为了验证BinCat是否真的具备了Servlet处理能力,我们写两个测试用例:TestServlet和CMDServlet。
TestServlet示例代码:
package com.anbai.sec.server.test.servlet;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;import java.io.OutputStream;@WebServlet(name = "TestServlet", urlPatterns = "/TestServlet/")public class TestServlet extends HttpServlet {@Overridepublic void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {doPost(request, response);}@Overridepublic void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {OutputStream out = response.getOutputStream();out.write(("Hello....<br/>Request Method:" + request.getMethod() + "<br/>Class:" + this.getClass()).getBytes());}}
浏览器请求http://localhost:8080/TestServlet/:
CMDServlet示例代码:
package com.anbai.sec.server.test.servlet;import org.javaweb.utils.IOUtils;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;import java.io.OutputStream;@WebServlet(name = "CMDServlet", urlPatterns = "/CMD/")public class CMDServlet extends HttpServlet {@Overridepublic void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {doPost(request, response);}@Overridepublic void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {String cmd = request.getParameter("cmd");byte[] bytes = IOUtils.toByteArray(Runtime.getRuntime().exec(cmd).getInputStream());OutputStream out = response.getOutputStream();out.write(bytes);out.flush();out.close();}}
浏览器请求http://localhost:8080/CMD/?cmd=whoami:
使用curl发送POST请求:curl -i localhost:8080/CMD/ -d "cmd=pwd",服务器可以正常接收POST参数,处理结果如图:
请求一个错误服务:
至此,我们已经实现了一个非常初级的Servlet容器了。
Back
若有收获,就点个赞吧
0 人点赞
