Changes for page Engine_XalanJ

Last modified by Nicolas Gregoire on 2012/01/31 17:35

From version Icon 26.1 Icon
edited by Nicolas Gregoire
on 2012/01/11 22:31
Change comment: There is no comment for this version
To version Icon 33.1 Icon
edited by Nicolas Gregoire
on 2012/01/11 22:54
Change comment: There is no comment for this version

Summary

Details

Icon Page properties
Content
... ... @@ -22,19 +22,25 @@
22 22  * File creation
23 23  * Code execution
24 24  * JDBC connectivity
25 -* Java properties
26 -* CheckEnv()
25 +* Java properties disclosure
26 +* Java environment disclosure
27 27  
28 -== CheckEnv() ==
28 +== Java environment disclosure ==
29 29  
30 -The checkEnvironment() extension function (documented [[here>>http://xml.apache.org/xalan-j/faq.html#faq-N10064||rel="__blank"]]), associated to the Xalan namespace, will display some information about the execution context. The output of the PoC is attached.
30 +The checkEnvironment() extension function (documented [[here>>http://xml.apache.org/xalan-j/faq.html#faq-N10064||rel="__blank"]]) will display some information about the execution context (packages, paths, versions, ...).
31 31  
32 +|=Namespace|=Extension function|=PoC|=Sample output
33 +|http:~/~/xml.apache.org/xalan|checkEnvironment()|[[xalanj-checkenv.xsl>>attach:xalanj-checkenv.xsl]]|[[xalanj-checkenv-output.txt>>attach:xalanj-checkenv-output.txt]]
34 +
32 32  == Java code execution ==
33 33  
34 -The following code will display the current date :
37 +The attached code will display the current date using a newly created "java.util.Date" object. This should be enough to demonstrate Java code execution.
35 35  
36 -TODO
37 37  
40 +|=Namespace|=Extension function|=PoC|=Sample output
41 +|http:~/~/xml.apache.org/xalan/java/java.util.Date|new|[[xalanj-java-date.xsl>>attach:xalanj-java-date.xsl]]|Current date: Wed Jan 11 22:45:07 CET 2012
42 +
43 +
38 38  == Execution of external commands ==
39 39  
40 40  The following code will execute the command "touch /tmp/hello" :
Icon xalanj-checkenv-output.txt
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.NicolasGregoire
Size
... ... @@ -1,0 +1,1 @@
1 +2.5 KB
Content
... ... @@ -1,0 +1,31 @@
1 +<?xml version="1.0" encoding="UTF-8"?><checkEnvironmentExtension>
2 + <EnvironmentCheck version="$Revision$">
3 + <environment>
4 + <item key="version.DOM.draftlevel">2.0fd</item>
5 + <item key="java.class.path">/usr/share/java/xalan2.jar:/usr/share/java/xml-apis.jar:/usr/share/java/xercesImpl.jar:/usr/share/java/serializer.jar:/usr/share/java/xsltc.jar</item>
6 + <item key="version.JAXP">1.1 or higher</item>
7 + <item key="java.ext.dirs">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/ext:/usr/java/packages/lib/ext</item>
8 + <item key="version.xerces2">Xerces-J 2.9.1</item>
9 + <item key="version.xerces1">not-present</item>
10 + <item key="version.xalan2_2">Xalan Java 2.7.1</item>
11 + <item key="version.xalan1">not-present</item>
12 + <item key="version.ant">not-present</item>
13 + <item key="java.version">1.6.0_26</item>
14 + <item key="version.DOM">2.0</item>
15 + <item key="version.crimson">not-present</item>
16 + <item key="sun.boot.class.path">/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/resources.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/rt.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/sunrsasign.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jsse.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/jce.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/charsets.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/modules/jdk.boot.jar:/usr/lib/jvm/java-6-sun-1.6.0.26/jre/classes</item>
17 + <foundJar desc="apis.jar-apparent.version" name="xml">xml-apis.jar present-unknown-version</foundJar>
18 + <foundJar desc="apis.jar-path" name="xml">/usr/share/java/xml-apis.jar</foundJar>
19 + <foundJar desc="apparent.version" name="xercesImpl.jar">xercesImpl.jar WARNING.present-unknown-version</foundJar>
20 + <foundJar desc="path" name="xercesImpl.jar">/usr/share/java/xercesImpl.jar</foundJar>
21 + <foundJar desc="apparent.version" name="serializer.jar">serializer.jar present-unknown-version</foundJar>
22 + <foundJar desc="path" name="serializer.jar">/usr/share/java/serializer.jar</foundJar>
23 + <foundJar desc="apparent.version" name="xsltc.jar">xsltc.jar present-unknown-version</foundJar>
24 + <foundJar desc="path" name="xsltc.jar">/usr/share/java/xsltc.jar</foundJar>
25 + <item key="version.SAX">2.0</item>
26 + <item key="version.xalan2x">Xalan Java 2.7.1</item>
27 + </environment>
28 + <status result="OK"/>
29 + </EnvironmentCheck>
30 +</checkEnvironmentExtension>
31 +