add ShiroKey01 spider.

pom.xml

@@ -95,6 +95,11 @@
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.10</version>
+        </dependency>
         <!-- https://mvnrepository.com/artifact/org.graalvm.visualvm.api/org-graalvm-visualvm-application-views -->
         <dependency>
             <groupId>org.graalvm.visualvm.api</groupId>

src/main/java/cn/wanghw/Main.java

@@ -27,6 +27,7 @@ public static void main(String[] args) {
             new DataSource04(),
             new Redis01(),
             new Redis02(),
+            new ShiroKey01(),
             new PropertySource01(),
             new PropertySource02(),
             new PropertySource03(),

src/main/java/cn/wanghw/spider/PropertySource01.java

@@ -30,7 +30,7 @@ public String sniff(Heap heap) {
             });
             List<String> seenKeys = new ArrayList<>();
             for (Long objId : listObjId) {
-                oqlEngine.executeQuery(OQLSnippets.getValue + "map(filter(map(heap.findObject(" + objId.toString() + "), 'it'), 'it != null'), \"{'key':it.key.value && it.key.value.toString(),'value':getValue(it.value)}\")", o -> {
+                oqlEngine.executeQuery(OQLSnippets.getValue + "map(filter(map(heap.findObject(" + objId.toString() + "), 'it'), 'it != null && it.key'), \"{'key':getValue(it.key),'value':getValue(it.value)}\")", o -> {
                     if (o instanceof HashMap) {
                         HashMap<String, String> hashMap = (HashMap<String, String>) o;
                         String key = hashMap.get("key");

src/main/java/cn/wanghw/spider/ShiroKey01.java

@@ -0,0 +1,58 @@
+package cn.wanghw.spider;
+
+import cn.wanghw.ISpider;
+import cn.wanghw.utils.HashMapUtils;
+import org.apache.commons.codec.binary.Base64;
+import org.graalvm.visualvm.lib.jfluid.heap.Heap;
+import org.graalvm.visualvm.lib.jfluid.heap.PrimitiveArrayInstance;
+import org.graalvm.visualvm.lib.profiler.oql.engine.api.OQLEngine;
+
+import java.lang.reflect.Method;
+import java.util.HashMap;
+
+public class ShiroKey01 implements ISpider {
+    @Override
+    public String getName() {
+        return "CookieRememberMeManager(ShiroKey)";
+    }
+
+    @Override
+    public String sniff(Heap heap) {
+        final String[] result = {""};
+        try {
+            OQLEngine oqlEngine = new OQLEngine(heap);
+            oqlEngine.executeQuery("select {'key':x.encryptionCipherKey,'algName':x.cipherService.algorithmName.toString(), 'algMode':x.cipherService.modeName.toString()} from org.apache.shiro.web.mgt.CookieRememberMeManager x", o -> {
+                if (o instanceof HashMap) {
+                    HashMap<String, Object> hashMap = (HashMap<String, Object>) o;
+                    HashMap<String, String> resultSet = new HashMap<>();
+                    for (String key : hashMap.keySet()
+                    ) {
+                        Object obj = hashMap.get(key);
+                        try {
+                            if (obj instanceof String) {
+                                resultSet.put(key, obj.toString());
+                            } else if (obj.getClass() == Class.forName("org.graalvm.visualvm.lib.jfluid.heap.PrimitiveArrayDump")) {
+                                Method getBytes = obj.getClass().getDeclaredMethod("getBytes", int.class, int.class);
+                                Method getLength = obj.getClass().getMethod("getLength");
+                                getBytes.setAccessible(true);
+                                getLength.setAccessible(true);
+                                byte[] keyBytes = (byte[]) getBytes.invoke(obj, 0, getLength.invoke(obj));
+                                resultSet.put(key, Base64.encodeBase64String(keyBytes));
+                            }
+                        } catch (Exception ex) {
+                        }
+                    }
+                    result[0] = HashMapUtils.dumpString(resultSet);
+                }
+                return false;
+            });
+        } catch (Exception ex) {
+            if (result[0].equals("") && ex.getMessage().contains("is not found!")) {
+                result[0] = "not found!\r\n";
+            } else {
+                System.out.println(ex);
+            }
+        }
+        return result[0];
+    }
+}

src/main/java/cn/wanghw/utils/OQLSnippets.java

@@ -7,18 +7,20 @@ public class OQLSnippets {
             "}\n";
     public static final String getValue = isNullOrUndefined +
             "function getValue(val) {\n" +
-            "  return !isNullOrUndefined(val)\n" +
-            "    ? !isNullOrUndefined(val.value)\n" +
-            "      ? !isNullOrUndefined(val.value.value)\n" +
-            "        ? !isNullOrUndefined(val.value.value.value)\n" +
-            "          ? val.value.value.value.toString()\n" +
-            "          : val.value.value.toString()\n" +
-            "        : val.value.toString()\n" +
-            "      : !isNullOrUndefined(val.str)\n" +
-            "      ? val.str.toString()\n" +
-            "      : val.toString()\n" +
-            "    : null;\n" +
-            "}\n";
+            "    if (!isNullOrUndefined(val)) {\n" +
+            "        if (classof(val) == undefined || classof(val).name == \"java.lang.String\") {\n" +
+            "            return val.toString();\n" +
+            "        } else if (!isNullOrUndefined(val.str)) {\n" +
+            "            return val.str.toString();\n" +
+            "        } else if (!isNullOrUndefined(val.value)) {\n" +
+            "            return getValue(val.value);\n" +
+            "        } else {\n" +
+            "            return null;\n" +
+            "        } \n" +
+            "    }else {\n" +
+            "        return null;\n" +
+            "    }\n" +
+            "}";
     public static final String getTable = "\n" +
             "function getTable(source) {\n" +
             "   return source ? (source.table || (source.m ? source.m.m ? source.m.m.table : source.m.table : null)) : null;\n" +