Changes for page Engine_XalanJ

Last modified by Nicolas Gregoire on 2012/01/31 17:35

From version Icon 25.1 Icon
edited by Nicolas Gregoire
on 2012/01/11 22:27
Change comment: There is no comment for this version
To version Icon 36.1 Icon
edited by Nicolas Gregoire
on 2012/01/11 23:22
Change comment: Upload new attachment properties.xml

Summary

Details

Icon Page properties
Content
... ... @@ -22,54 +22,32 @@
22 22  * File creation
23 23  * Code execution
24 24  * JDBC connectivity
25 -* Java properties
26 -* CheckEnv()
25 +* Java properties disclosure
26 +* Java environment disclosure
27 27  
28 -== CheckEnv() ==
28 +== Java properties disclosure ==
29 29  
30 -The checkEnvironment() extension function (documented [[here>>http://xml.apache.org/xalan-j/faq.html#faq-N10064||rel="__blank"]]), associated to the Xalan namespace, will display some information about the execution context.
30 +The xsl:system-property() standard function can be called with non standard arguments, mapped to Java properties.
31 31  
32 -=== Output ===
32 +|=Namespace|=Extension function|=PoC|=Sample output
33 +|http:~/~/xml.apache.org/xalan|checkEnvironment()|[[xalanj-checkenv.xsl>>attach:xalanj-checkenv.xsl]]|[[xalanj-checkenv-output.txt>>attach:xalanj-checkenv-output.txt]]
33 33  
34 -<?xml version="1.0" encoding="UTF-8"?>
35 +== Java environment disclosure ==
35 35  
36 -<checkEnvironmentExtension>
37 - <EnvironmentCheck version="$Revision$">
38 - <environment>
39 - <item key="version.DOM.draftlevel">2.0fd</item>
40 - <item key="java.class.path">/usr/share/java/xalan2.jar:/usr/share/java/xml-apis.jar:/usr/share/java/xercesImpl.jar:/usr/share/java/serializer.jar:/usr/share/java/xsltc.jar</item>
41 - <item key="version.JAXP">1.1 or higher</item>
42 - <item key="java.ext.dirs">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/ext:/usr/java/packages/lib/ext</item>
43 - <item key="version.xerces2">Xerces-J 2.9.1</item>
44 - <item key="version.xerces1">not-present</item>
45 - <item key="version.xalan2_2">Xalan Java 2.7.1</item>
46 - <item key="version.xalan1">not-present</item>
47 - <item key="version.ant">not-present</item>
48 - <item key="java.version">1.6.0_26</item>
49 - <item key="version.DOM">2.0</item>
50 - <item key="version.crimson">not-present</item>
51 - <item key="sun.boot.class.path">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/resources.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/rt.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/sunrsasign.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jsse.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jce.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/charsets.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/modules/jdk.boot.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/classes</item>
52 - <foundJar desc="apis.jar-apparent.version" name="xml">xml-apis.jar present-unknown-version</foundJar>
53 - <foundJar desc="apis.jar-path" name="xml">/usr/share/java/xml-apis.jar</foundJar>
54 - <foundJar desc="apparent.version" name="xercesImpl.jar">xercesImpl.jar WARNING.present-unknown-version</foundJar>
55 - <foundJar desc="path" name="xercesImpl.jar">/usr/share/java/xercesImpl.jar</foundJar>
56 - <foundJar desc="apparent.version" name="serializer.jar">serializer.jar present-unknown-version</foundJar>
57 - <foundJar desc="path" name="serializer.jar">/usr/share/java/serializer.jar</foundJar>
58 - <foundJar desc="apparent.version" name="xsltc.jar">xsltc.jar present-unknown-version</foundJar>
59 - <foundJar desc="path" name="xsltc.jar">/usr/share/java/xsltc.jar</foundJar>
60 - <item key="version.SAX">2.0</item>
61 - <item key="version.xalan2x">Xalan Java 2.7.1</item>
62 - </environment>
63 - <status result="OK"/>
64 - </EnvironmentCheck>
65 -</checkEnvironmentExtension>
37 +The checkEnvironment() extension function (documented [[here>>http://xml.apache.org/xalan-j/faq.html#faq-N10064||rel="__blank"]]) will display some information about the execution context (packages, paths, versions, ...).
66 66  
39 +|=Namespace|=Extension function|=PoC|=Sample output
40 +|http:~/~/xml.apache.org/xalan|checkEnvironment()|[[xalanj-checkenv.xsl>>attach:xalanj-checkenv.xsl]]|[[xalanj-checkenv-output.txt>>attach:xalanj-checkenv-output.txt]]
41 +
67 67  == Java code execution ==
68 68  
69 -The following code will display the current date :
44 +The attached code will display the current date using a newly created "java.util.Date" object. This should be enough to demonstrate Java code execution.
70 70  
71 -TODO
72 72  
47 +|=Namespace|=Extension function|=PoC|=Sample output
48 +|http:~/~/xml.apache.org/xalan/java/java.util.Date|new()|[[xalanj-java-date.xsl>>attach:xalanj-java-date.xsl]]|Current date:
49 +Wed Jan 11 22:45:07 CET 2012
50 +
73 73  == Execution of external commands ==
74 74  
75 75  The following code will execute the command "touch /tmp/hello" :
Icon properties.xml
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.NicolasGregoire
Size
... ... @@ -1,0 +1,1 @@
1 +2.7 KB
Content
... ... @@ -1,0 +1,73 @@
1 +<properties>
2 +<property>awt.toolkit</property>
3 +<property>browser</property>
4 +<property>browser.vendor</property>
5 +<property>browser.version</property>
6 +<property>file.encoding</property>
7 +<property>file.encoding.pkg</property>
8 +<property>file.separator</property>
9 +<property>file.separator.applet</property>
10 +<property>http.agent</property>
11 +<property>java.awt.graphicsenv</property>
12 +<property>java.awt.printerjob</property>
13 +<property>java.class.path</property>
14 +<property>java.class.version</property>
15 +<property>java.class.version.applet</property>
16 +<property>java.endorsed.dirs</property>
17 +<property>java.ext.dirs</property>
18 +<property>java.home</property>
19 +<property>java.io.tmpdir</property>
20 +<property>java.library.path</property>
21 +<property>java.runtime.name</property>
22 +<property>java.runtime.version</property>
23 +<property>java.specification.name</property>
24 +<property>java.specification.vendor</property>
25 +<property>java.specification.version</property>
26 +<property>java.vendor</property>
27 +<property>java.vendor.applet</property>
28 +<property>java.vendor.url</property>
29 +<property>java.vendor.url.applet</property>
30 +<property>java.vendor.url.bug</property>
31 +<property>java.version</property>
32 +<property>java.version.applet</property>
33 +<property>java.vm.info</property>
34 +<property>java.vm.name</property>
35 +<property>java.vm.specification.name</property>
36 +<property>java.vm.specification.vendor</property>
37 +<property>java.vm.specification.version</property>
38 +<property>java.vm.vendor</property>
39 +<property>java.vm.version</property>
40 +<property>javax.accessibility.assistive_technologies</property>
41 +<property>line.separator</property>
42 +<property>line.separator.applet</property>
43 +<property>os.arch</property>
44 +<property>os.arch.applet</property>
45 +<property>os.name</property>
46 +<property>os.name.applet</property>
47 +<property>os.version</property>
48 +<property>os.version.applet</property>
49 +<property>package.restrict.definition.java</property>
50 +<property>package.restrict.definition.sun</property>
51 +<property>path.separator</property>
52 +<property>path.separator.applet</property>
53 +<property>sun.arch.data.model</property>
54 +<property>sun.boot.class.path</property>
55 +<property>sun.boot.library.path</property>
56 +<property>sun.cpu.endian</property>
57 +<property>sun.cpu.isalist</property>
58 +<property>sun.desktop</property>
59 +<property>sun.io.unicode.encoding</property>
60 +<property>sun.java.launcher</property>
61 +<property>sun.jnu.encoding</property>
62 +<property>sun.management.compiler</property>
63 +<property>sun.os.patch.level</property>
64 +<property>user.country</property>
65 +<property>user.dir</property>
66 +<property>user.home</property>
67 +<property>user.language</property>
68 +<property>user.name</property>
69 +<property>user.timezone</property>
70 +<property>user.variant</property>
71 +<property>user.zoneinfo.dir</property>
72 +</properties>
73 +
Icon xalanj-checkenv-output.txt
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.NicolasGregoire
Size
... ... @@ -1,0 +1,1 @@
1 +2.5 KB
Content
... ... @@ -1,0 +1,31 @@
1 +<?xml version="1.0" encoding="UTF-8"?><checkEnvironmentExtension>
2 + <EnvironmentCheck version="$Revision$">
3 + <environment>
4 + <item key="version.DOM.draftlevel">2.0fd</item>
5 + <item key="java.class.path">/usr/share/java/xalan2.jar:/usr/share/java/xml-apis.jar:/usr/share/java/xercesImpl.jar:/usr/share/java/serializer.jar:/usr/share/java/xsltc.jar</item>
6 + <item key="version.JAXP">1.1 or higher</item>
7 + <item key="java.ext.dirs">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/ext:/usr/java/packages/lib/ext</item>
8 + <item key="version.xerces2">Xerces-J 2.9.1</item>
9 + <item key="version.xerces1">not-present</item>
10 + <item key="version.xalan2_2">Xalan Java 2.7.1</item>
11 + <item key="version.xalan1">not-present</item>
12 + <item key="version.ant">not-present</item>
13 + <item key="java.version">1.6.0_26</item>
14 + <item key="version.DOM">2.0</item>
15 + <item key="version.crimson">not-present</item>
16 + <item key="sun.boot.class.path">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/resources.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/rt.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/sunrsasign.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jsse.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jce.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/charsets.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/modules/jdk.boot.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/classes</item>
17 + <foundJar desc="apis.jar-apparent.version" name="xml">xml-apis.jar present-unknown-version</foundJar>
18 + <foundJar desc="apis.jar-path" name="xml">/usr/share/java/xml-apis.jar</foundJar>
19 + <foundJar desc="apparent.version" name="xercesImpl.jar">xercesImpl.jar WARNING.present-unknown-version</foundJar>
20 + <foundJar desc="path" name="xercesImpl.jar">/usr/share/java/xercesImpl.jar</foundJar>
21 + <foundJar desc="apparent.version" name="serializer.jar">serializer.jar present-unknown-version</foundJar>
22 + <foundJar desc="path" name="serializer.jar">/usr/share/java/serializer.jar</foundJar>
23 + <foundJar desc="apparent.version" name="xsltc.jar">xsltc.jar present-unknown-version</foundJar>
24 + <foundJar desc="path" name="xsltc.jar">/usr/share/java/xsltc.jar</foundJar>
25 + <item key="version.SAX">2.0</item>
26 + <item key="version.xalan2x">Xalan Java 2.7.1</item>
27 + </environment>
28 + <status result="OK"/>
29 + </EnvironmentCheck>
30 +</checkEnvironmentExtension>
31 +