├── README.md └── thymeleaf-problem ├── WCTF-WP.pptx ├── src ├── .DS_Store ├── build.gradle ├── gradle.properties ├── gradle │ └── wrapper │ │ ├── gradle-wrapper.jar │ │ └── gradle-wrapper.properties ├── gradlew ├── gradlew.bat ├── settings.gradle └── thymeleaf-problem │ ├── build.gradle │ ├── build │ ├── classes │ │ └── java │ │ │ └── main │ │ │ └── me │ │ │ └── threedr3am │ │ │ └── thymeleaf │ │ │ ├── ThymeleafApplication.class │ │ │ ├── config │ │ │ ├── JWTConfig.class │ │ │ ├── SessionFilterConfig.class │ │ │ ├── SwaggerConfig.class │ │ │ └── URISpelInjectFilterConfig.class │ │ │ ├── controller │ │ │ ├── LoginController.class │ │ │ └── auth │ │ │ │ ├── RoleController.class │ │ │ │ └── UserInfoController.class │ │ │ ├── entity │ │ │ ├── Result$ResultBuilder.class │ │ │ └── Result.class │ │ │ └── filter │ │ │ ├── SessionFilter.class │ │ │ └── URISpelInjectFilter.class │ ├── libs │ │ └── thymeleaf-problem-1.0.0-SNAPSHOT.jar │ ├── resources │ │ └── main │ │ │ ├── application.yml │ │ │ └── templates │ │ │ ├── home.html │ │ │ ├── login-error.html │ │ │ └── login.html │ └── tmp │ │ └── bootJar │ │ └── MANIFEST.MF │ └── src │ └── main │ ├── java │ └── me │ │ └── threedr3am │ │ └── thymeleaf │ │ ├── ThymeleafApplication.java │ │ ├── config │ │ ├── JWTConfig.java │ │ ├── SessionFilterConfig.java │ │ ├── SwaggerConfig.java │ │ └── URISpelInjectFilterConfig.java │ │ ├── controller │ │ ├── LoginController.java │ │ └── auth │ │ │ ├── RoleController.java │ │ │ └── UserInfoController.java │ │ ├── entity │ │ └── Result.java │ │ └── filter │ │ ├── SessionFilter.java │ │ └── URISpelInjectFilter.java │ └── resources │ ├── application.yml │ └── templates │ ├── home.html │ ├── login-error.html │ └── login.html └── thymeleaf-problem.jar /README.md: -------------------------------------------------------------------------------- 1 | # WCTF-2020 -------------------------------------------------------------------------------- /thymeleaf-problem/WCTF-WP.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/WCTF-WP.pptx -------------------------------------------------------------------------------- /thymeleaf-problem/src/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/.DS_Store -------------------------------------------------------------------------------- /thymeleaf-problem/src/build.gradle: -------------------------------------------------------------------------------- 1 | buildscript { 2 | 3 | repositories { 4 | mavenCentral() 5 | } 6 | 7 | dependencies { 8 | classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion" 9 | } 10 | } 11 | 12 | allprojects { 13 | apply plugin: 'java' 14 | 15 | group = 'me.threedr3am' 16 | version = '1.0.0-SNAPSHOT' 17 | } 18 | 19 | subprojects { 20 | apply plugin: "io.spring.dependency-management" 21 | apply plugin: 'org.springframework.boot' 22 | 23 | tasks.withType(JavaCompile) { 24 | options.encoding = "UTF-8" 25 | } 26 | 27 | configurations { 28 | all*.exclude group: "log4j", module: "log4j" 29 | all*.exclude group: "org.slf4j", module: "slf4j-log4j12" 30 | all*.exclude group: "org.slf4j", module: "log4j-over-slf4j" 31 | all*.exclude group: "org.springframework.boot", module: "spring-boot-starter-logging" 32 | all*.exclude group: "org.springframework.boot", module: "spring-boot-dependencies" 33 | } 34 | 35 | repositories { 36 | mavenCentral() 37 | } 38 | 39 | dependencyManagement { 40 | dependencies { 41 | dependencySet(group: 'org.springframework.boot', version: "${springBootVersion}") { 42 | entry 'spring-boot-starter-web' 43 | entry 'spring-boot-starter-log4j2' 44 | entry 'spring-boot-starter-validation' 45 | entry 'spring-boot-starter-data-jpa' 46 | entry 'spring-boot-starter-test' 47 | } 48 | } 49 | } 50 | 51 | dependencies { 52 | annotationProcessor "org.projectlombok:lombok:$lombokVersion" 53 | compileOnly "org.projectlombok:lombok:$lombokVersion" 54 | testAnnotationProcessor "org.projectlombok:lombok:$lombokVersion" 55 | testCompileOnly "org.projectlombok:lombok:$lombokVersion" 56 | } 57 | 58 | } -------------------------------------------------------------------------------- /thymeleaf-problem/src/gradle.properties: -------------------------------------------------------------------------------- 1 | springBootVersion=2.2.2.RELEASE 2 | slf4jVersion=1.7.22 3 | log4jVersion=2.13.3 4 | commonsLangVersion=3.5 5 | jacksonVersion=2.10.1 6 | jacksonCoreVersion=2.10.1 7 | jacksonAnnotationsVersion=2.10.1 8 | lombokVersion=1.18.2 9 | javaJwt=3.10.3 -------------------------------------------------------------------------------- /thymeleaf-problem/src/gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /thymeleaf-problem/src/gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionBase=GRADLE_USER_HOME 2 | distributionPath=wrapper/dists 3 | distributionUrl=https\://services.gradle.org/distributions/gradle-6.1-bin.zip 4 | zipStoreBase=GRADLE_USER_HOME 5 | zipStorePath=wrapper/dists 6 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/gradlew: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | # 4 | # Copyright 2015 the original author or authors. 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); 7 | # you may not use this file except in compliance with the License. 8 | # You may obtain a copy of the License at 9 | # 10 | # https://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | 19 | ############################################################################## 20 | ## 21 | ## Gradle start up script for UN*X 22 | ## 23 | ############################################################################## 24 | 25 | # Attempt to set APP_HOME 26 | # Resolve links: $0 may be a link 27 | PRG="$0" 28 | # Need this for relative symlinks. 29 | while [ -h "$PRG" ] ; do 30 | ls=`ls -ld "$PRG"` 31 | link=`expr "$ls" : '.*-> \(.*\)$'` 32 | if expr "$link" : '/.*' > /dev/null; then 33 | PRG="$link" 34 | else 35 | PRG=`dirname "$PRG"`"/$link" 36 | fi 37 | done 38 | SAVED="`pwd`" 39 | cd "`dirname \"$PRG\"`/" >/dev/null 40 | APP_HOME="`pwd -P`" 41 | cd "$SAVED" >/dev/null 42 | 43 | APP_NAME="Gradle" 44 | APP_BASE_NAME=`basename "$0"` 45 | 46 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 47 | DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' 48 | 49 | # Use the maximum available, or set MAX_FD != -1 to use that value. 50 | MAX_FD="maximum" 51 | 52 | warn () { 53 | echo "$*" 54 | } 55 | 56 | die () { 57 | echo 58 | echo "$*" 59 | echo 60 | exit 1 61 | } 62 | 63 | # OS specific support (must be 'true' or 'false'). 64 | cygwin=false 65 | msys=false 66 | darwin=false 67 | nonstop=false 68 | case "`uname`" in 69 | CYGWIN* ) 70 | cygwin=true 71 | ;; 72 | Darwin* ) 73 | darwin=true 74 | ;; 75 | MINGW* ) 76 | msys=true 77 | ;; 78 | NONSTOP* ) 79 | nonstop=true 80 | ;; 81 | esac 82 | 83 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar 84 | 85 | # Determine the Java command to use to start the JVM. 86 | if [ -n "$JAVA_HOME" ] ; then 87 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 88 | # IBM's JDK on AIX uses strange locations for the executables 89 | JAVACMD="$JAVA_HOME/jre/sh/java" 90 | else 91 | JAVACMD="$JAVA_HOME/bin/java" 92 | fi 93 | if [ ! -x "$JAVACMD" ] ; then 94 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME 95 | 96 | Please set the JAVA_HOME variable in your environment to match the 97 | location of your Java installation." 98 | fi 99 | else 100 | JAVACMD="java" 101 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 102 | 103 | Please set the JAVA_HOME variable in your environment to match the 104 | location of your Java installation." 105 | fi 106 | 107 | # Increase the maximum file descriptors if we can. 108 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then 109 | MAX_FD_LIMIT=`ulimit -H -n` 110 | if [ $? -eq 0 ] ; then 111 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then 112 | MAX_FD="$MAX_FD_LIMIT" 113 | fi 114 | ulimit -n $MAX_FD 115 | if [ $? -ne 0 ] ; then 116 | warn "Could not set maximum file descriptor limit: $MAX_FD" 117 | fi 118 | else 119 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" 120 | fi 121 | fi 122 | 123 | # For Darwin, add options to specify how the application appears in the dock 124 | if $darwin; then 125 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" 126 | fi 127 | 128 | # For Cygwin or MSYS, switch paths to Windows format before running java 129 | if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then 130 | APP_HOME=`cygpath --path --mixed "$APP_HOME"` 131 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` 132 | JAVACMD=`cygpath --unix "$JAVACMD"` 133 | 134 | # We build the pattern for arguments to be converted via cygpath 135 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` 136 | SEP="" 137 | for dir in $ROOTDIRSRAW ; do 138 | ROOTDIRS="$ROOTDIRS$SEP$dir" 139 | SEP="|" 140 | done 141 | OURCYGPATTERN="(^($ROOTDIRS))" 142 | # Add a user-defined pattern to the cygpath arguments 143 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then 144 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" 145 | fi 146 | # Now convert the arguments - kludge to limit ourselves to /bin/sh 147 | i=0 148 | for arg in "$@" ; do 149 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` 150 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option 151 | 152 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition 153 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` 154 | else 155 | eval `echo args$i`="\"$arg\"" 156 | fi 157 | i=`expr $i + 1` 158 | done 159 | case $i in 160 | 0) set -- ;; 161 | 1) set -- "$args0" ;; 162 | 2) set -- "$args0" "$args1" ;; 163 | 3) set -- "$args0" "$args1" "$args2" ;; 164 | 4) set -- "$args0" "$args1" "$args2" "$args3" ;; 165 | 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; 166 | 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; 167 | 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; 168 | 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; 169 | 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; 170 | esac 171 | fi 172 | 173 | # Escape application args 174 | save () { 175 | for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done 176 | echo " " 177 | } 178 | APP_ARGS=`save "$@"` 179 | 180 | # Collect all arguments for the java command, following the shell quoting and substitution rules 181 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" 182 | 183 | exec "$JAVACMD" "$@" 184 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/gradlew.bat: -------------------------------------------------------------------------------- 1 | @rem 2 | @rem Copyright 2015 the original author or authors. 3 | @rem 4 | @rem Licensed under the Apache License, Version 2.0 (the "License"); 5 | @rem you may not use this file except in compliance with the License. 6 | @rem You may obtain a copy of the License at 7 | @rem 8 | @rem https://www.apache.org/licenses/LICENSE-2.0 9 | @rem 10 | @rem Unless required by applicable law or agreed to in writing, software 11 | @rem distributed under the License is distributed on an "AS IS" BASIS, 12 | @rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | @rem See the License for the specific language governing permissions and 14 | @rem limitations under the License. 15 | @rem 16 | 17 | @if "%DEBUG%" == "" @echo off 18 | @rem ########################################################################## 19 | @rem 20 | @rem Gradle startup script for Windows 21 | @rem 22 | @rem ########################################################################## 23 | 24 | @rem Set local scope for the variables with windows NT shell 25 | if "%OS%"=="Windows_NT" setlocal 26 | 27 | set DIRNAME=%~dp0 28 | if "%DIRNAME%" == "" set DIRNAME=. 29 | set APP_BASE_NAME=%~n0 30 | set APP_HOME=%DIRNAME% 31 | 32 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 33 | set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" 34 | 35 | @rem Find java.exe 36 | if defined JAVA_HOME goto findJavaFromJavaHome 37 | 38 | set JAVA_EXE=java.exe 39 | %JAVA_EXE% -version >NUL 2>&1 40 | if "%ERRORLEVEL%" == "0" goto init 41 | 42 | echo. 43 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 44 | echo. 45 | echo Please set the JAVA_HOME variable in your environment to match the 46 | echo location of your Java installation. 47 | 48 | goto fail 49 | 50 | :findJavaFromJavaHome 51 | set JAVA_HOME=%JAVA_HOME:"=% 52 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe 53 | 54 | if exist "%JAVA_EXE%" goto init 55 | 56 | echo. 57 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 58 | echo. 59 | echo Please set the JAVA_HOME variable in your environment to match the 60 | echo location of your Java installation. 61 | 62 | goto fail 63 | 64 | :init 65 | @rem Get command-line arguments, handling Windows variants 66 | 67 | if not "%OS%" == "Windows_NT" goto win9xME_args 68 | 69 | :win9xME_args 70 | @rem Slurp the command line arguments. 71 | set CMD_LINE_ARGS= 72 | set _SKIP=2 73 | 74 | :win9xME_args_slurp 75 | if "x%~1" == "x" goto execute 76 | 77 | set CMD_LINE_ARGS=%* 78 | 79 | :execute 80 | @rem Setup the command line 81 | 82 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar 83 | 84 | @rem Execute Gradle 85 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% 86 | 87 | :end 88 | @rem End local scope for the variables with windows NT shell 89 | if "%ERRORLEVEL%"=="0" goto mainEnd 90 | 91 | :fail 92 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of 93 | rem the _cmd.exe /c_ return code! 94 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 95 | exit /b 1 96 | 97 | :mainEnd 98 | if "%OS%"=="Windows_NT" endlocal 99 | 100 | :omega 101 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/settings.gradle: -------------------------------------------------------------------------------- 1 | rootProject.name = 'thymeleaf-problem' 2 | include 'thymeleaf-problem' 3 | 4 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build.gradle: -------------------------------------------------------------------------------- 1 | dependencies { 2 | testCompile group: 'junit', name: 'junit', version: '4.12' 3 | 4 | compile "org.springframework.boot:spring-boot-starter-web" 5 | compile "org.springframework.boot:spring-boot-starter-thymeleaf" 6 | 7 | compile "org.slf4j:slf4j-api:$slf4jVersion" 8 | compile "org.apache.logging.log4j:log4j-core:$log4jVersion" 9 | compile "org.apache.logging.log4j:log4j-api:$log4jVersion" 10 | compile "org.apache.logging.log4j:log4j-slf4j-impl:$log4jVersion" 11 | 12 | compile "org.apache.commons:commons-lang3:$commonsLangVersion" 13 | 14 | compile "com.fasterxml.jackson.core:jackson-databind:${jacksonVersion}" 15 | compile "com.fasterxml.jackson.core:jackson-core:${jacksonCoreVersion}" 16 | compile "com.fasterxml.jackson.core:jackson-annotations:${jacksonAnnotationsVersion}" 17 | 18 | compile group: 'io.springfox', name: 'springfox-swagger2', version: '2.9.2' 19 | compile group: 'io.springfox', name: 'springfox-swagger-ui', version: '2.9.2' 20 | 21 | implementation "com.auth0:java-jwt:$javaJwt" 22 | } 23 | 24 | 25 | jar { 26 | manifest { 27 | attributes( 28 | 'Main-Class': 'me.threedr3am.auth.AuthApplication' 29 | ) 30 | } 31 | } -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/ThymeleafApplication.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/ThymeleafApplication.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/JWTConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/JWTConfig.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/SessionFilterConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/SessionFilterConfig.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/SwaggerConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/SwaggerConfig.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/URISpelInjectFilterConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/config/URISpelInjectFilterConfig.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/controller/LoginController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/controller/LoginController.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/controller/auth/RoleController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/controller/auth/RoleController.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/controller/auth/UserInfoController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/controller/auth/UserInfoController.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/entity/Result$ResultBuilder.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/entity/Result$ResultBuilder.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/entity/Result.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/entity/Result.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/filter/SessionFilter.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/filter/SessionFilter.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/filter/URISpelInjectFilter.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/classes/java/main/me/threedr3am/thymeleaf/filter/URISpelInjectFilter.class -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/libs/thymeleaf-problem-1.0.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/src/thymeleaf-problem/build/libs/thymeleaf-problem-1.0.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/resources/main/application.yml: -------------------------------------------------------------------------------- 1 | server: 2 | port: 8080 -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/resources/main/templates/home.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 | ???登录成功!但是空白一片怎么办?... 5 |
6 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/resources/main/templates/login-error.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 | 密码错误! 5 |
6 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/resources/main/templates/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 |
5 |
6 | 7 | 8 |
9 |
10 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/build/tmp/bootJar/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | Start-Class: me.threedr3am.thymeleaf.ThymeleafApplication 3 | Spring-Boot-Classes: BOOT-INF/classes/ 4 | Spring-Boot-Lib: BOOT-INF/lib/ 5 | Spring-Boot-Version: 2.2.2.RELEASE 6 | Main-Class: org.springframework.boot.loader.JarLauncher 7 | 8 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/ThymeleafApplication.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | /** 7 | * @author threedr3am 8 | */ 9 | @SpringBootApplication 10 | public class ThymeleafApplication { 11 | 12 | public static void main(String[] args) { 13 | SpringApplication app = new SpringApplication(ThymeleafApplication.class); 14 | app.run(args); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/config/JWTConfig.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.config; 2 | 3 | import com.auth0.jwt.algorithms.Algorithm; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | 7 | /** 8 | * @author jingfeng 9 | */ 10 | @Configuration 11 | public class JWTConfig { 12 | 13 | @Bean 14 | public Algorithm algorithm() { 15 | return Algorithm.HMAC256("admin"); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/config/SessionFilterConfig.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.config; 2 | 3 | import com.auth0.jwt.algorithms.Algorithm; 4 | import java.util.Collections; 5 | import me.threedr3am.thymeleaf.filter.SessionFilter; 6 | import me.threedr3am.thymeleaf.filter.URISpelInjectFilter; 7 | import org.springframework.boot.web.servlet.FilterRegistrationBean; 8 | import org.springframework.context.annotation.Bean; 9 | import org.springframework.context.annotation.Configuration; 10 | 11 | /** 12 | * @author threedr3am 13 | */ 14 | @Configuration 15 | public class SessionFilterConfig { 16 | 17 | @Bean 18 | FilterRegistrationBean sessionFilter(Algorithm algorithm) { 19 | SessionFilter sessionFilter = new SessionFilter(algorithm); 20 | FilterRegistrationBean bean = new FilterRegistrationBean<>(sessionFilter); 21 | bean.setUrlPatterns(Collections.singletonList("/auth/*")); 22 | bean.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE); 23 | return bean; 24 | } 25 | 26 | } 27 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/config/SwaggerConfig.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.config; 2 | 3 | import org.springframework.context.annotation.Configuration; 4 | import springfox.documentation.swagger2.annotations.EnableSwagger2; 5 | 6 | /** 7 | * @author threedr3am 8 | */ 9 | @Configuration 10 | @EnableSwagger2 11 | public class SwaggerConfig { 12 | 13 | } 14 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/config/URISpelInjectFilterConfig.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.config; 2 | 3 | import me.threedr3am.thymeleaf.filter.URISpelInjectFilter; 4 | import java.util.Collections; 5 | import org.springframework.boot.web.servlet.FilterRegistrationBean; 6 | import org.springframework.context.annotation.Bean; 7 | import org.springframework.context.annotation.Configuration; 8 | 9 | /** 10 | * @author threedr3am 11 | */ 12 | @Configuration 13 | public class URISpelInjectFilterConfig { 14 | 15 | @Bean 16 | FilterRegistrationBean uriSpelInjectFilter() { 17 | URISpelInjectFilter uriSpelInjectFilter = new URISpelInjectFilter(); 18 | FilterRegistrationBean bean = new FilterRegistrationBean<>(uriSpelInjectFilter); 19 | bean.setUrlPatterns(Collections.singletonList("/auth/*")); 20 | bean.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE); 21 | return bean; 22 | } 23 | 24 | } 25 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/controller/LoginController.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.controller; 2 | 3 | import com.auth0.jwt.JWT; 4 | import com.auth0.jwt.algorithms.Algorithm; 5 | import com.auth0.jwt.interfaces.Claim; 6 | import com.auth0.jwt.interfaces.DecodedJWT; 7 | import com.auth0.jwt.interfaces.JWTVerifier; 8 | import io.swagger.annotations.Api; 9 | import io.swagger.annotations.ApiOperation; 10 | import java.util.Calendar; 11 | import java.util.Date; 12 | import javax.servlet.http.Cookie; 13 | import javax.servlet.http.HttpServletResponse; 14 | import lombok.extern.slf4j.Slf4j; 15 | import me.threedr3am.thymeleaf.entity.Result; 16 | import org.apache.commons.lang3.StringUtils; 17 | import org.springframework.beans.factory.annotation.Autowired; 18 | import org.springframework.stereotype.Controller; 19 | import org.springframework.web.bind.annotation.CookieValue; 20 | import org.springframework.web.bind.annotation.GetMapping; 21 | import org.springframework.web.bind.annotation.PostMapping; 22 | import org.springframework.web.bind.annotation.RequestMapping; 23 | import org.springframework.web.bind.annotation.RequestParam; 24 | import org.springframework.web.bind.annotation.RestController; 25 | 26 | /** 27 | * @author threedr3am 28 | */ 29 | @Slf4j 30 | @Api("登录相关接口") 31 | @Controller 32 | public class LoginController { 33 | 34 | private Algorithm algorithm; 35 | 36 | @ApiOperation("登录接口") 37 | @PostMapping(value = "/login") 38 | public String login( 39 | @RequestParam(name = "username") String username, @RequestParam(name = "password") String password, 40 | HttpServletResponse response 41 | ) { 42 | if (StringUtils.equals("admin", username) && StringUtils.equals("akdhbquygenjkqndjknamlkndm24i284u2kjsnfjhbwhjebqnlknakjdnakj2428472y4782", password)) { 43 | Date iatDate = new Date(); 44 | 45 | String token = JWT.create() 46 | .withIssuer("XX-Manager") 47 | .withIssuedAt(iatDate) 48 | .withClaim("role", "admin") 49 | .sign(algorithm); 50 | 51 | Cookie cookie = new Cookie("SESSION", token); 52 | cookie.setHttpOnly(true); 53 | cookie.setPath("/"); 54 | cookie.setMaxAge(2 * 60 * 24); 55 | response.addCookie(cookie); 56 | 57 | return "home"; 58 | } 59 | return "login-error"; 60 | } 61 | 62 | @ApiOperation("登录页") 63 | @GetMapping(value = "/login") 64 | public String login( 65 | @CookieValue(value = "SESSION", required = false) String session, 66 | HttpServletResponse response 67 | ) { 68 | if (StringUtils.isEmpty(session)) { 69 | Date iatDate = new Date(); 70 | 71 | String token = JWT.create() 72 | .withIssuer("XX-Manager") 73 | .withIssuedAt(iatDate) 74 | .withClaim("role", "guest") 75 | .sign(algorithm); 76 | 77 | Cookie cookie = new Cookie("SESSION", token); 78 | cookie.setHttpOnly(true); 79 | cookie.setPath("/"); 80 | cookie.setMaxAge(2 * 60 * 24); 81 | response.addCookie(cookie); 82 | session = token; 83 | } 84 | try { 85 | JWTVerifier verifier = JWT.require(algorithm).build(); 86 | DecodedJWT jwt = verifier.verify(session); 87 | Claim roleClaim = jwt.getClaim("role"); 88 | if (!roleClaim.isNull() && StringUtils.equals("admin", roleClaim.asString())) { 89 | return "home"; 90 | } 91 | } catch (Exception e) { 92 | log.error("jwt校验失败"); 93 | } 94 | return "login"; 95 | } 96 | 97 | @Autowired 98 | public LoginController(Algorithm algorithm) { 99 | this.algorithm = algorithm; 100 | } 101 | } 102 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/controller/auth/RoleController.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.controller.auth; 2 | 3 | import io.swagger.annotations.Api; 4 | import io.swagger.annotations.ApiOperation; 5 | import me.threedr3am.thymeleaf.entity.Result; 6 | import org.springframework.stereotype.Controller; 7 | import org.springframework.web.bind.annotation.DeleteMapping; 8 | import org.springframework.web.bind.annotation.GetMapping; 9 | import org.springframework.web.bind.annotation.PathVariable; 10 | import org.springframework.web.bind.annotation.PostMapping; 11 | import org.springframework.web.bind.annotation.PutMapping; 12 | import org.springframework.web.bind.annotation.RequestMapping; 13 | import org.springframework.web.bind.annotation.RequestParam; 14 | import org.springframework.web.bind.annotation.ResponseBody; 15 | 16 | /** 17 | * @author threedr3am 18 | */ 19 | @Api("角色相关接口") 20 | @Controller 21 | @RequestMapping(value = "/auth/role") 22 | public class RoleController { 23 | 24 | @ApiOperation("添加角色") 25 | @ResponseBody 26 | @PutMapping(value = "/{role}") 27 | public Result addRole(@PathVariable(name = "role") String role) { 28 | return Result.builder() 29 | .success(true) 30 | .result(true) 31 | .build(); 32 | } 33 | 34 | @ApiOperation("获取角色信息") 35 | @ResponseBody 36 | @GetMapping(value = "/{role}") 37 | public Result role(@PathVariable(name = "role") String role) { 38 | return Result.builder() 39 | .success(true) 40 | .result(role) 41 | .build(); 42 | } 43 | 44 | @ApiOperation("修改角色信息") 45 | @ResponseBody 46 | @PostMapping(value = "/{role}") 47 | public Result modifyRole( 48 | @PathVariable(name = "role") String role, 49 | @RequestParam(name = "desc") String desc 50 | ) { 51 | return Result.builder() 52 | .success(true) 53 | .result(true) 54 | .build(); 55 | } 56 | 57 | @ApiOperation("删除角色") 58 | @DeleteMapping(value = "/{role}") 59 | public Result deleteRole(@PathVariable(name = "role") String role) { 60 | return Result.builder() 61 | .success(true) 62 | .result(true) 63 | .build(); 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/controller/auth/UserInfoController.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.controller.auth; 2 | 3 | import io.swagger.annotations.Api; 4 | import io.swagger.annotations.ApiOperation; 5 | import me.threedr3am.thymeleaf.entity.Result; 6 | import org.springframework.stereotype.Controller; 7 | import org.springframework.web.bind.annotation.DeleteMapping; 8 | import org.springframework.web.bind.annotation.GetMapping; 9 | import org.springframework.web.bind.annotation.PathVariable; 10 | import org.springframework.web.bind.annotation.PostMapping; 11 | import org.springframework.web.bind.annotation.PutMapping; 12 | import org.springframework.web.bind.annotation.RequestMapping; 13 | import org.springframework.web.bind.annotation.RequestParam; 14 | import org.springframework.web.bind.annotation.ResponseBody; 15 | import org.springframework.web.context.request.RequestContextHolder; 16 | import org.springframework.web.context.request.ServletWebRequest; 17 | 18 | /** 19 | * @author threedr3am 20 | */ 21 | @Api("用户信息相关接口") 22 | @Controller 23 | @RequestMapping(value = "/auth/user") 24 | public class UserInfoController { 25 | 26 | @ApiOperation("添加用户") 27 | @ResponseBody 28 | @PutMapping(value = "/{username}") 29 | public Result addUser(@PathVariable(name = "username") String username) { 30 | return Result.builder() 31 | .success(true) 32 | .result(true) 33 | .build(); 34 | } 35 | 36 | @ApiOperation("获取用户信息") 37 | @ResponseBody 38 | @GetMapping(value = "/{username}") 39 | public Result userInfo(@PathVariable(name = "username") String username) { 40 | return Result.builder() 41 | .success(true) 42 | .result(username) 43 | .build(); 44 | } 45 | 46 | @ApiOperation("修改用户信息") 47 | @ResponseBody 48 | @PostMapping(value = "/{username}") 49 | public Result modifyUser( 50 | @PathVariable(name = "username") String username, 51 | @RequestParam(name = "password") String password, 52 | @RequestParam(name = "phone") String phone, 53 | @RequestParam(name = "addr") String addr 54 | ) { 55 | return Result.builder() 56 | .success(true) 57 | .result(true) 58 | .build(); 59 | } 60 | 61 | @ApiOperation("删除用户") 62 | @DeleteMapping(value = "/{username}") 63 | public void deleteUser(@PathVariable(name = "username") String username) {} 64 | } 65 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/entity/Result.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.entity; 2 | 3 | import io.swagger.annotations.ApiModel; 4 | import io.swagger.annotations.ApiModelProperty; 5 | import java.io.Serializable; 6 | import lombok.Builder; 7 | import lombok.Getter; 8 | import lombok.Setter; 9 | 10 | @ApiModel 11 | @Getter 12 | @Setter 13 | @Builder 14 | public class Result implements Serializable { 15 | 16 | @ApiModelProperty("业务响应数据") 17 | private T result; 18 | private boolean success; 19 | @ApiModelProperty("业务响应信息") 20 | private String message; 21 | @ApiModelProperty("业务响应码") 22 | private Integer code; 23 | } 24 | 25 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/filter/SessionFilter.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.filter; 2 | 3 | import com.auth0.jwt.JWT; 4 | import com.auth0.jwt.algorithms.Algorithm; 5 | import com.auth0.jwt.exceptions.JWTVerificationException; 6 | import com.auth0.jwt.interfaces.Claim; 7 | import com.auth0.jwt.interfaces.DecodedJWT; 8 | import com.auth0.jwt.interfaces.JWTVerifier; 9 | import java.io.IOException; 10 | import javax.servlet.FilterChain; 11 | import javax.servlet.ServletException; 12 | import javax.servlet.http.Cookie; 13 | import javax.servlet.http.HttpServletRequest; 14 | import javax.servlet.http.HttpServletResponse; 15 | import lombok.extern.slf4j.Slf4j; 16 | import org.apache.commons.lang3.StringUtils; 17 | import org.springframework.web.filter.OncePerRequestFilter; 18 | 19 | @Slf4j 20 | public class SessionFilter extends OncePerRequestFilter { 21 | 22 | private Algorithm algorithm; 23 | 24 | public SessionFilter(Algorithm algorithm) { 25 | this.algorithm = algorithm; 26 | } 27 | 28 | @Override 29 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) 30 | throws IOException, ServletException { 31 | Cookie[] cookies = request.getCookies(); 32 | String token = ""; 33 | if (cookies == null) { 34 | noPermission(response); 35 | return; 36 | } 37 | for (Cookie cookie : cookies) { 38 | if ("SESSION".equals(cookie.getName())) { 39 | token = cookie.getValue(); 40 | } 41 | } 42 | if (StringUtils.isEmpty(token)) { 43 | noPermission(response); 44 | return; 45 | } 46 | try { 47 | JWTVerifier verifier = JWT.require(algorithm).build(); 48 | DecodedJWT jwt = verifier.verify(token); 49 | Claim roleClaim = jwt.getClaim("role"); 50 | if (roleClaim.isNull() || !StringUtils.equals("admin", roleClaim.asString())) { 51 | noPermission(response); 52 | return; 53 | } 54 | } catch (JWTVerificationException e) { 55 | log.error("jwt校验失败"); 56 | noPermission(response); 57 | return; 58 | } 59 | filterChain.doFilter(request, response); 60 | } 61 | 62 | private void noPermission(HttpServletResponse response) throws IOException { 63 | response.setContentType("text/html;charset=utf-8"); 64 | response.getOutputStream().write("当前用户无权访问".getBytes("UTF-8")); 65 | response.setStatus(403); 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/java/me/threedr3am/thymeleaf/filter/URISpelInjectFilter.java: -------------------------------------------------------------------------------- 1 | package me.threedr3am.thymeleaf.filter; 2 | 3 | import java.io.IOException; 4 | import java.net.URLDecoder; 5 | import java.util.regex.Pattern; 6 | import javax.servlet.FilterChain; 7 | import javax.servlet.ServletException; 8 | import javax.servlet.http.HttpServletRequest; 9 | import javax.servlet.http.HttpServletResponse; 10 | import org.springframework.web.filter.OncePerRequestFilter; 11 | 12 | /** 13 | * @author threedr3am 14 | */ 15 | public class URISpelInjectFilter extends OncePerRequestFilter { 16 | 17 | private final Pattern pattern = Pattern.compile("'|\""); 18 | 19 | @Override 20 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { 21 | String uri = URLDecoder.decode(request.getRequestURI(), "UTF-8"); 22 | if (pattern.matcher(uri).find()) { 23 | response.getOutputStream().println("You can't input SPEL to URI,unless you can bypass."); 24 | return; 25 | } 26 | filterChain.doFilter(request, response); 27 | } 28 | } 29 | 30 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/resources/application.yml: -------------------------------------------------------------------------------- 1 | server: 2 | port: 8080 -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/resources/templates/home.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 | ???登录成功!但是空白一片怎么办?... 5 |
6 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/resources/templates/login-error.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 | 密码错误! 5 |
6 | -------------------------------------------------------------------------------- /thymeleaf-problem/src/thymeleaf-problem/src/main/resources/templates/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 |
5 |
6 | 7 | 8 |
9 |
10 | -------------------------------------------------------------------------------- /thymeleaf-problem/thymeleaf-problem.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/r3kapig/WCTF-2020/c97523faeee84dc75b7fed02f379b7cbbfe53277/thymeleaf-problem/thymeleaf-problem.jar --------------------------------------------------------------------------------