Java fill the pit to start!
1.Intellij Some shortcuts
intell commonly used shortcut keys:
ctrl + n to quickly locate the positioning class
ctrl + q quickly view a class of document information
shift + F6 fast class variables rename
ctrl + i class implementing the interface in the current methods
ctrl + o replication method of the base class
ctrl + shift + space recommended for the current variable function
The method of rapid alt + insert disposed class
ctrl + shift + a quickly find various types, variables, operators
ctrl + alt + t exception generated automatically capture block
ctrl + alt + b positioning implement the abstract methods
ctrl + alt + v extracting an object reflecting the class
ctrl + / comment / cancellations single line
ctrl + shift + / multi-line comments
shift + F1 browser to open a document corresponding to the current element
ctrl + shift + or down arrow can quickly move to a row of the current row
Add a little behind the expression. Can be automatically added to the selection criteria
ctrl + shift + m may be defined in the code block to a new method for code reuse
ctrl + alt + c for extracting a specified variable
ctrl + alt + b is positioned at the interface to achieve this
ctrl + alt + l can make the entire code interface neater, cancel a single line
ctrl + p can prompt you can use the current function what parameters and parameter types, I feel more useful
ctrl + shirt + i can see the current definition of specific methods
F2 key to quickly locate the error in the next place
F4 may be positioned to analyze the source code of the class
ctrl + F12 can quickly analyze the structure of the current file, including classes, methods, variables
ctrl + f F3 search string string is positioned at the next matching, shift + f3 returns a string matching the upper
ctrl + shift + enter or for the rapid generation block if
Some basics 2.java
apache-tomcat-7.0.34\webappsBy default, a Web project deployment. webapps folder under your project name is, while WebRoot under the project in general is the root of the website, WebRoot file under WEB-INF folder default is to keep Web access, there is generally configured mostly nginx configuration does not leak filter out this directory.
Serialization
Nature deserialization vulnerability is anti-serialization mechanism to break the boundaries of data and objects, resulting in the malicious serialized data an attacker to inject is reduced to an object in the deserialization process, the control object may carry out an attack on the target system above code. Java serialization used in RMI JMX JMS (Java Message Service) technology.
There is provided a Java object serialization mechanism, which, an object can be represented as a sequence of bytes, the byte sequence comprising the object's data type, the type information about an object stored in the object data .
Object serialization of a class in order to succeed, two conditions must be met:
The class must implement java.io.Serializable object.
All properties of the class must be serializable. If a property is not serializable, the property must indicate short-lived.
Test if an instance of a class can be serialized very simple, only need to see the class has not achieved java.io.Serializable interface.
Externalizable and achieve Serializable interface object class can be serialized.
Externalizable interface inherits from the Serializable interface, the interface classes implement Externalizable entirely controlled by the behavior of the sequence itself, and only implements the default serialization Serializable class interface may be employed.
ObjectOutputStream class is used to serialize an object
ObjectInputStream class of an object to deserialize
The following is a simple serialization and deserialization processes to be written to by writeObject ObjectOutStream object files, to read the file of the sequence of image by readObject ObjectInputStream, where the original deserialization time the object is Object, use (class name) is converted into an object corresponding to the object class in order to restore serialized
import java.io.FileOutputStream; import java.io.ObjectOutputStream; import java.io.*; public class xuliehua implements Serializable{ public static String a="a"; public static void main(String[] args) { xuliehua test = new xuliehua(); try { ObjectOutputStream t = new ObjectOutputStream(new FileOutputStream("./xuliehua")); t.writeObject(test); t.close(); ObjectInputStream tt = new ObjectInputStream(new FileInputStream("xuliehua")); xuliehua x = (xuliehua) tt.readObject(); System.out.println(x.a); } catch (IOException | ClassNotFoundException e) { e.printStackTrace(); } } }
java data generated sequence is a sequence of bytes, base64 look more readable
Custom serialization and deserialization process, is to rewrite writeObjectand readObjectmethods
import java.io.FileOutputStream; import java.io.ObjectOutputStream; import java.io.*; public class xuliehua implements Serializable{ public static String a="a"; private void readObject(ObjectInputStream in) { try { in.defaultReadObject(); Runtime.getRuntime().exec("calc.exe"); } catch (IOException e) { e.printStackTrace(); } catch (ClassNotFoundException e) { e.printStackTrace(); } } public static void main(String[] args) { xuliehua test = new xuliehua(); try { ObjectOutputStream t = new ObjectOutputStream(new FileOutputStream("./xuliehua")); t.writeObject(test); t.close(); ObjectInputStream tt = new ObjectInputStream(new FileInputStream("xuliehua")); xuliehua x = (xuliehua)tt.readObject(); } catch (IOException | ClassNotFoundException e) { e.printStackTrace(); } } }
Run the above code to pop-up calculator, here actually use a rewrite polymorphic properties java, override the readObject method, in which the red line Runtime.getRuntime.exec that is self-executing the command definition statements, and most of the anti-Java principle serialization is vulnerable is a class overrides the readObjectmethod
java reflection mechanism:
Program in the operating state, you can only load a dynamic class name, for any already loaded class, we are able to know all the properties and methods of this class; for any object, he can call any of the methods and properties;
After loading the class finished, the heap is generated in a Class Object type (only one of a class Class object), this object contains the complete structural information classes, and this Class object like a mirror, looking through the mirror the class structure, it is called: reflected
After each class is loaded into the memory, the system generates a corresponding java.lang.Class objects for the class, you will have access to the JVM through this Class object class.
Class object acquisition method:
getClass object instance () method;
Class .class (safest / best performance) properties;
Use Class.forName (String className) dynamically load classes, className need to be fully qualified name of the class (the most common).
Note that when using the function ".class" to create a reference to the Class object does not automatically initialize the Class object, use the forName () object is automatically initialized Class
Import java.awt.desktop.SystemEventListener; Import the java.io. * ; Import java.lang.reflect.InvocationTargetException; Import the java.lang.reflect.Method; public class Reflection { public static void main (String [] args) { Class test . = the Test class ; // .class case by creating a class reference test System.out.println ( "recovery" + test.getName ()); Method, [] Methods = test.getMethods (); // with class to access all object type class test methods for (method, method: methods) { System.out.println ( "method =>" +method.getName ()); } the try { Method, Method = test.getMethod ( "hack", String. class ); // access method getMethod reflection method by a class object class type, the second parameter is this type of method, here the string type Object X = Method.invoke ( new new the Test ( "tr1ple"), "23333" ); // call to invoke the method by method type variable getmthod already positioned to invoke a method At this time, the first parameter is an instance of the class object reflector,
the second parameter for the process parameters of the entrance System.out.println (X); } the catch (IllegalAccessException E) { e.printStackTrace (); } the catch ( E a InvocationTargetException) { e.printStackTrace (); } the catch (NoSuchMethodException e) { e.printStackTrace(); } } } class Test { private String a; public Test(String a) { this.a=a; } public String hack(String b) { try { System.out.println("tet"+this.a+"and "+ b); Runtime.getRuntime().exec("calc.exe"); } catch (IOException e) { e.printStackTrace(); } return b; } }
I.e., the actual call to the entire chain of reflection:
1.TEST.class class type of the object class is obtained, easy access to the internal structure of the class TEST
2. class object -> getmethod () method to locate the need to call
3. Method calls invoke method to reflect the type of variable, call completion trigger final reflectance function