目录
■Eclipse中设定方法
■效果
■扩展
●2.14.1 存在漏洞
JndiLookup.java
AbstractLookup.java
■Eclipse中设定方法
Maven
Download Artifact Sources
■效果
---
■扩展
可以查看查看Log4j2的漏洞,JNDI注入 相关的 源码了。
●2.14.1 存在漏洞
JndiLookup.java
package org.apache.logging.log4j.core.lookup;
import java.util.Objects;
import javax.naming.NamingException;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.Marker;
import org.apache.logging.log4j.MarkerManager;
import org.apache.logging.log4j.core.LogEvent;
import org.apache.logging.log4j.core.config.plugins.Plugin;
import org.apache.logging.log4j.core.net.JndiManager;
import org.apache.logging.log4j.status.StatusLogger;
@Plugin(name = "jndi", category = StrLookup.CATEGORY)
public class JndiLookup extends AbstractLookup {
private static final Logger LOGGER = StatusLogger.getLogger();
private static final Marker LOOKUP = MarkerManager.getMarker("LOOKUP");
static final String CONTAINER_JNDI_RESOURCE_PATH_PREFIX = "java:comp/env/";
@Override
public String lookup(final LogEvent event, final String key) {
if (key == null) {
return null;
}
final String jndiName = convertJndiName(key);
try (final JndiManager jndiManager = JndiManager.getDefaultManager()) {
return Objects.toString(jndiManager.lookup(jndiName), null);
} catch (final NamingException e) {
LOGGER.warn(LOOKUP, "Error looking up JNDI resource [{}].", jndiName, e);
return null;
}
}
private String convertJndiName(final String jndiName) {
if (!jndiName.startsWith(CONTAINER_JNDI_RESOURCE_PATH_PREFIX) && jndiName.indexOf(':') == -1) {
return CONTAINER_JNDI_RESOURCE_PATH_PREFIX + jndiName;
}
return jndiName;
}
}
package org.apache.logging.log4j.core.lookup;
import java.util.Objects;
import javax.naming.NamingException;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.Marker;
import org.apache.logging.log4j.MarkerManager;
import org.apache.logging.log4j.core.LogEvent;
import org.apache.logging.log4j.core.config.plugins.Plugin;
import org.apache.logging.log4j.core.net.JndiManager;
import org.apache.logging.log4j.status.StatusLogger;
@Plugin(name = "jndi", category = StrLookup.CATEGORY)
public class JndiLookup extends AbstractLookup {
private static final Logger LOGGER = StatusLogger.getLogger();
private static final Marker LOOKUP = MarkerManager.getMarker("LOOKUP");
static final String CONTAINER_JNDI_RESOURCE_PATH_PREFIX = "java:comp/env/";
@Override
public String lookup(final LogEvent event, final String key) {
if (key == null) {
return null;
}
final String jndiName = convertJndiName(key);
try (final JndiManager jndiManager = JndiManager.getDefaultManager()) {
return Objects.toString(jndiManager.lookup(jndiName), null);
} catch (final NamingException e) {
LOGGER.warn(LOOKUP, "Error looking up JNDI resource [{}].", jndiName, e);
return null;
}
}
private String convertJndiName(final String jndiName) {
if (!jndiName.startsWith(CONTAINER_JNDI_RESOURCE_PATH_PREFIX) && jndiName.indexOf(':') == -1) {
return CONTAINER_JNDI_RESOURCE_PATH_PREFIX + jndiName;
}
return jndiName;
}
}
---
AbstractLookup.java
package org.apache.logging.log4j.core.lookup;
public abstract class AbstractLookup implements StrLookup {
@Override
public String lookup(final String key) {
return lookup(null, key);
}
}
---
●2.15.0 漏洞修复
---
---
