JoyChou93/trident
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix checkSSRF

Browse Source
This commit is contained in:
JoyChou
2017-09-05 21:16:05 +08:00
parent 349685fb86
commit 5beff996d5
2 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.idea/workspace.xml generated
View File

@@ -3,8 +3,6 @@
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="42982c84-cdb2-4596-b4aa-818c31fc199a" name="Default" comment=""> <list default="true" id="42982c84-cdb2-4596-b4aa-818c31fc199a" name="Default" comment="">
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/README.md" afterPath="$PROJECT_DIR$/README.md" /> <change type="MODIFICATION" beforePath="$PROJECT_DIR$/README.md" afterPath="$PROJECT_DIR$/README.md" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/src/main/java/security.java" afterPath="$PROJECT_DIR$/src/main/java/security.java" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/src/main/java/test.java" afterPath="$PROJECT_DIR$/src/main/java/test.java" />
</list> </list>
<ignored path="$PROJECT_DIR$/out/" /> <ignored path="$PROJECT_DIR$/out/" />
<ignored path="$PROJECT_DIR$/target/" /> <ignored path="$PROJECT_DIR$/target/" />
@@ -34,8 +32,8 @@
<entry file="file://$PROJECT_DIR$/README.md"> <entry file="file://$PROJECT_DIR$/README.md">
<provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]"> <provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]">
<state split_layout="SPLIT"> <state split_layout="SPLIT">
<first_editor relative-caret-position="37"> <first_editor relative-caret-position="-29">
<caret line="29" column="14" lean-forward="true" selection-start-line="29" selection-start-column="14" selection-end-line="29" selection-end-column="14" /> <caret line="27" column="0" lean-forward="false" selection-start-line="27" selection-start-column="0" selection-end-line="27" selection-end-column="0" />
<folding /> <folding />
</first_editor> </first_editor>
<second_editor /> <second_editor />
@@ -658,12 +656,12 @@
<option name="number" value="Default" /> <option name="number" value="Default" />
<option name="presentableId" value="Default" /> <option name="presentableId" value="Default" />
<updated>1504604417100</updated> <updated>1504604417100</updated>
<workItem from="1504604422158" duration="4673000" /> <workItem from="1504604422158" duration="4803000" />
</task> </task>
<servers /> <servers />
</component> </component>
<component name="TimeTrackingManager"> <component name="TimeTrackingManager">
<option name="totallyTimeSpent" value="4673000" /> <option name="totallyTimeSpent" value="4803000" />
</component> </component>
<component name="ToolWindowManager"> <component name="ToolWindowManager">
<frame x="0" y="0" width="1280" height="800" extended-state="0" /> <frame x="0" y="0" width="1280" height="800" extended-state="0" />
@@ -786,8 +784,8 @@
<entry file="file://$PROJECT_DIR$/README.md"> <entry file="file://$PROJECT_DIR$/README.md">
<provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]"> <provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]">
<state split_layout="SPLIT"> <state split_layout="SPLIT">
<first_editor relative-caret-position="37"> <first_editor relative-caret-position="-29">
<caret line="29" column="14" lean-forward="true" selection-start-line="29" selection-start-column="14" selection-end-line="29" selection-end-column="14" /> <caret line="27" column="0" lean-forward="false" selection-start-line="27" selection-start-column="0" selection-end-line="27" selection-end-column="0" />
<folding /> <folding />
</first_editor> </first_editor>
<second_editor /> <second_editor />

4
README.md
View File

@@ -11,7 +11,7 @@
### 验证代码 ### 验证代码
合法URL返回true非法URL返回false 合法URL返回true非法URL返回false
```java ```java
security checkUrl = new security(); security checkUrl = new security();
@@ -24,6 +24,7 @@ System.out.println(ret);
## SSRF ## SSRF
JAVA默认dns请求会有30s的缓存所以默认不存在dns rebind问题。除非重新设置ttl为0。 JAVA默认dns请求会有30s的缓存所以默认不存在dns rebind问题。除非重新设置ttl为0。
### 验证逻辑 ### 验证逻辑
1. 取URL的IP 1. 取URL的IP
@@ -39,6 +40,7 @@ JAVA默认dns请求会有30s的缓存所以默认不存在dns rebind问题。
URL只支持HTTP协议。 URL只支持HTTP协议。
```java ```java
security checkUrl = new security();
ret = checkUrl.checkSSRF("http://127.0.0.1"); ret = checkUrl.checkSSRF("http://127.0.0.1");
System.out.println(ret); System.out.println(ret);
``` ```