85
GitHub - JoyChou93/java-sec-code: Java常见通用漏洞和修复的代码以及利用payload
source link: https://github.com/JoyChou93/java-sec-code
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
Java Security Code
介绍
该项目也可以叫做Java Vulnerability Code(Java漏洞代码)。
每个漏洞类型代码默认存在安全漏洞(除非本身不存在漏洞),相关修复代码在注释里。具体可查看每个漏洞代码和注释。
漏洞代码
漏洞说明
如何运行
Tomcat
- 生成war包
mvn clean package
- 将target目录的war包,cp到Tomcat的webapps目录
- 重启Tomcat应用
http://localhost:8080/java-sec-code-1.0.0/rce/exec?cmd=whoami
返回
Viarus
IDEA
如果想在IDEA中直接运行,需要在IDEA中添加Tomcat配置,步骤如下:
Run -> Edit Configurations -> 添加TomcatServer(Local) -> Server中配置Tomcat路径 -> Deployment中添加Artifact选择java-sec-code:war exploded
配置完成后,右上角直接点击run,即可运行。
http://localhost:8080/rce/exec?cmd=whoami
返回
Viarus
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK