滲透測試,form對象類型轉換,簡單demo
阿新 • • 發佈:2018-02-05
urn etc pac lang exceptio obj string tostring treemap
最近公司的項目在進行國家某行業的安全檢測,涉及到項目安全滲透等方面的問題;
參與項目的滲透等改造,是一個機遇與挑戰,今後對與項目安全等方面會思考更多;
下面說說form表單對象提交,為了防止抓包,後臺做的類型轉化;一個簡單的DEMO思路
1、數據庫對象bean,屬相與數據庫中字段相同,有Integer,Boolean,Double等類型
2、form表單的對象formbean,所有屬性都是String
3、將formbean的值賦值到bean對象,在賦值過程中對數據的安全性(類型轉化的問題)進行判斷,
form對象
1 package february.week1.safe; 2/** 3 * Description: form表單的數據類型 4 * @Package february.week1.safe 5 * @author BIQI IS BEST 6 * @date 2018年2月5日 上午10:38:33 7 */ 8 public class PersonForm { 9 10 private String name; 11 12 private String sex; 13 14 private String age; 15 16 privateString phoneNumber; 17 18 private String salary; 19 20 public PersonForm(String name, String sex, String age, String phoneNumber, String salary) { 21 super(); 22 this.name = name; 23 this.sex = sex; 24 this.age = age; 25 this.phoneNumber = phoneNumber;26 this.salary = salary; 27 } 28 29 public PersonForm() { 30 super(); 31 } 32 33 34 public String getName() { 35 return name; 36 } 37 38 public void setName(String name) { 39 this.name = name; 40 } 41 42 public String getSex() { 43 return sex; 44 } 45 46 public void setSex(String sex) { 47 this.sex = sex; 48 } 49 50 public String getAge() { 51 return age; 52 } 53 54 public void setAge(String age) { 55 this.age = age; 56 } 57 58 public String getPhoneNumber() { 59 return phoneNumber; 60 } 61 62 public void setPhoneNumber(String phoneNumber) { 63 this.phoneNumber = phoneNumber; 64 } 65 66 public String getSalary() { 67 return salary; 68 } 69 70 public void setSalary(String salary) { 71 this.salary = salary; 72 } 73 74 @Override 75 public String toString() { 76 return "PersonForm [name=" + name + ", sex=" + sex + ", age=" + age + ", phoneNumber=" + phoneNumber 77 + ", salary=" + salary + "]"; 78 } 83 84 }
後臺對象:
1 package february.week1.safe; 2 /** 3 * Description: 後臺類型 4 * @Package february.week1.safe 5 * @author BIQI IS BEST 6 * @date 2018年2月5日 上午10:38:33 7 */ 8 public class Person { 9 10 private String name; 11 12 private String sex; 13 14 private Integer age; 15 16 private String phoneNumber; 17 18 private Double salary; 19 20 public Person() { 21 super(); 22 } 23 24 public Person(String name, String sex, Integer age, String phoneNumber, Double salary) { 25 super(); 26 this.name = name; 27 this.sex = sex; 28 this.age = age; 29 this.phoneNumber = phoneNumber; 30 this.salary = salary; 31 } 32 33 public String getName() { 34 return name; 35 } 36 37 public void setName(String name) { 38 this.name = name; 39 } 40 41 public String getSex() { 42 return sex; 43 } 44 45 public void setSex(String sex) { 46 this.sex = sex; 47 } 48 49 public Integer getAge() { 50 return age; 51 } 52 53 public void setAge(Integer age) { 54 this.age = age; 55 } 56 57 public String getPhoneNumber() { 58 return phoneNumber; 59 } 60 61 public void setPhoneNumber(String phoneNumber) { 62 this.phoneNumber = phoneNumber; 63 } 64 65 public Double getSalary() { 66 return salary; 67 } 68 69 public void setSalary(Double salary) { 70 this.salary = salary; 71 } 72 73 @Override 74 public String toString() { 75 return "Person [name=" + name + ", sex=" + sex + ", age=" + age + ", phoneNumber=" + phoneNumber + ", salary=" 76 + salary + "]"; 77 } 78 79 80 81 }
測試的類:
1 package february.week1.safe; 2 /** 3 * Description: 轉化字段的屬性,並且捕獲異常 4 * form表單提交時候,數據類型不一致的問題,防止滲透 5 * @Package february.week1.safe 6 * @author BIQI IS BEST 7 * @date 2018年2月5日 上午10:38:33 8 */ 9 10 import java.lang.reflect.Field; 11 import java.lang.reflect.Method; 12 import java.util.HashMap; 13 import java.util.Map; 14 15 public class ChangeFilterType { 16 17 public static void main(String[] args) { 18 PersonForm personForm = new PersonForm(); 19 personForm.setName("10"); 20 personForm.setSalary("1212123"); 21 personForm.setAge("qwe"); 22 Person person2 = new Person(); 23 changeFilter(personForm,person2); 24 } 25 26 private static boolean changeFilter(Object objectForm,Object object2){ 27 Map<String, String> map = getObjectFiled(objectForm); 28 try { 29 putValueToBean(map,object2); 30 } catch (Exception e) { 31 System.out.println(e.toString()); 32 } 33 System.out.println(object2.toString()); 34 return false; 35 } 36 37 38 /** 39 * Description: 獲得屬性的map,以及屬性的值 40 * @param bean 41 * @return 42 * @author BIQI 2018年2月5日 下午2:22:31 43 * @return TreeMap<String,String> @throws 44 */ 45 private static Map<String, String> getObjectFiled(Object bean){ 46 Map<String, String> map = new HashMap<>(30); 47 Field[] fields = bean.getClass().getDeclaredFields(); 48 for(Field field:fields){ 49 // System.out.println(field.getName()); 50 // System.out.println(field.getType().toString()); 51 // System.out.println(getFieldValueByName(field.getName(),bean)); 52 map.put(field.getName(), (String) getFieldValueByName(field.getName(),bean)); 53 } 54 return map; 55 } 56 57 /** 58 * Description: 屬性的值 59 * @param fieldName 60 * @param bean 61 * @return 62 * @author BIQI 2018年2月5日 上午11:23:15 63 * @return Object @throws 64 */ 65 private static Object getFieldValueByName(String fieldName, Object bean) { 66 try { 67 String firstLetter = fieldName.substring(0, 1).toUpperCase(); 68 String getter = "get" + firstLetter + fieldName.substring(1); 69 Method method = bean.getClass().getMethod(getter, new Class[] {}); 70 Object value = method.invoke(bean, new Object[] {}); 71 return value; 72 } catch (Exception e) { 73 return null; 74 } 75 } 76 77 /** 78 * Description: 屬性的轉化 值的傳入 79 * @param treeMap 80 * @param bean 81 * @author BIQI 2018年2月5日 上午11:55:52 82 * @return void @throws 83 * @throws Exception 84 */ 85 public static void putValueToBean(Map<String, String> treeMap,Object bean) throws Exception{ 86 87 Field[] fields = bean.getClass().getDeclaredFields(); 88 // 屬性的長度判斷 89 if (fields.length!= treeMap.size()) { 90 System.out.println("轉換的對象不對"); 91 throw new Exception("轉換的對象不對"); 92 } 93 94 for(Field field:fields){ 95 String fieldName = field.getName(); 96 String fieldValue = treeMap.get(fieldName); 97 String firstLetter = fieldName.substring(0, 1).toUpperCase(); 98 String setter = "set" + firstLetter + fieldName.substring(1); 99 100 Method method = bean.getClass().getMethod(setter, field.getType()); 101 String type = field.getType().toString(); 102 try { 103 if ("class java.lang.String".equals(type)) { 104 method.invoke(bean,fieldValue); 105 } 106 if ("class java.lang.Integer".equals(type)) { 107 if (null == fieldValue || "".equals(fieldValue)) { 108 method.invoke(bean,0); 109 continue; 110 } 111 Integer temp = Integer.valueOf(fieldValue); 112 method.invoke(bean,temp); 113 } 114 if ("class java.lang.Double".equals(type)) { 115 if (null == fieldValue || "".equals(fieldValue)) { 116 method.invoke(bean,0); 117 continue; 118 } 119 Double temp = Double.valueOf(fieldValue); 120 method.invoke(bean,temp); 121 } 122 //其他的類型if(....){} 123 } catch (Exception e) { 124 throw new Exception("轉換("+bean.getClass().getName()+")的屬性:"+fieldName+" 值"+fieldValue+" 出現問題"); 125 } 126 } 127 } 128 129 130 }
滲透測試,form對象類型轉換,簡單demo