mirror of
https://github.com/github/codeql.git
synced 2025-12-18 09:43:15 +01:00
34 lines
1.1 KiB
Java
34 lines
1.1 KiB
Java
import bsh.Interpreter;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import org.springframework.scripting.bsh.BshScriptEvaluator;
|
|
import org.springframework.scripting.support.StaticScriptSource;
|
|
import org.springframework.stereotype.Controller;
|
|
import org.springframework.web.bind.annotation.GetMapping;
|
|
|
|
@Controller
|
|
public class BeanShellInjection {
|
|
|
|
@GetMapping(value = "bad1")
|
|
public void bad1(HttpServletRequest request) {
|
|
String code = request.getParameter("code");
|
|
BshScriptEvaluator evaluator = new BshScriptEvaluator();
|
|
evaluator.evaluate(new StaticScriptSource(code)); //bad
|
|
}
|
|
|
|
@GetMapping(value = "bad2")
|
|
public void bad2(HttpServletRequest request) throws Exception {
|
|
String code = request.getParameter("code");
|
|
Interpreter interpreter = new Interpreter();
|
|
interpreter.eval(code); //bad
|
|
}
|
|
|
|
@GetMapping(value = "bad3")
|
|
public void bad3(HttpServletRequest request) {
|
|
String code = request.getParameter("code");
|
|
StaticScriptSource staticScriptSource = new StaticScriptSource("test");
|
|
staticScriptSource.setScript(code);
|
|
BshScriptEvaluator evaluator = new BshScriptEvaluator();
|
|
evaluator.evaluate(staticScriptSource); //bad
|
|
}
|
|
}
|