问题
I can get the value of the protected field, but the private field throws java.lang.IllegalAccessException. I think I know why I'm getting this exception, but how is reflection used to exploit the contents of private fields, how do I get around this?
Programmer Hat is on
I have created the following Vulnerable class in a netbeans project. I have made a Jar file to distribute it.
public class Vulnerable {
private int privateSecret;
protected int protectedSecret;
int secret;
public Vulnerable() {
this.protectedSecret = 11;
this.privateSecret = 22;
this.secret = 33;
}
}
Malicious Hacker Hat is now on
I want to know private hidden fields and I want to know what they contain.
I have the Jar file and I have imported it into my Exploit project.
The following class extends Vulnerable and uses reflection to list fields and try to access the values.
public class ExpliotSubClass extends VulnerableCode.Vulnerable {
public List<Field> protectedList = new LinkedList<Field>();
public List<Field> privateList = new LinkedList<Field>();
public void lists() {
Field[] declaredFields = this.getClass().getSuperclass().getDeclaredFields();
for (Field field : declaredFields) {
int modifiers = field.getModifiers();
if (Modifier.isPrivate(modifiers)) {
privateList.add(field);
System.out.println("Private = " + field.getName());
} else if (Modifier.isProtected(modifiers)) {
protectedList.add(field);
System.out.println("Protected= " + field.getName());
}
}
}
public Object get(Field field) {
try {
return field.get(this);
} catch (IllegalArgumentException ex) {
Logger.getLogger(ExpliotSubClass.class.getName()).log(Level.SEVERE,
null,
ex);
} catch (IllegalAccessException ex) {
Logger.getLogger(ExpliotSubClass.class.getName()).log(Level.SEVERE,
null,
ex);
}
return null;
}
}
回答1:
In order to access private field you have to set it as accessible:
field.setAccessible(true);
回答2:
in this lists() method, you should add the following code, before adding the field object to the privateList.
-field.setAccessible(true);
That is the code for the lists method will become
public void lists() { Field[] declaredFields = this.getClass().getSuperclass().getDeclaredFields();
for (Field field : declaredFields) {
int modifiers = field.getModifiers();
if (Modifier.isPrivate(modifiers)) {
field.setAccessible(true);//Add this
privateList.add(field);
System.out.println("Private = " + field.getName());
} else if (Modifier.isProtected(modifiers)) {
protectedList.add(field);
System.out.println("Protected= " + field.getName());
}
}
}
Now run your code. It will work.
回答3:
If you have the .jar can you just decompile it and then parse the .java file to get the info you need?
来源:https://stackoverflow.com/questions/21664387/i-cant-use-malicous-reflection-to-view-values-of-private-fields