[Summary of basic concepts]—Summary of basic knowledge of network security Java

In this article, we will introduce: What security vulnerabilities exist in the Java language.

How can we exploit these vulnerabilities in our penetration testing.

In this article, first of all, a comprehensive summary of the basic concepts in JAVA.

Class is on~~ Class is on~~

content

JVM

JDK

JMX

JNI

JNA

OGNL

IO model

BIO

NIO

AIO

reflection

Introduction

 Related classes

 Class related

 Field related

 Method related

 Constructor

---

JVM

The JVM is the core of the Java platform, implemented in machine code, and provides all the basic functions required for program execution, such as bytecode parsers, JIT compilers, garbage collectors, and more. Since it is implemented in machine code, it is also vulnerable to binary attacks.

JCL is a standard library that comes with the JVM and contains hundreds of system classes. By default, all system classes are trusted and have all privileges.

JDK

Java Development Kit (Java Development Kit, JDK) is a Java platform released by Oracle Corporation, and there are Standard Edition (Java SE), Enterprise Edition (Enterprise Edition, Java EE) and other versions.

In the beginning, JDK was released in binary form, then on November 17, 2006, Sun released the source code of Java under the GPL license, and then OpenJDK appeared.

JMX

JMX (Java Management Extensions, Java Management Extensions) is a framework that implants management functions for applications, and mainly provides corresponding tools for managing and monitoring applications, system objects, devices and service-oriented networks. JMX can remotely read values ​​in the system and call methods in the system. When JMX is not configured for authentication or the JDK version is too low, there is a deserialization vulnerability, which may lead to remote code execution.

JNI

JNI (Java Native Interface) is an interface provided by Java to interact with other languages.

JNA

JNA (Java Native Access) is a framework on JNI that is used to automatically implement the mapping of Java interfaces to native functions without the need to write additional JNI code.

OGNL

OGNL (Object-Graph Navigation Language, Object Navigation Language) is a powerful expression language. Through simple and consistent expression syntax, it provides access to any properties of objects, methods of calling objects, and traversing the structure diagram of the entire object. , to achieve field type conversion and other functions.

OGNL is used in Struts2, which provides a ValueStack class. ValueStack is divided into two parts: root and context. The root is the current action object, and the context is all the content in the ActionContext.

IO model

Java encapsulates various IO models of the operating system to form different APIs.

BIO

BIO (Blocking I/O) is a synchronous blocking I/O mode. The reading and writing of data must be blocked in a thread waiting for its completion.

NIO

NIO (New I/O) is a synchronous non-blocking I/O model, introduced in Java 1.4, corresponding to the java.nio package, providing abstractions such as Channel, Selector, and Buffer.

AIO

AIO (Asynchronous I/O) was introduced in Java 7 and is an improved version of NIO. It is an asynchronous non-blocking IO model based on events and callback mechanisms.

reflection

Introduction

Java reflection mechanism means that in the running state, for any class, you can know all the properties and methods of this class; for any object, you can call any of its methods and properties; this dynamic acquisition of information and dynamic invocation of objects The function of the method is called the reflection mechanism of the language.

 Related classes

class name	use
Class	entity of class
Field	class member variable
Method	class method
Constructor	class constructor

 Class related

• asSubclass(Class<U> clazz)

  • Converts an object of the passed class to an object representing its subclass

• Cast

  • Convert an object to an object representing a class or interface

• getClassLoader()

  • get the class loader

• getClasses()

  • Returns an array containing objects of all public and interface classes in the class

• getDeclaredClasses()

  • Returns an array containing objects of all classes and interface classes in this class

• forName (String className)

  • Returns an object of a class based on the class name

• getName()

  • Get the full path name of the class

• newInstance()

  • Create an instance of the class

• getPackage()

  • get class package

• getSimpleName()

  • get class name

• getSuperclass()

  • Get the name of the parent class that the current class inherits from

• getInterfaces()

  • Get the class or interface implemented by the current class

• getField(String name)

  • Get a public property object

• getFields()

  • Get all public property objects

• getDeclaredField(String name)

  • get a property object

• getDeclaredFields()

  • get all property objects

• getAnnotation(Class<A> annotationClass)

  • Returns the public annotation object in this class that matches the parameter type

• getAnnotations()

  • Returns all public annotation objects of this class

• getDeclaredAnnotation(Class<A> annotationClass)

  • Returns all annotation objects in this class that match the parameter type

• getDeclaredAnnotations()

  • Returns all annotation objects of this class

• getConstructor(Class...<?> parameterTypes)

  • Get the public constructor in this class that matches the parameter type

• getConstructors()

  • Get all public constructors of this class

• getDeclaredConstructor(Class...<?> parameterTypes)

  • Get the constructor in this class that matches the parameter type

• getDeclaredConstructors()

  • Get all constructors of this class

• getMethod(String name, Class...<?> parameterTypes)

  • Get a public method of this class

• getMethods()

  • Get all public methods of this class

• getDeclaredMethod(String name, Class...<?> parameterTypes)

  • get a method of this class

• getDeclaredMethods()

  • Get all methods of this class

• isAnnotation()

  • Returns true if it is an annotation type

• isAnnotationPresent(Class<? extends Annotation> annotationClass)

  • Returns true if it is the specified type annotation type

• isAnonymousClass()

  • Returns true if it is an anonymous class

• isArray()

  • Returns true if it is an array class

• isEnum ()

  • Returns true if it is an enum class

• isInstance(Object obj)

  • Returns true if obj is an instance of this class

• isInterface()

  • Returns true if it is an interface class

• isLocalClass()

  • Returns true if it is a local class

• isMemberClass ()

  • Returns true if it is an inner class

 Field related

• equals(Object obj)

  • Returns true if the property is equal to obj

• get(Object obj)

  • Get the corresponding property value in obj

• set(Object obj, Object value)

  • Set the corresponding property value in obj

 Method related

• invoke(Object obj, Object... args)

  • Pass the object object and parameters to call the method corresponding to the object

 Constructor

• newInstance(Object... initargs)

  • Create an object of the class based on the passed parameters

 

 Recommended reading

High-quality resources

• Java implements photo GPS positioning [complete script]
• ReadPicExif.zip_-Java document resources-CSDN download https://download.csdn.net/download/weixin_42350212/20024262
• Python implements photo GPS positioning [complete script]
• Python positioning photo precise location complete code script
• Goddess forgets album password python20 lines of code to open [full script]
• Goddess forgets the album password python20 lines of code to open.py_-Python document resources-CSDN downloadhttps://download.csdn.net/download/weixin_42350212/19871942
• Python modifies the background color, size, background, and cutout of the ID photo [complete source code] https://download.csdn.net/download/weixin_42350212/19815306
• Python modifies the background color, size, background, and cutout of the ID photo [complete source code] _-Python documentation resources-CSDN download https://download.csdn.net/download/weixin_42350212/19815306

python combat

• [python combat https://blog.csdn.net/weixin_42350212/article/details/117031929
• [python combat] The encrypted "520 happy.pdf" sent by my ex-girlfriend, after I cracked it with python, I found https://blog.csdn.net/weixin_42350212/article/details/117031929
• [python combat] Last night, I used python to take a selfie with the ID card of the lady next door, and then found https://blog.csdn.net/weixin_42350212/article/details/116936268 ...
• [python combat] python you TM is too skinny - you can record every move of the keyboard in just 30 lines of code https://blog.csdn.net/weixin_42350212/article/details/115399658
• [ python combat] I forgot the password of the goddess album, I only wrote 20 lines of code in Python~~~https://blog.csdn.net/weixin_42350212/article/details/115580004

[pygame game development column, get complete source code + tutorial]

• Let's learn pygame together, 30 cases of game development (2) - tower defense game https://lexsaints.blog.csdn.net/article/details/115672270
• Let's learn pygame together, 30 cases of game development (4) - Tetris game https://blog.csdn.net/weixin_42350212/article/details/115699489
• Penetration Testing Practice Column
• Windows AD/Exchange Management Column
• Linux high-performance server construction