### 简要描述:
J2EE架构安全
### 详细说明:
泄漏点:
http://59.151.113.225/WEB-INF/web.xml
http://59.151.113.225/WEB-INF/spring/webmvc-config.xml
[<img src="https://images.seebug.org/upload/201502/01232150857249eb87964af30b4fd5255b87b26a.png" alt="01.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/01232150857249eb87964af30b4fd5255b87b26a.png)
### 漏洞证明:
Spring+Freemaker
[<img src="https://images.seebug.org/upload/201502/01232237363c1632456f153f91ea8422cb9b379a.png" alt="02.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/01232237363c1632456f153f91ea8422cb9b379a.png)
反编译class文件
[<img src="https://images.seebug.org/upload/201502/01232443c1840b487cc934ae8415750b60bf7702.png" alt="03.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/01232443c1840b487cc934ae8415750b60bf7702.png)
京公网安备 11010502034610号
暂无评论