update

bewhale · bewhale · commit a7edccfba4a5 · 2022-04-30T11:31:23.000+08:00
diff --git a/docs/0x00 基础知识/index.md b/docs/0x00 基础知识/index.md
@@ -0,0 +1,5 @@
+参考学习  
+https://www.yuque.com/atguigu/springboot
+
+官方文档  
+https://docs.spring.io/spring-boot/docs/current/reference/html/
diff --git a/src/main/java/org/bewhale/javasec/controller/AdminController.java b/src/main/java/org/bewhale/javasec/controller/AdminController.java
@@ -0,0 +1,32 @@
+package org.bewhale.javasec.controller;
+
+import org.bewhale.javasec.model.Admin;
+import org.bewhale.javasec.service.AdminService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+
+@RequestMapping("/admin")
+@Controller
+public class AdminController {
+    @GetMapping("")
+    public String index() {
+        return "admin/adminlogin";
+    }
+
+    @Autowired
+    @SuppressWarnings("all")
+    AdminService adminService;
+
+    @ResponseBody
+    @PostMapping("/login")
+    public String login(@RequestParam(name="username", required =true) String username,
+                        @RequestParam(name="password", required = true) String password){
+
+        Admin admin = adminService.login(username, password);//调用service层抽象类方法,返回一个承接了数据库返回值的实体类
+        if (admin != null) {//很简单的逻辑,返回的只要不是空值就说明是存在的,ok
+            return "welcome adminster!" + admin;//返回一段文本
+        }
+        return "/err";//返回到另一个界面,但是目前还没做
+    }
+}
diff --git a/src/main/java/org/bewhale/javasec/dao/AdminDao.java b/src/main/java/org/bewhale/javasec/dao/AdminDao.java
@@ -0,0 +1,9 @@
+package org.bewhale.javasec.dao;
+
+import org.apache.ibatis.annotations.Mapper;
+import org.bewhale.javasec.model.Admin;
+
+@Mapper
+public interface AdminDao {
+    Admin login(String username, String password);
+}
diff --git a/src/main/java/org/bewhale/javasec/model/Admin.java b/src/main/java/org/bewhale/javasec/model/Admin.java
@@ -0,0 +1,33 @@
+package org.bewhale.javasec.model;
+
+import java.io.Serializable;
+
+public class Admin implements Serializable {
+    String id;
+    String username;
+    String password;
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}
diff --git a/src/main/java/org/bewhale/javasec/service/AdminService.java b/src/main/java/org/bewhale/javasec/service/AdminService.java
@@ -0,0 +1,7 @@
+package org.bewhale.javasec.service;
+
+import org.bewhale.javasec.model.Admin;
+
+public interface AdminService {
+     Admin login(String username, String password);
+}
diff --git a/src/main/java/org/bewhale/javasec/service/impl/AdminServiceImpl.java b/src/main/java/org/bewhale/javasec/service/impl/AdminServiceImpl.java
@@ -0,0 +1,19 @@
+package org.bewhale.javasec.service.impl;
+
+import org.bewhale.javasec.dao.AdminDao;
+import org.bewhale.javasec.model.Admin;
+import org.bewhale.javasec.service.AdminService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AdminServiceImpl implements AdminService {
+    @Autowired
+    AdminDao adminDao;
+
+    @Override
+    public Admin login(String username, String password) {
+        Admin admin = adminDao.login(username, password);
+        return admin;
+    }
+}
diff --git a/src/main/resources/mapper/AdminDaoServiceImpl.xml b/src/main/resources/mapper/AdminDaoServiceImpl.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="org.bewhale.javasec.dao.AdminDao">
+<!--    //注意命名空间就是框架绑定的依据哈-->
+
+    <sql id="base_table">
+        users
+--         //这是定义了一个属性,方便重复利用罢了
+    </sql>
+    <select id="login" resultType="org.bewhale.javasec.model.Admin">
+        select * from
+        <include refid="base_table" />
+        where username=#{username,jdbcType=VARCHAR}
+--         //这就是简单的上个参数和在数据库里的类型,会自动调成实体类能接受的类型
+        and
+        password=#{password,jdbcType=VARCHAR}
+    </select>
+<!--    //这就是核心部分了,id是说和抽象层哪一个方法绑定,返回值把实体类拉进来自动去绑,而且会根据数据库和实体类自动调整哦.-->
+</mapper>
diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html
@@ -0,0 +1,98 @@
+<!doctype html>
+
+<html lang="en" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="UTF-8">
+    <title>Java漏洞靶场</title>
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css">
+</head>
+<body>
+
+<div style="padding: 40px;
+    text-align: center;
+    background: #1abc9c;
+    color: white;">
+    <h1>Java漏洞演示平台</h1>
+    <button class="ui inverted secondary basic button"><a style="color: white" href="https://github.com/tangxiaofeng7/SecExample" target="_blank">靶机源码</a></button>
+</div>
+
+
+<div style="margin-top: 50px;margin-left: 25px;margin-right: 25px" class="ui cards">
+    <div class="card">
+        <div class="content">
+            <div class="header">注入漏洞-SQL注入</div>
+            <div class="description">SQL注入通过把SQL命令插入到Web表单提交或输入域名或页面请求的查询字符串，最终达到欺骗服务器执行指定的SQL语句</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/sql}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+    <div class="card">
+        <div class="content">
+            <div class="header">注入漏洞-命令注入</div>
+            <div class="description">RCE (remote code execution):指用户通过浏览器提交执行命令，由于服务器端没有针对执行函数做过滤，导致在没有指定绝对路径的情况下就执行命令，可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/rce}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+    <div class="card">
+        <div class="content">
+            <div class="header">注入漏洞-spel表达式注入</div>
+            <div class="description">spel表达式注入 (Spring Expression Language):是一种功能强大的表达式语言，用于在运行时查询和操作对象图；语法上称为Unified EL，但提供了更多的特性，特别是方法调用和基本字符SpEL的生成是为了给Spring社区提供一种能够与Spring生态系统所有产品无缝对接，能提供一站式支持的表达式语言。</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/spel}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+    <div class="card">
+        <div class="content">
+            <div class="header">XSS漏洞</div>
+            <div class="description">XSS(Cross Site Scripting):跨站脚本攻击是指恶意攻击者往Web页面里插入恶意Script代码,当用户浏览该页之时,嵌入其中Web里面的Script代码会被执行,从而达到恶意攻击用户的目的</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/xss}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+    <div class="card">
+        <div class="content">
+            <div class="header">CSRF漏洞</div>
+            <div class="description">CSRF(Cross-site request forgery):CSRF，跨站请求伪造，在受害者通过浏览器登录某个恶意URL的时候，通过伪造请求达到跨站请求伪造（常见于商城类网站或者自己开发的会员系统）</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/csrf}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+    <div class="card">
+        <div class="content">
+            <div class="header">SSRF漏洞</div>
+            <div class="description">SSRF(Server-Side Request Forgery):服务器端请求伪造是一种由攻击者构造形成由服务端发起请求的一个安全漏洞。一般情况下，SSRF攻击的目标是从外网无法访问的内部系统。</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/ssrf}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+    <div class="card">
+        <div class="content">
+            <div class="header">CORS漏洞</div>
+            <div class="description">CORS(Cross-origin resource sharing)。因为出于安全的考虑, 浏览器不允许Ajax调用当前源之外的资源.，即浏览器的同源策略，但一个请求url的协议、域名、端口三者之间任意一个与当前页面不同即为跨域、它允许阅览器向跨源服务器发送XMLHttpRequest请求，从而克服AJAX只能同源使用的限制</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/cors1}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+    <div class="card">
+        <div class="content">
+            <div class="header">反序列化漏洞-Fastjson反序列化</div>
+            <div class="description">序列化和反序列化本身并不存在问题。但当输入的反序列化的数据可被用户控制，那么攻击者即可通过构造恶意输入，让反序列化产生非预期的对象，在此过程中执行构造的任意代码。</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/fastjson}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+
+
+    <div class="card">
+        <div class="content">
+            <div class="header">验证码相关漏洞</div>
+            <div class="description">短信回显<br>短信轰炸<br>前端绕过验证<br>验证码爆破</div>
+        </div>
+        <a  class="ui bottom attached button" th:href="@{/messageecho}" ><i class="add icon"></i>测试漏洞</a>
+    </div>
+
+</div>
+
+
+</body>
+</html>
diff --git a/src/main/resources/templates/admin/adminlogin.html b/src/main/resources/templates/admin/adminlogin.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <title>administer,welcome to login Vanchip exam-online system!</title>
+</head>
+<body>
+<form method="post" action="admin/login">
+    <label>welcome! administer!</label>
+    <p>
+        <input type="text" value="请输入您的账户" name="username" id="username">
+    </p>
+    <input type="text" value="请输入您的密码" name="password" id="password">
+    <p>
+        <input type="submit" value="登录" >
+    </p>
+</form>
+</body>
+</html>
