一,JavaEE-过滤器Filter
1,过滤器的含义:
Filter被称为过滤器,过滤器实际上就是对Web资源进行拦截,做一些处理后再交给下一个过滤器或Servlet处理,通常都是用来拦截request进行处理的,也可以对返回的 response进行拦截处理。开发人员利用filter技术,可以实现对所有Web资源的管理,例如实现权限访问控制、过滤敏感词汇、压缩响应信息等一些高级功能。
2,过滤器的应用场景:
Payload检测,权限访问控制,红队内存马植入,蓝队清理内存马等(内存马参考):https://mp.weixin.qq.com/s/hev4G1FivLtqKjt0VhHKmw
3,过滤器检测xss的项目
(1),TestServlet文件(用于接受参数code,并返回code的值到客户端)
package com.example.filterdemo1.servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet("/test")
public class TestServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("---------doGet");
String code=req.getParameter("code");
resp.setContentType("text/html;charset=utf-8");
PrintWriter out=resp.getWriter();
out.println("这是GET请求的数据");
out.println("code: "+code+"<br>");
out.flush();
out.close();
}
}
(2),XssFilter文件(实现Filter接口中的方法)
package com.example.filterdemo1.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
@WebFilter("/test")
public class XssFilter implements Filter {
@Override
//中间件启动后就自动运行,无需访问路由
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("xss开启过滤");
}
@Override
//中间件关闭后就自动运行
public void destroy() {
System.out.println("xss销毁过滤");
}
@Override
//doFilter 访问路由触发的方法
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("xss正在过滤");
//过滤代码就应该在放行前
//如果符合就放行,不符合就过滤(拦截)
//XSS过滤 接受参数值 如果有攻击payload 就进行拦截
// 接受参数值 如果没有攻击payload 就进行放行
HttpServletRequest request= (HttpServletRequest) servletRequest;
String code = request.getParameter("code");
if(!code.contains("<script>")){ //没有攻击payload
//放行
filterChain.doFilter(servletRequest,servletResponse);
}else{
System.out.println("存在XSS攻击");
//继续拦截
}
}
}
4,过滤器实现cookie身份验证
项目功能:检测客户端的cookie的user值是否为amin
AdminServlet文件
@WebServlet("/admin")
public class AdminServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("欢迎进入管理员页面");
}
}
AdminFilter文件
package com.example.filterdemo1.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
@WebFilter("/admin")
public class AdminFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("admin身份检测开启");
}
@Override
public void destroy() {
System.out.println("admin身份检测销毁");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("admin身份检测进行");
//检测Cookie过滤
HttpServletRequest request= (HttpServletRequest) servletRequest;
Cookie[] cookies=request.getCookies();
//对Cookie进行遍历获取
for(Cookie c:cookies){
String cName = c.getName();//获取cookie名
String cValue = c.getValue();//获取cookie值
System.out.println(cName);
System.out.println(cValue);
if(cName.contains("user") && cValue.contains("admin")){
// filterChain 是一个 FilterChain 对象,代表过滤器链。
// doFilter() 方法用于将请求和响应对象传递给过滤器链中的下一个过滤器或目标资源。
// 即当前过滤通过
filterChain.doFilter(servletRequest,servletResponse);
}else {
System.out.println("非管理员访问");
}
}
}
}
5.内存马技术
(1)内存马原理
(2)内存马实验
哥斯拉生成java的后门1.jsp
用哥斯拉连接url http://localhost:8080/FilterDemo1_war_exploded/1.jsp
从而拿到shell
二,Java-监听器Listen
1.监听器的作用:
监听ServletContext、HttpSession、ServletRequest等域对象创建和销毁事件
监听域对象的属性发生修改的事件
监听在事件发生前、发生后做一些必要的处理
监听器就是用来检测的的动作,有动作就会触发监听器里的方法,不是一定要访问路由才能触发;当与监听器关联的特定事件在Web应用中发生时,监听器会被触发
2.监听session的创造与销毁项目:
ListenSession文件
package com.example.listendemo1.listener;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
@WebListener//@WebListener标记监听器类,无需路由
public class ListenSession implements HttpSessionListener {
@Override
public void sessionCreated(HttpSessionEvent se) {
//监听检测有Session创建就会执行这里
System.out.println("监听器监听到了session创建");
}//tomcat一启动,就会有session的产生,次函数就会被触发
@Override
public void sessionDestroyed(HttpSessionEvent se) {
//监听检测有Session销毁就会执行这里
System.out.println("监听器监听到了session销毁");
}
}
CSession文件
package com.example.listendemo1.Servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.*;
import java.io.IOException;
@WebServlet("/cs")
public class CSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("Servlet里面创建Session");
//创建Session
req.getSession();
}
}
DSession文件
package com.example.listendemo1.Servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/ds")
public class DSession extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("Servlet里面销毁Session");
//销毁Session
req.getSession().invalidate();
}
}
文章参考https://blog.csdn.net/qq_61553520/article/details/136610854?ops_request_misc=%257B%2522request%255Fid%2522%253A%25220cf987d46cb19adf9fcab25e075c7efe%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fblog.%2522%257D&request_id=0cf987d46cb19adf9fcab25e075c7efe&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2blogfirst_rank_ecpm_v1~rank_v31_ecpm-1-136610854-null-null.nonecase&utm_term=33&spm=1018.2226.3001.4450
标签:JavaEE,System,Listener,监听器,println,import,servlet,javax,out From: https://www.cnblogs.com/sec-geek/p/18610723