-
-
[原创]CVE-2013-2251 Apache Struts 2 高危漏洞重现构造及漏洞原理分析
-
发表于: 2013-7-19 11:07
-
admin001@ubuntu:/usr/local/development/tomcat7/bin$ java -version java version "1.7.0_21" OpenJDK Runtime Environment (IcedTea 2.3.9) (7u21-2.3.9-1ubuntu1) OpenJDK Client VM (build 23.7-b01, mixed mode, sharing) Sudo wget 8bfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4H3j5h3y4Z5k6g2)9J5k6h3k6S2P5h3g2S2i4K6u0W2j5$3!0E0i4K6u0r3j5i4m8S2j5$3S2W2i4K6u0V1L8h3W2J5M7X3!0J5i4K6u0r3N6r3!0E0j5$3q4@1i4K6u0r3N6r3!0E0j5$3q4@1i4K6u0V1y4#2)9J5c8Y4j5%4i4K6u0W2x3q4)9J5k6e0b7J5i4K6u0r3j5X3W2F1i4K6u0r3j5i4m8S2j5$3S2W2i4K6u0V1N6r3!0E0j5$3q4@1i4K6u0V1y4#2)9J5k6e0m8Q4x3X3f1@1x3W2)9J5k6i4c8S2M7W2)9J5k6h3N6*7
sudo tar zxvf apache-tomcat-7.0.42.tar.gz
Sudo mv apache-tomcat-7.0.42 tomcat7
Cd tomcat7 Cd bin Sudo gedit catalina.sh (不会使用Vim,汗!!!)
cygwin=false darwin=false os400=false case "`uname`" in CYGWIN*) cygwin=true;; Darwin*) darwin=true;; OS400*) os400=true;;
JAVA_HOME =/etc/java-7-openjdk JAVA_OPTS="-server -Xms512m -Xmx1024m -XX:PermSize=600M -XX:MaxPermSize=600m -Dcom.sun.management.jmxremote"
Sodu ./ startup.sh
Sudo find / -name *openjdk*
/usr/local/development/tomcat7/webapps
/usr/local/development/tomcat7/webapps/ROOT
15eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0p5J5y4#2)9J5k6e0m8Q4x3X3f1H3i4K6u0W2x3g2)9K6b7e0R3H3z5o6m8Q4x3V1k6K6N6s2u0#2N6s2x3J5i4K6u0V1j5X3I4S2L8X3E0Q4x3V1k6W2P5r3q4E0M7r3I4W2i4K6u0r3h3q4)9J5k6h3q4U0N6r3W2G2L8W2)9K6c8Y4u0W2k6r3W2J5k6h3y4@1i4K6y4m8i4K6t1@1i4K6N6n7i4K6t1#2x3U0y4S2i4K6t1#2x3$3c8Q4x3U0f1J5z5r3&6W2N6#2)9J5y4e0t1H3K9X3q4$3j5g2)9J5k6h3I4S2L8X3N6Q4x3X3g2b7M7X3!0U0k6i4y4K6b7Y4g2A6L8r3c8W2M7W2)9J5y4e0t1^5L8X3g2%4i4K6t1#2x3U0m8B7j5i4k6S2i4K6u0W2L8r3q4F1k6#2)9J5k6g2y4@1M7X3W2F1k6#2)9#2b7W2)9#2c8q4)9%4b7W2)9J5y4e0t1%4K9h3k6U0L8$3&6X3K9h3N6Q4x3U0f1J5y4#2)9%4c8q4)9J5y4e0t1&6i4K6t1#2x3U0W2Q4x3X3g2K6N6r3q4J5N6q4)9J5y4e0t1^5i4K6t1#2x3U0W2Q4x3V1y4Q4x3U0f1J5x3$3u0Q4x3U0f1K6k6q4)9J5y4e0t1K6j5g2)9J5k6h3N6W2N6p5W2F1M7s2g2@1f1%4c8J5k6h3q4E0i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9J5b7#2)9J5y4e0t1K6j5#2)9J5y4e0y4V1L8X3g2%4i4K6t1#2x3U0m8B7j5i4k6S2i4K6u0W2K9h3!0Q4x3X3g2u0L8Y4m8#2N6q4y4@1M7X3g2S2L8g2u0W2j5h3c8W2M7W2)9J5y4e0t1^5i4K6t1#2x3U0y4T1i4K6t1#2x3U0W2Q4x3V1y4Q4x3U0f1J5x3$3c8Q4x3U0f1K6k6r3&6W2N6#2)9J5y4e0t1H3K9X3q4$3j5g2)9J5k6h3W2G2i4K6u0W2b7Y4g2X3k6X3g2J5k6h3c8d9k6h3q4V1k6i4u0Q4x3U0f1J5z5q4)9J5y4e0t1K6j5#2)9J5y4e0t1&6i4K6u0o6i4K6t1#2x3U0y4W2i4K6t1#2x3$3c8F1k6i4N6Q4x3U0f1J5x3r3y4Z5j5i4u0Q4y4f1t1#2x3o6l9H3x3q4)9#2c8q4)9J5b7#2)9J5y4e0t1K6k6q4)9J5k6i4u0W2j5h3c8Q4x3U0f1J5z5q4)9J5y4e0t1K6k6g2)9J5y4e0t1&6i4K6u0o6i4K6t1#2x3U0y4E0j5i4c8@1i4K6t1#2x3$3c8Q4x3U0f1J5x3$3y4G2L8Y4c8W2P5s2c8Q4x3X3g2Y4k6i4c8Q4x3U0f1J5z5q4)9J5y4e0t1%4j5$3!0E0i4K6u0W2L8%4m8W2L8Y4y4&6L8i4m8Z5L8$3&6&6i4K6u0W2P5s2N6G2M7X3D9J5i4K6u0W2k6r3W2K6M7r3q4@1j5$3S2W2M7W2)9J5k6f1S2@1N6s2m8e0k6i4u0$3L8r3g2@1f1X3g2K6M7r3!0F1M7$3g2Q4x3U0f1J5y4#2)9J5y4e0t1&6i4K6u0o6i4K6t1#2x3U0y4E0j5i4c8@1i4K6u0W2k6$3g2@1g2%4u0A6N6r3g2J5i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9J5k6i4m8J5K9h3&6@1L8r3&6Q4x3U0f1J5z5q4)9J5y4e0t1K6k6g2)9J5y4e0t1&6i4K6u0o6i4K6t1#2x3U0y4E0j5i4c8@1i4K6u0W2k6$3g2@1g2%4u0A6N6r3g2J5i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9J5k6h3k6D9N6i4y4Z5i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9J5b7#2)9J5y4e0t1K6L8h3q4@1N6q4)9J5k6h3N6W2N6q4N6J5K9i4c8W2M7W2)9J5y4e0t1^5i4K6t1#2x3U0W2Q4x3X3g2U0L8r3!0K6k6g2)9J5y4e0t1^5i4K6t1#2x3U0W2Q4y4@1b7`.
eth0 Link encap:Ethernet HWaddr 00:0c:29:58:66:9e inet addr:192.168.199.138 Bcast:192.168.199.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe58:669e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:40469 errors:0 dropped:0 overruns:0 frame:0 TX packets:23308 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:55069446 (55.0 MB) TX bytes:1421989 (1.4 MB) Interrupt:19 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:1638 errors:0 dropped:0 overruns:0 frame:0 TX packets:1638 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:479063 (479.0 KB) TX bytes:479063 (479.0 KB)
423K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0p5J5y4#2)9J5k6e0m8Q4x3X3f1H3i4K6u0W2x3g2)9K6b7e0R3H3z5o6m8Q4x3V1k6K6N6s2u0#2N6s2x3J5i4K6u0V1j5X3I4S2L8X3E0Q4x3V1k6W2P5r3q4E0M7r3I4W2i4K6u0r3h3q4)9J5k6h3q4U0N6r3W2G2L8W2)9K6c8Y4u0W2k6r3W2J5k6h3y4@1i4K6y4m8i4K6t1@1i4K6N6n7i4K6t1#2x3U0y4S2i4K6t1#2x3$3c8Q4x3U0f1J5z5r3&6W2N6#2)9J5y4e0t1H3K9X3q4$3j5g2)9J5k6h3I4S2L8X3N6Q4x3X3g2b7M7X3!0U0k6i4y4K6b7Y4g2A6L8r3c8W2M7W2)9J5y4e0t1^5L8X3g2%4i4K6t1#2x3U0m8B7j5i4k6S2i4K6u0W2L8r3q4F1k6#2)9J5k6g2y4@1M7X3W2F1k6#2)9#2b7W2)9#2c8q4)9%4b7W2)9J5y4e0t1%4j5$3q4@1i4K6t1#2x3U0N6Q4x3V1y4Q4x3U0f1J5y4#2)9J5c8X3g2@1j5#2)9J5c8Y4m8S2M7%4y4%4k6q4)9J5y4e0t1%4i4K6N6p5i4K6t1#2x3U0W2Q4x3U0f1J5z5g2)9J5k6i4y4@1j5i4u0@1i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9J5b7#2)9J5y4e0t1K6j5W2)9J5y4e0y4V1i4K6t1#2x3U0y4S2i4K6u0W2k6$3g2@1d9h3&6H3N6i4c8e0N6s2u0W2j5h3#2Q4x3U0f1J5z5q4)9J5y4e0t1&6i4K6u0o6i4K6t1#2x3U0y4U0i4K6t1#2x3$3c8F1k6i4N6Q4x3U0f1J5x3r3A6S2N6X3q4Q4x3X3g2A6L8#2)9J5k6f1W2F1M7s2g2@1f1%4c8J5k6h3q4E0f1X3g2S2k6r3g2J5i4K6t1#2x3U0S2Q4x3U0f1J5x3$3u0Q4x3U0f1J5z5g2)9J5b7#2)9J5y4e0t1K6k6q4)9J5y4e0y4V1L8X3g2%4i4K6t1#2x3U0m8B7j5i4k6S2i4K6u0W2K9h3!0Q4x3X3g2n7N6h3k6X3k6i4u0W2k6q4u0W2j5h3c8W2M7W2)9J5y4e0t1^5i4K6t1#2x3U0y4U0i4K6t1#2x3U0W2Q4x3V1y4Q4x3U0f1J5x3$3g2Q4x3U0f1K6k6r3&6W2N6#2)9J5y4e0t1H3j5$3S2S2M7W2)9#2b7U0f1H3x3o6l9H3i4K6g2p5i4K6u0o6i4K6t1#2x3U0y4V1i4K6u0W2M7X3g2S2k6q4)9J5y4e0t1^5i4K6t1#2x3U0y4W2i4K6t1#2x3U0W2Q4x3V1y4Q4x3U0f1J5x3$3#2S2N6s2c8Q4x3U0f1K6k6q4)9J5y4e0t1K6j5$3!0F1N6r3g2^5N6q4)9J5k6h3N6W2N6q4)9J5y4e0t1^5i4K6t1#2x3U0N6U0L8$3#2Q4x3X3g2G2M7r3g2F1M7%4W2E0M7r3S2G2L8Y4W2Q4x3X3g2^5N6$3!0J5K9K6u0Q4x3X3g2V1K9i4y4H3j5i4c8U0K9r3g2J5i4K6u0W2d9s2c8@1M7q4y4W2M7Y4k6D9k6i4c8d9k6i4y4H3L8$3&6K6k6g2)9J5y4e0t1%4i4K6t1#2x3U0W2Q4x3V1y4Q4x3U0f1J5x3$3#2S2N6s2c8Q4x3X3g2Y4k6i4c8i4M7X3W2@1k6i4u0Q4x3U0f1J5z5q4)9J5y4e0t1&6i4K6u0W2M7s2u0A6L8Y4c8D9L8W2)9J5y4e0t1^5i4K6t1#2x3U0y4W2i4K6t1#2x3U0W2Q4x3V1y4Q4x3U0f1J5x3$3#2S2N6s2c8Q4x3X3g2Y4k6i4c8i4M7X3W2@1k6i4u0Q4x3U0f1J5z5q4)9J5y4e0t1&6i4K6u0W2k6X3I4#2M7$3S2Q4x3U0f1J5z5q4)9J5y4e0t1&6i4K6u0o6i4K6t1#2x3U0y4E0j5i4c8@1i4K6u0W2k6$3g2@1g2%4u0A6N6r3g2J5i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9J5k6h3y4D9L8%4y4W2i4K6t1#2x3U0S2Q4x3U0f1J5z5g2)9%4c8l9`.`.
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh libuuid:x:100:101::/var/lib/libuuid:/bin/sh syslog:x:101:103::/home/syslog:/bin/false messagebus:x:102:105::/var/run/dbus:/bin/false avahi-autoipd:x:103:106:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false usbmux:x:104:46:usbmux daemon,,,:/home/usbmux:/bin/false dnsmasq:x:105:65534:dnsmasq,,,:/var/lib/misc:/bin/false whoopsie:x:106:111::/nonexistent:/bin/false kernoops:x:107:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false rtkit:x:108:114:RealtimeKit,,,:/proc:/bin/false speech-dispatcher:x:109:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/sh avahi:x:110:116:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false colord:x:111:118:colord colour management daemon,,,:/var/lib/colord:/bin/false pulse:x:112:119:PulseAudio daemon,,,:/var/run/pulse:/bin/false hplip:x:113:7:HPLIP system user,,,:/var/run/hplip:/bin/false gdm:x:114:121:Gnome Display Manager:/var/lib/gdm:/bin/false saned:x:115:123::/home/saned:/bin/false debian-spamd:x:116:124::/var/lib/spamassassin:/bin/sh admin001:x:1000:1000:test,,,:/home/admin001:/bin/bash
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
