正则表达式攻击

前端之家收集整理的这篇文章主要介绍了正则表达式攻击前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

今天在线上环境发现cpu利用率100%问题,top出来确实有个进程一直占着100%cpu,记下这个pid然后Shift+H查看线程占用资源情况,记下pid,这时pid其实是线程ID,到java堆栈去找要转为十六进制;

jstack [pid] |grep -n 'nid=0x249c' 这一行就是占用资源的线程

"New I/O server worker #1-11" prio=10 tid=0x000000005d8e8000 nid=0x249c runnable [0x0000000042216000]
   java.lang.Thread.State: RUNNABLE
	at java.util.regex.Pattern$CharProperty$1.isSatisfiedBy(Pattern.java:3337)
	at java.util.regex.Pattern$CharProperty.match(Pattern.java:3345)
	at java.util.regex.Pattern$Curly.match0(Pattern.java:3770)
	at java.util.regex.Pattern$Curly.match(Pattern.java:3744)
	at java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3366)
	at java.util.regex.Pattern$GroupHead.match(Pattern.java:4168)
	at java.util.regex.Pattern$Loop.match(Pattern.java:4295)
	at java.util.regex.Pattern$GroupTail.match(Pattern.java:4227)
	at java.util.regex.Pattern$Curly.match0(Pattern.java:3782)
	at java.util.regex.Pattern$Curly.match(Pattern.java:3744)
	at java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3366)
	at java.util.regex.Pattern$GroupHead.match(Pattern.java:4168)
	at java.util.regex.Pattern$Loop.match(Pattern.java:4295)
	at java.util.regex.Pattern$GroupTail.match(Pattern.java:4227)
	at java.util.regex.Pattern$Curly.match0(Pattern.java:3782)
	at java.util.regex.Pattern$Curly.match(Pattern.java:3744)
	at java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3366)
	at java.util.regex.Pattern$GroupHead.match(Pattern.java:4168)
	at java.util.regex.Pattern$Loop.match(Pattern.java:4295)
.........

  通过上下文可以看到是在用户登录时,调用了一个正则运算,通过日志查看到这一行不正常信息

request.body:{"login_name":"..\\/...\\/..\\/.\\/..\\/...\\/..\\/.\\/..\\/...\\/..\\/.\\/..\\/...\\/..\\/.\\/..\\/...\\/..\\/.\\/..\\/...\\/..\\/.\\/etc\\/passwd","password":"***"}

  在本地试了下,果然重现了!

后来把正则表达式换成“^[\\w-]+(\\.[\\w-]+)*@[\\w-]+(\\.[\\w-]+)+$”就正常了...

猜你在找的正则表达式相关文章