gpt4 book ai didi

java - 安全:090759 in weblogic managed logs

转载 作者:行者123 更新时间:2023-12-01 14:58:06 25 4
gpt4 key购买 nike

我在 weblogic 托管日志文件中收到以下错误,并且无法跟踪客户端 IP 或 URL 的来源。看起来服务器上正在发生一些 SQL 注入(inject),因此请提供详细信息以防止它并获取有关它的更多详细信息。

<[ACTIVE] ExecuteThread: '14' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1355487016719> <BEA-000000> <[Security:090759]A SQLException occurred while retrieving password information
java.sql.SQLException: [Security:090798]Invalid characters found in input @^Y@.@o*.2,./2|pq{jvk@-1('@lvo)&1,.1(.1.+(@./*
at weblogic.security.providers.authentication.shared.DBMSUtils.verifyInputCharactersName(DBMSUtils.java:338)
at weblogic.security.providers.authentication.shared.DBMSSQLRuntimeQueryImpl.executeUserPassword(DBMSSQLRuntimeQueryImpl.java:71)
at weblogic.security.providers.authentication.shared.DBMSAtnLoginModuleImpl.authenticateDBMS(DBMSAtnLoginModuleImpl.java:672)
at weblogic.security.providers.authentication.shared.DBMSAtnLoginModuleImpl.login(DBMSAtnLoginModuleImpl.java:271)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy17.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(Unknown Source)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy37.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(Unknown Source)
at weblogic.security.service.PrincipalAuthenticator.authenticate(Unknown Source)
at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:236)
at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:185)
at weblogic.servlet.security.internal.BasicSecurityModule.checkUserPerm(BasicSecurityModule.java:75)
at weblogic.servlet.security.internal.SecurityModule.checkAccess(SecurityModule.java:106)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2122)
at weblogic.servlet.security.internal.AuthFilterChain$LastFilter.doFilter(AuthFilterChain.java:45)
at weblogic.servlet.security.internal.AuthFilterChain.doFilter(AuthFilterChain.java:37)
at com.bea.common.security.internal.service.SAMLSingleSignOnServiceImpl.callChain(SAMLSingleSignOnServiceImpl.java:416)
at com.bea.common.security.internal.service.SAMLSingleSignOnServiceImpl.doRedirectFilter(SAMLSingleSignOnServiceImpl.java:407)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy22.doRedirectFilter(Unknown Source)
at weblogic.security.providers.saml.SAMLServletAuthenticationFilter.doFilter(SAMLServletAuthenticationFilter.java:101)
at weblogic.servlet.security.internal.AuthFilterChain.doFilter(AuthFilterChain.java:37)
at weblogic.servlet.security.internal.SecurityModule$ServletAuthenticationFilterAction.run(SecurityModule.java:612)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.security.internal.SecurityModule.invokeAuthFilterChain(SecurityModule.java:501)
at weblogic.servlet.security.internal.BasicSecurityModule.handleFailure(BasicSecurityModule.java:114)
at weblogic.servlet.security.internal.BasicSecurityModule.checkUserPerm(BasicSecurityModule.java:80)
at weblogic.servlet.security.internal.SecurityModule.checkAccess(SecurityModule.java:106)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2122)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2092)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

最佳答案

这是 weblogic 验证用户 ID 输入作为其登录实现的一部分。我相信 Oracle 的 OID 不允许在用户 ID 中使用撇号。也许有人只是用经典的键盘粉碎来测试您的网站,并且碰巧以这样的方式粉碎了按键,从而为用户 ID 输入了撇号。

Weblogic 似乎正在检查输入的用户输入是否包含“无效”字符,这意味着用户 ID 受到了 sql 注入(inject)攻击。但我的理解是他们正在使用 PreparedStatement s 这使得验证字符输入有点奇怪。这可能只是对后端 LDAP 中有效用户 ID 的限制。

在您的情况下,用户输入了以下内容:

@^Y@.@o*.2,./2|pq{jvk@-1('@lvo)&1,.1(.1.+(@./*

这个答案的大部分内容都是基于这个forum discussion .

我检查了metalink.oracle.com,但没有找到论坛中列出的SR。

关于java - 安全:090759 in weblogic managed logs,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14081530/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com