📄 testsecurity.java.html
字号:
<html><head><title>~/project/web_site/WEB-INF/source/TestSecurity.java.html</title><meta name="Generator" content="Vim/6.0"></head><body bgcolor="#ffffff" text="#000000"><pre><font color="#0000ff">/*</font><font color="#0000ff"> * put your module comment here</font><font color="#0000ff"> * formatted with JxBeauty (c) johann.langhofer@nextra.at</font><font color="#0000ff"> */</font><font color="#a020f0">import</font> java.io.*;<font color="#a020f0">import</font> java.net.*;<font color="#a020f0">import</font> javax.servlet.*;<font color="#a020f0">import</font> javax.servlet.http.*;<font color="#0000ff">/**</font><font color="#0000ff"> *</font><font color="#6a5acd"> put your documentation comment here</font><font color="#6a5acd"> </font><font color="#0000ff">*/</font><font color="#2e8b57"><b>public</b></font> <font color="#2e8b57"><b>class</b></font> TestSecurity <font color="#2e8b57"><b>extends</b></font> HttpServlet { String h2o = <font color="#ff00ff">"<H2>"</font>; String h2c = <font color="#ff00ff">"</H2>"</font>; String p = <font color="#ff00ff">"<p>"</font>; <font color="#0000ff">/**</font><font color="#0000ff"> *</font><font color="#6a5acd"> put your documentation comment here</font><font color="#0000ff"> *</font><font color="#6a5acd"> </font><font color="#6a5acd">@param</font><font color="#008b8b"> req</font><font color="#0000ff"> * </font><font color="#6a5acd">@param</font><font color="#008b8b"> res</font><font color="#0000ff"> * </font><font color="#6a5acd">@exception</font><font color="#008b8b"> ServletException,</font><font color="#0000ff"> IOException</font><font color="#0000ff"> */</font> <font color="#2e8b57"><b>public</b></font> <font color="#2e8b57"><b>void</b></font> doGet (HttpServletRequest req, HttpServletResponse res) <font color="#2e8b57"><b>throws</b></font> ServletException, IOException { res.setContentType(<font color="#ff00ff">"text/html"</font>); PrintWriter out = res.getWriter(); out.println(<font color="#ff00ff">"<HTML>"</font>); out.println(<font color="#ff00ff">"<HEAD><TITLE>Hello World</TITLE></HEAD>"</font>); out.println(<font color="#ff00ff">"<BODY>"</font>); out.println(<font color="#ff00ff">"<BIG>Test Security</BIG>"</font>); <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Information..."</font> + h2c); out.println(<font color="#ff00ff">" Security Manager: "</font> + getSecurityManager().getClass().getName() + p); out.println(<font color="#ff00ff">" ClassLoader: "</font> + <font color="#2e8b57"><b>this</b></font>.getClass().getClassLoader() + p); <font color="#0000ff">// weblogic.utils.classloaders.GenericClassLoader gcl = (weblogic.utils.classloaders.GenericClassLoader)this.getClass().getClassLoader();</font> <font color="#0000ff">// gcl.setDebug( true );</font> out.println(<font color="#ff00ff">" CodeSource: "</font> + <font color="#2e8b57"><b>this</b></font>.getClass().getProtectionDomain().getCodeSource().getLocation() + p); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#0000ff">/*</font><font color="#0000ff"> try</font><font color="#0000ff"> {</font><font color="#0000ff"> out.println( h2o + "Trying some dangerous J2EE calls..." + h2c );</font><font color="#0000ff"> String hack = request.getParameter( "hack" );</font><font color="#0000ff"> Cookie[] cookies = request.getCookies();</font><font color="#0000ff"> out.println( " -- allowed -- " + p );</font><font color="#0000ff"> int x = 1 + 2 + 3;</font><font color="#0000ff"> out.println( hack ); // use it</font><font color="#0000ff"> int y = 1 + 2 + 3;</font><font color="#0000ff"> out.println( cookies ); // use it</font><font color="#0000ff"> String m = "COOKIE: " + cookies[0]; // use it again</font><font color="#0000ff"> cookies = new Cookie[10]; // reset it</font><font color="#0000ff"> String n = "COOKIE: " + cookies[5]; // use it again</font><font color="#0000ff"> }</font><font color="#0000ff"> catch( Exception e ) { out.println( " -- rejected -- " + e.getMessage() + p ); }</font><font color="#0000ff"> */</font> <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting file write to d:/Java..."</font> + h2c); File f = <font color="#a52a2a"><b>new</b></font> File(<font color="#ff00ff">"d:/Java/blah.txt"</font>); FileWriter fw = <font color="#a52a2a"><b>new</b></font> FileWriter(f); fw.write(<font color="#ff00ff">"test</font><font color="#6a5acd">\n</font><font color="#ff00ff">"</font>); fw.close(); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting file write to d:/Java/TestServlet..."</font> + h2c); File f = <font color="#a52a2a"><b>new</b></font> File(<font color="#ff00ff">"d:/Java/TestServlet/blah.txt"</font>); FileWriter fw = <font color="#a52a2a"><b>new</b></font> FileWriter(f); fw.write(<font color="#ff00ff">"test</font><font color="#6a5acd">\n</font><font color="#ff00ff">"</font>); fw.close(); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting file read to c:/Ntdetect..."</font> + h2c); File f = <font color="#a52a2a"><b>new</b></font> File(<font color="#ff00ff">"c:/Ntdetect.com"</font>); FileReader fr = <font color="#a52a2a"><b>new</b></font> FileReader(f); <font color="#2e8b57"><b>int</b></font> c = fr.read(); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting file read to c:/weblogic/weblogic.properties..."</font> + h2c); File f = <font color="#a52a2a"><b>new</b></font> File(<font color="#ff00ff">"c:/weblogic/weblogic.properties"</font>); FileReader fr = <font color="#a52a2a"><b>new</b></font> FileReader(f); <font color="#2e8b57"><b>int</b></font> c = fr.read(); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting to connect to yahoo.com..."</font> + h2c); Socket s = <font color="#a52a2a"><b>new</b></font> Socket(<font color="#ff00ff">"yahoo.com"</font>, <font color="#ff00ff">8080</font>); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting to connect to hacker.com..."</font> + h2c); Socket s = <font color="#a52a2a"><b>new</b></font> Socket(<font color="#ff00ff">"hacker.com"</font>, <font color="#ff00ff">8080</font>); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting to listen on port 37337..."</font> + h2c); ServerSocket s = <font color="#a52a2a"><b>new</b></font> ServerSocket(<font color="#ff00ff">37337</font>); Socket c = s.accept(); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting to listen on port 7001..."</font> + h2c); ServerSocket s = <font color="#a52a2a"><b>new</b></font> ServerSocket(<font color="#ff00ff">7001</font>); Socket c = s.accept(); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#0000ff">/*</font><font color="#0000ff"> try</font><font color="#0000ff"> {</font><font color="#0000ff"> out.println( h2o + "Attempting native call..." + h2c );</font><font color="#0000ff"> native0( 1 );</font><font color="#0000ff"> out.println( " -- allowed -- " + p );</font><font color="#0000ff"> } </font><font color="#0000ff"> catch( Exception e ) { out.println( " -- rejected -- " + e.getMessage() + p ); }</font><font color="#0000ff"> */</font> <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting exec..."</font> + h2c); Runtime.getRuntime().exec(<font color="#ff00ff">"dir"</font>); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } <font color="#a52a2a"><b>try</b></font> { out.println(h2o + <font color="#ff00ff">"Attempting system exit..."</font> + h2c); out.println(<font color="#ff00ff">" -- allowed -- "</font> + p); } <font color="#a52a2a"><b>catch</b></font> (Exception e) { out.println(<font color="#ff00ff">" -- rejected -- "</font> + e.getMessage() + p); } out.println(<font color="#ff00ff">"</BODY></HTML>"</font>); }}</pre></body></html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -