//这个以前在空间里有简要说明过这个常见的小问题,也把它搬到乌云来放在一起,以后好找点!

Java异常处理机制(Exception)简要说明:Java中它是由Trowable类的两个子类的两大部分组成,Error类和Exception类。Error是不推荐捕获的(请查看Java异常处理机制中Error与Exception的区别),而Exception类除了子类RuntimeException是不能被捕获,其他子类的异常必须捕获,简单来讲,就产生异常信息了。

但Exception产生异常信息的过程有个特点,当发生异常时,异常抛给调用该函数的上一级函数,直到出现包含异常处理(catch)的层为止,这个给开发者在程序调试中带来很大的方便,能够快速定位问题所在等,看这段异常信息: 

org.springframework.dao.DataIntegrityViolationException: could not execute query; SQL [
select AdContentId,ContentDesc,ContentType,ContentSize,ContentUrl
from AAS_BIZ_AdContent
where 1=1
        and AdInfoId = ?
            and contentType = ?
    order by AdInfoId ,ContentSize
]; nested exception is org.hibernate.exception.DataException: could not execute query
at org.springframework.orm.hibernate3.SessionFactoryUtils.convertHibernateAccessException(SessionFactoryUtils.java:642)
at org.springframework.orm.hibernate3.HibernateAccessor.convertHibernateAccessException(HibernateAccessor.java:412)
at org.springframework.orm.hibernate3.HibernateTemplate.doExecute(HibernateTemplate.java:411)
at org.springframework.orm.hibernate3.HibernateTemplate.executeFind(HibernateTemplate.java:343)
at com.suning.framework.dao.UniversalDaoHibernate.queryListBySql(UniversalDaoHibernate.java:567)
at com.suning.framework.dao.UniversalDaoHibernate.queryListBySql(UniversalDaoHibernate.java:554)
at com.suning.aas.ad.dao.hibernate.AdContentDaoHibernate.searchContent(AdContentDaoHibernate.java:40)
at com.suning.aas.ad.logic.impl.AdInfoBizImpl.searchContent(AdInfoBizImpl.java:100)
at sun.reflect.GeneratedMethodAccessor267.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:600)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.suning.framework.template.ServiceInterceptor.invoke(ServiceInterceptor.java:86)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy53.searchContent(Unknown Source)
at com.suning.aas.portal.adsearch.action.ChannelAdAction.orderPage(ChannelAdAction.java:152)
at sun.reflect.GeneratedMethodAccessor358.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:600)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:441)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:280)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:243)
at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:252)
at org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:68)
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:122)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:195)
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:195)
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:179)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:235)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(ModelDrivenInterceptor.java:89)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:126)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(PrepareInterceptor.java:138)
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(ServletConfigInterceptor.java:164)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:195)
at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:75)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at org.apache.struts2.interceptor.CheckboxInterceptor.intercept(CheckboxInterceptor.java:94)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:165)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasInterceptor.java:179)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:176)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at com.suning.aas.common.web.interceptor.ActionAccessTimeInterceptor.intercept(ActionAccessTimeInterceptor.java:96)
at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
at org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:52)
at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:488)
at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116)
at com.suning.aas.portal.web.filer.AuthFilter.doFilter(AuthFilter.java:163)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:997)
at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.invokeFilters(DefaultExtensionProcessor.java:985)
at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:905)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3826)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:931)
at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1583)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:445)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:504)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:301)
at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1563)

注意到,它一直从具体代码所在的函数到所用框架层的函数最后到web容器层等函数都走了一遍。

形成敏感信息泄露的场景:如果开发者自己不去处理这个异常,最后默认会通过web容器暴露给用户,而这些异常信息都包含了应用所使用的组件名称等,对于攻击者来讲,增加了不少可利用的信息,导致敏感信息泄露。

乌云案例:WooYun: 苏宁易购某站异常信息未屏蔽导致众多敏感信息暴露!

乌云实际攻击利用案例(在重要一个环节中被利用到):WooYun: 乐视网j2ee应用的安全问题!

形成XSS的场景:与上面场景不同的地方有两个:

1、如果开发者自己处理了异常信息但还是向用户抛出(在实际开发中这情况还不少,还做个用户体验页面,让用户把这些异常信息反馈给管理员(当然,开发者本意是好的!)。)

2、带有用户输入而又未做XSS防御处理的数据(攻击者的恶意代码)。

如图:

j2ee应用异常信息处理不当,可能导致的安全问题:敏感信息泄露及XSS!

j2ee应用异常信息处理不当,可能导致的安全问题:敏感信息泄露及XSS!

当然,如果最后默认是交给容器处理输出,是不会有这问题,如图:

j2ee应用异常信息处理不当,可能导致的安全问题:敏感信息泄露及XSS!

j2ee应用异常信息处理不当,可能导致的安全问题:敏感信息泄露及XSS!

乌云案例:WooYun: 迅雷一处成因很诡异的xss+服务器信息泄漏

乌云案例(XSS部分):WooYun: 乐视网j2ee应用的安全问题!

转自:http://zone.wooyun.org/content/2446

留言评论(旧系统):

mm @ 2013-01-22 21:19:50

核老 小弟长话短留:某日日某站 无果 一个后台找到任意下载 有dvbbs md5解不开 在后台找到mssql猪肉一枚 db权限 日志备份 差异 都无果 想求mssql猪肉连接dvbbs的mdb 修改dv_admin表的pass的内容的句子0.0 在线等 已经尝试前段时间您的acc溢出的 无果 无花果 求开花

本站回复:

百度一搜一堆的东西: http://www.baidu.com/s?wd=mssql+%E8%BF%9E%E6%8E%A5+access http://blog.csdn.net/liaoyukun111/article/details/6164720 http://www.baidu.com/s?wd=OpenDataSource+mdb http://kb.cnblogs.com/page/94464/ http://www.baidu.com/s?wd=openRowSet+mdb Select * From Openrowset('Microsoft.Jet.OLEDB.4.0', 'c:\data.mdb';'admin';'','Update [dv_admin] Set password = ''***'' Where username = ''***''')

mm @ 2013-01-22 21:52:12

核老 速度更不上以前了 呜呜 老大少撸 注意肾体哦亲

本站回复:

什么速度?卖萌可耻……

mm @ 2013-01-22 22:31:48

核老 h片的站 成了 资源 各种嘛老师 各种仓大姐姐 几百g 求分享您拿到乌云 估计比老马的裤子都抢手

本站回复:

mm @ 2013-01-22 23:31:07

0.0 母牛成 组织了db对组件的访问 非sa 亲 仓老师您不会不知道吧 钓鱼岛是中国的 仓老师是世界的

本站回复:

佚名 @ 2013-01-23 08:08:03

核总啊.你这样资料挺全的.经常来这找资料.但是我总不能把喜欢的都保存回来.... 有时候忘记标题,然后找起来各种蛋疼.你说能不能加个会员登陆功能.登陆会员后然后就可以把喜欢的文章收藏起来.这样以后找文章就简单了.核总V587.我知道你不会拒绝的对吧!

本站回复:

额,这个功能设计中并没有,所以如果添加的话,需要大改源码,所以嘛,暂时是没有滴…… 我还是建议你保存到本地较好,因为本站经常被墙……