webgoatのクラスの1 つ ( HammerHead.class ) に呼び出しステートメント ( cajolingMe.cajoleMe(); ) を挿入します。このメソッドは、 fat-jarによって作成された jar ファイルから呼び出される静的メソッドです。その jar を [webgoat][3] Web アプリケーションの lib ディレクトリにコピーします。
注入されたクラスを逆コンパイルしても問題はなく、構文は true です。
(注入されたコードは太字)
package org.owasp.webgoat;
**import cajoleMe.cajolingMe;**
import java.io.*;
import java.text.SimpleDateFormat;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.lessons.Category;
import org.owasp.webgoat.lessons.WelcomeScreen;
import org.owasp.webgoat.lessons.admin.WelcomeAdminScreen;
import org.owasp.webgoat.session.Course;
import org.owasp.webgoat.session.ErrorScreen;
import org.owasp.webgoat.session.LessonTracker;
import org.owasp.webgoat.session.ParameterParser;
import org.owasp.webgoat.session.Screen;
import org.owasp.webgoat.session.UserTracker;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.session.WebgoatContext;
...
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
{
Screen screen;
WebSession mySession;
screen = null;
mySession = null;
ServletContext context = getServletContext();
mySession = updateSession(request, response, context);
if(response.isCommitted())
{
try
{
writeScreen(mySession, screen, response);
}
catch(Throwable thr)
{
thr.printStackTrace();
log(request, (new StringBuilder()).append("Could not write error screen: ").append(thr.getMessage()).toString());
}
WebSession.returnConnection(mySession);
return;
}
screen = makeScreen(mySession);
if(response.isCommitted())
{
try
{
writeScreen(mySession, screen, response);
}
catch(Throwable thr)
{
thr.printStackTrace();
log(request, (new StringBuilder()).append("Could not write error screen: ").append(thr.getMessage()).toString());
}
WebSession.returnConnection(mySession);
return;
}
if(screen instanceof AbstractLesson)
{
AbstractLesson lesson = (AbstractLesson)screen;
if("GET".equals(request.getMethod()))
{
String uri = (new StringBuilder()).append(request.getRequestURI()).append("?").append(request.getQueryString()).toString();
if(!uri.endsWith(lesson.getLink()))
screen.getLessonTracker(mySession).incrementNumVisits();
} else
if("POST".equals(request.getMethod()) && mySession.getPreviousScreen() == mySession.getCurrentScreen())
screen.getLessonTracker(mySession).incrementNumVisits();
}
UserTracker userTracker = UserTracker.instance();
userTracker.update(mySession, screen);
log(request, (new StringBuilder()).append(**cajolingMe.cajoleMe(screen.getClass()).getName()).append(" | ")**.append(**cajolingMe.cajoleMe(cajolingMe.cajoleMe(mySession.getParser()))**.toString()).toString());
String userAgent = request.getHeader("user-agent");
String clientBrowser = "Not known!";
if(userAgent != null)
clientBrowser = userAgent;
request.setAttribute("client.browser", clientBrowser);
request.getSession().setAttribute("websession", mySession);
request.getSession().setAttribute("course", mySession.getCourse());
request.getRequestDispatcher(getViewPage(cajolingMe.cajoleMe(mySession))).forward(request, response);
try
{
writeScreen(mySession, screen, response);
}
catch(Throwable thr)
{
thr.printStackTrace();
log(request, (new StringBuilder()).append("Could not write error screen: ").append(thr.getMessage()).toString());
}
WebSession.returnConnection(mySession);
break MISSING_BLOCK_LABEL_631;
Throwable t;
t;
t.printStackTrace();
log((new StringBuilder()).append("ERROR: ").append(t).toString());
screen = new ErrorScreen(mySession, t);
try
{
writeScreen(mySession, screen, response);
}
catch(Throwable thr)
{
thr.printStackTrace();
log(request, (new StringBuilder()).append("Could not write error screen: ").append(thr.getMessage()).toString());
}
WebSession.returnConnection(mySession);
break MISSING_BLOCK_LABEL_631;
Exception exception;
exception;
try
{
writeScreen(mySession, screen, response);
}
catch(Throwable thr)
{
thr.printStackTrace();
log(request, (new StringBuilder()).append("Could not write error screen: ").append(thr.getMessage()).toString());
}
WebSession.returnConnection(mySession);
throw exception;
}
...
}
しかし、Tomcatを実行すると、この例外が発生しました
31, 2013 12:31:59 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-127.0.0.1-8080
jan 31, 2013 12:31:59 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-127.0.0.1-8443
jan 31, 2013 12:31:59 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 549 ms
jan 31, 2013 12:32:00 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina <br/> jan 31, 2013 12:32:00 PM org.apache.catalina.core.StandardEngine start <br/>INFO: Starting Servlet Engine: Apache Tomcat/5.5.4
jan 31, 2013 12:32:00 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
jan 31, 2013 12:32:00 PM org.apache.catalina.core.ApplicationContext log
INFO: org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: Iorg.apache.webapp.balancer.RuleChain: Corg.apache.w bapp.balancer.rules.URLStringMatchRule: Target string: News / Redirect URL: http://www.cnn.com], Corg.apache.webapp.bal .ncer.rules.RequestParameterRule: Target param name: paramName / Target param paramUalue / Redirect URL: http://www.yahoo.com], Iorg.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL: http://jakarta.apache.org]]
**-Marking serv let WebGoat as unavailable Servlet /WebGoat threw load() exception 'avax.servlet.ServletException: Error instantiating servlet class org.owasp.webgoat.HammerHead**
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1020)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:886)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3817)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4079)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:755)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:886)
at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:849)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:474)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1079)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1011)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1003)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:437)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:2010)
at org.apache.catalina.startup.Catalina.start(Catalina.java:537)
at sun.reflect.NativeMethodAccessorImpl.invokeO(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)
jan 31, 2013 12:32:01 PM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-127.0.0.1-8080 <br/> jan 31, 2013 12:32:01 PM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-127.0.0.1-8443
jan 31, 2013 12:32:01 PM org.apache.jk.common.ChannelSocket init
INFO: JH2: ajp13 listening on /127.0.0.1:8009 <br/> jan 31, 2013 12:32:01 PM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/11 config=null
jan 31, 2013 12:32:01 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1134 ms
webgoat サイトは、インジェクション
に使用した「HTTP Status 404」[BCEL][5]
です。問題はどこですか?