admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-11-06 19:24:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
Penetration_Testing_POC/books/帆软HR系统组合漏洞挖掘过程.html

269 lines
2.8 MiB
HTML
Raw Normal View History

Add files via upload
2024-05-04 17:44:39 +08:00
<!DOCTYPE html> <html lang=en style><!--
Page saved with SingleFile
url: https://xz.aliyun.com/t/14069
--><meta charset=utf-8>
<title>帆软HR系统组合漏洞挖掘过程</title>
<meta name=description content=先知社区,先知安全技术社区>
<meta name=viewport content="width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no">
<style>/*!
* Bootstrap v2.3.1
*
* Copyright 2012 Twitter, Inc
* Licensed under the Apache License v2.0
* http://www.apache.org/licenses/LICENSE-2.0
*
* Designed and built with all the love in the world @twitter by @mdo and @fat.
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}footer{display:block}html{font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}a:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}a:hover,a:active{outline:0}img{height:auto;vertical-align:middle;border:0;-ms-interpolation-mode:bicubic}input{margin:0}button{-webkit-appearance:button}body{margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;color:#333}a{text-decoration:none}a:hover,a:focus{color:#005580;text-decoration:underline}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}.container{width:940px}.span10{width:780px}.container{margin-right:auto;margin-left:auto}.container:before,.container:after{display:table;line-height:0;content:""}.container:after{clear:both}p{margin:0 0 10px}strong{font-weight:bold}.text-right{text-align:right}.text-center{text-align:center}h2,h4{margin:10px 0;font-family:inherit;font-weight:bold;line-height:20px;color:inherit;text-rendering:optimizelegibility}h4{font-size:17.5px}ul{padding:0}hr{margin:20px 0;border:0;border-top:1px solid #eee;border-bottom:1px solid #fff}code{-webkit-border-radius:3px;-moz-border-radius:3px}code{color:#d14}input{font-weight:normal}input{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif}input[type="text"]{display:inline-block;padding:4px 6px;margin-bottom:10px;font-size:14px;line-height:20px;vertical-align:middle;-webkit-border-radius:4px;-moz-border-radius:4px}input{width:206px}input[type="text"]{background-color:#fff;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-webkit-transition:border linear .2s,box-shadow linear .2s;-moz-transition:border linear .2s,box-shadow linear .2s;-o-transition:border linear .2s,box-shadow linear .2s;transition:border linear .2s,box-shadow linear .2s}textarea:focus,input[type="text"]:focus,input[type="password"]:focus,input[type="datetime"]:focus,input[type="datetime-local"]:focus,input[type="date"]:focus,input[type="month"]:focus,input[type="time"]:focus,input[type="week"]:focus,input[type="number"]:focus,input[type="email"]:focus,input[type="url"]:focus,input[type="search"]:focus,input[type="tel"]:focus,input[type="color"]:focus,.uneditable-input:focus{border-color:rgba(82,168,236,0.8);outline:0;outline:thin dotted \9;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6)}input::-webkit-input-placeholder,textarea::-webkit-input-placeholder{color:#999}input{margin-left:0}input:focus:invalid,textarea:focus:invalid,select:focus:invalid{color:#b94a48;border-color:#ee5f5b}input:focus:invalid:focus,textarea:focus:invalid:focus,select:focus:invalid:focus{border-color:#e9322d;-webkit-box-shadow:0 0 6px #f8b9b7;-moz-box-shadow:0 0 6px #f8b9b7;box-shadow:0 0 6px #f8b9b7}.fade{opacity:0;-webkit-transition:opacity .15s linear;-moz-transition:opacity .15s linear;-o-transition:opacity .15s linear}.collapse{position:relative;-webkit-transition:height .35s ease;-moz-transition:height .35s ease;-o-transition:height .35s ease;transition:height .35s ease}.btn{text-shadow:0 1px 1px rgba(255,255,255,0.75);vertical-align:middle;background-image:-moz-linear-gradient(top,#fff,#e6e6e6);background-image:-webkit-gradient(linear,0 0,0 100%,from(#fff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#fff,#e6e6e6);background-image:-o-linear-gradient(top,#fff,#e6e6e6);background-repeat:repeat-x;border:1px solid #ccc;border-bottom-color:#b3b3b3;-webkit-border-radius:4px;-moz-border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05);-moz-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05);box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05)}.btn:hover,.
<style>/*! Editor.md v1.5.0 | editormd.min.css | Open source online markdown editor. | MIT License | By: Pandao | https://github.com/pandao/editor.md | 2015-06-09 *//*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
*/@-webkit-keyframes fa-spin{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*! github-markdown-css | The MIT License (MIT) | Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) | https://github.com/sindresorhus/github-markdown-css */.markdown-body{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;overflow:hidden}.markdown-body *{-moz-box-sizing:border-box}.markdown-body a:active,.markdown-body a:hover{outline:0;text-decoration:underline}.markdown-body>:first-child{margin-top:0 !important}.markdown-body>:last-child{margin-bottom:0 !important}.markdown-body img{-moz-box-sizing:border-box}.markdown-body code:after,.markdown-body code:before{letter-spacing:-.2em;content:" "}/*! Pretty printing styles. Used with prettify.js. */@media screen{}@media screen{}</style>
<style>/*!
* Bootstrap Responsive v2.3.1
*
* Copyright 2012 Twitter, Inc
* Licensed under the Apache License v2.0
* http://www.apache.org/licenses/LICENSE-2.0
*
* Designed and built with all the love in the world @twitter by @mdo and @fat.
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}@-ms-viewport{width:device-width}@media(min-width:768px) and (max-width:979px){}@media(max-width:767px){}@media(min-width:1200px){.row{margin-left:-30px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:30px}.container{width:1170px}.span10{width:970px}input{margin-left:0}}@media(min-width:768px) and (max-width:979px){.row{margin-left:-20px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:20px}.container{width:724px}.span10{width:600px}input{margin-left:0}}@media(max-width:767px){body{padding-right:0px;padding-left:0px}.container{width:auto}.row{margin-left:0}[class*="span"]{display:block;float:none;width:100%;margin-left:0;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.modal{position:fixed;right:20px;left:20px;width:auto;margin:0}.modal.fade{top:-100px}}@media(max-width:480px){.nav-collapse{-webkit-transform:translate3d(0,0,0)}.modal{top:10px;right:10px;left:10px}}@media(max-width:979px){body{padding-top:0}.navbar .container{width:auto;padding:0}.navbar .brand{padding-right:10px;padding-left:10px}.nav-collapse{clear:both}.nav-collapse.collapse{height:0;overflow:hidden}}@media(min-width:980px){.nav-collapse.collapse{height:auto !important;overflow:visible !important}}</style>
<style>li{line-height:26px}a:hover{text-decoration:none}.post-user-action>span{margin-right:10px;line-height:21px;border:0}.post-user-action .i-seprator{color:rgba(0,0,0,0.1);margin:0 2px}.navbar .brand{padding:0;height:50px;margin-left:0;display:inline-block !important;background-repeat:no-repeat;width:120px;background-size:207px 50px;background-image:url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIxLjEuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IuWbvuWxgl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgODAwLjQgMTMwLjQiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDgwMC40IDEzMC40OyIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cgkuc3Qwe2ZpbGw6IzM3M0Q0MTt9Cjwvc3R5bGU+Cjx0aXRsZT7lhYjnn6XmioDmnK/npL7ljLo8L3RpdGxlPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iMCwxMjEuNCAwLDI3LjMgNTYuMywyNy4zIAkiLz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iODkuOSw4LjQgODkuOSwxMDIuNSAzMy41LDEwMi41IAkiLz4KPC9nPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTMwLjcsNTguNGMtMi4zLTEuNC00LjctMi45LTcuMi00LjVjNi02LjksMTAuNy0xNi4yLDE0LjEtMjcuOWw4LjMsMS43Yy0wLjcsMS42LTEuNiwzLjktMi44LDYuOQoJYy0wLjcsMi4zLTEuMywzLjktMS43LDQuOGgxNy41VjI0aDguM3YxNS41aDI5LjZWNDdoLTI5LjZ2MTUuMWgzNC43VjcwaC0yNi41djIxLjNjLTAuMiwzLjQsMS42LDUsNS41LDQuOGg3LjIKCWMzLjIsMC4yLDUuMy0xLjMsNi4yLTQuNWMwLjItMS40LDAuNS00LjEsMC43LTguM2MwLDAuNywwLjEtMC4xLDAuMy0yLjRsNy42LDIuOGMtMC4yLDQuMS0wLjcsNy45LTEuNCwxMS40CgljLTEuNiw2LTUuOCw4LjgtMTIuNyw4LjZoLTEwLjdjLTcuNiwwLjItMTEuMi0zLjItMTEtMTAuM1Y3MC4xaC0xNS44djMuMWMwLDE1LjQtOS4xLDI2LjQtMjcuMiwzM2MtMS40LTIuMS0zLTQuNi00LjgtNy42CglDMTM1LjEsOTQsMTQzLDg1LjQsMTQzLDcyLjhWNzBoLTIyLjd2LTcuOWgzOC41VjQ3aC0yMS4zQzEzNS41LDUxLjEsMTMzLjIsNTQuOSwxMzAuNyw1OC40eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMjEzLjIsNTQuNmMtMC41LTAuMi0xLjItMC43LTIuMS0xLjRjLTEuOC0xLjQtMy4yLTIuMy00LjEtMi44YzQuOC04LjksOC4xLTE3LjksMTAtMjYuOGw3LjYsMS40CgljLTAuNSwxLjgtMS4zLDQuNC0yLjQsNy42Yy0wLjIsMS4yLTAuNSwyLTAuNywyLjRoMjQuMXY3LjJoLTEyYzAsOC43LTAuMSwxNC45LTAuMywxOC42aDE0LjFWNjhoLTE0LjhjMCwyLjMtMC4yLDQuNS0wLjcsNi41CgljMS42LDEuNiwzLjgsNCw2LjUsNy4yYzQuNiw0LjgsOCw4LjYsMTAuMywxMS40bC01LjgsNS4yYy0wLjktMS4yLTIuMy0yLjgtNC4xLTQuOGMtMS44LTIuMy00LjgtNS44LTguOS0xMC43CgljLTIuNSw3LjgtOC40LDE1LjUtMTcuNSwyMy4xYy0yLjMtMi44LTQuMS00LjgtNS41LTYuMmMxMS4yLTguOSwxNy4zLTE5LjUsMTguMi0zMS43aC0xNy4ydi03LjJoMTcuNWMwLjItMy45LDAuMy0xMC4xLDAuMy0xOC42CgloLTYuOUMyMTcuMSw0Ni4zLDIxNS4zLDUwLjQsMjEzLjIsNTQuNnogTTI1MS40LDEwMi43VjMxLjloMzUuOHY3MC41aC04LjN2LTcuNmgtMTkuNnY3LjlDMjU5LjMsMTAyLjcsMjUxLjQsMTAyLjcsMjUxLjQsMTAyLjd6CgkgTTI1OS4zLDM5LjR2NDcuOGgxOS42VjM5LjRIMjU5LjN6Ii8+CjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik0yOTcuMiw4MS4xYy0wLjItMC45LTAuNi0yLjMtMS00LjFjLTAuNy0xLjgtMS4yLTMuMi0xLjQtNC4xYzkuMi02LjIsMTYuNC0xNC4zLDIxLjctMjQuNGgtMTkuNnYtNi45aDI3LjV2Ny4yCgljLTIuNSw1LjUtNS40LDEwLjQtOC42LDE0Ljh2NDIuM2gtNy42VjcyLjFDMzA1LDc1LjEsMzAxLjQsNzguMSwyOTcuMiw4MS4xeiBNMzExLjcsNDAuNWMtMC4yLTAuNS0wLjYtMS4xLTEtMi4xCgljLTIuOC02LTQuNi05LjctNS41LTExLjRsNi45LTMuMWMwLjcsMS4yLDEuOCwzLjMsMy40LDYuNWMxLjYsMywyLjgsNS4yLDMuNCw2LjVMMzExLjcsNDAuNXogTTMyNi44LDgwLjcKCWMtMS42LTIuMS00LjctNS42LTkuMy0xMC43Yy0wLjItMC4yLTAuNS0wLjUtMC43LTAuN2w0LjgtNC41YzIuMSwxLjgsNC45LDQuNiw4LjYsOC4zYzEuMSwxLjIsMS45LDIsMi40LDIuNEwzMjYuOCw4MC43egoJIE0zMjguNSw1Ni42VjQ5aDE4LjZWMjQuM2g4LjN2MjQuOEgzNzV2Ny42aC0xOS42djM5LjJoMjIuNHY2LjloLTUzdi02LjloMjIuNFY1Ni42SDMyOC41eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMzg5LjgsMTAxLjRWMjkuMUg0NjJ2Ny42aC02NC4zdjU3LjhoNjUuN3Y2LjlIMzg5Ljh6IE00NTAuMyw5MC40Yy02LjItNi42LTEyLjYtMTMtMTkuMy0xOC45CgljLTYsNS43LTEzLjQsMTIuMy0yMi40LDE5LjZjLTEuNC0xLjYtMy40LTMuOC02LjItNi41YzguMy01LjcsMTUuOC0xMiwyMi43LTE4LjljLTYuOS02LjQtMTMuOC0xMi43LTIwLjYtMTguOWw2LjItNS4yTDQzMSw2MC4yCgljNS41LTYuMiwxMC45LTEyLjgsMTYuMi0yMGw3LjIsNC41Yy01LjcsNy42LTExLjYsMTQuNC0xNy41LDIwLjZjNi45LDYuNywxMy42LDEzLDIwLjMsMTguOUw0NTAuMyw5MC40eiIvPgo8L3N2Zz4K)}.brand-box{position:absolute}.related-section{min-height:42px;padding:5px 0;margin-top:25px;border-top:1px solid #eee}.related-section>.related-
<style>a{color:#778087}.topic-list p{margin:0}.topic-content{min-height:40px}.collapse form{position:relative;width:300px;float:right}div.search{padding:10px 0}.d1 input{height:20px;padding-left:18px;border:1px solid #ddd;border-radius:15px;outline:0;background:#fff;color:#9e9c9c;float:right}.vote{font-weight:normal;margin-left:6px}.topic-list{word-break:break-all;word-wrap:break-word}ul{margin:0 0 10px 0}/*!*border-bottom: solid #eee 1px;*!*/.user-info{padding:5px 0 5px 0}.topic-info a,.topic-info{padding-top:5px}.topic-info a:hover{text-decoration:solid}.reminder{min-height:200px;border:1px #ddd solid;border-radius:3px;line-height:200px;text-align:center}</style>
<style>body{background-color:#eee}img{max-width:100%}form{margin:0 !important}a:focus{text-decoration:none}.markdown-body p>code{white-space:normal;word-break:break-all;border:none !important}.box ul,ol{margin-bottom:0px !important}.box a:hover{text-decoration:none}.box-container>ul>li{list-style-type:none}#Wrapper .row.box{margin-left:0px}.navbar-inner{border-radius:0px;min-height:40px;padding-right:0px;padding-left:0px;outline:0;margin-bottom:0;list-style:none;z-index:1050;background:#fff;-webkit-box-shadow:0 1px 4px rgba(0,21,41,0.08);box-shadow:0 1px 4px rgba(0,21,41,0.08);line-height:46px;-webkit-transition:background .3s,width .2s;-o-transition:background .3s,width .2s;transition:background .3s,width .2s}.bs-docs-footer{text-align:left;color:#99979c;height:64px;background-color:#FFF;border-top:1px solid rgba(0,0,0,0.22);line-height:64px}.bs-docs-footer .links>a{display:inline-block;padding:0 12px;border-left:1px solid #e8e8e8;color:#8c8c8c;line-height:1}.bs-docs-footer .links>a:first-child{border-left:0}.box-container .user-info{margin-bottom:10px;background:#fff}.content-title{font-size:24px;color:#333;text-decoration:none;line-height:24px;text-shadow:0 1px 0#fff}.markdown-body h2{border-bottom:0}.box-container{padding:20px}.breadcrumb{padding:8px 10px 8px 15px;margin-bottom:10px;border-radius:0;color:#000;background-color:#fff}.breadcrumb>li{text-shadow:none !important;margin:2px 0px}.active{text-shadow:none !important}.breadcrumb .active{color:#555;display:inline-block;text-shadow:none !important}.label{background-color:#f4f4f4;line-height:12px;display:inline-block;padding:4px 4px 4px 4px;-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;text-decoration:none;text-shadow:none;font-weight:normal}.topic-info{color:#999 !important;font-size:12px !important}.topic-info a{padding:0px;color:#555 !important;font-size:12px !important}.topic-info a:hover{color:#4d5256;text-decoration:underline}.topic-info .cell{padding-left:0 !important;margin-left:0px;font-size:10px;font-weight:bold}.markdown-body img{max-width:90% !important;text-align:center;margin-left:auto;margin-right:auto;display:block;padding:10px 0px 10px 0px}.topic-info span{margin-left:0px;font-size:10px;color:rgba(0,0,0,0.45)}.btn{display:inline-block;padding:4px 12px;margin-bottom:0;font-size:14px;line-height:20px;background-color:#f4f4f4;color:#444;border-color:#ddd;font-family:"Helvetica Neue For Number",-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"PingFang SC","Hiragino Sans GB","Microsoft YaHei","Helvetica Neue",Helvetica,Arial,sans-serif;-webkit-box-sizing:border-box;box-sizing:border-box;margin:0;list-style:none;font-weight:400;text-align:center;cursor:pointer;background-image:none;white-space:nowrap;border-radius:2px;height:32px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none}.box{font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.5;color:rgba(0,0,0,0.65);-webkit-box-sizing:border-box;box-sizing:border-box;margin-top:0 !important;margin-bottom:20px;padding:0;list-style:none;background:#fff;border-radius:2px;position:relative;-webkit-transition:all .3s;-o-transition:all .3s;transition:all .3s;-moz-box-shadow:0 1px 1px rgba(0,0,0,0.15);-webkit-box-shadow:0 1px 1px rgba(143,168,191,.35);box-shadow:0 1px 1px rgba(143,168,191,.35);border-bottom:1px solid #e2e2e9}.span10{float:left;min-height:1px}#Wrapper .span10{margin-left:0px !important;max-width:960px}@media(min-width:1200px){.container{width:82% !important}}@media screen and (min-width:1500px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px !important}#Wrapper .span10{max-width:810px !important}}@media screen and (min-width:980px) and (max-width:1499px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px !important}#Wrapper .span10{max-width:74% !important}}@media screen and (min-width:768px) and (max-width:979px)
<style>/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
*/.pull-right{float:right}.pull-left{float:left}@-webkit-keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*! github-markdown-css | The MIT License (MIT) | Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) | https://github.com/sindresorhus/github-markdown-css */.markdown-body{color:#333;font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:15px;line-height:24px;letter-spacing:.05em;word-wrap:break-word}.markdown-body a{background:transparent}.markdown-body a:active,.markdown-body a:hover{outline:0}.markdown-body strong{font-weight:bold}.markdown-body img{border:0}.markdown-body *{-moz-box-sizing:border-box;box-sizing:border-box}.markdown-body a{color:#4183c4;text-decoration:none}.markdown-body a:hover,.markdown-body a:active{text-decoration:underline}.markdown-body code{font-family:Consolas,"Liberation Mono",Menlo,Courier,monospace}.markdown-body>*:first-child{margin-top:0 !important}.markdown-body>*:last-child{margin-bottom:0 !important}.markdown-body h2{position:relative;margin-top:1em;margin-bottom:16px;font-weight:bold}.markdown-body h2{padding-bottom:0em;font-size:24px;line-height:1.225}.markdown-body p{margin-top:0;margin-bottom:24px}.markdown-body img{max-width:100%;-moz-box-sizing:border-box;box-sizing:border-box}.markdown-body code{padding:0;padding-top:.2em;padding-bottom:.2em;margin:0;font-size:85%;background-color:rgba(0,0,0,0.04);border-radius:3px}.markdown-body code:before,.markdown-body code:after{letter-spacing:-0.2em;content:" "}/*! Pretty printing styles. Used with prettify.js. */@media screen{}@media screen{}</style>
<style>@-webkit-keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@media(max-width:800px){}</style>
<!--[if lte IE 8]>
<script src="http://code.jquery.com/jquery-1.11.3.min.js"></script>
<![endif]-->
<!--[if !IE]> -->
<style>#waf_nc_block{position:fixed;width:100%;height:100%;top:0;bottom:0;left:0;z-index:99999}</style><style>@media(pointer:coarse){@media only screen and (max-device-width:1024px){}@media only screen and (max-device-width:414px){}@media only screen and (max-device-width:320px){}}</style><style>@media screen and (max-width:768px){}</style><style>/*!
* Waves v0.7.5
* http://fian.my.id/Waves
*
* Copyright 2014-2016 Alfiana E. Sibuea and other contributors
* Released under the MIT license
* https://github.com/fians/Waves/blob/master/LICENSE
*/</style><style>@media(max-height:620px){}@media(max-height:783px){}@-webkit-keyframes srFadeInUp{0%{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}to{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@keyframes srFadeInUp{0%{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}to{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@-webkit-keyframes srFadeInDown{0%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}to{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}}@keyframes srFadeInDown{0%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}to{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}}</style><style>@-webkit-keyframes fadeOutUp{0%{opacity:1}to{margin-top:0;padding:0;height:0;min-height:0;opacity:0;-webkit-transform:scaleY(0);transform:scaleY(0)}}@keyframes fadeOutUp{0%{opacity:1}to{margin-top:0;padding:0;height:0;min-height:0;opacity:0;-webkit-transform:scaleY(0);transform:scaleY(0)}}@media(pointer:coarse){}</style><style>:root{--sr-annote-color-0:#b4d9fb;--sr-annote-color-1:#ffeb3b;--sr-annote-color-2:#a2e9f2;--sr-annote-color-3:#a1e0ff;--sr-annote-color-4:#a8ea68;--sr-annote-color-5:#ffb7da}</style><style>@-webkit-keyframes sr-annote-slideInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@keyframes sr-annote-slideInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@-webkit-keyframes sr-annote-slideInDown{0%{opacity:1;visibility:visible}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@keyframes sr-annote-slideInDown{0%{opacity:1;visibility:visible}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}</style><style>@-webkit-keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@-webkit-keyframes fadeOutDown{0%{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@keyframes fadeOutDown{0%{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@-webkit-keyframes scaleAnimation{0%{opacity:0;-webkit-transform:scale(1.5);transform:scale(1.5)}to{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@keyframes scaleAnimation{0%{opacity:0;-webkit-transform:scale(1.5);transform:scale(1.5)}to{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@-webkit-keyframes fadeOut{0%{opacity:1}to{opacity:0}}@keyframes fadeOut{0%{opacity:1}to{opacity:0}}@-webkit-keyframes fadeIn{0%{opacity:0}to{opacity:1}}@keyframes fadeIn{0%{opacity:0}to{opacity:1}}@-webkit-keyframes swing{20%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}40%{-webkit-transform:rotate(-10deg);transform:rotate(-10deg)}60%{-webkit-transform:rotate(5deg);transform:rotate(5deg)}80%{-webkit-transform:rotate(-5deg);transform:rotate(-5deg)}to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}@keyframes swing{20%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}40%{-webkit-transform:rotate(-10deg);transform:rotate(-10deg)}60%{-webkit-transform:rotate(5deg);transform:rotate(5deg)}80%{-webkit-transform:rotate(-5deg);transform:rotate(-5deg)}to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}</style><style>@-webkit-keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:transl
<body>
<div class="navbar navbar-default">
<div class=navbar-inner>
<div class=container style=text-align:center;position:relative>
<!--[if lte IE 8]>
<span style="display:inline-block;margin:0 auto;color:red;">为了更好的体验请使用IE10及以上版本</span>
<![endif]-->
<div class=brand-box>
<a class=brand href=https://xz.aliyun.com/tab/1></a>
</div>
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F14069&amp;from_type=xianzhi" class="pull-right anonymous-user hh_loding sf-hidden">
登录</a>
<div class="nav-collapse collapse">
<div class="search d1 text-right">
<form action=/search>
<input type=text placeholder=搜索 name=keyword value>
</form>
</div>
</div>
</div>
</div>
</div>
<div id=Wrapper class=container>
<div class=row2>
<div class=span10>
<div class="row box content" width="1200px !important" style=width:1200px>
<div class=box-container>
<div class=main-topic>
<div class="clearfix user-info topic-list">
<p><span class=content-title>某HR系统组合漏洞挖掘过程</span>
</p>
<div class=topic-info>
<span class=info-left>
<a href=https://xz.aliyun.com/u/55673>
<span class="username cell"> Ha1ey</span></a> <span class=i-seprator> / </span>
<span> 2024-03-11 10:01:19</span><span class=i-seprator> / </span>
<span>发表于北京 / </span>
<span>浏览数 908</span>
<span class=content-node>
<span class="label label-default label-node-first">
<a href=https://xz.aliyun.com/tab/4>社区板块</a></span>
<span class="label label-default">
<a href=https://xz.aliyun.com/node/1>漏洞分析</a></span>
</span>
</span>
<span class="pull-right t-vote cell info-right"><a class="vote vote-up" href=javascript:void(0)>
顶(0)</a>
<a class="vote vote-down" href=javascript:void(0)>
踩(0)</a></span>
</div>
</div>
<hr>
<div id=topic_content class="topic-content markdown-body">
<p>Ha1ey@深蓝攻防实验室</p>
<h2 id=toc-0>前言</h2>
<p>某天在项目中遇到一个奇怪的人才管理系统fofa跑了一下发现用的还挺多所以就有了后面的审计过程。在互联网翻到一份过期的源码本地搭建起来开始审计。</p>
<h2 id=toc-1>审计过程</h2>
<p>先看一下常见的RCE漏洞发现这套系统大量的代码调用了<code>beetl</code>这个库这个库是国内一个大佬开发的模板引擎类似freemarker。</p>
<p>找到这套模板引擎漏洞触发点在<code>GroupTemplate#getTemplate</code>,全局搜了一下调用点发现在<code>ComputationRuleUtil#getValue</code>这个方法中有一处调用并且没有写死模版内容,其他多处都写死了模板内容。</p>
<p><a id=img0 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095802-cb35f544-df4a-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABpgAAAKQCAYAAACLu3kmAAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU8
<p>可以看到该方法中拼接了<code>s2</code>s2最终是来自于<code>String src</code>这个参数,期间被<code>rule</code>方法做了处理,观察<code>rule</code>方法可以发现,当我们传入的第一个字符串参数不包含<code>@sum</code><code>@avg</code>就会直接返回我们传入的参数</p>
<p><a id=img1 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095813-d1f9ceb4-df4a-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABtoAAARqCAYAAADGLaH+AAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU
<p>下面全局搜索哪里调用了<code>ComputationRuleUtil#getValue</code>这个方法。</p>
<p><a id=img2 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095825-d8e24bfc-df4a-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABfYAAAIoCAYAAAAr7rr8AAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU8
<p>找到<code>PerformanceIndicatorServiceImpl#checkRule</code>方法中有调用,参数也是从外部接收的</p>
<p><a id=img3 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095835-dec4266c-df4a-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABxIAAAXMCAYAAAAF+cksAAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU
<p>继续查找<code>checkRule</code>的调用位置,定位到入口点<code>/checkRule</code>,到此请求参数<code>rule</code>并未发现任何过滤。</p>
<p><a id=img4 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095845-e49ce056-df4a-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABg4AAAGGCAYAAACjaXqTAAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU8
<p>后面看了一下shiro的鉴权配置发现该接口并不是前台的。</p>
<p><a id=img5 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095854-ea48ac7e-df4a-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABoYAAAR6CAYAAABm08WjAAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU8
<p>后面看了一下项目用的spring是低版本的存在一个登录绕过漏洞可以通过<code>/druid/../xxxx</code>形式直接访问我们找到的后台路由。构造回显效果如下</p>
<p><a id=img6 href=https://xzfile.aliyuncs.com/media/upload/picture/20240311095921-fa82c566-df4a-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACTQAAATaCAYAAABmNHuPAAAMQWlDQ1BJQ0MgUHJvZmlsZQAAeJyVVwdYU8kWnluSkEBooUsJvQkCUgJICaEFkF4EUQlJgFBiDAQVO7Ko4FpQsYANXRVR7IBYUMTOotj7YkFBWRcLduVNCui6r3xvvm/u/PefM/85c+7MvXcAUDvBEYlyUXUA8oQF4tiQAPq45BQ6qQegQAPoAnvgzOHmi5jR0REAlqH27+XdDYBI26sOUq1/9v/XosHj53MBQKIhTuflc/MgPggAXs0ViQsAIEp586kFIimGFWiJYYAQL5TiTDmuluJ0Od4rs4mPZUHcBoCSCocjzgRA9TLk6YXcTKih2g+xk5AnEAKgRofYNy9vMg/iNIhtoI0IYqk+I/0Hncy/aaYPa3I4mcNYPhdZUQoU5ItyOdP/z3T875KXKxnyYQWrSpY4NFY6Z5i3WzmTw6VYBeI+YXpkFMSaEH8Q8GT2EKOULElogtweNeTms2DOgA7ETjxOYDjEhhAHC3MjIxR8eoYgmA0xXCHoNEEBOx5iPYgX8vOD4hQ2m8STYxW+0IYMMYup4M9xxDK/Ul8PJDkJTIX+6yw+W6GPqRZlxSdBTIHYolCQGAmxKsSO+Tlx4QqbMUVZrMghG7EkVhq/BcSxfGFIgFwfK8wQB8cq7Mvy8ofmi23KErAjFXh/QVZ8qDw/WBuXI4sfzgW7zBcyE4Z0+PnjIobmwuMHBsnnjvXwhQlxCp0PooKAWPlYnCLKjVbY42b83BApbwaxa35hnGIsnlgAF6RcH88QFUTHy+PEi7I5YdHyePBlIAKwQCCgAwms6WAyyAaCjr7GPngn7wkGHCAGmYAPHBTM0IgkWY8QXuNAEfgTIj7IHx4XIOvlg0LIfx1m5VcHkCHrLZSNyAFPIc4D4SAX3ktko4TD3hLBE8gI/uGdAysXxpsLq7T/3/ND7HeGCZkIBSMZ8khXG7IkBhEDiaHEYKItboD74t54BLz6w+qCM3DPoXl8tyc8JXQSHhGuE7oItycJisU/RTkWdEH9YEUu0n/MBW4FNd3wANwHqkNlXAc3AA64K/TDxP2gZzfIshRxS7NC/0n7bzP44Wko7MhOZJSsS/Yn2/w8UtVO1W1YRZrrH/MjjzV9ON+s4Z6f/bN+yD4PtuE/W2ILsQPYWewkdh47ijUCOtaCNWHt2DEpHl5dT2Sra8hbrCyeHKgj+Ie/oScrzWS+U51Tr9MXeV8Bf5r0HQ1Yk0XTxYLMrAI6E34R+HS2kOs4ku7i5OIKgPT7In99vYmRfTcQnfbv3Pw/APBpGRwcPPKdC2sBYJ8H3P6Hv3M2DPjpUAbg3GGuRFwo53DphQDfEmpwp+kDY2AObOB8XIA78Ab+IAiEgSgQD5LBRBh9FlznYjAVzATzQCkoB8vAKrAObARbwA6wG+wHjeAoOAnOgIvgMrgO7sLV0w1egH7wDnxGEISEUBEaoo+YIJaIPeKCMBBfJAiJQGKRZCQNyUSEiASZicxHypEKZB2yGalF9iGHkZPIeaQTuY08RHqR18gnFENVUC3UCLVCR6EMlImGo/HoBDQTnYIWoSXoEnQNWoPuQhvQk+hF9Drahb5ABzCAKWM6mCnmgDEwFhaFpWAZmBibjZVhlVgNVo81w+d8FevC+rCPOBGn4XTcAa7gUDwB5+JT8Nn4YnwdvgNvwNvwq/hDvB//RqASDAn2BC8CmzCOkEmYSiglVBK2EQ4RTsO91E14RyQSdYjWRA+4F5OJ2cQZxMXE9cQ9xBPETuJj4gCJRNIn2ZN8SFEkDqmAVEpaS9pFaiFdIXWTPigpK5kouSgFK6UoCZWKlSqVdiodV7qi9EzpM1mdbEn2IkeReeTp5KXkreRm8iVyN/kzRYNiTfGhxFOyKfMoayj1lNOUe5Q3ysrKZsqeyjHKAuW5ymuU9yqfU36o/FFFU8VOhaWSqiJRWaKyXeWEym2VN1Qq1YrqT02hFlCXUGupp6gPqB9UaaqOqmxVnuoc1SrVBtUrqi/VyGqWaky1iWpFapVqB9QuqfWpk9Wt1FnqHPXZ6lXqh9Vvqg9o0DScNaI08jQWa+zUOK/Ro0nStNIM0uRplmhu0Tyl+ZiG0cxpLBqXNp+2lXaa1q1F1LLWYmtla5Vr7dbq0OrX1tR21U7UnqZdpX1Mu0sH07HSYevk6izV2a9zQ+eTrpEuU5evu0i3XveK7nu9EXr+eny9Mr09etf1PunT9YP0c/SX6zfq3zfADewMYgymGmwwOG3QN0JrhPcI7oiyEftH3DFEDe0MYw1nGG4xbDccMDI2CjESGa01OmXUZ6xj7G+cbbzS+LhxrwnNxNdEYLLSpMXkOV2bzqTn0tfQ2+j9poamoaYS082mHaafzazNEsyKzfaY3TenmDPMM8xXmrea91uYWIy1mGlRZ3HHkmzJsMyyXG151vK9lbVVktUCq0arHms9a7Z1kXWd9T0bqo2fzRSbGptrtkRbhm2O7Xrby3aonZtdll2V3SV71N7dXmC/3r5zJGGk50jhyJqRNx1UHJgOhQ51Dg8ddRwjHIsdGx1fjrIYlTJq+aizo745uTnlOm11uuus6RzmXOzc7Pzaxc6F61Llcm00dXTw6Dmjm0a/crV35btucL3lRnMb67bArdXtq7uHu9i93r3Xw8IjzaPa4yZDixHNWMw450nwDPCc43nU86OXu1eB136vv7wdvHO8d3r3jLEewx+zdcxjHzMfjs9mny5fum+a7ybfLj9TP45fjd8jf3N/nv82/2dMW2Y2cxfzZYBTgDjgUMB7lhdrFutEIBYYElgW2BGkGZQQtC7oQbBZcGZwXXB/iFvIjJAToYTQ8NDloTfZRmwuu5bdH+YRNiusLVwlPC58XfijCLsIcUTzWHRs2NgVY+9FWkYKIxujQBQ7akXU/Wjr6CnRR2KIMdExVTFPY51jZ8aejaPFTYrbGfcuPiB+afzdBJsESUJrolpiamJt4vukwKSKpK5xo8bNGncx2SBZkNyUQkpJTNmWMjA+aPyq8d2pbqmlqTcmWE+YNuH8RIOJuROPTVKbxJl0II2QlpS2M+0LJ4pTwxlIZ6dXp/dzWdzV3Bc8f95KXi/fh1/Bf5bhk1GR0ZPpk7kiszfLL6syq0/AEqwTvMoOzd6Y/T4nKmd7zmBuUu6ePKW8tLzDQk1hjrBtsvHkaZM7RfaiUlHXFK8pq6b0i8PF2/KR/An5TQVa8Ee+XWIj+UXysNC3sKrww9TEqQemaUwTTmufbjd90fRnRcFFv83AZ3BntM40nTlv5sNZzFmbZyOz02e3zjGfUzKne27I3B3zKPNy5v1e7FRcUfx2ftL85hKjkrklj38J+aWuVLVUXHpzgfeCjQvxhYKFHYtGL1q76FsZr+xCuVN5ZfmXxdzFF351/nXNr4NLMpZ0LHVfumEZcZlw2Y3lfst3VGhUFFU8XjF2RcNK+sqylW9XTVp1vtK1cuNqymrJ6q41EWua1lqsXbb2y7qsdderAqr2VBtWL6p+v563/soG/w31G402lm/8tEmw6dbmkM0NNVY1lVuIWwq3PN2auPXsb4zfarcZbCvf9nW7cHvXjtgdbbUetbU7DXcurUPrJHW9u1J3Xd4duLup3qF+8x6dPeV7wV7J3uf70vbd2B++v/UA40D9QcuD1Ydoh8oakIbpDf2NWY1dTclNnYfDDrc2ezcfOuJ4ZPtR06NVx7SPLT1OOV5yfLClqGXghOhE38nMk49bJ7XePTXu1LW2mLaO0+Gnz50JPnPqLPNsyzmfc0fPe50/fIFxofGi+8WGdrf2Q7+7/X6ow72j4ZLHpabLnpebO8d0Hr/id+Xk1cCrZ66xr128Hnm980bCjVs3U2923eLd6rmde/vVncI7n+/OvUe4V3Zf/X7lA8MHNX/Y/rGny73r2MPAh+2P4h7dfcx9/OJJ/pMv3SVPqU
<p>由于beetl高版本有黑名单过滤常见命令执行的payload这里可以利用反射加载js去构造。</p>
<p><strong>声明:该漏洞已通报给相关单位修复,本文章仅供代码审计学习</strong></p>
</div>
<div class=post-user-action style=margin-top:34px>
<span class="btn btn-default pull-right" id=mark data-action=topic data-pk=14069>
<span id=mark-text>点击收藏 </span><span class=i-seprator> | </span><span id=mark-count>0</span>
</span>
<span class="btn btn-default pull-right" id=follow_topic data-pk=14069>
<span>关注</span><span class=i-seprator> | </span><span id=follow-count>1</span>
</span>
<span class="btn btn-default pull-right">
<span>
<span id=ready_reward data-toggle=modal data-target=#myModal>打赏</span>
</span>
</span>
<div class=clearfix></div>
</div>
<div class=related-section>
<div class=related-box>
<span><a class=pull-left href=https://xz.aliyun.com/t/14067 title=【翻译】GhostSec的联合勒索活动及其武器库的演变><span class=related-label style="padding:3px 4px;margin-right:3px">上一篇:</span>【翻译】GhostSec的联合勒索...</a></span>
<span><a class=pull-left href=https://xz.aliyun.com/t/14070 title=DeFi技术及其安全风险浅析><span class=related-label>下一篇:</span>DeFi技术及其安全风险浅析</a></span>
</div>
</div>
</div>
</div>
</div>
<div class="modal fade" id=myModal role=dialog aria-labelledby=myModalLabel aria-hidden=true>
<div class=modal-dialog>
<div class=modal-content>
<div class=modal-header>
<h4 class=modal-title id=myModalLabel style=text-align:center>
积分打赏
</h4>
</div>
<div class=modal-body id=button-value>
<div style=text-align:center>
<div role=group>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type1>
1分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type2>
2分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type3>
5分
</button>
</div>
<br>
<div style=margin-top:20px>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type4>
8分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type5>
10分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type6>
20分
</button>
</div>
</div>
</div>
<div class=modal-footer id=confirm>
<button type=button class="btn btn-default" data-dismiss=modal>关闭</button>
<button type=button class="btn btn-primary" id=reward_topic data-pk=14069>确定</button>
</div>
</div>
</div>
</div>
<div class="row box">
<ol class=breadcrumb>
<li class=active>0 条回复</li>
</ol>
<div class="box-container post-container">
<ul>
<li style=min-height:50px;line-height:60px;margin-left:15px><strong>动动手指,沙发就是你的了!</strong></li>
</ul>
</div>
</div>
<div class="row box" id=reply-box>
<div class="box-container clearfix">
<div class=reminder>
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F14069&amp;from_type=xianzhi"><strong>登录</strong></a> 后跟帖
</div>
</div>
</div>
</div>
</div>
</div>
<footer class=bs-docs-footer>
<div class="container text-center">
<div class=links>
<a href=https://xz.aliyun.com/feed target=_blank>RSS</a>
<a href=https://xz.aliyun.com/about target=_blank><span>关于社区</span></a>
<a href=https://xz.aliyun.com/partner target=_blank><span>友情链接</span></a>
<a href=https://xz.aliyun.com/notice>社区小黑板</a>
<a href=https://xz.aliyun.com/connection>联系我们</a>
<a href=https://report.aliyun.com/ target=_blank>举报中心</a>
<a href=https://www.aliyun.com/complaint target=_blank>我要投诉</a>
</div>
</div>
</footer>
<div id=waf_nc_block style=display:none></div><div style="padding:0px;margin:3px 3px 20px;background:padding-box padding-box #f8f8ff;border:3px solid rgba(242,242,242,0.6);border-radius:2px;box-shadow:#666666 0px 0px 2px;visibility:visible;display:none;z-index:2147483647;inset:0px auto auto 282px;width:0px;height:0px;position:fixed !important;box-sizing:content-box !important;max-width:none !important;max-height:none !important"></div><img alt draggable=false src=data:, style="padding:5px;background-clip:padding-box;width:38px;height:38px;z-index:2147483647;display:none;inset:auto;margin:0px;transition:background-color .5s ease 0s,opacity .2s ease 0s,top .15s ease-out 0s,left .15s ease-out 0s;border-radius:50% !important;box-shadow:#a6a6a6 0px 0px 5px 1px !important;position:fixed !important;box-sizing:border-box !important;opacity:0;background-color:#ffffff">
Reference in New Issue Copy Permalink