wangwei
/
bugtest001
Not watched
1
0
Fork 0
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
48 kB
11 Download
Tree: dc5ef56004
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dc5ef56004'
${ noResults }
bugtest001/XPath_Injection/XPath_Injection.java

XPath_Injection.java 2.4 kB
Raw Normal View History

init
3 years ago
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. package XPath_Injection;

  2. 

  3. import java.io.File;

  4. import java.io.FileInputStream;

  5. import java.io.FileNotFoundException;

  6. import java.io.IOException;

  7. import java.io.InputStream;

  8. import java.util.logging.Logger;

  9. 

  10. import javax.servlet.http.HttpServletRequest;

  11. import javax.xml.xpath.XPath;

  12. import javax.xml.xpath.XPathConstants;

  13. import javax.xml.xpath.XPathExpressionException;

  14. import javax.xml.xpath.XPathFactory;

  15. 

  16. import org.w3c.dom.NodeList;

  17. import org.xml.sax.InputSource;

  18. 

  19. public class XPath_Injection {

  20. 

  21. 	static final Logger log = Logger.getLogger("logger");

  22. 

  23. 	public void bad(HttpServletRequest request) throws XPathExpressionException {

  24. 

  25. 		String username = request.getParameter("name");

  26. 

  27. 		String dir = "C:" + File.separator + "EmployeesData.xml";

  28. 		File d = new File(dir);

  29. 		XPathFactory factory = XPathFactory.newInstance();

  30. 		XPath xPath = factory.newXPath();

  31. 		NodeList nodes = null;

  32. 		InputStream in = null;

  33. 		InputSource inputSource = null;

  34. 		try {

  35. 			in = new FileInputStream(d);

  36. 			inputSource = new InputSource(in);

  37. 			String expression = "/employees/employee[loginID/text()='"

  38. 					+ username + "']";

  39. 			nodes = (NodeList) xPath.evaluate(expression, inputSource, XPathConstants.NODESET); // bad XPath注入

  40. 			log.info(nodes.item(1).getLocalName());

  41. 		} catch (FileNotFoundException e) {

  42. 			log.info("FileNotFoundException");

  43. 		} finally {

  44. 			try {

  45. 				if(in!=null){

  46. 					in.close();

  47. 				}

  48. 			} catch (IOException e) {

  49. 				log.info("IOException");

  50. 			}

  51. 

  52. 		}

  53. 	}

  54. 

  55. 	public void good(HttpServletRequest request)

  56. 			throws XPathExpressionException {

  57. 

  58. 		String username = "foo";

  59. 

  60. 		String dir = "C:" + File.separator + "EmployeesData.xml";

  61. 		File d = new File(dir);

  62. 		XPathFactory factory = XPathFactory.newInstance();

  63. 		XPath xPath = factory.newXPath();

  64. 		NodeList nodes = null;

  65. 		InputStream in = null;

  66. 		InputSource inputSource = null;

  67. 		try {

  68. 			in = new FileInputStream(d);

  69. 			inputSource = new InputSource(in);

  70. 			String expression = "/employees/employee[loginID/text()='"

  71. 					+ username + "']";

  72. 			nodes = (NodeList) xPath.evaluate(expression, inputSource, XPathConstants.NODESET); // good XPath注入

  73. 			log.info(nodes.item(1).getLocalName());

  74. 		} catch (FileNotFoundException e) {

  75. 			log.info("FileNotFoundException");

  76. 		} finally {

  77. 			try {

  78. 				if(in!=null){

  79. 					in.close();

  80. 				}

  81. 			} catch (IOException e) {

  82. 				log.info("IOException");

  83. 			}

  84. 

  85. 		}

  86. 	}

  87. 

  88. }

No Description

Contributors (1)
All