├── .gitignore ├── Dockerfile ├── RASP靶场测试.json ├── README.md ├── images ├── image-20220414154311860.png ├── image-20220414154457785.png ├── image-20220415121848006.png └── image-20220426194355585.png ├── javaweb-bbs.sql ├── pom.xml ├── static ├── css │ ├── element-ui-2.15.6.css │ └── fonts │ │ ├── element-icons.ttf │ │ └── element-icons.woff ├── favicon.ico ├── images │ └── logo.svg ├── index.html ├── js │ ├── element-ui-2.15.6.js │ ├── vue-2.6.14.js │ ├── vue-2.6.14.min.js │ ├── vue-router-3.5.3.js │ └── vue-router-3.5.3.min.js ├── main.html ├── test.html └── view │ ├── main.html │ └── test.html ├── vuln-core ├── .gitignore ├── pom.xml └── src │ ├── main │ └── java │ │ ├── com │ │ └── fasterxml │ │ │ └── jackson │ │ │ └── databind │ │ │ └── exc │ │ │ └── InvalidDefinitionException.java │ │ └── org │ │ └── javaweb │ │ └── vuln │ │ ├── controller │ │ ├── BlacklistController.java │ │ ├── CMDController.java │ │ ├── DeserializationController.java │ │ ├── DisableMethodController.java │ │ ├── ExpressionController.java │ │ ├── FastJsonController.java │ │ ├── FileSystemController.java │ │ ├── FileUploadController.java │ │ ├── JNDIController.java │ │ ├── JacksonController.java │ │ ├── PatchController.java │ │ ├── RequestController.java │ │ ├── SQLInjectionController.java │ │ ├── SSRFController.java │ │ ├── ScriptEngineController.java │ │ ├── SnakeyamlController.java │ │ ├── TestController.java │ │ ├── VelocityController.java │ │ ├── WhitelistController.java │ │ ├── XSSController.java │ │ ├── XStreamController.java │ │ └── XXEController.java │ │ ├── entity │ │ └── SysUser.java │ │ ├── service │ │ ├── HessianService.java │ │ └── impl │ │ │ └── HessianServiceImpl.java │ │ └── utils │ │ ├── HttpClient.java │ │ └── HttpServletRequestUtils.java │ └── test │ └── java │ └── org │ └── javaweb │ └── vuln │ ├── TestAbstractTranslet.java │ ├── TestAbstractTransletTest.java │ └── hessian │ └── HessianClient.java ├── vuln-springboot2 ├── .gitignore ├── pom.xml └── src │ └── main │ ├── java │ └── org │ │ └── javaweb │ │ └── vuln │ │ ├── config │ │ ├── SpringBoot2Application.java │ │ └── WebMvcConfig.java │ │ └── controller │ │ └── HessianController.java │ └── resources │ ├── application.properties │ ├── banner.txt │ ├── javaweb-bbs.db │ └── log4j.properties ├── vuln-springboot3 ├── .gitignore ├── pom.xml └── src │ └── main │ ├── java │ └── org │ │ └── javaweb │ │ └── vuln │ │ └── config │ │ ├── SpringBoot3Application.java │ │ └── WebMvcConfig.java │ └── resources │ ├── application.properties │ ├── banner.txt │ ├── javaweb-bbs.db │ └── log4j.properties └── vuln-test ├── .gitignore ├── pom.xml ├── src └── main │ ├── java │ └── org │ │ └── javaweb │ │ └── vuln │ │ ├── action │ │ └── TestActionAnnotation.java │ │ └── controller │ │ └── HessianController.java │ ├── resources │ ├── config │ │ ├── application-context.xml │ │ ├── javaweb-servlet.xml │ │ └── jdbc.properties │ ├── javaweb-bbs.db │ ├── log4j.properties │ └── struts.xml │ └── webapp │ ├── WEB-INF │ └── web.xml │ ├── index.jsp │ ├── modules │ ├── jni │ │ ├── CommandExecution.java │ │ ├── loadlibrary.jsp │ │ ├── org_javaweb_rasp_cmd_CommandExecution.cpp │ │ └── org_javaweb_rasp_cmd_CommandExecution.h │ ├── memshell │ │ └── tomcat-servlet.jsp │ ├── servlet │ │ └── fileupload │ │ │ └── servletPartUpload.jsp │ ├── webshell │ │ ├── Customize.jsp │ │ └── cmd.jspx │ └── xstream │ │ └── xstream.jsp │ └── rasp.jsp └── test.http /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/.gitignore -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/Dockerfile -------------------------------------------------------------------------------- /RASP靶场测试.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/RASP靶场测试.json -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/README.md -------------------------------------------------------------------------------- /images/image-20220414154311860.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/images/image-20220414154311860.png -------------------------------------------------------------------------------- /images/image-20220414154457785.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/images/image-20220414154457785.png -------------------------------------------------------------------------------- /images/image-20220415121848006.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/images/image-20220415121848006.png -------------------------------------------------------------------------------- /images/image-20220426194355585.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/images/image-20220426194355585.png -------------------------------------------------------------------------------- /javaweb-bbs.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/javaweb-bbs.sql -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/pom.xml -------------------------------------------------------------------------------- /static/css/element-ui-2.15.6.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/css/element-ui-2.15.6.css -------------------------------------------------------------------------------- /static/css/fonts/element-icons.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/css/fonts/element-icons.ttf -------------------------------------------------------------------------------- /static/css/fonts/element-icons.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/css/fonts/element-icons.woff -------------------------------------------------------------------------------- /static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/favicon.ico -------------------------------------------------------------------------------- /static/images/logo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/images/logo.svg -------------------------------------------------------------------------------- /static/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/index.html -------------------------------------------------------------------------------- /static/js/element-ui-2.15.6.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/js/element-ui-2.15.6.js -------------------------------------------------------------------------------- /static/js/vue-2.6.14.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/js/vue-2.6.14.js -------------------------------------------------------------------------------- /static/js/vue-2.6.14.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/js/vue-2.6.14.min.js -------------------------------------------------------------------------------- /static/js/vue-router-3.5.3.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/js/vue-router-3.5.3.js -------------------------------------------------------------------------------- /static/js/vue-router-3.5.3.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/js/vue-router-3.5.3.min.js -------------------------------------------------------------------------------- /static/main.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/main.html -------------------------------------------------------------------------------- /static/test.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/test.html -------------------------------------------------------------------------------- /static/view/main.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/view/main.html -------------------------------------------------------------------------------- /static/view/test.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/static/view/test.html -------------------------------------------------------------------------------- /vuln-core/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /vuln-core/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/pom.xml -------------------------------------------------------------------------------- /vuln-core/src/main/java/com/fasterxml/jackson/databind/exc/InvalidDefinitionException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/com/fasterxml/jackson/databind/exc/InvalidDefinitionException.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/BlacklistController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/BlacklistController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/CMDController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/CMDController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/DeserializationController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/DeserializationController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/DisableMethodController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/DisableMethodController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/ExpressionController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/ExpressionController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/FastJsonController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/FastJsonController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/FileSystemController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/FileSystemController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/FileUploadController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/FileUploadController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/JNDIController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/JNDIController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/JacksonController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/JacksonController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/PatchController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/PatchController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/RequestController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/RequestController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/SQLInjectionController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/SQLInjectionController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/SSRFController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/SSRFController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/ScriptEngineController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/ScriptEngineController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/SnakeyamlController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/SnakeyamlController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/TestController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/TestController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/VelocityController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/VelocityController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/WhitelistController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/WhitelistController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/XSSController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/XSSController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/XStreamController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/XStreamController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/controller/XXEController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/controller/XXEController.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/entity/SysUser.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/entity/SysUser.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/service/HessianService.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/service/HessianService.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/service/impl/HessianServiceImpl.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/service/impl/HessianServiceImpl.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/utils/HttpClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/utils/HttpClient.java -------------------------------------------------------------------------------- /vuln-core/src/main/java/org/javaweb/vuln/utils/HttpServletRequestUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/main/java/org/javaweb/vuln/utils/HttpServletRequestUtils.java -------------------------------------------------------------------------------- /vuln-core/src/test/java/org/javaweb/vuln/TestAbstractTranslet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/test/java/org/javaweb/vuln/TestAbstractTranslet.java -------------------------------------------------------------------------------- /vuln-core/src/test/java/org/javaweb/vuln/TestAbstractTransletTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/test/java/org/javaweb/vuln/TestAbstractTransletTest.java -------------------------------------------------------------------------------- /vuln-core/src/test/java/org/javaweb/vuln/hessian/HessianClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-core/src/test/java/org/javaweb/vuln/hessian/HessianClient.java -------------------------------------------------------------------------------- /vuln-springboot2/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/.gitignore -------------------------------------------------------------------------------- /vuln-springboot2/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/pom.xml -------------------------------------------------------------------------------- /vuln-springboot2/src/main/java/org/javaweb/vuln/config/SpringBoot2Application.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/java/org/javaweb/vuln/config/SpringBoot2Application.java -------------------------------------------------------------------------------- /vuln-springboot2/src/main/java/org/javaweb/vuln/config/WebMvcConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/java/org/javaweb/vuln/config/WebMvcConfig.java -------------------------------------------------------------------------------- /vuln-springboot2/src/main/java/org/javaweb/vuln/controller/HessianController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/java/org/javaweb/vuln/controller/HessianController.java -------------------------------------------------------------------------------- /vuln-springboot2/src/main/resources/application.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/resources/application.properties -------------------------------------------------------------------------------- /vuln-springboot2/src/main/resources/banner.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/resources/banner.txt -------------------------------------------------------------------------------- /vuln-springboot2/src/main/resources/javaweb-bbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/resources/javaweb-bbs.db -------------------------------------------------------------------------------- /vuln-springboot2/src/main/resources/log4j.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot2/src/main/resources/log4j.properties -------------------------------------------------------------------------------- /vuln-springboot3/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/.gitignore -------------------------------------------------------------------------------- /vuln-springboot3/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/pom.xml -------------------------------------------------------------------------------- /vuln-springboot3/src/main/java/org/javaweb/vuln/config/SpringBoot3Application.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/src/main/java/org/javaweb/vuln/config/SpringBoot3Application.java -------------------------------------------------------------------------------- /vuln-springboot3/src/main/java/org/javaweb/vuln/config/WebMvcConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/src/main/java/org/javaweb/vuln/config/WebMvcConfig.java -------------------------------------------------------------------------------- /vuln-springboot3/src/main/resources/application.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/src/main/resources/application.properties -------------------------------------------------------------------------------- /vuln-springboot3/src/main/resources/banner.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/src/main/resources/banner.txt -------------------------------------------------------------------------------- /vuln-springboot3/src/main/resources/javaweb-bbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/src/main/resources/javaweb-bbs.db -------------------------------------------------------------------------------- /vuln-springboot3/src/main/resources/log4j.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-springboot3/src/main/resources/log4j.properties -------------------------------------------------------------------------------- /vuln-test/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/.gitignore -------------------------------------------------------------------------------- /vuln-test/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/pom.xml -------------------------------------------------------------------------------- /vuln-test/src/main/java/org/javaweb/vuln/action/TestActionAnnotation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/java/org/javaweb/vuln/action/TestActionAnnotation.java -------------------------------------------------------------------------------- /vuln-test/src/main/java/org/javaweb/vuln/controller/HessianController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/java/org/javaweb/vuln/controller/HessianController.java -------------------------------------------------------------------------------- /vuln-test/src/main/resources/config/application-context.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/resources/config/application-context.xml -------------------------------------------------------------------------------- /vuln-test/src/main/resources/config/javaweb-servlet.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/resources/config/javaweb-servlet.xml -------------------------------------------------------------------------------- /vuln-test/src/main/resources/config/jdbc.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/resources/config/jdbc.properties -------------------------------------------------------------------------------- /vuln-test/src/main/resources/javaweb-bbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/resources/javaweb-bbs.db -------------------------------------------------------------------------------- /vuln-test/src/main/resources/log4j.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/resources/log4j.properties -------------------------------------------------------------------------------- /vuln-test/src/main/resources/struts.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/resources/struts.xml -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/WEB-INF/web.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/WEB-INF/web.xml -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/index.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/index.jsp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/jni/CommandExecution.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/jni/CommandExecution.java -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/jni/loadlibrary.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/jni/loadlibrary.jsp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/jni/org_javaweb_rasp_cmd_CommandExecution.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/jni/org_javaweb_rasp_cmd_CommandExecution.cpp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/jni/org_javaweb_rasp_cmd_CommandExecution.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/jni/org_javaweb_rasp_cmd_CommandExecution.h -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/memshell/tomcat-servlet.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/memshell/tomcat-servlet.jsp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/servlet/fileupload/servletPartUpload.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/servlet/fileupload/servletPartUpload.jsp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/webshell/Customize.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/webshell/Customize.jsp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/webshell/cmd.jspx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/webshell/cmd.jspx -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/modules/xstream/xstream.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/src/main/webapp/modules/xstream/xstream.jsp -------------------------------------------------------------------------------- /vuln-test/src/main/webapp/rasp.jsp: -------------------------------------------------------------------------------- 1 | <%@page session="false" %> 2 | <%=new java.util.Date()%> -------------------------------------------------------------------------------- /vuln-test/test.http: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/javaweb-rasp/javaweb-vuln/HEAD/vuln-test/test.http --------------------------------------------------------------------------------