Giter VIP home page Giter VIP logo

trident's Introduction

Trident(三叉戟)

Java Code Security Component (JAVA代码安全组件)

目前支持的功能如下:

  1. URL白名单验证 (已完成)
  2. checkSSRF (已完成)
  3. checkReferer (未做)
  4. csrfToken (未做)
  5. xssEncode (未做)
  6. getRealIP (已完成)

URL白名单验证

URL绕过

URL白名单绕过可查考https://joychou.org/web/url-whitelist-bypass.html

验证逻辑

  1. 取URL一级域名
  2. 判断是否在域名白名单列表内

验证代码

合法URL返回true,非法URL返回false。

// URL白名单组件测试
checkURL urlCheck = new checkURL();
String[] urlWList = {"joychou.com", "joychou.me"};
Boolean ret = urlCheck.checkUrlWlist("http://test.joychou.org", urlWList);
System.out.println(ret);

checkSSRF

验证逻辑

  1. 取URL的Host
  2. 取Host的IP
  3. 判断是否是内网IP,是内网IP直接return,不再往下执行
  4. 请求URL
  5. 如果有跳转,取出跳转URL,执行第1步

验证代码

如果是内网IP,返回false,表示checkSSRF不通过,否则返回true,即合法返回true。URL只支持HTTP协议。

// SSRF组件测试
SSRF check = new SSRF();
String url = "http://dns_rebind.joychou.me";
ret = check.checkSSRF(url);
if (ret){
    String con = Request.Get(url).execute().returnContent().toString();
    System.out.println(con);
}
else {
    System.out.println("Bad boy. The url is illegal");
}

绕过姿势

以上代码在设置TTL为0的情况,可以用DNS Rebinding绕过。

但是,只要Java不设置TTL为0,该代码逻辑上不存在被绕过风险。

具体绕过细节可查看https://joychou.org/web/use-dnsrebinding-to-bypass-ssrf-in-java.html

获取真实IP

用这份代码,必须保证,前面Proxy有把真实IP放到X-Real-IP头。

proxy_set_header X-Real-IP $remote_addr;

造成漏洞的代码和配置,详情查看https://joychou.org/web/how-to-get-real-ip.html

trident's People

Contributors

joychou93 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

vaginessa log4she11 kakakpy louiskoozzx sie504 benhe119 luwikes lookmycookie x00er goodhacker its-myturn amakerlee chennqqi liulonghai zitoxxx zcvfvdfbfggn tdcoming

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.