Struts2 + 类加载器漏洞 + 如何重现 [英] Struts2 + Classloader Vulnerability + How to reproduce

问题描述

如何重现安全问题 CVE-2014-0094.我用谷歌搜索，但找不到任何相同的参考.

How to reproduce the security issue CVE-2014-0094. I googled but couldn't able to find any reference to the same.

推荐答案

搞定了.

我必须启用日志记录(对于 ognl 包)才能看到错误.

I have to enable logging (for ognl package) to see the error.

将 class.classLoader.resource.dircontext.docBase=someText 等参数传递给 struts2 应用程序.

Pass in parameter like class.classLoader.resource.dircontext.docBase=someText to the struts2 application.

localhost:8080/sampleApp/showlogin.do?class.classLoader.resource.diretext.docBase=someText

localhost:8080/sampleApp/showlogin.do?class.classLoader.resource.diretext.docBase=someText

然后在日志中我会看到这样的内容.

Then in the log I would see something like this.

java.lang.IllegalArgumentException: Document base base does not exist or is not a readable directory
    at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext.java:136)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

应用解决方法后，我在日志中看不到上述错误.

After applying the workaround then I don't see above error in the log.

参考:http://www.brentron.com/safe/web/9248.htmlhttp://isayan.cocolog-nifty.com/diary/2014/04/s2-020.html

这篇关于Struts2 + 类加载器漏洞 + 如何重现的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！