs;
    }

    public void setDelayInMs(int i) {
        this.delayInMs = i;
    }
}
