ruoyi验证码kaptcha包高危漏洞
文章目录
前言
客户现场扫描除了kaptcha生成验证码的高危漏洞,又不想引入其他生成验证码包避免上线麻烦,又要安全检查等扫描,那就最好手撸验证码出来
一、先把原本生成验证码的依赖包kaptcha注释掉
就是pom.xml文件中的依赖注释掉,原本引入依赖的地方会报红,暂时不管,其余的先不改。
二、改代码
1.引入工具类,这个类很好用,全是用的jdk自带的包,无额外的依赖包引入
代码如下(示例):
package com.ruoyi.web.controller.tool;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.util.Random;
public class RandomValidateCodeUtil {
private static String randNumString = "0123456789";//随机产生只有数字的字符串 private String
private static String randCharString = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";//随机产生只有字母的字符串
private static String randString = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";//随机产生数字与字母组合的字符串
private static int width = 65;// 图片宽
private static int height = 25;// 图片高
private static int lineSize = 40;// 干扰线数量
private static int stringNum = 4;// 随机产生字符数量
private static Random random = new Random();
/**
* 生成随机图片
*/
public static BufferedImage getRandCode(String code) {
BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_BGR);
Graphics g = image.getGraphics();// 产生Image对象的Graphics对象,改对象可以在图像上进行各种绘制操作
g.fillRect(0, 0, width, height);//图片大小
g.setFont(new Font("Times New Roman", Font.ROMAN_BASELINE, 18));//字体大小
g.setColor(getRandColor(110, 133));//字体颜色
// 绘制干扰线
for (int i = 0; i <= lineSize; i++) {
drawLine(g);
}
// 绘制随机字符
for (int i = 1; i <= code.length(); i++) {
drawString(g, String.valueOf(code.charAt(i-1)), i);
}
g.dispose();
return image;
}
/**
* 绘制字符串
*/
private static void drawString(Graphics g, String codeSingle, int i) {
g.setFont(getFont());
g.setColor(new Color(random.nextInt(101), random.nextInt(111), random
.nextInt(121)));
g.translate(random.nextInt(3), random.nextInt(3));
g.drawString(codeSingle, 10 * i, 16);
}
/**
* 绘制干扰线
*/
private static void drawLine(Graphics g) {
int x = random.nextInt(width);
int y = random.nextInt(height);
int xl = random.nextInt(13);
int yl = random.nextInt(15);
g.drawLine(x, y, x + xl, y + yl);
}
/**
* 获取随机的字符
*/
public static String getRandomString(String captchaType) {
String randStringThis = randString;
if ("math".equals(captchaType)) {
randStringThis = randNumString;
} else if ("char".equals(captchaType)) {
randStringThis = randCharString;
}
StringBuilder codeBuilder = new StringBuilder();
for (int i = 0; i < stringNum; i++) {
String codeSingle = String.valueOf(randStringThis.charAt(random.nextInt(randStringThis.length())));
codeBuilder.append(codeSingle);
}
return codeBuilder.toString();
}
/**
* 获得字体
*/
private static Font getFont() {
return new Font("Fixedsys", Font.CENTER_BASELINE, 18);
}
/**
* 获得颜色
*/
private static Color getRandColor(int fc, int bc) {
if (fc > 255) {
fc = 255;
}
if (bc > 255) {
bc = 255;
}
int r = fc + random.nextInt(bc - fc - 16);
int g = fc + random.nextInt(bc - fc - 14);
int b = fc + random.nextInt(bc - fc - 18);
return new Color(r, g, b);
}
}
2.使用工具类生成验证码
代码如下(示例):
@GetMapping("/captchaImage")
public AjaxResult getCode(HttpServletResponse response) throws IOException {
AjaxResult ajax = AjaxResult.success();
// 判断系统的验证码的开关,false就没必要走生成验证码逻辑了
boolean captchaOnOff = configService.selectCaptchaOnOff();
ajax.put("captchaOnOff", captchaOnOff);
if (!captchaOnOff) {
return ajax;
}
// 保存验证码信息
String uuid = IdUtils.simpleUUID();
String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
String capStr = null, code = null;
BufferedImage image = null;
// 获取系统验证类型:纯数字、纯英文、数字+英文
String captchaType = RuoYiConfig.getCaptchaType();
// 获取验证码值
code = RandomValidateCodeUtil.getRandomString(captchaType);
// 获取验证码图片
image = RandomValidateCodeUtil.getRandCode(code);
// 将验证码放入redis中
redisCache.setCacheObject(verifyKey, code, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
// 转换流信息写出
FastByteArrayOutputStream os = new FastByteArrayOutputStream();
try {
ImageIO.write(image, "jpg", os);
} catch (IOException e) {
return AjaxResult.error(e.getMessage());
}
ajax.put("uuid", uuid);
ajax.put("img", Base64.encode(os.toByteArray()));
return ajax;
}
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody){
AjaxResult ajax = AjaxResult.success();
boolean captchaOnOff = configService.selectCaptchaOnOff();
// 验证码开关
if (captchaOnOff) {
loginService.validateCaptcha(loginBody.getUsername(), loginBody.getCode(), loginBody.getUuid());
}
// 生成令牌
String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
loginBody.getUuid(),loginBody.getFingerValue());
ajax.put(Constants.TOKEN, token);
return ajax;
}
// 验证码校验
public void validateCaptcha(String username, String code, String uuid) {
String verifyKey = Constants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
String captcha = redisCache.getCacheObject(verifyKey);
redisCache.deleteObject(verifyKey);
if (captcha == null) {
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
throw new CaptchaExpireException();
}
if (!code.equalsIgnoreCase(captcha)) {
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
throw new CaptchaException();
}
}