[羊城杯 2020]A Piece Of Java复现记录
2021/10/13 22:14:11
本文主要是介绍[羊城杯 2020]A Piece Of Java复现记录,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
这题打开首页什么都没有,访问题目的github拿到一个jar包,放进jd-gui反编译一下,看看Controller的源码:
package BOOT-INF.classes.gdufs.challenge.web.controller; import gdufs.challenge.web.controller.MainController; import gdufs.challenge.web.model.Info; import gdufs.challenge.web.model.UserInfo; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.ObjectOutputStream; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletResponse; import org.nibblesec.tools.SerialKiller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestParam; @Controller public class MainController { @GetMapping({"/index"}) public String index(@CookieValue(value = "data", required = false) String cookieData) { if (cookieData != null && !cookieData.equals("")) { return "redirect:/hello"; } return "index"; } @PostMapping({"/index"}) public String index(@RequestParam("username") String username, @RequestParam("password") String password, HttpServletResponse response) { UserInfo userinfo = new UserInfo(); userinfo.setUsername(username); userinfo.setPassword(password); Cookie cookie = new Cookie("data", serialize(userinfo)); cookie.setMaxAge(2592000); response.addCookie(cookie); return "redirect:/hello"; } @GetMapping({"/hello"}) public String hello(@CookieValue(value = "data", required = false) String cookieData, Model model) { if (cookieData == null || cookieData.equals("")) { return "redirect:/index"; } Info info = (Info)deserialize(cookieData); if (info != null) { model.addAttribute("info", info.getAllInfo()); } return "hello"; } private String serialize(Object obj) { ByteArrayOutputStream baos = new ByteArrayOutputStream(); try { ObjectOutputStream oos = new ObjectOutputStream(baos); oos.writeObject(obj); oos.close(); } catch (Exception e) { e.printStackTrace(); return null; } return new String(Base64.getEncoder().encode(baos.toByteArray())); } private Object deserialize(String base64data) { Object obj; ByteArrayInputStream bais = new ByteArrayInputStream(Base64.getDecoder().decode(base64data)); try { SerialKiller serialKiller = new SerialKiller(bais, "serialkiller.conf"); obj = serialKiller.readObject(); serialKiller.close(); } catch (Exception e) { e.printStackTrace(); return null; } return obj; } }
审计一下:
这篇关于[羊城杯 2020]A Piece Of Java复现记录的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-05-15鸿蒙生态设备数量超8亿台
- 2024-05-13TiDB + ES:转转业财系统亿级数据存储优化实践
- 2024-05-09“2024鸿蒙零基础快速实战-仿抖音App开发(ArkTS版)”实战课程已上线
- 2024-05-09聊聊如何通过arthas-tunnel-server来远程管理所有需要arthas监控的应用
- 2024-05-09log4j2这么配就对了
- 2024-05-09nginx修改Content-Type
- 2024-05-09Redis多数据源,看这篇就够了
- 2024-05-09Google Chrome驱动程序 124.0.6367.62(正式版本)去哪下载?
- 2024-05-09有没有大佬知道这种数据应该怎么抓取呀?
- 2024-05-09这种运行结果里的10.100000001,怎么能最快改成10.1?