{"id":478257,"date":"2023-08-09T09:29:53","date_gmt":"2023-08-09T09:29:53","guid":{"rendered":""},"modified":"2023-09-05T11:16:22","modified_gmt":"2023-09-05T11:16:22","slug":"ognl-injection","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/ognl-injection\/","title":{"rendered":"ti\u00eam OGNL"},"content":{"rendered":"

Th\u00f4ng tin t\u00f3m t\u1eaft v\u1ec1 ti\u00eam OGNL<\/p>\n

N\u1ed9i dung OGNL (Ng\u00f4n ng\u1eef \u0111i\u1ec1u h\u01b0\u1edbng \u0111\u1ed3 th\u1ecb \u0111\u1ed1i t\u01b0\u1ee3ng) l\u00e0 m\u1ed9t lo\u1ea1i l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 t\u00f9y \u00fd tr\u00ean m\u00e1y ch\u1ee7 c\u1ee7a \u1ee9ng d\u1ee5ng web. H\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng n\u00e0y li\u00ean quan \u0111\u1ebfn vi\u1ec7c khai th\u00e1c c\u00e1c bi\u1ec3u th\u1ee9c OGNL \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong m\u1ed9t s\u1ed1 khung web nh\u1ea5t \u0111\u1ecbnh, \u0111\u00e1ng ch\u00fa \u00fd nh\u1ea5t l\u00e0 Apache Struts. Vi\u1ec7c ch\u00e8n OGNL c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn ti\u1ebft l\u1ed9 th\u00f4ng tin tr\u00e1i ph\u00e9p, s\u1eeda \u0111\u1ed5i d\u1eef li\u1ec7u ho\u1eb7c th\u1eadm ch\u00ed x\u00e2m ph\u1ea1m to\u00e0n b\u1ed9 h\u1ec7 th\u1ed1ng.<\/p>\n

L\u1ecbch s\u1eed ngu\u1ed3n g\u1ed1c c\u1ee7a vi\u1ec7c ti\u00eam OGNL v\u00e0 s\u1ef1 \u0111\u1ec1 c\u1eadp \u0111\u1ea7u ti\u00ean v\u1ec1 n\u00f3<\/h2>\n

T\u00ednh n\u0103ng ch\u00e8n OGNL \u0111\u01b0\u1ee3c bi\u1ebft \u0111\u1ebfn c\u00f9ng v\u1edbi s\u1ef1 ph\u00e1t tri\u1ec3n c\u1ee7a c\u00e1c \u1ee9ng d\u1ee5ng web v\u00e0 khung c\u00f4ng t\u00e1c d\u1ef1a tr\u00ean bi\u1ec3u th\u1ee9c OGNL cho nhi\u1ec1u m\u1ee5c \u0111\u00edch kh\u00e1c nhau, ch\u1eb3ng h\u1ea1n nh\u01b0 thao t\u00e1c d\u1eef li\u1ec7u v\u00e0 hi\u1ec3n th\u1ecb giao di\u1ec7n ng\u01b0\u1eddi d\u00f9ng. Apache Struts, m\u1ed9t framework m\u00e3 ngu\u1ed3n m\u1edf ph\u1ed5 bi\u1ebfn \u0111\u1ec3 ph\u00e1t tri\u1ec3n c\u00e1c \u1ee9ng d\u1ee5ng web Java, \u0111\u00e3 tr\u1edf th\u00e0nh n\u1ea1n nh\u00e2n ch\u00ednh c\u1ee7a l\u1ed7 h\u1ed5ng n\u00e0y.<\/p>\n

L\u1ea7n \u0111\u1ea7u ti\u00ean c\u00f4ng ch\u00fang \u0111\u1ec1 c\u1eadp \u0111\u1ebfn vi\u1ec7c ti\u00eam OGNL l\u00e0 v\u00e0o n\u0103m 2011 khi m\u1ed9t nh\u00e0 nghi\u00ean c\u1ee9u x\u00e1c \u0111\u1ecbnh \u0111\u01b0\u1ee3c l\u1ed7 h\u1ed5ng trong Apache Struts2. Ti\u1ebft l\u1ed9 n\u00e0y \u0111\u00e1nh d\u1ea5u s\u1ef1 kh\u1edfi \u0111\u1ea7u c\u1ee7a m\u1ed9t lo\u1ea1t c\u00e1c cu\u1ed9c \u0111i\u1ec1u tra v\u00e0 kh\u00e1m ph\u00e1 s\u00e2u h\u01a1n v\u1ec1 c\u00e1c r\u1ee7i ro v\u00e0 vect\u01a1 t\u1ea5n c\u00f4ng li\u00ean quan \u0111\u1ebfn OGNL.<\/p>\n

Th\u00f4ng tin chi ti\u1ebft v\u1ec1 OGNL Ti\u00eam: M\u1edf r\u1ed9ng ch\u1ee7 \u0111\u1ec1 OGNL Ti\u00eam<\/h2>\n

Vi\u1ec7c ti\u00eam OGNL kh\u00f4ng ch\u1ec9 gi\u1edbi h\u1ea1n \u1edf Apache Struts m\u00e0 c\u00f2n c\u00f3 th\u1ec3 \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn c\u00e1c khung c\u00f4ng t\u00e1c kh\u00e1c s\u1eed d\u1ee5ng OGNL. Ng\u00f4n ng\u1eef bi\u1ec3u th\u1ee9c m\u1ea1nh m\u1ebd n\u00e0y \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 l\u1ea5y v\u00e0 thi\u1ebft l\u1eadp c\u00e1c thu\u1ed9c t\u00ednh c\u1ee7a \u0111\u1ed1i t\u01b0\u1ee3ng Java. Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u1ea1o ra c\u00e1c bi\u1ec3u th\u1ee9c OGNL \u0111\u1ed9c h\u1ea1i m\u00e0 khi \u0111\u01b0\u1ee3c m\u00e1y ch\u1ee7 \u0111\u00e1nh gi\u00e1 s\u1ebd th\u1ef1c thi m\u00e3 Java t\u00f9y \u00fd.<\/p>\n

M\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng<\/h3>\n

Vi\u1ec7c ti\u00eam OGNL c\u00f3 th\u1ec3 g\u00e2y ra thi\u1ec7t h\u1ea1i nghi\u00eam tr\u1ecdng cho \u1ee9ng d\u1ee5ng ho\u1eb7c h\u1ec7 th\u1ed1ng. N\u00f3 c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn:<\/p>\n