安装java环境,搭建Tomcat,版本 apache-tomcat-9.0.0.M26
启动Tomcat:
解决不能远程访问问题(访问403)
\Tomcat 9.0\conf\tomcat-user.xml 补充
<role rolename="manager"/>
<role rolename="manager-gui"/>
<role rolename="admin"/>
<role rolename="admin-gui"/>
<role rolename="manager-script"/>
<user username="tomcat" password="tomcat" roles="admin-gui,admin,manager-gui,manager,manager-script"/>
\Apache Software Foundation\Tomcat 9.0\webapps\manager\META-INF\context.xml 添加注释来修改限制访问地址
<!--注释这里,去除对访问权限的设置
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
下载Struts2历史版本Struts2-2.0.1,下载地址https://archive.apache.org/dist/struts/binaries/
上传war包,访问,
上传成功
访问http://127.0.0.1:8080/struts2-showcase-2.0.1/validation/quizBasic.action
根据validation验证的配置文件,name必须为string,age为int类型,且范围在13到19,然后用age出发错误,用name做代码注入
<validators>
<field name="name">
<field-validator type="requiredstring">
<message>You must enter a name</message>
</field-validator>
</field>
<field name="age">
<field-validator type="int">
<param name="min">13</param>
<param name="max">19</param>
<message>Only people ages 13 to 19 may take this quiz</message>
</field-validator>
</field>
</validators>
提交name=%{7*7},age=12
尝试获取Tomcat路径
漏洞成因: