-
-
Save codelion/20c091367c6589568eb2 to your computer and use it in GitHub Desktop.
Reflection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.lang.reflect.InvocationTargetException; | |
| import java.lang.reflect.Method; | |
| public class Reflection { | |
| public static void vulnerableMethod() { | |
| } | |
| public void reflectVulnerableMethod() throws ClassNotFoundException, NoSuchMethodException, SecurityException, | |
| IllegalAccessException, IllegalArgumentException, InvocationTargetException { | |
| Class<?> klazz = Class.forName("Reflection"); // [Reflection] [] | |
| Class<?> klazz2 = Class.forName("java.lang.Integer"); // [Reflection, java.lang.Integer] [] | |
| Method m1 = klazz.getMethod("vulnerableMethod"); // [Reflection, java.lang.Integer] [vulnerableMethod] | |
| Method m2 = klazz.getMethod("vulernableMethod2") // [Reflection, java.lang.Integer] [vulnerableMethod, vulnerbleMethod2] | |
| m2.invoke(null); // [Refelection.vulnerableMethod, java.lang.Integer.vulernerableMethod] | |
| m1.invoke(null); // [Refelection.vulnerableMethod, java.lang.Integer.vulernerableMethod] | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment